An organisation should design policies, procedures, practices and organisational structures to ensure that it meets its objectives. It also needs to make it possible to exercise effective control over its assets, liabilities, expenditure and revenues. Internal control refers collectively to this process.
The ACNC suggests the following financial controls:
- Require more than one signature or approval for payments and receipts
- Establish clear financial delegations
- Ensure your bank accounts are secure – know who has access to your bank accounts, keep your online banking passwords secure, keep keys to cash times safe and secure
- Constantly monitor your performance against budget
- Ensure receipt of financial information before each board meeting
- Ensure financials are presented in a way that is easy for everyone to understand
SLSNSW suggests the following practical controls:
- Prepare annual budgets
- Appropriate signing authorities, including EFT approval. (e.g., all cheques signed by two CMT members; all purchase orders for amounts over $x to be ratified by the CMT) , two-factor authorisation
- Controls over pre-printed forms and documents to prevent unauthorised use (e.g., receipts)
- Documented job descriptions, handbooks, codes of conduct
- Documented systems for the approval of expenditure before liabilities being incurred
- Invoicing the sale of goods and services
- Performing stocktakes of gear, equipment and product within all areas of the SLSC
- Properly recording every transaction in the SLSC’s accounting system
- Protecting passwords and changing them when new SLSC officers or staff members start performing SLSC finance duties, setting two-factor authentication for financial software. No sharing of log ins
- Providing receipts and banking donations and other funds raised
- Recording cash and cheques on deposit listing to go the bank
- Requiring two people to count cash
- Segregation of duties between initiation, approval and implementation of activities that are deemed to have significant financial outcomes to ensure no single individual is responsible for buying, selling and receiving payments (to minimise the risk of fraud)
- The requirement of cheques or online payments for review and authorised invoices to be approved and co-signed by members of the CMT.
- Related party transaction log