Nonprofits should understand what a financial statement audit can and can’t do. If you have questions regarding operational controls, efficiency, and security, the answers may be elsewhere.
Key insights
- Many of the issues affecting your organization can’t be resolved by a financial statement audit.
- Confirm whether your organization requires an audit, and what it can do to find greater financial insight.
- Your organization’s concerns regarding internal controls, efficiency, and vulnerability can often be addressed through related services.
Need a second opinion on your organization’s financial health?
Nonprofit board members, CEOs, and funding partners sometimes look to financial statement audits to solve a laundry list of problems: correcting accounting errors, detecting fraud, and improving processes and internal controls. While these are all worthy goals, an audit is not designed to do any of these things.
What does an audit do?
An auditors’ responsibility is to express an opinion on the financial statements by executing procedures in accordance with applicable audit standards. The objective is to obtain reasonable — not absolute — assurance about whether an organization’s financial statements are free from material — not all — misstatements in accordance with the applicable financial statement framework (i.e. – GAAP, Cash Basis, Tax Basis, etc.). The procedures performed are based on an assessment of the potential risks of material misstatement likely within the financial statements, whether due to fraud or error.
The auditor takes into consideration their understanding of internal controls and financial policies relevant to the organization’s preparation and presentation of the financial statements. However, they typically do not express an opinion on those controls. From there, the auditors perform their work on a sample basis and do not test every transaction. Because they test only small samples of transactions, audits can’t be expected to catch all errors and fraud, or identify every poor internal control or ineffective financial practice.
Why do I need an audit?
If an audit doesn’t provide a detailed examination of our financial practices, then why are so many nonprofit organizations required to have them? Most commonly, financial statement audits are required by banks due to lending situations, by granting agencies and governmental entities due to funding arrangements, and to satisfy individual state and federal reporting requirements. Each state is different, so be sure to understand your state’s audit requirements.
Additionally, an organization’s governing body or bylaws may require them to receive an audit, even though the organization may not have any formal or legal requirement to do so. If an audit is not required, management and those charged with governance should take a step back and ask themselves if an audit is the right assistance to seek from a professional services firm.
The answer may lie elsewhere
Many nonprofits have misperceptions regarding financial audits and the assurance practice, expecting their audit to uncover greater insights about their organization. Sometimes, however, something other than an audit will better answer questions such as:
- We were given a “Segregation of Duties” comment in our Internal Control Communication Letter again this year. How can we mitigate or remove this finding?
- What are some improvements we can make to strengthen internal processes and controls?
- Is the accounting team the correct size for an organization of our size?
- Is our accounting software robust or appropriate for an organization of our size?
- Is our chart of accounts set up in an efficient and effective manner?
- What is the greatest vulnerability facing our organization?
Instead of expecting your audit to provide solutions to a wide array of problems that are outside its scope, consider ways you can take a deeper dive into your day-to-day operations. A well-designed assessment can help you create a roadmap for improving processes and controls or provide a framework for increasing the transparency and accuracy of your reporting.
How we can help
At CLA, we promise to know you and help you. Whether you are deciding to have a financial statement audit or are seeking additional services that supplement your audit, CLA’s professionals can customize services to accommodate your organization’s needs:
- Business opportunity assessments — Looking across structure, process, and systems to find ways to align with your vision and strategy, including evaluating your technology and controls to enhance system utilization, reporting, and organizational visibility.
- Grant compliance services — Find strategies to help guide you through the grant-making and management process.
- Forensic data analysis — Use data to help find potential fraud and other types of misconduct.
- Data analytic integration and implementation — Uncover hidden potential in your data to help improve management and operations, reduce risk, and take strategic, forward-looking action.
- Cybersecurity and awareness training — Review threats and learn how a robust defense and in-depth strategy can help you fend off current and emerging threats.