Creating a healthy control environment

By Cathi M. Linch

At LifeChurch.tv, risk management strategies are in place to protect information, financial assets and non-cash, intangible resources.

As church leaders, we understand that we’re called to steward the financial resources God has entrusted to us. The cornerstone of stewardship is an effective process of internal control.
But, what  is “internal control?”

A solid foundation
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is widely regarded as the authoritative source on the establishment of an internal control framework. COSO defines internal control as “a process, effected by an entity’s board of directors, management and other personnel … designed to provide reasonable assurance regarding the achievement of objectives in effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations.”

The foundation upon which an effective internal control process is built is the control environment. Commonly referred to as the “tone at the top,” the control environment consists of the attitudes, values, awareness and tone of the church’s governing body and senior leaders. Taking the high road of financial accountability requires that church leadership demonstrate: heart for financial accountability, a willingness to be diligent, and an acceptance of policies and procedures. These values are elements of a healthy control environment.

Should every action or transaction be the subject of an internal control policy and procedure? Absolutely not! If that was the case, our churches would become seas of bureaucracy, with no time or energy left for ministry.

Instead, within a healthy control environment, we’re able to engage in an ongoing process of financial risk assessment: identifying the risks to the church’s ministry, and assessing for each risk the likelihood of its occurrence — along with the magnitude of its impact, should the risk become reality.

As each risk that poses a great threat to the church is identified and assessed, we may choose to accept the risk, if the likelihood of occurrence and/or magnitude of impact is very low; eliminate the risk by avoiding the activity altogether, if the likelihood of occurrence and/or magnitude of impact is high; or mitigate the risk by implementing effective internal control activities.

Common risk management strategies
For the remainder of this article, we’ll address some areas of financial risk that are common to all churches, and the control activities we’ve chosen to put in place here at LifeChurch.tv.

Cash receipts: Policies and procedures for processing the offering are documented. Each person assisting with the processing of the offering is required to have previously completed training. A minimum of two people must be present while the offering is being processed — no exceptions! The offering is processed in a secure location, away from high-traffic areas, behind a closed door, and often in the presence of a hired security officer. Cash receipts are promptly deposited. (We deposit checks immediately using electronic deposit software.)

Cash disbursements: Each staff member has an approval authority limit, based on his or her position and experience. Invoices or check requests in excess of the requestor’s approval authority limit are processed only upon secondary approval by the requestor’s supervisor. Policies and procedures for personal reimbursement of business expenses (including limitations on travel and meals) are documented. Each staff member must submit substantiating documentation for expense reimbursements within 60 days of incurring the expense. All personal reimbursements require supervisory review and approval.

Purchasing cards: Each staff member’s purchasing card, or P-card, is structured with a monthly spending limit, a per-transaction limit, and restrictions from purchasing with certain types of suppliers. P-card expense reports are required to be submitted monthly, along with substantiating documentation and supervisory approval. Accidental personal purchases made on the church’s P-card are required to be reimbursed to the church immediately. Noncompliance with P-card policies results in revocation of P-card privileges and/or disciplinary action.

Compensation/private inurement: Church resources (facilities, finances, personnel) may not be used for personal or for-profit purposes. The compensation of the highest levels of leadership is approved by an independent compensation committee, in a process that meets the IRS requirements for establishing a rebuttable presumption of reasonableness. The compensation of all other team members is based on the results of a formally documented annual performance review process.

Financial reporting: The leader of each department is responsible for preparing a budget, which is reviewed and approved by church leadership. Leaders are held accountable for budget results through the annual performance evaluation process. All external accounts (cash, investments) are reconciled monthly to third-party statements. All internal accounts (accounts receivable, accounts payable, contribution records) are reconciled monthly to their corresponding sub-ledgers. Financial statements are prepared monthly and are subject to successive levels of review and analysis within the Finance function. Monthly financial statements and explanatory notes are presented to and discussed with the highest levels of leadership. An independent accounting firm, selected by and reporting to the board of directors, conducts an annual audit of the church’s financial statements.

In addition to risks specifically related to financial assets and information, the internal control process encompasses safeguarding of the church’s non-financial assets. The lack of an effective internal control process in areas such as these can have significant financial implications. Examples include:

Non-cash physical assets: Security systems are in place to protect all church facilities. Off-duty police officers provide security for most church events. Insurance policies with sufficient coverage are maintained.

Intangible assets: Access and network controls are in place for all information systems. Licensing agreements are maintained for the church’s use of others’ intellectual property, and for others’ use of the church’s intellectual property.

Volunteers: Every volunteer must complete the screening process, which includes a criminal background check, and be approved prior to serving in any capacity as a volunteer.

Our churches are a repository for resources generously provided by our faithful Father — resources of time, talent and treasure. The development of an effective process of internal control can help us be better stewards of these precious resources.

Cathi M. Linch serves LifeChurch.tv as its financial operations leader and treasurer, and is a member of the leadership team that directs the church’s global missions initiatives.

Share

Leave a Reply

HTML Snippets Powered By : XYZScripts.com