Strong Policies Make for Effective Boards

Strong Policies Make for Effective Boards

Between accounting standards, tax reform, fundraising, and program delivery, many not-for-profits (NFPs) are stretched to their limits. So, when it comes to designing or updating policies, it’s easy to push those tasks to the bottom of the list. Having strong policies in place, however, can protect your NFP from liability, help you adopt consistent and clear actions, and help you use your limited resources more efficiently. Sound policies can also help your governing board provide more effective oversight.

Getting started is half the battle when it comes to creating or updating policies. The following steps can help you get the ball rolling.

1.      Inventory the policies that are currently in place.

This may require some digging if you don’t have a central repository for your policies; it also may include reviewing past board meeting minutes. As you identify the policies, create an index that lists all of them in one place. Include the date the board originally approved the policy and any subsequent dates they were reviewed and/or updated. The index can help you identify the policies that haven’t been reviewed recently and finalize those that were never approved by the board.

2.      Consider what policies should be in place and what they should include.

Once you’ve identified the policies the organization has in place, consider what might be missing. Policies that an organization may wish to consider having in place include the following (samples of most of these are available for AICPA Not-for-Profit Section members here):

  • Designation of Funds Policy
  • Delegation of Authority Policy
  • Conflict of Interest Policy
  • Document Retention Policy
  • Gift Acceptance Policy
  • Information Security Policy
  • Investment Policy
  • Operating Reserve Policy
  • Social Media Policy
  • Whistleblower Policy
  • Ethics Policy

3.      Create a process for updating policies.

Once you have a comprehensive list of policies, it’s important to plan for periodic reviews. The frequency and time frame for review may be different for each policy. For instance, some organizations review their investment policy annually, and review other specific policies every three years. Establishing a policy review schedule will help to ensure that policies reflect the organization’s standards and are being adhered to by staff. It is a good practice to stagger the reviews, so you are not trying to look at them all at one time. In addition, consider establishing a consistent practice of having the board and/or board committees review and approve policies.

4.      Establish a means of effectively communicating policies.

For board members to comply with organizational policies, they need to understand them. It’s not enough to distribute the policies to board members and ask them to sign a statement saying they have reviewed and understand them. Formal training on the policies is necessary for board members to fully understand the need for the policies and the ramifications to the organization of not following them. Consider offering comprehensive training on policies as part of the board orientation, augmented by an abbreviated policy training at each board meeting.

5.      Ensure that policies are consistently enforced.

The fastest way for policies to lose their effectiveness is to enforce them inconsistently or not at all, so it’s important to make sure that management and the board take consistent action. Just like the board, organizational staff need to understand the policies in order to comply with them. Formal policy training for staff is recommended during new hire orientation, augmented by abbreviated policy training during staff meetings.

6.      Consider when exceptions may be acceptable.

Of course, there will be times when a policy exception is necessary. Exceptions should be made only after thoughtful consideration, and they should be documented. To assist management and the board in determining when an exception is appropriate, consider including language in the policy itself that addresses exceptions and the process to be followed when one is deemed necessary.