Legal Tidbits - Audit Committees

Question: Ten years have passed since the Sarbanes-Oxley Act became law, but I still don’t understand whether my private foundation needs an audit committee. If my foundation does need an audit committee, how should it be organized?

Whether your private foundation or other grantmaking entity should convene an audit committee depends, in part but not entirely, on whether your books and records will be audited annually. Many small grantmaking organizations that do not compensate their staff or trustees may avoid the time and expense associated with an annual audit. Of course, donor-advised funds never require an independent audit.

The North Carolina Center for Nonprofits in its widely circulated and well-respected guidebook Principles & Practices for Nonprofit Excellence recommends that:

A nonprofit with annual total revenues in excess of $1 million should subject its financial reports to an annual audit by an independent Certified Public Accountant. A nonprofit with annual total revenues between $250,000 and $1 million should have an independent CPA provide a financial review annually. Financial audits and reviews should be approved by the board and certified by the executive director/CEO and chief staff financial officer.

This recommendation is generally designed for operating charities, not grantmaking entities, but may provide helpful guidance. However, operating charities that solicit funds from the general public and/or receive government grants may benefit from the perception of accountability associated with an annual audit in ways different than grantmaking entities. There may be reasonable alternatives to an audit for your private foundation or other grantmaking entity such as a review or a compilation. Keep in mind, though, that audit committees have important functions separate and apart from managing an annual audit. An audit committee may also oversee important internal compliance matters including investigating whistleblower complaints, administering the document retention and destruction policy, and/or developing appropriate internal controls.

An audit committee generally consists of between three and five members, a majority of which typically are trustees. When selecting members of the audit committee take care to ensure adequate independence from the finance committee and the professional finance team. Members of the audit committee must have some experience and expertise with financial affairs but need not be Certified Public Accountants. In addition to the non-audit functions discussed above, the audit committee generally selects the outside auditor, determines the scope of the engagement, reviews the auditor’s report, presents the report to the board of trustees, and recommend any actions necessary or appropriate as a result of the auditor’s report.

When considering whether to create an audit committee, take care to ensure that your private foundation has the institutional capacity in comply with the policy in the future. You may create additional and unnecessary risk for your grantmaking organization and trustees by voluntarily adopting a policy that you later abandon or ignore.