Exempt Org. Resource Blog

Attorney General Issues Audit Committee Guidance

The New York Attorney General has issued guidance about the audit oversight requirements under the Non-Profit Revitalization Act.  The AG’s Guidance—issued without fanfare by the Charities Bureau on February 24—will be of interest to most charities that are required to register to conduct charitable solicitations in New York.

As we previously described, the new audit oversight rules under Section 712-a of the Not-for-Profit Corporation Law, which went into effect on July 1, 2014, apply to all charitable organizations that are required to register to solicit charitable contributions in New York that have gross revenues in excess of $500,000 per year and therefore are required to file an independent auditor’s report with the Attorney General.  Section 712-a requires the audit oversight function to be managed by an audit committee consisting of independent directors, or by the independent directors of the board.  The audit committee or the board must, among other things, oversee the accounting and financial reporting processes of the organization and the audit of its financial statements with the assistance of an independent auditor.  Additional audit requirements apply to the board or audit committee of any organization to which the registration requirements apply that has annual revenues in excess of $1,000,000 per year.

The Guidance amplifies (and clarifies) certain aspects of the Section 712-a requirements as follows:

Use of Advisors. Although Section 712-a(e) states that only independent directors can participate in any board or committee deliberations or voting relating to audit matters, the Guidance clarifies that audit committees and boards can seek assistance from individuals with expertise in accounting and financial matters who are not members of the board or the audit committee, including non-members holding certain honorific designations, provided that such non-members (i) do not take part in any formal deliberation or voting and (ii) are not members of management involved in developing and maintaining financial controls.  In addition, the Guidance states that members of the board who are not independent directors can receive or hear any report of the audit committee.

Implementation.  The Guidance acknowledges that for some non-profit organizations, compliance with the audit oversight requirements will require substantial time and effort, including the need to amend bylaws and elect board members to adequately fulfill the audit role.  Accordingly, in evaluating an organization’s compliance with the audit oversight rules, the Charities Bureau will consider whether the organization has made timely and good faith efforts to comply with the new requirements, including through the creation of a written plan containing a timetable for achieving compliance.

In addition, the Guidance elaborates on various aspects of the audit oversight role:

Hiring an Independent Certified Public Accountant. The Guidance clarifies that an auditor must be independent as defined by the AICPA Code of Professional Conduct as revised, effective December 15, 2014.  According to the AICPA Code, independence consists of (i) independence of mind, which allows the auditor to perform a service without being affected by influences that compromise professional judgment, and (ii) independence in appearance, under which the auditor avoids circumstances that would cause a reasonable and informed third party to reasonably conclude that the auditor’s integrity, objectivity, or professional skepticism is compromised.  The Guidance suggests that in selecting an independent auditor, the board or audit committee should consider a number of factors, including the reputation of the auditor, references provided by the auditor, expertise or familiarity with non-profit accounting, staff continuity, the fee structure of the engagement, and the results of the auditor’s most recent peer review report.

Internal Control Review.  If, as part of the audit process, the auditor uncovers any internal control or other issues concerning the processing of financial information of the organization, the board or audit committee should decide whether additional review of the organization’s internal control procedures is warranted.  The Guidance states that issues identified in the prior year’s communication by the auditor to the board or audit committee must be revisited to ensure that they are addressed to the satisfaction of the auditor.

Financial Expertise.  The Guidance notes that, while not required by law, organizations should strive to have audit committee members who have financial expertise.

Communications with the Auditor.  Under Section 712-a, the audit committee or independent members of the board must review with the auditor any communications to those charged with governance which result from the audit (including the management letter).  The Guidance clarifies that the term “review” requires a conversation between the committee and the auditor in which audit committee members participate.  It does not, however, require a face-to-face meeting, which the Guidance acknowledges can add significant expense to small organizations.

Additional Requirements.  The Guidance suggests a number of additional responsibilities for audit committees or boards that are not specifically required by Section 712-a, including:

(i) ensuring that proper federal and state compliance and tax filings are submitted timely, including payroll, sales, and unrelated business income taxes, and foreign filings (if applicable), and that any taxes due have been paid or provided for;

(ii) reviewing the organization’s internal and financial controls on a periodic basis;

(iii) assuring the conduct of appropriate risk assessments and risk response plans;

(iv) monitoring any legal matters that could impact the reputation and financial health and reporting of the organization;

(v) instituting and overseeing any special investigatory work as needed, and assuring responses to investigations; and

(vi) periodically reviewing the organization’s insurance coverage and determining its adequacy.

Finally, the Guidance states that the audit committee or the board should maintain minutes of all meetings to demonstrate compliance with the audit oversight rules.