Internal:Audit

Basic background: Audit committee's charter and responsibilities

 * Wikimedia DC has a standing Audit Committee of Directors to conduct annual reviews of its financial records, per the Bylaws.
 * As of Nov 2018, Wikimedia DC's Audit Committee has four members, listed here.
 * In other organizations, an "audit committee" would generally be a Board committee interfacing with EXTERNAL auditors. This is what it means at WM PL and WM FR, and in corporations.  However we are a small non-profit and our audit committee is to conduct an "internal audit" only, which is a much lighter thing.
 * The committee's central task is to verify the accuracy of WMDC's FY2015 accounting records in QuickBooks, and the summary financial statements in our annual financial report.
 * A successful conclusion is one in which the committee produces a statement saying we looked at the records and think that they're accurate and attaches it to the financial report for 2014-2015 (aka FY2015). Here's our draft.
 * Peter can get to the QuickBooks files and one Dropbox directory. Walter may have access to WMDC's bank and Paypal statements and to the final Dropbox directory.
 * Treasurers in the period to be audited were Peter Meyer and then Trisha Melikian. (So Peter is a respondent to the audit.  There were no objections by committee members at 8 May 2016 meeting to his being the chair; he remains chair, but other committee members will audit transactions done while he was chair.)
 * There are also other obligations of the Audit Committee which we can conveniently square off against now.
 * Annual tasks of the Audit Committee: conduct partial audit of financial records and transactions of a fiscal year; certify the chapter meets the records retention policy, the tax-exempt criterion in the bylaws (article 3, section 3), and . ..

Background research and reading
4. Review what audit committees for nonprofits are supposed to do. See list below under Bibliography. (Robert and Walter both.)

12. Research task: Look at another nonprofit to see what standards they say they use -- is it GAAP FAS 116 and 117, or something else?

19. Review this movement-wide report on finances: Movement-wide Financial Report -- Walter was an author  (Peter and Robert and John)

21. Draft a statement from this audit committee to be attached to the 2014-2015 financial report. A model one is the one at the top of the Annual Financial Report for Fiscal Year 2011–12 (which was basically written by Matt Bisanz who I believe is a CPA)  (in other years our audit committees have not produced such statements) Peter believes that statement should be updated to say (a) we're a 501(c)(3) org now; (b) we checked and the organization did stay within the 501(c)(3) bounds regarding advocacy expenditures; (c) we are reporting this correctly (according to policy) to our donors. (Peter) (Done ✅)

Gathering records
1. Figure out who has access to the various files we need and shares what we need, perhaps on Dropbox. Peter to share on Dropbox with all the committee. (Done ✅)

22. New receipts, post-FY2015, are on podio.com not Dropbox. (John and Robert need invites ; Peter get James to send one.) (Done ✅) 23. Additional task: Get receipts/records from Trisha who was treasurer from June-Sept 2015 and share on Dropbox. (Peter) (Done ✅)

Transaction verifications
2. Main task: Do either (a) an exhaustive comparison of the underlying bank/debit/PayPal/etc. transactions against the QuickBooks records, or (b) selective spot checks, or some other form of verification. If we find a problem, work with Walter and Kirill to update/correct it. Essential outcome of this committee in 2016.

3. Verify that a reconciliation occurred of bank/paypal with QuickBooks at the end of the fiscal year. If we find a problem, work with Walter and Kirill to update/correct it. Essential outcome of this committee in 2016.

5. Review key Bylaws, ARTICLE X - FISCAL CONTROLS (edited to focus on audit issues): (1) Disbursements over $25 shall be made only by check drawn on the Corporation's bank account or by electronic means, except where a resolution of the Board allows for cash disbursements in excess of $25 for specific purposes. Any disbursement over $5 shall be supported by voucher or receipt. All checks, drafts, notes and evidence of indebtedness of the Corporation shall be signed by either the Treasurer or the President. Disbursements in excess of $2,500 shall require the signature or written approval of both the President and the Treasurer. (2) Annual Budget. Before Oct 1 each year, the Board shall prepare an estimated budget for the Oct-Sept for the annual membership meeting to vote to approve. (4) Capital expenditures over $1000 must be approved by a majority at the annual membership meeting. Approval of a line item in the annual budget constitutes membership approval of a capital expenditure.

6. Evaluate: Broadly, were the Fiscal Controls specified in the bylaws followed, as best we know? Should they be revised? Specifically: Was an Annual Budget proposed and approved as specified? Should the rules about the annual budget be changed?

11. Look over our past Annual Financial Reports, and examine any substantive changes in the report for 2014-2015. Do we know why those changes were made and are we comfortable with the changes?

15. Review Delegation of Authority Policy, especially article (3), and Talk:Delegation of authority policy -- do we think the policy was followed, based on our limited information?

17. Review our tax forms submitted to the IRS for this 2014-2015 period; make sure somebody on our committee knows who wrote it and sent it ; do they make sense when matched up with the 2014-2015 annual financial report? (Walter to share tax form on Dropbox.)

20. Review our grant submissions and reports m:Grants:PEG/WM_US-DC from 2014-2015-- any red flags, or anything we should verify with the bank/paypal/quickbooks systems? spot checks? (John)

Non-transaction verifications
13. Review Whistleblower Policy -- it assigns tasks to us. Review it ; if we have received any significant reports of illegal activity that we are taking action. (Brainstorm here.) (John) (Done ✅)

14. Review Non-discrimination policy -- assigns a responsibility to chair of Audit committee ; claim: it's been satisfied. (John) (Done ✅)

16. Review Record retention policy -- for the purposes of this Policy, the President, the Secretary, the Chair of the Audit Committee, or any legal counsel retained by Wikimedia DC. . . (g) External audit reports. (John) (Done ✅)

18. Verify that we didn't spend much on advocacy per our tax-free requirements. This is straightforward. Just need to verify we spend much less than 20% on advocacy of legislation, and did not endorse or financially support political candidates. (Peter to gather evidence.)

Revisions to current policy
(May 22 update: items 7-9 addressed by draft Internal:Fiscal control policy amendments for board consideration; needs further review and study however)

7. Research and revise Fiscal control policy 7.1 to replace "financial records . . . consistent with US GAAP . . . particularly . . . FAS 116 and FAS 117." My accountant-professor friend identified two problem with this phrasing: U.S. GAAP overall is big and heavy and unsuitable for a small nonprofit basically, and we aren't meeting its standards which call for detailed footnotes. Also it applies to financial STATEMENTS not financial RECORDS. Therefore he suggests to replace this sentence by something narrower and more achievable like "the treasurer should maintain financial records that will enable financial statements to be prepared that are consistent with U.S. GAAP FAS 116 (Accounting for Contributions Received and Contributions Made) and FAS 117 (Financial Statements of Nonprofit Organizations)." I'd like to work on that with someone and propose something to the Board. (My friend said there is a discussion among accounting specialists about whether there SHOULD be a "light" version of GAAP, but right now there isn't one.) Therefore we should focus the assertion on those bits of U.S. GAAP that we are specifically trying to meet. (Peter) ✅

8. Revise 7.7 to add something like "The treasurer shall keep a register of fixed assets owned by the chapter." (A minor thing; we have just a WiFi device and a few other odds and ends. Somebody should have an official list.)   (Peter) ✅

9. Revise 6.4 to say "All solicitation documents shall accurately report [the 501(c)(3) status] of the organization." The current assertion make us responsible for too much -- the tax status of the donor's income and the on the tax deductibility of donations made to Wikimedia DC in the donor's jurisdiction --- for example, we should make no such assertion for foreign donors. (Peter) ✅

10. Review Fiscal control policy beyond that point?

possible additional task

 * there is a distinction between public charities and private foundations
 * the test starts to apply 5 years after the org becomes a 501c3 so not yet
 * private foundations have to report differently and we probably want to avoid this and to stay in the category we are now in
 * the org needs to get at least a third of its revenues from sources which aren't single or family large donors
 * here is the org getting at least of a third of the revenues from either (a) individuals who didn't give over 2% of the funding ; or (b) public grant sources like WMF or Knight foundation.
 * (c) the test doesn't apply till we've been a 501c3 for 5 years
 * reporting requirements. (b)

Second meeting, May 22

 * Met two weeks later on May 22 @ 14:30
 * Preliminary agenda: Discuss/review what non-profit audit committees are to do, and what standards they follow. Discuss Movement-wide chapters finance report.
 * Only John and Peter attended.
 * We find no specific need to apply additional retention beyond record retention policy article 5. We received no complaints requiring our committee's action so far.  Unless other audit committee members wish to discuss further, these tasks are done.  (✅ Done)
 * Peter to do: make complete copy of Dropbox directory on his local drive, as backup.  (✅ Done)
 * Peter received more receipts from Trisha and James. Peter will organize these documents/receipts in the shared Dropbox space.
 * John to copy the quickbooks exported spreadsheet -- the "transactions file" -- and to add columns for these elements, more or less: (a) trivial transactions not worth further inspection, (b) board resolution appropriately supports the expense (y/n or date); (c) transaction supported by adequate documentation (y/n) ; (d) fold in checkbook information as desired from checkbook spreadsheet
 * Peter to read Movement-wide Financial Report -- notes: are we using categories that are easy to compare with other chapters? Categories in the report were organized per International Financial Reporting Standards (IFRS).  (✅ Done)
 * John to read up on how nonprofits do audits or accounting
 * John suggests doodle poll for timing future audit meetings.
 * Peter plans to propose a board policy defining the role of the audit committee at the June 5 meeting (partly drafted, reframed by Kirill) (✅ Done)
 * Peter plans to propose Fiscal control policy amendments at some board mtg, incorporating feedback from audit committee members. (drafted, reframed by Kirill) (✅ Done)
 * Peter to arrange Skype meeting June 5 at 13:00 eastern time and the Cove meeting room. (Audit committee members generally agreed to this time by email after the meeting.) (✅ Done)


 * /History of WMDC finance and accounting roles

Bibliography of WM DC records and related

 * Wikimedia DC Annual financial report (2010–2011)
 * Wikimedia DC Annual financial report (2011–2012) -- note the Report from the Audit Committee, a model to emulate this year
 * Wikimedia DC Annual financial report (2012–2013)
 * Wikimedia DC Annual financial report (2013–2014)
 * Wikimedia DC Annual financial report (2014–2015)
 * The chapter's grant reports to WMF are on meta: m:Grants:PEG/WM_US-DC
 * Accounts/platforms: Wikimedia uses Wells Fargo, Paypal, Square (?), QuickBooks online (for bookkeeping, automatically draws from the bank) ; and Dropbox for receipts.   WM DC uses no other platforms for money -- right?   Must agree amongst ourselves on this statement.
 * WM Poland and WM France have *external* auditors. WM DC does not.  I believe WM NY does not.
 * Wikimedia Australia keeps their financial numbers online at xero.com. Online has the advantage I guess that several of them can access the info, at least with read-only access. Cost maybe $360/year -- note they have much more revenue than WM DC does.  For more, talk to treasurer John Vandenburg or previous treasurer now president Charles Franklin.  Thanks for Charles Gregory, with whom I spoke at Wikimania 2013.
 * Movement-wide report on finances: Movement-wide Financial Report -- Walter was an author
 * Key WMF grants terminology: PEG--the kind of grants we get ; APG -- bigger annual grants our chapter president aspires to get ; TPS--travel grants for individuals ; IEG--project grants for individuals

Background on audit committees of nonprofits

 * National Council of Nonprofits. Internal Controls for Nonprofits.   1 page.
 * National Council of Nonprofits. What does an audit committee do?. 2-3 pages.
 * NFP Audit and Accounting blog. 2010.  does a nonprofit organization need an internal audit function?.
 * Nonprofit Answer Guide. What about audits? Does a nonprofit need to have one? What kinds are there?
 * Grantspace. Where can I learn more about nonprofit audits?
 * Jeffrey S. Gittler; Kevin Ryan. Roles and Responsibilities of Nonprofit Audit Committee Members.  Guidestar / Citrin Cooperman.  Aug 2011.
 * Virginia Society of Certified Public Accountants. 2011. Audit Guide for Audit Committees of Small Nonprofit Organizations. 7 pages.
 * Nonprofit Accounting Basics. Audit glossary.
 * Certain institutions evaluate nonprofits. Informally, we'll keep track of some on this subpage.