Nonprofit Whistleblower Policies

According to the Nonprofit Times, only 41% of not-for-profits have whistleblower policies. Perhaps nonprofit leaders believe their organizations are too small or collegial to worry about illicit activities — let alone people reporting them. Or perhaps a whistleblower policy seems like one more thing that requires time and money they don’t have. This is a mistake. Here’s why.

Why you should bother

No federal law specifically requires nonprofits to protect people who risk their jobs to report illegal or unethical practices. Instead, various federal, state, and local laws contain whistleblower protection provisions, including the Sarbanes-Oxley Act and The Dodd-Frank Wall Street Reform and Consumer Protection Act. Also, nonprofits are asked on IRS Form 990 to report whether they’ve adopted a whistleblower policy.

Adopting a whistleblower policy increases the odds that you’ll learn about activities before the media, law enforcement or regulators do. Encouraging stakeholders to speak up also sends a message about your commitment to good governance and ethical behavior.

What it should say

Your policy should be tailored to your organization’s unique circumstances, but most policies need to spell out who’s covered. In addition to employees, volunteers, and board members, you might want to include clients and third parties who conduct business with your organization, such as vendors and independent contractors.

Also, specify covered misdeeds. Financial malfeasance often gets the most attention. But you might also include violations of organizational client protection policies, conflicts of interest, discrimination, and unsafe work conditions.

And how should whistleblowers report their concerns? Must they notify a compliance officer or can they report anonymously? Is a confidential hotline available? Whom can whistleblowers turn to if the designated individual is suspected of wrongdoing?

What to do with a report 

Covered individuals need to know how you’ll handle reports once they’re submitted. Your policy should state that every concern will be promptly and thoroughly investigated and that designated investigators will have adequate independence to conduct an objective query.

Also describe what will happen after an investigation is complete. For example, will the reporting individual receive feedback? Will the individual responsible for the illegal or unethical behavior be punished? If your organization opts not to take corrective action, document your reasoning. Finally, explain in your policy that although you’ll do everything possible to maintain the whistleblower’s anonymity, you can’t guarantee it if the whistleblower needs to act as a witness in criminal or civil proceedings.

How to act now

Make sure you have your attorney review your whistleblower policy before releasing it. For more information about encouraging staffers to speak up when necessary, contact us. We can help you strengthen internal controls and implement a confidential reporting hotline.

How can we help?

DISCLAIMER: This blog is provided for informational purposes only and is not a substitute for obtaining accounting, tax, or financial advice from a professional accountant. Presentation of the information in this article does not create nor constitute an accountant-client relationship. While we use reasonable efforts to furnish accurate and up-to-date information, the evolving landscape surrounding these topics is supported by regulations or guidance that are subject to change.

We Value Your Privacy

This site may use cookies to store information on your computer. Some are essential to make our site work and others to improve the user experience. By using this site, you consent to the placement of these cookies and accept our privacy policy.