In the Finance section, the accreditation application includes questions about a land trust’s internal controls and financial procedures. The questions and other application information are part of how the Commission verifies a land trust meets indicator element 6D1 in the 2017 Standards. [Note: internal controls are scaled to each individual land trust, and the Commission's questions should help the land trust analyze where there are risks and how their controls address the risks (or where additional controls are needed). There isn’t a one set of internal controls that is the land trust standard.]
6D1. Written Internal Controls
Establish written internal controls and accounting procedures, including segregation of duties, in a form appropriate for the scale of the land trust, to prevent the misuse or loss of funds
Internal controls are a system of checks and balances designed to safeguard the assets of the organization and to help ensure that resources are directed to appropriate and authorized purposes. In the United States, the most common framework for establishing and evaluating internal controls is the COSO Framework, which is a comprehensive framework for thinking through the controls that both nonprofits and business entities need to put in place to manage significant risks.
The COSO Framework emphasizes five key elements for internal controls, with the understanding that all five elements must be addressed to establish and maintain effective controls. The elements are:
1. Control environment
2. Risk assessment
3. Control activities
4. Information and communication
5. Monitoring
1. Control Environment
The starting point for effective controls lies with establishing clear expectations for integrity and accountability at the top. In a nonprofit organization, the board must express and demonstrate absolute commitment to integrity and compliance with controls.
For accreditation, the “control environment” aspect of internal controls is addressed, in part, with requirements for adopting Land Trust Standards and Practices (which are the ethical and technical and guidelines for the responsible operation of a land trust) and carefully managing conflicts of interest (see practice elements 4A1 and 4A2).
2. Risk Assessment
Every land trust faces a variety of risks from external and internal sources. Your land trust’s assessment of its risks should focus on both the significance of each risk (what damage would be done if controls failed and errors or irregularities occurred) and the likelihood that such a control failure will occur. Based on that assessment, you will be able to develop control activities.
For accreditation, the “risk assessment” aspect of internal controls is addressed with short risk-assessment questions completed by someone familiar with the land trust’s financial and accounting practices. (A land trust may have responded to similar questions for its auditor; the auditor uses the information to determine whether the financial statements fairly represent the land trust’s financial position not to evaluate internal controls. The answers given to the auditor, however, can be useful in answering the accreditation questions.)
3. Control Activities
Control activities include the development and implementation of written policies and procedures that are designed to prevent error or irregularity from occurring and ensure rapid detection and correction for any errors or irregularities that do occur, despite the land trust’s best effort to prevent them from occurring.
For accreditation, the “control activities” aspect of internal controls is addressed with requirements for written internal controls or accounting procedures that address the risks of misuse, loss or misstatement of funds – such as those risks identified in the risk-assessment questions. (Many land trusts already have policies and procedures that address these risks and these existing documents can be provided with the accreditation application; some organizations many need to formalize written internal controls that address these risks.)
4. Information and Communication
Your staff, volunteers and others who are expected to perform control activities and comply with fiscal policies and procedures must have good information in order to carry out internal control responsibilities. Beyond providing basic information about your control expectations, risk assessment and control activities, the board and management team must ensure that a continual iterative process is in place to provide, share and obtain necessary information.
For accreditation, the “information and communication” aspect of internal controls is addressed, in part, with the requirements for board oversight of the land trust’s finances (see practice elements 3A2a-d), the board’s governance practices, and the land trust’s response to any significant concerns identified through the annual financial audit, review or compilation.
5. Monitoring
Your land trust will need to develop effective approaches to monitoring its entire system of internal controls in order to understand whether they are working as intended.
For accreditation, the “monitoring” aspect of internal controls is address with an internal controls certification completed by a board officer or executive director attesting that the organization’s financial controls are periodically verified to ensure they are effective.
[The above contains excerpts from the Land Trust Alliance’s narrative on practice element 6D1.]
What does the Internal Controls Certification look like?
Here is an example of an Internal Controls Certification that meets the requirements as described in the Requirements Manual.
Page updated 3/8/19
It's important to understand when each component of your accreditation application is due.
