In profit making organizations, “Risk Management” is important to manage operations in ever-changing business environment of market complexity to meet increasing investor expectations. Risk is the main cause of uncertainty and, therefore, business organizations focus more on identifying risks and managing them before they even affect the business.
In profit making organizations, risk is the probability that an actual return on an investment will be lower than the expected return. On the other hand, in nonprofit organizations, risk is the events arising out of uncertainty that may have a significant impact on the objectives of the organization. A risk can have consequences beyond failure to deliver on results. Moreover, it may negatively impact on reputation, integrity, credibility and trust from donors and stakeholders. Nonprofit organizations take all these possible impact seriously. Therefore, risk management is equally important in nonprofit organizations.
Types of Risks
Similar to profit making organizations, operational risk (fraud) is one of the principal risk in nonprofit organizations too. http://www.riskandinsurance.com has conducted research and published 7 Critical Risks Facing Nonprofit Organizations in 2018 as follows:
- Theft (fraud and corruption) – theft of funds which can be perpetrated by an employee or a third-party vendor
- Fundraising Fraud – unscrupulous parties may impersonate a nonprofit organization to host fundraising events, and thus, keeping the profits for themselves
- Reputation – heavy reliance on a positive public perception and the confidence of donor base
- Regulatory Compliance – Losing tax exempt status, other non-compliance
- D&O Liability – Liability arising todirectors and officers because of organization’s deed
- Special Events – risk arising out of community fairs, fundraising events, etc.
- Volunteer Staff – relaxed approach of the organization to the screening and training of volunteers versus paid employees
Some of the organizations classify risk on the following basis:
- Contextual – risksthose are beyond the control of the organization, e.g., flood, terrorism, political instability, etc.
- Programmatic – risks arising fromprogram design and implementation, e.g., diversion of fund, lack of capacity to utilize the fund, and poor service delivery; and
- organizational – risks those are internal to the organization and may affect employees and reputation of the organization, e.g., financial management, human resource management, organizational processes, etc.
Impact of Fraud
According to the research conducted by Association of Certified Fraud Examiners (ACFE) in 2016, costs of ignoring Fraud Risks are as follows:
- 23.2% of frauds cause more than $1 million in losses.
- 10.1% of all frauds affect nonprofit organization with a median loss of $100,000.
- 12% of victim organizations make a full recovery
Consequences of Fraud
Fraud and Corruption may have severe consequence to the organization. Such consequence include damage to the reputation of organisation as well as lower staff morale. Also, fraud causes damage to the quality of programs and failure to the mission of organization. Finally, it increases security risks, wastes management time, and may raise legal issue against the organization.
Risks Management Process
Risk management process for managing risks faced by nonprofit organizations is the whole set of activities the organization needs to follow to identify, assess, manage and monitor any risks to which the organization is exposed to. The process is presented in the figure below: