In profit making organizations, “Risk Management” is important to manage operations in ever-changing business environment of market complexity to meet increasing investor expectations. Risk is the main cause of uncertainty and, therefore, business organizations focus more on identifying risks and managing them before they even affect the business.
In profit making organizations, risk is the probability that an actual return on an investment will be lower than the expected return. On the other hand, in nonprofit organizations, risk is the events arising out of uncertainty that may have a significant impact on the objectives of the organization. A risk can have consequences beyond failure to deliver on results. It may negatively impact on reputation, integrity, credibility and trust from donors and stakeholders. Therefore, risk management is equally important in nonprofit organizations.
Types of Risks
Similar to profit making organizations, operational risk (fraud) is one of the principal risk in nonprofit making organizations too. Riskandinsurance.com has conducted research and published 7 Critical Risks Facing Nonprofit Organizations in 2018 as follows:
- Theft (fraud and corruption) – theft of funds can be perpetrated by an employee or a third-party vendor
- Fundraising Fraud – unscrupulous parties may impersonate a nonprofit organization to host fundraising events, keeping the profits for themselves
- Reputation – heavy reliance on a positive public perception and the confidence of donor base
- Regulatory Compliance – Losing tax exempt status, other non-compliance
- D&O Liability – Liability arising todirectors and officers because of organization’s deed
- Special Events – risk arising out of community fairs, fundraising events, etc.
- Volunteer Staff – relaxed approach of the organization to the screening and training of volunteers versus paid employees
Some of the organizations classify risk on the following basis:
- Contextual – risksthose are beyond the control of the organization, e.g., flood, terrorism, political instability, etc.
- Programmatic – risks arising fromprogram design and implementation, e.g., diversion of fund, lack of capacity to utilize the fund, poor service delivery, etc.
- organizational – risks those are internal to the organization and may affect employees and reputation of the organization, e.g., financial management, human resource management, organizational processes, etc.
Impact of Fraud
According to the research conducted by Association of Certified Fraud Examiners (ACFE) in 2016, costs of ignoring Fraud Risks are as follows:
- 23.2% of frauds cause more than $1 million in losses.
- 10.1% of all frauds affect nonprofit organization with a median loss of $100,000.
- 12% of victim organizations make a full recovery
Consequences of Fraud
Fraud and Corruption may have severe consequence to the organization, such as:
- Damage to the reputation of the organization
- Damage to staff morale and organizational culture
- Damage to the quality of programs and the failure to achieve the mission of the organization
- Security risks, waste of management time and liability or legal issues
Risks Management Process
Risk management process for managing risks faced by nonprofit organizations is the whole set of activities the organization needs to follow to identify, assess, manage and monitor any risks to which the organization is exposed to. The process is presented in the figure below: