Previous Topic

Topic 3: Assessing your Budget and Financial Management Risks

As previously stated, certain risks may be beyond our immediate control. Many risks, however, can be reduced by putting in place effective financial controls and establishing a strong control framework. It is critical to understand that this is not about imposing restrictions or casting doubt on the integrity of your colleagues or partners.

Rather, a well-designed control system and processes help to protect everyone from unfounded suspicions. By promoting transparency and accountability, you build trust and strengthen your NGO’s reputation while also demonstrating your professionalism and ability to manage significant donor funding.

The Relationship between Risk and Controls

The relationship between risk and controls is inherently interlinked within the context of organisational management and governance.

Risk refers to the possibility of an event, action, or circumstance occurring that could have an adverse impact on an organisation’s objectives, goals, or mission. Risks can arise from various sources, including:

  • internal processes
  • external factors
  • strategic decisions 
  • and operational activities. 

Identifying, assessing, and managing risks is crucial for organisations to minimise potential negative outcomes and optimise their performance and resilience.

Controls, on the other hand, are mechanisms, policies, procedures, or safeguards implemented by an organisation to mitigate, monitor, or manage risks effectively. Controls are designed to reduce the likelihood or impact of adverse events and ensure that organisational objectives are achieved efficiently and in compliance with applicable regulations, standards, and best practices. 

Internal controls encompass a wide range of activities, such as

  • segregation of duties
  • authorization processes
  • physical security measures
  • information systems controls
  • and monitoring and review mechanisms.

The relationship between risk and controls is one of mutual dependence and complementary functions. Effective risk management involves identifying and assessing risks, determining appropriate responses or controls, and monitoring their effectiveness over time. Controls are implemented as part of the risk management process to mitigate identified risks and safeguard organisational assets, resources, and reputation. Conversely, the effectiveness of controls is contingent upon a thorough understanding of the organisation.

Examples of Risks and Controls

The following image showcases various examples of risks and controls that organisations may encounter. By visually depicting the relationship between risks and controls, we aim to provide insight into the proactive measures organisations can take to safeguard their operations, assets, and stakeholders. Take a look below.

Why do NGOs need to establish good Internal Control?

Regardless of the size of your operation and funding, all NGOs are faced with risks in various areas of their operation just like commercial companies. Furthermore, NGOs generally utilise public funds from government, charitable funding bodies or public donations to serve their beneficiaries. While small NGOs may not have their own internal audit units, they are still required to be accountable to various stakeholders by sustaining a sound internal control system to manage their risk properly.

In particular, the establishment of internal controls in key processes can facilitate small NGOs to:

  • Reduce the opportunities for fraudulent activities from occurring
  • Use resources in a transparent and effective manner
  • Comply with relevant laws and regulations 
  • Build good reputation and public trust

The image below is intended to provide insights on common risks faced by small NGOs within four selected processes aligned with the flow of resources and funding:

As you move forward, remember that managing risks effectively is not just a one-time effort but an ongoing commitment to excellence. By continuously evaluating and strengthening your internal controls, you pave the way for your NGO to thrive and make a lasting impact on the communities you serve. Thank you for your dedication to maintaining high standards and ensuring a brighter future for your organisation. Let’s continue to work together toward that goal.