Governance and Compliance for Nonprofit Organizations
Governance is not a formality in the nonprofit sector. It is the mechanism by which an organization demonstrates that it is using public resources, including charitable donations and tax exemptions, in ways consistent with its stated mission. Good governance is also the primary defense against the kinds of problems that derail organizations: financial mismanagement, conflicts of interest, regulatory violations, and the gradual erosion of public trust.
Compliance follows from governance. If your governance structure is sound, compliance is a natural extension of how you operate. If governance is weak, compliance becomes reactive and expensive.
The Board’s Role and Responsibilities
The board of directors carries ultimate legal and fiduciary responsibility for the organization. That responsibility encompasses three primary duties: the duty of care, the duty of loyalty, and the duty of obedience.
The duty of care requires directors to act with reasonable diligence in their oversight role. This means attending meetings, reviewing financial reports, asking questions, and making decisions based on adequate information rather than rubber-stamping whatever management presents.
The duty of loyalty requires directors to put the organization’s interests ahead of their own. This is the principle behind conflict-of-interest policies. A director who has a financial relationship with a vendor the organization is considering hiring has a conflict of interest. Proper governance requires that the conflict be disclosed, that the director recuse themselves from the relevant decision, and that the transaction be evaluated on its merits by disinterested directors.
The duty of obedience requires directors to ensure the organization operates in accordance with its stated mission and legal obligations. A nonprofit cannot decide to redirect its resources to activities unrelated to its exempt purpose without facing legal and regulatory consequences. The board is responsible for maintaining that alignment.
Conflict of Interest Policies
The IRS expects 501(c)(3) organizations to have a formal conflict-of-interest policy in place, and Form 990 asks directly whether one exists. A bare-bones conflict-of-interest policy is not enough; it needs to define what constitutes a conflict, require annual disclosure by directors and officers, establish a recusal process, and create a record of how conflicts were handled.
In practice, conflicts of interest frequently arise in smaller nonprofits, where board members often have personal or business relationships that intersect with the organization’s work. The question is not whether conflicts arise but whether the organization has a clear process for managing them. Organizations that handle conflicts transparently and consistently are in a much better position than those that either ignore them or handle them informally.
Financial Controls and Oversight
Financial mismanagement is one of the most common causes of nonprofit failure, and it is usually preventable with basic internal controls. Segregation of duties is the foundational principle: the person who authorizes payments should not be the same person who cuts checks, and the person who receives bank statements should not be the same person who reconciles them.
For small organizations without the staff to fully segregate these functions, the board finance committee or treasurer needs to be actively engaged in financial oversight, not just reviewing summaries at quarterly meetings. Regular financial reports should go to the full board, and significant financial decisions should require board approval.
An annual audit or financial review, conducted by an independent CPA, provides an additional layer of oversight and is required by many funders. Some states also require audits for revenue above certain thresholds. Even where not legally required, an independent financial review is a governance best practice and provides a meaningful check on management’s financial reporting.
State Reporting and Registration Obligations
Federal tax-exempt status is only one piece of a broader compliance picture. Most states require nonprofits to register with a state agency before soliciting charitable contributions from state residents. These requirements vary considerably by state, and the penalties for noncompliance can include fines, suspension of registration, and, in some cases, personal liability for officers and directors.
Registration is typically an annual obligation, not a one-time event, and requires renewal along with updated financial information. Organizations that solicit in multiple states need to monitor their registration status in each relevant jurisdiction. Multi-state compliance is manageable with proper tracking systems in place, but it requires attention.
State corporate reporting requirements are separate from charitable solicitation registration. Most states require annual reports to maintain good standing as a corporation, along with payment of any applicable fees. Failing to file these reports can result in the administrative dissolution of the corporate entity.
Executive Compensation
Executive compensation is an area of heightened scrutiny for nonprofit organizations. The IRS requires that compensation paid to officers, directors, key employees, and highly compensated individuals be disclosed on Form 990, which is publicly available. This transparency is intentional; it creates public accountability for how organizations compensate their leadership.
To avoid potential issues with the private inurement prohibition and intermediate sanctions, compensation decisions should be made through a documented process that involves independent directors, relies on comparability data from similar organizations, and is contemporaneously recorded in board minutes. This is called a rebuttable presumption process, and organizations that follow it are in a much better position if the IRS ever questions a compensation arrangement.
Records Retention and Public Disclosure
Nonprofits have specific records, retention obligations, and public disclosure requirements. The organization’s Form 990, Form 1023 (or 1023-EZ), and articles of incorporation must be made available to the public upon request. Most organizations make these documents available through services like Candid or on their own websites, which simplifies compliance and builds donor confidence.
Internal records, including board minutes, financial records, grant agreements, and personnel files, should be retained in accordance with a written records retention policy. Certain records have specific legal retention requirements; others are retained based on practical needs and organizational policy.
Strong governance and compliance practices are not obstacles to mission-driven work. They are the foundations that allow an organization to pursue that work credibly and sustainably over time.
Disclosure: The information in this article reflects general structural principles and practical observations from consulting experience and is provided for educational purposes only. It should not be interpreted as individualized legal or tax advice.