Review and Implement Internal Controls
The operation of a congregation requires many practices and processes having to do with money and sensitive data. Internal controls are systematic ways we conduct these tasks while minimizing risk. At the heart of sound internal controls are intentional procedures that get the job done efficiently and lawfully, involve more than one person for checks and balances, leave a paper trail, and ensure the secure storage of records where sensitive information is not at risk.
The importance of internal controls is related to the magnitude of risk due to loss or negligence—the greater the risk, the higher the value of internal controls. Internal controls should be implemented for things like purchases and reimbursements, handling and recording donations, managing and reconciling checking and other asset accounts, paying bills and signing checks, retaining records, securing and backing up electronic data, calculating payrolls, paying taxes and more. The audit process (described in the next section) is an internal control meant to verify the accuracy of financial reports and accounting processes.
Any time is a good time to be thoughtful about how and why we do what we do. If there is a sense that the cost of an internal control exceeds its benefit, then perhaps it needs to be reconsidered. Likewise, an important function done sloppily increases exposure to risk and should be reviewed.