Despite their good intentions, when it comes to compliance and the NGO sector, scratch the surface too much and what you see may not necessarily be what you get. Although ranked as the most trusted sector in the world, NGOs and charities (as with any other organisation) are not immune from compliance risks. If anything the complexity of the environment they operate in make it even more challenging, as at the heart are a number of unique internal and external compliance risks.
The first of these is the absence of a profit motive. Unlike other sectors, NGOs tend to be extremely mission driven. This can at times result in a potential governance issue being overshadowed by programmatic pressure, in particular during humanitarian relief operations, where the imperative to help those in need is the primary focus. This focus, when coupled with a strong reliance on the use of volunteers, also creates a compliance challenge, as it creates an operational environment built on an extremely high-level of trust. While extremely positive, when it comes to compliance, it can act as a double-edged sword. While a focus on mission and speed are essential, it can also result in a failure to implement key internal controls, or – in more extreme circumstances – the same key internal controls are viewed as an unnecessary level of bureaucracy, and circumvented, if they are viewed as slowing down key operational processes.
In addition to these internal risk factors are a number of external ones. A key ingredient to maintaining a high level of integrity is the implementation of an appropriate external regulatory environment, as this is crucial to setting minimum compliance standards for the sector. Unlike the commercial and governmental sectors, NGOs (in many jurisdictions) tend to be subject to a light regularity touch regime. In many cases, minimum standards are extremely low, meaning that NGOs are subject to a lower level of oversight and scrutiny from authorities. When combined with an automatic presumption of honesty given by the general public, it results in a lack of robustness in the external checks and balances needed to create a healthy balance compliance environment.
While the bulk of compliance risks can be offset and minimised by a robust integrity and anti-corruption framework, many NGOs rely on externally mandated standards, which – for the reasons outlined above – tend to be insufficient to properly minimise the risk. A good example of this is a recent review I undertook of an Australian-based NGO.
The initial assessment confirmed that it was fully compliant with all of the regulatory requirements laid down by the national charities and NGO regulator. It has also implemented the various anti-corruption related standards contained in the Council for International Development’s (Australia’s peak NGO body’s) code of good practice. Despite this, when assessing potential vulnerabilities in its fraud prevention processes (using a standard, risk-based, anti-fraud diagnostic tool), the NGO scored four out of a total of 100 points available (where a score of less than 100 indicated a weakness in a specific area).
What this clearly highlights is that the NGO and charity sector, despite being guided by good intentions, is not immune from corruption or other forms of compliance risks. If anything, the unique environment in which NGOs operate in makes it more of a challenge to manage effectively. Unless NGOs embrace this risk, and start proactively managing it, their reputations – and the associated public confidence – built up over many years, could be seriously affected.