As the Charity Commission (the Commission) notes in the guidance, internal financial controls are essential checks and procedures that help charity trustees:
The guidance note (CC8) has been restructured with the intention of making it clearer and more concise. It covers issues that were not in existence or widely relevant to the sector when first drafted, such as using mobile payment systems such as Google pay and Apple pay (covered at paragraph 6.3) and receiving donations of cryptoassets (covered at paragraph 5.7).
The guidance explains the risks associated with cryptoassets and the steps to take if a charity decides to accept donations of cryptoassets or use non-fungible tokens.
Advice on more traditional risks (such as when fundraising and holding public collections, making payments to related parties, and operating internationally) has been updated and a new section has been added on accepting hospitality and what the charity's policy should cover.
To help charities put the guidance into practice, the Commission has issued an updated checklist for reviewing a charity's internal financial controls. Each point in the checklist links to a section of the guidance and charities can work through the sections that are relevant to their charity.
It is not unusual for governance difficulties at charities to highlight gaps in a charity's internal financial controls. Reviewing those controls is a useful test of a charity's governance arrangements.
We recommend that trustees read through the new guidance and work through the checklist to ensure that your policies and procedures meet the standards expected by the Commission.