How would your employees, board or even you go about reporting suspected misconduct, fraud or violations of policies and procedures? If you don’t know, then you should refer to your organization’s whistleblower policy, and if you find that your organization does not have one, now is the time to consider adopting one.
Adopting whistleblower policies are a best practice in the nonprofit community. In fact, this is another policy in our quick tip series significant enough that the IRS requires organizations to report whether or not they have implemented one in their Form 990 tax return. Adoption of these policies demonstrates to the general public and potential donors your organization’s adherence to best governance practices and responsible stewardship.
As a rule of thumb, your whistleblower policy should reflect the structure of your organization and should not be overly complex. It should address how individuals go about reporting suspected wrongdoings, including who to contact and how (this could include multiple points of contact based on the nature of the concern). It is important that the policy also describes the maximum timeframe for acknowledging reported misconduct and affirm that those who come forward in good faith will not be subject to reprisal or retaliation, but those who do not act in good faith, or knowingly make false accusations, will be subject to disciplinary actions.
Adopting a policy should not be the final step in this process. Everyone in the organization should be made aware of the policy, and at least annually the board should review and update the policy as necessary.