Assessing Church Investment Risk: A Guide To Financial Stewardship

Churches are vulnerable to a variety of risks, including financial fraud, accidents, employee injuries, abuse of minors, vandalism, building maintenance issues, embezzlement, natural disasters, fires, armed intruders, and the unexpected departure of key leaders. To protect against these risks, churches should conduct risk assessments to identify hazards and determine if existing precautions are adequate. This involves evaluating the likelihood and potential impact of each risk, as well as implementing appropriate mitigation strategies such as insurance, security measures, and internal controls. By proactively managing risks, churches can safeguard their finances, assets, and operations, ensuring they can effectively carry out their mission and serve their congregations.

Identify common investment scams, such as pyramid schemes, and educate church leaders about them

Churches and church members are common targets of investment fraud, so it is important that church leaders are able to identify common investment scams and know how to avoid them.

One common scam is a Ponzi scheme, a type of illegal pyramid scheme. In a Ponzi scheme, money is collected from a stream of people, with the promise of a high rate of return on a short-term investment. However, the money collected is used to pay obligations owed to longer-standing members of the program, rather than being invested. Eventually, the scheme collapses when no new members can be recruited, and most investors lose their money.

Another common scam is an advance-fee fraud, where victims are charged upfront fees for the promise of generous returns which never arrive.

Affinity fraud is another scam that targets members of specific groups, such as religious or ethnic communities, exploiting trust and shared affiliations to promote fraudulent investment opportunities. The scammer will act like they are part of the group to win the trust of the group leader and its members, hoping that if the group leader invests, others will follow.

High-yield investment programs are also common scams, where scammers claim that high returns are guaranteed if you invest with them. Often, these investments are not real, or they are selling stocks that have almost no value.

To avoid these scams, church leaders should be cautious of any investment opportunity that sounds too good to be true. They should also be wary of anyone who claims to guarantee returns, as all investments contain some level of risk. It is important to do your own research and ask for financial statements that prove how revenue is generated for any investment opportunity. Church leaders should also be cautious of unsolicited cold calls, emails, or social media investment offers, and be sure to verify the identity of anyone offering an investment opportunity.

Understand the fiduciary duty of church leaders and the legal consequences of breaching it

Church leaders, most commonly understood to be church board members or members of church finance committees with decision-making power, have a fiduciary duty to their church. This means they must bring intentional care and oversight to the financial affairs of their church.

Origin and Nature of Fiduciary Duties

The word "fiduciary" comes from the Latin word "fīdūciārius", relating to something held in trust. A fiduciary duty is imposed on church leaders because they have been selected to represent and promote the best interests of the church.

The Fiduciary Duty of "Due Care"

Church board members have a fiduciary duty to use reasonable care in the discharge of their duties. This means they must:

• Attend all board and committee meetings
• Receive an agenda and supporting documentation in advance of each meeting
• Review financial statements and other materials to enable them to seek clarification of any questions, irregularities or inconsistencies
• Affirmatively investigate and rectify any problems or improprieties
• Review the corporate charter, constitution and bylaws, ensuring copies are accessible during the meeting
• Dissent from any board action they disagree with and ensure their objection is recorded in the minutes
• Only approve financial reports of sufficient importance (e.g. an annual report)
• Provide members with preliminary minutes soon after the meeting, inviting additions and corrections
• Ensure all actions are properly authorised, recorded in the minutes, and consistent with the church's charter, bylaws or other governing instruments
• Implement training and orientation programs for new and veteran board members
• Resign from the board if they are unable to fulfil their duties

The Fiduciary Duty of the "Prudent Investor"

The fiduciary duty of care also applies to the investment of corporate funds. Church board members are not held to a standard of perfection and are only accountable if an investment decision was not based on "the care an ordinarily prudent person in a like position would exercise under similar circumstances". To reduce the risk of violating this duty, church board members can:

• Check state law and the church's governing documents and minutes for any provisions and restrictions on investments
• Use an investment committee to make recommendations, ensuring it includes individuals with proven investment or financial expertise
• Create an investment policy to govern investment decisions, prohibiting investments in specified instruments or programs
• Avoid speculative or risky investments, especially those that promise to "double your money"
• Do not rely on the "expert opinion" of persons representing the promoter of an investment scheme; instead, seek advice from independent and objective persons with financial and investment expertise
• Be aware of common investment scams, including pyramid schemes, Ponzi schemes, Nigerian investment scams and prime bank scams

The Fiduciary Duty of Loyalty

Directors of nonprofit corporations have a fiduciary duty of loyalty to the corporation. This duty requires any transaction between the board and one of its directors to be:

• Fully disclosed
• Approved by the board without the vote of the interested director
• Fair and reasonable to the corporation

The Fiduciary Duty of Obedience

Some courts have ruled that the officers and directors of nonprofit corporations have a fiduciary duty of "obedience". This duty requires directors to ensure the church:

• Is organised and operated exclusively for religious or other exempt purposes
• Retains its exemption from state and federal taxes
• Is in compliance with its constitution, bylaws or other governing instruments, and with applicable federal, state and local laws and regulations

Effect of Violations of Fiduciary Duties

The personal liability of church board members for a breach of their fiduciary duties may consist of one or more of the following:

• Intermediate sanction penalties under section 4958 of the Internal Revenue Code for authorising excess benefits for "disqualified persons"
• Jeopardy of the church's tax-exempt status for authorising unreasonable compensation, resulting in "inurement" of the church's assets to the private benefit of an individual
• Removal from office pursuant to the church's bylaws or other governing document
• Personal liability for authorising a loan to an officer or director that is not repaid, in several states
• Personal liability for approving a transaction that violates the board member's fiduciary duty of loyalty, in several states
• Money damages, as illustrated by an $8,000 verdict against a church board member for breach of his fiduciary duties

Implement internal financial controls, such as counting procedures and disbursement authorisation, to mitigate the risk of fraud and embezzlement

Churches and church members are often targeted by unscrupulous individuals in fraudulent investment schemes. Church leaders must be aware of this risk and take steps to protect church assets, as well as the assets of church members. Implementing internal financial controls, such as counting procedures and disbursement authorisation, is crucial to mitigate the risk of fraud and embezzlement. Here are some detailed steps that churches can take to enhance financial controls:

Segregation of Duties

Segregating duties means that no single person handles a financial transaction from beginning to end. For cash disbursements, this can involve assigning different individuals to authorise payments, sign cheques, record payments, and reconcile bank statements. While small organisations with limited staff may find this challenging, they can assign specific tasks to available personnel, such as having the staff member sign cheques and the treasurer review disbursements and bank statements.

Authorisation and Processing of Disbursements

Developing clear policies regarding who can authorise payments is essential. Some organisations designate this function solely to the executive director, ensuring a single point of accountability. Alternatively, department heads may authorise purchases within their department's budget. It is also important to define what constitutes a significant expenditure and establish policies for handling such purchases, which may require additional approval from the board or multiple signatories on cheques.

Documentation and Record-Keeping

All disbursements should be supported by adequate documentation, such as receipts or invoices. Cash withdrawals should never be made via ATM cards. Invoices should be marked as paid, indicating the date and amount of the cheque issued, to avoid duplicate payments. A cash disbursement journal should be prepared monthly, detailing information such as the date, amount, payee, and expense account for each transaction.

Separation of Authorisation and Check-Signing

Arrange duties so that the person authorising a payment does not sign the cheque. This reduces the risk of fictitious invoices and payments to non-existent vendors. Additionally, ensure that those who sign cheques neither have access to cancelled cheques nor prepare the bank reconciliation, making it more difficult for theft or concealment.

Physical Audits and Counting Procedures

Conduct physical audits by hand-counting cash and any physical assets tracked in the accounting system, such as inventory and tools. For churches, this may include offerings or donations received. Counting cash can be done daily or several times a day, depending on the volume of transactions. Physical audits add a layer of redundancy and help identify discrepancies that may be missed in electronic records.

Standardised Documentation

Standardise financial documentation, such as invoices, internal materials requests, inventory receipts, and travel expense reports. Using consistent formats facilitates record-keeping and makes it easier to review past transactions when investigating discrepancies.

Approval Authority and Dual Signatures

Require specific managers or authorised personnel to approve certain types of transactions, especially large payments or expenses. For cheques over a certain amount, consider implementing a dual signature requirement. Ensure that the number of authorised signatories is kept to a minimum while still allowing for necessary disbursements.

Bank Reconciliation and Statement Review

Assign an independent individual, separate from the authorisation and check-signing function, to receive and reconcile bank statements and cancelled cheques. This person should also review unpaid invoices and perform periodic reconciliations to ensure that the church's accounting records match those of external entities, such as banks and suppliers.

By implementing these internal financial controls, churches can significantly reduce the risk of fraud and embezzlement, protecting their assets and those of their members. These procedures promote transparency, accountability, and good governance within the organisation.

Develop a risk management policy that includes insurance coverage for various types of risks, such as liability, casualty, and sexual misconduct

Churches are increasingly susceptible to lawsuits and claims for false accusations or inappropriate behavior. A good risk management policy should include insurance coverage for various types of risks, such as liability, casualty, and sexual misconduct. Here are some essential components of a comprehensive risk management policy for churches:

Liability Insurance

Liability insurance covers the actions that could leave your church liable for damage to others, including injuries, property damage, or harm to reputation. It is recommended that churches carry at least $1 million in general liability coverage. This insurance will cover the damages for the injured party and usually includes defense costs for litigation.

Casualty Insurance

Casualty insurance covers losses resulting from events such as accidents, natural disasters, or negligence. It is important to assess the specific risks your church may face and ensure you have adequate casualty insurance coverage. Property insurance, for example, covers the things your church owns, while garage insurance is necessary if your church offers valet parking or automotive services.

Sexual Misconduct Liability Insurance

Sexual misconduct liability insurance is vital for any ministry risk management program. It covers designated claims of bodily injury, emotional injury, and personal injury connected to sexual misconduct, including non-employment sexual harassment. Defense costs in these cases can climb into the hundreds of thousands of dollars, so it is recommended that churches have a minimum of $250,000 in coverage and strive for higher limits if possible.

Other Types of Insurance

There are several other types of insurance that churches should consider as part of their risk management policy:

• Directors' and Officers' Liability Insurance: Covers decisions made by your board, officers, or trustees.
• Employment Practices Liability Insurance: Covers claims arising from employment-related events, such as discrimination or wrongful termination.
• Employee Benefits Liability Insurance: Covers claims arising from errors or omissions by an employer regarding employee benefits.
• Professional Liability/Counseling Acts Liability Insurance: Covers claims of physical and emotional harm by pastors and counselors.
• Foreign Liability and Foreign Travel Insurance: If your church members travel internationally, as your basic coverage may have limits or exclusions.
• Workers' Compensation Insurance: Covers medical bills and lost wages for employees injured on the job.
• Hired and Non-Owned Autos Insurance: Provides liability coverage for rented automobiles and other non-owned autos used by church members or employees.
• Excess Liability (Umbrella) Insurance: Provides added coverage for rare but extremely expensive liability claims.

Developing a comprehensive risk management policy that includes insurance coverage for various types of risks is essential for protecting your church's assets, reputation, and members. It is also crucial to foster a good relationship with your insurance agent to ensure open communication and a clear understanding of your coverage.

Conduct regular risk assessments to identify and address potential hazards, such as health and safety risks, and ensure compliance with relevant regulations

Conducting regular risk assessments is a crucial aspect of ensuring the safety and well-being of individuals within the church and fulfilling legal requirements. Here are some detailed steps to guide your church in identifying and addressing potential hazards:

Identify Potential Hazards:

Start by identifying any potential hazards within your church premises and activities that may cause harm. This can include physical, chemical, biological, ergonomic, and psychological hazards. Observe your workplace, review past accident records, consult employees, and refer to manufacturers' instructions to identify hazards.

Identify Who Might be Harmed:

Determine who might be harmed by the identified hazards, including both direct and indirect contact. Consider vulnerable groups such as children, expectant mothers, and lone workers.

Evaluate Risks and Establish Precautions:

Assess the severity of risks and establish effective controls to reduce them as far as reasonably practicable. Consider factors such as the likelihood of harm, severity of consequences, availability of control measures, and associated costs.

Implement Changes and Record Findings:

Implement necessary changes to address the identified risks and record your findings. Keep a risk assessment form to track risks, controls, and responsible parties. Include hazards found, affected persons or groups, controls in place, and the date of the assessment.

Review and Reassess:

Periodically review your risk assessment and reassess controls. Do this after significant changes, accidents, or near-miss incidents. Set a date to review your assessment and adjust it as needed.

Documentation and Record-Keeping:

While risk assessments don't require excessive paperwork, it's important to record significant findings. Document hazards identified, controls in place, further control measures required, and individuals at particular risk. There is no set retention period, but it's best to keep records as long as they are relevant.

Compliance with Health and Safety Regulations:

Ensure that your risk assessments comply with health and safety regulations. As an employer, you must complete risk assessments that meet specific requirements, addressing steps to comply with health and safety laws. This is especially important for hazards like asbestos, where specialist assistance may be needed.

Proportionality in Risk Assessment:

The level of detail in your risk assessment should be proportional to the risk. Small churches with few hazards can opt for simpler assessments based on informed judgment and appropriate guidance.

Training:

Consider providing additional training to those conducting risk assessments to ensure a thorough and accurate evaluation.

Communication:

Communicate the risk assessment process and findings to relevant parties. Involving relevant individuals in the assessment process improves communication and helps ensure buy-in.

Prioritize and Allocate Resources:

Prioritize risks that demand immediate attention and allocate resources accordingly. Develop action plans, assign responsibilities, set deadlines, and provide necessary resources for implementation.

Monitor and Review:

Regularly review your risk management protocols and assess their performance. Compare current scores with previous assessments and identify areas for improvement.

By following these steps, your church can effectively identify and address health and safety risks, ensuring compliance with relevant regulations and fostering a safe environment for all who attend and work there.

Frequently asked questions