Charities Governance Code – Principle 4: Exercising Control

CalQRisk Analysis – Inside the Charities Governance Code

Charities Governance Code – Principle 4: Exercising Control … what’s that all about?

Just like any other organisation, charities are expected to comply with all relevant legal and regulatory obligations. And while the buck ultimately stops with the trustees of the charity, as it does with the board of directors in other organisations, a charity’s staff and volunteers also have key roles to play in ensuring compliance.

While many organisations tend to view compliance as a tick-box exercise, there are many benefits to establishing and maintaining compliance with your legal and regulatory obligations:

  • Regulators will have more confidence in your organisation,
  • The public will be more likely to donate, and
  • The recruitment of trustees and volunteers may be easier too.

Below, we explain Principle 4 of the Governance Code in a little more detail and suggest what “good governance” might look like.

Where to Start?

One of the core standards under this principle is finding out the laws and regulatory requirements that apply to your charity…and complying with them! But how would you do that in practice?

Our suggested approach, outlined in the diagram below, starts out with identifying all the relevant legal and regulatory obligations. When doing this, you may need to think broader than just the Charities Regulator. For example, the General Data Protection Regulation (GDPR) is probably a concern, and some charities may have requirements from the provision of certain of their services that might make the likes of HIQA or Tusla regulations relevant. If you raise funds from the public, you will also need to review the Charities Regulator’s guidelines on this and consider how you comply with it. too.

Next, comes the gap analysis. You will need to read through each piece of regulation / legislation and identify the relevant obligations that your charity must or should comply with. And, for each obligation, you must also decide whether you comply with it or not.

And finally (and this is the part that many organisations struggle with), you will need evidence. You need to be able to demonstrate that you have done your gap analysis, identified the potential compliance issues, and put action plans in place to fix them. All of this should be backed up by periodic reporting to your senior management team (depending on the size of the organisation) and your board of directors / trustees.

Identify your Risks

Another of the core standard in Principle 4 focuses on identifying the risks your charity is exposed to and how you manage them. Again, we have suggested an approach to this in the diagram below.

Begin with a simple identification exercise – when thinking about the risks your charity is exposed to, consider the context in which you are operating:

  • What services do you provide?
  • What data do you use / collect?
  • What risks are unique to your organisation versus those that may be applicable to almost all charities?

Once you have identified all your risks, you need to identify the controls you have in place to mitigate each risk (this should help solve the “how to manage” the risks part of the core standard). When thinking about your controls, consider whether the compliance obligations you have already satisfied may also be controls that mitigate a risk. It is also worth considering your financial controls here, which satisfies yet another core standard.

Maintain a Risk Register

To finish, we suggest you maintain a risk register with all this information in it. While the maintenance of a risk register is seen as an “Additional Standard” in the Code, you may find it difficult to demonstrate your compliance with this core standard without having a risk register in place… how can you demonstrate that you have identified all of your risks and how they are being managed without one?

Conclusion

While we understand that Principle 4 contains other core standards, our suggestions above may help you and your charity to satisfy the main ones. Remember, evidence is key when trying to demonstrate compliance with any code, whether regulation or legislation.

 

To learn more about how the CalQRisk solution can assist your charity in satisfying the requirements of the Charities Governance Code (and many other relevant obligations), click here.

Recent News

CalQRisk wins CIR Risk Management Product of the Year

CalQRisk, an Irish-developed software application, has won Risk Management Product of the Year in the recent Risk Management ...
Read More
Database

How to Prepare for Cyber Attacks

The potential for cyber-attacks is an ever-increasing concern. Daily, there are stories about organisations, both large and small ...
Read More
Central bank of ireland building

Central Bank of Ireland releases Discussion Paper on the Review of the Consumer Protection Code (CPC)

The Central Bank of Ireland has released a Discussion Paper on the review of the Consumer Protection Code. ...
Read More

CalQRisk attends the MATs Summit 2022

CalQRisk is delighted to be exhibiting at the MATs Summit 2022 in Stratford-Upon-Avon on October 13th and 14th. ...
Read More

CalQRisk attends the Charities Leadership Summit 2022

CalQRisk will be in attendance at the Charities Leadership Summit on September 15th, 2022.   This year's summit ...
Read More
Brokers Ireland Logo

CalQRisk attends the Brokers Ireland Meet the Market Day 2022

CalQRisk will be in attendance at the Brokers Ireland Meet the Market Day at the RDS on September ...
Read More

CalQRisk is Attending the CUMA Autumn Conference

CalQRisk will be attending the CUMA Autumn Conference on Sustainability and Strategy. The conference takes place on September  ...
Read More
laptops on a table doing risk reports

What is Operational Resilience?

Many organisations aim to be operationally resilient, however, what this means and how to practically achieve it can ...
Read More

CalQRisk Shortlisted for CIR Risk Management Awards 2022

CalQRisk is delighted to be shortlisted for the Risk Management Product of the Year at the CIR Risk ...
Read More

Featured Risk and the Failure to Establish a Risk Conscious Culture

One of the first banking scandals of scale was the fraudulent Treasury securities bids by Salomon Brothers traders ...
Read More