Forrest Firm Nonprofit Series: A Quick Guide to Nonprofit Governance in North Carolina

By Virginia Pleasants and Brian Bernhardt

At the Forrest Firm, we often work with faith-based organizations, certified B Corporations, and mission-driven businesses. The largest segment of these types of businesses are those in the nonprofit and tax-exempt sector, which require multiple layers of state and federal compliance. As a result, nonprofit and tax-exempt organizations often receive much higher levels of scrutiny, both from regulatory agencies and their stakeholders, to ensure they are operating with an eye to both compliance and transparency, in addition to mission.

Virginia S. Pleasants

In our recent blog post, “A Quick Guide to Starting Your Nonprofit in North Carolina,” we outlined a number of actions you need to take in order to establish and begin operating a tax-exempt 501(c)(3) organization in North Carolina. In our follow-up blog post, “A Quick Guide to Nonprofit Compliance in North Carolina,” we focused on the annual requirements necessary for maintaining a tax-exempt organization in compliance with relevant federal and state regulations. 

In this third installment of our quick guide series, we move to a third step, focusing on nonprofit governance.  Since the passage of the Pension Protection Act in 2006, the IRS has  involved itself in the corporate governance business, believing that a well-governed tax-exempt organization is a tax-compliant tax-exempt organization.

As a result, the IRS is often asking questions of nonprofit tax-exempt organizations that are less tax-related and more business orientated. Over the years, the IRS has focused on a variety of specific areas for review and examination.

Note: As with our previous articles, we are focusing exclusively on organizations exempt from Federal income tax under section 501(c)(3) of the Internal Revenue Code, which include public charities and private foundations.

Good Governance for a 501(c)(3) Organization in North Carolina

Brian Bernhardt

Governing documents.  When was the last time you reviewed your articles of incorporation?  Do they accurately describe your purpose and reflect how you operate your tax-exempt organization?  Tax-exempt organizations should review or, better yet, have an outside third-party review, their organizational documents at least once every three to five years.  This review will help ensure that the documents continue to meet the needs of the tax-exempt organization and comply with current laws.

Draft a code of ethics.  What happens if one of your employees does something you consider morally wrong, even if it does not violate the law? Can you fire the employee? Or are you stuck until the conduct becomes a pattern? A code of ethics requires a tax-exempt organization’s employees to abide by stated ethical standards and enables these ethical requirements to permeate the organization. By making compliance with a code of ethics a job requirement, tax-exempt organizations can ensure employees not only follow the law, but a higher ethical standard as well.

Draft a whistleblower policy.  What happens if an employee wants to report a supervisor’s misconduct but fears retaliation? A whistleblower policy enables employees to address complaints, unethical conduct, suspected financial improprieties, misuse of business resources, and report potential violations of law.  Properly drafted, it will prohibit retaliation, demotion, or other adverse action against a reporting employee. To accomplish these goals, however, the policy needs to maintain the confidentiality of the reporting employee and provide for reporting outside the ‘chain of command’ when the problem lies within that chain of command. Businesses often include a whistleblower policy within their code of ethics.

Draft a sexual harassment policy.  Related to a whistleblower policy, it has become more and more common for tax-exempt organizations to carve-out and create a separate sexual harassment policy.  Doing so not only gives employees a greater ability to locate the policy and its procedures, but also allows the tax-exempt organization to emphasize the importance it is placing on eliminating, and addressing when necessary, sexual harassment.  As with a whistleblower policy, it is key that a sexual harassment policy maintain confidentiality of reporting employees and provide an avenue for employees to make reports to higher-ups that are not their supervisor, or otherwise in their ‘chain of command,’ when it is the supervisor or someone in that chain of command engaged in the sexual harassment.

Create a document retention policy. How long do you keep old records? Do you know why you are keeping those records, or why you are not keeping them? What are you doing with electronic documents, such as emails and texts? A written document retention policy will establish standards for document integrity, retention and destruction, while also addressing electronic files, backup procedures and archiving. This type of policy will not only protect business records for the appropriate period of time, but will also prevent a business from keeping documents longer than necessary, both of which could cause problems. 

The policy should specify the length of time specific types of documents must be retained; when it is permissible or required to destroy specific types of documents; and procedures for both paper and electronic records (such as emails, texts, and other social media records).  The policy should be circulated to all employees on regular basis, and someone in the organization should be charged with overseeing its implementation and ensuring the policy is followed. It does bear mentioning — no matter what the document retention policy provides – that in order to avoid charges of criminal obstruction, all document destruction should be halted immediately upon notification of a pending or ongoing investigation by a law enforcement agency.

Note on codes of ethics, whistleblower policies, sexual harassment policies, and document retention policies.  Keep in mind that these policies will not further the goals and mission of the tax-exempt organization if they are not created properly.  Tax-exempt organizations should involve their employees, as well as senior leadership and board members, in developing, drafting, adopting and implementing the code of ethics to ensure buy-in from all interested parties. Similarly, tax-exempt organizations should make sure the whistleblower policy, sexual harassment policy, and document retention policy meet their stated goals.

At the same time, these policies are only as good as their application and enforcement.  Ignoring them or applying them haphazardly will set a tax-exempt organization up for disputes, and possible litigation, by disgruntled current and former employees.  And of course, unless tax-exempt organizations provide training to employees regarding the employees’ obligations under these policies, the policies are doomed to gather dust.

Financial examinations.  Does your tax-exempt organization have a well-planned budget? Are its financial statements audited each year? Can you easily access your cash-flow information? Setting a detailed annual budget may be time-consuming, especially if and when unexpected events cause the budget to fly out the window. But taking the time to create the budget will force your tax-exempt organization to take a closer look at its revenue, expenses, and cash-flow, rather than flying by the seat of its pants. In addition, having an independent auditor conduct an annual audit  using generally accepted accounting principles will help the tax-exempt organization better understand where its revenues are coming from, where its expenses are going, find problem areas, and better budget in future years. 

Moreover, creating an audit committee separate from the business owners, the board of directors, the executive committee, and the finance committee to review the audit will help ensure negative financial implications are not swept under the rug.  Lastly, although using the same auditors every year enables them to more easily and better understand the business, it also leads to complacency. Consider changing auditors, or at least the lead auditor, every three to five years.


Although it is not necessarily true that a well-governed tax-exempt organization is a tax-compliant business, it is often true that a poorly governed tax-exempt organization — one that does not keep track of its goals, does not operate using best practices, and fails to set and keep financial management goals — is often a tax problem waiting to happen. And while the list of issues described above is not an exclusive list of potential problems, it does focus on some of the more common areas tax-exempt organization frequently ignore in their day-to-day operations. When tax-exempt organizations address these long-term issues, it will support  short-term business operations and help keep the IRS away.

If you have questions about a nonprofit or tax-exempt organization in North Carolina, please contact us to begin a conversation. From our offices around the state, we take great pride in seeing that our nonprofit and tax-exempt clients operate healthy, growing, and compliant organizations without having to worry about legal headaches.