When it comes to risk, the third sector is not immune. For charities that want to continue their good work in the long term, risk management is essential – and in some cases, it’s legally required.
The importance of risk management
Effective identification and management of risk is a key part of good governance. It enables risks to be monitored, helps with decision making, highlights opportunities and assists with strategic planning. In addition, by issuing annual reports that include details about risks and opportunities, you can better demonstrate accountability to stakeholders. While the level and types of risks faced by each charity differ, financial risk is something every organisation can relate to.
Some potential risks in this category include:
- the stop of funding from other bodies
- future of contracts
- fundraising from the public
- fluctuations in investments
- unexpected rise in demand for services
Other types of risks that an organisation will probably need to consider include governance risks, operational risks, external risks and compliance. Managing risk in a charitable organisation is the responsibility of the trustee body. That doesn’t mean that trustees must carry out the risk management themselves – in many cases, the task is delegated to staff or professional advisers. However the trustees should be sure to review the process and the results. This will allow them to make evidence-based risk statements.
But is risk management required?
Effective risk management is highly recommended for every charity, no matter its size or complexity. However, it is only required for charities that are required to be audited – that is, if they have an income of £500,000 or more, or if they have a gross income exceeding £250,000 with gross assets held exceeding £3.26 million. Smaller charities are still encouraged to make an annual risk management statement as a matter of good practice. Incorporated charities must include a business review in their directors’ report and this must contain a description of the principal risks and uncertainties facing the company.
A risk management statement should provide insight into how a charity handles risk and demonstrate an understanding of the various risks the organisation is exposed to. The wording of the statement is left to the individual organisations’ discretion and, in most cases, there is no need for the statement to be audited.
JCAD CORE risk management software
Managing risk effectively means something different for every organisation. The risks that each charity must deal with vary, depending on its size, nature, the complexity of the work it carries out and its finances. But in every case, having a suitable risk framework in place is key.
JCAD CORE provides a flexible solution to risk management and is ideal for charities. The software makes it easy to set up a risk framework, monitor potential risks and establish what actions need to be taken. Of course, risk management isn’t just about keeping an eye on the bad things that could happen to your organisation – it’s also about spotting potential opportunities – and JCAD CORE helps to provide a clear link to objectives and strategy.