Become familiar with privacy legislation in your jurisdiction. In Canada, we must adhere to PIPEDA, the Personal Information Protection and Electronic Documents Act . Some provinces also have privacy legislation for public and/or private sector organizations. Know your local requirements. Check out this handy tip sheet.
Don’t pre-sign cheques. Although the convenience is tempting, this is an “end run” around the authorization process. Signing officers’ responsibility is to review and approve transactions.
Know your obligations under privacy legislation around the handling of credit card numbers and other personal data from members, donors, employees and others.
An office petty cash fund is a useful tool for covering small expenses. Limit access to the responsible staff member(s), and reconcile the fund regularly to catch errors.
Keep cheques in a safe location. Signed blank cheques should be avoided – but if you have “emergency cheques” with a board member’s signature, make sure they’re under lock and key.
Think carefully about who can access your database and for what purposes. Considerations include protecting donor privacy as well as ensuring that all data entry follows specific policies and procedures.
Investigate your database’s capacity for setting up users with specific access privileges. This way, you can allow some staff and volunteers to enter or edit information, and others just to look at records and run reports.
When choosing how to invest surplus cash, consider the safety of your principal, the rate of return, and the accessibility of your cash (i.e. if you needed to, could you cash the investment before the maturity date).