Matching SOX for good governance

Lynda St. Clair, Ph.D.

Like for-profit corporations, organizations in the nonprofit sector are not immune from poor financial management and fraud. Unlike for-profits, however, nonprofits are not subject to all the requirements of the Sarbanes-Oxley Act, of 2002 (SOX), which Congress passed in the wake of numerous corporate scandals to strengthen standards of fiduciary duty and improve corporate governance

Because Sarbanes-Oxley does not generally include nonprofits, some nonprofit leaders and board members may not be taking advantage of the policies and practices it suggests.

Why comply with the requirements of a federal law that doesn’t technically apply to your organization, particularly when state, rather than federal, law has primary jurisdiction over nonprofits?

Well, in some cases, state governments (e.g., NY, CA) are pushing for the application of Sarbanes-Oxley to nonprofits; other states (e.g., CT, HI, MA, KS, NH, ME) are requiring that certain nonprofits provide audited financial statements (Blodgett and Melconian, 2012).

Even in the absence of federal or state regulations, because nonprofits are dependent on the public trust, meeting high standards for good governance is important.  As researchers Mark Blodgett and Linda Melconian note, “as long as [nonprofits] remain primarily outside the scope of Sarbanes-Oxley, they must take the initiative to increase their understanding and enforcement of fiduciary duties and best practices to sustain the public trust” (2012, p. 200)

To help your organization address the issue of effective governance and financial management, here are some questions to consider.

Policies and Practices

  • Have Board members and top-level organizational leaders discussed:
  • the organization’s ethics code?
  • the importance of good governance practices?
  • their individual fiduciary responsibilities to the organization?

Internal Controls

  • Have key organization leaders (e.g., CEO, Executive Director, CFO) established and maintained a system of internal controls?
  • Has an analysis of internal control weaknesses and the potential for fraud been conducted?
  • Were any material problems found?
  • How were those problems addressed?
  • Have there been any significant changes in financial controls since they were last analyzed?
  • Might any of those changes make it more difficult to prevent or detect fraud in the future?

Financial Statements

  • Are financial statements subject to an independent audit?
  • Have key organization leaders and Board members:
  • reviewed the financial data?
  • satisfied themselves that it accurately represents past operations?
  • satisfied themselves that it accurately represents the current financial status of the organization?

Answering the questions above, which were modeled on the key points regarding organizational responsibility in Title 3 of the Sarbanes-Oxley Act, can help your organization evaluate its current practices, identify areas for improvement, and avoid negative surprises.


Blodgett, M. S. and Melconian, L. (2012). Health-care Nonprofits: Enhancing Governance and Public Trust. Business and Society Review, 117(2): 197-219. [Available at  SSRN: or]

Sarbanes-Oxley Act of 2002. Public Law 107-204, accessed from

Lynda St. Clair, Ph.D., is a retired management professor and co-author of Becoming a Master Manager, now in its fifth edition.

Leave a Response

Your email address will not be published. All fields are required.