Charities and Not for Profit Sector Seminar · Charities and Not for Profit Sector Seminar ... DP...
Transcript of Charities and Not for Profit Sector Seminar · Charities and Not for Profit Sector Seminar ... DP...
Charities and Not for Profit Sector Seminar
16 November 2017 – The Westin Hotel Dublin
Marguarita Martin
Deloitte Ireland Charities and Not for Profit Sector Leader
3
Introductions
John Farrelly, CEO of Charity Regulator
Rachael Gallagher, Deloitte
Lucy Masterson, CEO of Charities Institute Ireland
Naoisha Maher, Deloitte
Thomas Fedigan, Deloitte
Seminar close
Agenda
Charity Regulator CEO
John Farrelly
General Data Protection Regulation (GDPR)
Rachael Gallagher
6
What is personal data?
Any information relating to an identified or identifiable natural person who can be identified, directly or indirectly by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”
7
(a) processed lawfully, fairly and in a transparent manner
(d) accurate and where necessary kept up to date
(b) collected for specified, explicit and legitimate purposes
(c) adequate, relevant and limited to what is necessary
Personal data should be:
The GDPR Principles
8
(e) kept in a form which permits identification for no longer than necessary
(f) processed in a manner that ensures appropriate security
‘Accountability’
The controller shall be responsible for, and be able to demonstratecompliance with these principles.
Personal data should be:
The GDPR Principles (continued)
9
At a Glance
The General Data Protection Regulation (GDPR)
Data Protection FrameworkAll the measures required by the GDPR, when put together, will result in a data protection related framework: DP policy, DP by design and by default, impact assessments, data breach notifications, privacy notices, etc.
AccountabilityNew obligation for controllers and processors to be able to demonstrate and therefore to document their compliance with the GDPR. Organisations will have to appoint a Data Protection Officer in specific situations (e.g. public authorities, large scale monitoring, special categories of data).
Lawful basis
Controllers should identify the lawful basis for their processing activity in the GDPR, document it and update their privacy notices to explain it.
Transparency
When controllers collect personal data they currently have to provide people certain information which is done through a privacy notice. Under the GDPR organisations will be required to provide additional information and ensure that this is done in a concise, easy to understand way.
10
Data Protection by design/by default
Organisations should implement appropriate technical and organisational measures to integrate the necessary safeguards into the processing of personal data.By default, only necessary personal data should be processed. This requires control over: data collection, extent of processing, retention period as well as access to personal data.
Data breach notificationNotify data breach to the data protection authority no later than 72h after becoming aware of it.Notify data breach to affected data subjects without undue delay when likely to result in a high risk for their right to data protection.Processors should report to respective customer-controllers.
Data subjects rights
The GDPR enhances current rights of individuals e.g. subject access requests. New rights such as the right to erasure have been created.
At a Glance (continued)
The General Data Protection Regulation (GDPR)
11
What about consent?
The General Data Protection Regulation (GDPR)
Freely given, specific and informed
Unambiguous
Positive opt-in
Properly documented (accountability)
Easily withdrawn
Stronger rights where consent is lawful basis
Overlap with electronic marketing law (fundraising activities)
12
Preparing for GDPR
Practical Considerations
13
Practical Considerations
Governance
Consider a Data
Protection Officer
Awareness within your organisation
Get key people
together
Have a project plan
Identify what you
hold
Gap assessment
Risk assess
14
Practical Considerations
Accountability
Policies and underlying procedures to support GDPR requirements
Monitor and review
Needs based data protection training
Record of processing
Integration of privacy by design approaches
When to conduct a Data Protection Impact Assessment
Identify data processors
Review and update data processor contracts
15
Practical Considerations
Fairness and Transparency
Identify the lawful basis for your processing activities
Document this
Explain this to individuals
Review how you seek, record and manage consent
Review systems used to record consent
Ensure audit trail
Obligations where you collect data from children
16
Practical Considerations
Individual Rights
Review your privacy notices
Check whether you can comply with new rights
Review data access request handling procedures
System/technology capabilities
17
Practical Considerations
Breach Notification
Established procedure for managing breaches
Mechanisms for assessing and reporting notifiable breaches to the Data Protection Commissioner
Mechanisms for reporting breaches to individuals
Staff and volunteer training
18
1. Stakeholder awareness
2. Readiness assessment
3. Understand your personal data
4. Risk assess
5. Make a plan
6. TAKE ACTION!
Where Do We Start?
The General Data Protection Regulation
Charities Institute Ireland CEO
Lucy Masterson
Charities 2037
background & ambition
BEFORE EMBARKING ON A JOURNEY OF CHANGE, IT IS CRITICAL TO KNOW WHERE YOU ARE
STARTING FROM
• Interviews with 25 charity leaders:
• Specialists, Chairpersons; CEOs; Government;
Governance.
• Surveys with key stakeholder groups:
• General Public – nationally representative survey
of 1,000
• Staff members. Survey made available through
Charities Institute Ireland member organisations.
364 responses in total.
• Volunteers - Survey made available through
Charities Institute Ireland member organisations –
101 in total.
METHODOLOGY
• What should be expected from the charity sector (and conversely what is unrealistic)
• The impact of regulation
• The need for professionalism and its implication for organisational structure ( have we too many
charities? Is it a recognised career path etc.?)
• How do we deal with specialists/specialties?
• The role of the State
• The role of the volunteer and need for renewal of volunteers
• The requirements for change and innovation
KEY ISSUES TO PROVOKE DISCUSSION
AND DEBATE
AND 2037 IS NOT THAT FAR
AWAY…
• In 1997…
• Divorce became legal in Ireland.
• Bertie Ahern becomes Taoiseach, Mary McAleese becomes President.
• Bill Clinton was sworn in for a second term as President of the United States.
• Tony Blair becomes British Prime Minister.
• UK hands sovereignty of Hong Kong back to China.
• Bloomsbury publish Harry Potter and the Philosopher's Stone.
• Teletubbies starts on BBC.
• Steve Jobs returns to Apple.
AND IN 1997 THE CHARITY
SECTOR
• Was largely unregulated
AND LOOKING FORWARD TO 2037
• CSO has produced population projections nationally and for each of the planning regions to 2031.
• The increase in population will continue apace – with anticipated growth of 613,000 (13%). The nature and structure of that population will
change.
• Conservatively the population of Dublin could reach 2.6 million by 2050
• The numbers of people aged 25 to 64 is projected to increase by 3.4 per cent for the State but at a regional level it will fluctuate. The Mid-
East, Dublin and Midland regions are projected to increase by 13.4, 11.7 and 0.3 per cent respectively. All other regions will experience
decreases in the population in this age group.
• The number of old persons (65 years and over) will almost double in every region over the life-time of the projections, with the most marked
increases likely to occur in the Mid-East (+136.5%) and Midland (+95.1%) regions.
• Similarly, ESRI population projections to 2030 project an increase of approximately 14% as a central scenario, with the high population
projection with an increase of 23% considered equally likely due to the potential ramifications of Brexit on European population shifts (Wren et
al., 2017).
• This implies that not only will there be more people who might engage with charities as donors or volunteers but also that there will be a
greater need for charities by beneficiaries.
OUTCOMES AND INSIGHTS
• Almost two thirds (61%) of the public believe that charities
have an important role to play in Irish society.
• Just over half believe (53%) that they provide services that
compliment the work of the State.
• Seventy percent of the public believe that the State is relying
too much on the charity sector.
• Almost two- thirds (64%) of the public believe that there are
too many charities and that those with a similar scope and
intent should consider merging (68%).
• However despite this recognition only half of the respondents
think charities will continue to have the same relevance 20
years from now.
CHARITABLE ORGANISATIONS ARE PERCEIVED AS
CORE PART OF SOCIETY…
OVERWHELMING SENSE AND DESIRE
THAT CHANGE NEEDS TO HAPPEN
CHANGE!
• There is a need for visionaries and drivers of change
• The role of the Board in seeking and defining the
strategic direction is crucial.
“Overall the challenge for charities is often the challenge for
Ireland, in having visionaries and those in power to look at
what we want in our society going forward and how we are
going to pay for and deliver the services” Staff member
TRANSPARENCY
“Don’t fight regulation and transparency. Use it to build trust. Use it to do things that you know you need to do.
Make it work for you” Frances McCandless, Chief Executive Charity Commission for Northern Ireland.
• Regulation is welcome. It is perceived to offer protection
and best practice for the sector in three distinct areas:
• Building public trust
• Raising operating standards
• Climate of protection for Trustees
• Governance a key catalyst for change and there is a universal
recognition that we are only still in the foothills of that journey
• Charities cannot expect to retain or attract
the brightest and best when the sector are
feeling defensive and apologetic about
their roles and right to earn a living.
• Reaching full employment in our economy
so the current perspective of altruism over
pay for professional jobs not realistic.
Charity leaders need to address this not
charity staff.
• A vibrant sector requires passionate pool
of people working in it who are
unapologetic that they are earning a living
wage.
ATTRACTING TALENT
THE NEED FOR DATA
Robust Data = Robust Argument and Debate
“You simply have to measure (at an economically appropriate cost) the impact
of work done. This has to happen at project, organisation and sectoral level.”
Government policy advisor
ALMS FOR THE POOR
• Everyone is in agreement that charities should be the best at what they do and that they
are run well. However, the model for charitable service delivery is stuck in the past.
• This traditional model is causing the outcry over salary, expense and cost and it needs to
be addressed and challenged by the sector, its trustees, its funders and its advocates.
“THE BEST WAY TO PREDICT THE
FUTURE IS TO CREATE IT”
Abraham Lincoln
WE BEGAN WITH THE END IN MIND?
• Charity sector will remain a core part of Irish society in 2037
• For that to happen it needs to plan strategically
• Need to move from crisis mode
• There are core issues that need to be unapologetically put up front and centre by the
sector
• Other stakeholders must be asked for their help and participate in our evolution.
WHAT WILL THE SECTOR LOOK LIKE
IN 2037?
• It will be understood by all stakeholders
• It will be playing to its strengths
• It will have world class organisations with top quality staff
• It will be recognised and understood in society for the benefits it brings
• It will be a defining characteristic of our society
• It will compliment rather than compete with the State
Sector Insights
Naoisha Maher
4040
Companies (Accounting) Act 2017
Effective periods beginning 1 January 2017
Key points to note
Income and expenditure account now allowed
Citation unchanged : Companies Act 2014
Notes must be in numerical order
Exemption from showing comparative notes for fixed assets and provisions
Mandatory electronic filing with the CRO from1 June 2017
4141
VAT Rebate
Key points to note
Charities entitled to a refund
of a proportion
of VAT costs
based on level of
non public funding received
Private non-
charity expenses are not eligible
Capped fund of €5
million available and will be pro-rated
Claims cannot
start until 2019
Qualifying charities must be
registered with
Charities Regulator, have tax clearance
and provide audited financial
statements
Claims below
€500 will not
qualify
Can your systems capture
VAT?
4242
Charities – Positive Impacts in Challenging Times
What charities do and how they are
managed and operated
What the public think charities do
and how they should be managed
and operated
Disconnect
4343
How can charities demonstrate they are making a positive impact?
How can charities retain public trust?
How can charities become more resilient?
How can charities maximise their resources?
Charities – Positive Impacts in Challenging Times
ICAEW report
Areas of Focus
4444
Be clear how the charity applies its funds
Use social media and your own website to reach out to stakeholders
Uphold the highest standards
Identify the difference your charity work has made
Be transparent, accountable and honest
Be more open and discursive in reporting
Be more proactive in explaining the impact of your work
Charities – Positive Impacts in Challenging Times
How can charities demonstrate they are making a positive impact?
4545
Charities – Positive Impacts in Challenging Times
How can charities retain public trust?
Address skills
gaps/diversity
Invest in
operational
areas
More
effective
leadership
4646
Charities – Positive Impacts in Challenging Times
Effective financial
monitoring
Refresh your
strategic planning
Be change ready
Manage risk
effectively
Develop a robust
reserves policy
How can charities become more resilient?
4747
Charities – Positive Impacts in Challenging Times
Critically evaluate the reserves you need to hold
Explain why you need to hold reserves and what the target level is
Explain the longer term trends i.e. over five years
Know when you can draw down on reserves
Review the policy at least once a year
How to develop a robust reserves policy
4848
Charities – Positive Impacts in Challenging Times
How can charities maximise their resources?
More selective in accepting contracts
• Be more discerning
• Don’t accept at any price
• Funders to be more realistic
• Engage with small charities as well
Consider operating models
• More proactive in seeking help
• Strategic alliances
• Some new funding streams
• Be creative!
Efficiency/Effectiveness
Annual Reports
Thomas Fedigan
5050
Annual Reports
What does the SORP require?
Objectives and Activities
Achievements and Performance
Financial Review
Structure, Governance and Management
Reference and Administrative Details
Plans for future periods
Funds held as a custodian trustee
5151
The changes driven by the new SORP require transparency and balance in charities annual reports. This provides an opportunity for charities to promote, advertise and celebrate their achievements.
Now is the time for Irish charities to make a splash, tell their storyand find their own style.
The main objective of the survey was to consider how particular requirements regarding the content of annual reports as required by the new SORP have been applied by a sample of charities.*
* Irish survey results derived from a sample of SORP compliant Irish charities selected from benefacts.ie, whose annual reports are publically available on the charity website; UK survey results extracted from Deloitte UK report “challenges and uncertainties – October 2017”.
Annual Reports
5252
Annual Reports
Timing and Length of Reporting
What is the
timeframe to report
< 100 Days < 150 Days
< 200 Days > 200 Days
What is the length
of annual reports
< 50 Pages < 75 Pages
< 100 Pages > 100 Pages
53
Annual Reports
Making an Impact
Visual
Directors and Executive Team
Impact
Transparent
- Annual reports should be visually appealing.
- Use of graphs, infographics and charts is encouraged.
- Consider use of casestudies highlighting the impact of the services provided.
- Disclosing the method of appointing directors/trustees and details of the inductiontraining offered
- Disclosure of the names or roles of senior management team - not only the Chief Executive.
- Inclusion of a discussion on management pay with particular focus on the key management remuneration policy.
- Ensure a clear disclosure on what the charity is including in the key management remuneration calculation.
- Disclosure of the amount and type of directors/trustees expenses reimbursed.
- Reduce long sections of narrative and replace with visual aids.
- Inclusion of a “key facts” or “Executive Summary”
- Ensure the impact of the charitable activities and use of funds is clearly demonstrated in the annual report
- Inclusion of detail on the role and activities carried out by volunteers to allow understanding of nature and scale.
Balances Reporting & KPIs
- Present a balanced view of successes and failuresalong with supporting evidence demonstrating achievements against objectives set.
- Include a summary of the measures or indicators used to assess performance.
5454
Annual Reports
Exposure to Major Risks
How Comprehensive is the discussion of principal risks in Trustees Reports?
16%
84%
IRISH SURVEY
Risks disclosed but vague content andno mitigation factors noted
Risks clearly disclosed and mitigatingfactors addressed
14%
80%
6%
UK SURVEY
Risks disclosed but vague content andno mitigation factors noted
Risks clearly disclosed and mitigatingfactors addressed
No disclosure of principal risks
5555
Annual Reports
Top 5 Risks in Irish Trustee Report Survey
Operational Matters (incl. response to major disasters)
Reputation Issues
Income and Funding Challenges
#1
#2
#3
#4
#5
Dealing with and countering Fraud
Compliance (incl. donor agreements, laws and regulations)
5656
Annual Reports
Activities in Trustee Reports vs Statement of Financial Activities
How does charitable expenditure link to activities and achievements described in the trustees report?
89%
11%
IRISH SURVEY
Consistent
Inconsistency between charitableexpenditure and the trustees report
58%
42%
UK SURVEY
Consistent
Inconsistency between charitableexpenditure and the trustees report
5757
Annual Reports
Balanced Reporting
89% of Trustee Reports surveyed discuss
achievements during the year
42% of Charities raise areas for improvement their
trustee report
26% of Charities disclose a clear benchmark to assess
performance in the year against targets
5858
Annual Reports
Reserves Policy
What is included in the Trustee Report?
Disclosing specific targets is considered
helpful
Usefulness of this section varied
considerably
100% of Irish & UK Charities included a
section on their policy
5959
Annual Reports
What does the SORP require in the “Plans for the Future” section?
“The trustees report must provide a summary of the charity’s plans for the future, including its aims and objectives and details of any activities planned to achieve
them?”
Move away from general statements
Include disclosure on detailed plans
Link prior year plans to current year achievements
Reflecting from lessons learned
Consider resources required to achieve plans
How can we achieve this?
6060
Annual Reports
Final Thoughts
Information on all Irish Charities and Not for Profits is not publically available
The focus is on those Irish Charities and Not for Profits who state they are SORP compliant, per the Benefacts.ie database and accordingly doesn’t represent the majority of Charities in Ireland
Survey results highlight what Irish SORP reporters are doing well
Provides a snapshot to SORP adopters on the key areas of focus in annual reports
The annual report shares the impact that the Charity makes and should be a key priority
Questions and Seminar Close