Charities and Not for Profit Sector Seminar · Charities and Not for Profit Sector Seminar ... DP...

Charities and Not for Profit Sector Seminar

16 November 2017 – The Westin Hotel Dublin

Marguarita Martin

Deloitte Ireland Charities and Not for Profit Sector Leader

3

Introductions

John Farrelly, CEO of Charity Regulator

Rachael Gallagher, Deloitte

Lucy Masterson, CEO of Charities Institute Ireland

Naoisha Maher, Deloitte

Thomas Fedigan, Deloitte

Seminar close

Agenda

Charity Regulator CEO

John Farrelly

General Data Protection Regulation (GDPR)

Rachael Gallagher

6

What is personal data?

Any information relating to an identified or identifiable natural person who can be identified, directly or indirectly by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”

7

(a) processed lawfully, fairly and in a transparent manner

(d) accurate and where necessary kept up to date

(b) collected for specified, explicit and legitimate purposes

(c) adequate, relevant and limited to what is necessary

Personal data should be:

The GDPR Principles

8

(e) kept in a form which permits identification for no longer than necessary

(f) processed in a manner that ensures appropriate security

‘Accountability’

The controller shall be responsible for, and be able to demonstratecompliance with these principles.

Personal data should be:

The GDPR Principles (continued)

9

At a Glance

The General Data Protection Regulation (GDPR)

Data Protection FrameworkAll the measures required by the GDPR, when put together, will result in a data protection related framework: DP policy, DP by design and by default, impact assessments, data breach notifications, privacy notices, etc.

AccountabilityNew obligation for controllers and processors to be able to demonstrate and therefore to document their compliance with the GDPR. Organisations will have to appoint a Data Protection Officer in specific situations (e.g. public authorities, large scale monitoring, special categories of data).

Lawful basis

Controllers should identify the lawful basis for their processing activity in the GDPR, document it and update their privacy notices to explain it.

Transparency

When controllers collect personal data they currently have to provide people certain information which is done through a privacy notice. Under the GDPR organisations will be required to provide additional information and ensure that this is done in a concise, easy to understand way.

10

Data Protection by design/by default

Organisations should implement appropriate technical and organisational measures to integrate the necessary safeguards into the processing of personal data.By default, only necessary personal data should be processed. This requires control over: data collection, extent of processing, retention period as well as access to personal data.

Data breach notificationNotify data breach to the data protection authority no later than 72h after becoming aware of it.Notify data breach to affected data subjects without undue delay when likely to result in a high risk for their right to data protection.Processors should report to respective customer-controllers.

Data subjects rights

The GDPR enhances current rights of individuals e.g. subject access requests. New rights such as the right to erasure have been created.

At a Glance (continued)


11

What about consent?


Freely given, specific and informed

Unambiguous

Positive opt-in

Properly documented (accountability)

Easily withdrawn

Stronger rights where consent is lawful basis

Overlap with electronic marketing law (fundraising activities)

12

Preparing for GDPR

Practical Considerations

13


Governance

Consider a Data

Protection Officer

Awareness within your organisation

Get key people

together

Have a project plan

Identify what you

hold

Gap assessment

Risk assess

14


Accountability

Policies and underlying procedures to support GDPR requirements

Monitor and review

Needs based data protection training

Record of processing

Integration of privacy by design approaches

When to conduct a Data Protection Impact Assessment

Identify data processors

Review and update data processor contracts

15


Fairness and Transparency

Identify the lawful basis for your processing activities

Document this

Explain this to individuals

Review how you seek, record and manage consent

Review systems used to record consent

Ensure audit trail

Obligations where you collect data from children

16


Individual Rights

Review your privacy notices

Check whether you can comply with new rights

Review data access request handling procedures

System/technology capabilities

17


Breach Notification

Established procedure for managing breaches

Mechanisms for assessing and reporting notifiable breaches to the Data Protection Commissioner

Mechanisms for reporting breaches to individuals

Staff and volunteer training

18

1. Stakeholder awareness

2. Readiness assessment

3. Understand your personal data

4. Risk assess

5. Make a plan

6. TAKE ACTION!

Where Do We Start?

The General Data Protection Regulation

Charities Institute Ireland CEO

Lucy Masterson

Charities 2037

background & ambition

BEFORE EMBARKING ON A JOURNEY OF CHANGE, IT IS CRITICAL TO KNOW WHERE YOU ARE

STARTING FROM

• Interviews with 25 charity leaders:

• Specialists, Chairpersons; CEOs; Government;

Governance.

• Surveys with key stakeholder groups:

• General Public – nationally representative survey

of 1,000

• Staff members. Survey made available through

Charities Institute Ireland member organisations.

364 responses in total.

• Volunteers - Survey made available through

Charities Institute Ireland member organisations –

101 in total.

METHODOLOGY

• What should be expected from the charity sector (and conversely what is unrealistic)

• The impact of regulation

• The need for professionalism and its implication for organisational structure ( have we too many

charities? Is it a recognised career path etc.?)

• How do we deal with specialists/specialties?

• The role of the State

• The role of the volunteer and need for renewal of volunteers

• The requirements for change and innovation

KEY ISSUES TO PROVOKE DISCUSSION

AND DEBATE

AND 2037 IS NOT THAT FAR

AWAY…

• In 1997…

• Divorce became legal in Ireland.

• Bertie Ahern becomes Taoiseach, Mary McAleese becomes President.

• Bill Clinton was sworn in for a second term as President of the United States.

• Tony Blair becomes British Prime Minister.

• UK hands sovereignty of Hong Kong back to China.

• Bloomsbury publish Harry Potter and the Philosopher's Stone.

• Teletubbies starts on BBC.

• Steve Jobs returns to Apple.

AND IN 1997 THE CHARITY

SECTOR

• Was largely unregulated

AND LOOKING FORWARD TO 2037

• CSO has produced population projections nationally and for each of the planning regions to 2031.

• The increase in population will continue apace – with anticipated growth of 613,000 (13%). The nature and structure of that population will

change.

• Conservatively the population of Dublin could reach 2.6 million by 2050

• The numbers of people aged 25 to 64 is projected to increase by 3.4 per cent for the State but at a regional level it will fluctuate. The Mid-

East, Dublin and Midland regions are projected to increase by 13.4, 11.7 and 0.3 per cent respectively. All other regions will experience

decreases in the population in this age group.

• The number of old persons (65 years and over) will almost double in every region over the life-time of the projections, with the most marked

increases likely to occur in the Mid-East (+136.5%) and Midland (+95.1%) regions.

• Similarly, ESRI population projections to 2030 project an increase of approximately 14% as a central scenario, with the high population

projection with an increase of 23% considered equally likely due to the potential ramifications of Brexit on European population shifts (Wren et

al., 2017).

• This implies that not only will there be more people who might engage with charities as donors or volunteers but also that there will be a

greater need for charities by beneficiaries.

OUTCOMES AND INSIGHTS

• Almost two thirds (61%) of the public believe that charities

have an important role to play in Irish society.

• Just over half believe (53%) that they provide services that

compliment the work of the State.

• Seventy percent of the public believe that the State is relying

too much on the charity sector.

• Almost two- thirds (64%) of the public believe that there are

too many charities and that those with a similar scope and

intent should consider merging (68%).

• However despite this recognition only half of the respondents

think charities will continue to have the same relevance 20

years from now.

CHARITABLE ORGANISATIONS ARE PERCEIVED AS

CORE PART OF SOCIETY…

OVERWHELMING SENSE AND DESIRE

THAT CHANGE NEEDS TO HAPPEN

CHANGE!

• There is a need for visionaries and drivers of change

• The role of the Board in seeking and defining the

strategic direction is crucial.

“Overall the challenge for charities is often the challenge for

Ireland, in having visionaries and those in power to look at

what we want in our society going forward and how we are

going to pay for and deliver the services” Staff member

TRANSPARENCY

“Don’t fight regulation and transparency. Use it to build trust. Use it to do things that you know you need to do.

Make it work for you” Frances McCandless, Chief Executive Charity Commission for Northern Ireland.

• Regulation is welcome. It is perceived to offer protection

and best practice for the sector in three distinct areas:

• Building public trust

• Raising operating standards

• Climate of protection for Trustees

• Governance a key catalyst for change and there is a universal

recognition that we are only still in the foothills of that journey

• Charities cannot expect to retain or attract

the brightest and best when the sector are

feeling defensive and apologetic about

their roles and right to earn a living.

• Reaching full employment in our economy

so the current perspective of altruism over

pay for professional jobs not realistic.

Charity leaders need to address this not

charity staff.

• A vibrant sector requires passionate pool

of people working in it who are

unapologetic that they are earning a living

wage.

ATTRACTING TALENT

THE NEED FOR DATA

Robust Data = Robust Argument and Debate

“You simply have to measure (at an economically appropriate cost) the impact

of work done. This has to happen at project, organisation and sectoral level.”

Government policy advisor

ALMS FOR THE POOR

• Everyone is in agreement that charities should be the best at what they do and that they

are run well. However, the model for charitable service delivery is stuck in the past.

• This traditional model is causing the outcry over salary, expense and cost and it needs to

be addressed and challenged by the sector, its trustees, its funders and its advocates.

“THE BEST WAY TO PREDICT THE

FUTURE IS TO CREATE IT”

Abraham Lincoln

WE BEGAN WITH THE END IN MIND?

• Charity sector will remain a core part of Irish society in 2037

• For that to happen it needs to plan strategically

• Need to move from crisis mode

• There are core issues that need to be unapologetically put up front and centre by the

sector

• Other stakeholders must be asked for their help and participate in our evolution.

WHAT WILL THE SECTOR LOOK LIKE

IN 2037?

• It will be understood by all stakeholders

• It will be playing to its strengths

• It will have world class organisations with top quality staff

• It will be recognised and understood in society for the benefits it brings

• It will be a defining characteristic of our society

• It will compliment rather than compete with the State

Sector Insights

Naoisha Maher

4040

Companies (Accounting) Act 2017

Effective periods beginning 1 January 2017

Key points to note

Income and expenditure account now allowed

Citation unchanged : Companies Act 2014

Notes must be in numerical order

Exemption from showing comparative notes for fixed assets and provisions

Mandatory electronic filing with the CRO from1 June 2017

4141

VAT Rebate

Key points to note

Charities entitled to a refund

of a proportion

of VAT costs

based on level of

non public funding received

Private non-

charity expenses are not eligible

Capped fund of €5

million available and will be pro-rated

Claims cannot

start until 2019

Qualifying charities must be

registered with

Charities Regulator, have tax clearance

and provide audited financial

statements

Claims below

€500 will not

qualify

Can your systems capture

VAT?

4242

Charities – Positive Impacts in Challenging Times

What charities do and how they are

managed and operated

What the public think charities do

and how they should be managed

and operated

Disconnect

4343

How can charities demonstrate they are making a positive impact?

How can charities retain public trust?

How can charities become more resilient?

How can charities maximise their resources?


ICAEW report

Areas of Focus

4444

Be clear how the charity applies its funds

Use social media and your own website to reach out to stakeholders

Uphold the highest standards

Identify the difference your charity work has made

Be transparent, accountable and honest

Be more open and discursive in reporting

Be more proactive in explaining the impact of your work


How can charities demonstrate they are making a positive impact?

4545


How can charities retain public trust?

Address skills

gaps/diversity

Invest in

operational

areas

More

effective

leadership

4646


Effective financial

monitoring

Refresh your

strategic planning

Be change ready

Manage risk

effectively

Develop a robust

reserves policy

How can charities become more resilient?

4747


Critically evaluate the reserves you need to hold

Explain why you need to hold reserves and what the target level is

Explain the longer term trends i.e. over five years

Know when you can draw down on reserves

Review the policy at least once a year

How to develop a robust reserves policy

4848


How can charities maximise their resources?

More selective in accepting contracts

• Be more discerning

• Don’t accept at any price

• Funders to be more realistic

• Engage with small charities as well

Consider operating models

• More proactive in seeking help

• Strategic alliances

• Some new funding streams

• Be creative!

Efficiency/Effectiveness

Annual Reports

Thomas Fedigan

5050

Annual Reports

What does the SORP require?

Objectives and Activities

Achievements and Performance

Financial Review

Structure, Governance and Management

Reference and Administrative Details

Plans for future periods

Funds held as a custodian trustee

5151

The changes driven by the new SORP require transparency and balance in charities annual reports. This provides an opportunity for charities to promote, advertise and celebrate their achievements.

Now is the time for Irish charities to make a splash, tell their storyand find their own style.

The main objective of the survey was to consider how particular requirements regarding the content of annual reports as required by the new SORP have been applied by a sample of charities.*

* Irish survey results derived from a sample of SORP compliant Irish charities selected from benefacts.ie, whose annual reports are publically available on the charity website; UK survey results extracted from Deloitte UK report “challenges and uncertainties – October 2017”.

Annual Reports

5252

Annual Reports

Timing and Length of Reporting

What is the

timeframe to report

< 100 Days < 150 Days

< 200 Days > 200 Days

What is the length

of annual reports

< 50 Pages < 75 Pages

< 100 Pages > 100 Pages

53

Annual Reports

Making an Impact

Visual

Directors and Executive Team

Impact

Transparent

- Annual reports should be visually appealing.

- Use of graphs, infographics and charts is encouraged.

- Consider use of casestudies highlighting the impact of the services provided.

- Disclosing the method of appointing directors/trustees and details of the inductiontraining offered

- Disclosure of the names or roles of senior management team - not only the Chief Executive.

- Inclusion of a discussion on management pay with particular focus on the key management remuneration policy.

- Ensure a clear disclosure on what the charity is including in the key management remuneration calculation.

- Disclosure of the amount and type of directors/trustees expenses reimbursed.

- Reduce long sections of narrative and replace with visual aids.

- Inclusion of a “key facts” or “Executive Summary”

- Ensure the impact of the charitable activities and use of funds is clearly demonstrated in the annual report

- Inclusion of detail on the role and activities carried out by volunteers to allow understanding of nature and scale.

Balances Reporting & KPIs

- Present a balanced view of successes and failuresalong with supporting evidence demonstrating achievements against objectives set.

- Include a summary of the measures or indicators used to assess performance.

5454

Annual Reports

Exposure to Major Risks

How Comprehensive is the discussion of principal risks in Trustees Reports?

16%

84%

IRISH SURVEY

Risks disclosed but vague content andno mitigation factors noted

Risks clearly disclosed and mitigatingfactors addressed

14%

80%

6%

UK SURVEY

Risks disclosed but vague content andno mitigation factors noted

Risks clearly disclosed and mitigatingfactors addressed

No disclosure of principal risks

5555

Annual Reports

Top 5 Risks in Irish Trustee Report Survey

Operational Matters (incl. response to major disasters)

Reputation Issues

Income and Funding Challenges

#1

#2

#3

#4

#5

Dealing with and countering Fraud

Compliance (incl. donor agreements, laws and regulations)

5656

Annual Reports

Activities in Trustee Reports vs Statement of Financial Activities

How does charitable expenditure link to activities and achievements described in the trustees report?

89%

11%

IRISH SURVEY

Consistent

Inconsistency between charitableexpenditure and the trustees report

58%

42%

UK SURVEY

Consistent

Inconsistency between charitableexpenditure and the trustees report

5757

Annual Reports

Balanced Reporting

89% of Trustee Reports surveyed discuss

achievements during the year

42% of Charities raise areas for improvement their

trustee report

26% of Charities disclose a clear benchmark to assess

performance in the year against targets

5858

Annual Reports

Reserves Policy

What is included in the Trustee Report?

Disclosing specific targets is considered

helpful

Usefulness of this section varied

considerably

100% of Irish & UK Charities included a

section on their policy

5959

Annual Reports

What does the SORP require in the “Plans for the Future” section?

“The trustees report must provide a summary of the charity’s plans for the future, including its aims and objectives and details of any activities planned to achieve

them?”

Move away from general statements

Include disclosure on detailed plans

Link prior year plans to current year achievements

Reflecting from lessons learned

Consider resources required to achieve plans

How can we achieve this?

6060

Annual Reports

Final Thoughts

Information on all Irish Charities and Not for Profits is not publically available

The focus is on those Irish Charities and Not for Profits who state they are SORP compliant, per the Benefacts.ie database and accordingly doesn’t represent the majority of Charities in Ireland

Survey results highlight what Irish SORP reporters are doing well

Provides a snapshot to SORP adopters on the key areas of focus in annual reports

The annual report shares the impact that the Charity makes and should be a key priority

Questions and Seminar Close

Charities and Not for Profit Sector Seminar · Charities and Not for Profit Sector Seminar ... DP...

Documents

Transcript of Charities and Not for Profit Sector Seminar · Charities and Not for Profit Sector Seminar ... DP...