Auditing Not-for-Profit Organisations: Key Considerations

Auditing a charity or not-for-profit organisation is not just a smaller version of auditing a company. The governance structures, funding models, regulatory requirements, and specific risks are fundamentally different — and getting them wrong carries reputational consequences that extend beyond the balance sheet.

The Regulatory Framework

In England and Wales, charities above the audit threshold (income over £1 million, or income over £250,000 with assets over £3.26 million) require a statutory audit. The Charity Commission is the regulator, and charities must follow the Charities SORP (Statement of Recommended Practice), which governs how the financial statements are presented. Scotland and Northern Ireland have their own regulators and legislation. Academy trusts follow the Academies Accounts Direction published by the ESFA. Housing associations follow the Housing SORP and are regulated by the Regulator of Social Housing.

Restricted Funds: The Highest-Risk Area

Restricted funds — grants and donations designated for specific purposes by the donor — are the most common source of material misstatement and regulatory concern in charity audits. The auditor must verify that restricted income has been applied strictly in accordance with the restriction terms. Pooling restricted and unrestricted funds, applying restricted income to the wrong project, or failing to carry forward unspent restricted balances correctly are all material issues. A separate note disclosing each material restricted fund is required by the SORP.

Going Concern in the NPO Sector

Many charities and NPOs operate with thin reserves and depend on grant income that must be renewed. Going concern risk is often elevated compared to commercial entities. The auditor must assess whether management's going concern evaluation is appropriate — including the adequacy of reserves, the pipeline of grant renewals, and any contingent liabilities from funders. Significant uncertainty must be clearly disclosed in the accounts and the audit report.

Governance and Related Party Risk

Charities are governed by trustees who typically serve voluntarily and may have limited financial expertise. Transactions between the charity and trustees or connected persons are subject to strict legal restrictions. The auditor must understand the charity's governing document, identify all transactions with related parties, and assess whether proper authorisation and disclosure has occurred.

Additional Reporting Obligations

Charity auditors have reporting obligations beyond the standard ISA audit report. Under the Charities Act 2011, auditors must report to the Charity Commission if they have reasonable cause to believe the charity has committed a serious incident (significant fraud, serious regulatory breach, significant loss of funds). This obligation exists even if the charity's management has not themselves reported it.

Further Reading

• ISA 240 Fraud in an Audit
• Auditor Ethics and Independence
• Audit CPD

Study with Learnsignal: Audit CPD for qualified accountants. Browse CPD.