Any charity required by law to have their accounts audited must make a risk management statement in their trustees’ annual report confirming that ‘…the charity trustees have given consideration to the major risks to which the charity is exposed and satisfied themselves that systems or procedures are established in order to manage those risks.’
The main headings for risk are;
- governance
- operational risk
- finance risk
- environmental and external risk
- law and regulation compliance risk
Before the Covid-19 pandemic arrived, many charities had a risk register which was reviewed briefly once a year or so. However the pandemic meant a greater focus on risk and many charities regularly adapted their risk register to take account of new operational and financial risks they faced, or even developed a separate risk register.
There are now other risks which most charities must navigate, including difficulties in finding appropriate staff and rising costs. Charity trustees should make sure that the good habit of more frequent reviewing of the risk register continues, so that they can demonstrate that they have identified relevant risks, and taken appropriate steps to mitigate those risks. Reviewing the risk register at Trustee meetings should be minuted.
The Charity Commission guidance CC26 includes a template to assist with compiling the risk register.
The next step
For any questions please contact Caroline Webster, or your usual UHY advisor.
