Nurturing Civil Society

Ten Emerging Principles of Governance of Nonprofit Corporations and Guides to a Safe Harbor

The International Journal
of Not-for-Profit Law

Volume 7, Issue 1, November 2004

By Thomas Silk*

When clients look to legal counsel for advice and guidance, they expect to hear about current law. Sophisticated clients also look to us to keep them ahead of the curve, to alert them to evolving developments and trends in relevant laws and norms. This article represents my attempt to peer around the corner, to report on what I see, to identify and discuss what I believe to be the major developments and trends in principles of governance of nonprofit corporations, and to point the way to a safe harbor. This article is entirely subjective. It reflects my views alone, not necessarily those of my colleagues nor those of my clients.  

* * * * * * * * * * *

The passage of Sarbanes-Oxley is a “wake-up call to the entire nonprofit community. If nonprofit leaders do not ensure effective governance of their organizations, the government may step forward and also regulate nonprofit governance.”
–The Sarbanes-Oxley Act and Implications for Nonprofit Organizations (Independent Sector and BoardSource, 2003)

“Public trust in our sector demands enforcement of legal standards, but it calls for more than that. Our world is migrating from a standard of what the law ‘allows’ us to do, to what we are comfortable reading about ourselves in the newspaper.”
–Dorothy S. Ridings, President of the Council on Foundations, Foundation News (November-December 2003)

“I do think the changes in corporate governance that we’re seeing through the voluntary best practices codes, for example … have created a new set of expectations for directors. And that is changing how courts look at these issues.”
–Chief Justice Veasey, Supreme Court of Delaware, “What’s Wrong with Executive Compensation,” Harvard Business Review, pp. 68, 76 (January 2003)


In response to the scandals at Enron, Arthur Andersen, Global Crossing, and other major corporations, Congress passed the Sarbanes-Oxley Act of 2002. Scholars (including judges) have pondered the possible implications of Enron for the law of corporations.[1] Corporate watchdog organizations and professional associations of business and law have advocated and adopted more rigorous best practice codes of corporate governance.[2]

Meanwhile the press has reported on scandals within the nonprofit sector as well.[3] So far, nonprofit organizations have not been the target of reform legislation by Congress. States have been the first to act, with legislation patterned after Sarbanes-Oxley[4] introduced in New York and California.[5]

What new principles of governance are likely to emerge for the nonprofit sector? Based on an analysis of recent developments in the for-profit sector, including Sarbanes-Oxley and the recent spate of best practice codes of governance, I have identified ten likely emerging principles of governance for nonprofit organizations. My intent is not to hazard a prediction about the likelihood of federal or state legislation or regulations but to recognize and reflect the emergence of a fundamental aspirational shift. Whether or not additional legislation is enacted, community customs and practices are changing. Those changes may lead to revised interpretations by courts of the fiduciary duties of care and loyalty of directors of nonprofit corporations, because the meaning of these terms is based on current custom and practice.[6] Moreover, a higher level of public expectation may prompt increased media scrutiny of nonprofit sector organizations. The likelihood of enforcement of federal and state laws regulating charitable organizations will continue to be less of a practical deterrent against improper conduct than the risk of reputational harm that may result from adverse media publicity targeting the nonprofit corporation, its directors and officers.[7]

Emerging Principles 

1.  The board of directors of a nonprofit corporation must engage in active, independent, and informed oversight of the activities of the corporation, particularly those of senior management.

2.  Directors with information and analysis relevant to the board’s decision-making and oversight responsibilities are obligated to disclose that information and analysis to the board and not sit passively. Senior management should recognize and fulfill an obligation to disclose – to a supervising officer, to a committee of the board, or to the board of directors – information and analysis relevant to such person’s decision-making and oversight responsibilities.

3.  Every nonprofit corporation should have a nominating/governance committee composed entirely of directors who are independent in the sense that they are not part of the management team and they are not compensated by the corporation for services rendered to it, although they may receive reasonable fees as a director. The committee is responsible for nominating qualified candidates to stand for election to the board, monitoring all matters involving corporate governance, overseeing compliance with ethical standards, and making recommendations to the full board for action in governance matters.

4.  Every nonprofit corporation with substantial assets or annual revenues should develop and implement a three-tier annual board evaluation process whereby the performances of the board as a whole, each board committee, and each director are evaluated annually. The board should also develop and implement a process for review and evaluation of the chief executive officer on an annual basis.

5.  Each board of directors is responsible for overseeing corporate ethics. Ethical conduct, including compliance with the requirements of law, is vital to a corporation’s sustainability and long-term success. To establish an ethical corporate culture, the board should consider the following actions:

  • communicate to personnel at all levels of the corporation a strong, ethical “tone at the top,” set by the board, the chief executive officer, and other senior management, establishing a culture of legal compliance and integrity;[8]
  • assign to the chief executive officer or other officer the specific task of serving as compliance officer;
  • adopt a Conflicts of Interest policy;
  • include ethics-related criteria in employee qualification standards and in employees’ annual performance reviews.

6.  Every nonprofit corporation with substantial assets or annual revenue should be audited annually by an independent auditing firm. The corporation should change auditing firms or the lead and reviewing audit partner periodically to assure a fresh look at the firm’s financial statements. The audit committee should be composed of completely independent directors and should set rules and processes for complaints concerning accounting and internal control practices. It is responsible for hiring, setting compensation, and overseeing the auditor’s activities.

7.  The chief executive officer and the chief financial officer of every nonprofit corporation should review Form 990 or Form 990-PF and other annual information returns filed by the nonprofit organization with federal and state agencies.

8.  Any attorney providing legal services to a nonprofit corporation who learns of evidence that the attorney reasonably believes indicates a material breach of fiduciary duty or similar violation should report that evidence to the chief executive officer of the nonprofit corporation and, if warranted by the seriousness of the matter, to the board of directors.

9.  Every nonprofit corporation should adopt a written policy setting forth standards for document integrity, retention, and destruction. Section 1102 of the Sarbanes-Oxley Act provides that whoever alters or destroys any document with the intent to obstruct the investigation or proper administration of any matter within the jurisdiction of any federal agency or department is guilty of a felony. This provision applies to individuals within nonprofit corporations as well as business corporations.

10. Every nonprofit corporation should adopt a written policy to permit and encourage employees to alert management and the board to ethical issues and potential violations of law without fear of retribution. This is based on Section 1107 of the Sarbanes-Oxley Act, which treats as a felony any discharge, demotion, or harassment of any employee who provides to a law enforcement official true information about the potential commission of a federal offense. This provision applies to individuals within nonprofit corporations as well as business corporations.


The ten principles of governance are derived primarily from the Sarbanes-Oxley Act and three corporate governance codes published after the Act became effective: the Report of the Task Force on Corporate Responsibility of the American Bar Association, the Findings and Recommendations of the Commission on Public Trust and Private Enterprise of The Conference Board, and Principles of Corporate Governance of The Business Roundtable.[9]

Those sources address corporate governance in a business context, not in a nonprofit sector environment. This commentary identifies significant modifications to the principles made to adapt them to nonprofit corporations. As it turns out, the principles fit without much difficulty, which is consistent with the underlying reality that fundamental corporate governance standards are much the same for nonprofit corporations and for business corporations.

Principles 1 and 2 

The laws of every state contain fiduciary duties, the twin duties of care and loyalty, applicable to directors of nonprofit corporations. But the meaning of the language used to define the duty of care is far from self-revealing. For example, California’s defines the duty of care as the duty to act in good faith “with such care, including reasonable inquiry, as an ordinarily prudent person in a like position would use under similar circumstances.”[10]

The search for clearer guidance is unending. A recent version is offered by the American Bar Association. Principles 1 and 2 are derived from the corporate governance practices recommended by the Task Force on Corporate Responsibility of the American Bar Association and adopted by the ABA in August 2003.

The Task Force identifies as a major board problem “a culture of passivity with respect to senior executive officers, in which those officers are not subject to meaningful director oversight…. The goal of the policies and practices recommended in this Report will only be fully achieved if … directors abandon the passive role many have been content to play, and replace it with a new culture stressing constructive skepticism and an active, independent oversight role.”[11]

Concern with the culture of board passivity prompts the emphasis on an active board. The ABA standard does not call for micromanagement by the board, but it does provide that the director with knowledge relevant to the board’s responsibilities may not sit by quietly and withhold that information from the board; the director has an affirmative obligation to disclose relevant information to the board (Principle 2). The directors “must engage in active, independent and informed oversight” (Principle 1).

Board passivity is not limited to business corporations. Directors of nonprofit corporations have also been faulted for reluctance to ask key questions and to participate actively in board meetings.[12]

Principles 3 through 5 

The notion that every board of directors should have a nomination/governance committee is widespread in recommended practice codes. A common feature is that the committee should be independent in the sense that the directors serving on it are not part of the management team and are not compensated by the corporation for services rendered to it, although they may receive reasonable fees as directors.[13]

Principle 4 reflects another consensus in the recommended practice codes of corporate governance. A requirement for annual evaluations of the executive director appears frequently in these codes. An annual evaluation requirement for directors appears less often. What is new here is the proposed three-tier evaluation at the board level. Annual evaluation is recommended not only for each director, but for each committee and for the board of directors as a whole, reflecting a concern that the result of individual director evaluations may reveal little about how the directors perform in relevant groups.[14]

Principle 5 reflects a final common theme in recommended practice codes: a recognition that a strong ethical standard should be set by a “tone at the top.”[15]

Principle 6

Only a few states currently require annual audits of nonprofit corporations. But that is changing. Some states have proposed mandatory audits for nonprofit organizations with assets or gross revenues over $250,000. In other states audits are required only of larger nonprofits, those with assets of $3 million or gross annual revenues of $1 million. Below a certain size, the nonprofit corporation may not be able to afford the costs of an annual audit. Nevertheless, nonprofit corporations with substantial assets or annual revenue should anticipate that mandatory annual audits will be required.

The Sarbanes-Oxley Act requires that the board of directors have an audit committee composed entirely of directors who are independent in the sense that they are not part of the management team and they are not compensated for services rendered to the corporation, apart from fees for board service.

Similar requirements are likely to be imposed by state law on nonprofit corporations. Legislation proposed by the New York Attorney General would require nonprofit boards to designate an audit committee if the organization has gross revenues over $250,000. Not only may the directors on the audit committee not be paid for services to the corporation, they may not have participated in any interested party transactions in the last year.[16]

In California, SB 1262 has been introduced. The bill would require mandatory annual audits of charitable corporations with annual revenues of $500,000 or more, public disclosure of the audited financial statements, an independent audit committee, and record retention (including electronic records) of the activities of the charity for 10 years.

Principle 7 

The Sarbanes-Oxley Act requires the chief executive and chief financial officer to certify that the officer has reviewed the financial statements, that they contain no untrue statement or omission of material fact, and that they fairly present the financial condition and operations of the company. Willful false certification is subject to criminal sanctions.

Current law requires IRS Form 990 and Form 990-PF, the annual information returns filed by public charities and private foundations, to be signed by an officer. Those information returns are signed with a declaration under penalty of perjury that the officer has examined the return and accompanying schedules and that they are “true, correct, and complete.” The Internal Revenue Code contains its own perjury and false statement statute making willful violations a felony. IRC § 7296(1).

The IRS has a wide choice of laws to select from to enforce the making of true statements in connection with tax returns. In this new climate of compliance, nonprofit corporations would be well-advised to follow the sound advice given by Independent Sector that both the “CEO and the CFO should review the Form 990 or 990-PF before it is submitted to ensure that it is accurate, complete, and filed on time.”[17]

Principle 8 

The imposition by the Sarbanes-Oxley Act of regulations and restrictions on accountants has received extensive publicity. Less fanfare has accompanied a new rule imposed on lawyers. The Act seeks to improve compliance by requiring lawyers to “climb the ladder” within the client company. If the lawyer is aware of evidence of material violations of securities law or breach of fiduciary duty by the company or any agent, the attorney must report that evidence to the chief legal officer or chief executive officer. If that person does not respond appropriately, then the attorney must report to the audit committee or the board of directors.

The ethical rules of the legal profession are moving in a similar direction. California has a permissive reporting-up rule. Under California’s Rule of Professional Conduct 3-600(B), when a lawyer learns of wrongdoing by a corporate client, the lawyer may refer the matter “to the next higher authority in the organization, including, if warranted by the seriousness of the matter, to the highest internal authority.” The ABA recently enacted a “climb the ladder” rule that is mandatory when applicable. In 2003, the ABA completely revamped Model Rule 1.13, which now provides that when an attorney learns of wrongdoing that is likely to result in substantial injury to the corporation, the attorney “shall refer” the matter to the highest authority in the corporation, the board of directors.

In the nonprofit sector, these trends in the law are likely to result in an increase in compliance discussions, initiated by the attorney, with the executive director and with the board of directors.

Principles 9 and 10 

The Sarbanes-Oxley Act also adds two criminal offenses to federal law. Anyone who alters or destroys a document with the intent to obstruct a federal investigation is guilty of felony; so, too, is a person who discharges, demotes, or harasses an employee for providing true information to a federal law enforcement officer.

The scope of these criminal offenses extends to individuals in nonprofit corporations as well as businesses and would apply in connection with IRS audits or other federal investigations of tax-exempt organizations.

To the extent that state laws do not already criminalize similar conduct in connection with state law enforcement investigations, we are likely to see the adoption of such laws at the state level.

Accordingly, a nonprofit corporation would be well-advised to elevate awareness of these changes within the organization by adopting written policies setting forth standards for document integrity and retention and by making plain that employees, without fear of retribution, are encouraged to alert management and the board to ethical issues and potential violations of law.

Guides to a Safe Harbor 

What can we learn from this analysis of emerging principles in nonprofit governance that may be of practical use to us? The most valuable teachings, I suggest, are not about the particular principles themselves, which will change over time, but about underlying truths. By following these guides when making policy decisions on matters of internal governance, charitable corporations will find the safest harbor:

1.  Increasingly, charities are expected by the public to take the high road.

2.  It is no longer sufficient for a charitable organization merely to comply with the letter of the law or even the spirit of the law. The charity must go beyond the law. The public now looks to charities to act as moral agents.

3.  Charitable organizations with the greatest likelihood of satisfying emerging public expectations will be those that take all measures necessary to ensure that the conduct of directors, officers, and employees reflects the highest ethical standards appropriate to the organization structure and mission.

4.  To settle for less is to run the risks that the charitable organization’s reputation for integrity will be weakened, its respect by the community will be diminished, and its ability to fulfill its mission will be imperiled.


* Thomas Silk practices law with Silk, Adler & Colvin, a San Francisco firm specializing in the law of nonprofit organizations. He is the editor of Philanthropy and Law in Asia (1999), and he has contributed chapters to Serving Many Masters: The Challenges of Corporate Philanthropy (2003) and The Jossey-Bass Handbook of Nonprofit Leadership and Management (2004). Copyright 2004 by Thomas Silk.

[1] Leo E. Strine, Jr. “Derivative Impact? Some Early Reflections on the Corporation Law Implications of the Enron Debacle,” 57 The Business Lawyer 1372 (August 2002); E. Norman Veasey, “Should Corporation Law Inform Aspirations for Good Corporate Governance Practices – Or Vice Versa?” 149 U. Pa. R. Rev. 2179 (June 2001).

[2] “Findings and Recommendations: Part 2, Corporate Governance,” Commission on Public Trust and Private Enterprise (The Conference Board, 2003); “Principles of Corporate Governance” (The Business Roundtable, 2002); ”Corporate Governance Practices,” adopted by the American Bar Association (2003).

[3] See e.g., Margaret Gibelman and Sheldon R. Gelman, “Very Public Scandals: An Analysis of How and Why Nongovernmental Organizations Get in Trouble,” paper presented at the International Society for Third-Sector Research at the Fourth International Conference, Dublin, Ireland, July 7, 2000; Marion R. Fremont-Smith and Andras Kosaras, “Wrongdoing by Officers and Directors of Charities: A Survey of Press Reports 1995-2002,” 42 Exempt Organization Tax Review 25 (October 2003).

[4] The Sarbanes-Oxley Act, enacted on July 30, 2002, imposes on publicly traded companies and their accountants and lawyers new requirements designed to improve corporate governance and thereby rebuild public trust in the corporate sector.

[5] In January 2003, Attorney General Eliot Spitzer of New York announced the introduction of legislation to protect nonprofit corporations against financial fraud by adopting reforms similar to those enacted by Sarbanes-Oxley. Attorney General’s Legislative Program Bill # 02-03. In California, Attorney General Lockyer’s staff developed a legislative proposal which emerged as SB 1262, introduced by Senator Sher on February 13, 2004.

[6] It is settled law in California and elsewhere that evidence of the custom or practice of others similarly situated is admissible in court on the issues of due care or negligence. See Bullis v. Security Pac. Nat. Bank, 21 C.3d 801,809 (1978); Prosser & Keaton, Torts (5th edition) §33.

[7] In a recent seminal article, the authors argue that “the behavioral phenomena of internalized trust and trustworthiness play important roles in discouraging opportunistic behavior among corporate participants.” They identify three sources of trust and trustworthiness: (1) enforcement of laws, (2) market sanctions (combining fear of retaliation, reputational loss, and social sanctions), and (3) internalized trust (an internalized belief or taste or preference for behaving trustworthily). Margaret M. Blair and Lynn A. Stout, Symposium Norms & Corporate Law: Trust, Trustworthiness, and the Behavioral Foundations of Corporate Law, 149 U. Pa. L. Rev. 1735 (June 2001).

[8] Enron’s corporate culture of deceit amounted to an in-house joke, as captured by a song “Balance Sheet Blues,” which circulated within the company in 1998: “They call us innovators / We got to please the rater / Don’t feed us to the ‘gators / We got the balance sheet blues.” Jeffrey Toobin, “End Run at Enron,” New Yorker, p. 49, 55 (October 27, 2003).

[9] The four documents are available at the following websites:;;; and

[10] The definition of the duty of care for directors of business corporations and for directors of nonprofit corporations is often the same or similar. Compare Cal. Corp. Code §§ 309(a) and 5231(a); compare Revised Nonprofit Corporation Act §8.30(a) and Model Business Corporation Act §8.30 (a); compare New York N-PCL §717 and BCL §717; see also Bjorklund, Fishman, and Kurtz, New York Nonprofit Law and Practice with Tax Analysis §11.2(b).

[11] Report of the Task Force on Corporate Responsibility of the ABA, pp. 10-11 (2003).

[12] See e.g., Chait, Holland and Taylor, Improving the Performance of Governing Boards, p. 4 (1996).

[13] See Principles of Corporate Governance, p. 20 (Business Roundtable); Corporate Governance: Principles, Recommendations and Specific Best Practice Suggestions, p. 10 (Conference Board).

[14] Business Roundtable, p. 27; Conference Board, p. 10.

[15] Business Roundtable, p. 9; Conference Board, p. 25.

[16] New York Attorney General’s Legislative Program, Program Bill # 02-03 (January 21, 2003).

[17] The Sarbanes-Oxley Act and Implications for Nonprofit Organizations p. 7 (Independent Sector and BoardSource, 2003).