The Role of Your Audit Committee — and Why the CFO Can’t Be on It

For many nonprofits, the audit committee may seem like a formality—just another box to check during annual reporting season. But in reality, your audit committee plays a critical role in maintaining financial integrity, public trust, and legal compliance. And if your CFO is serving on that committee? You may be unknowingly violating best practices and legal standards, particularly in New York State.
Let’s break down what your audit committee should do, why its independence is so important, and why having your CFO—or any staff member with financial oversight—on the committee is a major red flag.
What Is the Audit Committee and Why Does It Matter?
The audit committee is a subcommittee of your nonprofit’s board of directors. Its job is to provide independent oversight of the organization’s financial reporting processes, internal controls, and the external audit process.
Audit Committee core responsibilities typically include:
- Hiring and overseeing the work of the independent auditor
- Reviewing the annual financial statements and audit findings
- Monitoring internal controls and risk management systems
- Ensuring compliance with laws, regulations, and ethical standards
- Reviewing whistleblower complaints or financial concerns
The purpose? To ensure that financial reporting is accurate, transparent, and free from undue influence. This is essential not only for fulfilling fiduciary duties, but also for maintaining donor trust and meeting IRS and state-level regulatory expectations.
New York Law: What’s Required?
Under the New York Nonprofit Revitalization Act, nonprofits with more than $250,000 in annual revenue are required to form an audit committee (or assign audit responsibilities to another committee of independent board members), perform a financial review, and file an annual financial statement with the Attorney General. Nonprofits with more than $1M in annual revenue are required to form an audit committee (or assign audit responsibilities to another committee of independent board members), perform a financial review, and produce audited financial statements to be filed with the Attorney General.
The law specifically requires that:
- The audit committee must be composed of independent directors (not staff or paid contractors).
- Key employees, including the Executive Director, CFO, or any employee with financial management responsibilities, may not serve on the audit committee.
- The committee is responsible for overseeing the engagement of the auditor, reviewing the audit’s scope and results, and ensuring the organization responds to any management letter recommendations.
So, if your CFO is on the audit committee, you are not in compliance with New York law, and you’re putting your nonprofit’s tax-exempt status, funding, and reputation at risk.
Why the CFO Shouldn’t Serve on the Audit Committee
This restriction isn’t arbitrary—it’s grounded in the need for unbiased oversight. Here’s why:
1. Conflict of Interest
The CFO oversees the very financial systems and staff whose work the audit committee is meant to review. Asking them to audit their own work defeats the purpose and creates a clear conflict of interest.
2. Compromised Objectivity
Even if your CFO is ethical and competent, their proximity to the numbers means they may lack the distance needed to objectively assess financial risks or misstatements.
3. Erosion of Donor and Public Trust
An audit process perceived as “in-house” or self-policing may raise concerns with donors, watchdogs, and the public—particularly if your nonprofit handles large sums, federal grants, or restricted funds.
Who Should Serve on the Audit Committee?
The audit committee is to be made up of independent board members who:
- Are not employees or paid consultants of the organization
- Do not have close family or financial ties to employees
- Have a general understanding of financial statements and nonprofit accounting
- Are willing to ask questions, challenge assumptions, and hold staff accountable
If financial expertise is lacking on the board, engage an outside advisor or retired financial professional to inform the committee’s work, but not to serve on it.
Best Practices for a Strong Audit Committee
To make sure your audit committee is more than just a name on a flowchart, follow these tips:
- Adopt a clear charter outlining the committee’s responsibilities and authority.
- Meet regularly—not just once a year during audit season.
- Engage the external auditor directly without staff present, at least once annually.
- Request and review management letters and ensure all findings are addressed.
- Document everything—minutes, findings, and follow-ups should all be recorded.
Your audit committee is one of the most important safeguards your nonprofit has against financial mismanagement and reputational risk. It is also a key demonstration of your commitment to transparency, accountability, and good governance.
Removing the CFO—or any staff member—from this committee isn’t just a legal requirement in New York—it’s a smart, ethical decision that strengthens your organization from the inside out.
If you’re unsure whether your current structure is compliant or effective, we’re here to help. At Hedgeman Law Firm, we advise nonprofits across New York and beyond on how to build sound, sustainable governance systems that uphold both the law and your mission.
Need help reviewing your audit committee or bylaws?
Contact us today to schedule a nonprofit governance consultation.