Some Thoughts for First-Year Nonprofits – Nonprofit Law Blog

Congratulations on your first year as a nonprofit corporation exempt under Section 501(c)(3) of the Internal Revenue Code! Your first anniversary is a notable milestone and a chance to take a quick look back as it relates to moving forward with impact and compliance. This post is written partly in response to some very high-profile, well-intentioned, and important organizations that focused on programming and fundraising ahead of compliance, risk management, and establishment of a strong and resilient infrastructure.

Governing Documents

  • Does the purpose statement in your articles of incorporation encompass the rationale for all of your charitable/exempt activities?
  • Are all provisions of your bylaws consistent with your articles of incorporation?
  • Did you structure your board and officer structures in a manner with which you are compliant (e.g., number of directors, types of officers)?
  • Do the bylaws provide maximum protection to the board members (directors), officers, employees, and other agents of the nonprofit?
  • if you established a voting membership structure, are all of the inherent statutory member rights codified in the bylaws?
  • Have you created, implemented, and enforced a conflict of interest policy, including required disclosure statements?

Directors and Officers

  • Have all the directors been properly elected and have all these elections been properly documented in minutes or written consents?
  • Does the board know when each director and officer position is subject to election and have a board calendar to help ensure such elections take place?
  • Do you have an appropriate number of independent directors to provide proper governance of the nonprofit, engender public trust, and survive critical scrutiny from regulators and other stakeholders?
  • Are your directors and officers sufficiently knowledgeable about their duties and roles, the compliance issues specific to the organization, and how your values and the broader ecosystem should be considered in meeting their fiduciary duties?
  • If you have a more shared/distributed leadership system, have you considered how your board can ensure that all of your activities and affairs are managed and all corporate powers exercised under the board’s ultimate direction compliant with the law?
  • Are you making proper use of board committees and committees that are not board committees (and do you know the difference)?

First Year Filings

  • Do you have your IRS determination letter recognizing you as tax-exempt under 501(c)(3)?
  • Do you know when your first year filings (e.g., Form 990) are due with the IRS?
  • Have you identified and are you prepared to comply with all of your other initial and periodic filing requirements (e.g., state charity registrations, state tax-exemption, state corporate, payroll- and employment-related, local registrations)?

501(c)(3) Compliance

  • Does substantially all of your activities (including any earned income activities) further one or more charitable/exempt purposes (without looking to how any profits are used)?
  • Do you engage in more than an insubstantial amount of lobbying (noting that the limits can be quite generous for public charities that have made the very simple 501(h) expenditure test election that many experts highly recommend for most charities)?
  • Do you avoid prohibited political campaign intervention activities (noting that certain educational, get-out-the-vote, and voter registration activities may be permissible)?
  • Have you created, implemented, and enforced policies to ensure you will not provide a prohibited private benefit to any person or entity or engage in any excess benefit transaction?


  • Are you properly registered in the states/jurisdictions in which you fundraise?
  • Have you controlled and overseen all charitable solicitations made on your behalf, including those by commercial/professional fundraisers and fundraising platforms, to ensure accuracy and manage any restrictions created by the solicitations?
  • Have you carefully assessed the benefits and risks and other pros and cons of fundraising events?
  • Do you have a gift acceptance policy to help manage what types of noncash contributions and restrictions you’ll accept or not accept?

Donation Receipts

  • Do you provide donation receipts that provide the necessary language for your donors to meet the written substantiation requirements for taking a charitable contribution deduction?
  • Do you provide the proper written disclosures required when accepting a quid pro quo contribution where value is received by the donor partly in exchange for their contribution?

Earned Income

  • Have you assessed whether your earned income activities may produce unrelated business taxable income subject to the unrelated business income tax (UBIT)?
  • Have you taken steps to protect yourself and your stakeholders from liability or harm from your earned income activities (including through risk management policies and insurance)?
  • Have you considered whether your volunteers would be protected if they are hurt in contributing to your earned income activities (since workers compensation generally doesn’t apply)?

Intellectual Property

  • Do you have an inventory of your intellectual property (IP)?
  • Do you protect any important IP you have developed and any IP rights you possess?
  • Have you taken steps to ensure you will not infringe on any other person’s or entity’s IP rights?


  • Do you have a contract signing authority policy, including when board-level advance approval is required?
  • Do you have internal expertise in understanding key elements in relevant contracts?
  • Do you have your contracts legally reviewed before execution?
  • Do you have a defensible reason for relying on any contract that has not been legally reviewed?
  • Are any representations and warranties made in a contract vetted to ensure they are accurate (if not, you may be in breach)?
  • Are you very confident that you can meet any obligations you have agreed to in a contract or have some protections in case you’re unable to meet such obligations (e.g., force majeure clause)?
  • Do you have a system to help ensure that any consideration (e.g., payment) you provide is not excessive in relation to what you receive in return?
  • Do you have expertise in knowing when a collaboration requires or doesn’t require a contract and the differences between a contract and a memorandum of understanding (MOU)?
  • Do you have any partnership liability risks where you may be responsible for the debts, liabilities, and obligations of another organization you have identified as a partner?

Risk Management / Insurance

  • Have you identified and assessed your vulnerabilities and risks?
  • Have you identified and assessed any insurance products (e.g., commercial general liability, directors’ and officers’, auto) that make sense?
  • Have you created, implemented, and enforced any risk management policies?

Data and Privacy

  • Have you identified and assessed for security and compliance purposes the data you have collected originating from others (e.g., employees, volunteers, donors, service recipients, others)?
  • Have you created, implemented, and enforced any data security and compliance policies?
  • Do you have a system for assessing whether you want to continue collecting or maintaining certain types of data due to the risks they inherently carry?


  • Do you comply with applicable prudent investor laws (e.g., UPMIFA)?
  • Have you created, implemented, and enforced an investment policy?
  • Do you understand how mission can/should influence your investment decisions?