Even if your not-for-profit isn’t legally required to obtain independent audits, such audits can enhance financial transparency, increase accountability and help you build trust with your stakeholders. But how do you find a truly independent auditor? Ensuring independence requires more than hiring an outside firm. The American Institute of Certified Public Accountants (AICPA) Code of Professional Conduct can help guide you.

On the face of things

The AICPA code mandates that CPAs and their firms be independent in the performance of professional services, including audits. It requires independence in both fact and appearance. Independence in appearance calls for avoiding circumstances that would cause a third party to reasonably conclude that the auditor’s integrity, objectivity or professional skepticism is compromised.

The totality of the circumstances matters when assessing independence in appearance. Insignificant individual threats (for example, an auditor’s small contributions to a charity) can become an issue in the aggregate if other ostensibly minor threats are also in place.

When independence is threatened

The code identifies several examples of threats to independence that could arise during a nonprofit audit — and when the threat may be acceptable. An acceptable threat generally is one where a reasonable and informed third party would conclude that the threat doesn’t impair independence.

An example of a threat that could impair an auditor’s independence is advocacy. This happens if an auditor promotes the nonprofit’s client’s interests to the point of compromising the auditor’s objectivity. This could happen, for example, if an organization is pursuing a cure for an illness that afflicts an auditor’s family member.

“Familiarity” is another potential stumbling block. Be careful if a close friend or relative of the auditor holds a key position in your nonprofit. The auditor may be too close to this situation. An auditor who serves as a director or officer or who designs, implements or maintains the organization’s internal controls is also too close.

Additionally, avoid hiring someone from a firm that has previously performed non-audit work for your organization — for example, if the firm has prepared your nonprofit’s financial statements or served as its accountant. Know, too, that auditors are required to excuse themselves if they face threats or pressures from anyone in your organization.

Other safeguards

An auditor’s firm, a professional organization or regulators can impose other safeguards, including:

• Education requirements,
• The potential for disciplinary action,
• External review of a firm’s quality control system, and
• Licensure requirements.

The AICPA code says that audit clients can implement safeguards that operate in combination with other safeguards. Your nonprofit could, for example, have an active audit committee that monitors decision-making, oversight and communications related to any independent auditor.

An auditor can implement safeguards, too, such as using different partners or engagement teams from separate offices. The auditor must document the identified threats and the safeguards applied.

Time and money

With limited time and money, your nonprofit likely wants to simplify the auditor selection process. But don’t let speed and financial constraints get in the way of hiring the right independent auditor. You can also visit our related service page for more information on our nonprofit consulting services.

© 2025