Why Every Nonprofit Needs a Clear Document Retention Policy
Strong nonprofits are built on strong systems. One of the most important — and often overlooked — systems is a Document Retention Policy.
Managing information may not feel urgent compared to fundraising or programming, but it is foundational. A thoughtful Document Retention Policy protects your nonprofit’s legal compliance, operational efficiency, and long-term stability.
A solid Document Retention Policy doesn’t just organize your files — it strengthens your nonprofit’s efficiency, privacy protections, and legal compliance.
What a Document Retention Policy Does
At its core, a Document Retention Policy creates clarity and consistency.
It establishes:
What types of records your nonprofit keeps
How long each category of record is retained
How documents are labeled and stored
How and when records are securely destroyed
This applies to both physical records (such as contracts, board minutes, and financial statements) and electronic records (including emails, databases, and cloud-based documents).
Without written standards, organizations often rely on informal practices. Some records are kept indefinitely. Others are deleted too quickly. Over time, that inconsistency can create risk and confusion.
A written policy eliminates guesswork.
Why This Matters for Governance
A Document Retention Policy plays a central role in responsible nonprofit governance.
When properly implemented, it helps your organization:
Meet federal and state legal requirements
Protect sensitive and confidential information
Improve workflow and document accessibility
Strengthen organizational accountability
Clear retention timelines prevent both over-retention and premature destruction of important records. They also ensure that, when documents are requested by regulators, auditors, or stakeholders, your nonprofit can respond efficiently and confidently.
Effective record management reflects effective leadership.
Compliance is not accidental — it is structured.
A Document Retention Policy provides the framework that allows your nonprofit to manage information responsibly and consistently. When boards and staff understand what must be kept, for how long, and how it should be handled, the entire organization benefits.
What a Strong Policy Includes
A comprehensive Document Retention Policy should:
Identify the categories of records maintained by the nonprofit
Specify minimum retention timelines for each category
Describe labeling and storage procedures
Outline backup practices for electronic records
Explain how documents are securely destroyed when retention periods expire
The goal is to create a system that is practical and workable while still firm enough to ensure compliance.
When expectations are clear, day-to-day operations become smoother — and leadership can focus on advancing the mission.
The Bottom Line
If your nonprofit is reviewing its governance policies, a Document Retention Policy deserves attention.
It supports transparency. It promotes accountability. And it reinforces your organization’s commitment to responsible management.
Strong governance requires more than good intentions — it requires structure.
Need Help Creating or Updating Your Policy?
The Gordon Fischer Law Firm can help Iowa nonprofits with: drafting, revising, and editing the ten governance policies expressly referenced by the IRS on Form 990 — including Document Retention Policies — tailored to your mission and operations.
Nonprofit leaders are expected to manage so much, but one responsibility that should never be overlooked is managing conflicts of interest. A strong Conflict of Interest Policy protects your organization, your board, and the public trust.
Why Conflict of Interest Policies Matter
In a nonprofit organization, a conflict of interest arises when someone involved with the organization has a personal interest that could interfere — or appear to interfere — with the organization’s best interests.
While these situations may seem routine, failing to address them appropriately can:
Undermine public confidence
Damage your organization’s reputation
Expose your nonprofit to legal and governance risk
A clear policy helps prevent problems before they arise.
What Is a Conflict of Interest?
A conflict of interest generally occurs when an individual:
Stands to benefit personally from a decision made by the nonprofit, or
Has a relationship with a person or business that could influence the organization’s actions
For example, a board member with a financial interest in a vendor being considered by the nonprofit must disclose that relationship and step back from the decision-making process.
What a Strong Policy Should Do
A well-drafted Conflict of Interest Policy brings clarity and consistency to how your nonprofit operates. At a minimum, it should:
Clearly define what constitutes a conflict of interest
Explain how and when conflicts must be disclosed
Outline how disclosed conflicts are reviewed
Describe how conflicts are managed or resolved
Require documentation of decisions and actions taken
This structure supports ethical decision-making and demonstrates accountability.
IRS Guidance and Best Practices
Although the IRS does not require nonprofits to have a Conflict of Interest Policy to maintain tax-exempt status, it does ask on IRS Form 990 whether your organization has adopted one.
That question alone signals that the IRS views conflict policies as a governance best practice — and donors, regulators, and the public often do as well.
Key Elements to Include
To be effective, your policy should address:
When disclosures must be made (such as before votes or contracts)
Who reviews potential conflicts
Whether recusal from discussion or voting is required
How decisions are documented and retained
Consistency and transparency are essential — even when no actual conflict exists.
Conflict of Interest Policies only work when they are used.
Adopting a policy is the first step. Boards should revisit disclosures regularly, document decisions carefully, and treat conflicts as a normal governance issue. Its not meant to be treated like a personal failing.
Final Takeaway
A Conflict of Interest Policy is a practical tool for protecting your mission, your leadership, and your credibility.
By adopting and enforcing a thoughtful policy, your nonprofit signals its commitment to integrity, accountability, and responsible governance.
Need Help Drafting or Updating Your Policies?
The Gordon Fischer Law Firm works with nonprofits to draft, revise, and tailor the ten governance policies referenced on IRS Form 990 — including Conflict of Interest Policies — to fit your organization’s mission and operations.
Before we get into what makes a good Whistleblower Policy, here are four real-life examples of why nonprofits need them:
A long serving bookkeeper notices unexplained reimbursements approved by the executive director but fears reporting them because the director controls her job.
A volunteer becomes aware that restricted donor funds are being used for unrelated expenses but does not know who to tell or whether speaking up could jeopardize their role.
A staff member witnesses repeated harassment by a senior manager and worries that reporting the behavior will quietly end their career at the organization.
A board member learns that required filings have not been made for several years and is concerned about personal liability if the issue is ignored.
In each of these situations, wrongdoing continues not because people are unaware of it, but because they do not feel safe reporting it. A clear Whistleblower and Retaliation Protection Policy is designed to solve exactly this problem.
As a member of a nonprofit organization, wouldn’t you want to know if someone inside the organization was acting illegally, unethically, or contrary to its mission? Nonprofits exist to serve the public good and depend heavily on trust, transparency, and ethical conduct. Yet studies consistently show that reporting drops sharply when organizations lack a clear and credible whistleblower policy.
A well drafted Whistleblower Policy creates a structured, trusted process for raising concerns. It protects individuals who come forward, helps leadership address problems early, and reduces
legal and reputational risk. This blog post explains what a whistleblower policy is, why it matters, who it protects, how it works in practice, and the best practices every nonprofit should consider adopting.
What It Means to “Blow the Whistle”
To “blow the whistle” means to report suspected wrongdoing within an organization. A whistleblower policy establishes formal guidelines for employees, board members, volunteers, and others to follow when they become aware of potential misconduct.
The goal is not punishment. The goal is early detection, accountability, and correction before harm spreads. Effective policies encourage reporting by assuring individuals that they can raise
concerns without fear of retaliation, job loss, or reputational damage. Federal and state laws across the United States reinforce this principle by protecting whistleblowers from retaliation and encouraging internal reporting before problems escalate.
Legal Framework and IRS Expectations
Federal law explicitly protects whistleblowers. Section 1107 of the Sarbanes-Oxley Act, codified at 18 U.S.C. § 1513(e), makes it a federal crime to knowingly retaliate against a person for providing truthful information to law enforcement about a possible federal offense. Penalties can include fines and imprisonment of up to ten years, and the law also prohibits destruction of evidence.
Practically speaking, this means nonprofit leaders must take whistleblower complaints seriously, preserve documents, and avoid any actions that could be perceived as retaliation, even indirectly. Iowa law reinforces these principles. The Iowa Nonprofit Corporation Act, Iowa Code chapter 504, imposes fiduciary duties of care, loyalty, and obedience on directors and officers. When credible concerns about misuse of funds, conflicts of interest, or legal noncompliance are raised and ignored, directors and officers risk breaching those duties. A whistleblower policy provides a documented process for receiving and addressing concerns, which can be critical in demonstrating that leadership acted prudently and in good faith.
Iowa nonprofits should also be mindful that retaliation claims may arise under Iowa common law, Iowa civil rights statutes, and federal employment laws applied in Iowa courts. Even volunteers and independent contractors may assert claims when adverse actions follow protected reporting.
The Internal Revenue Service reinforces these expectations through Form 990. Although a whistleblower policy is not technically mandatory, the IRS asks whether one exists and treats it as a hallmark of good governance. To meet the Form 990 standard, the policy must clearly state that the organization protects individuals who report suspected violations of law or organizational policy in good faith.
Why Whistleblower Policies Are Essential for Nonprofits
Nonprofits rely on public trust, donor confidence, and community credibility. This is especially true in Iowa, where many nonprofits operate in close-knit communities and rely on long-term relationships with donors, volunteers, and local stakeholders. Many Iowa nonprofits advocate publicly for accountability, fairness, and ethical conduct. That mission is undermined if similar misconduct is tolerated internally or handled informally behind closed doors.
A strong whistleblower policy helps Iowa nonprofits:
Identify problems early, when they are easier and less costly to fix
Reduce the risk of regulatory scrutiny by the IRS, Iowa Attorney General, or Iowa Secretary of State
Demonstrate that directors and officers are fulfilling their fiduciary duties under Iowa law
Protect staff, volunteers, and board members from retaliation
Preserve public trust in smaller communities where reputational harm can spread quickly
Without a clear policy, individuals may stay silent, misconduct may continue unchecked, and organizations may face far greater legal, financial, and reputational consequences later.
Who the Whistleblower Policy Is For
A whistleblower and retaliation protection policy should apply broadly. It should cover:
Employees
Officers and directors
Volunteers
Independent contractors
Vendors
Clients and other stakeholders
Even organizations with no paid staff need whistleblower protection. Volunteers often have direct access to sensitive information and must feel safe raising concerns.
When and Where to Report Misconduct
Concerns should be reported as soon as reasonably possible. Prompt reporting allows the organization to stop ongoing harm, preserve evidence, and respond appropriately. Best practice policies provide multiple reporting channels, such as:
A direct supervisor
Another manager or officer
A designated ethics or compliance contact
The board chair or audit committee
An external or anonymous reporting mechanism
Multiple options are essential, especially when the concern involves a supervisor or senior leadership.
Covered Wrongdoing
A well drafted policy clearly defines the types of conduct that may be reported, including:
Fraud or financial misconduct
Theft or misuse of organizational assets
Violations of law or regulations
Conflicts of interest
Discrimination or harassment
Violations of confidentiality obligations
Unsafe or unhealthy working conditions
Abuse of authority
Retaliation against whistleblowers
Clear definitions reduce uncertainty and encourage reporting.
Reporting Procedures
Effective policies explain how to report concerns and make the process accessible. Best practices include:
Clear written reporting instructions
Options for confidential or anonymous reporting
Identification of who receives and reviews reports
Escalation paths if concerns are not addressed
Good documentation protects both the whistleblower and the organization.
Investigation Procedures
Once a report is received, the organization must act promptly and responsibly. The policy should describe:
How investigations are initiated
Who conducts them
How evidence is collected and preserved
Expected timelines
How findings are documented and addressed
Investigations should be objective, thorough, and conducted by individuals with appropriate independence and authority.
Confidentiality
Confidentiality is critical to effective whistleblower protection. Policies should commit to maintaining confidentiality to the greatest extent reasonably possible. While absolute confidentiality cannot always be guaranteed, especially if legal proceedings follow, failing to promise confidentiality at all will strongly discourage reporting.
Protection Against Retaliation
The policy must clearly prohibit retaliation. Retaliation includes termination, demotion, harassment, intimidation, reduced hours, or any adverse action taken because someone reported
concerns in good faith. Anyone who retaliates should face discipline, up to and including termination or removal from office or board service.
Good Faith Reporting and False Allegations
Whistleblowers must act in good faith and have reasonable grounds to believe misconduct has occurred. Knowingly false or malicious allegations should result in discipline. Importantly, an allegation that cannot be substantiated does not mean it was made in bad faith.
Disciplinary Action and Outcomes
Policies should outline potential consequences when allegations are substantiated, including corrective action, discipline, or termination. They should also address consequences for retaliation and bad faith reporting.
Training and Communication
This is critical. A whistleblower policy is ineffective if people do not know it exists or how to use it.
For Iowa nonprofits, this section should align closely with other governance disclosures and practices reflected on IRS Form 990, including policies addressing conflicts of interest, document retention and destruction, compensation review, and Form 990 review and approval itself. The IRS looks at governance holistically, not in isolation. Best practices include:
Distributing the policy during onboarding
Providing periodic training
Including the policy in employee handbooks
Training investigators on process and confidentiality
Consistent implementation across these policies strengthens credibility if the organization’s governance practices are ever reviewed by the IRS or state regulators.
Support for Whistleblowers
This is equally important. Whistleblowers often experience stress, fear, or emotional strain. Providing access to support resources demonstrates a genuine commitment to ethical culture and
reinforces trust.
Policy Review and Updates
Whistleblower policies should be reviewed periodically and updated to reflect changes in law, organizational structure, and best practices.
Conclusion
A well designed whistleblower and retaliation protection policy is a cornerstone of strong nonprofit governance. It protects individuals, strengthens organizational integrity, and reinforces public trust.
For Iowa nonprofits, whistleblower protection should be viewed alongside other core governance practices reported on IRS Form 990, including conflict of interest policies, document retention policies, compensation approval processes, and board oversight procedures. These policies work together to demonstrate that directors and officers are meeting their fiduciary obligations under Iowa law.
Nonprofits should not treat whistleblower policies as boilerplate or check-the-box documents. They should be tailored to the organization’s structure, actively implemented, and supported by leadership.
I advise Iowa nonprofits on governance, compliance, and risk management. I work with Iowa charities, churches, foundations, associations, and membership organizations to draft, review, and align whistleblower policies with Articles of Incorporation, Bylaws, Form 990 disclosures, and the full suite of IRS-recommended governance policies.
If your Iowa nonprofit needs assistance drafting, reviewing, or updating a whistleblower policy or strengthening its overall Form 990 governance framework, contact me anytime. I offer free consultations. My email is: gordon@gordonfischerlawfirm.com
Why Every Nonprofit Needs a Clear Document Retention Policy
NonprofitsFebruary 6, 2026
Why Every Nonprofit Needs a Clear Document Retention Policy
Strong nonprofits are built on strong systems. One of the most important — and often overlooked — systems is a Document Retention Policy.
Managing information may not feel urgent compared to fundraising or programming, but it is foundational. A thoughtful Document Retention Policy protects your nonprofit’s legal compliance, operational efficiency, and long-term stability.
What a Document Retention Policy Does
At its core, a Document Retention Policy creates clarity and consistency.
It establishes:
What types of records your nonprofit keeps
How long each category of record is retained
How documents are labeled and stored
How and when records are securely destroyed
This applies to both physical records (such as contracts, board minutes, and financial statements) and electronic records (including emails, databases, and cloud-based documents).
Without written standards, organizations often rely on informal practices. Some records are kept indefinitely. Others are deleted too quickly. Over time, that inconsistency can create risk and confusion.
A written policy eliminates guesswork.
Why This Matters for Governance
A Document Retention Policy plays a central role in responsible nonprofit governance.
When properly implemented, it helps your organization:
Meet federal and state legal requirements
Protect sensitive and confidential information
Improve workflow and document accessibility
Strengthen organizational accountability
Clear retention timelines prevent both over-retention and premature destruction of important records. They also ensure that, when documents are requested by regulators, auditors, or stakeholders, your nonprofit can respond efficiently and confidently.
Effective record management reflects effective leadership.
Compliance is not accidental — it is structured.
A Document Retention Policy provides the framework that allows your nonprofit to manage information responsibly and consistently. When boards and staff understand what must be kept, for how long, and how it should be handled, the entire organization benefits.
What a Strong Policy Includes
A comprehensive Document Retention Policy should:
Identify the categories of records maintained by the nonprofit
Specify minimum retention timelines for each category
Describe labeling and storage procedures
Outline backup practices for electronic records
Explain how documents are securely destroyed when retention periods expire
The goal is to create a system that is practical and workable while still firm enough to ensure compliance.
When expectations are clear, day-to-day operations become smoother — and leadership can focus on advancing the mission.
The Bottom Line
If your nonprofit is reviewing its governance policies, a Document Retention Policy deserves attention.
It supports transparency.
It promotes accountability.
And it reinforces your organization’s commitment to responsible management.
Strong governance requires more than good intentions — it requires structure.
Need Help Creating or Updating Your Policy?
The Gordon Fischer Law Firm can help Iowa nonprofits with: drafting, revising, and editing the ten governance policies expressly referenced by the IRS on Form 990 — including Document Retention Policies — tailored to your mission and operations.
📧 Email: gordon@gordonfischerlawfirm.com
The “Must-Have” Conflict of Interest Policy for Nonprofit Governance
Charitable GivingFebruary 4, 2026
Nonprofit leaders are expected to manage so much, but one responsibility that should never be overlooked is managing conflicts of interest. A strong Conflict of Interest Policy protects your organization, your board, and the public trust.
Why Conflict of Interest Policies Matter
In a nonprofit organization, a conflict of interest arises when someone involved with the organization has a personal interest that could interfere — or appear to interfere — with the organization’s best interests.
While these situations may seem routine, failing to address them appropriately can:
Undermine public confidence
Damage your organization’s reputation
Expose your nonprofit to legal and governance risk
A clear policy helps prevent problems before they arise.
What Is a Conflict of Interest?
A conflict of interest generally occurs when an individual:
Stands to benefit personally from a decision made by the nonprofit, or
Has a relationship with a person or business that could influence the organization’s actions
For example, a board member with a financial interest in a vendor being considered by the nonprofit must disclose that relationship and step back from the decision-making process.
What a Strong Policy Should Do
A well-drafted Conflict of Interest Policy brings clarity and consistency to how your nonprofit operates. At a minimum, it should:
Clearly define what constitutes a conflict of interest
Explain how and when conflicts must be disclosed
Outline how disclosed conflicts are reviewed
Describe how conflicts are managed or resolved
Require documentation of decisions and actions taken
This structure supports ethical decision-making and demonstrates accountability.
IRS Guidance and Best Practices
Although the IRS does not require nonprofits to have a Conflict of Interest Policy to maintain tax-exempt status, it does ask on IRS Form 990 whether your organization has adopted one.
That question alone signals that the IRS views conflict policies as a governance best practice — and donors, regulators, and the public often do as well.
Key Elements to Include
To be effective, your policy should address:
When disclosures must be made (such as before votes or contracts)
Who reviews potential conflicts
Whether recusal from discussion or voting is required
How decisions are documented and retained
Consistency and transparency are essential — even when no actual conflict exists.
Conflict of Interest Policies only work when they are used.
Adopting a policy is the first step. Boards should revisit disclosures regularly, document decisions carefully, and treat conflicts as a normal governance issue. Its not meant to be treated like a personal failing.
Final Takeaway
A Conflict of Interest Policy is a practical tool for protecting your mission, your leadership, and your credibility.
By adopting and enforcing a thoughtful policy, your nonprofit signals its commitment to integrity, accountability, and responsible governance.
Need Help Drafting or Updating Your Policies?
The Gordon Fischer Law Firm works with nonprofits to draft, revise, and tailor the ten governance policies referenced on IRS Form 990 — including Conflict of Interest Policies — to fit your organization’s mission and operations.
📧 Email: gordon@gordonfischerlawfirm.com
Whistleblower Policies for Iowa Nonprofits: Legal Requirements, IRS Guidance, and Best Practices
NonprofitsJanuary 26, 2026
Before we get into what makes a good Whistleblower Policy, here are four real-life examples of why nonprofits need them:
In each of these situations, wrongdoing continues not because people are unaware of it, but because they do not feel safe reporting it. A clear Whistleblower and Retaliation Protection Policy is designed to solve exactly this problem.
As a member of a nonprofit organization, wouldn’t you want to know if someone inside the organization was acting illegally, unethically, or contrary to its mission? Nonprofits exist to serve the public good and depend heavily on trust, transparency, and ethical conduct. Yet studies consistently show that reporting drops sharply when organizations lack a clear and credible whistleblower policy.
A well drafted Whistleblower Policy creates a structured, trusted process for raising concerns. It protects individuals who come forward, helps leadership address problems early, and reduces
legal and reputational risk. This blog post explains what a whistleblower policy is, why it matters, who it protects, how it works in practice, and the best practices every nonprofit should consider adopting.
What It Means to “Blow the Whistle”
To “blow the whistle” means to report suspected wrongdoing within an organization. A whistleblower policy establishes formal guidelines for employees, board members, volunteers, and others to follow when they become aware of potential misconduct.
The goal is not punishment. The goal is early detection, accountability, and correction before harm spreads. Effective policies encourage reporting by assuring individuals that they can raise
concerns without fear of retaliation, job loss, or reputational damage. Federal and state laws across the United States reinforce this principle by protecting whistleblowers from retaliation and encouraging internal reporting before problems escalate.
Legal Framework and IRS Expectations
Federal law explicitly protects whistleblowers. Section 1107 of the Sarbanes-Oxley Act, codified at 18 U.S.C. § 1513(e), makes it a federal crime to knowingly retaliate against a person for providing truthful information to law enforcement about a possible federal offense. Penalties can include fines and imprisonment of up to ten years, and the law also prohibits destruction of evidence.
Practically speaking, this means nonprofit leaders must take whistleblower complaints seriously, preserve documents, and avoid any actions that could be perceived as retaliation, even indirectly. Iowa law reinforces these principles. The Iowa Nonprofit Corporation Act, Iowa Code chapter 504, imposes fiduciary duties of care, loyalty, and obedience on directors and officers. When credible concerns about misuse of funds, conflicts of interest, or legal noncompliance are raised and ignored, directors and officers risk breaching those duties. A whistleblower policy provides a documented process for receiving and addressing concerns, which can be critical in demonstrating that leadership acted prudently and in good faith.
Iowa nonprofits should also be mindful that retaliation claims may arise under Iowa common law, Iowa civil rights statutes, and federal employment laws applied in Iowa courts. Even volunteers and independent contractors may assert claims when adverse actions follow protected reporting.
The Internal Revenue Service reinforces these expectations through Form 990. Although a whistleblower policy is not technically mandatory, the IRS asks whether one exists and treats it as a hallmark of good governance. To meet the Form 990 standard, the policy must clearly state that the organization protects individuals who report suspected violations of law or organizational policy in good faith.
Why Whistleblower Policies Are Essential for Nonprofits
Nonprofits rely on public trust, donor confidence, and community credibility. This is especially true in Iowa, where many nonprofits operate in close-knit communities and rely on long-term relationships with donors, volunteers, and local stakeholders. Many Iowa nonprofits advocate publicly for accountability, fairness, and ethical conduct. That mission is undermined if similar misconduct is tolerated internally or handled informally behind closed doors.
A strong whistleblower policy helps Iowa nonprofits:
Without a clear policy, individuals may stay silent, misconduct may continue unchecked, and organizations may face far greater legal, financial, and reputational consequences later.
Who the Whistleblower Policy Is For
A whistleblower and retaliation protection policy should apply broadly. It should cover:
Even organizations with no paid staff need whistleblower protection. Volunteers often have direct access to sensitive information and must feel safe raising concerns.
When and Where to Report Misconduct
Concerns should be reported as soon as reasonably possible. Prompt reporting allows the organization to stop ongoing harm, preserve evidence, and respond appropriately. Best practice policies provide multiple reporting channels, such as:
Multiple options are essential, especially when the concern involves a supervisor or senior leadership.
Covered Wrongdoing
A well drafted policy clearly defines the types of conduct that may be reported, including:
Clear definitions reduce uncertainty and encourage reporting.
Reporting Procedures
Effective policies explain how to report concerns and make the process accessible. Best practices include:
Good documentation protects both the whistleblower and the organization.
Investigation Procedures
Once a report is received, the organization must act promptly and responsibly. The policy should describe:
Investigations should be objective, thorough, and conducted by individuals with appropriate independence and authority.
Confidentiality
Confidentiality is critical to effective whistleblower protection. Policies should commit to maintaining confidentiality to the greatest extent reasonably possible. While absolute confidentiality cannot always be guaranteed, especially if legal proceedings follow, failing to promise confidentiality at all will strongly discourage reporting.
Protection Against Retaliation
The policy must clearly prohibit retaliation. Retaliation includes termination, demotion, harassment, intimidation, reduced hours, or any adverse action taken because someone reported
concerns in good faith. Anyone who retaliates should face discipline, up to and including termination or removal from office or board service.
Good Faith Reporting and False Allegations
Whistleblowers must act in good faith and have reasonable grounds to believe misconduct has occurred. Knowingly false or malicious allegations should result in discipline. Importantly, an allegation that cannot be substantiated does not mean it was made in bad faith.
Disciplinary Action and Outcomes
Policies should outline potential consequences when allegations are substantiated, including corrective action, discipline, or termination. They should also address consequences for retaliation and bad faith reporting.
Training and Communication
This is critical. A whistleblower policy is ineffective if people do not know it exists or how to use it.
For Iowa nonprofits, this section should align closely with other governance disclosures and practices reflected on IRS Form 990, including policies addressing conflicts of interest, document retention and destruction, compensation review, and Form 990 review and approval itself. The IRS looks at governance holistically, not in isolation. Best practices include:
Consistent implementation across these policies strengthens credibility if the organization’s governance practices are ever reviewed by the IRS or state regulators.
Support for Whistleblowers
This is equally important. Whistleblowers often experience stress, fear, or emotional strain. Providing access to support resources demonstrates a genuine commitment to ethical culture and
reinforces trust.
Policy Review and Updates
Whistleblower policies should be reviewed periodically and updated to reflect changes in law, organizational structure, and best practices.
Conclusion
A well designed whistleblower and retaliation protection policy is a cornerstone of strong nonprofit governance. It protects individuals, strengthens organizational integrity, and reinforces public trust.
For Iowa nonprofits, whistleblower protection should be viewed alongside other core governance practices reported on IRS Form 990, including conflict of interest policies, document retention policies, compensation approval processes, and board oversight procedures. These policies work together to demonstrate that directors and officers are meeting their fiduciary obligations under Iowa law.
Nonprofits should not treat whistleblower policies as boilerplate or check-the-box documents. They should be tailored to the organization’s structure, actively implemented, and supported by leadership.
I advise Iowa nonprofits on governance, compliance, and risk management. I work with Iowa charities, churches, foundations, associations, and membership organizations to draft, review, and align whistleblower policies with Articles of Incorporation, Bylaws, Form 990 disclosures, and the full suite of IRS-recommended governance policies.
If your Iowa nonprofit needs assistance drafting, reviewing, or updating a whistleblower policy or strengthening its overall Form 990 governance framework, contact me anytime. I offer free consultations. My email is: gordon@gordonfischerlawfirm.com