ACNC tightens screws on NFPs with complex corporate structures

The Australian Charities and Not-for-profits Commission (ACNC) announced it will focus on the misuse of complex corporate structures this year.

ACNC commissioner Sue Woodward said the commission is "becoming increasingly concerned about the misuse of complex structures, where they may be part of attempts to conceal non-compliance with the ACNC Act and regulations."

"Charities are free to use a variety of structures to suit their purpose and we acknowledge there can be good and legitimate reasons to do so. However, the decision to utilise complex structures, or the gradual and perhaps ad hoc development of complex structures, also comes with more complex governance obligations," Woodward said.

"While many charities are well advised and adhere to robust compliance regimes, there are others which may not appreciate that complex structures bring associated governance complexity and risk. Inadvertent non-compliance is more likely because there may not be clear delineation in the oversight of each entity, including the required focus on each charity's particular charitable purpose."

Sponsored by Macquarie Fixed income ETFs: The opportunity is now

She said that at rarer and more extreme end, the ACNC is concerned about entities deliberately using complex corporate structures to try and obscure illegal activities.

"Our enforcement and compliance activities will focus on charities that attempt to conceal non-compliance with the ACNC Act and Regulations by deliberately using complex structures to avoid adherence to the law we administer. We will also continue to refer matters to other appropriate government agencies when we have concerns about suspected breaches of other laws," she said.

Another compliance focus for the commission is the challenges charities face relating to cybersecurity.

"This is a key governance risk for charities," Woodward said.

"In our reviews we work with charities to better understand how they protect themselves from cyber risks and manage cyber security incidents."

The ACNC plans to ask questions about what makes charities vulnerable to cybercrime, how charities manage and mitigate cybersecurity risks, and how they ensure third parties manage risk on their behalf.

The commission's areas of priority are determined by a number of factors, one of which being the number of reports it receives. The ACNC receives about 2300 reports each year in relation to registered charities.