Nine vulnerabilities nonprofits must deal with. It took me, Matthew Davis, years of practicing law to finally reach an epiphany about what the law is ultimately all about. It is about protecting clients from vulnerabilities. Rather than be vulnerable, we want our clients to be strong and protected. This fundamental truth pervades the law the way the Force runs through the Star Wars universe. It is a soup to nuts proposition, but one that the law never has seemed to grasp. Perhaps it is akin to the old truism that a fish doesn’t even know it is in water.
Matthew Davis, Davis Business Law
The realization that vulnerabilities are the stock and trade in the law provides a much more constructive vantage point to determine not only how best to help a client with an active problem but also how to ask the right questions to root out their latent vulnerabilities. They are incredibly important to deal with. One of my stock phrases is, “You have to deal with your vulnerabilities or they are going to deal with you.” Unfortunately, they seem to “deal” with all of us at maximum inconvenience if we do not nip them in the bud.
There are vulnerabilities milling or lurking everywhere inside and outside of your nonprofit organization. The fortunate news is you can sort them into nine categories and, by doing that, have a framework to deal with them. You need to think about them to protect your organization. From my perspective as general counsel for many nonprofits, I work proactively with my clients to prepare for them. Sometimes our goals are prevention and other times it is preparation for safe navigation around these vulnerabilities. Here are the categories I use to identify where the vulnerabilities are lurking in their organizations.
That’s right, it is you. You are part of the problem. You are not superhuman. You are likely an exceptional human with all sorts of vulnerabilities. Superman had his kryptonite. Luke Skywalker had his ambivalence over his father and lack of faith in the Force. Sampson had his hair cut and it cost him dearly.
You have your weaknesses, shortcoming or bad habits. They will likely be demonstrated in how you run your organization. For instance, I have an unwarranted aversion to Excel spreadsheets, which drives my team crazy. I am a virtuoso in using the Tables feature of Word replete with formulas, which means I should be at Excel, but I refuse to adapt. It is my Kryptonite and I would be a more effective leader if I took the plunge. I need to get over it and once I do, I am sure I will find another. Honestly dealing with your vulnerabilities is a key to the personal development that drives organizational growth and improvement.
Your board has a stake in your organization. Aside from the investment of their time, many, like you, will likely be passionate about the work your organization does. They may also have strong opinions about how to do it. Any and all of these create vulnerabilities in your nonprofit organization. They add an element within your organization that is not entirely within your control. You now have other people to deal with and will have to take their interests into account.
This is where having clear “crucial conversations” with the interested board members becomes extraordinarily important so that you are on the same page. If not, they may seek to take on the mantle of leadership and create untold difficulties for you. This is a recipe for disaster that will sap the strength of your organization. The difficulties inherent in these situations is a vulnerability I encourage my clients to deal with head on by maintaining close and frank relationships with their boards.
Your vulnerabilities to your employees are as myriad as the stars in the sky. There are potential liabilities for payroll errors, discrimination, and wrongful termination, just to name a few salient ones. Then there is your property, particularly your intellectual property in the form of customer lists, trade secrets, and proprietary processes, again just to name a few.
On top of this, you need them to get the work done and to get it done right. You rely on them, so you are vulnerable to them. You must have safeguards in place that ensure they are getting the job done right.
I have a presentation I use at our firm retreats called, “What the hell does Van Halen have to do with running a law firm?” We turn on some Van Halen classics, get out the M&Ms, and start separating out the brown ones. As we do this, I relate the story of how Van Halen had a rider in their concert contracts requiring bowls of M&Ms backstage with all the brown ones removed.
The press picked up on this as an indicator of the band being a bunch of frivolous prima donnas. In fact, the opposite was true. Their stage gear was much heavier than the other bands then on tour. If the stages were not properly braced per the same contract, it endangered the band and the crowd. The “No Brown M&M’s” clause was there to let the band know the crew was paying close attention to the requirements of the contract.
You should build in similar safeguards to make sure your employees do not increase your vulnerability by doing slipshod work. Feel free to borrow the Van Halen presentation; you will be surprised how much cooler you feel laying down the law.
Every nonprofit organization should remain concerned about the other players out there trying to steal your donors and opportunities. This is different than how a for-profit business thinks about this, but there are common threads. You need to be aware if someone else is after your funding sources or offering the same services. If you do not, you can get your income stream taken away. For-profit businesses are replete with examples of this. We can start with Wal-Mart, who did not seem to have concerned themselves enough with what Amazon could do to them. Wal-Mart’s annual revenue is increasing slowly past $500 billion while Amazon will blow past $250 billion this year with recent growth rates over 30%. Imagine if Wal-Mart had latched on to online shopping with the intensity Amazon did. It seems evident that a large part of that $250 billion in revenue would have accrued to Wal-Mart, not to mention what Amazon grabbing that market share did to K-Mart and Sears. Fortunately, you probably will not face competition as aggressive or as well run as Amazon. Still, we all know that there are other nonprofits that would love to have your donors and income stream. It is why we protect our donor and/or customer base. It is why we do not talk too loud about our trade secrets. They are always there, watching like a hawk trying to steal your nest eggs.
I remember as a kid back in the 1980s when my mom was on the board of our local private university. Just like your organization probably is, it was a nonprofit that depended on donors to keep afloat. I remember the president of the university being at our house bemoaning how he had just lost several millions of dollars in pledges because of a similar oil price crash back then. They had, in effect, staked their future on the oil market and that nonprofit no longer exists. Many of my for-profit clients are either directly in the oil business or rely on it for a large percentage of their revenue. It is a commodity market with the price dependent on global supply and demand. Producers can fill up a tanker and ship it where the demand is. In 2014 the price crashed from around $120 per barrel down to below $30. That crash is absolutely sobering to think that your revenue could be cut by 75%. To make matters worse, you will likely not have a commensurate reduction in your fixed costs. You should know your donors well because their income is often your revenue.
Ronald Reagan once famously and accurately said, “The most terrifying words in the English language are “I’m from the government and I’m here to help.’ ” I might even take this a step further to where the government shows up to regulate or even persecute your nonprofit organization. This is a standard fear in the world of for-profit businesses and, in the nonprofit world, the vulnerability goes even deeper because often the government is a funding source. They can pull this right out from under your organization. Both regulation and funding pose very real vulnerabilities to your organization and each vulnerability is critical. Dealing with the regulatory environment means close attention and adherence to the regulations governing your nonprofit. If you do not do this, it can also lead to unwanted attention from the agency or commission with their hand on your purse strings. In short, smart nonprofit managers keep a wary eye on how the government can pose a threat to their mission.
It is true – those people or companies that pay for your goods or services can be one of your biggest vulnerabilities. This comes in a number of forms. On one end of the spectrum, you may take a batch of customers bent on dragging you down. We have a non-profit client that recently dealt with a customer who drummed up the most ridiculous racial discrimination charges. This was nothing short of an attempted shakedown. Fortunately, we were prepared to push back and it came to nothing. The other end of the spectrum is having “too good” of a customer. This is the “Don’t put all your eggs in one basket” problem. Having one customer as a huge part of your revenue is an extreme vulnerability. I recognized this in my business a few years ago where we had one client grow quickly to 40% of our revenue. It came as kind of a shock that they got so big and controlling this vulnerability is one of the two reasons that propelled me to grow my law firm. This is an easy vulnerability for non-profits to get into as well and it is one that demands some diversity in who you serve.
Who supplies your nonprofit’s needs is also a vulnerable spot. The issue may come in having a bad vendor that supplies bad ingredients or fails to deliver on promises that your organization relies on. You rely on these companies or individuals like you do your employees, so the vulnerabilities are analogous. We had a recent example of the latter with our former SEO company. They repeatedly failed to deliver reports that we rely on to gauge the success of our marketing efforts and were likewise not delivering on the promised results on search results. We are a growth company and these deliverables are key to our plans.
When you can, work with a vendor that is experienced and/or specializes in working with nonprofit organizations. If you are looking for SEO services for nonprofits, use a vendor that works with nonprofits. Usually there is an additional value to be found there, such as specific programs or grant opportunities that other vendors would not know about. Again, borrowing from Reagan, your attitude towards all your vendors should be “Trust, but verify.” Having great vendors is one of the keys to maintaining your sanity and also protecting your organization.
Many years ago, I learned that people call lawyers for problems involving three things: their time, their money, and their reputation. The first eight vulnerabilities covered relate to time and money. Reputation, though, is a beast in and of itself. Given the influence online reviews have in buying choice, reputation is a bigger vulnerability than ever, if only because it is so much more readily accessible. There are some things you can do to affect your online reputation, like developing a strategy to get good reviews from your raving fans or responding to the unfortunate reviews. Regardless, the importance of reputation in maintaining your non-profit demands your attention in an active audit strategy. Any of these nine vulnerabilities can lead to needing legal help to fix an active problem. This is why knowing where you are vulnerable is so powerful in protecting your organization so it can effectively and efficiently achieve its goals. From my perspective as a general counsel, I find examining our client’s vulnerabilities at their sources a much more effective way of protecting their non-profits as opposed to going down the usual litany of legal subjects we learned in law school: Property, Contracts, Torts…. Vulnerabilities are where the law meets the non-profit world and knowing where the danger points are gives us the power to protect our clients so they have the freedom to improve and grow their organizations.