How long to keep your tax records: Decision making and destruction

In my last blog post, we talked about the different types of records and whether to keep them.


After you’ve asked yourself:  What types of records do we keep and what do we toss?


It’s time to ask yourself two more important questions:
1. Who gets to decide what to keep and what to toss?
2. How do we dispose of this potentially confidential information? Trash, recycle, shred?


2. Who gets to make the decision on what to dump and what to keep?
Sure, maintaining, storing the financial records seems like a clerical task. It would be easy to delegate the annual document purging to a member of the finance or administrative team. But remember, this is important confidential financial information There are special considerations for nonprofit organizations and they have a higher standard of care. Most states have laws regarding fiduciary duties of nonprofit organization and their management. In addition, the IRS felt it was important to address Document Retention as part of the Governance Policy questions on page 6 of the Form 990. Many nonprofit organizations are required to have audits and for that purpose, most nonprofits keep 1 – 2 years of records on-site to support the audit. The auditors provide a list of documents that are required for the annual audit and tax returns, often called a PBC list, “Prepared By Client.” It lists most of the items that you will find on the Document Retention policy. Many nonprofits also have grants in which the grantors may require that they keep supporting documents for a period of 3 – 5 – 7 years. This might include grant claim forms, supporting expense documentation, employee time records, and client attendance records. In 2005 and 2010, the AICPA Published an Audit Committee Toolkit and included a “Document Retention and Destruction Policy” that was developed by the Minnesota Council on Charities. It’s a great sample checklist.




Does your organization have a Document Retention/Destruction policy?


Given these factors, the decision making for document retention and destruction lies with the Board of Directors. Each organization should prepare, review, and approve a Document policy that fits their organization. The policy should identify:

  • The types of records generated and maintained.
  • The types of records generated and maintained.How long to store each type.
  • How long to store each type.Who should supervise and review the annual storage and
  • Who should supervise and review the annual storage and destruction.How records should be purged, recycled, or destroyed.
  • How records should be purged, recycled, or destroyed.
  • Who should review and approve the policy depends on the nature of the records that must be kept.


For a staff review: The policy should be reviewed internally by key staff including the CEO/Executive Director, CFO/Controller, Grants Manager, and Program staff.


For a board review: The policy should be shared with the Board annually and reviewed to determine if any changes should be made.


The policies should be reviewed annually with the board, and staff should ensure that they are properly followed. This should be documented in the board meeting minutes. Next, it’s time to get rid of those big boxes on the shelf!


3. How do we dispose of this potentially confidential information? Trash, recycle, shred?

Now that you know what to toss and it’s been approved, the natural inclination might be a dumpster? Recycle? It’s probably more than you poor little office shredder can handle. But honestly, shredding and secure destruction is the correct answer. Let’s talk a little bit about why this is SOO important! If you’re tossing bank statements, they obviously include bank account numbers. But the statements might also list electronic deposits or payments including names of Customers, Vendors, or Employees. This information should be protected. Payroll information is even trickier. Various payroll reports might contain names, addresses, pay rates, social security numbers, and sometimes even banking information for direct deposit. Your organization needs to protect this information for the sake of the employees and for you own corporate liability.

Carol Stachwick offers accounting, consulting, and productivity services to private and nonprofit organizations.
You can learn more about how she can help get your books in order and make your life easier here.


Contact Carol today for a consultation.
P: 858-935-6114


This information is of a general nature. This blog post does not constitute an accountant-client relationship and should not be considered legal advice. Be sure to consult with your tax preparer or legal counsel for your particular situation.