Ministry Activities on the Internet

ECFA Advisory Opinion 01-1

Much of the Internet’s innovation lies in its unique ability not only to reach a wide audience but also to provide that audience with immediate access to a wealth of information and services. From on-line charitable contributions (including donations received through third-party operated websites) and product sales, to online auctions, Internet-based affinity programs, and much more, the Internet impacts many ECFA members.

ECFA’s Seven Standards of Responsible StewardshipTM apply to charitable solicitation and other member activities, whether the activities are conducted via the Internet or via non-Internet venues. However, certain issues that are not addressed specifically by the Standards—such as privacy, security, and responsible partnering with other organizations—come into focus more sharply because of the Internet. For example, if a charity accepts gifts by credit card, security concerns are heightened. If a donor provides email and other contact information to the charity, privacy issues may arise based on the way the charity uses that information to contact the donor.

The purpose of this Advisory Opinion is to provide basic guidance for ECFA members as they conduct Internet activities.


  • Adopt a written fundraising philosophy. Apply and reapply the philosophy to all fundraising practices—including Internet fundraising.

  • Employ Internet practices that exhibit integrity, honesty, openness, and truthfulness.

  • Comply with all federal and state regulations regarding ecommerce. This includes charitable gift acknowledgments, state charitable solicitation registration, sales taxes, privacy, and unrelated business income issues.

  • Protect your organization’s intellectual property rights and avoid infringing on the rights of others. A website may implicate rights under patent, copyright, trademark, trade secret, unfair competition, consumer protection, security, privacy, and publicity laws.

  • Apply your ministry’s functional expense allocation procedures to its ministry’s Internet activities.

  • Decide whether accepting gifts via credit cards is consistent with your ministry’s fundraising philosophy. Some ministries do not want to accept gifts at the risk of increasing a donor’s credit card debt. Other ministries accept donations by credit card but communicate concerns about credit card debt to their donors.

Contracts with Internet Vendors

  • Before entering into contracts with Internet vendors, perform due diligence on the vendor.

  • Establish appropriate warranties, confidentiality guarantees, and indemnification provisions in all agreements with Internet vendors.

Fundraising and Product Sales Transactions

  • An Internet-based provider should charge reasonable transaction fees (credit card and other transaction-based fees). ECFA’s Standard 7.7 does not apply to reasonable transaction fees paid to Internet fundraising integrators based on a percentage of the gift. In these instances, ECFA believes that donor-protection concerns are minimal.

  • Clearly document how contributions will flow to the charity from an Internet-based service provider. Clarify the extent of your organization’s legal control over contributions and other funds.

Charitable Gift Acknowledgments

  • Comply with charitable gift receipting requirements. The IRS has confirmed that email gift acknowledgements meet these requirements. Additionally, electronic receipts are acceptable when issued through a third party if the third party is actually an agent of the charity under state law (IRS Publication 1771).

  • Provide adequate communication for quid pro quo transactions. If a ministry provides a product in exchange for a donor’s gift, the ministry should communicate this fact, as well as the value of the product.

  • Give donors an opportunity to reject your ministry’s product before sending it to the donor

Financial Data

  • If an ECFA member chooses to post the organization’s audited financial statements on their website, the entire audit report (excluding the management or comment letter), including the auditor’s opinion letter and the footnotes to the financial statements should be posted

  • ECFA requires that, upon request, every member ministry must provide a report, including financial information, on the project for which it is soliciting gifts. The ministry’s website could be used to comply with this ECFA Standard by providing project reports on a widely available basis.


  • Conduct online transactions only through systems that employ high-level security technology.

  • Prepare an appropriate and accurate information security policy that addresses such issues as secure storage of data, secure transactions, and other similar items.

  • Periodically (at least annually) test website security. Consider using an external security firm to regularly perform an independent assessment of the ministry’s online security.

  • To communicate your security policy to website users, clearly post it on your website.


  • Protect the privacy of individuals interacting with your organization’s website. Collect only necessary information and avoid unnecessary data that might compromise an individual’s privacy.

  • Make it easy for individuals to “opt-out” of email lists (as well as surface mail lists) to prevent the dissemination of unwanted communications.

  • Allow individuals to “opt-in” before selling, transferring, or otherwise distributing the data to a third party for communication, advertising, or promotion purposes.

  • Prepare a confidentiality agreement to be signed by all individuals with access to donor data.

  • Prepare a privacy policy that is credible, effective, and meaningful. It should address issues such as confidentiality, use of information, use of cookies, conditions for release of individual data, and similar items.

  • To communicate your privacy policy to website users, clearly post it on your website.

Hyperlinks to Other Sites

  • When linking to other websites, perform adequate due diligence (including financial due diligence) to ensure that third-party organizations are trustworthy and that any products offered or ministries promoted by the third party are consistent with the mission of your charity.

  • If your ministry is hyperlinked other websites, review hyperlinks annually to monitor any risk management issues that may arise resulting from the links.

Hyperlinks by Others to Your Ministry’s Site(s)

  • When others link to your site(s) with your permission or knowledge, perform adequate due diligence to ensure that third-party organizations are trustworthy and that any products offered or ministries promoted by the other organization are consistent with the mission of your charity.

  • If a third-party organization places information about your organization on its website, periodically review the information to ensure its accuracy.


  • Promptly respond to all Internet-related complaints. Employ your best efforts to fairly resolve in a timely fashion all legitimate complaints relating to transactions conducted through your website.




This text is provided with the understanding that ECFA is not rendering legal, accounting, or other professional advice or service. Professional advice on specific issues should be sought from an accountant, lawyer, or other professional.