EN
Home / Legal / Compliance

Compliance Framework

Our Commitment to Legal, Ethical, and Regulatory Standards

Our Compliance Commitment

Utafiti Wellness Research Association is committed to maintaining the highest standards of legal, ethical, and regulatory compliance in all our operations. This Compliance Framework outlines our approach to meeting our obligations and ensuring transparency in our governance.

Data Protection Act Compliant Registered under Kenya's Societies Act

Governance Structure

Board of Directors

Strategic Oversight

Key Responsibilities:

  • Setting organizational strategy and policy
  • Financial oversight and risk management
  • Ensuring legal and regulatory compliance
  • Appointing and evaluating Executive Director

Executive Management

Operational Leadership

Key Responsibilities:

  • Implementing Board decisions and policies
  • Day-to-day operational management
  • Compliance program implementation
  • Staff supervision and development

Compliance Committee

Compliance Oversight

Key Responsibilities:

  • Monitoring compliance with laws and regulations
  • Investigating compliance concerns
  • Recommending compliance improvements
  • Training and awareness programs

Regulatory Compliance

Primary Regulatory Bodies

NGO Coordination Board

Registration Number: Available on Formal Request

Annual Returns: Filed by Feb 10, each year

Compliance Status: Active and Current

Data Protection Commissioner

Registration: Data Controller (Pending)

Primary Law: Data Protection Act, 2019

Compliance Status: Fully Compliant

Kenya Revenue Authority

PIN Number: Available on Formal Request

Tax Status: Request Access for Notification

Compliance Status: Tax Compliant

Ministry of Health

Collaboration:MOU(Pending)

Reporting: Program reports to be submitted annually

Compliance Status: Partnership Compliant(pending)

Financial Compliance

Financial Governance Framework

Financial Reporting

  • Annual financial statements prepared in accordance with International Financial Reporting Standards (IFRS)
  • Quarterly management accounts reviewed by Finance Committee
  • Annual external audit by registered audit firm
  • Donor-specific reporting as per funding agreements

Donor Fund Management

  • Segregated accounting for restricted and unrestricted funds
  • Donor fund utilization tracking system
  • Regular fund utilization reports to donors
  • Independent project audits for major grants

Internal Controls

  • Dual authorization for payments above KES 50,000
  • Regular bank reconciliations
  • Fixed asset register maintained and updated
  • Petty cash controls and regular counts

Anti-Fraud Measures

  • Whistleblower policy and protection mechanisms
  • Regular fraud risk assessments
  • Staff training on fraud prevention
  • Independent investigation of suspected fraud

Ethical Standards & Code of Conduct

Core Ethical Principles

Integrity

We maintain honesty and transparency in all our dealings.

Accountability

We take responsibility for our actions and decisions.

Respect

We value and respect all stakeholders and communities.

Excellence

We strive for the highest standards in all our work.

Code of Conduct Compliance

All staff, volunteers, and board members must adhere to our comprehensive Code of Conduct, which includes:

Conflict of interest disclosure and management
Anti-corruption and bribery prohibition
Confidentiality of sensitive information
Professional boundaries with beneficiaries
Equal opportunity and non-discrimination
Environmental sustainability practices

Research Ethics & Compliance

Institutional Review Board (IRB)

Research Protocol Review

All research projects undergo rigorous ethical review by our Internal Review Board before implementation.

Participant Protection

Informed consent, confidentiality, and risk minimization are central to all our research activities.

Health Research Compliance

We comply with the Scientific and Technical Act and Ministry of Health research guidelines.

Key Ethical Requirements

Requirement Implementation Review Frequency
Informed Consent Written consent for all research participants Per project
Data Protection Anonymization and secure storage Quarterly
Risk Assessment Comprehensive risk analysis Per project
Benefit Sharing Results shared with participating communities Post-project

Monitoring & Reporting

Compliance Monitoring System

Regular Audits

  • Financial Audit: Annual external audit
  • Internal Audit: Quarterly reviews
  • Program Audit: Bi-annual program reviews
  • Compliance Audit: Annual comprehensive review

Reporting Schedule

  • Monthly: Financial and program reports
  • Quarterly: Board reports and compliance updates
  • Annually: Annual report and financial statements
  • As Required: Regulatory filings

Incident Reporting

  • 24-hour incident reporting mechanism
  • Confidential reporting channels
  • Investigation protocol for compliance breaches
  • Corrective action tracking system

Public Reporting

We believe in transparency and publicly report on our compliance through:

Website Publications

Annual reports, financial statements, and compliance updates

Annual General Meeting

Public presentation of organizational performance

Regulatory Filings

Timely submission to all regulatory bodies

Training & Capacity Building

Compliance Training Program

Board Level Training

Frequency: Annual

Topics: Governance, fiduciary duties, risk management

Duration: 2 days per year

Staff Training

Frequency: Quarterly

Topics: Code of conduct, data protection, anti-fraud

Duration: 4 hours per quarter

Volunteer Training

Frequency: Pre-engagement and annual refresher

Topics: Ethical conduct, child protection, confidentiality

Duration: 8 hours initial, 2 hours annual

Compliance Certification

Key staff members hold certifications in:

Certified Compliance Professional Data Protection Officer Internal Auditor Risk Management

Compliance Contacts & Reporting

Compliance Officer

Primary Compliance Contact

compliance@utafitiwellness.org

+254 795 561 169

Response Time: Within 48 hours

Whistleblower Reporting

We encourage reporting of any compliance concerns through our confidential channels:

Protection Guarantee: We prohibit retaliation against individuals who report concerns in good faith.

Document Control

Document Version

Version 2.0

Effective Date

January 1, 2026

Next Review Date

January 1, 2027

Approved By

Board of Directors

Revision History

Version Date Changes Approved By
1.0 March 2025 Initial Framework Board Resolution 2025/03
2.0 Jan 2026 Comprehensive update and expansion Board Resolution 2026/01