Why Treasurers Love FutureFund

• Campaign Summary
• Campaign Detail
• Cash Reconciliation
• Category Sales
• Corporate Matching Summary
• Daily Registration Statistics
• Donation Detail
• Failed Installment Plan
• Installment Plan
• Leaderboard
• Offline Payment
• Payment Type
• Transaction Detail
• Student Campaign Purchases
• Unit Sale

FutureFund is designed to help you stay compliant with all major federal and state-specific financial regulations, including:

• The Internal Revenue Code: PTAs and other nonprofits are governed by specific sections of the Internal Revenue Code—particularly Section 501(c)(3), which outlines the requirements for tax-exempt status.

• State Nonprofit Corporation Statutes: Each state has its own laws governing nonprofit corporations, which PTAs must follow. These laws cover aspects such as governance, fiduciary responsibilities, and reporting requirements.

• State Charitable Solicitations Laws: Most states have laws that regulate how organizations can solicit funds from the public. These laws may require registration, reporting, and adherence to certain operational standards.

FutureFund is designed to be compliant with the requirements of the Americans with Disabilities Act (ADA). Our platform is built with user-friendliness and accessibility for all users, including those with disabilities, as core priorities. We also adhere to Web Content Accessibility Guidelines (WCAG) 2.1, which covers a wide range of recommendations for making web content more accessible, including:

• Visual elements such as color contrast for those with vision impairments
• Support for assistive technology like screen readers for the blind or visually impaired
• Navigability by keyboard for those who may be unable to use a mouse.

FutureFund’s commitment to ADA compliance helps us not only serve a wider community but also offer a seamless experience for all users—enabling PTAs, schools, and other groups to engage more effectively with all parents and volunteers.

We built FutureFund specifically to support K-12 PTAs and school groups. Our team are PTA members ourselves, and we understand the relationships between parents, teachers, and students—so we created tools that solve the unique challenges these groups face when it comes to effectively organizing and fundraising.

FutureFund is built to comply with all major financial regulations and data privacy laws governing PTAs and school groups in the United States. This includes Federal and state-specific legislation, such as:

• The Family Educational Rights and Privacy Act (FERPA)
• The Children’s Online Privacy Protection Rule (COPPA)
• The California Consumer Privacy Act
• Assembly Bill 1584
• The Payment Card Industry (PCI) Data Security Standard (DSS)

Our platform also makes use of current technologies designed to provide extra layers of security when handling sensitive information. These include:

• TLS/SSL (Transport Layer Security/Secure Sockets Layer): These are cryptographic protocols designed to provide secure communication over a network by encrypting data in transit between client and server.
• WAF and DDOS Protection (Web Application Firewall and Distributed Denial of Service Protection): These are security measures to protect websites from harmful traffic, with WAF filtering, monitoring, and blocking HTTP traffic to and from a web application, and DDOS protection preventing overload of a network or server by a flood of internet traffic.
• Penetration Testing: This is a method of evaluating the security of a computer system or network by simulating attacks from malicious sources to identify vulnerabilities.
• Load Balancer Based Compute Isolations: This is a strategy of distributing network or application traffic across many servers to improve responsiveness and availability, while isolating workloads for security and fault tolerance.
• Role-based Access Control: This is a method of regulating access to computer network resources based on the roles of individual users within an organization, ensuring that only authorized individuals can access specific resources.
• Secure Logging: This is the process of recording events in a system in a manner that prevents tampering or deletion, providing a reliable record for security auditing and incident response.
• Static and Dynamic Code Analysis: These are methods of examining source code or running applications to find potential security vulnerabilities, with static analysis checking code without executing it, and dynamic analysis testing code while it’s running in a real or simulated environment.
• OWASP Secure Coding Principles (Open Web Application Security Project): These are a set of principles and best practices for secure coding aimed at preventing security vulnerabilities in web applications, as defined by the non-profit OWASP organization.
• Credit Card Tokenization: This is an advanced security process that protects sensitive payment information during transactions.