Signatory (Draft Policy)
This is a DRAFT or SUBSTANTIALLY MODIFIED existing policy currently in an open review period.
Members are invited to provide feedback on this draft policy until May 12, 2026. The Policy Review Team will respond to comments mailed from your owasp.org email address to this address.
Financial and Spending Authority
Executive Director
The Executive Director, subject to the quarterly total spending as set forth in the Quarterly Breakdown of the Annual Budget (Quarterly Plan) approved by the Board of Directors (Board) and exercising all necessary due diligence and care, is individually authorized by this delegation to obligate the funds of the OWASP Foundation (OWASP), to execute agreements reflecting those obligations, and to further delegate this authority as deemed appropriate, up to and including the limits set forth below per transaction, such limit shall include integrated or related transactions.
Budgeted or Discretionary per transaction (or related transactions), grant making, awards and scholarships, expense approvals, legally binding contractual arrangements, and purchasing assets:
- $0 - $25,000 Executive Director can sign and approve without second approver
- $25,001 to $250,000 Executive Director and Treasurer or Chair can sign and approve without Board approval
- $250,001 or more requires an affirmative majority Board vote
Signing authority:
- Transferring funds between and managing OWASP bank accounts and other financial accounts: $250,000
- Budgeted General Operational Spending (e.g. payroll, expenses, and accounts payable): $850,000
Any spending which exceeds the Quarterly Plan by more than 10%, must be approved by an affirmative majority vote of the Board of Directors.
Chief Financial Officer
The Chief Financial Officer is authorized to oversee and manage the OWASP’s bank accounts and other financial services related accounts, such as payments processing (or similar financial institution), and to authorize the transfer of funds from one OWASP account to any other OWASP account, and to further delegate this authority, up to and including the limits set forth below per transaction, which includes integrated or related transactions. Any transfer of funds from one OWASP account to any other OWASP account exceeding the amounts set forth in the immediately preceding resolution must be approved in writing by or signed by the Treasurer of the Board or Chair of the Board.
- Bank accounts $100,000
- Investment accounts $200,000
- Payment processing, or other financial institutions $850,000
Terms
Payments conforming to the limits and specifications above will be presented to the Chair and Treasurer of OWASP for review prior to final processing. Either the Chair or Treasurer may refuse payment with an email received within 72 hours of presentation indicating its denial, otherwise those payments are considered approved for processing.
These polices are subject to annual review by the Board and shall be considered in effect, unless revoked by resolution of the Board. All delegations of authority granted in these policies are limited by the quarterly budget totals as set forth in Quarterly Plan as approved by the Board, which retains the right to alter spending authority limits required.