How to counter your vulnerabilities
Every organization — whether for-profit or nonprofit — is at risk of falling victim to costly acts of fraud. Nonprofits, though, have some common characteristics that can make them particularly susceptible to such schemes. Fortunately, you can help combat the risks at your nonprofit by implementing some simple controls.
Not-for-profits tend to operate in a culture of trust and rapport, and that’s one reason that they’re attractive targets for fraud perpetrators. Organizations are often founded by a handful of passionate and idealistic volunteers and develop over time into a team with tighter relationships than typically seen in many for-profit businesses. As a result, management may not feel the need for antifraud controls, or they find it hard to ask tough questions when confronted with possible signs of fraud.
Similarly, many nonprofits place significant control in the hands of a limited number of people — for example, the founder, CEO or executive director. This is a risk even in an organization with some internal controls, because these powerful individuals can simply override the controls, with lower-level staff too intimidated to intervene.
Nonprofits that have a lot of cash on hand, either in the office or at remote events, also can run into fraud problems. Cash has a way of disappearing into people’s pockets, especially at events held without proper accounting procedures. Creating a paper trail, with numbered tickets or receipts and multiple people involved every time cash is handled, helps mitigate the risk.
These aren’t the only factors that make not-for-profits so vulnerable to fraud. High turnover among staff, volunteers and board members, as well as limited resources, also may contribute.
Internal controls in the form of strong policies, procedures and governance are a must for every nonprofit, regardless of size. Controls can help deter and detect fraud.
Perhaps the most critical control is segregation of duties. A single employee should never be responsible for all the steps in any accounting process — for example, collecting, recording, reconciling and depositing cash receipts. Segregating duties can be a challenge for smaller nonprofits. But, at the very least, the duties of handling and reconciling funds should involve more than one individual. And a separate individual should receive and review bank statements. If your nonprofit lacks the manpower, consider including board members or outside advisors to segregate duties.
Nonprofits also should conduct background checks on board members, employees, volunteers and anyone else who might handle cash. The checks should encompass credit history, references and criminal history and be updated periodically. Keeping a would-be perp out of the organization is well worth the cost of a background check.
Governance plays a role in deterring and detecting fraud, too. Your board of directors must perform proper oversight by, for example, naming qualified individuals to independent finance and audit committees. It also should set an antifraud tone by developing — and enforcing — policies on matters such as conflicts of interest and the treatment of whistleblowers.
The Association of Certified Fraud Examiners has consistently found that tips are the most common (and low-cost) detection method for occupational fraud. It’s best if tips are reported to the board or one of its committees, rather than management. The organization should make an anonymous fraud hotline available to employees, volunteers, vendors and clients.
Finally, you’ll need to formally educate your employees about fraud. You should provide training on the organization’s antifraud policies, red flags that could signal fraud and how the hotline works. Board members and volunteers with financial responsibilities should receive training, as well.
An ounce of prevention …
You can’t prevent all fraud — no organization can. But you can reduce the risk of substantial fraud losses by recognizing your vulnerabilities and taking appropriate steps to mitigate them and to investigate thoroughly when fraud is suspected. Choosing to ignore fraud and hope for the best may result in suffering both financial and reputational damage.
Sidebar: Understanding the fraud triangle
According to the Association of Certified Fraud Examiners, organizations worldwide lose about 5% of annual revenue to occupational fraud. Experts say occupational fraud is more likely to take place when three conditions are present: motive, rationalization and opportunity.
Motive. The motive leg is sometimes referred to as “pressure.” The perpetrator has some motive to commit the fraud, and it often comes in the form of pressure, such as pressure to meet organizational goals. Motive also can be personal, including the need to pay off debt.
Rationalization. Perpetrators are capable of justifying their dishonesty. Fraudsters might rationalize that they’ll pay the organization back eventually or that they deserve stolen assets because they feel they’re underpaid.
Opportunity. Opportunity is the leg of the fraud triangle that employers can control. Perpetrators take advantage of opportunities when they think they won’t get caught. Weak internal controls and poor management can present opportunities for fraud.