Every organization, whether for-profit or nonprofit, is at risk of falling victim to costly acts of fraud. Nonprofits, though, have some common characteristics that make them particularly susceptible to such schemes. Fortunately, you can help combat the risks at your nonprofit by implementing some simple controls.
Nonprofits tend to operate in a culture of trust and rapport, and that is one reason that they are attractive targets for fraud perpetrators. Organizations are often founded by a handful of passionate and idealistic volunteers and develop over time into a team with tighter relationships than typically seen in many for-profit businesses. As a result, management may not feel the need for antifraud controls, or they find it hard to ask tough questions when confronted with possible signs of fraud.
Similarly, many nonprofits place significant control in the hands of a limited number of people. This is a risk even in an organization with some internal controls, because more powerful individuals within an organization can simply override the controls, with lower-level staff too intimidated to intervene.
Nonprofits that have a lot of cash on hand, either in the office or at remote events, also can run into fraud problems. Cash has a way of disappearing into people’s pockets, especially at events held without proper accounting procedures. Creating a paper trail, with numbered tickets or receipts and multiple people involved every time cash is handled, helps mitigate the risk.
These are not the only factors that make nonprofits so vulnerable to fraud. High turnover among staff, volunteers and board members, as well as limited resources, also may contribute.
Internal controls in the form of strong policies, procedures and governance are a must for every nonprofit, regardless of size. Controls can help deter and detect fraud.
Perhaps the most critical control is segregation of duties. A single employee should never be responsible for all the steps in any accounting process — for example, collecting, recording, reconciling and depositing cash receipts. Segregating duties can be a challenge for smaller nonprofits. But, at the very least, the duties of handling and reconciling funds should involve more than one individual. And a separate individual should receive and review bank statements. If your nonprofit lacks the manpower, consider including board members or outside advisors to segregate duties.
Nonprofits also should conduct background checks on board members, employees, volunteers and anyone else who might handle cash. The checks should encompass credit history, references and criminal history and be updated periodically.
Governance plays a role in deterring and detecting fraud, too. Your board of directors must perform proper oversight by, for example, naming qualified individuals to independent finance and audit committees. It also should set an antifraud tone by developing — and enforcing — policies on matters such as conflicts of interest and the treatment of whistleblowers.
The Association of Certified Fraud Examiners has consistently found that tips are the most common (and low-cost) detection method for occupational fraud. It is best if tips are reported to the board or one of its committees, rather than management. The organization should make an anonymous fraud hotline available to employees, volunteers, vendors and clients.
Finally, you will need to formally educate your employees about fraud. You should provide training on the organization’s antifraud policies, red flags that could signal fraud and how the hotline works. Board members and volunteers with financial responsibilities should receive training, as well.
An ounce of prevention …
You can not prevent all fraud — no organization can. But you can reduce the risk of substantial fraud losses by recognizing your vulnerabilities and taking appropriate steps to mitigate them and to investigate thoroughly when fraud is suspected. Choosing to ignore fraud and hope for the best may result in suffering both financial and reputational damage.