By: Dave Studebaker
Unfortunately, nonprofits are not immune to fraud. In fact, some would say that nonprofits make the perfect target for fraud: they often have a small, trustworthy staff with limited segregation of duties and weak internal control systems. A 2012 study by the Association of Certified Fraud Examiners (ACFE) estimates organizations suffer losses averaging 5% of revenues annually. How much does that equate to in your organization?
The most common type of fraud is misappropriation of assets, which can occur through false time or expense reporting, skimming cash, fictitious payments (either fake vendors or fake employees), or theft of the organization’s physical property.
In order to reduce risk of fraud, one must understand fraud, especially the three conditions which develop into the “perfect storm” for a fraud. When all three are present, risk of fraud increases dramatically.
Pressure: This is the motivation for the fraud in the first place. The individual has financial problems he/she is unable to solve through legitimate means. Issues and home, unexpected medical expenses, gambling or drug additions are common pressures that have led to frauds.
Opportunity: The individual observes a weakness in the organization’s control systems that allow a fraud to go undetected. Absent a strong internal control system, any individual who transacts business on behalf of the organization could have an opportunity to commit fraud.
Rationalization: According the ACFE, over 80% of fraudsters are first time offenders with no prior criminal background. They do not perceive themselves as criminals and have justified the fraud to themselves. Commonly, they “intend to pay it back” or it is “because they were underpaid in the first place.”
Your nonprofit can take several simple steps to dramatically reduce exposure to fraud risk by reducing opportunities for fraud to occur. Pressures and rationalizations are much harder to detect, but not impossible.
- Begin with your culture – Educate your employees to raise awareness of fraud, including its potential impacts. Establish a code of conduct to define clearly what is and what is not, acceptable behavior. Set a strong ethical culture at the organization – this makes it harder to rationalize a fraud and also increases fellow employee’s awareness of fraud, increasing the likelihood of detection.
- Implement and promote a whistleblower hotline – An anonymous way for anyone involved in the organization to report suspicious behavior. Tips of suspicious activity are the #1 way frauds were detected in the ACFE survey.
- Maintain proper segregation of duties – no one individual should perform all steps in any cash receipt or disbursement cycle. Reviews by a knowledgeable individual should be performed over all significant reconciliations, payroll, journal entries, and expense reimbursements.
- Be observant – Does an individual appear to be living beyond his or her means? Is the employee going through a divorce or child custody dispute? Are they having an affair? (Affairs can be a particularly expensive secretive behavior.) Is the individual or a family member experiencing significant medical problems? All can exert pressure to steal from an organization.
- Obtain employee theft and dishonesty insurance – Many business policies have some level of coverage included. While this won’t help prevent fraud, it can help mitigate the damages if a fraud occurs.
If you have questions or need guidance, contact your accountant or business advisor to help you assess your control system and recommend practical solutions.