Fraud is a risk in all types of businesses. Unfortunately, charitable organizations and not-for-profits (NFPs) are not immune.
Why are NFPs likely to be victims of fraud? Due to their charitable or mission focus, NFP leaders are often more trusting of employees and volunteers. Further, many NFPs are subject to budget constraints and misguided incentives to maximize resources spent directly on mission achievement to the detriment of critical administrative support, accounting, internal controls and technology. Typically, employees of NFPs are paid less than their counterparts in the private sector. This may be especially true for administrative positions, which are frequently understaffed compared to private sector entities. These factors, along with limited administrative and accounting and finance functions, may hinder internal controls and increase fraud risk.
The key to maximizing the effectiveness of internal controls in a cost-effective manner is tailoring them to address the risks within your organization, that is, those that make you the most vulnerable to fraud.
Consider the following examples of appropriate preventive and detective controls that you could implement to reduce the risk of a fraud.
Safeguarding Assets
Physically secure assets such as inventories and equipment
Conduct thorough background checks on employees, especially accounting staff
Bond all employees who handle cash and checks
Consider the use of non-scannable check stock
Keep check supplies under lock and key
Log and restrictively endorse checks received by mail
Use bank lockbox services or scanners whenever possible
Use positive pay systems
Provide the bank with a list of vendors that are authorized to withdraw funds electronically
Segregation of Duties/Monitoring
Monitor daily account activity
Review payroll including names and pay rates
Reconcile bank statements in a timely manner
Have bank and credit card statements sent offsite to the CEO, CFO or Treasurer for review prior to reconciliation
Have the bank send an automated email to someone outside of the payables and accounting process after each electronic payment showing the amount and recipient
Have someone outside of accounting review and approve invoices
Compare logged cash receipts to actual deposits
Policies and Procedures
Prohibit use of acronyms when writing checks or on check endorsements
Prohibit writing of checks to “cash”
Implement an approval process for new contractors and vendors
Establish dollar limitations on ACH/EFT transactions
Encourage supporters to use the full name of the organization rather than an acronym
Require dual signatures for approval of checks and expenses over designated limits and for unbudgeted items
Prohibit accounting personnel from signing checks or transferring funds
Require separate approvals for initiating and authorizing electronic payments
Require all employees, but especially accounting and finance employees, to take at least one uninterrupted week of vacation a year
Minimize carryover vacation time
Assess technology and data security needs on a regular basis
A widely distributed and rigorously followed Whistleblower Policy that indicates a procedure for reporting concerns of fraud without fear of retaliation is an essential tool in fraud detection. According to the Association of Certified Fraud Examiners (ACFE), Report to the Nations on Occupational Fraud and Abuse, tips are consistently and by far the most common fraud detection method. Over 40 percent of all cases were detected by a tip — more than twice the rate of any other detection method. Employees accounted for over half of all tips that led to the discovery of fraud. Organizations with fraud reporting hotlines are more likely to catch fraud by a tip. These organizations also experienced frauds that were 50 percent less costly.
Although no system of internal control can provide absolute protection against fraud, you can implement a system that reduces the opportunity to commit fraud and encourages employees to do the right thing by reporting suspicious activity.
Additional Resources
The AICPA Not-for-Profit Section offers a number of resources to assist NFPs with fraud prevention, ethics programs and internal controls.
Example Whistleblower Policy (Word)
Segregation of Duties Reference Charts for Small NFPs