Fraud is an unfortunate fact of life in today’s world and is becoming more prevalent in the nonprofit community as well. The 2016 Report to the Nations on Occupational Fraud and Abuse from the Association of Certified Fraud Examiners (ACFE) includes some sobering statistics involving nonprofits you should be aware of:
- Nonprofit organizations account for 10 percent of all occupational fraud recorded.
- Nonprofit organizations suffered median losses of $100,000.
- As a percentage of total cash reserves, losses at nonprofits are much higher and more damaging than losses at public companies.
Fraud is difficult to detect because most culprits are first-time offenders with clean employment histories. The vast majority (83 percent) have never been punished or terminated by an employer for fraud-related conduct. This makes it easy for trusted employees to find vulnerabilities to exploit. The primary weaknesses that lead to fraud include lack of internal controls, override of controls and lack of management review.
Some of the most common types of fraud committed in religious, charitable and social service organizations were corruption, billing, expense reimbursements and check tampering. Organizations should also be aware of those in positions that are more likely to commit fraud, including accounting, operations and sales.
Fraud is especially harmful to nonprofits because it can hurt both the organization’s finances and reputation. Typically nonprofit organizations tend to hide or dismiss fraud because of how the fraud would be perceived by the community. This allows fraud to continue to occur because the person committing the fraud is not prosecuted and therefore has no record. It also leads other employees to believe fraud has no consequences.
No organization is exempt from theft and fraud, but understanding the risks to your organization is a good start. Regardless of your nonprofit’s size, there are several ways you can reduce your risk.
The tone of management, the board, and the overall environment is a significant factor in the likelihood of fraud occurring. If the tone of the workplace allows for compromise in ethical conduct (cutting corners, manipulating information to meet grant terms, using donor money inappropriately with the intent to pay it back, etc.), this speaks louder to employees than any policy. Having a whistleblower policy, methods for employees to communicate without fear of retaliation and clear examples of misconduct included in an employee manual are a good starting point but these policies must be lived out every day in the conduct of the board and management. As we all know, actions speak louder than words, and this is true when evaluating the culture of an organization.
Having a whistleblower policy, methods for employees to communicate without fear of retaliation and clear examples of misconduct included in an employee manual are a good starting point, but these policies must be lived out every day in the conduct of the board and management. As we all know, actions speak louder than words, and this is especially true when evaluating the culture of an organization.
Oftentimes, those in management and board positions are not aware of the risks and opportunities for fraud within their organization. Providing education to those in leadership can increase awareness of fraud risk factors, areas of increased risk within the organization and red flags that often identify inappropriate activities.
The most important defense to fraud is involvement by management and the board in the activities of the organization. Setting up sufficient internal controls for your organization is always worth the time and effort required. Understanding the areas with higher risks and the weaknesses in the control environment can help management and the board implement monitoring and oversight controls to compensate.
Decide in advance how your organization will respond to fraud should it occur. It is also a good idea to consult with your insurance company because sometimes the insurance coverage is dependent on the response. Setting a tone that no inappropriate conduct will be tolerated can be one of the strongest deterrents an organization can have.
Independent auditors and consultants can help with an internal control assessment and provide education, best practices and sample policies. Independent audits can be helpful but may not detect fraud in all cases. Organizations should perform their own assessment to determine if they need outside assistance or have the resources internally to address their fraud risks. If you need help in the assessment or next steps, please don’t hesitate to contact our nonprofit team.
Meet the Author
Andy Maffia, CPA
Aldrich CPAs + Advisors
Andy Maffia has more than 15 years of experience in public sector accounting, with a focus on auditing nonprofit organizations, organizations subject to a single audit under the Uniform Guidance, agreed-upon procedures and consulting work, as well as assurance audits for closely-held companies. He currently sits on the board of directors and serves on the... Read more Andy Maffia, CPA
- Nonprofit organizations
- Public sector
- Government entities
- Certified Public Accountant