Preventing Fraud: Tips for Nonprofit Organizations (article)
Employee fraud – theft, embezzlement, cash skimming and other offenses – is a greater problem now for non-profit organizations than at any time in recent memory. The poor economy, tightened budgets and reduced staffing are among the likely reasons for the increase in fraud. But these simple reasons barely skim the surface. Look deeper and it becomes clear that the true causes of the rise in fraud are far more complex. High unemployment rates have placed pressure on second-income earners as they have suddenly become the primary breadwinner. And many formerly high-income earners have been forced to accept jobs for which they are overqualified. For those working at non-profit organizations, many are dealing with lower salaries and benefits when compared to for-profit companies.
Mix these harsh economic realities with non-profits' historical lack of effective internal controls and the key ingredients necessary for fraud emerge: motivation, opportunity and rationalization.
Why are non-profits so vulnerable? In a word, trust. These organizations are often based on the charity, faith and goodwill of fellow citizens. The organizations strive to create and protect a culture of trust that is oftentimes lacking at for-profit companies, and therefore don't always have the formal set of internal controls in place to guard against fraud that might otherwise be expected.
Unfortunately for many non-profits, the challenges extend beyond a lack of effective internal controls. Budgetary pressure – outside pressure from the public and government for a charity to allocate its funds to areas where it does the most good – also exposes the organization to the potential for fraud. How? Non-profits have limited funds and as a result must spend it in two key areas: the specific charitable purpose that drives the organization, and activities that raise additional funds to support that charitable purpose. That's generally what the public and the government want the non-profit to spend money on.
However, that leaves no funding for far less glamorous areas that on the surface don't seem to directly support the charity's purpose – like effective accounting systems, proper staffing, and compensation. What's wrong with that? By failing to spend money for adequate accounting systems non-profits often needlessly waste their precious dollars – money that could support the charities' mission – thanks to a lack of effective management reporting and controls.
Trust in the Absence of Internal Controls is a Recipe for Employee Theft
According to the Association of Certified Fraud Examiners' 2012 Report to the Nation on Occupational Fraud and Abuse, the median loss suffered by non-profit entities is $100,000. To put some perspective on that number, the median loss to public companies is $127,000. Keep in mind these are "median" numbers. Actual losses experienced by non-profits have been significantly larger. Few non-profits can afford losses of any size, let alone $100,000 or more. Clearly fraud – or at least the potential for fraud – is rampant at many non-profits. So how do you spot it?
There are several key risks – warning signs – that may pave the way for fraud because they make it easier for dishonest employees to engage in criminal behavior for a lengthy period of time. Among these risks are:
Inadequate internal controls
Lack of management review
Override of existing internal controls
Relatively low compensation, whether wages or benefits
Lack of employee training
Limits on career advancement
Employees' personal financial issues
Lack of strong company leadership
It takes an average of two years for fraud to be detected – and it is usually discovered in response to a tip or even by accident rather than through audits or internal controls. That means savvy organizations should take steps to prevent fraud – before a loss occurs – by conducting due diligence on employees rather than naively assuming that all employees are honest individuals.
Employees who commit fraud share several traits. Here are a few:
Employees who are overly interested in the personal lives of their co-workers
These employees like to be involved in everyone's business and want to be everybody's friend. Sure, they might be the office yenta. But, they may also be the office thief. By showing consideration for officemates, they garner trust – which, in the wrong hands, can become an opportunity for fraud.
Employees who work excessively and refuse assistance
These employees work longer hours than their peers and refuse to take time off. Because of their constant availability and seeming dedication to the job, management often assigns them increasingly important tasks. As a result, they become solely responsible for critical tasks. With nobody looking over their shoulder, they are free to perpetrate fraud undetected.
Employees who work excessively yet keep poor accounting records
Because these employees appear to be working hard they are given leniency regarding their poor accounting records. As a result, the early warning signs of fraud are often missed.
Managers or supervisors with dominant or controlling personalities who refuse to delegate work or take time off
These "Type A" individuals do not delegate responsibility in order to hide and extend their fraudulent activities.
Employers Can Fight Back and Still Maintain Their Character
While many of the traits outlined are also found in conscientious and reputable employees, these traits are prevalent among white-collar criminals who commit and conceal fraud by eliminating or circumventing internal controls. Most frauds are committed by people no one would have otherwise suspected. They often start off slowly and then build as the fraudster gains more confidence. However, there are some measures you can take to mitigate your risk.
Perform background checks on employees
Create an environment where honesty is practiced and employees feel compelled to report fraud. When hiring a new employee, do not rely solely on a trusted individual's recommendation. Instead, obtain information about a candidate from an independent third party. About 15% of employees who commit fraud are multiple offenders. About 85% of employee frauds are crimes of opportunity perpetrated by first-time offenders who believe they can avoid detection.
Maintain current and accurate accounting records
If your organization has difficulty in this area, your accounting department may be understaffed – a situation that could compromise internal controls. Also, accurate records make it far more difficult to propagate fraud.
Ensure your entity's Chief Executive receive financial statements directly from the bank
You should review statements before forwarding them to the employee responsible for reconciliation. If possible, cancelled checks should be sent with the bank statements and you should ask questions about specific checks to show employees that there is oversight. While this step may be difficult with larger organizations, it is recommended that the CEO have on-line access to bank accounts and cancelled checks. By having this access, he or she can periodically review this information without going through the accounting personnel.
Perform periodic reviews of all internal controls
Request that your organization's CPA or accounting firm regularly review internal controls and periodically examine financial statements. Make these policies public so employees know fraud protection measures are in place.
Establish a fraud hotline
Studies show a fraud hotline is the easiest, most cost-effective way to uncover workplace dishonesty. Set one up and encourage employees to use it if they suspect fraud is occurring.
Cross-train your workforce
This ensures employees can review each other's work. Also, insist that employees take time off. No individual should be indispensible.
Secure premises and carry adequate employee-theft insurance
Restrict after-hours access and limit access to sensitive areas only to those whose jobs demand it. Also, consider installing video surveillance and alarm systems.
Perform periodic inventories
High-value items should be inventoried more frequently. Investigate unusual shortages and inform employees that management is diligent about protecting its assets.
Review computer security
Check for proper administrative and access rights, which should be limited by job function. Make sure passwords are required to be changed periodically and ensure there is administrator access to every computer.
Create a written fraud policy
Periodically review policy with all employees, and inform all new hires of policies. Place the fraud policy on the agenda at meetings at least once a year for all employees.
Fraud is found in all facets of business and impacts non-profits and for-profit organizations alike. Discourage fraud at your organization by taking measures designed to protect your assets and reputation. For more information on preventing fraud at your workplace, contact your local CBIZ office.
Copyright © 2012, CBIZ, Inc. All rights reserved. Contents of this publication may not be reproduced without the express written consent of CBIZ. To ensure compliance with requirements imposed by the IRS, we inform you that-unless specifically indicated otherwise-any tax advice in this communication is not written with the intent that it be used, and in fact it cannot be used, to avoid penalties under the Internal Revenue Code, or to promote, market, or recommend to another person any tax related matter. This publication is distributed with the understanding that CBIZ is not rendering legal, accounting or other professional advice. The reader is advised to contact a tax professional prior to taking any action based upon this information. CBIZ assumes no liability whatsoever in connection with the use of this information and assumes no obligation to inform the reader of any changes in tax laws or other factors that could affect the information contained herein.
CBIZ MHM is the brand name for CBIZ MHM, LLC, a national professional services company providing tax, financial advisory and consulting services to individuals, tax-exempt organizations and a wide range of publicly-traded and privately-held companies. CBIZ MHM, LLC is a fully owned subsidiary of CBIZ, Inc. (NYSE: CBZ).