Nonprofits Vulnerability to Fraud
According to the 2020 global fraud study by the Association of Certified Fraud Examiners (ACFE), the typical organization loses an estimated five (5) percent of its annual revenue to fraud. The ACFE reported that public and private companies had a median loss of $150,000; however, nonprofit organizations had the smallest median loss of $75,000, with an average loss of $639,000. For some a $75,000 loss may be insignificant, but for many nonprofits, financial resources are extremely limited and a loss of $75,000 can be particularly devastating.
Beyond the immediate financial loss, however, an even greater potential cost of fraud to nonprofit organizations is the reputational damage that can occur. Because most nonprofits depend on support from donors, grantors, or other public sources, their reputations are among their most valued assets. In addition, fraud in nonprofit settings often garners unrelenting negative media attention.
How Fraud Occurs and Common Fraud Schemes
Occupational fraud is a chilling reality for businesses and organizations of all sizes and occurs across industries—even within the nonprofit sector.
ACFE’s report cites the three most common types of occupational fraud as asset misappropriation, corruption and financial statement fraud. Financial statement fraud occurs least frequently of the three types, making up only 10% of cases, but results in the greatest median loss. While asset misappropriation leads to the lowest median loss, it happens in 89% of cases making it the most commonly occurring form of occupational fraud by far.
Some of the common Fraud schemes are as follows:
- Skimming — Cash is stolen before the funds are recorded in the accounting records
- Credit card abuse — Perpetrators either use organization-issued credit cards for personal use or use donor credit card numbers
- Fictitious vendor schemes — Perpetrators set up a company and submit fake invoices for payment
- Conflicts of interest — Board members or executives have hidden financial interests in vendors
- Payroll schemes — Continued payment to terminated employees, overstatement of hours, or fictitious expenditure reimbursement
- Sub-recipient fraud — Abuses by a sub-recipient entity include intentional charges of unallowable costs to the award, fraudulent reporting of levels of effort, and reporting inaccurate performance statistics and data
- Deceptive fundraising practices
- Misrepresentation of the extent of a charitable contribution deduction entitlement, misrepresentation of the fair market value of donated assets, and failing to comply with donor-imposed restrictions on a gift
- Fraudulent financial reporting
- Misclassifying restricted donations to mislead donors or charity watchdogs, misclassifying fundraising and administrative expenses to mislead donors regarding funds used for programs, and fraudulent statements of compliance requirements with funding sources
How Can Fraud Be Prevented?
1. Internal Controls
“Internal controls are the mechanisms, rules, and procedures implemented by an organization to ensure the integrity of financial accounting information, promote accountability, and prevent fraud.” Examples of internal controls include:
- Separation of duties ensures that no individual is solely responsible for executing a financial transaction from start to finish. For example, the person who signs a check should not be the same person who writes the check. Having multiple signers is a plus!
- Regular and timely bank reconciliation provides an opportunity to review transactions and bank balances so any unusual activity can be spotted and investigated.
- Petty cash controls establish rules on things like the maximum amount of available petty cash as well as who has access to use those funds and who is responsible for approving disbursement. These controls should also document requirements and processes for approval requests (e.g., setting expense limits and requiring a receipt for every transaction).
2. Monitoring Financial Statements: as we previously mentioned, financial statement fraud has the potential to hit your finances the hardest, and it can be incredibly difficult to detect due to efforts by fraudsters to conceal the suspicious activity. Instituting a process for reviewing financial statements and ensuring that the committee or individuals responsible for reviewing financial statements for anomalies have proper knowledge and training on what to look for will drastically improve the likelihood of detection.
3. Anti-Fraud Training
An important part of any fraud prevention program is training. All employees—including managers and executive leadership—should be mandated to participate in the training program to ensure that everyone in the organization is educated on all policies and procedures related to fraud prevention, detection, and reporting. Employees should be able to answer the following questions:
- What is fraud?
- How is it damaging to the organization?
- Who commits fraud? How do they commit fraud?
- What behavioral and financial indicators could point to potentially fraudulent activity?
- What are the organization’s fraud policies? What are the consequences of committing fraud?
- How can I report suspected fraud?
As reported by ACFE, 40% of fraud detection was the result of a tip—the most common method of detection. Empower employees by giving them proper training and a way to report suspected fraud safely and without the risk of retaliation.
4. TechnologyTo support your fraud prevention efforts, it’s critical to adopt financial technology that can help you monitor risks and enforce your control activities.
- Access Controls: Ensure segregation of duties in your financial system by controlling user rights. An advanced technology solution will allow administrators to configure user access at a granular level—from limiting who has rights to edit data to defining specific fields and transactions that can be edited (or even viewed) by individual users.
- Approval Rules: Your financial management software should allow you to configure a seamless approval path where you can require, review, and approve any documentation for expenditures requested by your employees.
- Bank Account and Credit Card Integration: Being able to view real-time bank and credit card information directly within your organization’s financial system can be hugely beneficial to catching suspicious activity early. Live bank and credit card feeds can allow approved financial staff to securely review the most up-to-date activity from your financial institution and compare that information to what has been recorded in the system.
The True Value of Fraud Prevention
While there are many obvious benefits we could touch on here, ultimately, it’s the ability of social good organizations to foster relationships built on trust—internally as well as with supporters, funders, and the people they serve—and continue the good work they do in the community that is at the heart of fraud prevention.
Proper controls, training, and supporting technology will help your organization create a culture of transparency and trust. Ongoing monitoring and upkeep of your fraud prevention program will keep your organization on track to maintaining its reputation as a good steward so it can continue to create positive change in the world.