By Jim Simpson, president, Financial Technologies & Management (FTM)
Four years ago when officials from a local cultural and arts volunteer organization discovered that more than $380,000 had been embezzled from its account, it was shocked. Over a nine-month period, an officer supported his gambling addiction with money from the organization’s bank account.
But according to a 2014 Association of Certified Fraud Examiners study, that is not all that unusual. In fact last year, The Washington Post analyzed nonprofits’ 990 filings from 2008 to 2012 and found more than 1,000 nonprofit organizations had checked the box indicating they had discovered diversion of assets due to theft, investment fraud or embezzlement.
The Association of Certified Fraud Examiners (ACFE) reported the average loss is $108,000. But along with the loss of funds there is an even greater potential cost -- damage to an organization’s reputation.
External audits are of little help. According to the ACFE, they detect just over 3 percent of the fraud cases. Instead, 42 percent of cases are discovered as a result of tips from employees, customers, vendors or anonymous whistleblowers. Other top methods are management reviews (16 percent) and internal audits (14 percent). Seven percent of cases are uncovered simply by accident.
Relying on tips and happenstance to discover more than half of existing fraud cases is not good business practice. Despite having limited time and resources that make nonprofits vulnerable to fraud either internally or externally, organizations must be able to discover more cases on their own.
Nonprofits typically have many checks and cash from numerous sources making them vulnerable to skimming and cash larceny schemes. Billing schemes are most common, and typically involve billing an organization for personal items or excessively marking up goods or services.
One step that all nonprofits should take is to develop anti-fraud controls that help decrease the cost and duration of fraud schemes.
Some anti-fraud controls include:
- Create an independent board committee to provide management independence and professional skepticism.
- Develop a process to report suspicious behavior.
- Document when compliance at all levels occurs and when it does not.
- Develop a response plan when fraud does occur.
Keep in mind that the tone from the top is important to promote an ethical environment throughout the organization to encourage self-policing.But most importantly, nonprofit organizations need to make sure they don’t ignore fraud issues because they aren’t prepared to deal with them openly and honestly.