How Nonprofits Can Fight Fraud

Given the recent economic downturn, is it any wonder that fraud is a hot topic in the news? According to the 2012 Report on Occupational Fraud and Abuse published by the Association of Certified Fraud Examiners, the average duration of an occupational fraud, a fraud committed at work, is 12 to 36 months. It’s no wonder then that frauds that were committed at the height of the recession are just now coming to light.

Nonprofits can be especially susceptible to fraud, especially given the specific nature and culture of the nonprofit industry. A few examples of this nature and culture include lower pay rates than the for-profit sector, a do-good culture that might be more focused on charitable missions than policies and procedures, a smaller work force or an aged accounting system. In spite of the challenges that nonprofits can face in fighting fraud, proactive steps can be taken. Here are a few suggestions to help you flight fraud at your organization.

Perform an Annual Risk Assessment
Risk assessment is an important component of the COSO Framework for successful Internal Control, but it is a process that is often times overlooked. Put most simply, a risk assessment process is an exercise in which risks to an organization are identified and addressed. It is important to keep in mind that risks can affect not only financial reporting, but also operations or the organization as a whole. Some examples of risks from the nonprofit sector include the risk of checks being written to false vendors, the risk of a background check not being performed in compliance with company policy or the risk of the loss of the entities nonprofit status. Once a risk has been identified and determined to be significant, a plan can be developed to mitigate the risk.

Review Change and Exception Reports
Sometimes nonprofits are forced to have smaller work forces due to budget constraints. Given small work forces, sometimes proper segregation of duties is not possible. If this is the case at your organization, have a member of the senior management team review and initial change or exception reports on a monthly basis. Who was added to payroll? Who was taken off payroll? Who was given a raise? Were any cash receipts posted to an invalid account?

If a Fraud Does Occur, Take It Very Seriously
If the worst does happen and a fraud is perpetrated at your organization, it will help to have a prescribed course of action already in place. Work with Human Resources and the Board of Directors to develop a fraud response plan. How will the investigation be conducted? How will Human Resources be involved? How will law enforcement be involved? An apology, transfer or termination might not be enough. Don’t discount the involvement of law enforcement, as the involvement of law enforcement will send a clear message to your organization that fraud will not be swept under the rug.

For help performing an annual risk assessment, developing a fraud response plan or other suggestions on how to improve internal controls and fight fraud in your organization, please call me at 805-963-7811 or e-mail me at ldunne@bpw.com.