蘑菇TV

Most entities lose 5% of their funds annually to waste, abuse, or fraud. As a Certified Fraud Examiner, I have seen too many good nonprofits and churches devastated by embezzlement from within. The ramifications extend beyond the financial, too.聽 The violation of trust and corresponding psychological toll on people linger. The public relations nightmare afterwards extends the hurt well beyond the time of the fraud.

鈥淭hat will never happen to us!鈥� is something you may be thinking.聽 I would bet if you had asked any victims of embezzlement before their fraud was uncovered, they would have said the same thing.聽 Don鈥檛 want fraud to happen with your nonprofit or church?

The strength of internal control policies and practices significantly determines fraud vulnerability. These controls are the first line of defense against fraud and waste and can provide reassurances to donors that an entity is being a good steward of the resources given to them.聽 How can your nonprofit reduce the likelihood of becoming an unfortunate victim of the statistic mentioned earlier?

There are four areas that I recommend leaders focus on when it comes to internal controls: general business environment, cash inflows, cash outflows, and reconciliation and reporting. The following suggestions are three specific controls for each of these areas that can easily be implemented, often without significant resources or advanced understanding of business or accounting.

General Business Environment:

#1 Adopt a formal written accounting policy. This policy should be included within a written code of conduct and should state that fraud will not be tolerated and will be prosecuted. Whistleblower and conflict of interest policies should also be included. Background checks including criminal history searches, resume verification, media searches, credit checks, reference checks, and honesty or integrity testing should be a part of the onboarding process for your employees, especially for those with access to funds or physical assets. Train your personnel in financial matters and do not 鈥渢hrow them to the wolves鈥� of bookkeeping and compliance unprepared. AI can help leaders start somewhere when writing this policy. A basic policy is better than no policy!

#2 Periodically seek out accounting and internal control audits, even if routine audits are not financially possible. Having a fresh set of eyes look at policies and procedures is critical to maintaining your due diligence with donor funds. A CPA on your board of directors could provide some guidance. It is not acceptable to have employees always check their own work without any outside review, so make sure internal and external reviews of work are routine and expected. Have meaningful periodic job performance evaluations and lead your people with integrity (an ethical tone at the top) by demonstrating how no one is above policy. There should be a clear chain of command and list of responsibilities for every employee. Everyone should be held accountable for their actions.

#3 Have insurance coverage of all assets but also bond key employees who handle cash or donations.聽 Most insurance carriers will not readily cover internal theft losses if you do not take steps to establish internal controls and get a bond specifically for this. Very few people can recover funds lost to embezzlement, even with a court judgement. Take steps now to mitigate your risks with proper insurance and bonding.

Cash Inflows:

#4 Separation of duties is critical. No single individual should have purchase authorization, banking authorization, record keeping, custody of assets, and access to funds, or any combination of these.聽 Nearly every major fraud case I have worked would have been prevented if one person had not been given too much control. If your organization lacks the personnel to separate these duties, utilize vetted volunteers to assist in those roles. Blinding trusting a person with widespread control and no oversight of their work is a recipe for embezzlement.

#5 Deposit donations in a timely fashion. From the time a donation is received to the time it is spent, there should be a careful plan for handling the funds. Never leave a single individual alone with cash, unless the cash is already accounted for in your accounting system or monitoring and surveillance are in place. The count of the donations should be shared with a third party before the money is entered into the accounting system and deposited. That third party not involved with the donation counting or depositing process should reconcile the bank deposits with the reported amounts on the books and the number given to them after the count. These steps make it difficult for someone to swipe funds before they make it to bank. Your organization also needs a process in place to make sure that restricted or earmarked donations are being spent how the donors were promised they would be spent.

#6 Never permit expenses to be paid with donated cash on hand, which would improperly bypass the bank deposit process. All donations should be deposited and then a subsequent expenditure approval process can occur. Taking money in donations and then spending it before it reaches the bank usually causes financial reporting errors and encourages off-the-books under-the-radar spending, which may not be aligned with the nonprofit mission.

Cash Outflows:

#7 Utilize a purchase approval process involving multiple personnel.聽 Any new vendors, expense categories, or employees should be approved by upper management before being entered into the bookkeeping software. The person approving the purchases or signing the checks should not be the same person who prepares the checks. Leaders should review every invoice and check to ensure that they are being paid for a legitimate purpose. Store the checks and accounting computers in spaces with secured access.

#8 ATM withdrawals for nonprofits should be a rare and unusual occurrence.聽 Put restrictions in place to limit these withdrawals and limit who (if anyone) gets access to a debit card tied to the nonprofit bank account. Never, ever, EVER, sign a blank check and give it to the bookkeeper for later use. I also do not recommend giving management signature stampers to bookkeepers. The cost of embezzlement is far greater than the cost of convenience.

#9 Require actual receipts before paying reimbursements. Do not accept credit card statements or bank statements as receipts. Verify the legitimacy of receipts, as fakes are easily created with software today. Require employees to submit receipts quickly, so they don鈥檛 have time to create fakes. I recommend using GPS trackers on company vehicles or written mileage logs for reimbursements of mileage. Make sure the miles reported make sense for the anticipated travel distance. I once worked a case where an entity put GPS trackers on company trucks and found that employees were taking them to grocery stores, state parks, on family trips, even to church.

Reconciliation and Reporting:

#10 Maintain a current and regularly updated list of assets owned by the entity. Physical inventory and assets should be counted periodically to verify existence and quality.聽 There should be safeguards to prevent access to assets that could easily be used for personal use or sold off on the side by someone. Take photographs of assets if purchase records are unavailable. These photos could become useful in the event of a theft or loss.

#11 The bank account should be reconciled by someone not involved with the check writing process. Independent reviews of accounting and payroll reports should be a regular occurrence.聽 Leaders should reconcile payroll reports to salary contracts to make sure that no employees are concealing inflated paychecks through increased tax withholding or increasing the frequency of their pay. The person handling payroll or accounting is often the person who is most able to conceal a fraud because of their knowledge. Make sure this person is well-trained, trustworthy, and supervised.

#12 Be transparent with how you are spending the money donated to your nonprofit and clearly communicate to donors that you are honoring your nonprofit mission by having a transparent budgeting and financial reporting process. Nonprofits who hide their spending habits typically do so because they have something to hide, such as poor management or poor stewardship. Do not wonder where the nonprofit鈥檚 money went.聽 Tell it where to go!聽 Money should not be spent unless it can be tied back to the mission of the nonprofit.

Implementing these internal controls can help nonprofits operate more effectively and efficiently and maintain the trust of their donors and stakeholders. Ultimately, protecting assets from fraud enables your nonprofit to have more funds available to support its mission, which is why the nonprofit exists.