If your nonprofit became a victim of fraud, it wouldn’t just hurt your organization’s bottom line — the infraction also could do devastating damage to your reputation. By implementing some simple controls, though, your organization can help protect itself from these risks.
One of the most important preventive measures is the segregation of accounting duties, especially those related to executing outgoing payments. You should assign different employees to approve, record and report transactions. And the employee who generates checks for payment or approves invoices shouldn’t also be responsible for signing checks or initiating online payments.
Similarly, the staffer who makes bank deposits shouldn’t be charged with reconciling the organization’s bank statements. If the nonprofit is too small to segregate duties fully, consider rotating staff through the various duties regularly, or involving a board member to oversee the process. You also can adopt a mandatory vacation policy to make it more difficult for fraudster employees to conceal their schemes.
Research conducted by the Association of Certified Fraud Examiners (ACFE) shows that organizations with antifraud training programs experience lower losses, and frauds of shorter duration, than those without. Nonprofits should provide targeted fraud awareness training not just for managers but also for employees.
At a minimum, the ACFE recommends explaining which actions constitute fraud, how fraud harms everyone in the organization and how to report suspicious activity. Managers and employees also should be educated on the behavioral red flags of perpetrators and encouraged to keep an eye out for them. Red flags include an employee who appears to be living beyond his means or one who refuses to take time off. Additionally, some insurance providers offer discounts if certain antifraud training is attended by a majority of staff members.
Fraud hotlines are one of the most effective strategies for uncovering fraud. The ACFE has consistently found that tips are the most common means of detecting fraud. The majority of tips come from employees, but the hotline also should be available and publicized to vendors and constituents.
Management should encourage employees to report any suspicious activity and enforce an antiretaliation policy so employees aren’t reluctant to speak up. Ideally, the hotline should be anonymous, or at least confidential. For information on Smith and Howard’s Anonymous Fraud and Ethics Hotline service, Red Flag Reporting, call Marvin Willis at 404-874-6244.
Last year, the AICPA published its 2013 Audit Risk Alert: Not-for-Profit Entities Industry Developments. The alert urges nonprofits to develop a formal fraud risk management program, including a fraud risk assessment.
According to the AICPA, a fraud risk assessment should identify:
The goal of the assessment is to identify any vulnerabilities and gaps in internal controls that could leave your nonprofit susceptible to financial and reputational damage.
Cutting the risks of fraud requires the board of directors and management to be aware of your nonprofit’s vulnerabilities. Staff also must pitch in, staying on the lookout for red flags, conflicts of interest and other potential issues — and they must be comfortable reporting any concerns. Your financial advisor can help, too, by conducting a fraud risk assessment and suggesting ways to establish appropriate controls. Smith and Howard’s nonprofit clients look to us for help in this area – our nonprofit team works with our risk advisory group to provide assessments and recommendations, and can also work with nonprofits to implement a fraud and ethics reporting mechanism. Contact us at 404-874-6244 or online.
If you have any questions and would like to connect with a team member please call 404-874-6244 or contact an advisor below.CONTACT AN ADVISOR