Imagine being the executive director of a Not for Profit Organization (NPO) and reporting to your board that $75,000 has been lost due to fraud. That it is the median loss for an NPO in a 2018 report from the Association of Certified Fraud Examiners. It is $90,000 if the NPO is focused on a religious, charitable or social services mission.
The board will not be happy since the loss means fewer funds available to carry out your mission. If that information becomes public your donor base and grant providers may be less likely to fund your NPO. They will certainly want assurances that you know how the loss happened and will want to know what you are doing to prevent it from happening again.
To summarize: By not paying more attention to fraud risk, you as the executive director, now have less time to pursue your original mission, your competence is being questioned, you must spend more time fundraising to meet your original goal AND to recapture the fraud losses. Not what you signed up for when you started this NPO.
There is good news. Identify your organization’s vulnerability to fraudulent activity by having a Fraud Risk Assessment (FRA) conducted. However, fewer than 1 in 6 small organizations have ever had an FRA conducted. FRA’s have been shown to decrease the amount of a fraud loss by 38% and the duration of such a fraud by half.
The most common frauds perpetrated on NPO’s are:
- Cash Theft (for those NPO’s that receive cash payments)
- Billing schemes (when false invoices are presented and paid)
- Corruption (conflicts of interest, bribery or other schemes involving leaders in the NPO)
- Expense Reimbursement schemes
- Payroll schemes
Fraud Risk Assessments are routinely conducted during an audit by a CPA but most small NPO’s do not get an audit. The other alternative is to contract with a Certified Fraud Examiner to have a Fraud Risk Assessment conducted and then implement the recommendations.
Of course, as a busy executive director, implementing assessment findings may not seem very exciting and you are already spending all of your day on fund raising and other matters just to keep the doors open. Ponder these ideas to see how many you have implemented.
- Have an anti-fraud policy in your code of conduct (do your employees, volunteers and board members know what constitutes fraud?) and be sure all employees, managers, leaders and board members are trained on it.
- Have a hotline or some publicized open-door policy for tips and information that may indicate ongoing fraud (almost half of all frauds are discovered through tips)
- Conduct a formal fraud risk assessment
- Have a segregation of duties involving incoming and outgoing funds. Do you ensure that one person does not handle every aspect of these transactions?
- If state laws allow, conduct background checks on all employees
This list is not exhaustive but these alone may prevent the simplest frauds.
Remember that fraud is easy to accomplish when all three legs of the Fraud Triangle are available. Remove one or more of the legs and an individual will be much less likely start a fraudulent transaction:
- Pressure – is the employee under great financial pressure, either due to work demands or at home?
- Opportunity – is the same employee presented with the prospect of having unsupervised access to funds? For example, does he or she open the mail or count cash in a private room allowing the chance to pocket undocumented cash without being detected?
- Rationalization – will the employee decide that he or she deserves the extra money, either permanently (“I have worked for so many years here without a raise”) or temporarily (“I am short for the rent this month…I will just take this cash, pay the rent and make it up later”).
If your organization has been a victim of fraud let me know if you are willing to discuss it with me. It would be helpful to other entrepreneurs to hear about real life examples of fraud, loss and recovery.