KPM

Audit Report

Balancing Trust & Internal Controls In Non-Profits

In just one month, a Minnesota woman was charged with skimming more than $300,000 from her animal rescue charity, a Florida man was charged with multiple felonies for running several charities for his personal benefit, and a New York man was sentenced to 18 months in prison for defrauding his trade association employer. According to the Association of Certified Fraud Examiners, non-profit organizations have a nearly 9% chance of being defrauded – that’s almost one in 10.

Fortunately, strong internal controls can reduce your non-profit’s risk. You may not think you need them, particularly if your leaders, staffers, volunteers, and clients consider themselves to be one big happy family. But controls and trust can coexist.

Are Your Internal Controls Effective?

Internal controls are policies and procedures that govern everything from accepting cash to signing checks to training staff to keeping your IT network secure. Most non-profits have at least a rudimentary set of internal controls, but dishonest employees and other criminals can usually find gaps in environments where controls aren’t thorough or adequately followed.

Why might non-profits skimp on controls or enforcement? They may be so focused on programming that they don’t allocate enough budget dollars and other resources to fraud prevention. It’s not uncommon for executives or board members to indicate that fraud prevention is low on their priority list — probably because they underestimate their fraud risk.

Non-profit boards may inadvertently enable fraud when they place too much trust in the executive director and fail to challenge that person’s financial representations. Unlike their for-profit counterparts, non-profit board members may lack financial oversight experience.

Which Controls Are Critical?

Some of the most common types of employee theft in non-profit organizations are check tampering, expense reimbursement fraud, and billing schemes. But proper segregation of duties — for example, assigning account reconciliation and fund depositing to different staff members — is a relatively easy and quite effective method of preventing such fraud. Strong management oversight and confidential fraud hotlines open to all stakeholders also have been proven to reduce employee theft.

Indeed, although you should trust staffers, you also should verify what they tell you. Conduct background checks on all prospective hires, as well as volunteers who’ll be handling money or financial records. Also, provide an orientation to new board members to ensure they have a clear understanding of their fiduciary role and the potential consequences of committing fraud.

Finally, handle fraud incidents seriously. Many non-profits choose to quietly fire thieves and sweep their actions under the rug. But if an incident is hushed up, rumors could do more reputational damage than publicly addressing the issue head-on. It’s better to file a police report, consult an attorney, and inform major stakeholders about the incident.

Do You Trust Too Much?

Trust tends to be the biggest potential fraud weakness for non-profits. Although it’s fine to regard your staff, volunteers, and other stakeholders like family, you need to set guardrails. Contact us for help determining which controls you might lack and how to implement them.

Related Articles

Talk with the pros

Our CPAs and advisors are a great resource if you’re ready to learn even more.