Because their cultures are oriented toward helping others, non-profits often find it impossible to imagine that anyone working for them would steal. As a result, too many neglect to put proper internal controls in place and, if they are defrauded, refuse to seek prosecution of the perpetrator. Such attitudes can lead to heavy financial losses.
Many non-profits inadvertently foster the perfect environment for fraud: they do not pay high salaries compared to for-profit employers, and they rely heavily on volunteers. This makes it easy for thieves to rationalize stealing. In all types of workplaces, workers who believe they deserve more than they are receiving are more likely to help themselves.
Non-profit staffers also typically think the consequences of getting caught stealing are minimal. In many charitable organizations this belief is justified. Even when they catch perpetrators, non-profits usually quietly fire the offenders and suffer the financial losses, rather than risk damaging their reputations with donors and the public.
Depending on your organization’s policies, it may be particularly vulnerable to certain types of schemes. For example, if you do not require volunteers to provide receipts for cash donations, they can easily skim the donations for personal use. In addition, without a system of checks and balances, staffers of small organizations are free to invent fictitious vendors, submit fake invoices, and write checks to themselves with little fear of exposure.
At a minimum, non-profits should have the following internal controls in place:
Background checks. Perform them for all prospective paid staffers and for volunteers who will be trusted with financial tasks or network access.
Cash counts. If a volunteer reports the sale of 100 event tickets, make sure they turn in a corresponding amount of cash and the correct number of unsold tickets. Also, compare cash receipts logs to the cash receipts ledger entry and actual bank deposit.
Vendor addresses. Periodically compare vendor addresses to those of employees and volunteers.
Check authorization. Require dual signatures for all disbursements.
Bank statements. Have someone other than the individual writing checks (preferably a board member) receive paper or electronic monthly bank statements and review them.
Beyond the basics
These suggestions are only basic controls. For more information on establishing a comprehensive fraud prevention program, contact us.