The ongoing pandemic has strained many not-for-profit organizations, forcing them to cut corners to survive. But fraud prevention is one critical area that organizations cannot afford to overlook. If anything, antifraud measures are more important now than ever.
VULNERABILITIES OF NOT-FOR-PROFIT ORGANIZATIONS
The Association of Certified Fraud Examiners' (ACFE) recent study, Report to the Nations: 2020 Global Study on Occupational Fraud and Abuse, notes that not-for-profit organizations can be more susceptible to fraud than for-profit businesses. Even in normal circumstances, not-for-profit organizations typically have fewer resources available to help prevent and recover from a fraud loss.
Experts often refer to the “fraud triangle” in which three factors must be present for fraud to occur — opportunity, motive and rationalization. Current conditions exacerbate the odds that these factors may exist in your organization.
For example, if your organization has had to cut staff, you may find it difficult to segregate duties so that accounting and finance functions are properly divided among staff. That can translate to greater opportunities to commit fraud. Employees may be motivated to pursue fraud schemes because of personal financial problems created by the pandemic. And, they might rationalize such actions because they feel overworked and underpaid.
FOUR ESSENTIAL STEPS FOR FRAUD PREVENTION
Several measures can help not-for-profit organizations of all sizes combat the risk of fraud:
- Create Fraud-Reporting Mechanisms
Year after year, ACFE finds that organizations with hotlines detect frauds more quickly than those without (12 months versus 18 months). Moreover, in the most recent report, organizations without hotlines suffered a median loss nearly double the median loss for those with hotlines ($198,000 versus $100,000). It is worth noting that the preferred mechanism seems to be shifting. While the previous two ACFE reports found that telephone hotlines were the most popular reporting method, email and web-based reporting were as popular as telephone hotlines in 2020. Thus, your organization should think about offering multiple reporting channels.
- Conduct Training
Employees at all levels, and possibly volunteers, should undergo regular antifraud training. The training should explain the types of behaviors that constitute fraud and the consequences for the organization and its mission. It should cover your organization's fraud-related policies (such as conflicts of interest and whistleblower policies) and the availability of a fraud-reporting mechanism. ACFE has found that training boosts the likelihood of detection via tips. Communication of a zero-tolerance policy can also serve as a deterrent, assuming you walk the talk when fraud occurs. Not-for-profit organizations should consider pressing criminal charges against perpetrators to send a message to employees and other stakeholders that the organization holds criminals accountable. Related Read: Tips for Preventing Fraud in Your Organization
- Take a Proactive Stance Toward Detection
Do not be passive and do not wait for red flags to pop up before you act. ACFE recommends using data analytics to search for anomalies that can suggest fraud. It also suggests that managers regularly review internal controls, processes and accounts or transactions in their areas, for adherence to the organization's policies and expectations. In addition, management should make these reviews known to all. The fact that the organization reviews information may deter potential bad actors and also sets the tone, showing that the threat of fraud is taken seriously. Comprehensive fraud risk assessments, ideally performed by an independent party, are advisable as well.
- Fortify Internal Controls
The ACFE report identifies the three most common control weaknesses for not-for-profit organizations. The lack of internal controls ranks at the top, followed by lack of management review and override of existing controls. Several such controls are worth implementing, although some may be easier than others. Your organization should reconcile its assets and liabilities accounts on a regular basis, at least monthly, as well as reviewing bank and other third-party statements. Also, job rotation and mandatory vacations can make it more challenging for an employee to carry out a long-term scam. In addition, authorizations (or perhaps two-party authorizations) for access to specific accounts should be required for certain transactions. Related Read: Fraud and the Not-for-Profit Organization: How to Counter Your Vulnerabilities
CHEAPER IN THE LONG RUNSome of these measures may seem burdensome; however, the possible long-term costs of fraud, both financial and reputational, far outweigh those concerns.
SIDEBAR: NOT-FOR-PROFIT FRAUD BY THE NUMBERSThe Association of Certified Fraud Examiners' latest report on occupational fraud drills down into fraud in the not-for-profit sector. The study includes 191 not-for-profit cases, with a median loss of $75,000 and an average loss of $639,000. Frauds perpetrated by executives (39% of the cases) had a median loss of $250,000. Manager or supervisor schemes (35%) clocked in with a $95,000 median loss. Those committed by staff (23%) had a median loss of $21,000. Frauds committed by those at the highest levels of an organization, both for-profit and not-for-profit, often come with the highest price tags, as those individuals tend to have greater opportunity and ability to override internal controls. While asset misappropriation is the most common type of fraud scheme across all industries, corruption accounted for most of the not-for-profit fraud cases (41%). Corruption includes offenses such as bribery, conflicts of interest and extortion. Billing (30%) and expense reimbursement (23%) fraud were the next most common types of fraud schemes.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.