Tuesday, February 5, 2013

Fraud and Embezzlement: Don’t Let it Happen to You

The five most dangerous words nonprofit executives can think or utter are: It can’t happen to us.  Fraud and embezzlement do happen.  Further, fraud and embezzlement is done by individuals who were believed to be loyal and trustworthy.  Fraud and embezzlement send several shocks through a nonprofit organization – shocked surprise, anger over the crime and the loss, and an embarrassing public relations nightmare.  Don’t let it happen to you.
Implementing safeguards against fraud and embezzlement is not an act of distrust, but rather a best practice that should be exercised by all nonprofit executives.
Fraud and embezzlement are the ultimate crimes against an organization.  In every instance I have seen, the actions were perpetrated by people who were highly trusted within the organization.  Once it was a trusted employee of out-of-town owners of a retail organization.  In another instance, it was the Executive Director of a nonprofit organization where there was no oversight of the executive.  There was even a case of a trusted Treasurer of a religious organization.  No one saw it coming.
The common theme has always been lack of oversight, and lack of processes, controls and procedures that would have brought the person’s actions to light through normal control processes versus the discovery of a huge amount of money missing from the organization.
Simple controls are effective
Here are examples of three simple controls that could be more than reasonably effective in uncovering wrong-doing.
  1. Have someone other than the accountant perform bank reconciliations – maybe it’s a board member, maybe it’s just someone outside the accounting office.  If you’ve balanced a checkbook, you can do bank reconciliation, it doesn’t take a rocket scientist.
  2. Conduct a careful comparison of the reconciled bank balance to the books of the organization.
  3. Review and sign-off of another reliable person within the organization of the bank reconciliation and it’s reconciliation to the bank balance displaying in the organizational financial statements.
Cash Receipts are another area vulnerable to misdeeds.  Here are three measures to put in place for Cash Receipts.
  1. Keep a log of every check that crosses the threshold of the organization.  The best practice is a log that lists every cash receipt (whether cash or check), and is totaled every day.  That total should match the bank deposit for that day.
  2. Make sure a deposit is made every day.  In an organization where there are significant amounts of cash deposited – there should be a bank deposit made every day.  I once found an embezzlement when the deposits hitting the bank were dated 15 days earlier.  Cash had been embezzled, and the deposits were only being made when “replacement” cash was available.
  3. Cash entries into the financial accounting system must agree to the physical bank deposit documentation and receipt.
I’ve also seen cases where fictitious vendors were created by someone with access to the financial system.  Checks were then issued to the fictitious vendors and sent to a bank account controlled by the embezzler.  A review of vendors within the organizations system is certainly worth routine attention.
Protect, Educate and Enlist Your Board
If you’ve read any nonprofit publication or attended a conference, chances are you saw something on Board Governance.  It’s a popular topic these days for good reason.  There is significant liability in sitting on the board of directors for a nonprofit organization, yet few organizations do serious board training, nor appropriate due diligence by way of oversight of management of the organization.  It’s unfortunate because there are so many wonderful people in the management of nonprofit organizations.
The bottom line is that an organization must have appropriate financial controls, segregation of duties, and board oversight.  Otherwise, it becomes possible that the organization finds their name on the front page of the newspapers, and a hugely embarrassing and dangerous picture of the organization evolves.