Not Susie (your bookkeeper’s first name), you say with the certainty you would give your own sister. Only Susie isn’t your sister. She is (fill in the blank i.e. John’s) sister. John and his wife have lost their jobs – both of them have been out of work for six months with no prospects of employment and unemployment insurance about to run out. John desperately comes to his sister and asks for a loan. She doesn’t have it but she knows where she can get it – your organization’s checking account is about to make an unauthorized “loan” but only until John gets back on his feet, so Susie swears to herself. Is there a scintilla of a doubt that she means it – not one! She sincerely means to return the unapproved “loan” ASAP.
This scenario should sound familiar. We can tell you about numerous executive directors that have called Auditors Inc. with the oft used phrase, “if only I had known about you before this happened”. What they don’t want to admit is that they would have behaved exactly the same way because bottom line, NO ONE wants to seriously entertain the thought that their bookkeeper – their right hand person (especially in the case of a small nonprofit) would steal. How can she come into the office every day, look you straight in the face with that smile and ask how your kids are and then stick the financial knife into your innards.
This is how. Her loyalty is to her family – not the nonprofit. She psychologically separates her daily work from her deception. She convinces herself that it is only temporary. What you need to know is that she is not a demonic thief. She is a human being that has made a stupid long term decision to a short term need. Only the definition of short term keeps changing and as time goes by, she looses track of how much she has stolen. Most embezzlers, when caught, are truly shocked when they hear the final tally.
How to increase your revenue is someone else’s expertise.
Our expertise – making sure that you hold on to the revenue that has been raised/earned by the “sweat of your brow” – making sure that Susie doesn’t steal you into bankruptcy (30% of all bankruptcy is due to embezzlement). And if you catch the embezzlement, you’re lucky – most embezzlement -an act of concealment goes undiscovered – after all, the embezzler isn’t out to kill the cow – just milk it.
So how do you deal with this reality. The answer is obvious – defined as something that goes unseen until someone expresses it simply. The next 10 procedures illustrate this axiom. They involve little more than common sense. They are the opposite of those procedures recommended by most CPAs – the ones that can not be implemented by the small nonprofit for the lack of the resources required for implementation.
1) Perform a credit check. This type of check as opposed to a civil/criminal background check is much more reliable. Someone experiencing a cash crunch runs a higher embezzlement risk. Admittedly, bad credit does not guarantee that they will embezzle and some may say this is not a fair assessment, but for people charged with the responsibility of handling the company’s assets, we think it is fair and reasonable. On the other hand, we must also allow for the possibility that the individual has a “squeaky clean” credit record because of a previous embezzlement?
2) Only another designated person can add/delete/edit a new customer/vendor in the accounting program. A common embezzlement technique is to set up dummy vendors and customers. So, you may consider this a pain in the butt, but for the few moments it takes, it is time well spent.
3) The authorized check signers should make a list of every check that they sign and turn their monthly lists over to a designed person who will review the bank statement for checks that clear the account. You are not relying on your memory to catch checks that were not legitimately signed.
4) All client invoices must be sequentially numbered and you want to review every invoice that goes out preventing your bookkeeper from double billing or overbilling your clients. Again make a list of the invoice numbers and as they are paid, check them off.
5) Either you or your outside professional should review all adjusting journal entries. These entries are the customary place to hide a lot of unauthorized activity.
6) You can skip items 2 thru 4 with the following procedure. Once a year, you or someone else should print out the activity ledger sheet for every customer and vendor. Spend the required time (generally no more than 1 day) to call each customer and each vendor to “confirm” all payments either to or from your organization. This insures that your bookkeeper is not issuing unauthorized checks and invoices.
CPA firms used to “confirm” accounts receivable and payable balances (a 2nd cousin to this practice) before they went high tech. This is still an extremely effective procedure to confirm that your cash expended was in fact received properly and all receipts your customers paid were received by your organization.
7) If your organization handles a lot of cash – it is imperative that you have at least 2 people working together. You can not afford to have less than 2; otherwise, embezzlement is almost a forgone conclusion. The incidence of embezzlement collusion is rare.
8) Perform a physical asset check at least once a year. You want to make sure that your computers and other physical assets don’t sprout wings.
9) Should you suspect a problem, call the Secret Service – don’t call the local police (whose white collar crimes division is already inundated). Believe it or not, corporate theft falls under the jurisdiction of the Secret Service.
10) And lastly – forgive our shameless plug – if you simply don’t have the time or the inclination for the above procedures . We know what we are doing, we are affordable and your time is best spent in growing your organization.
You lock the doors to your car and house because you don’t want to fall victim to robbery. The difference between robbery and embezzlement is obvious. You generally don’t know the robber but you do know the embezzler. Don’t be surprised, when in court, face-to-face with your embezzler, if the embezzler’s attorney turns the tables on you, the executive direct and refers to your shared culpability due to your lack of oversight. Increasingly, Boards of Directors are beginning to hold management responsible for lack of oversight when embezzlement is discovered in the organization. The overwhelming majority of embezzlement can easily be deterred following the above procedures. Your bookkeeper will thank you. If s(he) is embezzling, most likely, s(he) is feeling caught between a rock and a hard place.
This is your responsibility – take care of it or accept the consequences just as the Madoff victims had to accept their responsibility in blindly turning over their money with virtually no oversight!
Additional Information
Two well known organizations in this country, the SBA charged with assisting small business growth and the ACFE, charged with detecting/preventing fraud – by their own admission ignore the most vulnerable sector to fraud. Neither of these organizations deal with fraud in the small organization sector (defined as any organization with less than 100 employees).
The ACFE was founded in 1988 because it was about that time that the AICPA began to water down audit standards (our explanation – not theirs).
As per the ACFE 2008 Report to the Nation:
“Small businesses are especially vulnerable and suffer the largest losses. Median loss suffered with less than 100 employees is $200,000. On page 36 of this report it states “70% of victims they examined had external audits that did NOT catch fraud”. Our question to the AICPA and other professional accounting organizations – how do you justify what you do in the cold light of these numbers??
The Association of Certified Fraud Examiners said it best:
“10% of all people will never steal. 10% of all people will always steal. 80% of all people will steal given the right motivation.”
The economy or addiction or fill in the blank provides the motivation.The organization’s lack of oversight provides the opportunity.
Just wondering--can embezzlers order duplicate checks? For example, two sets of the same numbers?
ReplyDeleteAlso--great article! Though I don't believe most embezzlers steal for such noble reasons as "Susie" did. It is more often due to greed, pursuit of a parasitic lifestyle and contempt for work. And ,of course, addictions. They also often have personality disorders, and feel entitled to their ill-gotten gains.
ReplyDeleteGood tip re: the Secret Service! Did not know that!