Fraud Prevention and Internal Controls

August 18, 2018
Graphic showing technology security
Photo of Kari Young, Nonprofit CPA & Advisor

All too often new stories of fraud are showing up in the news headlines. Nonprofit organizations need to be aware of the risks of fraud and how to prevent it from happening.

The concept of fraud is best explained by looking at its four characteristics – it is dishonest, deliberate, deceitful, and results in deprivation to the organization.

Nonprofit organizations should be aware of two broad categories of fraud: misappropriation of assets (theft) and fraudulent financial reporting (misstatement of financial data). Most commonly, when organizations think about fraud they are mainly concerned with misappropriation of assets or theft of cash or other assets. However, organizations should also be aware of the possibility that fraud could be committed through the misstatement of the organization’s financial statement data with the intention of misleading the users of those statements. Examples of actions taken by a person committing fraudulent financial reporting include intentionally misstating revenues or manipulation of a cost allocation plan.

In order for fraud to occur, there must be three factors present: pressure/motive, rationalization, and opportunity. Together these three factors are known as the fraud triangle. Fraud occurs when an individual has an outside pressure or motive to commit the fraud, is able to rationalize the act, and has the opportunity to commit fraud. There is little an organization can do to address the pressure/motive or rationalization components of the fraud triangle; however, organizations can limit the opportunity for fraud to occur through the implementation of a strong system of internal controls.

A study performed by the Association of Certified Fraud Examiners (ACFE) found that, compared to other types of companies, nonprofit organizations are more susceptible to fraudulent activity. The ACFE cited the following factors:

  • Organizational structure and size – Nonprofits often have a small number of employees with a high workload, which may increase rationalization or pressure/motive for fraud.
  • Atmosphere of trust – Nonprofits tend to attract trusting personality types who believe all employees will act ethically.
  • Use of volunteers – Volunteers may not be properly trained or supervised.
  • Cash donations – Some nonprofits receive donations in the form of cash, which is the easiest type of asset to steal.
  • Lack of Board oversight/involvement – A nonprofit organization’s Board of Directors may not provide adequate oversight, which can allow the opportunity for upper management to commit fraud without being noticed.

Due to the potentially detrimental effect fraud can have on an organization’s ongoing success, it is important to know how to prevent it from occurring. Best practices to prevent fraud include:

  • Establish a strong tone at the top – Leadership should set the standards for a strong moral and ethical work environment by hiring competent employees who model ethical behavior and follow policies and procedures.
  • Create a fraud policy – An effective fraud policy document outlines what constitutes fraud, how it should be handled, and to whom it should be reported.
  • Document procedures and policies – Organizations should have written procedures and policies; these must be kept up to date to ensure they reflect what is actually occurring in the workplace. These policies should include pertinent information such as fiscal policies, conflicts of interest, and who has what authoritative duties.
  • Implement a strong system of internal controls – An organization’s internal control system should include controls that keep irregularities and fraud from happening (preventative), are designed to detect them if they should happen (detective), and keep them from continuing to happen (corrective).
  • Segregate duties – The system of internal controls should be designed in a manner so that important duties are segregated. Proper segregation of duties makes it difficult for employees to gain control over an entire function or have custody of an asset throughout the entire process. Ideally, every step in a process that is susceptible to fraud should be performed by a different employee. The AICPA nonprofit section, which has many helpful tools for nonprofit organizations, offers some suggested methods in which to segregate duties for accounting departments of varying size. An organization can also contact its CPA for help identifying possible ways to improve its segregation of duties.

Establishing awareness of the risks and factors of fraud and implementing these best practices will help to deter fraudsters from stealing valuable resources from nonprofit organizations.

Resources:

https://www.acfe.com

ACFE 2016 Report to the Nations on Occupational Fraud and Abuse

https://www.aicpa.org

Broker Check