Organizational leaders often hear the word “fraud” and think that it won’t happen to their not-for-profit organization. Yet, every year, thousands of organizations are forced to address fraud in its various dimensions. At the most basic level, it’s important to have the mindset that fraud can take place under your roof, and once you acknowledge that, it’s important to know how to detect and prevent fraud within your organization, both now and in the future.
With these issues in mind, Baker Tilly hosted a session at the Resource Center for Religious Institutes (RCRI) National Conference. Our not-for-profit specialists discussed a variety of fraud-related topics, including:
A summary of the discussion can be found below, and you can watch a recording of the presentation here.
Building fraud awareness – What leads to fraud?
It’s always good to start with the simple reminder of the fraud triangle. Fraud is the intent to deceive and can manifest itself when three factors are present: motivation, rationalization and opportunity. Motivation often stems from financial or work pressure, while rationalization includes internal reasonings such as “I’m overworked and underpaid,” or “I’ll pay it back.” Opportunity, meanwhile, is generally a perceived lack of internal controls or ineffective monitoring of controls (i.e., “management won’t care” or “nobody will notice”). Organizations can only prevent opportunity on the fraud triangle, which is why the internal control environment is so important.
How to better detect fraud?
Studies have shown that roughly one-third of religious congregations will experience fraud at some point. Digging deeper, the vast majority of fraud consists of misappropriation of organizational funds for personal use. This frequently takes place through accounts payable or credit card and expense reimbursements.
Unfortunately, finding this fraud can be difficult because it typically occurs from a position that is manager or above. The person likely has a decent amount of authority or control and potentially a lot of trust within the organization. With their influence and position, those who work for them and see activity that is suspicious, are likely concerned for their job if they report anything and/or are unsure if the activity is fraudulent because the position and/or person is revered within the organization and may have justified the activities.
Not-for-profit organizations heavily rely on the external audit process for finding fraud, but audits makeup less than 5% of reported cases according to the Association of Certified Fraud Examiners 2022: A Report to the Nations. According to that same report, over 40% of fraud cases are reported from whistleblowers or external tips. A simple response to this information is to implement a whistleblower policy. A policy that allows employees to report to a board member or verified third-party which creates a safer reporting of suspicious activity and discreet follow-up. The faster fraud can be detected, the fewer the dollars that can be misappropriated.
How to improve your organization to prevent fraud
As we mentioned above, organizations can only control the “opportunity” factor for fraud. While having detective measures in place for fraud to be reported is important, a regular review of internal controls to deter fraud is even better.
Reviewing procedures on a regular basis, looking for good segregation of duties and appropriate monitoring, is a fundamental step. Looking at employee permissions within the organization’s financial systems can also shed light on some deficiencies. Who truly needs access to each area? Pay special attention to accounts payable and who has the ability to access funds and transfer funds within all of the cash and investment accounts.
Another important step is to include leadership and the board. We encourage our clients to have a “what could go wrong” meeting in which organizational leaders discuss areas where they could commit fraud. The idea is to create a foundation for fraud awareness that ultimately will lead to supporting initiatives that detect and prevent fraud. If they see the vulnerability, they are more likely to invest time and money to prevent the vulnerability in the future.
Communication is another critical component to fraud prevention and detection. Organizations must have candid conversations with board members and employees throughout the organization. The mindset should be “trust, but verify,” meaning leave no stone unturned, even among trusted and high-ranking members of the organization. Positions of rank within the organization are two times more likely to be the ones committing the fraud.
Current trends in fraud to keep you alert
Baker Tilly is preparing for its upcoming virtual Fraud Summit on May 4-5, 2023. We were able to catch up with our fraud specialists to get feedback on what they have seen in not-for-profit organizations recently. Here are some tips to help:
Retain proper books and records – This seems simple, but the lack of complete and accurate books and records has created roadblocks on recent investigations because the information is incomplete, and we cannot tell what happened or who was involved. When it is difficult to discern the credibility of the fraud allegations we are researching, leadership often has to make decisions with limited or incomplete information that puts their reputation and credibility on the line. Besides better helping an organization when they find themselves in a fraud or misconduct situation, the IRS requires that organizations retain accurate books and records to keep their tax-exempt status.
Perform due diligence and background checks on employees – We have learned that some not-for-profit organizations are not doing enough to screen potential employees in financial positions. We have seen employees with prior criminal histories, including allegations or convictions of fraud, that the organization only learned about because we began to investigate. Not-for-profit organizations tend to be overly trusting and repeat offenders know how to take advantage of this trust. Properly screening and vetting potential employees helps protect from possible misappropriation.
Baker Tilly can assist with fraud detection and prevention
Not-for-profit and religious organizations are often more susceptible to fraud and get attacked frequently because they can be perceived as easy targets. There is generally a limit on their resources and typically NFP organizations operate heavily on trust more than many large corporations do.
Baker Tilly’s NFP specialists are available to help organizations of all sizes with fraud detection and prevention. To further discuss how our Value Architects™ can assist your organization, contact our team today.