How to Avoid Fraud: 10 Essential Steps to Protect Your NFP from Fraud

Fraud can have detrimental effects on not-for-profit organizations (NFPs). For-profit businesses exist for the primary purpose of earning income. They exist to provide services or products, and, in return, the success of the business can be measured by the profit it makes. They also rely on the quality of their goods or services to protect their operations, even if they have been victims of fraud. NFPs, however, exist to meet the needs in a community, as defined in their mission statement. They rely to a far greater extent on their reputations as a result. Donors look at NFPs’ track records in terms of how well they serve their causes.

When fraud causes an NFP to lose money, that means less money is available to serve the NFP’s mission, which can lead to fewer donors being willing to contribute. Preventing and dealing with fraud requires an organized strategy and a dedicated team. The following 10 steps can help your organization plan for — and hopefully avoid — the most likely types of fraud.

Need more advice for your not-for-profit? Check out more articles our employees have written specifically for not-for-profits here including how new markets tax credits can benefit nonprofits!

1. Identify Your Organization’s Risks

Fraud comes in many forms. Each NFP has its own specific set of risks, which can come from both external threats, such as scammers or hackers, and internal ones like deceptive employees or conflicts of interest. Common forms of fraud that can affect NFPs include:

• Skimming, such as inflating accounts payable records and pocketing the difference;
• Expense reimbursement fraud, which might involve overstating the amount of an expense or submitting claims for expenses that were never incurred;
• Donation fraud, which can consist of redirecting donations from the organization;
• Corruption, such as bribery, self-dealing or other conflicts of interest; and
• Credit Card abuse, such as using an organization-issued credit card for personal use.

2. Keep an Eye on Your Books

Detecting fraud requires knowing the complete financial state of the organization at any given moment. Keeping your organization’s books up-to-date and accurate is essential to any fraud prevention strategy.

3. Develop Formal Policies

All policies related to fraud should be in writing and signed by employees, board members and anyone else who has access to the organization’s systems or resources and could therefore perpetrate fraud. Examples of policies that can be part of a fraud prevention strategy include the following:

• Financial/fiscal policies: How does the organization approve expenses? Who has the authority to spend the NFP’s money?
• Security policies: Who can sign checks, and who has an ATM card?
• Code of conduct: What standard of conduct does the organization expect from its employees, officers and directors?
• Ethics policies: How does the organization handle conflicts of interest? Who is required to report potential conflicts?
• Personnel policies: This set of policies addresses employment issues, including how the organization performs due diligence on potential employees who will be entrusted with its money. Criminal background checks are common to look for histories of offenses involving fraud or theft. Personnel policies should also address how the organization handles matters like wages, benefits and promotions.
• Enforcement policies: What are the consequences for someone who violates the NFP’s policies?

4. Commit to Cybersecurity

Digital security is just as important for NFPs as for any other organization. Online donations, in particular, need to be secure.

5. Establish Internal Controls

After creating written policies addressing fraud, your organization needs to be able to enforce those policies, monitor all systems, detect potential fraud and act on likely threats. Keeping written documentation of as many daily activities as possible can help you detect unusual patterns of behavior. You need someone, or a team of people, reviewing everything in order to make those kinds of identifications.

Redundancies in employee tasks can also help prevent certain types of fraud. No individual employee should be the only person in the organization who knows how to do something. Someone else should always be able to check their work.

6. Include Everybody in the Process

Create a culture of compliance. A fraud prevention strategy cannot work unless everyone in the organization is involved. Your organization’s leadership and its board of directors need to be involved in planning the strategy. They need to remain in the loop on internal controls and other efforts to manage the strategy. Employees need training on their expectations and responsibilities.

7. Allow Anonymous Reporting

Auditing, both internal and external, only finds a fraction of the total amount of fraud that occurs. Employees, vendors and others involved with the organization are often in the best position to notice when fraud is occurring or is about to occur. They may also be hesitant to step forward. An anonymous reporting system, such as a hotline or an online reporting form, allows them to report their concerns without fear of retaliation. Having a third party manage the reporting system can ensure that no one within the organization can tamper with complaints or investigations.

8. Review Your Insurance Coverage

Various types of insurance are available to protect NFPs against risks related to fraud, such as employee dishonesty coverage. It may be worth looking into coverage that addresses your organization’s specific risks.

9. Make Periodic Reviews of Fraud Policies and Internal Controls

Nothing you create for fraud prevention purposes is written in stone. Policies and practices need to adapt and evolve to meet new circumstances and threats. Plan on conducting periodic reviews to see what is and is not working.

10. Be Fair and Kind to Employees

Many fraud risks come from inside an organization. Keeping a close eye on employees can help prevent some types of fraud. Treating employees well can go further by preventing many employees from ever thinking of committing fraud in the first place.

• Employees who believe their employer has treated them unfairly are often more likely to commit fraud. Consistent application of personnel policies and enforcement of codes of conduct can keep everyone feeling like they are part of a team.
• Vacation time can be a way to reward employees while guarding against potential fraud. Employees who take time away from work now and then are less likely to be able to develop long-term schemes. While our society often values employees who never take vacations, that can actually be a bad sign. It is possible that an employee who never wants to be away from work is worried about what someone might find while they are away.
• Making services like counseling available to employees can be part of fraud prevention. An employee who is dealing with issues like addiction or divorce may feel like they have no options besides defrauding their employer. Providing them with access to services that can help them find other resources can stop that from happening.

Preventing and addressing fraud requires a well-organized strategy and a dedicated team. By following the 10 steps outlined above, organizations can plan for and, hopefully, avoid the most common types of fraud. 

Want to learn more about LGT's not-for-profit focus? Click here to learn more!

Have questions? We would love to help!

If you have any questions or would like additional information about anything mentioned, please comment below or email us at askus@lgt-cpa.com.