There is always a lesson to be learned in the experience of another nonprofit, especially when it comes to fraud. Nonprofits frequently lack the strong controls and policies to ensure their organization is fully protected against employee fraud, making them vulnerable when they put too much power in the wrong employee’s hands.
Below is the real-life story (names withheld) of a nonprofit organization whose lack of internal controls and policies lost them more than $160,000 from employee fraud, and the lessons learned that could stop the same thing from happening to your organization.
Setting the Stage
ABC Nonprofit, a mid-size nonprofit with an annual operating budget of about $2.5 million, hired their new director of finance, John Smith, seven months ago. While the organization believed him to be an honest, qualified employee, the truth was John begun stealing from the nonprofit from the very beginning of his employment. Over the course of seven months, John perpetuated multiple acts of fraud, including:
- Writing and cashing fraudulent checks (side note: never, ever, ever pre-sign checks)
- Processing unauthorized wire transfers
- Altering his salary and duplicating paychecks as part of an ongoing payroll scheme
- Submitting false expense reimbursements (did you know fraudsters love lax expense reimbursement policies?)
Discovering the Truth
Most nonprofits would like to believe this unprecedented level of fraud at their own organization would have been discovered and stopped quickly. And for all intents and purposes, John’s fraudulent activities were uncovered in seven months, a relatively short amount of time given some fraud goes on for years. Then again, most nonprofits aren’t alerted to an employee’s prior fraud thanks to a tip from the FBI…
When they’d hired John, ABC Nonprofit had called his listed references, but they hadn’t done a thorough background check. If they had done a complete check of John’s criminal history, they would have discovered that John was under investigation for fraud at his prior place of employment, a fact that was relayed to the organization’s executive director seven months after John’s start date in a call from the FBI.
This prompted ABC Nonprofit to start digging into John’s activities over the past seven months, a search that uncovered John had already embezzled over $160,000 from the organization. As a result of this discovery, the organization spent much of the next few months tied up in a fraud investigation while trying to keep their operations on track, paying legal and forensic accounting fees, and most importantly – trying to minimize the mark the investigation would make on their organization’s reputation.
In the end, John plead guilty to the fraud and was sentenced to three years of prison and ordered to pay restitution in the total of $1.3 million to ABC Nonprofit and three other organizations he’d stolen from.
Lessons to Learn
While ABC Nonprofit was lucky to recover most of the money stolen through their insurance policy, the true monetary hit would come from the effect of the organization’s damaged reputation on future donations and grant funds.
Your nonprofit should be constantly working to keep your internal controls and policies up-to-date to prevent acts of fraud. ABC Nonprofit’s story serves as a reminder that:
- Calling a candidate’s references is never enough. You hope that everyone who applies for a job at your organization is honest and good-intentioned, but the truth is, unless you have a prior relationship with a person’s reference, you never really know if the person on the other end of the line is who they say they are. Doing a thorough background check is an important part of vetting a candidate. After all, would you rather uncover an applicant’s history of criminal activity before or after you give them the power to steal from you?
- Your organization needs strong internal controls – period. Putting all the power in the hands of one person, especially when it comes to money, is a recipe for disaster. Not only does segregation of duties help ensure honest mistakes aren’t being made, but strong internal controls make it that much more difficult for wrong-doers to cash-in on your organization. It was because John Smith had all-access to ABC Nonprofit’s financial processes, including salary information and payroll, that he was able to increase his own salary without approval from anyone else in the organization.
- Review your bank reconciliations on a regular basis. The regular review of your bank reconciliations is not only part of fraud prevention but simply good business. If ABC Nonprofit had been reviewing the bank reconciliations that John Smith prepared, they most likely would have caught him in a month rather than seven.
- Fidelity bond coverage is important. Like any form of insurance, you do everything you can to hope you never need to use your coverage, but if and when the time comes when a fraudster manages to slip through your organization’s control system, you’ll be happy you have a safety net. In the case of ABC Nonprofit, their fidelity bond insurance helped them recover over 90% of the funds John Smith had embezzled.
- Don’t put all of your trust in one person. All of us want to believe everyone we hire is trustworthy, but the truth is, fraudsters are hired at businesses each and every day. Remember, not only do strong fraud prevention policies and controls prevent fraud, these systems also prevent genuine mistakes by requiring multiple levels of review. We need to protect ourselves and our organizations by making sure we implement smart and preventative policies rather place the power of our organization’s future in the hands of one individual.
Need Help?
If you suspect fraud in your organization, you’ll want to sit down with a fraud expert as soon as possible. When it comes to suspected fraud, you want a seasoned investigator who has the expertise and knowledge to spot a fraudster and, if needed, help prosecute them. Contact us online or call 800.899.4623.