Reducing the Risk of Fraud in Your Charity or Faith Organisation

July 6, 2016 - 10 minutes read

DogFor many of us, the word ‘fraud’ might conjure up images of corruption in large corporations, or dramatic stories you might hear on the evening news. However, the reality is that a great deal of fraud occurs in relatively ‘small’ ways. It also frequently goes undetected.

Fraud might also be something that is not uppermost in the thoughts of church leaders, who are often far more focussed on outreach and delivery of services. It’s important though to be aware that it can occur in churches, charities and not-for-profits (NFPs) just as it does in commercial enterprises, and this makes it important for these organisations to implement procedures and strategies for fraud detection and prevention.

In fact in one particular case, a former Uniting Church employee forged withdrawal forms and cheques and managed to steal more than $4 million from the church’s charitable accounts over a period of 7 years – with the theft only being found out during an annual audit. As a result, the church filed lawsuits against the bank for failing to prevent the thefts, and also against the audit / accountancy firm for negligence in failing to pick up the fraud for so many years. The church also developed new policies to reduce the chances of a recurrence.

How big is fraud?

Every two years the ACFE (Association of Certified Fraud Examiners) produces a ‘Report to the Nations’ document based on their research into occupational fraud around the world.

Here are some of the impacts of fraud from the 2016 survey and report:

  • Total losses from fraud: $6.3 billion.
  • The most common type of fraud: asset misappropriation at 83%, with a median loss of $125,000.
    Examples of this include inaccurate expense claims, claiming payment for time not worked, using business credit cards for personal expenses, and the creation of ‘fake’ invoices.
  • The least common type of fraud: financial statement fraud at 10%. However even though the rate is low, it results in a much higher median loss of around $975,000.
  • Median loss across all fraud cases: $150,000.
  • Most common concealment activity: creating and altering physical documents, at a rate of 94.5%.

The research shows that for organisations with anti-fraud controls in place, detection of fraud occurred up to 50% faster, and losses from fraud were 14%-54% lower.

It also found that the median losses from fraud were similar in both small business and large corporations. However the impact on smaller organisations is much greater, as you might expect.

The impact of fraud is not only financial however; it can also have a negative effect on workplace health and safety. Examples of this include loss of reputation, poor morale, resentment, suspicion and lack of trust, and excessive internal focus.

Why do people commit fraud?

People who commit fraud are not necessarily seasoned criminals. Research indicates they often do not come into an organisation with the intent of committing crime, but are drawn into it in some way. This might include current personal financial difficulties, or a perception of unfairness at work – such as poor remuneration or reward or inequitable treatment. Some employees might also ‘borrow’ money with the intention of repaying it. They could also become tempted as a result of lax procedures or poor internal controls.

Potential impact on churches and not-for-profits

Smaller organisations often lack the resources of larger ones to implement detection methods and prevention strategies, and for NFPs this may be even more the case. Church organisations might also be particularly vulnerable to fraud, due to high turnover of Board members, and / or lack of appropriately qualified or experienced workers. This makes detection and prevention possibly even more important – especially where good stewardship, accountability and transparency are considered to be essential qualities.

Prevention strategies

Prevention strategies can go a long way towards reducing the risk, including in the areas of recruitment, procedures, and audits, which are covered below.

Recruitment and employment:

  • Create clearly-defined job descriptions so that workers fully understand the scope and expectation of their roles.
  • Make sure to develop good recruitment practices. These should include conducting thorough background checks and ensuring the appointment of properly qualified and experienced people for the organisation.
  • Provide ongoing staff training. Proper training of all personnel in your systems, along with a reasonable level of supervision and work-checking, helps to reduce the risk of errors and fraud.
  • Ensure that paid employees are rewarded appropriately – i.e. according to national standards and / or recommended minimum remuneration packages for ministers.
  • Regularly rotate worker tasks and responsibilities, and conduct annual or semi-annual performance reviews and feedback.

Procedures and internal controls:

  • Reconcile all your bank accounts and credit card statements regularly. This helps you to detect errors or unauthorised transactions.
  • Segregate duties by designating separate individuals for receipting / counting of cash and doing the banking.
  • Set up dual authorisers. For example, always ensure there are two signatories or authorises for cheque and online payments.
  • Conduct regular data audits of your finances to uncover problems and errors.
  • Develop sound IT policies. This includes creating separate logins and passwords for users, plus different levels of access to programs and data depending on responsibilities. Installation of firewalls and anti-virus software are also important strategies to prevent unauthorised access and hacking.
  • Set up procedures for security. Areas to consider include locking the premises after hours, locking-up of safes and filing cabinets to prevent unauthorised access, and restricting access to certain areas of the building .

Other strategies:

  • Conduct regular independent external audits on a regular basis to examine and verify the accuracy of your organisation’s finances.
  • Develop strong board governance and oversight and conduct regular reviews.
  • Create a culture if transparency, accountability, and zero tolerance for dishonesty and fraud.

The above strategies not only improve security. They also reduce the temptation that can present itself in organisations where workplace and security procedures tend to be lax.

In saying all this though it’s impossible to eliminate all risk. Displaying a lack of trust in your workers or constantly micro-managing them could also lead to resentment. This means that your prevention strategies will need to involve some degree of balance.

Detection

Some of the more successful methods for detecting fraud include anonymous tip-offs or hotlines, regular account reconciliations, data monitoring, and internal and external audits (see our previous article on the importance of regular audits for more information). In addition, look for any ‘warning signs’. For instance, if you see a worker clearly living beyond their means it may indicate that something is not as it should be. This might warrant a little further investigation!

Response and reporting procedures

It’s vital to respond in a sober manner to suspected fraud; the last thing you would want is to accuse a person unfairly and risk ruining a perfectly good relationship! The first thing to do is to gather as many facts and evidence as you can. You should do this before taking any additional steps, which may include:

  • Discussing the situation with the suspect and allowing them the opportunity to respond.
  • Isolating the suspect’s computer for forensic examination.
  • Getting professional assistance from a legal representative.
  • Reporting to the police and dismissing the worker if the fraud is confirmed (see our previous post on lawfully dismissing employees).

We also have a number of other posts relating to this issue on our website:

Church building security and crime-proofing.
Importance of independent financial audits.
Protection of sensitive data and information.
Cash security tips for churches.
Church key-and-lock management.
Lawfully dismissing workers.

Written by Tess Oliver

Tags: ,