Category

Fraud

Trust, But Verify: Avoid Fraud by Maintaining Internal Controls

By | Accounting, Fraud, Internal Controls, MIP Fund Accounting, Nonprofit | No Comments

Trust, so the experts tell us, must be earned over time. In the workplace, it is earned by consistently performing one’s duties well and by successfully accepting ever-increasing responsibilities.

The nonprofit workplace, like the for-profit workplace, works best in an atmosphere of trust and mutual respect among one’s colleagues. Without it, the workplace can be hostile, unfriendly, and uncomfortable.

But there is a fine line between suspicion and performing due diligence. Nonprofit organizations should guard against allowing trust to blindside them to the potential dangers of fraud and theft in the workplace.

A Cautionary Tale of the Ramifications of Blind Trust

One story that stands out is the story of Marge (not her real name), who worked at a large nonprofit organization. She was like a second mother to the staff. Honest, always willing to work extra hours, diligent in her job duties in the accounting department, Marge was trusted with managing many areas of the organization’s finances.

Although the organization had internal controls in place, they were often waived for Marge and other senior staff members who were so well-regarded and trusted that they weren’t questioned when they dodged the procedures. Marge was especially trusted and valued and did not have anyone present when she counted out petty cash or handled the checkbook.

One day it was discovered that money was missing from the petty cash. An audit revealed that small amounts of money had been taken from the petty cash box as well as from the checking account. Because Marge controlled both, she could make slight adjustments in the entry ledgers to avoid suspicion for a long time. It took the auditors only a short while to uncover the discrepancies and for Marge to confess that her lottery ticket habit had become a necessity and that she had been stealing ever increasing amounts to fuel an obsession with gambling.

Is Marge an isolated case? We think not, and a quick survey of the various nonprofit journals reveals similar patterns of fraud. Fraud doesn’t occur in isolation. It tends to occur when gaps are left within the internal controls that are intended to prevent such situations. In this case, trust and friendship overrode common sense. Exceptions were made that should not have been made. The result was an organization poorer for the loss of both money and a trusted employee who had to be let go when the truth was revealed.

Preventing and Identifying Fraud

Trust is a wonderful thing and a valued commodity in the workplace. That said, it should not preclude the use of standards, internal controls, and audits.

  • Preventing Fraud
    • Standards are the accepted norms for an industry. Accounting standards, security standards, and workplace standards can be codified and recorded in written manuals provided to all employees. Everyone can then be held to the same shared standard of conduct and behavior.
    • Internal controls are the processes and procedures put into place around access to the organization’s finances. These controls should be written down and shared among staff. Training sessions and refresher training session are also important to ensure consistent understanding of the controls among everyone.
  • Recognizing Fraud:
    • Audits bring in outside consultants such as CPA firms, well-versed in accounting for nonprofits to examine your organization’s financial records, provide recommendations, and discover discrepancies.
    • Provide staff with an anonymous method to report incidences of fraud to their supervisors or to the managers in your organization.

Trust doesn’t have to be blind. Assuring people that their work matters, listening to their ideas, implementing their suggestions and other positive examples of trust can build bonds among workers that engender loyalty to your organization. Don’t leave your nonprofit open to fraud or theft due to blind trust. Trust, but verify, and stick to accepted norms and standards of behavior and internal controls to prevent problems before they occur.

About Welter Consulting

Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services that can help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.

How Good Are You at Detecting Nonprofit Fraud?

By | Accounting, Audit, Fraud, Nonprofit | No Comments

The average nonprofit fraud loss averages around $600,000, according to the NonProfit Times. With so much at stake, understanding your fraud IQ is important. How much do you know about nonprofit fraud?

Principles of Fraud Risk Management

The principles of fraud risk management include:

  1. Fraud risk governance: Establishing and communicating a fraud risk management program demonstrates expectations to all stakeholders. A written program which can be shared is a great idea.
  2. Fraud risk assessment: This includes items such as employment checks, ensuring people take vacation time and more.
  3. Fraud control activity: Selecting, developing, and deploying fraud risk management activities. A good example is a set of internal controls.
  4. Fraud investigation and corrective action: Establishing a communication process to investigate and correct any suspected fraud. Also includes a written, established and coordinated approach to the investigation.
  5. Fraud risk management and monitoring: Every organization should select, develop, and perform ongoing fraud risk management evaluations. Look at these five principles and see how they apply throughout the organization. Any gaps should be addressed immediately.

Data can, and should, be used throughout all of the fraud risk assessment and analysis activities. As we’ve shown in a previous article, Benford’s Curve is one example of how data can be used, albeit a simple use, to indicate possible fraud. CPAs, auditors, and others can use more sophisticated techniques to detect errors and fraudulent activities.

Whose Responsibility Is It, Anyway?

Who on staff is responsible for fraud detection, management, and corrective actions? Your senior management team is ultimately responsible for all of these actions. The Board of Directors provides oversight and guidance, but the “buck stops” at the desk of your senior leadership team.

Fraud Risk Assessment

Fraud risk assessment includes considering all potential routes of fraud. This includes internal and external areas at risk as well as personnel who might have access to materials which enables them to commit fraud.

Even with the best risk assessment and controls in place, it may be impossible to prevent all types of fraud. It is still critical for nonprofit organizations to have fraud risk assessment measures in place, internal controls, and other measures enacted to prevent, limit, and detect fraud.

Stopping Fraud Starts with You

Much is at risk when it comes to nonprofit fraud. It’s not just the potential loss of $600,000 or so, which is, of course, a substantial number. It’s also the risk of losing the trust and faith of the public.

Nonprofit organizations are under heavy scrutiny now from a public who has grown weary of extravagant spending. People want to donate to their favorite charities, causes, and membership organizations, but they won’t do so if they feel their money is wasted. Fraud is one example of waste that many  donors feel can be prevented.

Your organization works hard on behalf of its members, donors, and beneficiaries. Ensuring that you take all necessary steps to prevent fraud and detect it if it occurs is essential to building and keeping the public trust.

For more information on fraud prevention, see:

About Welter Consulting

Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services that can help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.

How a Slippery Slope Can Help You Detect Nonprofit Fraud

By | Accounting, Audit, Fraud, Nonprofit | No Comments

Think about the term “slippery slope” for a moment. What do you imagine when you read it? How about a water slide? An article in the Journal of Accountancy compared Bedford’s Law with a theme park water slide, an apt image, and one that’s easy to keep in mind. Keep the concept of a curve in mind when looking at your data and you’ll be able to detect nonprofit fraud more easily.

A Picture of Nonprofit Fraud

In 1938, Frank Benford discovered a naturally occurring numerical law that predicts the frequency of digits in any number set. According to Bedford’s Law, an authentic data set includes the following frequency of digits:

  • the numeral 1 will be the leading digit in a genuine data set of numbers 30.1% of the time;
  • the numeral 2 will be the leading digit 17.6% of the time;
  • and each subsequent numeral, 3 through 9, will be the leading digit with decreasing frequency.

Using Excel data and some simple calculations, you can chart your nonprofit’s numbers on a Benford curve. If the numbers don’t resemble the curve, it’s time to investigate, as something may be amiss.

Using Benford’s Law in Nonprofit Accounting

Benford’s Law works best with large data sets, typically groups of numbers with more than 100 entries. Fewer numbers provide too small a data set to chart accurately. Some recommend 500 or more numbers for improved accuracy.

Other tips include:

  • The numbers must have an equal chance of starting with 1 through 9. If the dataset limits the numbers, Benford’s Law won’t work. Thus, calculating the average height of the Rockettes, the Radio City Dance troupe, doesn’t work because all Rockettes must be between 5’ 6” and 5” 10 1/2” tall; all digits begin with 5, therefore the curve won’t work. Think about this if your products are all priced with the same starting digit. Entering them into the spreadsheet and generating a curve won’t work to detect fraud, i.e., if all conferences run by your nonprofit have a fee of $199 for example.
  • Don’t use it as definitive proof of fraud. Benford’s curve cannot prove or disprove fraud. It’s like a clue that leads you to investigate more deeply into potential fraud. It’s not a good idea to use it to accuse someone of fraudulent activity. It can, however, point to a problem requiring further investigation or the addition of an outside consultant to your team.

To use Excel to plot a Benford Curve:

  1. Use the Column Chart, LEFT, and COUNTIF functions.
  2. Enter the data by name in column A, and numerically in subsequent columns.
  3. Use the LEFT function to extract the first digit of each number in a column.
  4. Copy and use the same formula to extract all the first digits.
  5. Use the =COUNTIF function to count the occurrence of the first digit from each number that you extracted in the step above.
  6. Copy the results to a new cell.
  7. Chart the results.

The previously linked Journal of Accountancy article provides an Excel spreadsheet already set up with relevant formulas that you can download.

By charting the numbers, you’ll either see the Benford curve or a random graph. Some graphs look like straight lines with slight bumps in the middle. This tends to indicate that the data was artificially produced, in which case, fraud may be occurring.

It also may not be an example of fraudulent activity. That’s why it’s important to perform additional checks and investigate potential fraud before making accusations. Sometimes, a bell curve is just a bell curve.

About Welter Consulting

Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services that can help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.

How Severe Weather Relates to Fraud

By | Accounting, Fraud, Nonprofit | No Comments

Severe weather alerts are loud, obnoxious and clearly intended to get our attention. They come in the form of ear-piercing beeps on the TV screen interrupting regular programming to display radars and “watch” and “warning” areas where people need to remain alert. Or, even scarier, they’re blaring beeps on the radio that overtake the station telling us to take shelter. These alerts serve a purpose, and for years they triggered my wildest fear.

Suppose as a child you hated “bad” weather; didn’t like dark clouds, heavy winds, or the clap of thunder, and hid under your covers until the storms passed. As an adult,, when you  had lived through enough crazy weather, you realized you could listen to warnings and take action to keep yourself and others safe in the event of an approaching severe storm.

How helpful would it be to have these types of alerts for the real life “bad” – might I say “severe” – things that happen in our workplaces? For example, the perfect storm for fraud (pretty much the worst of the “bad” things that can happen) may very possibly be brewing right this minute in our workplaces. Just imagine if a jarring bell sounded when there was some warning sign that a volunteer was feeling mounting financial pressures at home, or a fictitious vendor was making her way through your financial system, or a hacker was perusing your donor data.

We don’t have these audible warnings. Instead we, as employees, managers, and board members, often find out too late, when the money or information is already gone, or when we’re left trying to make sense of how someone we trusted perpetrated fraud.

The “ASAP” Call

As a consultant, I oftentimes get calls from board members who says they need help ASAP,:i.e.,, “We found out something unbelievably bad happened, here’s what we’ve done so far,, so, now, what should we do?”

These calls are hard to receive, and even harder to make for those dedicated employees serving mission-driven nonprofit organizations. The management team or board members are giving their time, talent, and treasures to organizations with a mission, about which they’re passionate. They have trust in their co-workers and vendors and don’t want to believe, or even plan for, bad things happening. And, fraud – an intentional diversion of funds from the mission, perpetrated by someone inside or outside the organization – is oftentimes the furthest thing from their mind. So, when fraud strikes, panic often ensues.

How to Prepare

The only way to respond efficiently  to something unexpected is to institute prevention measures to avoid these pitfalls and be prepared with a plan of action, which you formulated in advance, rather than reacting emotionally to an emergency situation. I’ve narrowed down the top three things I think we can learn from those weather alerts when it comes to fraud preparedness:

  • Fraud Awareness is key. Just like meteorologists look at models, forecasts, and radars, nonprofit management and board members should always have their radars up and remain alert. It is essential to understand the pressures, incentives, and opportunities real-life humans face that might lead them to do things you’d never think they could do. And, you can’t raise awareness without open lines of communication.
  • Fraud is not a forbidden four letter word. What I mean here, is talk about fraud. Use the word in meetings, talk about how it’s showing up in the news, and how others are dealing with it. Make it part of your organization’s dialogue. We might not want to talk about hurricanes, tornadoes, or flash floods, but they are real and by talking about fraud and how to prepare and plan for survival, everyone knows the organization is on the alert for fraud, the fear of talking about fraud is reduced and the power of a well-laid plan takes over.
  • Create and practice a fraud drill. If we know and practice tornado drills, why wouldn’t we have a plan in place that we practiced in the event of fraud? Crisis management, including disaster recovery, should encompass who, what, when, where, and how to deal with this situation. Create a plan, share your plan, and even practice it to create comfort in the process and find ways to improve it.

We all will continue to wish for blue skies and sunny days, just like we hope that fraud doesn’t hit us and our organization. But, the reality is that none of us have that control. So, instead, I strongly encourage you to act by raising your own awareness, opening dialogue, and creating and practicing what you’d do if fraud ever struck your organization.

At Welter Consulting we are committed to finding you the most affordable technology, the most powerful solution, and providing expert support. Welter Consulting partners with each nonprofit and is committed to providing solutions that preserve time and resources, by leveraging technology and superior reporting that allows organizations to focus on impacting their communities. We e passionate professionals who choose to work in the nonprofit sector for the same reason you do – helping others. Please give us a call at (206) 605-3113.