Recommended Financial Controls for Small Nonprofits

By October 27, 2022Accounting, Nonprofit
two people looking at financial graphics, tablet, and calculator on table

The Association of Certified Fraud Examiners (ACFE) issued a report in 2020 that provided a unique lens into the world of fraud, specifically nonprofit fraud. Fraud, including embezzlement and other redirection of funds or assets, is a continuing (and growing) problem for businesses of all types, but especially for nonprofits. According to their report, nonprofit fraud accounted for 9% of total corporate fraud with a median loss of $75,000 and an average loss of $639,000.

Perhaps more surprisingly is the fact that the ACFE found that the smallest organizations, both for-profit and nonprofit, reported the second highest amount of theft and fraud. Those with revenues under $50 million and less than 100 employees are at greatest risk of loss due to fraud.

While that may not seem like much compared to for-profit corporations, most nonprofits operate on a significantly leaner budget than their for-profit counterparts. And every penny lost to fraud is a penny that could be spent towards achieving an organization’s mission.

Nonprofits Lack Internal Controls

Internal controls are defined as the methods, processes, and procedures used for accountability and transparency in accounting departments. Good internal controls describe the means, methods, and people who can access the organization’s funds and provide guidelines for how funds should be handled.

The ACFE Report, as well as a statement on the Oregon Department of Justice website, attribute lack of internal controls in nonprofit organizations as the primary weakness by which thieves are able to siphon funds from nonprofits. For example, the ACFE report indicates that the majority of nonprofits (more than 50%) lack surprise audits, formal fraud risk assessments, management review, and internal audit departments, all of which combined deter fraud.

The Solution: Implement Best Practices to Prevent Loss

There are several internal controls that nonprofits can implement to prevent loss. These best practices include:

  1. Separation of financial duties

One individual should never oversee two or more phases of a financial transaction. For example, the person who signs the checks should not be the person who approves the expenses. Having two or more people review, approve, and/or issue the check ensures there are steps in the process in which fraud can be detected.

  1. Reconcile bank and credit card statements

It’s a basic accounting function, but the reconciliation of both bank and credit card statements is often delayed or even overlooked in busy and short-staffed accounting departments. Yet the reconciliation of each of these types of accounts can quickly uncover potential embezzlement and fraudulent charges. The faster that fraud is uncovered, the faster your organization can act upon the information to determine the source.

  1. Enact clear procedures to handle cash

Cash is one of the most tempting items to steal; even people who might not normally embezzle from corporate accounts may be tempted to slip a bill into their pocket. Having clear guidelines for handling cash such as petty cash or a cash box at an event or function is vital to protecting this asset. Guidelines may include having two people present every time the petty cash box is removed from the safe—one person witnessing while another counts the amount, signing receipts for petty cash, etc.

  1. Control disbursements

All disbursements by cash or check should be controlled by two people; one who approves the disbursement and the other who can sign for it. This eliminates one person from having the power to issue disbursements, presumably to themselves.

  1. Limit debit and credit card access

Lastly, if your organization issues credit cards, it is important to have strict guidelines in place about who can receive such a card and when and how they can be used. Such guidelines may include the amount that may be spent and the purpose for which it may be spent without prior authorization, the necessity of providing detailed receipts, and so on. Limiting cards to only those with a clear need, such as managers who travel frequently, also prevents abuse.

As inflation continues to rise and everyone feels the pinch in their pocketbooks, theft becomes tempting. Removing temptation through strong internal controls is the key to preventing nonprofit fraud.

Welter Consulting

Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services that can help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.