Each time a major nonprofit fraud makes headlines, nonprofit finance leaders are reminded once again of the critical importance of transparency and internal controls. Most nonprofit frauds are not the result of operating sham charities, but rather they are frauds perpetrated against great organizations from within by a few dishonest employees.
The Association of Certified Fraud Examiners (ACFE) estimates that organizations lose 5% of annual revenues to fraud. According to Giving USA, the not-for-profit sector raised nearly $428 billion dollars in contributions in 2018, so approximately $21 billion dollars was likely lost to nonprofit frauds.
Nonprofit management consultant Marion Lee, of Lee + Associates, eloquently summarized how fraud at a nonprofit reaches beyond the finances to threaten organizational mission:
“When people steal from a nonprofit more than money is lost: services to children and fragile populations are diminished or cut altogether; quality-of-life programs for everyone in the community are affected; and the people closest to home–the donors, staff, volunteers, and volunteer board–will suffer loss of trust and jobs, fear, insinuation and rumor, investigation, and a level of stress that is for some, unbearable.”
Lack of internal controls can destroy your mission
Researchers at the University of Dayton studied 115 nonprofit organizations that had suffered a publicized fraud. Within three years of the fraud incident, 25% of these nonprofits had closed down. Younger nonprofits were more likely to fail, with the authors noting “newer nonprofits may also lack the structure, systems and routines that older organizations typically possess.”
In its 2018 Report to the Nations, ACFE revealed that internal control weaknesses were responsible for 42% of fraud instances in organizations with fewer than 100 employees. Smaller organizations suffered a median loss of $200,000 per fraud incident—nearly twice as much as larger organizations. In many cases, nonprofits lack the processes and technology required to establish sufficient internal controls for detecting fraud.
When it comes to detecting fraud, spreadsheets don’t cut it
Entry-level accounting software usually does not provide nonprofit finance leaders with the kind of internal controls, audit trail, and financial reporting they need to run the organization effectively. Many organizations settle for pulling data out of the accounting system into Excel spreadsheets. Not only are spreadsheets less reliable than real-time reporting in a robust nonprofit financial management solution, but spreadsheets can leave nonprofits more vulnerable to fraud.
Nearly 90% of spreadsheets contain errors, according to studies by PwC and KPMG. They also require too much manual manipulation, making them wildly inefficient. But the biggest problem with using spreadsheets is that they are easily manipulated and leave no audit trail. Any bad actor in your organization with access to reports could hide their fraud by manually changing the reports.
How Nonprofit Accounting Software Can Strengthen Internal Controls and Help Fight Nonprofit Fraud
There are many ways that cloud-based financial management solutions like Sage Intacct can help nonprofits establish and support internal control processes:
1. Audit trails
According to the ACFE Report to the Nations, 97% of fraud cases involve some attempt by the perpetrator to conceal evidence of the fraud. Here are the top eight methods of concealment used in internal frauds:
If a nonprofit organization uses a financial management solution with a strong audit trail, it tracks which user changes or creates financial transactions or creates a journal entry. If fraud occurs, it is easy to identify the last person associated with the fraudulent transaction.
2. Automated approval routing
With fewer employees, small nonprofits may rely too heavily on a single person to fill multiple roles. If one accounting person does it all—paying vendors, depositing funds, reviewing bank statements—the risk of long-standing undetected fraud is higher than if duties were delegated to several people.
In one case highlighted by ACFE, a smaller nonprofit trusted a single bookkeeper with the longest tenure on the staff. She stole approximately $2.8 million dollars over the course of a ten-year scheme, writing herself checks coded to an obscure GL account and then manually changing the bank statement printouts by pasting a vendor’s name over her own and then making photocopies. The fraud went undiscovered by two separate CPA firms.
A robust nonprofit financial management system will include the ability to set up automated approval rules that cannot be changed without the appropriate user access permissions. For example, expenses can be routed automatically to supervisors for authorization or checks for large amounts can require executive sign-off.
3. Role-based secure access control
A financial management solution should allow an organization to set up permissions based on a user’s role, preventing them from accessing financial data from areas of the organization that are not relevant to their jobs. This helps establish a separation of duties and also prevents a dishonest employee from posing as somebody else while in the system.
4. Real-time reporting and dashboards
With a cloud-based financial management solution, it is possible to provide real-time reporting and visual dashboards across the organization to executives, board members, program leaders, managers and other employees. This makes it harder for an employee to falsify financial records because reports change in real time based on the information in the database. Dashboards provide an easy way for executives to monitor spending and drill down into granular data points if any financial indicators appear suspicious.
5. Accounts payable automation
Payables was an area where fraud occurred in 40% of incidents within religious, charitable or social services organizations, according to the ACFE, making fraudulent disbursements the top vulnerability in a nonprofit organization. Automating AP processes can improve efficiency while delivering real-time, accurate fund visibility and reporting to many users. Sage Intacct accounts payable software lets organizations track and view payments, approvals, and reports—anytime, anywhere. In real-time, financial managers can review accounts payable liabilities and vendor-aging reports, as well as bill and check register reports across the organization. Sage Intacct also syncs with providers like Bill.com and Amex, so organizations can schedule bill payments or add vendors while automatically updating Sage Intacct—eliminating double data entry.
Donors count on nonprofit organizations to use their contributions to the highest purpose. When internal fraud occurs in a nonprofit, it is a breach of trust with donors, co-workers and the communities served. The best fraud prevention involves strengthening internal controls to proactively monitor transactions and expenses in real time. Cloud-based nonprofit accounting software supports best practices for internal controls through real-time visibility, audit trails, security features, and AP automation.
Sage Intacct gives nonprofit finance leaders internal controls and real-time reporting tools to prevent fraud. Learn more by reading our eBook, Secrets to Gaining Visibility into Nonprofit Financials.
Recommended Next Read
Six Common Reasons to Change Fund Accounting Software