by Christine M. Searle, CIA, CRMA, Owner, Searle Business Solutions, LLC
Fraud in the Local News
You’ve probably read local news stories about theft of business or non-profit funds, otherwise known as fraud. If you aren’t sure that you have, here are a few real-life examples that might help you decide:
• A DC-based non-profit organization is nearly bankrupt by its CEO, who took improper pension payouts and charged personal expenses on the non-profit’s credit cards.
• A Washington, DC, teacher’s union president bankrolls her lavish lifestyle and generous gift-giving with stolen members’ dues.
• A DC-area association employee steals organization funds by authorizing vendor payments and having the checks returned to her.
These news stories make you wonder, “How could these terrible things happen?” Then you think, “Didn’t anyone notice?” Then it hits you – “Could fraud happen in my business or non-profit?” Unfortunately, the answer is “yes”. Even worse, some frauds go on for years without being discovered by managers, accountants or auditors.
But it’s not all bad news. Even small businesses and non-profits can take action to safeguard their funds at little or no additional cost. Making a few simple changes, business and non-profit leaders can reduce the chances that a motivated fraudster will steal their organization’s funds.
Delegation, Trust and Fraud
Unless you have the time and expertise to handle all your organization’s funds and financial records yourself, you have to delegate tasks to others – employees, volunteers, or outside providers. Selecting trust-worthy individuals is important, sure. But with the “right” combination of access, opportunity, and motive, even honest people can be tempted to steal.
Fraud risk increases when one person performs multiple roles in a financial transaction without any independent review or oversight. Working alone allows for covering-up fraudulent activity. Fraud risk can be higher in small businesses and non-profits where there are not enough employees or volunteers to separate transaction steps. However, even larger businesses and non-profits with more available people sometimes allow one person to perform transaction steps that should be separated.
Collusion between two or more people also happens, but is less common. Vendor-perpetrated fraud may occur if there is a perception that the business or non-profit is not monitoring vendor invoices or performance.
Protecting Your Funds and Your People
Here are some best practices that, if effectively implemented, will reduce a fraudster’s access and opportunity to steal.
Separate Transaction Tasks – It’s essential to assign transaction tasks in a way that makes it difficult for funds to be diverted from your bottom line. Thoughtful task assignments protect your people as well as your funds. Examples of transaction tasks that should be separated include:
• Approvals to spend funds should be separate from accessing the check stock and preparing the checks.
• Prepared and signed checks should be mailed directly, not returned to the requestor for mailing, thus avoiding payment misdirection.
• Electronic payments should be transmitted by a separate person, similar to the check process.
• Access to and use of credit cards should be limited to individuals with a valid business need.
• Expense payments and reimbursements for executives/leaders should be approved by the CFO or a Board member.
Reconcile Accounts – Bank accounts and accounting records must be reconciled, ideally by someone who has no responsibility for initiating, preparing, or approving financial transactions.
• Establish and follow a reconciliation schedule, usually monthly, based on the transaction volume.
• Document, research and resolve unposted deposits or revenue and uncleared payments promptly. Usually, banks give customers 60 days to report an account issue.
Periodic Independent Review - A regular, periodic review should be performed by someone who is independent of the transaction process, but familiar enough with the business or non-profit to identify inappropriate financial activity. This review is especially important if the organization does not have enough people to separate transaction tasks.
• Verify required approvals were obtained.
• Monitor checks, electronic payments and credit card purchases for inappropriate transactions.
• Follow-up on unusual adjustments to accounting records, or adjustments that are not adequately supported by documentation.
• Verify that bank account reconciliations are performed timely and thoroughly.
• Ensure the validity of all bank accounts in the name of your organization, or titled in a similar name.
Applying these best practices varies, based on circumstances. Involving your Board or an independent advisor can add value to the process.