Recognizing the Symptoms of Fraud in Your Nonprofit OrganizationBy John D'Amico | February 2, 2018
“Where there is a will, there’s a way.” The old saying holds true even with employees bent on embezzling funds from their employer – whether directly or indirectly.
Direct employee fraud occurs when an employee steals company cash, inventory, supplies, equipment or other assets. An employee can establish fictitious companies and have their employers pay for goods or services never actually delivered. An employee can also set up fictitious employees in their payroll system and have their paychecks sent to their address or the address of a relative. Or an employee may submit fraudulent expense reimbursement requests or overinflate their overtime hours. According to a 2016 study by the Association of Certified Fraud Examiners, expense reimbursement is a process ripe for fraud when considering the significant percentage (14%) of fraud involving expense reimbursements.
Indirect employee fraud occurs when employees take bribes or kickbacks from vendors, customers or others outside the company to facilitate lower sales prices, higher purchase prices, non-delivery of goods or the delivery of inferior goods.
The Elements of Fraud
When fraud does occur, there are usually three key elements present – commonly referred to as the fraud triangle: motivation or perceived pressure; a perceived opportunity; and rationalization.
The perceived pressure is typically financial. Studies suggest that most fraud involves either financial or vice-related pressure. Financial pressures may be caused by greed, living beyond one’s means, personal financial losses or unexpected financial needs – such as medical costs not covered by insurance. Vice pressures are motivations created by addictions such as gambling, drugs or alcohol.
The second key element of the fraud triangle is perceived opportunity to commit fraud without being caught. There are several factors that could lead a perpetrator to believe that their fraudulent activity could fly under the radar. But I believe the primary factor is a lack of effective internal controls specifically designed to prevent and detect fraud. Employees privy to lacking internal controls may be tempted to take advantage by planning ways to circumvent them and conceal their theft.
Other factors contributing to perceived opportunity include ignorance, lack of an audit trail and failure to prosecute other fraud perpetrators. Nonprofits generally prefer not to prosecute because of the significant expense and time involved, as well as the ensuing negative publicity that can affect donor contributions. However, if an employee was caught committing fraud, was terminated – but not prosecuted – and proceeded to find employment elsewhere, other employees may be tempted to do the same.
The third key element of the fraud triangle is rationalization. The most common methods of rationalization include: “The company owes me”; “I am only borrowing the funds and will pay them back”; “Nobody is getting hurt”; “The company can afford it”; and “It’s for a good purpose.” There are countless other rationalizations – but what matters is that if the perpetrator can find a way to rationalize the fraud, chances are they will then commit it.
An ounce of prevention is worth its weight in gold. While reactively investigating an instance of fraud can be very expensive, the proactive prevention of fraud is perhaps the most cost-effective way to reduce losses.
Effective fraud prevention involves two fundamental activities:
- Creating and maintaining an organizational culture of honesty and ethics; and,
- Identifying fraud risk areas and developing internal controls that mitigate these risks.
This should include setting up an anonymous hotline that employees can call to report instances that should be further investigated.
Fraud Symptoms and Indicators
Nonprofits should be aware of the symptoms and indicators of fraud. While these factors are not conclusive proof, they should be fully investigated to effectively deter and detect fraud.
Unusual Processes or Procedures in the Accounting System
Accounting system anomalies involve problems with source documents, faulty journal entries and inaccuracies in ledgers.
Common fraud indicators involving source documents – such as checks, sales invoices, purchase orders and receiving reports – include:
- Photocopied documents instead of originals
- Alterations on documents
- Document sequences that are out of order or do not make sense
- Increased and/or stale reconciling items
- Handwritten and/or seconds endorsement on checks
Faulty journal entries can be used by perpetrators to conceal theft. This typically involves recording journal entries, increasing expense accounts and decreasing the cash account to conceal fictitious payments.
Red flags indicating fraudulent activities on journal entries commonly include:
- Journal entries without any support
- Unexplained adjustments to receivables, payables, revenues or expenses
- Journal entries made near the end of accounting cycles
- Expense reimbursement requests with no documentation and/or photocopies of receipts
Inaccuracies in ledgers should also be investigated. Many instances of fraud involve manipulating accounts receivable or accounts payable. A red flag can be identified if the master control account for the receivables or payables does not agree to the sum of the individual balances.
Internal Control Weaknesses
Known weaknesses or gaps in internal control systems should also be considered when evaluating fraud risk.
Common vulnerabilities include:
- Not requiring key employees to take vacation for at least one week of consecutive days per year
- Poor computer access controls
- Lack of segregation of duties
- Lack of independent checks and approvals
- Inadequate accounting systems
- Lack of physical safeguards
- Overriding of existing controls
Management override of existing controls is one of the most common elements found in a faulty internal control system. An example of management override is when a check requires two signatures and the more senior employee signs the check then asks the other employee to sign it as well without having reviewed the supporting documentation. A similar situation can occur posting a journal entry when the more senior employee records an entry and requires the subordinate employee to just book it without checking the supporting documentation.
Companies should ensure that all employees know that in situations like these they should insist on seeing the supporting documentation before approving/signing even if that person is their supervisor/manager.
Analytical anomalies are another category of fraud symptoms. They are primarily represented by unusual analytical relationships. Companies should perform financial data analysis to determine unusual relationships that should serve as “red flags” indicating possible fraud.
- Increased expenses without an increase of services provided
- Increased revenues with significant decrease in receivables
- Increased revenues with decreased cash flows
- Increased volume with an increased cost per unit
Extravagant lifestyles or lifestyle changes are one of the most easily detected red flags. Managers and coworkers may notice if an employee is leading a lifestyle that their income could not support. These types of red flags are only circumstantial evidence of fraud but should be investigated thoroughly.
Generally unusual behavior is another red flag signaling fraud. An individual who has committed a crime may be overcome with fear and guilt, which can then lead to increased stress. The individual may then exhibit unusual behavioral changes. No specific behavior signals fraud but an abrupt change in behavior is a sign.
Your employees are in the best position to deter fraud – especially considering that insider tips are the leading source of exposed cases. Nonprofit organizations should facilitate the anonymous reporting of these tips on a hotline that is regularly monitored. By developing an organizational culture of honesty and ethics, educating your employees on red flags to look for and constantly assessing and improving your internal control system, your organization can more effectively prevent, detect and remediate fraudulent activity.
About John D'Amico
John D'Amico, CPA, is a Partner within the Professional Standards Group at Marks Paneth LLP, which is responsible for monitoring quality control in the firm as mandated by professional standards. He specializes in pre-issuance reviews and inspections of nonprofit organizations, governments and Single Audits. Mr. D’Amico also provides consultation on accounting and attestation matters and tests and monitors the firm's quality review policies and procedures. He teaches continuing education classes for the firm and on... READ MORE +