NFPs, like any organisation, are not safe from fraud or embezzlement. It can happen with any business but particularly in companies that may have fewer security deterrents and spend less time and money on prevention. Does that sound like your NFP?
Embezzlement is an interesting topic because the culprit could be someone you know and trust, or it could be a cyber-criminal or hacker targeting your NFP vulnerabilities. Therefore you need to ensure that you guard against both of these issues as best you can.
Common types of fraud include:
- Property theft
- Cheque theft from company or members
- Cash theft
- Improper cheques written
- Fictitious employees
- Unauthorised raises
- Avoidance of tax payments
Embezzlement is more common than you think. “It won’t happen to me.” “Our volunteers would never do anything like that.” We have heard them all over the years – but remember – it can and does happen. And if it does by chance happen to you, it is nothing to be ashamed of. It just goes to show that more work needs to be done to protect against it in the future.
If your charity accepts cheques, uses credit cards, installs software, has passwords, sends and receives emails, has inadequate firewalls or even uses an ATM, then it could be prone to a hack at some stage. While not all of these are preventable, there are some things you can do to minimise the risk of fraud.
If everyone works together, then there will likely be less issue. Make sure that everyone knows how important it is to stick together and work as a team. If you notice anything odd, then speak up immediately.
Controls need to be set up in every department. From training through to monitoring – they must be maintained to protect the NFP from fraud. If non-compliance is an issue, then nip it in the bud quickly. The rules are there to safeguard your assets and provide compliance with the law at all times. Procedures can be set up for many issues including the handling of funds, preparation of financial reports, evaluation of staff and performance of the organisation, maintaining inventory records and much, much more.
Investors and donors want to know that you are totally committed to preventing fraud and other criminal acts. You should aim for full protection at all times. If something does happen, then let the relevant individuals know immediately. Then assure them you are doing everything in your power to stop it from happening again.