Skip Ribbon Commands
Skip to main content

Preventing Fraud in Non-Profit Organizations: Part 2 - Understanding your risks


This blog post is contributed by Ryna Ferlatte,  CA·IFA, CPA, CFF, Practice Leader for MNP's Investigative & Forensic Services team in Toronto.

Embezzlement. Donation receipt fraud. Fictitious vendors. Conflicts of interest. Theft of data. Expense fraud. Ghost employees…The list goes on. Fraud schemes are limited only by the imagination of the perpetrators and fraudsters are a creative lot who don’t think twice of committing fraud against non-profit organizations – we have seen too many examples of this in the headlines.

But which schemes should really be keeping you up at night? Which areas of your organization are most at risk? And are your current internal controls enough to protect the organization?

A fraud risk assessment will help you answer these questions and identify which improvements need to be made to address any existing internal control gaps.

A fraud risk assessment normally includes the following key steps:

  1. Consider the organization’s fraud risk factors – for example, does it handle cash donations? Are there weak internal controls or little segregation of duties? Have there been instances of fraud reported at similar organizations?
  2. Determine the likely fraud schemes to which the organization could fall victim, based on the risk factors identified above, and its operating environment. Again, this process should involve individuals at all levels of the organization, and should incorporate the potential impact of management override.
  3. Prioritize the identified fraud risks based on their likelihood, and potential impact on the organization operations and financial reporting.
  4. Determine whether the organization’s existing internal controls mitigate the risks identified, and whether any gaps exist which need to be addressed.

The fraud risk assessment should be an inclusive process, involving individuals in all key areas of the organization such as finance, purchasing, human resources, information technology, etc., as they can all provide valuable insight into potential fraud risks. In Part 3 we will discuss policies and procedures which form part of a strong fraud control environment. In the meantime, should you have any questions on performing a fraud risk assessment in your organization, please contact your local MNP advisor.

Check back often for more updates, or subscribe to our MNP Blog RSS Feed.