Skip Ribbon Commands
Skip to main content

Protect Your Nonprofit from Fraud in Times of Emergency

2020-05-06


By: Joleen Collier, Senior Consultant, Forensics & Litigation Support

Over two million Canadians are employed in the charitable and nonprofit sector, and over 13 million volunteer for charities and nonprofits[1]. In times of emergency, such as a pandemic or natural disaster, nonprofits may see substantial changes to their funding and client base. Nonprofits on the front lines of an emergency, such as the Red Cross or food banks, may see contributions increase, along with their client base. Others see substantial increases in the demand for their services, but no increase in funds. Non-emergency related nonprofits may see a decline from donors, due to a decrease in disposable income or a movement of funding to an emergency related organization.

With these changes in the nonprofit sector, there may be an increased risk of fraud within organizations due to new fraud opportunities, motivations and rationalization. Nonprofits work with tight budgets and with modest-sized staff or volunteers working hard every day to carry out their missions. Flexibility to rapid changes in the environment due to an emergency may be difficult to achieve without becoming overwhelmed, perhaps sacrificing administrative procedures to get the job done.

While a nonprofit continues to serve its immediate emergency client base, it is important to remain aware of fraud that may be committed by their own executives, employees or volunteers. Financial losses from fraud can be extensive but the impact is magnified when also considering the reputational loss and detrimental effect on future donations the fraud may cause.

Common Schemes

  • Cheque tampering occurs when an employee or volunteer steals, alters or forges a cheque. This is the most widespread and financially damaging scheme affecting nonprofit organizations.
  • Billing schemes occur when the nonprofit issues a payment to an individual by submitting invoices for fictitious goods or services, inflated invoices or invoices for personal purchases.
  • Expense reimbursement schemes occur when an employee or volunteer seeks reimbursement of fictitious or inflated business expenses from the nonprofit.
  • Asset misappropriation refers to stealing equipment, tools, inventory, computers and intellectual property of the nonprofit. Nonprofits may see large thefts or employees taking small amounts of assets because they believe it will go unnoticed in times of hectic activity. Nonprofits may have access to highly sought-after and fast-moving emergency supplies that may be difficult to inventory.
  • Payroll schemes cause a nonprofit to issue fictitious payments by making false claims for compensation, often through claims for overtime or nonexistent employees.
  • Corruption is the dishonest or fraudulent conduct by those with influence or in a position of power, typically involving bribery, kickbacks or undisclosed conflicts of interest.
  • Cyber criminals are also leveraging the panic, confusion, and misinformation during the emergency to transmit malware, breach computer networks, set up malicious websites, and launch social engineering attacks.

Anti-fraud Controls and Safeguards

  • An anonymous reporting or whistleblower hotline is an effective tool for detecting fraud. Employing and communicating such to employees, volunteers, vendors and other third parties could significantly reduce the cost and duration of a fraud occurrence and also serves as a deterrent to potential fraudsters.
  • A fraud risk assessment allows a company to analyze each of its business processes for the associated risks of fraudulent behaviour and take appropriate steps to control the major risks presented in each area.
  • The culture within a nonprofit should promote a zero tolerance for fraud and compliance with preventive controls. A written code of conduct and fraud policy has been found to be an important part of a fraud control program.
  • Supplemental training for employees and volunteers that may have their normal roles and duties effected by the emergency. Outside of emergency times, include regular training for employees and volunteers on the signs of fraud and how they can report it.
  • Segregation of duties is a proven safeguard against fraud. It refers to having more than one person required to complete a business transaction. Reduced staffing and remote servicing are reason’s that tasks that were previously segregated may not be during an emergency. Management should review main financial duties to ensure that important financial responsibilities still have sufficient oversight.
  • Requirements for adequate supporting documentation should not be relaxed because of the emergency. Ensure vendors provide invoices, receipts or other documentation prior to any payments.
  • Employee and volunteer rotation can be used as a detection control for fraudulent activity. Rotating employees and volunteers allow a nonprofit to identify irregularities once a new person takes over responsibility.
  • IT controls should be reviewed periodically, particularly if the emergency has caused disruptions in normal locations and individuals are now working remotely. If the nonprofit maintains sensitive information, such as personal identifying information of employees, volunteers, or members, credit numbers, the security of this information may be at an increased risk.

Learn more about creating fraud controls for your organization. Contact:

Lisa Majeau Gordon CPA, CA.IFA, CFE, CFI, CFF
National Leader, Forensics,
780.451.4406
[email protected]