It Happens: Understanding and Preventing Nonprofit Fraud

June 8, 2023

Fraudulent activities and fraud risk would be nonexistent in an ideal world. However, fraud poses a genuine threat to all organizations, including, and especially, nonprofits.

Good news: understanding fraud can mitigate its disastrous effects. Through comprehensive education, your organization can spot fraud early, put a plan in place, and if it occurs, recover successfully.

Culture and The Fraud Triangle

The fraud triangle consists of opportunity, pressure, and rationalization—the three probable reasons behind an individual’s decision to commit fraud.

Aside from the fraud triangle, weak organizational culture can also influence fraudulent activity. A strong, ethical company culture cultivates integrity and high morale, and therefore acts as a powerful agent in fraud prevention.

How to add “culture” to a nonprofit’s fraud risk mitigation plan:

Establish clear and measurable management goals for culture.
Evaluate threats to culture through employee feedback, surveys, and assessment technology.
Address culture at all levels. Culture should be discussed clearly and often, including at company meetings and in all internal communications.

An Even Greater Risk for Nonprofits

Fraud swiftly deteriorates trust and reputation, making it particularly dangerous to nonprofits. Because of this, staff, executives, and volunteers should receive continuous anti-fraud updates.

Nonprofits susceptible to fraud tend to lack the same attributes- internal controls, policies, and oversight.

Internal controls, particularly separation of duties, help prevent a single individual from having complete control over certain processes, thus reducing fraud risk.
Written policies and documented procedures, combined with adequate training can promote compliance and reduce fraud opportunities.
Oversight of policies and approvals, along with regular monitoring and reviewing are essential measures to mitigate potential fraud.

Current Fraud Trends

In 2023, cybersecurity breaches are increasingly common, and even small ones require attention. For example, cyber fraudsters intentionally stalk employees over long periods of time to find individuals who might overlook details and overshare personal information. These criminals incrementally infiltrate systems to test security and establish patterns. And in doing so, they create an exceptionally realistic scam.

To prevent cyber-attack, generally, nonprofits should:

Implement password management software.
Require the use of strong and unique passwords.
Control access and use multi-factor authentication (MFA).
Update systems and utilize anti-virus software.
Routinely back up data, including offline/offsite storage.
Prohibit automatic forwarding of emails externally.
Add an email banner for messages coming from external parties.
Prohibit personal use of company devices and networks.

Although the frequency of these schemes is growing, organizations should still move towards a paperless environment, but with a focus on cyber awareness. Because of this, fraud education for staff, volunteers, and executives should start with cyber security.

Other Anti-fraud Tips

Overarching steps to an anti-fraud environment:

Supply ongoing anti-fraud training and education to staff, volunteers, and the board (include specific and situational examples!)
Create a culture of fraud/anti-fraud awareness through zero tolerance for fraud.
Perform fraud risk assessments.
Update policies and procedures periodically.
Establish a whistleblower hotline or other effective reporting mechanism.
Implement management and board oversight.

YPTC is here to help!

By prioritizing cost-effective measures and targeting common risks, organizations can minimize fraud occurrences. Your Part-Time Controller (YPTC) provides valuable resources, checklists, and experienced guidance in managing fraud mitigation plans.

This article summarizes excerpts from Your Part-Time Controller, LLC (YPTC)’s national webinar Frightening Fraud: Fraud Trends and Anti-Fraud Tips. In this webinar, we describe fraud, review fraud trends, and offer fraud prevention tips.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

It Happens: Understanding and Preventing Nonprofit Fraud