Nonprofit Embezzlement: More Common and More Preventable Than You Think
"I was on the board of a national social justice organization for three years. The Development Director discovered that the "external-auditor-turned-internal-accountant" had been embezzling funds by stealing checks and using the "stamp signature" of the CEO. The day after it was discovered, the accountant shot and killed himself. He had also been embezzling from a church he volunteered for. The lesson I walked away from this tragic scene with was this -- as a board member did I do everything I could to prevent embezzlement? Why did I hesitate in saying anything when staff suggested it was a good idea to hire our auditor for internal work because 'he knew us so well'?" --Blue Avocado reader who asked to remain anonymous
Embezzlement -- fraud committed by employees and volunteers -- is especially painful in community nonprofits. Not only is real damage done to our organization, but we feel that our cause has been betrayed by someone we trusted and liked. We worry that donors and grantmakers will be less likely to give us money if they hear about it. And because embezzlement is so often kept quiet in nonprofits, we might think that we are the only ones to experience it.
What are some of the most common types of nonprofit embezzlement and how to deal with them?
- Theft of property, such as computers, cameras, art. Prevention steps: Lock it up. As it used to say (maybe still does) on the musical instrument cage at the Grateful Dead's rehearsal space, "Locks keep honest people honest."
- Theft of organizational checks. Another Blue Avocado reader told us that the CEO of a small foundation where she's on the board would leave a few blank checks in the safe before going on vacation. The CFO used them to pay for his OWN vacations, recording them in the accounting system as as other, legitimate expenses: $300,000 worth. Prevention steps: Never have any blank, signed checks. Lock up checks. Have someone other than a check-signer physically open the bank statements and reconcile them, every month. Purchase fidelity bond insurance.
- Thefts of checks from donors or members: One community nonprofit, usually known by its acronym (let's say "ABC") had a staffperson taking donor checks made out to ABC, depositing them in a business account she had opened with the same acronym, and using organizational letterhead to send thank-you notes to the donors. The donors had canceled checks and thank-you notes: who's to know? Discovered at $60,000. Prevention steps: Have two people physically open the mail together, recording incoming checks. In fundraising letters or membership renewal forms, ask donors and others to write out your organization's whole name on their checks.
- Thefts of cash from special events: Prevention steps: Insist that everyone use a shared cash box or boxes throughout the event rather than their own pockets or envelopes until the end. Create an atmosphere of integrity by counting the cash box. Keep an eye out, and don't hesitate to say, "Hey, I know it's faster to make change out of your own pocket (like you just did) and turn it in later, but we're supposed to use the cash box--it's a pain but we'd better do it."
- Improper checks or signature cards signed by a busy executive director or board member who doesn't look while signing them. If you are that exec or board member, you can't be expected to scrutinize each check and know from memory whether the check is appropriate and for the right amount. But you CAN: Make sure there is an invoice attached to each check, and an authorization signed by a designated staff member. Initial the authorization to demonstrate that you've seen it, and so that un-initialed documents can't be substituted for the ones you saw. Occasionally pick out a large check and phone the relevant staff person to make sure the expense was authorized; not only is this a good check but word that you did so will quickly spread.
- Payments to fictitious employees, un-authorized raises, and non-submission of payroll taxes. Because payroll involves substantial funds it is a tempting place for theft, and because it involves so much detail it is often overlooked as such a place. Even small organizations should use a payroll service and have a copy of the payroll register sent directly to the treasurer.
"I was a middle manager of an organization where we discovered, after the CFO left, that the CFO had embezzled $33,000. He had opened up a bank account in the agency's name at a local bank where he knew the employees. He told the ED and the board that he needed to re-do the signatures for an existing account; filled in the card where they should sign, and marked that only one signature (his) was needed to write checks. When the embezzlement came to light, the board refused to report this to the police or the insurance company. They were afraid they would be blamed." -- Blue Avocado reader
Five common (but unstated) myths about embezzlement in community nonprofits are:
- "It hardly ever happens to nonprofits so we don't have to worry that much." (Actually, it is more common than you think because it is so often kept quiet.)
- "Mrs. X is the most dedicated, honest, sweetest person I've ever met." (Funny thing is that the only people who steal are people we trust. That's because if we didn't trust someone, we wouldn't give him or her the easy opportunity to steal.)
- "Everyone who works here is really a good person." (In my direct experience with people who have embezzled from nonprofits, they had all convinced themselves that they were "just borrowing the money temporarily," making up in a small way for perceived under-paid work, or fulfilling the organization's mission: "the mission is to help families and this is helping my family." In other words, people who do bad things don't think of themselves as bad . . . and as a result, don't come across to others that way either.)
- "We don't have enough staff to have financial controls." Try these: In an all-volunteer organization, don't have the treasurer be a check-signer, and have a copy of the bank statement given to the board president every month. In a one-staffperson organization, have the bank statement reconciled monthly by a board member. If you have an audit, insist that he or she recommend controls in writing.
- "Audits catch embezzlement and fraud." (Actually, auditors explicitly state that an audit is neither designed to find fraud, nor an assurance that there was none. Auditors DO catch embezzlers, and having an audit may deter embezzlers, but they can't guarantee that they will do so. In particular, it's very hard to catch fraud that involves two employees acting in collusion, or a junior person going along (either knowingly or unwittingly) with a senior person's misdeeds.
One more story
"I was one of the ones [board members] who wanted to keep [the embezzlement] quiet. I was afraid it would affect donors. But then on one of the conference calls where we were discussing how to deal with it, someone said, 'If someone broke into your house and stole $250,000, wouldn't you report it to the police?' We ended up reporting it, and also issuing a statement about what happened and what we were doing to correct the situation. It was fine." -- Blue Avocado reader
Embezzlement is a more common and bigger issue than we may think. In the for-profit sector, it's estimated that 7% of gross revenue is lost to employee fraud (Association of Certified Fraud Examiners report). (Imagine if we budgeted 7% of our budgets for fraud loss!)
Embezzlement not only hurts an organization, it hurts the people it serves and the community that supports it. We can't expect to prevent it 100%, but a few simple steps can reduce its likelihood substantially. But perhaps the most important step is to set an atmosphere and climate of accountability. I'll never forget the time when, as a PTA treasurer, I offered to reimburse a parent volunteer for $6.40 without a receipt. I thought I was being nice, but her face fell. I realized that I had sent a message -- the wrong message -- about accountability and ethics. Since then, as a volunteer, board member, nonprofit executive director and Blue Avocado editor, I've worked hard (not always perfectly) to set a tone of financial controls and accountability, and thus a tone of ethics and accountability to our constituencies.> Read more