Nonprofit Fraud Prevention: Key Controls to Deter Fraud

NONPROFIT FRAUD: WHAT
YOU NEED TO KNOW
PART III: THE PREVENTION
June 11, 2014
Lawrence J. Hoffman, CPA/CFF, CVA, CFE
Senior Partner and Director of Forensic
Consulting Services
Leslie C. Kirsch, CFE
Manager, Forensic Accounting Services

OBJECTIVES
NONPROFIT FRAUD: THREE-PART SERIES
PART I: THE FRAUD
• Why it is important that you are educated in fraud
• The magnitude of fraud in nonprofits
• The types of frauds in nonprofits
• Why does fraud occur in nonprofits
• Some important fraud prevention takeaways
PART II: THE DETECTION
• Who are the fraud perpetrators?
• Why do people commit fraud?
• How is fraud detected?
• What are fraud red flags?
• Fraud detection techniques
• What do you do when you uncover fraud?
• What are the primary factors contributing to fraud in nonprofits?
• Detective versus preventative controls
• What are the best preventative measures?
• The five critical takeaways!
Part III: The Prevention* Page 2

AGENDA
• What are the best preventative measures and controls?
• Key internal controls
• Conducting a fraud risk assessment
• Implementing a fraud prevention program
3Part III: The Prevention* Page

WHAT ARE THE BEST PREVENTIVE
MEASURES AND CONTROLS?
THE COMMON ELEMENT IN EVERY
FRAUD!

THE BEST PREVENTIVE MEASURE!
HIRE ONLY HONEST, ETHICAL
AND MORAL PEOPLE!

FRAUD IS A PEOPLE PROBLEM!
• Are you hiring fraudsters?
• Are you enabling someone predisposed to commit
fraud?
• Is your organization’s environment promoting fraud?
• Does your organization’s system of internal controls
provide the opportunity to commit fraud?
• Is your organization educated and aware of fraud
schemes and red flags?
• Do you have a process that provides your employees
and others to report possible fraud and abuse?
• Does your organization tolerate fraud? Do you have a
zero tolerance policy for fraud?

REVIEW OF COMMON PREVENTIVE
CONTROLS
PREVENTIVE CONTROLS
Preventive controls attempt to deter or prevent
undesirable events from occurring. They are proactive
controls that help prevent a loss.
DETECTIVE CONTROLS
Detective controls, on the other hand, attempt to detect
undesirable acts. The provide evidence that a loss has
occurred but do not prevent a loss from occurring.
Detective techniques should be used to uncover fraud
events when preventive measures fail or unmitigated risks
are realized.
Effective Preventive Measures Serve as
Strong Deterrents

1. Internal Controls
•design your system and procedures so you do not have to
rely on trust as a control!
•remember any person is capable of committing fraud!
•keep in mind the persons role and access to commit fraud!
•you must segregate the recordkeeping and the custody of
the assets!
•do you have adequate oversight controls?
REMEMBER
TRUST IS NOT AN INTERNAL CONTROL!

2. Tone from the Top!
•What is your “control environment”?
•Do you have a strong internal control system?
•Directors and officers need to set the tone for ethical
behavior
•How effective is your Audit Committee?
•If unethical behavior is tolerated at the top you can be
assured it is happening in the rest of the organization!

3. Know Your Employees!
•Background checks and investigations-know who
you are hiring!
– how well do you know that person?
– what due diligence are you doing?
– do you believe their resume?
– not just a one-time occurrence!
•Know your employees and what they are doing
– executives and managers need to pay attention
and spend time with their employees-be engaged!
– establish that baseline!
•Perform exit interviews
– what do employees leaving tell you?
– what do you ask them?

TRUST BUT VERIFY EMPLOYEE BACKGROUNDS...

4. Fraud Prevention Program
• Fraud risk assessment
• Fraud awareness and ongoing training for all levels of the
organization
• Reporting mechanisms and whistle-blower protections
• Investigation / response process
• Board and audit committee oversight
• Conflict resolution
• Communications
• Continuous monitoring
• Employer-provided employee assistance services (financial
counselors etc.)
• Evaluate performance and compensation programs
– do they promote fraud and abuse?
– are they fair and provide incentive for performers and hard
work?

5. Your Employees’ Eyes and Ears!
• tips are number one method for detecting fraud!
• establish a formal written whistleblower policy
-procedures for receiving complaints
-procedures for investigating complaints
-policy for protecting whistleblowers
-confidentiality polices for whistleblowers
-role and responsibilities of audit committee
-educating employees on the policy
• establish independent hotline for tips!
You must create the impression that
someone is watching!

KEY INTERNAL CONTROLS
SEGREGATION OF DUTIES
• Must segregate the recordkeeping and the custody of the
assets!
• Cash receipts-no single person should
−receive the money,
−deposit the money,
−record the receipts and
−reconcile the receipts to the books and records
• Cash disbursements-no single person should
−authorize payments,
−disburse funds (write checks, ACH, wires etc) and
−reconcile the bank accounts.

• Use a board member or volunteer if there is not enough
internal staff to achieve the segregation of duties
• Require accounting and finance personnel to take vacations
and not to take work home

ACCOUNTS RECEIVABLE/CASH RECEIPTS
• Restrictively endorse checks “for deposit only” immediately
• Keep a permanent cash receipts log
• Make and reconcile deposits daily
• Ask donors and others to write out full name of organization on
checks
• Use a bank lockbox service
• Cash should be counted with two people present
• Publish donor names
• Review accounts receivable aging
• Independent approval of all accounts receivable write-offs and
refunds

ACCOUNTS PAYABLE/DISBURSEMENTS
• Have a formal purchase requisition system
• Understand procurement process between goods and services
(3 way match for goods!)
• Only original invoices and documents-no photocopies
• Require dual signatures for expenditures over a certain dollar
amount (no signature stamps or electronic signatures!)
• Mail all checks after approval and signature promptly
• No pre-signed checks!
• No checks made payable to “cash”
• Keep blank check stock locked up
• Have independent reviews of management expense reports
(even if a board members must do this!) (check calendars!)

REVIEWS AREN’T JUST RUBBER STAMPS

ACCOUNTS PAYABLE/DISBURSEMENTS
• Have preauthorized set limits on corporate credit cards and limit
on who receives them
• Have a written policy on use of corporate credit cards-no
personal use!
• Independent review credit card statements as soon as they
arrive
• Review vendor lists and have approval process for new
vendors-know your vendors Identify any related-party
transactions (watch for P.O. boxes!) (Google suspected names)
• Contracts for services and goods should be competitive bid (at
least 3) and approved by someone independent of person
requisitioning
• No hand delivery of checks by person requesting the check
• Investigate vendor complaints promptly!

PAYROLL
• Independent approval of employees added to payroll including
pay rate
• Independent review of payroll register from payroll processing
firm
• Verify that payroll taxes and other withholdings are being
deposited timely
• Use a separate bank account for payroll
• Timely reporting of time of effort by employees with proper
supervisory approval
• Use outside payroll processing service

GHOST EMPLOYEES GONE WILD

FINANICAL REPORTING
• Have a well defined and time lined financial reporting checklist
• Financial statements should be timely and complete
• Have a detailed annual/monthly budget-zero based
• Budget versus actual analysis with detailed explanations (are
explanations in line with expectations?)
• Review journal entries at the end of each reporting period
• Reconciliations, including bank reconciliations, should be
prepared promptly after reporting period and independently
reviewed

OTHER CONTROLS
• Notification and alert services with your bank
– Wire notifications
– ACH Fraud Filters
– Balance threshold
– Positive Pay exceptions
– Credit card transactions
– Authorization limits
• Conduct fixed asset inventories at least annually
• Close inactive bank accounts immediately
• Update bank authorized signatures promptly when
changes in personnel
• Job rotation and mandatory vacations
• Fidelity bond coverage
• Surveillance

CONDUCTING A FRAUD RISK ASSESSMENT
THE FRAUD RISK ASSESSMENT PROCESS
• Purpose is to identify where fraud may occur and how it may
be perpetrated
• The organization chart-the map of the people and processes
presents a picture and starting point
• Remember to overlay macro elements such as industry and
organizational changes, economic climate, government
regulations and climate, technology changes and
advancements
• Brainstorming the possible threats and schemes
• Are there any current warning flags?
• Where are you most vulnerable?

THE FRAUD RISK ASSESSMENT PROCESS
• Are there serious weaknesses in internal controls?
• Are there any mitigating controls?
• Do you have physical security breach threats?
• What do you need to do to secure significant threats?

FACTORS THAT CREATE ENVIRONMENT AND
OPPORTUNITIES FOR FRAUD
• Lack of awareness of fraud risk factors and warning signs
• Inadequate control activities to mitigate identified fraud risk
• Inadequate screening practices (for employees, vendors,
customers, and / or business partners)
• Insufficient understanding of ethical duties at all levels
• Ineffective mechanisms for reporting and investigating fraud
• Ineffective board and audit committee oversight
• Situational (internal and external) pressures that encourage
fraud

Source: Association of Certified Fraud Examiners, Report to the Nations on Occupational Fraud
and Abuse: 2014 Global Fraud Study

A PRACTICAL EXERCISE

FRAUD RISK ASSESSMENT

KEY ASSESSMENT QUESTIONS
(RATE YOUR ORGANIZATION FROM 1 (POOR) TO 10 (GREAT)
• What is your “tone at the top”? ______
• What is the level of your certainty that people in your
organization will do the right thing? ______
• Are people in your organization made to fell that they are
part of a team and have a vested interest in the value of
the organization? ______
• Do people in your organization act with good moral/ethical
character without much force? ______
• How is your organization’s current financial health? ______
* How timely is your organization’s financial reporting? ______

KEY ASSESSMENT QUESTIONS
(RATE YOUR ORGANIZATION FROM 1 (POOR) TO 10 (GREAT)
• Is your key management hands on and visible? ______
• Is key management “connected” with their staff/baseline? ______
• How effective is your board of directors? ______
• How effective is your audit committee? ______
• Do you effective internal controls? ______
• How do you view the importance of your independent
audit and process? ______

IMPLEMENTING A FRAUD PREVENTION
PROGRAM
KEY ELEMENTS AND OBJECTIVES
OBJECTIVES
• Opportunity – removing or lessening the opportunity to commit
fraud
• Detection – ensuring fraud and abuse can be timely detected
ELEMENTS
• Policies – implement clear and concise written polices for fraud,
code of conduct, and conflict of interest and be affirmed by all
employees in writing
• Communicated-continually communicated and reinforced
• Tone from Top – Board-appointed high-level executive responsible
for coordinating fraud-risk management and directly reporting to the
Board. Must lead by example.
• Leadership – executives and managers must lead by example

PROGRAM
• Training – ethical conduct and fraud prevention training is needed
on at least an annual basis for all employees
• Accountability-must make all people accountable in detecting
fraud
• Reporting – must have a means for employees to report potential
violations and issues, such as whistleblower process and hotlines
• No Retaliation – employees need to be encouraged to report
suspicious behavior and be reassured that any reports are made in
strict confidence and that the organization prohibits retaliation of
any type
• Communicate the Risks – All employees should be told whenever
any employee or others doing business with the organization are
arrested or discharged for fraudulent activity

PROGRAM
• Enforcement-you must prosecute fraud. An organization that does
not prosecute sends a message that encourages fraud.
• Zero Tolerance – you must have a zero tolerance for fraud and
must apply to ALL employees. As soon as a high-level executive
who commits any kind of fraud is not held accountable, the entire
program has lost credibility
• Surprise Audits – conduct surprise audits in high risk areas. Put
in policy that random tests may be performed to ensure that the
organization’s controls are not being circumvented (keep fraudsters
guessing!)
• Monitoring – you should conduct a periodic assessment and
ensure the process is working
• Remediation-all weaknesses in controls must be fixed
immediately. Always be strengthening controls.

THE FIVE TAKEAWAYS!
THE FIVE MOST IMPORTANT TAKEAWAYS – AGAIN!
1. Trust is not an internal control!
– Establish, to the extent possible, controls and procedures that eliminate
the element of trust
– Always segregate the custody of the asset with the recordkeeping for the
asset
2. Set the tone from the top!
– “If you are stealing, your employees are stealing!”
– E.g., office supplies, expense reports, etc.
3. Know your employees!
– Background investigations and public records checks before hiring
– Meet and establish a baseline relationship
4. Institute a fraud policy
– No tolerance
–Will prosecute
5. Establish a hotline for tips
– Number one method for detecting fraud!
– Can outsource

MY BOOK!
EXPECTED RELEASE
THIS SUMMER!
STAY TUNED!

HOW CAN RAFFA ASSIST YOU IN
PREVENTING AND DETECTING FRAUD?
A resource for the nonprofit community to help
organizations effectively manage risk and better ensure the
prevention and detection of fraud.
VISIT US AT WWW.RAFFA.COM/FRAUD

OUR WEEKLY NEWSLETTER
OU

Are you threatened by fraud, litigation or
insolvency?
Are you selling your business, transferring
assets or structuring a new venture?
Raffa forensic accounting experts will do more to
assist you in these challenging circumstances.
Forensic Accounting Services Group
Our Team’s Services:
• Fraud Investigations & Prevention
• Litigation Support & Expert Testimony
• Business Valuation & Due Diligence
• Insolvency & Reorganization

How We Empower You
• We identify and mitigate fraud risk by performing a fraud risk
assessment
• We provide fraud investigations if you are, or suspect you are,
a victim of fraud
• We provide litigation support, expert testimony and forensic
accounting services in business disputes, financial
investigations, bankruptcies, arbitrations and mediations
• We analyze, investigate and interpret complex transactions to
provide an understandable, well-researched and unbiased
valuation of your business or organization
• We have expertise in restructuring and turnaround
management for underperforming organizations

Fraud Investigations &
Prevention
• Fraud examinations and internal
investigations
• Fraud risk assessments
• Review of internal controls and
management practices
• Financial statement
misrepresentations
• Background and workplace
investigations
• Computer forensic analysis,
imaging, data mining and
recovery
• Reconstruction of accounting
records
• Continuous audit services
• Anti-fraud consulting and training
Litigation Support & Expert
Testimony
• Lost earnings and profits
• Lost value
• Breach of contract
• Breach of fiduciary duty
• Business interruption
• Contract costs and claims
• Tortious interference
• Patent infringement
• Professional malpractice
• Shareholder disputes
• Theft of intellectual property
• Wrongful termination
• Wrongful death

Business Valuation & Due
Diligence
• Mergers, acquisitions and
divestitures
• Marital dissolution
• Partner/shareholder disputes
• Estate and gift tax planning
• Financial reporting
• Compensation related
• Employee stock ownership
plans
• Benchmark studies
• Financial modeling
Insolvency &
Reorganization
• Viability analysis and survival
assessment
• Strategic restructuring
• Cash flow analysis and forecasting
• Liquidation analysis
• Evaluating creditor and debtor
positions
• Restructuring debt
• Interim management services,
including Chief Restructuring
Officer
• Preparing plans of reorganization
and disclosure statements
• Pre-bankruptcy planning and post-
filing compliance
• Bankruptcy litigation consulting to
trustees

WHAT WE LEARNED ABOUT FRAUD IN
OUR THREE-PART SERIES
PART I: THE FRAUD
• Why it is important that you are educated in fraud
• The magnitude of fraud in nonprofits
• The types of frauds in nonprofits
• Why does fraud occur in nonprofits
• Some important fraud prevention takeaways
PART II: THE DETECTION
• Who are the fraud perpetrators?
• Why do people commit fraud?
• How is fraud detected?
• What are fraud red flags?
• Fraud detection techniques
• What do you do when you uncover fraud?
• What are the primary factors contributing to fraud in nonprofits?
• Detective versus preventative controls
• What are the best preventative measures?

RESOURCES AND SUGGESTED READING
• 2012 Report to the Nations on Occupational Fraud and Abuse,
Association of Certified Fraud Examiners,
http://www.acfe.com/rttn.aspx
• Managing the Business Risk of Fraud: A Practical Guide; AICPA,
ITA, and ACFE; https://na.theiia.org/standards-
guidance/Public%20Documents/fraud%20paper.pdf
• The CPA’s Handbook of Fraud and Commercial Crime Prevention,
AICPA
• “The American Fraud Report,” www.jpsimsconsulting.com
• “Fraud Talk” Blog, fraudtalk.blogspot.com
• “American Greed” series, CNBC on Wednesdays at 9 p.m.
Part I: The Fraud* Page 4545Part III: The Prevention* Page

QUESTIONS AND ANSWERS

BIOGRAPHY
47
• 35 years of consulting, audit, accounting and tax experience in the public and private
sectors.
• Started career with a Big-Four international accounting firm in Washington, DC.
• Founded a regional certified public accounting and consulting firm in 1982 and grew it to
on of the Washington, DC’s largest firms in seven years. Merged his practice with Raffa
P.C. in 2008.
• Managed and conducted audit and accounting engagements ranging from small privately
held to large publicly held businesses in various industries, including multi-national
businesses, nonprofit organizations, and governmental entities and agencies.
• Performed economic and financial analysis, including projections and forecasts, in support
of litigation and claims for lost earnings and profits, business interruption, shareholder
disputes, patent and trademark infringements, bankruptcy and restructuring, and structural
settlements; assistance with interrogatories, document requests and depositions; and
serving as an expert and consulting witness.
• Performed and supervised business valuations for both public and closely held companies
in a variety of industries, individuals and estates, family limited partnerships and limited
liability companies, including valuations for business combinations (SFAS 141R), mergers,
acquisitions, and divestitures, estate and gift taxes, marital dissolution proceedings, buy-
sell agreements, intangible assets and intellectual property, purchase price allocations,
goodwill (SFAS 142) and long-lived asset (SFAS 144) impairment, fair value accounting
(SFAS 157), cheap stock (IRC 409A), stock-based compensation (SFAS 123R), phantom
stock and employee stock ownership plans.
• Conducted and led teams of forensic accountants on fraud audits and investigations,
including fraudulent financial statements, misappropriations of assets and embezzlements;
money laundering, kickbacks, bribery and conflicts of interest; insurance claims;
bankruptcy; financial institutions and loan fraud. Also has conducted fraud risk
assessments, anti-fraud programs, and fraud training and education.
LAWRENCE J. HOFFMAN,
CPA/CFF, CVA, CFE
SENIOR PARTNER
RAFFA, P.C.
1899 L STREET, NW
WASHINGTON, DC 20036
TEL. 202-822-5408
FAX 202-822-0669
LHOFFMAN@RAFFA.COM
Part III: The Prevention* Page

BIOGRAPHY
48
• Assisted companies and nonprofits with restructuring and turnaround situations, including
recapitalizations, reorganizations and liquidations. Advised entities on Chapters 11 and 7,
bankruptcy filings and proceedings and non-judicial workouts. Developed and
administered crisis management plans, cash flows, liquidation and turnaround analysis,
debt restructuring and creditor negotiations, and turnaround plans.
• Formulated strategic short- and long-term business and financial planning for various
business organizations and served as interim “C” level positions, including for a major
North American sports league, European and U.S. aircraft manufacturer, aviation charter
airline and travel company, and a multi-chain quick service food chain.
• Formulated syndication strategies and prepared business plans and private placement
offerings, including financial forecasts, market research and analysis, due diligence,
securities pricing and structuring for various public and private securities offerings,
including SEC filing.
• Founded and developed a regional NASD licensed broker dealer investment banking firm.
Placed over $150 million in debt and equity and represented over $200 million in merger
and acquisition transactions.
• Founded and developed two private equity funds in excess of $10 million, including
investments in early stage and mature emerging companies in the form of debt and equity.
Portfolio investments included aviation, food and hospitality, software and technology,
telecommunications, sports and entertainment, banking and financial institutions,
healthcare, and wholesale and retail.
• Co-founded and managed various real estate acquisition, ownership, and operating
entities, including commercial office buildings, shopping centers, flex warehouses,
residential housing and developed land.
• Performed tax and financial consulting services for individuals and closely held
businesses.
• Instructor in audit, accounting, finance, and forensic accounting.
CPA/CFF, CVA, CFE
SENIOR PARTNER

BIOGRAPHY
49
CPA/CFF, CVA, CFE
SENIOR PARTNER
EDUCATION & CERTIFICATIONS
• Bachelor of Science, Accounting – Mount St. Mary’s University
• Certified Public Accountant (CPA)
• Certified Fraud Examiner (CFE)
• Certified in Financial Forensics (CFF)
• Certified Valuation Analyst (CVA)
• Private Investigator (PI), Virginia
• Series 7 General Securities Representative (not active)
• Series 24 General Securities Principal (not active)
• Series 63 Uniform Securities Agent (not active)
PROFESSIONAL ASSOCIATIONS & AFFILIATIONS
• American Institute of Certified Public Accountants, Member
• Virginia Society of Certified Public Accountants
• Association of Certified Fraud Examiners
• National Association of Certified Valuation Analysts
• Institute of Business Appraisers
PERSONAL INTERESTS
• Private pilot with instrument, multi-engine, high performance complex and aircraft
ratings
• Golf and fishing
• Reading and politics

BIOGRAPHY
• 9 years of fraud investigation and financial audit experience
• Started career with U.S. Government Accountability Office’s Forensic Audits and Special
Investigations Unit
• Led as many as 3 concurrent forensic audits and investigations on a variety of topics,
including: Federal contractor/grantee eligibility fraud and integrity issues; federal tax
collection program integrity; abuse of government purchase cards, travel cards, and premium
class travel privileges; employment of sex offenders and child abusers at schools and child
care facilities; passport application fraud; manufacture and marketing of herbal dietary
supplements
• Planned, developed, and completed audit and investigative objectives, scope, and
methodology
• Designed innovative analytical strategies and investigative techniques to identify fraud
indicators in complex datasets, using software packages such as IDEA and SAS
• Identified, investigated, and ultimately referred hundreds of cases of potential fraud, waste,
and abuse to federal authorities for administrative action
• Led multiple undercover operations of varying complexity and political sensitivity
• Drafted numerous congressional testimonies and publicly available audit reports (see co-
authorship experience below)
• Designed and implemented internal quality assurance policies and procedures
EDUCATION & CERTIFICATIONS
• Bachelor of Science, Accounting – University of Maryland, College Park
• Bachelor of Science, Finance – University of Maryland, College Park
• Designated as a Certified Fraud Examiner (CFE) by the Association of Certified Fraud
Examiners
Leslie C Kirsch, CFE
Manager
RAFFA, P.C.
1899 L STREET, NW
WASHINGTON, DC 20036
TEL. 202-955-7204
FAX 202-822-0669
LKIRSCH@RAFFA.COM

Nonprofit Fraud Prevention: Key Controls to Deter Fraud

Recomendados

Recomendados

Más contenido relacionado

Similar a Nonprofit Fraud Prevention: Key Controls to Deter Fraud

Similar a Nonprofit Fraud Prevention: Key Controls to Deter Fraud (20)

Más de Raffa Learning Community

Más de Raffa Learning Community (20)

Último

Último (20)

Nonprofit Fraud Prevention: Key Controls to Deter Fraud

Notas del editor