Nonprofit Fraud: Tips for Spotting and Preventing It



Practice Areas

Mark A. Hiller and Dianne Chipps Bailey
Robinson Bradshaw Publication
Feb. 17, 2016

Nonprofits work hard every day to carry out their missions, often on tight budgets and with modest-sized staff. Many nonprofits are surprised to learn that the challenges they face include not just operating with limited resources, but guarding against a more unfortunate danger: fraud committed by their own executives, employees or volunteers.

The cost of such fraud is substantial. In 2013, for example, the Washington Post found that more than 1,000 nonprofits had disclosed a “significant diversion” of assets since 2008 due to theft, investment fraud, embezzlement and other unauthorized uses of funds.[1] In 2014, the median loss from fraud committed by a nonprofit’s own personnel was $108,000.[2] That figure not only exceeds the budgets of many nonprofits, but also does not account for the reputational injury and chilling effect on donations that fraud may cause.

Thankfully, whether your nonprofit organization is large or small, there are steps you can take to reduce the risk of fraud and to detect it if it occurs. In fact, some of the most effective anti-fraud controls are the least expensive to implement. Using these measures does not guarantee your organization will be immune from fraud, but they can help reduce the risk.

Common Schemes

Fraud committed by a nonprofit’s staff often follows predictable patterns. According to the Association of Certified Fraud Examiners, typical schemes include:

Knowing that fraud often takes the form of one or more of the above schemes can help your organization implement effective safeguards (discussed below).

Characteristics Of The Perpetrator

A person may commit fraud regardless of his or her job title or seniority, whether the person is a volunteer, employee, manager or executive of a nonprofit. Most fraud is committed below the executive level, but fraud committed by executives has historically resulted in significantly higher losses and has taken longer to detect.[4]

You might think perpetrators tend to be people with histories of fraud-related conduct who commit fraud shortly after joining the nonprofit organization. But data suggests otherwise. A 2014 study by ACFE found that only 5 percent of perpetrators had been convicted of a fraud-related offense prior to committing the fraud reported in the study, about 9 percent had been previously terminated for fraud-related conduct, and 8 percent had been previously punished for such conduct.[5] The same study found that perpetrators were usually veterans of their organizations: Less than 7 percent of perpetrators committed fraud within their first year of employment, though these perpetrators were significantly more likely to have been convicted or charged with fraud in the past.[6]

In most cases of fraud, the perpetrator displays one or more “behavioral red flags.” The most common red flag is a person living beyond his or her means. Other red flags include a person experiencing financial difficulties; having an unusually close association with a vendor or customer; displaying control issues and/or an unwillingness to share duties (including, for example, not taking vacation time); having a “wheeler-dealer” attitude; experiencing divorce or family problems; displaying irritability, suspiciousness or defensiveness; or suffering from addiction.[7] 

Knowing the red flags to watch for can help you spot fraud before it occurs.

Recommended Safeguards

Your organization doesn’t need a multimillion-dollar budget or full-time risk management staff to take some common-sense measures to help prevent or detect fraud. In fact, many of the measures below are relatively inexpensive and can be quickly implemented. You can tailor these measures to the size, complexity and resources of your organization.   

None of the above measures can guarantee that your organization will be immune from fraud. But they are relatively simple steps you can implement to reduce the risk of fraud and to catch it if it occurs.

If you have questions, comments or issues you would like to discuss, please feel free to contact either of the authors. You can reach Mark Hiller at 704.377.8361. 

[1] Stephens, Joe and Mary Pat Flaherty, “Inside the hidden world of thefts, scams and phantom purchases at the nation’s nonprofits.” The Washington Post (Oct. 26, 2013). This study examined federal tax filings from 2008 through 2012. The reported diversions of assets include fraud committed not only by a nonprofit’s own executives or employees, but also by third parties such as investment managers.    

[2] 2014 Report to the Nations on Occupational Fraud and Abuse, p. 24. Copyright 2014 by the Association of Certified Fraud Examiners, Inc. (hereinafter ACFE Report). Except where noted in this article, the ACFE Report is based on data from for-profit businesses and government entities, as well as from nonprofits. 

[3] ACFE Report, pp. 26, 71.

[4] ACFE Report, p. 40. 

[5] ACFE Report, p. 58.

[6] ACFE Report, p. 52.

[7] ACFE Report, p. 59.

[8] ACFE Report, pp. 19, 21. The ACFE found that in 42.2 percent of cases, fraud within a company was initially detected by a tip. Employees were the source of the tips in 49 percent of the cases. In comparison, the next most common initial detection mechanism after tips was management review (16 percent), followed by an internal audit (14.1 percent), accidental discovery (6.8 percent), account reconciliation (6.6 percent), document examination (4.2 percent), external audit (3 percent), surveillance/monitoring (2.6 percent), notification from law enforcement (2.2 percent), IT controls (1.1 percent), confession (0.8 percent) and other (0.5 percent).  

Main Menu