As a Certified Fraud Examiner 'How can I prevent fraud in my charity?' is a question I’m often asked.
Well, the simple answer is you can’t, but you can take measures to significantly reduce your vulnerability to fraud. Fraud is a hot topic in the sector and causes untold damage to a charity’s reputation and funds.
So, what are the most effective ways for organisations to protect themselves?
The honest answer is, it depends. Every organisation can improve its processes and controls. The techniques and methods used by fraudsters are so varied and evolving all the time that you need to regularly review your systems and processes to ensure they are still fit for purpose.
The size of your team, what you do, where you’re based, how you fundraise and many other factors will impact your risk profile and vary hugely from one charity to the next. There is no one size fits all solution. You need to assess your activities and identify where you’re at risk from fraud and that will usually help you identify where improvements are necessary, even if you may not be sure what those improvements should be.
With that in mind here’s my list of five generic preventative measures that help to reduce the risk of fraud. You need to tailor them to your circumstances and attitude to risk, but these are all areas that should be considered by organisations serious about reducing their exposure to fraud. Doing so will also send out a clear message to your stakeholders that you take fraud seriously and are taking positive steps to reduce any areas of vulnerability in your charity.
1. Whistle-blower Hotline
Whistle-blower hotlines are the top fraud detection method and the mere presence of a system of anonymous reporting of suspicious behaviour will make employees and others think twice before committing a fraud.
This does not need to be a manned phone line. That clearly is not appropriate for most organisations. This is a ‘catch all’ term for a process whereby staff, volunteers, suppliers and the general public can report suspicions in the knowledge that they will not suffer any adverse consequences. A secure email address is one cost effective way of doing this, manned by a person who has been properly trained and understands how to treat any reports and who to involve when and where.
The method of reporting these suspicions needs to be advertised both internally and externally. You’ll need policies and written processes that are communicated to and understood by all staff and volunteers and are, where appropriate, publicly accessible. The responsible individuals need appropriate training and support to ensure they can follow up any reports objectively and fairly.
Ensure your staff and volunteers are aware of the risks of fraud and in particular what areas are particularly risky for your charity. Simple communications from senior management or even the Trustees can help with this.
These days there are also a number of free events and seminars you can attend that are designed to raise fraud awareness. Why not send some of your staff to these?
3. Surprise Checks
Do you hold petty cash, money in tills, stock or collect cash donations from the public? All these should be checked regularly and organisations should have a regular system of checks and reconciliations performed by a responsible person to ensure nothing is stolen or missing. The problem with this type of control is that the individual doing the checks could be the fraudster and if no one is overseeing their work it would be easy for them to skim money or goods from the charity. Secondly if the checks are regular and predictable a fraudster can adjust their scam accordingly and ensure they only commit it when there’s no chance of a count or check. Having an open policy of surprise checks performed by a person not normally involved in the process increases the risk of detection for a fraudster and acts as a brilliant deterrent.
4. Segregation of Duties
For smaller charities with very few staff and volunteers this is a particularly difficult one to implement, but highly important none the less.
For example, if your charity sells goods to raise funds, don’t have the same person ordering goods, receiving goods, counting and monitoring the goods, and being responsible for selling or dispatching the goods. Or if you receive cash donations, don’t have the same person collecting the cash, counting it (at least not on their own) and then eventually depositing it in the bank.
If the roles are separated between individuals this in itself acts as a preventative check. Who and what roles each person has and in what areas will depend on your staff and processes.
5. Fraud Prevention Policy
If you don’t have one, create one! If you do have one, ensure that it has a section clearly outlining what actions constitute fraud. How will this help? Firstly, when your policy is in place and all members of staff have read it, the policy itself lets potential fraudsters within the charity know that there are consequences to their actions. Secondly, and most importantly, if the list of actions is well drafted it provides your charity with the legal grounds to investigate suspicious behaviour and to be able to take appropriate action subject to the outcome of your investigation.
These five suggestions aren’t a silver bullet to prevent fraud and fully protect your organisation, but if you implement all five you can at least guarantee that you are seen as a Charity that takes this issue seriously and has the governance processes in place that encourage integrity and honesty. For future donors or supporters of your charity this could be an important factor in their decision to chose to work with you.
If you would like to find out more, or you would like to know more about the measures you need to take to help mitigate the risk of fraud in your organisation then please contact me.
Our Charity and Not for profit team work closely with our Fraud and Forensic Team to here to help support charities and not for profit organisations.