Part 7 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church follows written guidelines in administering benevolence fund activity.
Many churches establish benevolence funds to assist needy persons. This is a normal and expected function of any church. However, if assistance programs are not monitored closely the benevolence fund can become a target of theft. Benevolence funds are favorite targets for several reasons:
- There is no business cycle, making baseline analysis almost impossible
- Checks are written to a variety of individuals and vendors not closely related to the church, making it easy to slip one more in the pile
- To protect the confidentiality of recipients, some churches operate separate bank accounts that only one person has the right to see!
35% of our respondents do not follow written guidelines in administering assistance programs.
It is extremely important that the Church establish clear policies on its benevolence activities. Such policies should include but not be limited to:
- what funds will be accepted
- who will administer the funds
- who will receive the funds, and
- for what purposes the funds will be spent.
Best practices also dictate that a documented beneficiary application and approval process be followed when awarding assistance.
Part 6 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church requires volunteers responsible for special events to submit written financial reports.
The vast majority of churches have implemented adequate control procedures over the Sunday offerings. However, funds that arrive in the church office from Monday through Saturday are a completely different story. These types of revenues typically consist of offerings dropped off by members, fees for various events and food service revenues and special event revenues under the direct supervision of volunteers, such as fundraisers, banquets, and short-term mission trips.
According to our survey, a full third of the respondents have no reporting mechanism for these types of special events. Theft of special events funds by trusted volunteers frequently pop up in the news media. For example, in the city where I live, a prominent public school coach was relieved of his duties when it was learned that he was in the regular habit of skimming from the receipts his team’s annual fund raiser.
To avoid the headlines, at a minimum, churches should require volunteers to account for tickets and/or products sold and fees collected at fundraisers and special events. As a matter of routine the sales report should be reconciled with the total cash generated and deposited into the church bank account.
Part 5 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church uses pre-numbered purchase orders or check requests.
Theft of cash receipts, particularly offerings, garners the most attention by churches in their fraud prevention practices. However, the largest dollar-loss incidents tend to occur in the bill paying arena. In most of the check writing fraud cases I read about I see the same four ingredients which allowed the theft to take place:
- Poor segregation of duties
- Failure to pay attention to the bank reconciliation process
- Poor security over the church’s check stock
- Absence of a formal bill approval and payment system
The starting point of a formal bill payment system is the utilization of preprinted (or computer generated) sequential purchase orders or check requests. The absence of such a system can be the beginning of sorrows for a church.
Approximately 54% of the survey respondents reported not using proper documentation to begin the bill approval process.
Part 4 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
We present a list of authorized check signers to the Leadership Team. (Elders, Finance Committee, etc.)
This is one of the routine questions we ask financial staff when we conduct an audit of a church. While monitoring check signatures has some merit, it is in my opinion, rather overrated due to the fact that commercial banks no longer review signatures to the same extent they did in the past. Also, if you are unfortunate enough to hire a thief with courage and great handwriting skills, no amount of signature verification will be sufficient. A person with sufficient bravery and forgery skills can wreak havoc on even the most secure systems.
But, a byproduct of this process can be extremely beneficial. An annual review of authorized check signers, forces the church to also assess how many and the nature of the bank accounts it has on hand. If no review is ever performed, it can be easy for a bank account (or two or three…) to unofficially “go inactive”. These “dormant” accounts can sit under the radar for years until a dishonest employee discovers them.
One of the hurdles a thief has to jump is once funds have been diverted, how to get stolen dollars out of the church. Dormant accounts are very handy in meeting this challenge. To illustrate, small amounts can be siphoned out of a church by the payment of phony invoices. The thief allocates these illicit transactions throughout various budget line item accounts being careful to keep the total for the year within budget limits. Once the funds are safely in the dormant account the thief simply transfers the funds to a personal account…
Our survey results indicated that 41% of the respondents reported they did not conduct an annual evaluation of its bank accounts and signatures. That is a wide margin of opportunity for would-be thieves.
Part 3 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church has established a formal program for reporting fraudulent activities.
In its 2010 Report to the Nations, the Association of Certified Fraud Examiners revealed that 40% of fraud cases were initially detected by anonymous tips. Half of the tips came from employees. Approximately two-thirds of these cases were communicated through the entity’s fraud hotline. This data is not inconsistent with prior years’ findings. In fact, during one year a whopping 60% of detected fraud was discovered by the combination of tips and/or by accident! In our survey, we learned that 59% of the churches responded reported having no mechanism for employees, members, and vendors to report suspected improper behavior.
The use of anonymous hotlines, usually found on an entity’s website, has been quite successful in the corporate and government environments. However, this is a tough sell in the church environment as it seems distasteful to most people involved in church. And that includes me…
I have been (and remain) reluctant to recommend to my church clients taking such a step.
However, one solution I have seen, that may be a good middle-ground is to outsource this function. There are third parties who provide this service by making available a toll-free phone line and a web address. Because confidentiality is crucial, all reports go directly to the third party and bypass any nosy people along the way. As part of the church’s whistleblowers policy (which I hope your church has) a description of the third party providing these services and the processes to be followed should be included in the church personnel manual.
What do you think about this idea?
Part 2 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church has established a formal program for managing fraud risk.
Almost 63% of our respondents reported that they have not conducted a fraud risk assessment or implemented an ongoing formal church fraud prevention program. Unfortunately, my guess is that the national average is much higher. It is hard to pinpoint what might be the cause of this rather high percentage but two reasons are prominent:
- The workload of most church business administrators (CBA) has them stretched to the limit. There is barely time to get all of the routine tasks completed on a timely basis much less take on additional projects.
- When they do try to implement a church fraud risk program, many CBAs end up as the Lone Ranger. In many, if not most churches, fraud prevention is a very difficult proposition to sell. The biggest hurdle? The mistaken belief that “it can never happen here.”
It is not enough to simply be aware of the threat of fraud or go through the motions of fraud prevention. Ministries that don’t commit themselves to a strong fraud prevention and detection program will likely end up as victims.
A few key ingredients of a formal church fraud risk program include:
- Education of church employees, volunteers and members of the risks of fraud.
- Conducting an initial “brain storming” session whose purpose is to identify potential fraud portals.
- Assigning ownership of fraud prevention processes to key church leaders and employees.
- Implementing a periodic review of transactions.
- Periodic review and assessment of the church’s systems.
- Implementation of an anonymous whistleblower hotline. (More about this in a subsequent post)
The occurrence of occupational fraud in the church community continues to rise at epidemic proportions. Evidence of this is found in the steady flow of news accounts reporting churches hit with fraud:
From the book, Weeds in the Garden, in Chapter 8 “When church fraud or embezzlement is mentioned most people immediately think of someone stealing from the offering plates. As a result, many, if not most churches do a pretty good job of protecting the Sunday offerings. In fact, many actually go overboard in tightly ratcheting down the money that comes into the church during worship services and Sunday School classes (pg. 102).
But what about …
- Special event fees (conferences, banquets, etc.)
- Fundraising activities
- Mail in contributions
- School or Mother’s Day-out registration and tuition
How are these funds handled? Who handles them? And is there EVER just one person in control of these funds? The most effective control on cash is never to allow it in the possession of only one person for even the shortest amount of time.
One story I read about, while researching this topic, involved the ‘treasurer’ of a fund raising event for a church ‘borrowing’ several thousand dollars from the fund. Strong control over cash from Sunday collections is vital, but who is maintaining this same diligence Monday through Saturday? Maybe a ‘trusted’ employee or volunteer? What challenges do you face with weekday receipts?
–Lisa Chapman is an auditor specializing in church accounting with PSK LLP.
Chapter 3 of Weeds in the Garden illustrates the value of planning and organizing the structure of the leadership in a church. “Even in a church, tone at the top does not happen by accident. It begins with a desire by the church leadership, (executive level employees and lay leaders) to operate in transparency. To instill a healthy tone at the top, a concerted effort must be taken that includes communicating on a regular basis the need for accountability in all areas of the church, as well as the values the church expects its representatives to model. Church leadership should also make an open statement of its commitment to transparency by participating in accountability measures such as requiring all individuals in positions of trust to sign conflict of interest statements. Most importantly, the church must insist that these trusted individuals live by the church’s accountability rules.”(pg. 33)
Almost all of us have experienced the ‘boss’ that either wasn’t willing to lead the team or didn’t play by the same rules they tried to implement. You can usually observe the environment around this ‘boss’ and note the lack of respect, trust, and loyalty. Unfortunately, this atmosphere often bleeds over onto the organization as well. When employees and volunteers of a church lack these elements of integrity, the organization will suffer. How strong is the structure of your organization? Is your church in danger of making the front page?
–Lisa Chapman is an auditor specializing in church accounting with PSK LLP.
How tech-savvy is your Church? What oversights are in place to keep your Church in-step with new technology? In his book, Weeds in the Garden, Verne Hargrave points out that although advances in information technology have simplified accounting and record-keeping for Churches, it has also created additional risks.
“The area where churches may be the most naïve are cyber threats from outside the walls of the church. Few give enough thought to a basic twenty-first century fact of life; by opening one single internet account, if care is not exercised, the world has been invited into your living room. Today, except for the very smallest of congregations, all churches are vulnerable to hackers wanting to take advantage of the perceived, and in many cases, real naiveté….
Churches also make online purchases, sell goods and event tickets online, and an increasing number receive offerings online. Without question these steps have improved the efficiency and effectiveness of churches. Using fewer staff and volunteers and spending much less time, churches can do a better job of collecting and tabulating gifts, managing church activities, reporting results, and most importantly, reaching out to the unchurched. However, each of these new ways of doing business represents a new porthole through which fraudsters can gain entrance to church data and assets.”
Technology can greatly simplify matters for churches; however, it also opens up new ways for hackers and those with impure motives to steal money or data. What is your church doing to protect its members? Who is looking out for your church?
–Justin Baldwin, CPA is a Senior Auditor specializing in church accounting with PSK LLP.