Part 10 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church has established a “Positive Pay” arrangement with our bank.
Increasingly, due to technological change and advancement, the threat of fraud is no longer limited to dishonest employees. Hackers and other “online bandits” have become quite proficient in draining the bank accounts of the unsuspecting. One defense against this is to establish a Positive Pay arrangement with your bank.
Only 5% of our respondents have this type of bank account protection in place, which is surprising because Positive Pay is a simple three-step process.
- During the check writing process, a list is compiled of bills to be paid.
- The list is sent to the bank.
- The only checks or drafts to be cleared by the bank are those on the list.
I am very curious why so few take advantage of this. Any ideas?
There is a great difference in attitude in the church environment between receipts and disbursements. While churches exercise extreme vigilance over the “inflow” of funds into the church, many have a rather cavalier attitude towards the “outflow”.
Churches also tend to rely on a few “fraud prevention” methods which in my opinion provide little more protection than a security blanket. They may give a warm and fuzzy feeling, but are no help in a real crisis. The two I hear most often are the requirement of dual signatures for checks over a predetermined amount and the requirement that a check request form be filled out before anyone gets paid. It is not uncommon for these to be the only two “fraud prevention” controls exercised over cash disbursements. Churches that rely on methods this simple are unaware of two basic facts.
- First, dual signatures and homemade check requests are absolutely no match for an ethically challenged employee with the courage to forge.
- Second, and this may be the most surprising, many of the larger and more spectacular embezzlements involve tampering with the church’s cash outflow, not the inflow.
Key: While no system is foolproof (especially if collusion is involved) the best fraud prevention practice in regard to disbursements, is to segregate the bill paying tasks between as many people as possible. Some of the more important tasks to distribute are:
- Payment approval
- Receiving of goods
- Check preparation
- Check signing
- Bill mailing
- General ledger maintenance
Unfortunately, very few churches have enough employees to split all of these tasks up. So what can be done?
Just as with cash receipts, a good place to start is by holding another brain-storming session in which the church’s procurement processes are analyzed. Flow-charting is a very useful tool in this exercise. Then, to the best of the church’s capabilities, the tasks should be distributed among several employees and volunteers. But even after this process, most churches will have more tasks than people to give them to.
But, there are other steps that can be taken. Although they take place after-the-fact, these practices still provide strong measures of fraud prevention.
- First, someone outside the business office could be assigned the task of reconciling the bank account monthly. This could be another employee, the business administrator, or a competent volunteer. The reconciliation should not solely be a “balancing” of the checkbook but should also include a close inspection of the cancelled checks for endorsements and signatures and an analysis of outstanding items. Online banking and remote access has made this practice even more efficient and practical, as volunteers do not have to come to the church office to do the work.
- Another step is to perform an analysis of the church’s check register by exporting it to an electronic spreadsheet and sorting by vendor. It is surprising how quickly check writing “anomalies” can be detected using this procedure. This practice should also be performed periodically.
Although not foolproof or guaranteed to catch everything, these two practices serve a bigger purpose. Key: They are loud and clear advertising to any and all, that someone is looking. This will force a potential thief to at least stop and ask himself; “Do I feel lucky today?”
“We have rotating count teams with clear rules that account for every penny we collect in offerings…”
While this statement is not inaccurate, it is short-sighted. When churches think of fraud, Sunday offering protection is usually the first thing that comes to mind. And as a result, most churches do a very good job in protecting Sunday receipts. In fact, Fort Knox may be an easier target than some churches I have visited who have ratcheted down tightly their Sunday collection procedures!
But, if this is all a church does in protecting itself from fraud, they are at risk. There are at least two significant reasons:
First, Sunday offerings are not the only time cash comes into the church. Many churches with air-tight security over Sunday collections completely ignore what happens from Monday through Saturday. And in many churches, the amounts can be substantial, including day care fees, special event fees such as banquets and conferences, food sales, book sales, fund raising revenues, etc., etc., etc. Also, tithes and offerings that are dropped off during the week often circumvent the entire teller process and instead land directly on the bookkeeper’s desk.
Second, cash inflow is not the only place where embezzlement takes place. In fact, a case can be made that the larger cases do not involve the cash inflow processes, but the outflow. The Association of Certified Fraud Examiners backs this assertion with statistics showing that while skimming (taking money before it is recorded) makes up 20% of reported fraud cases; check tampering is even more prevalent, making up 25% of the cases. In addition, fraudulent expense reports and payroll scams chip in another 29% for good measure.
So, churches with tight controls over Sunday cash receipts should be commended for their efforts, but also reminded that effective fraud prevention includes extending this vigilance to the other means of inflow, and the outflow side as well.
If you’d like to hear more about our Best Practices Review or one of the many other services we provide, please contact us at (817)664-3000 or email us using our contact form.
“Our bookkeeper has been a member and served our church for many years. We trust him/her completely…”
Church’s Secretary accused of embezzling $1.5 million
Former pastor guilty of stealing from church
Church’s former secretary jailed on fraud charges
Priests get jail for stealing from church
Church secretary accused of stealing thousands
Woman accused of stealing from church
Baptist church secretary was arrested and charged with 17 counts of credit-card fraud…
Church financial secretary steals $216,000—asks for forgiveness
Church secretary admits to stealing $274,000 from congregation
These are all actual headlines from articles about church theft. I think we’d all agree…this is NOT the publicity that anyone wants, particularly a church. In most of the church embezzlement cases I have read about, the crime is not perpetrated by a thief who has sought out a soft target. More often churches are embezzled from by a long-time, dedicated and trusted employee who has been given total access to the church’s financial operations. In short, it is usually not bad people who steal from churches. Rather, church embezzlement is committed by good people who find themselves (or their close relatives) in bad situations.
Churches victimized in this way have often not taken into account the first leg of the “fraud triangle” – Pressure. (Rationalization and opportunity are the other two.) Pressure can be defined as any outside force or set of circumstances that creates a need for cash. Pressure comes in many forms, including large unexpected medical costs, business reversals, and in far too many cases, addictions. When faced with these issues, many people of otherwise unquestioned integrity are tempted to “borrow” from their employer to alleviate the pressure.
Churches have limited control over the pressures their employees and volunteers face. However, they have almost total control over one leg of the triangle – OPPORTUNITY. By establishing strong financial controls and processes churches can go a long way in removing temptation from its employees.
If you’d like to hear more about our Internal Control Assessments or one of the many other services we provide, please contact us at (817)664-3000 or email us using our contact form.
“We require all checks to be signed by two officers of the church”.
Dual controls, or separation of the accounting duties, are an important brick in the wall of fraud protection. Requiring dual signatures is often one of the ingredients in providing proper segregation of duties. But, if this practice is not combined with a few other protective measures it will be no more effective as a lion with no fangs or claws.
True, the knowledge that all checks must be signed by two people will deter most people from taking a chance. But, if this is the only control in place, it will not be enough to scare off a bold predator.
Let me set a scenario. Imagine a bookkeeper who has been given the responsibilities to write checks, prepare the general ledger and reconcile the bank account. If this individual has courage, handwriting skills, and lack of integrity the protection provided by dual signatures will be paper thin. Ask yourself, how much more difficult would it be to forge two signatures than one?
My point? Do not rely on dual signatures as your only wall of defense. Dual signature requirements, standing alone, are no match for a check forger.