Part 8 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church reconciles payroll quarterly reports with the payroll journals and general ledger.
Almost 25% of our respondents do not perform this relatively simple task. I can show you plenty of news reports of churches who wish they had! Occasionally, I need to point out the obvious; thieves do not like to get caught! To remain successful at this, they have to hide in the tall weeds. This means they are going to target the big numbers in a church’s financial statements. And the biggest of the big numbers is payroll cost.
Typically, payroll makes up 50% of a church’s operating budget.
For example, if a church has a one million dollar budget, a thief can easily find cover among $500K of tall weeds!
To avoid being the victim, churches should take care to:
- Know who their employees are
- Know how much their employees are paid
- Periodically review activity in the payroll general ledger accounts
- Compare payroll reports with budget totals.
Part 7 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church follows written guidelines in administering benevolence fund activity.
Many churches establish benevolence funds to assist needy persons. This is a normal and expected function of any church. However, if assistance programs are not monitored closely the benevolence fund can become a target of theft. Benevolence funds are favorite targets for several reasons:
- There is no business cycle, making baseline analysis almost impossible
- Checks are written to a variety of individuals and vendors not closely related to the church, making it easy to slip one more in the pile
- To protect the confidentiality of recipients, some churches operate separate bank accounts that only one person has the right to see!
35% of our respondents do not follow written guidelines in administering assistance programs.
It is extremely important that the Church establish clear policies on its benevolence activities. Such policies should include but not be limited to:
- what funds will be accepted
- who will administer the funds
- who will receive the funds, and
- for what purposes the funds will be spent.
Best practices also dictate that a documented beneficiary application and approval process be followed when awarding assistance.
Part 5 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church uses pre-numbered purchase orders or check requests.
Theft of cash receipts, particularly offerings, garners the most attention by churches in their fraud prevention practices. However, the largest dollar-loss incidents tend to occur in the bill paying arena. In most of the check writing fraud cases I read about I see the same four ingredients which allowed the theft to take place:
- Poor segregation of duties
- Failure to pay attention to the bank reconciliation process
- Poor security over the church’s check stock
- Absence of a formal bill approval and payment system
The starting point of a formal bill payment system is the utilization of preprinted (or computer generated) sequential purchase orders or check requests. The absence of such a system can be the beginning of sorrows for a church.
Approximately 54% of the survey respondents reported not using proper documentation to begin the bill approval process.
Part 4 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
We present a list of authorized check signers to the Leadership Team. (Elders, Finance Committee, etc.)
This is one of the routine questions we ask financial staff when we conduct an audit of a church. While monitoring check signatures has some merit, it is in my opinion, rather overrated due to the fact that commercial banks no longer review signatures to the same extent they did in the past. Also, if you are unfortunate enough to hire a thief with courage and great handwriting skills, no amount of signature verification will be sufficient. A person with sufficient bravery and forgery skills can wreak havoc on even the most secure systems.
But, a byproduct of this process can be extremely beneficial. An annual review of authorized check signers, forces the church to also assess how many and the nature of the bank accounts it has on hand. If no review is ever performed, it can be easy for a bank account (or two or three…) to unofficially “go inactive”. These “dormant” accounts can sit under the radar for years until a dishonest employee discovers them.
One of the hurdles a thief has to jump is once funds have been diverted, how to get stolen dollars out of the church. Dormant accounts are very handy in meeting this challenge. To illustrate, small amounts can be siphoned out of a church by the payment of phony invoices. The thief allocates these illicit transactions throughout various budget line item accounts being careful to keep the total for the year within budget limits. Once the funds are safely in the dormant account the thief simply transfers the funds to a personal account…
Our survey results indicated that 41% of the respondents reported they did not conduct an annual evaluation of its bank accounts and signatures. That is a wide margin of opportunity for would-be thieves.
Part 3 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church has established a formal program for reporting fraudulent activities.
In its 2010 Report to the Nations, the Association of Certified Fraud Examiners revealed that 40% of fraud cases were initially detected by anonymous tips. Half of the tips came from employees. Approximately two-thirds of these cases were communicated through the entity’s fraud hotline. This data is not inconsistent with prior years’ findings. In fact, during one year a whopping 60% of detected fraud was discovered by the combination of tips and/or by accident! In our survey, we learned that 59% of the churches responded reported having no mechanism for employees, members, and vendors to report suspected improper behavior.
The use of anonymous hotlines, usually found on an entity’s website, has been quite successful in the corporate and government environments. However, this is a tough sell in the church environment as it seems distasteful to most people involved in church. And that includes me…
I have been (and remain) reluctant to recommend to my church clients taking such a step.
However, one solution I have seen, that may be a good middle-ground is to outsource this function. There are third parties who provide this service by making available a toll-free phone line and a web address. Because confidentiality is crucial, all reports go directly to the third party and bypass any nosy people along the way. As part of the church’s whistleblowers policy (which I hope your church has) a description of the third party providing these services and the processes to be followed should be included in the church personnel manual.
What do you think about this idea?
Part 2 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church has established a formal program for managing fraud risk.
Almost 63% of our respondents reported that they have not conducted a fraud risk assessment or implemented an ongoing formal church fraud prevention program. Unfortunately, my guess is that the national average is much higher. It is hard to pinpoint what might be the cause of this rather high percentage but two reasons are prominent:
- The workload of most church business administrators (CBA) has them stretched to the limit. There is barely time to get all of the routine tasks completed on a timely basis much less take on additional projects.
- When they do try to implement a church fraud risk program, many CBAs end up as the Lone Ranger. In many, if not most churches, fraud prevention is a very difficult proposition to sell. The biggest hurdle? The mistaken belief that “it can never happen here.”
It is not enough to simply be aware of the threat of fraud or go through the motions of fraud prevention. Ministries that don’t commit themselves to a strong fraud prevention and detection program will likely end up as victims.
A few key ingredients of a formal church fraud risk program include:
- Education of church employees, volunteers and members of the risks of fraud.
- Conducting an initial “brain storming” session whose purpose is to identify potential fraud portals.
- Assigning ownership of fraud prevention processes to key church leaders and employees.
- Implementing a periodic review of transactions.
- Periodic review and assessment of the church’s systems.
- Implementation of an anonymous whistleblower hotline. (More about this in a subsequent post)
What went wrong at this Church? How could this one employee make off with $200k of funds raised for her congregation and parochial school? Read the full article here. Simple financial controls may have prevented this! Does your Church have adequate internal controls? We can help!
Source: Journal Sentinel Online – Milwaukee
According to the Association of Certified Fraud Examiners, the second most common red flag is financial difficulties of individuals involved in financial matters of an organization. The occurrence rate of 36% consists of reported frauds at all levels of the organizations victimized. However, if we look solely at frauds committed at the employee level (disregarding frauds committed by managers) the rate soars to almost 50% of all fraud cases.
This makes sense because employees receive lower compensation compared to the management level. When unexpected financial events occur, they are less likely to have a “rainy-day fund” set aside to get them through. This can lead to poor judgment in several areas, the first of which is usually excessive use of credit cards. When these individuals find it difficult to climb out of their debt problem and they might focus on other areas of relief, one of which is their employer’s money.
Once again, I must stress that the presence of these circumstances is proof of nothing, but organizations must keep in mind that personal financial difficulties are a common denominator in a great many fraud occurrences. But, how can a church leader address this possibility? Here are three thoughts.
- In addition to performing the normal background check, a church might consider performing annual credit checks on employees involved in the financial activity of the church. It is not too much of a stretch to say that if you hire someone with a poor credit history, you have hired their problems as well. Keep in mind, that credit checks generally require the employee’s permission
- Provide financial counseling for employees. This is another way to discover if any employees are struggling with finances. But it also helps the church relieve some of the pressure an employee may be experiencing by providing a way out of their dilemma.
- Finally, and most importantly, you must close down the opportunity of fraud. In most of the church fraud cases I have read, the most common characteristic is terrible segregation of duties. Often, one person is in charge of all of the church’s financial tasks. When you combine these two ingredients: financial troubles and total control of a church’s financial activities….
Well, you can guess the rest.
I doubt that Oscar Wilde had church fraud in mind when he penned these words, but they do describe the nature of many embezzlers. Occasionally, the irresistible temptation to treat themselves to luxury items overrides a thief’s need to keep hidden. Ultimately, this inability to resist temptation brings unwanted attention to the culprits in the form of things like fancy cars and exotic travel. For example, several years ago a treasurer of a church organization was convicted and sentenced to five years in prison for embezzling more than two million dollars. Infuriated by what the judge termed a “spurious psychiatric defense”, the judge went on to describe the treasurer as a “common thief” who looted church funds “to live the life style of someone she was not”.
Employees suddenly and unexpectedly living beyond their means can be significant red flag. In fact, according to one report, this situation is the most prominent red flag, present in more than 43% of reported cases.
However, we do need to be careful with this red flag. An employee suddenly living above his means is not proof that fraud has taken place. Some people do have rich relatives who leave them money. (Just not in my family…)
Typically there are three ingredients that must be present in order for a fraud to take place. Commonly referred to as the “Fraud Triangle” these three ingredients are:
- Pressure – Forces playing upon individuals in positions of financial responsibility that would make them begin to contemplate doing something they otherwise would have never considered. Frequent types of pressures are unexpected medical costs, job termination or business reversals of a spouse, addictions and a need to “keep up with the Joneses”.
- Rationalization – The self-talk perpetrators engage in to convince themselves that what they are about to do (or are already doing) is ok. For example, the number one rationalization is “I’m not stealing; I will pay it all back.”
- Opportunity – The ability to take advantage of a church without getting caught. Sadly, the most common opportunity for fraud in the church environment is the situation where one bookkeeper has total responsibility for and access to the church’s accounting system.
Generally, a church business administrator has significant control over only one of the Triangle’s legs; Opportunity. Unfortunately, much of the influence of the other two legs, pressure and rationalization, are out of a church’s control; a church has very little influence on outside economic pressures its staff faces. And, a church has virtually no control over the thought processes of its employees and volunteers.
Key Point – But, there is one thing that can be done – A Church Business Administrator can (and should) become a keen observer of his or her staff and volunteers.
Every two years the Association of Fraud Examiners (ACFE) publishes its Report to the Nations. In this document, the ACFE summarizes data compiled from fraud incidents reported to it by member Certified Fraud Examiners. One interesting part of the 2010 report is “Behavioral Red Flags”. These red flags were compiled by victims of fraud, who on reflection recalled certain behavioral changes on the part of the fraudster. Unfortunately, if these red flags would have been noticed earlier, the frauds could have been curtailed at a much earlier stage.
In our next series of posts we will share a few of the most common red flags.
