Part 5 of our ongoing Fraud Awareness in the Church series will address Policies and Procedures Manuals. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent of fraud awareness in the church environment. We asked churches to respond to this statement:
Our church has compiled written financial, accounting, management and personnel policies in a central document such as an accounting and management policy manual.
Given the multitude of church management resources available and the myriad of church conferences that church managers can attend, it surprised me that only 50% of the respondents answered “yes” to this question. The reasons for this low compliance rate puzzles me, but if I had to make a guess as to the culprit, I would say that it is because of the “tyranny of the urgent” environment that many church managers live in. Because of their overloaded schedules many simply adopt the “Wac-a-Mole” management theory in which the administrators simply handle what pops up next. As long as they are getting the job done, they see no need to document procedures.
Unfortunately, by doing this, they are ignoring the fact that not having written policies and procedures is not only a bad way to do business, it also exposes the church to fraud. The reason? Fraudsters HATE BASELINES!
Baselines help the church define “normal”. Without normal or standard operating metrics it is difficult to determine if this year’s numbers are consistent with last year’s. These blurred lines are a happy hunting ground for crooks.
KEY: Implementing a Policies and Procedures Manual will establish baselines and definitely help prevent fraud in your church!
Part 4 of our ongoing Fraud Awareness in the Church series will address Volunteer Training. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent of fraud awareness in the church environment. We asked churches to respond to this statement:
Our church conducts formal volunteer orientation or training.
Over 60% of the respondents reported having formal volunteer orientation and training. The Church (universal) is arguably the greatest volunteer organization in world history. Without volunteers, there would be no church, or at least not an effective one.
But unfortunately, many churches take their volunteers for granted. One way I’ve seen this played out is the lack of volunteer TRAINING. Many churches send their financial volunteers into action with little, if any, formal preparation. Often, these individuals are pressed into service and simply try to do the best they can with little knowledge of the church’s policies and procedures.
There is a negative byproduct of not training volunteers: While the church’s policies may not change (after all, they should be in writing), procedures certainly will change. With the normal flux of volunteers coming and going procedures will be constantly changing as well.
In short, operational baselines will become blurred. And remember, fraudsters HATE baselines!
KEY: Volunteer training helps ensure a thorough knowledge of church policies and procedures, and thwarts potential fraud.
Part 3 of our ongoing Fraud Awareness in the Church series will look at Conflicts of Interest. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent of fraud awareness in the church environment. We asked churches to respond to this statement:
Our church has adopted a formal conflict of interest policy.
Approximately 30% of the churches responding do not have a written conflict of interest policy.
It is important to point out that a conflict of interest policy is not a fraud preventative in and of itself. The primary purpose of such a policy is to insure that a church or other exempt organization does not transact business with board members and executive level employees to such an extent that private benefit or inurement occurs. When this happens, the parties involved can face some pretty serious repercussions with the IRS. But a conflict of interest policy does play a key role in fraud prevention.
Creating a fraud-free environment involves much more than policies, procedures and internal controls. It also involves setting the proper organizational tone, or atmosphere of financial accountability. One element in the proper tone at the top is the implementation of a conflict of interest policy which limits transactions between the church and its employees, directors and significant contributors.
KEY: A conflict of interest policy is a strong ADVERTISEMENT to potential thieves that the church takes stewardship and accountability seriously.
Part 2 of our ongoing Fraud Awareness in the Church series will deal with Church Governance. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent of fraud awareness in the church environment.
Where Fraud Prevention Begins
Typically, when a CPA is asked about fraud prevention, he/she will launch into a long dissertation about the importance of internal controls. To most accountants and administrators this is where fraud prevention begins.
I disagree.
Fraud prevention, in my opinion, begins with a strong organizational structure. Internal controls are great, and necessary. But, it is the organizational strength that sees to it that the internal controls are actually followed. Without an adequate church governance program in place, the controls will not be consistent.
I can attest to this personally. The WORST (by far) fraud investigation I have been involved with totaled in excess of $1.25 million dollars. And, the theft did not start until AFTER the perpetrator had convinced the church to adopt a leadership team approach and abandon the more traditional committee approach the church had historically followed.
The leadership team consisted solely of church employees who answered to the culprit. Once this system of NON-ACCOUNTABILITY was put in place, it was a simple proposition to dismantle what little controls the church had once had.
KEY – A strong church governance, which is characterized with good stewardship, accountability and transparency, is the first line of defense against fraud attacks.
Next post we will begin taking an in-depth look at some of the questions we asked our participants to respond to, starting with Conflicts of Interest.
Last week I conducted two break-out sessions at the NACBA National Conference in Houston. During these sessions I reported the final results of the PSK/NACBA fraud survey conducted earlier this year. In the coming posts I will be sharing some of the information we gleaned from our survey.
Goal of the Fraud Survey
Before launching into this discussion however, it must be pointed out that this was not a scientific poll. Rather, it is simply a questionnaire answered by a little over 100 participants who were invited to participate. The goal was not to obtain specific answers to specific questions, but simply to gain a general understanding of the extent of fraud awareness in the church environment.
In fact, because the sample size was small and most of the participants (I assume) were NACBA members or churches with a high degree of management sophistication, I expected the results to be skewed to the high side. *My opinion – If a scientific poll had been conducted, compliance indicators would have been MUCH lower.
As we go through the results of our fraud survey, you will notice that we (PSK) have grouped the questions asked of participants according to several “key” areas in church operations that are fundamental to fraud prevention. The first of these key areas – Church Governance.
The full list of topics are below. Stay tuned in the coming weeks for more of the same great fraud prevention tips you have learned to trust from Weeds in the Garden!
Results of the PSK/NACBA Fraud Survey – Upcoming Blog Topics:
- Church Governance
- Conflicts of Interest
- Volunteer Training
- Policies & Procedures Manual
- Credit Checks
|
- Segregation of Duties
- Cash Disbursements
- Payroll Fraud
- Information Technology
- Payments to Individuals
- Fraud Prevention Programs
|
Part 12 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church has implemented a written credit card policy to control credit card purchases.
Ok, I know I was a little harsh in the last post… I guess it’s because I have seen too many credit card train wrecks! The million dollar event I discussed in the last post was definitely the largest, but I have seen many of its smaller brothers and sisters.
Although over 80% of the surveyed churches issue church-named credit cards, the results of the next query gives me some comfort. 70% of these churches have implemented a church credit card policy to monitor credit purchases. Unfortunately, that leaves nearly a third with no documented policies to give oversight over credit card purchases. Based on the things I have seen, these 30 percenters are living on the edge.
It is imperative that any church issuing credit cards to employees and volunteers has a credit card policy to lay down usage guidelines.
At a bare minimum a church credit card policy should:
- Limit the dollar amounts of single purchases, and
- Restrict the use of the cards to certain businesses.
What would you add to these two requirements?
Part 11 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church issues credit cards (in the church’s name) to employees and/or volunteers.
At a response rate that came as no surprise to me, 86% of the churches who took part in our survey issue credit cards to employees. It continues to amaze me how many churches follow this practice. Seldom do we see this in our work with commercial clients. Most businesses with accountable business expense reimbursement plans require employees to use their own cards. This is particularly true with smaller organizations. Some larger companies do issue corporate cards, but all of them I have seen keep the employee on the hook by including the employee on the account: The employee pays the bill AFTER being reimbursed by the company. Employees of businesses that follow this procedure tend to be more responsible credit card users because there is always the possibility that their employer may say, “NO!”
Why do we consider the issuance of credit cards (in the church’s name) a fraud risk? I have a simple answer:
The largest church credit card fraud investigation I have conducted resulted in more than one million dollars in losses.
Illicit use of just two credit cards was responsible for 75% of the theft!
Without sufficient oversight, credit cards can turn the entire purchase approval system on its head. I have seen it happen…
Part 10 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church has established a “Positive Pay” arrangement with our bank.
Increasingly, due to technological change and advancement, the threat of fraud is no longer limited to dishonest employees. Hackers and other “online bandits” have become quite proficient in draining the bank accounts of the unsuspecting. One defense against this is to establish a Positive Pay arrangement with your bank.
Only 5% of our respondents have this type of bank account protection in place, which is surprising because Positive Pay is a simple three-step process.
- During the check writing process, a list is compiled of bills to be paid.
- The list is sent to the bank.
- The only checks or drafts to be cleared by the bank are those on the list.
I am very curious why so few take advantage of this. Any ideas?
Part 9 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church has established an “approved vendor list”. All payments for goods or services are made only to vendors on the list.
A surprisingly high percentage of our respondents – 82% had not established an “approved vendor list”. A common misconception in the church environment is that, “If we are going to be hit, it will be directed towards our tithes and offerings.” While this does happen frequently, some of the largest dollar losses occur in the disbursement processes, not the receipts. Also, these types of frauds, because of their difficulty of detection, seem to go on for longer periods of time than thefts of cash receipts. From my observations, it seems that many more churches are hit after their revenues are safely in the church’s bank accounts, not on their way in.
The first line of defense against vendor disbursement fraud is the development of well-defined AND well-written bill approval and payment policies and processes.
In addition to purchase orders and check requests, such a system should include a formal vendor selection and retention process. After successfully screening potential donors, the church should develop a preferred vendor list. As part of the check signing process, payees should be compared to the approved vendor list.
Part 8 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church reconciles payroll quarterly reports with the payroll journals and general ledger.
Almost 25% of our respondents do not perform this relatively simple task. I can show you plenty of news reports of churches who wish they had! Occasionally, I need to point out the obvious; thieves do not like to get caught! To remain successful at this, they have to hide in the tall weeds. This means they are going to target the big numbers in a church’s financial statements. And the biggest of the big numbers is payroll cost.
Typically, payroll makes up 50% of a church’s operating budget.
For example, if a church has a one million dollar budget, a thief can easily find cover among $500K of tall weeds!
To avoid being the victim, churches should take care to:
- Know who their employees are
- Know how much their employees are paid
- Periodically review activity in the payroll general ledger accounts
- Compare payroll reports with budget totals.