Part 6 of our ongoing Fraud Awareness in the Church series will examine Credit Checks. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent of fraud awareness in the church environment. We asked churches to respond to this statement:
Our church conducts credit checks on financial employees and volunteers.
While almost all churches perform criminal background checks on employees and volunteers serving with children, very, very few extend the background check to financial matters.
ONE TRUTH – Potential employees in financial difficulty will bring their money problems with them to your church. (This not only applies to business managers, bookkeepers and accountants, but also ministers who are given oversight responsibilities over a portion of the church budget.)
Unfortunately, many churches learn this lesson after the fact. Performing a credit check PRIOR to hiring can prevent a boat load of misery!
Credit checks require a little more work than criminal background checks. The individual must give their permission and there must be a financial reason for conducting the credit check.
KEY: Credit checks on employees and volunteers who oversee financial matters can help flag and prevent potential fraud in the church.
Part 11 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church issues credit cards (in the church’s name) to employees and/or volunteers.
At a response rate that came as no surprise to me, 86% of the churches who took part in our survey issue credit cards to employees. It continues to amaze me how many churches follow this practice. Seldom do we see this in our work with commercial clients. Most businesses with accountable business expense reimbursement plans require employees to use their own cards. This is particularly true with smaller organizations. Some larger companies do issue corporate cards, but all of them I have seen keep the employee on the hook by including the employee on the account: The employee pays the bill AFTER being reimbursed by the company. Employees of businesses that follow this procedure tend to be more responsible credit card users because there is always the possibility that their employer may say, “NO!”
Why do we consider the issuance of credit cards (in the church’s name) a fraud risk? I have a simple answer:
The largest church credit card fraud investigation I have conducted resulted in more than one million dollars in losses.
Illicit use of just two credit cards was responsible for 75% of the theft!
Without sufficient oversight, credit cards can turn the entire purchase approval system on its head. I have seen it happen…
Part 10 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church has established a “Positive Pay” arrangement with our bank.
Increasingly, due to technological change and advancement, the threat of fraud is no longer limited to dishonest employees. Hackers and other “online bandits” have become quite proficient in draining the bank accounts of the unsuspecting. One defense against this is to establish a Positive Pay arrangement with your bank.
Only 5% of our respondents have this type of bank account protection in place, which is surprising because Positive Pay is a simple three-step process.
- During the check writing process, a list is compiled of bills to be paid.
- The list is sent to the bank.
- The only checks or drafts to be cleared by the bank are those on the list.
I am very curious why so few take advantage of this. Any ideas?
Part 5 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
Our church uses pre-numbered purchase orders or check requests.
Theft of cash receipts, particularly offerings, garners the most attention by churches in their fraud prevention practices. However, the largest dollar-loss incidents tend to occur in the bill paying arena. In most of the check writing fraud cases I read about I see the same four ingredients which allowed the theft to take place:
- Poor segregation of duties
- Failure to pay attention to the bank reconciliation process
- Poor security over the church’s check stock
- Absence of a formal bill approval and payment system
The starting point of a formal bill payment system is the utilization of preprinted (or computer generated) sequential purchase orders or check requests. The absence of such a system can be the beginning of sorrows for a church.
Approximately 54% of the survey respondents reported not using proper documentation to begin the bill approval process.
Part 4 of our ongoing Fraud in the Church series. PSK in cooperation with the National Association of Church Business Administration (NACBA) conducted a survey to determine the extent to which churches are attempting to address the problem of church fraud. We asked them to respond to this statement:
We present a list of authorized check signers to the Leadership Team. (Elders, Finance Committee, etc.)
This is one of the routine questions we ask financial staff when we conduct an audit of a church. While monitoring check signatures has some merit, it is in my opinion, rather overrated due to the fact that commercial banks no longer review signatures to the same extent they did in the past. Also, if you are unfortunate enough to hire a thief with courage and great handwriting skills, no amount of signature verification will be sufficient. A person with sufficient bravery and forgery skills can wreak havoc on even the most secure systems.
But, a byproduct of this process can be extremely beneficial. An annual review of authorized check signers, forces the church to also assess how many and the nature of the bank accounts it has on hand. If no review is ever performed, it can be easy for a bank account (or two or three…) to unofficially “go inactive”. These “dormant” accounts can sit under the radar for years until a dishonest employee discovers them.
One of the hurdles a thief has to jump is once funds have been diverted, how to get stolen dollars out of the church. Dormant accounts are very handy in meeting this challenge. To illustrate, small amounts can be siphoned out of a church by the payment of phony invoices. The thief allocates these illicit transactions throughout various budget line item accounts being careful to keep the total for the year within budget limits. Once the funds are safely in the dormant account the thief simply transfers the funds to a personal account…
Our survey results indicated that 41% of the respondents reported they did not conduct an annual evaluation of its bank accounts and signatures. That is a wide margin of opportunity for would-be thieves.
There is a great difference in attitude in the church environment between receipts and disbursements. While churches exercise extreme vigilance over the “inflow” of funds into the church, many have a rather cavalier attitude towards the “outflow”.
Churches also tend to rely on a few “fraud prevention” methods which in my opinion provide little more protection than a security blanket. They may give a warm and fuzzy feeling, but are no help in a real crisis. The two I hear most often are the requirement of dual signatures for checks over a predetermined amount and the requirement that a check request form be filled out before anyone gets paid. It is not uncommon for these to be the only two “fraud prevention” controls exercised over cash disbursements. Churches that rely on methods this simple are unaware of two basic facts.
- First, dual signatures and homemade check requests are absolutely no match for an ethically challenged employee with the courage to forge.
- Second, and this may be the most surprising, many of the larger and more spectacular embezzlements involve tampering with the church’s cash outflow, not the inflow.
Key: While no system is foolproof (especially if collusion is involved) the best fraud prevention practice in regard to disbursements, is to segregate the bill paying tasks between as many people as possible. Some of the more important tasks to distribute are:
- Payment approval
- Receiving of goods
- Check preparation
- Check signing
- Bill mailing
- General ledger maintenance
Unfortunately, very few churches have enough employees to split all of these tasks up. So what can be done?
Just as with cash receipts, a good place to start is by holding another brain-storming session in which the church’s procurement processes are analyzed. Flow-charting is a very useful tool in this exercise. Then, to the best of the church’s capabilities, the tasks should be distributed among several employees and volunteers. But even after this process, most churches will have more tasks than people to give them to.
But, there are other steps that can be taken. Although they take place after-the-fact, these practices still provide strong measures of fraud prevention.
- First, someone outside the business office could be assigned the task of reconciling the bank account monthly. This could be another employee, the business administrator, or a competent volunteer. The reconciliation should not solely be a “balancing” of the checkbook but should also include a close inspection of the cancelled checks for endorsements and signatures and an analysis of outstanding items. Online banking and remote access has made this practice even more efficient and practical, as volunteers do not have to come to the church office to do the work.
- Another step is to perform an analysis of the church’s check register by exporting it to an electronic spreadsheet and sorting by vendor. It is surprising how quickly check writing “anomalies” can be detected using this procedure. This practice should also be performed periodically.
Although not foolproof or guaranteed to catch everything, these two practices serve a bigger purpose. Key: They are loud and clear advertising to any and all, that someone is looking. This will force a potential thief to at least stop and ask himself; “Do I feel lucky today?”
“We have rotating count teams with clear rules that account for every penny we collect in offerings…”
While this statement is not inaccurate, it is short-sighted. When churches think of fraud, Sunday offering protection is usually the first thing that comes to mind. And as a result, most churches do a very good job in protecting Sunday receipts. In fact, Fort Knox may be an easier target than some churches I have visited who have ratcheted down tightly their Sunday collection procedures!
But, if this is all a church does in protecting itself from fraud, they are at risk. There are at least two significant reasons:
First, Sunday offerings are not the only time cash comes into the church. Many churches with air-tight security over Sunday collections completely ignore what happens from Monday through Saturday. And in many churches, the amounts can be substantial, including day care fees, special event fees such as banquets and conferences, food sales, book sales, fund raising revenues, etc., etc., etc. Also, tithes and offerings that are dropped off during the week often circumvent the entire teller process and instead land directly on the bookkeeper’s desk.
Second, cash inflow is not the only place where embezzlement takes place. In fact, a case can be made that the larger cases do not involve the cash inflow processes, but the outflow. The Association of Certified Fraud Examiners backs this assertion with statistics showing that while skimming (taking money before it is recorded) makes up 20% of reported fraud cases; check tampering is even more prevalent, making up 25% of the cases. In addition, fraudulent expense reports and payroll scams chip in another 29% for good measure.
So, churches with tight controls over Sunday cash receipts should be commended for their efforts, but also reminded that effective fraud prevention includes extending this vigilance to the other means of inflow, and the outflow side as well.
If you’d like to hear more about our Best Practices Review or one of the many other services we provide, please contact us at (817)664-3000 or email us using our contact form.
News stories about church funds being embezzled by an employee or clergy are common, but embezzlement by someone charged with oversight is rarely reported in the media. A Michigan based news site, www.mlive.com reported the following story on September 16, 2010:
Former Birch Run church leader charged with embezzling more than $100k from congregation
The former church president in Birch Run, Michigan, remains in jail on a $250,000 cash-only bond for allegedly embezzling over one hundred thousand from the ministry.
According to the perpetrator, he “got in deep” and “was trying to get his son out of trouble.” The former church president was able to withdraw funds from the various church bank accounts by writing checks and affidavits of loss and cashing them using his and the signature of the congregation treasurer, without her knowledge.
The church could have easily prevented this from happening.
First, the church president remained in that position for 12 years, allowing him to commit and conceal the fraud for an extended period of time. Positions of oversight i.e. president, treasurer, finance committee membership etc. should be rotated periodically. The term and rotation of the officers should also be documented within the church’s bylaws and constitution.
Second, it appears that the perpetrator had joint custody of the bank account along with the church treasurer but was also responsible for paying bills. Just because an individual serves as the president does not mean that his duties are exempt from oversight and the principle of segregation of duties. He was assigned to approve and sign checks, so the actual function of writing checks, recording disbursements in the general ledger and reconciling bank accounts should have been assigned to someone else. Every organization should put faith in a system, not a person.
And lastly, he had pressure to commit the fraud. In his own words, he was trying to get his son out of trouble. Given the circumstances, anyone in his position would have been tempted to commit the crime.
Obviously, he alone is responsible for the act; however, it was the responsibility of the church’s leaders to implement a system of checks and balances and ensure that authority is not concentrated in one individual’s hands, regardless of his status and reputation within the church and the local community.
To avoid this from happening at your church we have created FACT, a web-based test which will identify the cracks in your current system and help you prevent fraud in the future.
Give us a call at (817) 664-3000.
“Our bookkeeper has been a member and served our church for many years. We trust him/her completely…”
Church’s Secretary accused of embezzling $1.5 million
Former pastor guilty of stealing from church
Church’s former secretary jailed on fraud charges
Priests get jail for stealing from church
Church secretary accused of stealing thousands
Woman accused of stealing from church
Baptist church secretary was arrested and charged with 17 counts of credit-card fraud…
Church financial secretary steals $216,000—asks for forgiveness
Church secretary admits to stealing $274,000 from congregation
These are all actual headlines from articles about church theft. I think we’d all agree…this is NOT the publicity that anyone wants, particularly a church. In most of the church embezzlement cases I have read about, the crime is not perpetrated by a thief who has sought out a soft target. More often churches are embezzled from by a long-time, dedicated and trusted employee who has been given total access to the church’s financial operations. In short, it is usually not bad people who steal from churches. Rather, church embezzlement is committed by good people who find themselves (or their close relatives) in bad situations.
Churches victimized in this way have often not taken into account the first leg of the “fraud triangle” – Pressure. (Rationalization and opportunity are the other two.) Pressure can be defined as any outside force or set of circumstances that creates a need for cash. Pressure comes in many forms, including large unexpected medical costs, business reversals, and in far too many cases, addictions. When faced with these issues, many people of otherwise unquestioned integrity are tempted to “borrow” from their employer to alleviate the pressure.
Churches have limited control over the pressures their employees and volunteers face. However, they have almost total control over one leg of the triangle – OPPORTUNITY. By establishing strong financial controls and processes churches can go a long way in removing temptation from its employees.
If you’d like to hear more about our Internal Control Assessments or one of the many other services we provide, please contact us at (817)664-3000 or email us using our contact form.
“We require all checks to be signed by two officers of the church”.
Dual controls, or separation of the accounting duties, are an important brick in the wall of fraud protection. Requiring dual signatures is often one of the ingredients in providing proper segregation of duties. But, if this practice is not combined with a few other protective measures it will be no more effective as a lion with no fangs or claws.
True, the knowledge that all checks must be signed by two people will deter most people from taking a chance. But, if this is the only control in place, it will not be enough to scare off a bold predator.
Let me set a scenario. Imagine a bookkeeper who has been given the responsibilities to write checks, prepare the general ledger and reconcile the bank account. If this individual has courage, handwriting skills, and lack of integrity the protection provided by dual signatures will be paper thin. Ask yourself, how much more difficult would it be to forge two signatures than one?
My point? Do not rely on dual signatures as your only wall of defense. Dual signature requirements, standing alone, are no match for a check forger.