Preventing Fraud for Charities
Thursday, 5th December 2013 at 9:33 am
Nearly half of Australian organisations have experienced some form of fraud in the past 12 months. And even charities are not immune to it, writes Forensic Services Partner at PricewaterhouseCoopers, Cassandra Michie.
Fraud in Charitable organisations can have a devastating impact which extends far beyond purely financial losses, including damage to a charity’s reputation and community perception of those associated with it.
There is a heightened level of fraud risk in the current economic environment with nearly 50 per cent of Australian organisations experiencing some form of fraud in the past 12 months. Charities are not immune and are susceptible to fraud in its full lifecycle – from cash receipts to cash payments.
This article outlines the importance for charities of implementing a fraud control framework as a first line of defence to minimise the risk of fraud and protect themselves from experiencing losses.
A fraud control framework comprises three key elements: Prevention, Detection and Response.
Response deals with the investigative process once a potential incident is identified, but critical to mitigating the risk of fraud is ensuring that charities have strong Prevention and Detection elements.
Key features for Prevention include:
Tone at the top: Those at the top are in the best position to ensure their employees follow policies by communicating a clear message about the organisation attitude towards fraud. Senior staff also need to lead by example with regards to the line between the organisation’s assets and activities and those that are personal in nature?
Policies and procedures: Implementing clear policies and procedures clarify what is unacceptable behaviour and guide employees about how to conduct themselves and the activities of the organisation. In organisations where there is a lack of clear policies and procedures it is not uncommon for employees to respond to allegations by claiming that were not aware they were doing anything wrong. Common example relate to personal use of work phones and vehicles.
Pre-employment screening: Many of PwC’s investigations have identified that fraudsters have had a history of inappropriate behaviour and have committed fraud at other organisations. These incidents could have been avoided if the organisations conducted pre-employment screening on new joiners and become aware of these past issues prior to hiring.
Declarations: On at least an annual basis, employees should be required to sign a declaration that they have not engaged in non-compliance or fraudulent activity and that they are not aware of any other activity that could cause the organisation a loss. Employees should also be asked to disclose any potential conflicts of interest, such as relationships they may have with suppliers to the organisation. A gift register should be implemented in order for employees to declare any benefits they receive from third parties.
Training: Employees should be trained on a regular basis about fraud risk.
Risk assessment workshops: Workshops should be conducted on a regular basis where fraud risk is discussed. Interactive sessions where employees can discuss the effectiveness of controls, and identify gaps or new risks ensure that risk control frameworks are thorough and remain effective.
Review of cash receipts: Handling cash is often one of the highest risk areas for a charity. Organisation need to implement clear guidelines on who collects cash, how it is receipted, is it securely store or banked, and monitor against how much should have been collected.
Review of procurement processes: Procurement is another high risk area and it is crucial organisations have policies around requirements for competitive quotes, delegations of authority, establishment of vendor relationships and payment processes. Organisations also need to monitor compliance with these policies to ensure there are not being ignored or neglected.
No system or process is fool proof, and if something does “slip through cracks” then Detection mechanisms are in important to ensuring those issues are quickly identified and action is taken to minimise the loss. .
Data analytics: Performing targeted analysis of payroll and accounts payable data is a powerful tool in identifying unusual or suspicious transactions. There are myriad tests that can be performed and tailored to specific requirements in order identify unusual relationships between vendors and employees, suspicious invoices such as duplicate or sequential invoices, and payments such as those made on the same date of invoice or for large amounts.
Whistleblower hotlines: Fraud is confronting and employees are often unsure how to report their concerns. Having a well-established and publicised whistleblower hotline gives employees a secure and anonymous means to reporting their concerns and ensures they are communicated to an appropriate person to review the matter.
Walkthroughs and control tests: Policies and procedures are important, but are only effective if employees are using the controls that are in place. By conducting walkthroughs and tests controls charities are able to identify areas of non-compliance that need to be addressed with staff, and also whether additional controls need to be considered.
About the Author: Cassandra Michie is a Forensic Services Partner at PricewaterhouseCoopers and has more than 23 years of experience leading forensic engagements for PwC and investigating fraud. Michie has run fraud Prevention, Detection and Response presentations for charities.