Joe Epps 2014-02-27 23:03:13
Not-For-Profit Fraud Risk Joe Epps is a CPA and CFE with over 30 years of experience in forensic accounting. His litigation support experience includes contract disputes, anti-trust, economic damages, fraud investigations, business valuation and intellectual property litigation. Joe is currently president of Epps Forensic Consulting and teaches a graduate course on forensic accounting at Arizona State University. For more information, please call (480) 595-0943 or visit www.eppsforensics.com. I was recently contacted by a not-for-profit organization in the Phoenix area. They had caught their bookkeeper stealing and wanted some assistance in determining and proving the amount of the thefts. As always, I started by asking how the employee had perpetrated the thefts. In this case, the thefts were the result of the employee using company credit cards for personal expenses. The thefts were known to have taken place over a period of at least seven years. This was as far back as the company looked into the potential thefts. Since the employee had been in the same position for over 15 years, the thefts were probably occurring for many more than seven years. The amount of the thefts was documented to be hundreds of thousands of dollars. As often happens in these cases, the employee was living on all of her income plus the expenses being covered by the illicit use of the credit card. No recovery was going to come from the employee. Although the company had employee dishonesty insurance, it was only a small fraction of the amount stolen. This was money that could not be used to further the purpose of the organization, and it could not be recouped. It has been my observation that not-for-profit entities organized for the benefit of people needing assistance are particularly vulnerable to employee dishonesty. I think this is because people who know they are doing great good in the community tend to think that everyone in the organization is also focused on providing the greatest benefit possible. It simply does not occur to them that anyone in the organization could work at a counter-purpose to the organizational goals. This results in a blind spot where employees are concerned. So, the question, therefore, is how can an organization be protected without treating all employees as potential criminals? The first thing to understand and believe is that having review procedures to protect the assets of the organization from potential employee misuse has nothing to do with trusting or not trusting the employees. It has everything to do with responsible oversight. And, it protects an employee, who might otherwise be a good person, from giving into temptation or responding to unusual stress. The fact is, these things happen and the organization can protect people against their own potential weaknesses. The first step is to recognize that it is possible to have internal controls even in the smallest organization. In this case, if someone in the organization had simply looked at the monthly credit card statements, the personal use would have been readily apparent. It would not have taken a lot of time or any level of bookkeeping knowledge. Use of the credit card for non-business trips and purchases at stores like Nordstrom would have been readily identifiable. The internal process could be that some person other than the bookkeeper must review the monthly credit card statements before the bill is paid. The reviewer would be instructed to bring to the attention of management (someone other than the bookkeeper) any expense that looks unusual. They should also have the authority to review any supporting invoice. It is essential that the bookkeeper know that this review is occurring. This process of reviewing the statements would act as a deterrent. The final step is that the reviewer must have a responsibility to sign off that they had reviewed the credit card statements. This will provide a verifiable accountability. Rotating the reviewer on an unannounced basis and having senior management periodically perform the review (or just perform an additional review) will serve the purpose of minimizing the potential for the reviewer to collude with the bookkeeper and take away some of the impact of a close friendship between the bookkeeper and the reviewer. In this case, the former bookkeeper will be going to jail. Others in the organization may never know if the bookkeeper had always been looking for a way to steal from them or if she had given into temptation or some type of stress. It is certain, however, that if some level of review and verification had been in place, the thefts could have been avoided.
Published by Target Market Media . View All Articles.
This page can be found at http://digitaleditions.walsworthprintgroup.com/article/FORENSIC+ACCOUNTING/1646192/199364/article.html.