Best Practices for Mitigating Fraud in Not-for-Profit Organizations

An estimated $557 billion was donated by individuals, foundations, and corporations to charities in the United States in 2023.

Regardless of where those funds came from, one thing is certain: not-for-profit (NFP) organizations must maintain the public’s trust if they wish to continue receiving donations. This statement is true regardless of a NFPs size. Both small and large NFPs should be aware of the risks unique to their organizations and be proactive in preventing fraud.

The Fraud Triangle

NFPs should be aware of the fraud triangle theory. The theory hypothesizes that if all three segments of the triangle—rationalization, opportunity, and incentive/pressure—are present, a person is highly likely to engage in fraudulent activities. NFPs must work to reduce the existence of the components of the fraud triangle while fulfilling the mission of their organization.

Incentive/Pressure

The incentive is the driving factor behind the fraud. Examples include greed, paying off debt, or wanting to meet personal or business goals.

Rationalization

Rationalization is the justification a fraudster internalizes to explain why it is okay that they commit fraud. Job loss, the belief no one will be harmed, or payback are common rationalizations.

Opportunity

The opportunity leg of the fraud triangle are the circumstances that allow fraud to occur within an organization. This is the component that companies have the most control over. Effective internal controls along with comprehensive policies and procedures help reduce the opportunity for a fraudster to succeed.

Five Fraud Risks Specific to NFPs

Nonprofit organizations often face unique fraud risks that can jeopardize their mission and erode donor trust. By being aware of these risks and taking proactive measures, organizations can mitigate these risks and ensure their integrity and sustainability.

1. Belief that Fraud Won’t Happen Here

Managers sometimes believe so strongly in an organization’s mission that they are blind to the idea that someone may commit fraud against them. This can lead to relaxed financial safeguards and procedures. Management must remember that they set the tone for the rest of the organization. If they are relaxed around safeguards, so will all the employees and volunteers.  

2. Low Rate of Fraud Awareness Training

NFPs have the lowest implementation rate of fraud awareness training, per the Association of Certified Fraud Examiners (ACFE). Couple this with the fact that many smaller NFPs have volunteers in key roles without adequate skills, experience, or training and you are creating a recipe for disaster. Training is critical for all volunteers, especially those who play a role in the finance function. Institute mandatory training for your staff and key volunteers and update your training each year to incorporate new information.

2024 AFCE Report to the Nations

3. Non-Reciprocal Transactions

NFPs regularly receive monetary or other in-kind donations without providing anything to the donor in return. The non-reciprocal nature of the transaction makes it easier for an employee or volunteer to steal the donation without the NFP or donor becoming aware. Separation of duties and automated processes can limit the opportunity for this kind of theft.

4. Improper Usage of Donor-Restricted Assets

Assets—cash, property, vehicles—with restrictions have either time or purpose constraints associated with them. These restrictions are set by the donors or funders and must be followed by the organization that accepts the assets. Even restricted funds spent in accordance with the NFP’s mission could lead to legal or public relations issues if they are not used in accordance with the restrictions set by the external party. Using a fund accounting system built for nonprofits simplifies designating and tracking funder intent.

5. Security of Donor Information

NFPs are not exempt from the same expectation of security for sensitive information that for-profit organizations must adhere to. Personal information of staff, donors, and volunteers, including payment information received via credit card, donation form, or a physical check, must be properly secured in both physical and electronic environments. Verify the systems you use—like your fundraising and fund accounting software—adhere to industry standards for security and you have systems in place to follow data retention best practices.

Maintain Trust Through Mitigating Fraud

NFPs have varying missions, ranging from educating the youth to caring for the elderly. One thing no NFP includes in its mission statement is improperly spending donor funds. The trust between donors and NFPs is easily lost when malfeasance occurs. Rebuilding that trust is challenging, so being aware of risks and taking steps today to prevent fraud is the best course of action an NFP can take.

There are a plethora of actions NFPs can take to prevent these and other frauds from occurring at their organization. There are also many simple, cost-effective steps that can help NFPs reduce the risk of fraud on a daily basis. NFPs should discuss with their boards how to budget and implement steps to reduce the risk of fraud in their organizations.

For NFPs that don’t know where to begin, having a conversation with a CPA who is also a Certified Fraud Examiner (CFE) or forensic accountant is a great starting point. The best time to start was yesterday, the second-best time is today.

For more tips and best practices to mitigate fraud at your not-for-profit organization, check out our webinar, Unmasking Fraud in Not-for-Profits: Five Key Risks and Five Preventive Steps. 

Alexander Buchholz and Brian McDonough of PKF O’Connor Davies also contributed to this article.