Simple internal fraud testing procedures that won't break the bank

In spite of all the attention that fraud has received over the last ten years, it still exists. Not-for-profit organizations appear to be among the most vulnerable. According to the 2014 Association of Certified Fraud Examiners (ACFE) Global Fraud Survey, the median loss caused by fraud in not-for-profit organizations totaled $108,000.

Not-for-profit organizations are particularly susceptible to fraud due to a number of factors: they operate in an environment of trust, employees may be paid less than their for-profit counterparts, they have limited resources and greater employee turnover, they receive donor contributions (as opposed to selling a product), and they use volunteers for many of their programs and special events.

The most effective way to address and limit fraud losses is to prevent fraud from occurring in the first place. Beyond ensuring that there are effective internal controls in place, we recommend that not-for-profit organizations develop an organization-wide fraud risk policy.

In addition to addressing fraud prevention, detection, and recourse, your fraud risk policy should include some self-monitoring internal control procedures. While resources are at a premium, there are some simple tests you can perform internally. They are as easy as exporting data from your accounting system or a third-party report to an Excel spreadsheet, and then using Excel formula functions.

Here are some easy-to-implement internal fraud testing procedures that won’t break the bank.

Operating account check register

  • Subtotal vendor checks. The amount paid to a particular vendor may appear much greater than you expect.
  • Review the list for vendors you do not recognize or that are questionable.
  • Look for checks that are paid outside of the standard work week or normal disbursement period. The Excel formula to use is “=weekday ([cell with date].”
  • Look for checks written to “cash” by simply using the find feature.
  • Scan check numbers to identify any gaps in check sequence.

Payroll check register (can be requested from your payroll service provider)

  • Subtotal by amount. Are amounts reasonable?
  • Subtotal by count. Check the total number of checks and compare to the number of employees.
  • Sort by name to check whether an employee has been paid more than the standard number of pay periods.
  • Review names of employees for those you may not recognize.
  • Use subtotal count functions and look for bank accounts that show up more than once.

Journal entries

  • Sort journal entries by date, giving special attention to entries made at month- or year-end.
  • Scan the journal entries for unusual activity.
  • Be mindful of standard recurring entries, which are typically automated and posted directly to the general ledger by a subsidiary ledger (i.e., accounts receivable and accounts payable). Also pay attention to non-standard entries. These are generally made manually for period-end closing or for adjusting accruals and estimates.

It is not necessary to perform these procedures every month, but your organization’s fraud risk policy should indicate the frequency.

The primary purpose of these procedures is to identify unusual and potentially fraudulent activity. In addition, making the fraud risk policy available to all employees acts as a deterrent, and thus poses less opportunity for fraudulent activity. These procedures may also identify errors and inefficiencies, giving you the opportunity to correct them so you can improve your organization’s overall financial reporting.

When it comes to fraud, the important thing is not to assume that it will not take place in your organization. No entity is immune. Not-for-profit organizations need to remain vigilant by identifying and understanding their risks. Proper internal controls and oversight are necessary and will provide peace of mind to management and those charged with governance that if fraud exists, it will be discovered quickly.

Maxine G. Romano can be reached at Email or 215.441.4600.

Subscribe to Kreischer Miller's email newsletter

You may also like: