Monday, October 28, 2013

Reporting Fraud in Non Profit Entities - The Reluctance to Air Dirty Laundry

Dateline Sunday October 27, 2013 Washington Post front page news.
Millions lost by nonprofits with little explanation

Nonprofits are losing millions of dollars from fraud and embezzlement and not reporting the full extent of the losses on required filings with the IRS. Here are some of the additional issues in the article:

- under reporting of the extent of the fraud
- delaying notifying investigators of the fraud

Exempt organizations must file a 990 form every year. This is similar to tax returns that individuals must file. Part IV of the form covers Governing, Management and Disclosure. Question 5 reads as follows:
Did the organization become aware during the year of a significant diversion of the organization's assets? A diversion is considered significant if it exceeds $250,000 or 5% of the organization's receipts or assets. This is the place on the form to report embezzlement and fraud. Since 2008 more than 1,000 organizations disclosed a diversion according to the Post.

One would think that these organizations did not have access to resources, tools or guidelines to detect and prevent employee fraud. A simple Google search found hundreds of guides and documents that identify red flags and checklists for detection and prevention. The sad facts relating to this situation is that these organizations are subsidized by the U.S. Taxpayer. People give generously yo these charitable organizations with the expectation that that there money will go assist those in need. Instead the funds are walking out the door or lining the pockets of the staff and management of the organization.

These frauds such as investment schemes, embezzlements, purchasing fraud follow familiar scenarios occurring in companies and government agencies.

Here are some ideas that NFP's and other organizations should consider:

  1. If you suspect misconduct or wrongdoing by an exempt organization or employee plan Use Form 13909
  2. Embezzled income is taxable to the person who does the embezzling (revenue ruling 61-185, 1961-2 CB 9; revenue ruling 65-254, 1965-2 CB 50; James v. United States, 366 US 213 (1961), Ct. D. 1863). The embezzled amount should be included in the embezzler's gross income in the year of the embezzlement. In addition, the embezzler/employee may be subject to self-employment taxes on the embezzled amount. Since the embezzlement constitutes income to the embezzler, the entity that has suffered the loss should report it to the IRS. Proper reporting of the embezzled income to the IRS will provide the employer with documentation for deducting its loss and also meet the filing requirements of section 6721 and section 6722. It will, in addition, alert the IRS to possible unreported income by the employee. The employer should report the embezzled income on form 1099-MISC as non-employee-compensation. The employer must prepare a form 1099-MISC for each tax year the employee embezzled funds.
  3. Implement an employee fraud awareness program. Every employee is a stakeholder when it comes to due diligence on reporting fraud. By not following up on the mandatory disclosures or not investigating and reporting in a timely manner, the organization is at risk from a business continuity standpoint. Major frauds have a capacity to impact a business or NFP's ability for continued operation.
  4. If a fraud policy does not exist then the organization should develop one. Zero tolerance should be a part of this policy as well as following up on actions against the embezzler/fraudster. These include both legal as well as financial reparations. 
Here is a fraud prevention checklist for NFPs from the ACFE

  1. Is ongoing anti-fraud training provided to all employees of the organization?
    • Do employees understand what constitutes fraud?
    • Have the costs of fraud to the company and everyone in it – including lost profits, adverse publicity, job loss and decreased morale and productivity – been made clear to employees?
    • Do employees know where to seek advice when faced with uncertain ethical decisions, and do they believe that they can speak freely?
    • Has a policy of zero-tolerance for fraud been communicated to employees through words and actions?
  2. Is an effective fraud reporting mechanism in place?
    • Have employees been taught how to communicate concerns about known or potential wrongdoing?
    • Is there an anonymous reporting channel available to employees, such as a third-party hotline?
    • Do employees trust that they can report suspicious activity anonymously and/or confidentially and without fear of reprisal?
    • Has it been made clear to employees that reports of suspicious activity will be promptly and thoroughly evaluated?
  3. To increase employees’ perception of detection, are the following proactive measures taken and publicized to employees?
    • Is possible fraudulent conduct aggressively sought out, rather than dealt with passively?
    • Does the organization send the message that it actively seeks out fraudulent conduct through fraud assessment questioning by auditors?
    • Are surprise fraud audits performed in addition to regularly scheduled fraud audits?
    • Is continuous auditing software used to detect fraud and, if so, has the use of such software been made known throughout the organization?
  4. Is the management climate/tone at the top one of honesty and integrity?
    • Are employees surveyed to determine the extent to which they believe management acts with honesty and integrity?
    • Are performance goals realistic?
    • Have fraud prevention goals been incorporated into the performance measures against which managers are evaluated and which are used to determine performance-related compensation?
    • Has the organization established, implemented and tested a process for oversight of fraud risks by the board of directors or others charged with governance (e.g., the audit committee)?
  5. Are fraud risk assessments performed to proactively identify and mitigate the company’s vulnerabilities to internal and external fraud?
  6. Are strong anti-fraud controls in place and operating effectively, including the following?
    • Proper separation of duties
    • Use of authorizations
    • Physical safeguards
    • Job rotations
    • Mandatory vacations
  7. Does the internal audit department, if one exists, have adequate resources and authority to operate effectively and without undue influence from senior management?
  8. Does the hiring policy include the following (where permitted by law)?
    • Past employment verification
    • Criminal and civil background checks
    • Credit checks
    • Drug screening
    • Education verification
    • References check
  9. Are employee support programs in place to assist employees struggling with addictions, mental/emotional health, family or financial problems?
  10. Is an open-door policy in place that allows employees to speak freely about pressures, providing management the opportunity to alleviate such pressures before they become acute?
  11. Are anonymous surveys conducted to assess employee morale?
For more anti-fraud ideas and resources and training for detecting and preventing fraud visit and