Avoiding employee theft. How vulnerable is your nonprofit?

Oh no! We've been robbed!

Another news release about significant employee theft at a nonprofit rolled across my desk. When a quick internet search on embezzlement at nonprofits turned up a myriad of cases, I thought it would be helpful to talk to an expert in the field.

So I turned to Michael Santocki, Esq, Managing Director of the Management and Professional Risk Group at Crystal & Company, described as a “ leading strategic risk and insurance advisor.” Michael told me they were known as one of the top  insurance brokers for nonprofits in the US.

An attorney by trade, Michael has been in the insurance business for 20 years. We had a long discussion about many aspects of risk management at nonprofits. I’ll share some of his insights on other matters in a future post.

GG: What can you tell me about employee theft at nonprofits?

MS: Employee theft is one of the most common areas of risk for nonprofits. Unfortunately, nonprofits don’t always have the level of controls that many private companies have.

According to a 2014 report by the Association of Certified Fraud Examiners*, Nonprofits across the US lose approximately 5% of annual revenues to fraud.

GG: Could you tell me some of the ways this happens.

MS: Unfortunately, there are lots of ways this can happen.  Bookkeepers often create dummy invoices, ghost vendors or kickback schemes.

Take kickback schemes. In this case, an employee at the nonprofit works out a deal with the vendor. Let’s say the employee orders supplies, say 100 of some item. The vendor only ships 80 of that item and then kickbacks part of its profit to the employee on the 20 items that were not shipped. While the amount might be small, this type of theft adds up over time if it’s never caught.

Other types of employee theft are very innovative. For example, the office is being renovated so the employee slips in their own bills for renovation supplies for their own property.  An employee can prepare dummy invoices, where the check is then written to themselves and then fudged later. This happened at Roman Catholic Diocese in NYC where a long-time, trusted employee in the accounting department, who was obsessed with purchasing expensive Madame Alexander dolls, was arrested in 2012 for embezzling more than $1 million over seven years.

GG: So what can an organization do to protect itself?

M.S. While criminal background checks are important, unfortunately, about 87%* of fraudsters have never been charged with a prior offense and that holds for both for profit and nonprofit organizations.

Nonprofit organizations need to be vigilant and take preventative measures to minimize the risk of theft or catch it early.

It is pretty hard to spot an executive director engaged in this type of activity. Never let one person be in charge of everything.

For example, make sure that you segregate duties for the folks paying bills and those handling money, have surprise audits, make sure that you have counter signatures on checks, and conduct fraud training for your employees.

Often the way many organizations catch the thief is to make the employee take vacation and then someone takes look at their work.

Know your employees. Keep an eye out when something seems out of line… be astute about suspected changes. Have a confidential hotline for employees to report suspicious activity within your organization.

GG: What if a theft happens anyway?

M.S. The good news is that an organization can transfer the risk by buying an insurance policy. For example, a crime insurance policy covers theft such as forgeries, alteration, counterfeit, burglary or robbery. Most mid-sized nonprofits could generally buy a policy for around $5000 for comprehensive coverage. A tiny organization could buy one for a few hundred dollars.

GG: Thank you Michael for opening my eyes to this uncomfortable world of employee theft. But both boards and executive directors need to be aware that not only can this happen, that it does with some regularity, even in our nonprofit sector. Be prepared.

*2014  Association of Certified Fraud Examiners: http://www.acfe.com/rttn/docs/2014-report-to-nations.pdf

Gayle will share other advice she received from Michael in a later post.

Leave a reply

Basic HTML is allowed. Your email address will not be published.