For organizations that are doing good, there has been a lot of bad being reported lately. I’m not talking about the political version of controversy like the recent Komen/Planned Parenthood dust-up. I’m talking about old fashioned criminal activity, people stealing from nonprofit organizations. I don’t think insider theft at nonprofit organizations is any more common than it is at other types of organizations but nor is it any less prevalent. However, the results of such thefts are perhaps more damaging because in addition to the damage that any specific organization may suffer as a result of thievery, the overall sector suffers from the incremental loss of trust that potential donors experience.
What brings this to mind was the recent scandal involving a clerk at the Archdiocese of New York who has been accused of stealing more than $1,000,000 over seven years by writing hundreds of checks for modest amounts to an account she owned and then falsified the records of where those checks went.
It seems from the outside that there were at least 4 internal procedures that could have prevented this from happening, or at least stopped it early on.
Background Checks: I know we are all doing good and committed to our nonprofit causes but the reality is that you have various levels of liability if you do not conduct some basic background checks on your staff and new hires. This is especially true if your organization does any work with children or victims of abuse. The Archdiocese did implement background checks but did not require checks of staff that were already in place, such as the accused in this instance. Had they checked her background they would have learned that she had been previously convicted of stealing more than $50,000 from a previous employer (a felony) as well as a previous misdemeanor conviction for a similar charge.
Signing Authority: The accused in the case was authorized to sign checks up to $2500 without anyone else’s approval! I recently spoke to the Executive Director of a local nonprofit with a multimillion dollar budget and she told me that only recently was she authorized to sign checks up to $1000 without a co-signature. Why a clerk was given this authority seems a mystery.
Opening the Checking Statements: When I was the Executive Director of a local nonprofit I was handed the unopened checking statements each month to ensure that I was the first person to review what was inside. At first I thought it silly that I had to go through each check in the statement, but soon realized that this simple procedure assured that I would be able to catch exactly this type of fraud. At the time I needed a co-signature on any check over $500 so while I might have been able to conduct some minor transactions, the finance director would have seen it… could we have been in cohoots and perpetrated a fraud? Perhaps, but much less likely.
Audits: It is possible that an auditor could have missed this if they had somehow managed to not look at those specific transactions. Buried in the belly of a much larger institution, the Archdiocese did eventually impose updated procedures in this department and auditors did find this fraud in December, though seven years and a million dollars too late.
It is not just lowly clerks who take advantage of the sometimes lax controls at nonprofits. The former administrative director of the Albert Ellis Institute, a nonprofit psychotherapy organization in New York is accused of stealing more than $2,500,000 through a series of more than 80 wire transfers. In the words of Manhattan district attorney Cyrus Vance Jr., “Thefts from nonprofits divert funds meant to support the goals and missions of the organizations, and erode the trust of donors and volunteers.”
You do not want to be a Board member answering the press inquiries as to how such a thing could have happened at your favorite charity. Make sure your organization has procedures documenting how money moves and also documents how the staff complies with those rules. If you already have an independent auditor for your organization they can help assess your procedures and propose improvements.
Why the Archdiocese took so long to implement these procedures, is a mystery. Are you involved in nonprofits in some way? Are you on a Board? Do you know if you have the correct procedures?