Building upon various fraud models and based upon its own investigative experience, BDO Consulting (BDOC) – a division of BDO USA, LLP – has identified certain conditions that often create a fertile environment for fraud and negatively impact the audit committee’s ability to oversee management’s anti-fraud initiatives. Such conditions include:
- Lack of awareness of fraud risk factors and warning signs
- Inadequate control activities to mitigate identified fraud risk
- Inadequate screening practices (for employees, vendors, customers and/or siness partners)
- Insufficient understanding of ethical duties at all levels
- Ineffective mechanisms for reporting and investigating fraud
- Ineffective board and audit committee oversight
Fraud continues to be a hot topic and a focus in the area of risk management for organizations and particularly those charged with governance.
BDOC’s Fraud Prevention Program11 is based upon the belief that the effectiveness of board and audit committee oversight is a key element in significantly reducing the risk of fraud at an organization and increasing the likelihood that, if fraud does occur, it will be detected at an early stage. To achieve this, audit committees may consider employing the following best practices:
12
- Understand significant fraud risks that the organization’s business is facing via fraud risk assessment and education
- Understand the programs and controls that management has developed for managing fraud risks, including relevant policies and procedures
- Develop alternative sources of information about what is happening in the organization with respect to fraud risks
- Seek supporting documentation and be willing to ask difficult questions
- Have mechanisms in place for both reporting (e.g., “whistle-blower hotlines”) and conducting independent investigations of fraud
- Independently assess and monitor the effectiveness of those mechanisms
Audit committees should be aware of the motivations that can cause personnel to commit financial statement fraud at nonprofit organizations. Many of the reasons are similar to any other entity. However, the following items are unique situations found only at nonprofit organizations.
Reason: To meet fundraising goals
Many nonprofit organizations have set fundraising goals and the desire to show that these goals have been met can be an impetus to commit fraud to make it appear as if the goals have been met. This is often desirable so that an organization can receive matching grants that will only be provided by the donor if the organization reaches a specific goal first.
Reason: To show donor restrictions being met and grant terms complied with
Nonprofit organizations are required to meet the donor restrictions placed on funds they receive and ensure that all grant terms, both federal and nonfederal, have been complied with. The failure to meet the required restrictions may mean an organization cannot report the amounts as revenue in the financial statements as well as the possibility that they may have to return the funds to the grantor. Failure to comply with grant terms can result in findings in the reports and return of the funds.
Reason: To show more expenses as program versus supporting activities
An organization may be subject to the requirement to maintain certain program versus supporting service ratios, so they may commit financial fraud to record expenses in the program service category, although they may not qualify, in order to show that they have satisfied these ratios. In addition, an organization with a larger ratio of program expenses to supporting services is viewed more favorably in the eyes of donors and the organization may want to raise more funds, so they want to report better expense ratios.
Reason: Make the organization appear less financially rich
At times, organizations may be deemed to be “too rich” by donors if they show large net assets. This will cause donors to decide not to donate funds to the organization since they appear not to need the funds. This can lead to financial statement fraud where revenues are understated in order for the organization to show its needs better.
Reason: Misclassify expenses to reduce any unrelated business income
Certain organizations may conduct activities that result in unrelated business income and incur a tax. The misclassification of expenses to the activity can make it seem that no net revenue was generated and no taxes are necessary.
These are all examples that are unique to the nonprofit industry that should be considered by the audit committee when it is considering the risk of fraud at the organization.
(9) Refer to the AICPA Auditing Standards (SAS) Codification – Post Clarity AU-C Section 240 “Consideration of Fraud in a Financial Statement Audit,” which is available on the AICPA website.
(10) Refer to “The Fraud Diamond: Considering the Four Elements of Fraud,” an article by David Wolfe and Dana Hermanson published in the CPA Journal (December 2004) and available at: http://www.nysscpa.org/cpajournal/2004/1204/essentials/p38.htm.
(11) For further information on BDOC’s Fraud Prevention Program or BDOC’s Investigations & Compliance and Risk Advisory Practices visit: https://www.bdo.com/services/business-financial-advisory.
(12) Refer to further guidance contained within the AICPA’s “Management Override of Internal Controls: The Achilles Heel of Fraud Prevention” available at: http://www.aicpa.org/ForThePublic/AuditCommitteeEffectiveness/DownloadableDocuments/achilles_heel.pdf.