Tag Archives: risk assessment

5 Questions to Help Foster A Strong Internal Control Environment

Employees are one of an organization’s most important assets and it is important to maintain an environment of ethical behavior among employees in order to mitigate fraud.  But how do you create and communicate the importance of ethical behavior? When thinking about mitigating potential fraud and fostering an environment of strong ethics, here are five important questions about your internal control environment to keep in mind:

  • Are employees provided formal written job descriptions?checklist

In addition to clarifying what employees are responsible for, job descriptions signify what employees are not responsible for.  Employees who perform duties outside of their job descriptions represent a significant red flag.  In addition, a lack of clear organizational responsibilities can lead to confusion and frustration for employees.  Organizational charts and job descriptions can be used to clarify organizational responsibilities and help accountability. Accountability will also help set the tone at the top and set the example for employees to follow.

  • Are employees afraid to deliver bad news to supervisors or management?

Management should promote a culture in which employees aren’t afraid to deliver bad news.  After all, the sooner management receives the bad news, the sooner it can respond.  Fear of communication can be dangerous. Organizations should foster an environment of open communication without fear of retribution.

  • Do employees feel they are treated and compensated fairly?

Management should establish appropriate lines of communication with employees (such as surveys, exit interviews, and open-door policies) to assess their attitudes toward the organization.  One of the sides of the fraud triangle is rationalization. You don’t want employees to have a sense of “this company owes me/ doesn’t appreciate me” because that heightens the risk of fraud.

  • Are employees required to take annual vacations?

Requiring employees to take annual vacations can aid an employer in detecting an ongoing fraud scheme because generally the scheme falls apart without the fraudster’s constant manipulation. The employer is more likely to discover a perpetrator running such a scheme when the perpetrator is removed from the scene.

  • Is there a formal policy covering approval authority for financial transactions, such as purchasing or travel?

In order to safeguard assets and financial reporting, companies should develop and implement policies for determining how financial transactions are initiated, authorized, recorded, and reviewed. Consider proper segregation of duties and appropriate levels of authorization. An employee manual and financial policy manuals help to communicate expectations and the importance of following the controls set in place.

For more information on business matters affecting nonprofit organizations, contact Aronson’s Nonprofit & Association Industry Services Group or Brandon Williams at 301.231.6200.


Would A Celebrity Endorsement Help Your Nonprofit?

CelebrityA celebrity endorsement can be extremely persuasive and often bring a surge in popularity to the products, brands, and names that they endorse. Could a celebrity endorsement help your nonprofit to grow and garner support for your mission in the highly competitive market for funding? Celebrities often create interest, harness attention, and provide a differentiating factor to organizations. Celebrities also provide a way for mass appeals to be made to the public.

Venable LLP published an article written by William J. Briggs, II on their website in May 2014 which outlines what a nonprofit must do to obtain a celebrity endorsement, use a photograph of a celebrity who attended an event, issues of concern, steps that should be taken to protect your nonprofit, and what to do if a misappropriation of name or likeness claim is made against your organization. To summarize:

  1. What must a nonprofit do to obtain a celebrity endorsement?

This is the most important step. It is vital that the nonprofit obtain the celebrity’s permission and authorization to use the celebrity’s name and/or likeness to benefit the nonprofit. A nonprofit can be held liable for use of the celebrity’s name or likeness if proper authorization and permission from the celebrity was not obtained. The article states, “In the context of a nonprofit organization, the right to control the use of the celebrity’s identity is a critical factor, because the celebrity may not support the nonprofit’s particular cause”. Lack of a celebrity’s permission and authorization may lead to a similar scenario that played out in the 1996 Abdul-Jabbar v. General Motors Corp. case.

Nonprofits may approach the manager, agent, or publicist of the celebrity in order to understand what causes the celebrity is passionate toward. The goal of the nonprofit is to match a celebrity that shares the interest and passions similar to the nonprofits goals and mission. The nonprofit should then seek to inform the celebrity about the nonprofit’s mission. If, on the celebrity’s part, interest is shown then requesting the celebrity’s endorsement and/or promotion can be easy. Your nonprofit should obtain written consent from the celebrity to use their name, image, and/or likeness for the nonprofits benefit.


  1. Can a Nonprofit Use the Photograph of a Celebrity who Attended Its Event?

As a general rule, according to Venable LLP, “an organization should never use a celebrity’s name or photograph to advertise or promote the organization without the express permission of the celebrity”. On the other hand, nonprofits often use photos of celebrities posing with other attendees in their reports on the success of the events. There is not any law that provides the celebrity any rights to stop the nonprofit’s reporting of the event or the celebrities attendance. William J. Briggs II states in Venable LLP’s article that “while this narrow protection exists for news reporting, it is nonetheless a good idea to obtain consent of the celebrity in the photograph before it is published, particularly if it can be argued that the nonprofit’s use is an advertisement or promotion”.


  1. Issues of Concern

A number of concerns were presented, however, the following items we consider to be a little more important:

  1. Engagement of celebrities who demand extravagant gifts for their endorsements such as limousine transportation, free admission for friends and family, etc.
  2. Use of a celebrity’s comments or statements
  3. Use of a celebrity impersonator
  4. Use of a celebrity interview


  1. What Steps Should You Take to Protect Your Organization?

Adopt a comprehensive celebrity endorsement policy. The policy should clearly outline who the nonprofit’s representation will be in contacting a celebrity’s manager, agent, or publicist or even the celebrity. That same representative from the nonprofit should also obtain the necessary written approval from the celebrity as well as the release of his or her name, image, likeness, and/or voice. The policy should outline the nonprofit’s stance on the use of photographs of celebrities – ideally only photographs including clearly written permission on file should be used unless the photo can be plainly tied to a news report and is not used for promoting the nonprofit in any way.


  1. What Steps Should You Take to Protect Your Organization?

If any type of claim is received from a celebrity, the nonprofit should immediately respond even if the nonprofit believes that it is acting within the law and use was permissible. Obtain legal counsel and ensure that the nonprofit retains all documentation that shows the alleged misappropriation. Immediately provide written notification to insurance carriers. A crucial mistake of any nonprofit when facing such circumstances is to begin negotiating with the celebrity’s representation without first obtaining the advice of an attorney. Seek legal counsel before any negotiations begin concerning the right of publicity and misappropriation of name or likeness.

The entire Venable LLP article written by William J. Briggs, II can be found on Venable LLP’s website at http://www.venable.com/nonprofits-and-celebrity-endorsements-common-legal-pitfalls-and-practical-tips-05-06-2014/

Warning Signs Fraud May Be On The Way

money on the clotheslineThe means by which employees intentionally steal or perpetrate fraud is growing immensely especially with recent advances in technology. An important question for all companies and nonprofits (especially the latter) to ask themselves is whether their security and management oversight is keeping up with the changing game of fraud perpetrators. Looking for the warning signs of fraud is a key component of any organization’s fraud risk assessment.

A few quick facts will help to setup the warning signs that fraud may be on its way to your Organization. The Association of Certified Fraud Examiners’ (ACFE) Report to the Nations on Occupational Fraud and Abuse – 2014 Global Fraud Study states that 1,445 of the 1,483 cases studied included information regarding the total dollar amount lost to fraud. The median loss from fraud was $145,000. The same report also claims that asset misappropriation is the most commonly used means of committing fraud. Additionally, the report claims that nonprofit entities make up roughly 11% of the population studied. What should be pointed out concerning nonprofits is that there has been a steady climb in frequency fraud has been committed. The study states that employees accounted for roughly 42% of occupational fraud, while managers accounted for approximately 36% and owners/executives claim the remaining 19%.

It is surprising to read (in the ACFE 2014 Global Fraud Study referenced above) that only 5% of the perpetrators studied had been previously convicted of committing fraud. That means that a lack of fraud related offenses does not always provide peace of mind.

The listing below includes a few of the behavioral red flags and portrays the rough distribution of behavioral red flags according to the Behavioral Red Flags Displayed by Perpetrators graph found in Figure 71 taken directly from page 59 of the ACFE Report to the Nations on Occupational Fraud and Abuse – 2014 Global Fraud Study:

Living Beyond Means             44%
Financial Difficulties             33%
Unusually Close Association w/ Vendor/Customer             22%
Control Issues, Unwillingness to Share Duties             21%
Complained About Lack of Authority               7%
Excessive Family/Peer Pressure for Success               6%
Instability in Life Circumstances               6%
Past Legal Problems               6%


Further analysis was performed in order to gain insight into how the perpetrator’s position within the organization affects red flags. The idea was to obtain an understanding of how motivations and/or pressures that vary from level to level in organizations lead to fraud. The results are as expected and consistent with the distribution of the behavioral red flags by perpetrators (shown above) however the owners/executives and managers categories had a higher rate of living beyond means than did employees. Additionally, the employees category won the financial difficulties red flag by showing a rate of roughly 40% as compared to the next highest category (managers) showing a rate of roughly 28%. In order to see the chart from the ACFE’s 2014 Report to Nations, click here and navigate to page 60 where you will find “Figure 72: Behavioral Red Flags Based on Position”.

The study also found that those individuals who committed financial statement related fraud tended to be under extreme pressure compared to those who committed fraud through asset misappropriation or corruption. Alternatively, there was a correlation found between those individuals that exhibited abnormally close relationships with a customer and/or vendor and those perpetrators that committed fraud through corruption. In order to see the entire chart from the ACFE’s 2014 Report to Nations, click here and navigate to page 61 where you will find “Figure 73: Behavioral Red Flags Based on Scheme Type”.

Lastly, gender roles were found to have played a surprising role. The results show that men are less likely than women to commit fraud while under duress from financial related difficulties, family problems such as divorce, and showing signs if instability in the individual’s personal circumstances. On the other hand, men did show a higher likelihood to display “wheeler-dealer” attitudes and abnormally close relationships with customers and vendors which correlate more with financial statement and corruption fraud. Women also tended to engage in corruption and financial statement schemes at a lower rate than men.

Another great resource “Ten Early Warning Signs of Fraud in Organizations” published by ITBusinessEdge.com can be found by clicking here.

The entire Report to the Nations on Occupational Fraud and Abuse – 2014 Global Fraud Study published by the Association of Certified Examiners can be found by clicking here or using the following URL: http://www.acfe.com/rttn/docs/2014-report-to-nations.pdf

Specific findings in the Report to the Nations on Occupational Fraud and Abuse – 2014 Global Fraud Study that were not discussed but should be noted include:

  •             Anti-Fraud Controls at the Victim Organization (page 31 of the report)
  •             Effectiveness of Controls (page 38 of the report)
  •             Control Weaknesses That Contributed to Fraud (page 39 of the report)
  •             Fraud Prevention Checklist (page 76 and 77 of the report)

Resources used in summary above:

1)      Report to the Nations on Occupational Fraud and Abuse – 2014 Global Fraud Studypublished by the Association of Certified Examiners, http://www.acfe.com/rttn/docs/2014-report-to-nations.pdf

Fraud Perpetrators

There are two main reasons employees commit fraud.  One because they can and two, their situation has changed and they need money. The first type of employee is the worst –  those that commit fraud because they can, whether it is stealing money from the organization or falsifying accounting records to make themselves look better.  The second type of employee takes the money planning on paying it back, because they feel it is the only way to get out of the situation they are in.  They may need the money to pay crushing debt, medical bills, etc.  These employees don’t have malicious intent, but are still committing fraud.

Real world examples: A controller hired an incompetent accounting staff and was using them to pay himself more than approved.  He would use them to pass through fraudulent invoices and cut checks that would end up in his pocket.   This could have easily been prevented if competent staff had been hired and someone was supervising what the controller was doing. In another example, an employee who had been with the organization for many years came into a bad financial situation. In order to get money, she set up a fake company with a similar name to an actual current vendor. She would use real invoices from the actual vendor to make payments via credit card to the fake vendor.  This was found after the real vendor called to ask why the client was delinquent on their bills.

A few examples of schemes from the ACFE 2014 Report to the Nations:

Billing – A fraudulent disbursement scheme in which a person causes his or her employer to issue a payment by submitting invoices for fictitious goods or services, inflated invoices or invoices for personal purchases (e.g., employee creates a shell company and bills employer for services not actually rendered; employee purchases personal items and submits an invoice to employer for payment)

Check tampering – A fraudulent disbursement scheme in which a person steals his or her employer’s funds by intercepting, forging or altering a check drawn on one of the organization’s bank accounts (e.g. employee steals blank company checks and makes them out to himself or an accomplice; employee steals an outgoing check to a vendor and deposits it into his or her own bank account)

Once you have discovered or suspect fraud, what do you do? First take a deep breath and exhale. It’s not the end of the world and you aren’t alone. Even if you have done everything to try and prevent fraud, there is no 100% prevention guarantee.  Second, either contact your auditors or conduct a review yourself to ensure all instances of related fraud have been found.  Third, if possible press charges against the employee so that you can try to recoup what was lost if they were stealing, as well as send the message that fraud will not be tolerated within your organization. Lastly, review how it happened and see if you can strengthen your controls to prevent it from happening again in the future.

Fraud and Basic Prevention

Per Dictionary.com, fraud is defined as deceit, trickery, sharp practice, or breach of confidence, perpetrated for profit or to gain some unfair or dishonest advantage.   Fraud as it relates to accounting is the intentional misrepresentation or alteration of accounting records or the misappropriation of assets.  Fraud occurs when an invoice is booked in the wrong period to make the financials look better.  Fraud is writing an unauthorized check to yourself.  Fraud is charging personal expenses on a corporate card and not reimbursing the organization for them. According to the 2014 Report to the Nations on Occupational Fraud and Abuse published by the Association of Certified Fraud Examiners (ACFE), 85% of the fraud committed during their two year study was asset misappropriation with a median loss of $130,000 per case. Per the same study, the most common type of asset misappropriation was in billing at 23.3% of the cases.  The most costly type per case was check tampering with a median fraud of $120,000, this only occurred 10.9% of the time.

Now that you know what fraud is, how do you protect your organization from it?  The first thing is to ensure you have a competent staff.  Why is this important? Without employees that know what they are doing someone could easily perpetrate fraud and hide it, or coerce the staff to commit the fraud for them because they don’t know any better. You should also conduct background checks on employees who will be handling financial assets before you hire them.

Secondly, encourage strong internal controls.  Determining the controls to set in place and creating formal policies are important, but actually implementing them and checking that they work is more important.  An accounting manual is worthless if the processes aren’t followed.  Good controls involve management properly supervising and reviewing the work of staff.  Proper controls can be set up in organizations of any size. If you need help, contact your auditor. They will be able to give you tips and suggestions for strengthening your controls. A good control to have in place is a tip hotline. Per the Report to the Nations, 42.2% of cases are discovered by tip.

Lastly, you need to ensure all employees are taking vacations.  How does this help prevent fraud?  Employees who never take vacations could be conducting frauds that would be easy to uncover if someone else were to take over their duties for a short time.  An example of this would be if the employee took the funds from Customer A, and deposited them into the employee’s private account.  Now to cover this up the employee uses funds from Customer B to pay Customer A’s balance and so on and so forth.  The employee keeps doing this, and maybe they plan on paying the funds back one day but that day never materializes.  If this employee were to take a vacation and someone else were in charge of mailing out invoices and late notices, they would potential find the scheme when Customer B receives a late notice and calls to complain saying they paid it.

View Archives

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 12 other subscribers

Latest Webinar Videos