Financial corruption is a specter that haunts every sector of the working world. However, nonprofits are not only at great risk of falling victim to fraud, but they suffer the most from its consequences.
After all, nonprofits are mission-driven, faith-based, and rely heavily on grants and donations. A financial corruption scandal can completely dry up goodwill, making it impossible to retain donors and acquire future support in the form of volunteering, corporate sponsorship programs, or other reputation-driven engagements.
Yet, as frightening as fraud may seem, you don’t have to curl up into a corner and wait for the inevitable. There are options available to you to not only prevent fraud, but efficiently deal with these situations if and when they occur.
Over the course of this short guide, we will break down the following essential techniques to quickly and effectively maneuver around financial and data corruption:
Employee and Volunteer Training
Internal Oversight
Secure Payment Technologies
Fraud is a complicated reality for any professional to tackle, especially for those working in a sector that relies so heavily on good faith and digital transactions. When your donors decide to give, they shouldn’t have to worry about providing financial details in your forms. However, with the following preventive measures, you should be able to brave these attacks with complete confidence.
1. Employee and Volunteer Training
If fraud does occur within your organization, the sad truth is that much of the time it will be a betrayal of trust from one of your employees. Sometimes these transgressions will be intentional, and other times entirely unconscious, but all the same they can often be linked to staff. That being said, your best resource to manage organizational purity and keep clean books are those very same staff members.
This may sound like a paradox, but the reality is that there are few greater drains on your organization’s time and resources than burdening a small circle of upper management with fraud detection. For the most part, your team is a dedicated and passionate group of individuals working towards the same goal.
By providing anti-fraud training to all of your employees, you spread financial responsibility to corners of your organization that you never would have been able to effectively manage.
Here are some of the essential anti-fraud employee training tools and resources that you should consider implementing:
A learning series. In order for your team to effectively deal with fraud, you need to be able to recognize it. Educate current and incoming employees on common types of scams that they may come across, such as embezzlement, fund misappropriation, and vendor schemes. These courses will not only tighten up your financial defenses, but they can be used as an opportunity to engage your employees and create a sense of team solidarity.
A fraud protection manual. Draft up a dedicated resource for employees to regularly turn back to if they ever have questions or need further clarification on what constitutes fraud. This guide should also include a clear plan of reportage and a point of contact for staff to follow if they do encounter fraudulent activities.
An audit committee. In the event of fraud, a team of dedicated staff must already be organized to address the issue. This committee should comprise professionals across multiple departments, eliminating the potential for corruption. Additionally, they should undergo extensive coaching to understand how to confidently, quickly shut down the scam and minimize any bad press that might arise.
We also encourage you to set up a similar system for volunteers. Many nonprofits tend to be laxer on training and managing their volunteers because these helpers are unpaid and the organization is eager to raise volunteer recruitment rates.
While it may seem inconvenient, these programs should be common practice for anyone that is granted organizational access higher than a common member of the public. Of course, this is especially important for volunteers who join special committees or become involved in financial management.
Your staff is your first line of defense against fraud. Your own attempts to individually police fraudulent activity will never outperform their readily available support.
2. Internal Oversight
No amount of bad intentions can facilitate a successful fraud scheme—the scam can only occur if the opportunity is present. Disorganization and poor account management provide that opportunity. This is part of what makes nonprofits more susceptible to fraud than corporations.
After all, while profit-driven entities are more centralized and closely managed, nonprofits tend to be run with a bit less oversight and far more trust. There is a natural assumption that everyone involved with the organization is concerned with the mission, rather than their own self-interests.
While this trust and solidarity are essential, there shouldn’t be large gaps in your operations that lend themselves to potential exploitation.
We recommend some of the following strategies to tighten internal oversight and safeguard your finances from opportunistic corruption:
Pay attention to your tax returns. This may seem like a no-brainer, but too many nonprofits have prolonged the lifecycle of a scam by not reviewing their tax statements. Treat these tax reportings as a diagnostic of your financial health and retain an account team that will be able to recognize the symptoms of fraud.
Minimize individual management. Even the most trusted employee shouldn’t be managing significant financial data alone. On the other hand, you shouldn’t be giving out data permissions to just anyone, as sharing a blanket of access to financial accounts also poses a risk to security. The solution is to make sure that you have multiple, dedicated team members trained in handling financial data who can hold one another accountable and more efficiently monitor your finances.
Leverage your technology. You don’t have to completely rely on manual oversight. For one thing, you can invest in special applications to help you manage data, track finances, and delegate tasks. The iATS Payments buyer’s guide to Salesforce apps provides a list of tools and solutions that can help protect the data of Salesforce users. It’s also a good idea to optimize your nonprofit website to more effectively manage backend operations.
For the most part, fraud is a crime of opportunity. With these operational management techniques, you eliminate the major safety gaps that might catch the attention of a would-be fraudster.
3. Secure Payment Technologies
If your own human approaches to fraud prevention aren’t enough, strengthening your payment system itself is a good back-up against various kinds of schemes. In fact, some types of fraud are specifically facilitated by a weak payment processor security, such as phishing, pagejacking, and merchant identity theft.
To maximize the security of your payment system, we suggest that you opt for a dedicated payment processor, rather than an aggregate system. This ensures that your payment processing is carried out through a closed channel, rather than a third-party platform running payments concurrently with thousands of other clients.
Additionally, you should be mindful of the following key safety features when assessing your own payment technology:
Dedicated anti-fraud processes. Rather than just assessing the general security of a processor, look for features that are specifically built for fraud prevention. This iATS Payments article on donation page best practices goes into a bit more depth on ideal features for donation processing, such as BIN and CVV2 verification.
Tokenization and encryption. These encoding systems disguise precious financial data, rendering them unreadable to fraudsters, black hat hackers, and malware programs.
PCI compliance. This is a system security certification that must be officially verified and administered by the Payment Card Industry Security Standards Council. This is as close to a guarantee of security that is possible, according to the highest standards of the credit card industry.
There are some scams that could slip past even the most prudent team of nonprofit professionals. However, your first line of defense shouldn’t be your only defense—these technical safeguards can help to repel thieves and end many scams before they even begin.
The possibility of fraud is a chilling prospect, but it doesn’t have to be a boogeyman that stops organizational operations in their tracks. When or if fraud takes place, you will now be able to minimize its scope and effectively take action.
These measures should not only put you more at ease, but allow your entire team to capably navigate your financial operations with more grace and precision than ever before.