Fraud happens. We know it does. According to the Association of Certified Fraud Examiners’ (ACFE) 2012 report to the nations on occupational fraud and abuse, a typical organization loses 5% of its annual revenue to fraud. The median loss in the study was reported to be $140,000 and continues 18 months before being detected.
Despite their honorable missions and dedication to helping others, nonprofit organizations are not immune to occupational fraud. The good news is that many fraud incidents are preventable. While few organizations can be Fort Knox, there are some concrete precautions every nonprofit can take to reduce the risks.
Read on for some tips your nonprofit can take to reduce your risk. Want more?
Download our complete Fraud E-Book here. This paper delivers – it’s jam packed with practical strategies, precautions, and leadership methods organizations can use to protect themselves.
Securing the Perimeter
Fraud is a possibility at gateways and checkpoints where sensitive information changes hands.
- Automate all donor or member payments to protect credit card transactions.
- Create controls for checks and ACH payments to vendors.
- Establish organization-wide rules for communicating and storing sensitive information.
- Develop a system for investigating irregularities.
Walking the Talk
Ensure that leadership and staff promote a clear message about ethics in the workplace.
- Create an audit committee to review procedures and irregularities.
- Conduct an SSAE audit in addition to a financial audit.
- Set up a fraud tip line for employees and volunteers to make anonymous reports.
- Require background checks for key personnel, broad members and volunteers who have access to sensitive information.
- Educate employees and volunteers about what fraud looks like.
- Protect employees with need-to-know silos restricting access to sensitive information only to those who need it.
Checking the Locks
Protect precious assets such as donor and member information with industry recognized cyber deadbolts.
- Secure your network with antivirus software.
- Create rules for user IDs and passwords.
- Achieve PCI Compliance – mandatory for any organization that handles online credit card transactions.
- Secure personal information through TRUSTe or a similar privacy resource.
- Protect transactions on your website with SSL technology.
Find more information on how you can safeguard your most important data here.