Three recent news stories illustrate an uncomfortable truth: Theft and fraud happen — even in nonprofit, faith-based organizations. Separate incidents in New York and Philadelphia have involved trusted employees who embezzled about $1 million each. And a Florida bookkeeper recently stole $1.5 million from clients that included a domestic violence shelter and a food ministry.
In my 40 years as the “numbers man” for an international missionary group, a large accounting firm, and a Christian college and seminary, I’ve known a few board members who believe that when it comes to mishandling funds, “Our people would never do such a thing.” They take comfort in knowing that they have experts on their boards with the oversight skills to prevent improprieties, or to spot and squash them before they happen. These board members gladly relinquish their responsibility for oversight. “Leave it to the experts,” they say.
But that’s a cop-out. Fiduciary oversight is required of all board members, and we can’t delegate it solely to colleagues trained in financial matters.
That doesn’t mean theological school trustees should feel obligated to scrutinize every minuscule transaction that the business office handles. “That’s the job of the paid professional staff,” says attorney Jeffrey S. Tenenbaum, chair of the Nonprofit Organizations Practice Group at Venable LLP in Washington, D.C. The board member’s job, Tenenbaum says, is to make “reasonable inquiry, as an ordinarily prudent person in a like position would do under similar circumstances.” He reminds us that the “‘business judgment rule’ protects officers and directors from personal liability for actions made in poor judgment as long as there is a reasonable basis to indicate that the action was undertaken with due care and in good faith.”
But what is “due care”?
One strategy to help board members act responsibly is to offer them ongoing training in financial matters. A good starting point is an open discussion at the board level about organizational risk management. Likely participants in such a conversation are board members, the chief financial officer, a representative from the auditing firm, and the organization’s legal counsel.
“The board should take a holistic view of risk management,” recommends Dan Busby, president of the Evangelical Council for Financial Accountability. “Fraud is just one of the elements of risk management, and it may even be low on the list of risks.”
But because fraud can dramatically damage an organization’s reputation, credibility, and solvency, it is a topic the entire board should review annually and a board committee should address quarterly. Busby suggests that the CFO initiate the discussion by identifying the top two or three fraud risks the organization faces and explaining the strategies in place to reduce those risks. The temptation is to look primarily at the income side of the ledger — donations, sales, and portfolio investments, for example — but the embezzlers in New York and Philadelphia both defrauded their organizations through illegal disbursements. Essentially they were writing checks to themselves, not stealing from the offering plate.
Nicholas J. Wallace, an accountant who is national director of higher education services at CapinCrouse LLP in Indianapolis, cites several examples of how fraud can play out in a higher education setting. As in the corporate world, the infractions may include these:
Paying fictitious vendors.
Abusing expense reports.
Putting family members on the payroll to do nonexistent jobs.
Conducting outside business on the organization’s time.
At the center of any attempt to curb fraud are solid board policies that are widely communicated and constantly monitored. The overarching message should be that the institution will not tolerate ethical and policy violations. Preventive measures start with something as simple as a whistleblower system, like a 24-hour hotline for anonymous tips, that is checked regularly and reported to the board’s audit committee, Wallace says.
Busby emphasizes that no one, including board members and administrators, is exempt from the rules. “Create an environment of absolute integrity and accountability from the top down,” he says.
More ways to avoid risk
Risk management topics deserving of board discussion aren’t limited to criminal activity. Even issues less dramatic than fraud can cause serious problems. Among the risks related to finances:
High debt in a tight economic environment
Lack of proper reserves
Negative trends in giving and other revenue
Improper handling of restricted gifts
Unsound investment practices
A board member doesn’t have to be a financial expert to ask tough questions about issues like these. And it is not just the right, but it’s the responsibility for board members to understand what their institutions are doing to mitigate risk and protect from fraud.
A special board-only education session is one way for a board to begin addressing fraud and other potential risks. During a session planned by the board development committee or finance committee, board members can ask about specific policies and procedures that guide investment management, disbursement control, and check-signing policies. They can make sure that whistleblower and conflict-of-interest policies are in place.