Prevent Fraud in Your Nonprofit

Nonprofits are even more susceptible to fraud losses than other organizations because of typically lower levels of staffing and technology. Fraud is also more prevalent in nonprofits due to a common assumption that everyone working there, especially volunteers, is nice, honest, and trust-worthy.

Unfortunately, high levels of trust and low levels of staffing and technology can give free reign to people who are unscrupulous or experiencing extreme financial pressures. A lack of processes and controls can give those individuals the opportunity to steal donations that nonprofits work really hard to raise. Not to mention that being a good nonprofit steward is part of the trust relationship with financial donors.

Recognizing that fraud can happen and implementing a proactive action plan help to prevent nonprofit fraud. Nonprofits can implement practical and cost-effective steps to minimize the chance that a fraudulent act will occur by taking these three fraud prevention tips:


  • Separate Tasks – The most powerful weapon against fraud is separating tasks or duties. Separation of duties prevents one person from having too much control over financial activities, like separating expense approval and check signing from the person who reconciles the bank account.


  • Report Anomalies – Identify anomalies, or exceptions, from expected conditions or results highlights events or actions for additional review and action. Reporting unusual activity or results to an independent reviewer could end up drawing attention to and ending fraudulent activities.


  • Independent Oversight – Periodic independent reviews performed by a knowledgeable party is another way to safeguard nonprofit financial assets. Methods include audits and effective governance, such as the Board’s financial statement review and the Treasurer’s review of all expenses incurred by the Executive Director.


Recognizing that fraud can happen and implementing a proactive action plan to minimize the risk are important steps for preventing nonprofit fraud. Powerful weapons like separating tasks, reporting anomalies and independent oversight reduce the risk of losing donations that nonprofits work really hard to raise.

Award or Cyber Threat?

I don’t generally believe in coincidences, but one sure happened to me last week. On the very same day that I was talking to a colleague about how obvious phishing e-mails can be, I received a cleverly-disguised phishing message that was very tempting…at first.

Many scam e-mails come from someone you know who has been hacked. A message is sent to everyone in that person’s contacts. It contains a link and urges recipients to click on it to see something amazing. Clicking on that link infects your computer with malware or ransomware.

Another version is phishing for your banking and other financial information by masquerading as a bank that has an incoming wire transfer for your account. All you need to do is approve the transfer by clicking on a link that similarly infects or compromises your computer and your data.

My tempting phishing message was cleverly planned just for me (aren’t I special?). It did not come through my regular e-mail; it was sent as a Request for Service on my business website. The title was “Nominated for Best Business Award” and said I had been nominated for Best Consulting Business in Arlington, Virginia, where my business is located. All I needed to do was to click on the link. The message even contained a password I was to use to access the link.

How cool is it to be nominated for an award? Who could resist learning more? I knew of the Arlington Best Business Awards, sponsored by the Arlington Chamber of Commerce, and Arlington’s Best Business Awards, sponsored by Arlington Magazine. I was super excited to be nominated!

But not too excited to stop and make a few observations. For example, the message came from a third party that I did not recognize. The award category was not familiar, based on my attendance at award recognition events in the last few years. Then, I vaguely remembered that the 2018 Chamber and Arlington Magazine awards were already celebrated earlier in the year.

It was a scam! After a little detective work on the internet, I was sure that I was not nominated for an award and that I was targeted for a cyber threat. I searched the name on the e-mail extension and found that it led to a website that my computer’s security wouldn’t let me access because the site was infected. I looked at Arlington Magazine’s and Arlington Chamber’s websites and found that not only had the 2018 awards been bestowed, there was no category for Best Consulting Business.

I felt very lucky that I resisted temptation to click on that link, even if it meant that I was not nominated for an award. At work or at home, your confidential information is at risk. Spending money and time on computer security protection won’t do any good if you or someone who works with you clicks on a cyber threat disguised as an award, a funds transfer, or something amazing to see.

Marriage and Taxes

Fall weddings are a lot more popular than they used to be. This time of year, friends, family, and colleagues are gathering to celebrate couples joining their lives in matrimony. Newlyweds have so much planning to do – a wedding, a honeymoon, where to live. It’s not very romantic, but married couples also need to plan for income tax changes after the wedding celebrations are over.

Many life events, including marriage, impact how income taxes are filed. Before marriage, taxes are filed under the “single” filing status. After marriage, the filing status changes to either married filing separately (MFS) or married filing jointly (MFJ), whichever results in the lower overall tax liability.

Couples who are newly married, or about to get married, should be aware of these five points before filing their next income tax return:


  • Taxpayers are required to file their income tax returns based on their marital status on December 31st, the last day of the tax year. Couples married on New Year’s Eve are considered married for the entire tax year.


  • Married couples can select the MFJ or MFS filing status, depending on which option results in a lower overall tax liability. Couples can assess their tax situation annually and select the lower filing status each year.


  • Tax rules apply differently to couples selecting the MFS option, such as the standard deduction, the capital loss limit, and some refundable and non-refundable tax credits.


  • Pass-through business owners with more than $315,000 of income using the MFJ filing status should consider whether the MFS filing status would result in a higher qualified business income deduction.


  • Couples can assess whether using the MFJ or MFS by filing status is more beneficial by referring to their prior year tax returns as a guide and referring to the IRS and state tax department websites.


Want to know more? Check out the IRS’ webpage about filing status and your state tax department site, or consult a qualified tax professional. That person can help clarify all of the information for you.


CFOs Care about Cybersecurity

IT professionals are usually in charge of an organization’s cybersecurity. They know all the technology and vulnerabilities that a cybercriminal would try to exploit. But what do they know about financial operations, and all the traditional ways that criminals have been trying to get your money since the dawn of time?

Fraud has existed for a long, long time. Technology just gives criminals new opportunities to perpetrate bigger frauds more quickly than ever before. Input from the CFO is absolutely required to thoroughly understand the vulnerabilities and fraud opportunities that can be controlled by technology.

CFOs care about cybersecurity as much as the IT chief. Ideally, the CFO and the head of IT will collaborate in these three areas to fight against cybercrime:

  • System Access

Preventing one person from having too much control over a financial transaction, called segregation of duties, is best accomplished by setting up system access controls. Each user’s unique system identification and password can be defined to restrict that user’s activities within the system. For example, the system can be set up to prevent a user from originating and approving the same transaction.

  • Automated Workflows

One traditional way to defraud an organization of its funds is to intercept and alter documents, such as invoices, contracts, and time sheets. By building an automated workflow within a system, information and documents images are only routed to an authorized person who is the intended recipient. System history files can provide an activity trail that reflects which actions were taken by each system user, and when.

  • Exception Reporting and Follow-up

Systems can be configured to identify and report any transaction or activity that is an exception to policy, standard procedures, or good business practices. Items that are considered “exceptions” must be defined, agreed upon, and built into the system. Reported exceptions should be routed in the system to the appropriate person to assess and take action on each reported item.

Cybersecurity efforts are usually led by the IT chief and her or his team. CFOs care about cybersecurity, too. Modern technology and traditional knowledge about the ways that criminals defraud organizations of their money can collaborate to build strong system controls that prevent and detect fraud.

Financial Skills Workshop for Artists

A couple of weeks ago, I had the pleasure of teaching a financial skills workshop for the Arts Enterprise Institute in Arlington, VA. The workshop objective was to bring awareness of managing business finances to artists who create beauty in many forms – sculpture, painting, and ceramics. One class participant was a make-up artist, who uses the human face as a canvas.

The ten professional artists in the class started their businesses to create art, not to keep financial records. They gave up a beautiful Saturday afternoon to learn tips and tools to get control over and understand their business finances, and to make informed decisions about pricing their work and assessing their profits and sustainability.

We covered a lot of ground in two hours. Here are a few highlights, based on the artists’ enthusiasm and questions during our time together:


  • Track Income and Expenses – Collecting the details of all funds that are coming in and going out is essential to understanding the financial health of your business. How do you know the status of your business finances without a complete and up-to-date report of where your money is? Many user-friendly tools are available to help you track and report financial information to manage your business.


  • Budget and Forecast – Planning your income and expenses provides a roadmap for your business. Start building your budget with the income and expense items that you know, like rent and fee contracts. Estimate other income and expenses based on your plans, knowing that you will have to make adjustments as you learn more information. Forecast your expected cash flows to ensure you have funds available when you need them.


  • Manage Your Cash – Use a separate a bank account and credit card for all business transactions. Having all of your business financial activity separate and in one place makes it easier to identify, understand and manage your business’ overall financial health. Reconciling your business bank account within a few days of receiving your bank account statement is very important for staying on top of your funds.


  • Pay Sales Tax – Selling a work of art is considered a “taxable product sale”. Your state and county want a share of your sales in the form of sales tax. Every location has its own rules. Here in Arlington, sales tax is collected by the business and remitted to Arlington County, which forwards the state portion on to the Virginia Department of Revenue in Richmond. The more tax you collect, the more frequently it has to be remitted.


The Arts Enterprise Institute Financial Skills Workshop was a valuable investment for the ten professional artists who gave up a beautiful Saturday afternoon to sit in a conference room learning about business finances. One of them sent me a lovely e-mail the next morning, “Thank you for a fun and informative workshop… I have clear next steps to professionalize and organize my painting career, and I am looking forward to getting everything in order.” Those kind words made it totally worth for me to be indoors on a beautiful Saturday, too.