Nonprofits: Plug the “Money Leaks” This Giving Season

October 01, 2019

As we enter another holiday giving season, it’s an exciting time for nonprofits. With about one third of all annual charitable giving happening between September and December, it’s also a crucial time for a nonprofit’s survival.

However, with substantially more donations coming in this time of year, you need to be on your game when it comes to money management.

Beware of these money leaks:

  • Theft and Fraud. Theft can be perpetrated by anyone including vendors and contractors. A dishonest party could impersonate your nonprofit to host a fundraising event, and then pocket the profits and run.
  • Cybercrime. Internet and phishing scams are getting more sophisticated every day. Even Portland Public Schools almost transferred $2.9 million to a scammer pretending to be one of their trusted building contractors.
  • Regulatory compliance. The IRS has strict rules for nonprofits to maintain their tax-exempt status. Don’t let a slip-up cost you fines or loss of your tax exemption.
  • D&O liability. Your board’s directors and officers make the business decisions, including managing funds. A liability claim against one of them for misallocation of funds, wrongful termination, discrimination, harassment, or another event could be costly.
  • Rogue volunteers. If one of your volunteers steals or causes injury or damage, your organization could get hit with a negligence claim, and that can be costly to defend and settle.

Seven steps to protect your nonprofit:

  1. Know your risks. Conduct regular risk assessments so you know exactly where you’re vulnerable to fraud and theft.
  2. Split financial duties. Never put one person in charge of receiving donations, making deposits, writing checks, reviewing bank statements, and reconciling accounts, especially with little oversight. Split the duties to provide checks and balances.
  3. Implement strict payment controls. Fraud often happens when one department or person is able to play a shell game and hide payments from other departments or people. Implement controls such as requiring two signatures on checks to manage payments, track inventory, and review travel reimbursements and other expenses.
  4. Think twice about accepting Bitcoin or other non-standard methods of payment for donations. It may offer donors a convenient way to give, but the FDIC doesn’t insure Bitcoin accounts and there’s no bank to call with problems.
  5. Protect the cash. Keep your cash secure and limit access to it. Put controls in place such as setting up an approved vendor list, limiting wire transfers, and requiring secondary approval for some expenditures.
  6. Educate your team on cybersecurity. Make sure everyone working for you – from employees to volunteers – knows about phishing, data breach and ransomware exposures and prevention best practices.
  7. Provide a tip line where individuals can anonymously report concerns of fraud without fear of retaliation.

In addition to these tips, be sure to carry adequate financial protection. Not sure which coverage is right for your organization? Heffernan's Nonprofit Practice offers a wide range of insurance products to fit your specific needs and budget so you can continue your vital work.