The True Story of Nonprofit Embezzlement that Stunned a Small Community

As accounting professionals we are always looking for ways to educate business leaders on the importance of internal accounting controls to help protect their organizations. Today we want to share a real account of fraud that we found out about from a colleague to highlight the fundamental fact that fraud can happen anywhere!
​
Although this story might be difficult to hear, we think it’s important to stress the fact that, whether we want to acknowledge it or not, fraud can happen at small businesses, family run companies, and even at nonprofit organizations. In fact, fraud is probably more likely to occur in those environments than at major corporations or publicly traded companies because bigger entities often have far more accounting protections in place to better protect their assets.

---

​We’re going to give you the relevant details, explain how the fraud was perpetrated, clarify why it wasn’t immediately discovered, and provide you with the key takeaways you need to know to protect your organization. Obviously, for the sake of the organization and those involved, the names will be changed.

What Happened?
In a small community, a beloved preschool was thrust into the spotlight when the police were alerted that the school’s accountant had stolen almost $300,000 over the course of her lengthy tenure in the role. The fraud was discovered after the 501(c)(3) school’s long-time Director had retired and a new Director, Sarah, was appointed.

Sarah, an existing staff member at the school, moved into the role and took the change in leadership as an opportunity to make her mark on the school’s future by modernizing the school’s internal systems. She brought in the help of an outside consultant to help make the switch, thinking that she would achieve more efficient back-office operations and increased financial visibility. She got just that!

Once the new systems were in place, Sarah had greater insight into the school’s finances, which meant she could keep tabs on cash inflows and outflows without needing to rely solely on the school’s accountant. This insight was important because the school’s tuition hadn’t changed in many years, which meant that they were struggling to pay their bills since their year-over-year costs had increased significantly. Armed with this information, Sarah made the strategic decision in her second year in the role to raise tuition to cover the school’s increasing expenses. She continued to keep a close eye on the school’s cash flow to evaluate the impact of this change and noticed something strange.

The school’s bank account showed credit card payments, but the school didn’t own a credit card. Suspicious that fraudulent activity might be occurring, she carefully reviewed the school’s A/P (accounts payables) and found numerous checks that raised a red flag because they didn’t seem to be tied to an expense. The recurring checks spanned many years, originating when her predecessor was in the role and continuing to the present day. The more recent checks had Sarah’s signature on them, but she didn’t know what they were for, and she certainly didn’t remember signing them. The signatures revealed why Sarah didn’t recall signing them – they were sloppy forgeries of Sarah’s real signature. The payee on the checks was the school accountant, and they were being deposited into a personal bank account the accountant had opened. Only two people had access to the payment system and could print checks – Sarah and the accountant.

The school’s accountant had been embezzling money for decades!

Breaking Down the Fraudulent Activity
As far as business fraud examples go, this one was pretty straightforward. The accountant was guilty of embezzlement – both using school funds to pay off her credit card bill and writing fraudulent checks to herself.

Unlike more sophisticated embezzlement schemes where a bad actor will pay invoices to a shell company that they own or overpay legitimate vendors and then get a kickback in exchange, the accountant just paid herself directly. Aside from simply pulling money out of a cash drawer, this is the easiest and most basic form of fraud an employee can commit.
​
It begs the question, how was this fraudulent activity not discovered sooner? How did she get away with stealing more than a quarter of a million dollars from a little local 501(c)(3) that had a tiny annual operating budget without anyone noticing?

There were several important factors at play in this circumstance that help to explain how this fraud went undetected for so long:

• Outdated Methodology

When Sarah took on the Director role the school was still utilizing the same accounting methodologies and processes from the days when it was first founded. Nothing had kept up with the times. Families were registering their students for the school year and extra programming via email. Invoices were generated as Word documents, printed, and given to students’ families. Tuition could only be paid via check. Their books were being kept in Excel. Financial reports were being manually created each month.

This antiquated way of functioning left the door wide open for fraud (not to mention errors) because everything that Sarah needed to look at to evaluate the school’s financial health was manually generated and had to come from the accountant. There was no transparency, and in that fog a wide chasm opened allowing fraud to occur.

• Complicated Invoicing

Complicating matters was the school’s convoluted invoicing. It would have been much easier to keep tabs on the school’s finances if every student paid one rate for tuition for the year, but there were many different tuition rates based on how many days a week the student attended and their age. Furthermore, each family could opt to have their student attend various afterschool programs that all had different rates as well. The result was a huge tuition range from student to student.

Additionally, monthly school tuition was billed by month in advance, while the afterschool programs were billed at the conclusion of the month based on how many were utilized during the past month. So, each month’s invoice had a portion of tuition that was being pre-paid and a portion that was being paid in arrears.

Families struggled keep track of how much they owed and whether their bill was right for their individual students, which meant that once that was aggregated across all students, the Director had no chance of being able to verify the accuracy of revenue numbers either. This billing overcomplication made it easy for the accountant to skim off the top.

• Lack of Internal Controls

Prior to Sarah assuming the role as Director there were virtually no internal controls at the school. The accountant handled everything herself, positioning her complete control as a selfless sacrifice. She was lauded for her hard work and willingness to take on added activities instead of being challenged on why she didn’t want to share access to anything she was doing. This centralizing of power should have been a red flag, but the small staff all viewed each other as family, so they trusted her completely.

An overreliance on trust is very common at small organizations where everyone knows each other. Often the staff are all friends and heavily involved in each other’s lives. For this reason, it makes it very difficult to imagine being betrayed. And yet, it can certainly happen. In this case, it happened very personally as well.

All the other staff members were either current or former teachers, so their area of strength was on the teaching side, not the financial side. As a result, the initial Director was glad to have the accountant fully handle the staff’s payroll and benefits as well as the organization’s A/P (accounts payables) and A/R (accounts receivables) that were included in her job description because the Director didn’t feel comfortable enough with her level of financial acumen to do it herself. This ended up being another opportunity for the accountant to embezzle funds, because in the years when the school fell short on fundraising revenue, she took a cut of the teachers’ planned annual bonuses, unbeknownst to any of them.

• Complacency

When the news story broke revealing what had happened, the community was stunned, and current and former staff members were devastated. They all echoed the same sentiment, “How could something like that happen here?”

As a faith-based organization made up of a tight-knit group of friends with presumably the same beliefs system, they thought they were safe. No one thought that anything like that could have happened somewhere so wholesome. They went to work every day teaching kids and being proud of the work they were doing even if it didn’t pay very well, only to discover that the reason their pay was lower than their colleagues at other schools wasn’t because the school tried to keep tuition low, so it was accessible to all, but because a woman they all knew so well had been robbing them all for years.

Key Takeaways
Prior to committing this fraud, the accountant had no criminal record. In fact, this woman was well liked and respected in the community. She was the accountant not only at the school but also for her church. And this set of circumstances, unfortunately, is very common.

We’d like to think that business fraud is committed by sinister schemers – scary career criminals that look like someone you wouldn’t want to encounter on a dark street at night. But the numbers show us that’s not who typically commits this kind of crime. Embezzlement is most often committed by everyday people that have close ties to the organization, are first-time criminals, and are well-liked by their coworkers. The reasoning behind this is simple – if they looked scary and untrustworthy, then they wouldn’t have the opportunity to steal. No one would give them what we colloquially refer to as “the keys to vault.”

There are only three things that need to be present for business fraud to occur: pressure, opportunity, and rationalization. These make up what is known as The Fraud Triangle.

Pressure is often something like financial difficulties or a sudden financial stressor. Opportunity occurs when the business exposes itself to risk by not segregating duties or setting access controls. Rationalization is justified thinking along the lines of “I deserve to be paid more for the work I’m doing” or “I’ll pay back the money later when I can.”

We don’t know what kind of pressure or rationalization the accountant was experiencing because she never disclosed it during her trial, but we know that there was certainly an opportunity for her to steal. As a business leader, that’s the part you can control! You need to do everything in your power to shut down every possible opportunity for fraud to exist.

Use the Business Fraud Checklist to Get Started

Remember, first-time offenders are typically committing crimes of opportunity, not intention. That means that business fraud can certainly be avoided with the right internal accounting controls in place. At a minimum, every organization should:

1. Practice segregation of duties
2. Utilize physical and virtual access controls
3. Require approvals on purchases and reimbursements
4. Perform periodic account audits
5. Reconcile bank and credit accounts regularly
6. Keep trial balances
7. Run data backups
8. Use standardized financial templates

Establishing and maintaining internal controls is one of the most important things you can do to safeguard your organization.

Find Out How to Improve Internal Controls

When you need a reputable accounting company to help you get better visibility into your organization’s finances, we can help! We have a team of experienced accountants that can advise on whether you are using the best accounting technology for your needs, clean up your books, improve reporting, and put the proper internal controls in place to safeguard your organization. Contact us today to find out more!