How to Prevent Fraud at Your Association
The American Horse Council thought it had a trusted employee, but it really had a thief. A look at its story, as well as tips to stop fraud at your association.
No association wants to believe employees might steal from them, but it happens. The American Horse Council learned this the hard way, when an employee secretly siphoned almost $650,000 from the group. AHC President Julie Broadway spoke of the incident at ASAE’s Associations @ Work conference earlier this week.
“I believe in paying it forward, and I would like you all to learn from the experience we had and hopefully avoid it,” Broadway said during the “Frauditing: Preventing and Detecting Fraud in Your Organization” session. “We came out much more resilient and stronger on the other end.”
Broadway came on board as president in 2016, inheriting the post from a person who’d been there decades. She kept the staff, and trusted the embezzling employee. AHC was completely in the dark about the embezzlement until a large check bounced in June 2018. When the bank manager told Broadway that AHC had insufficient funds to cover the check, she accused him of making a clerical error and went and got her bank statements.
“We compared my bank statements to his bank statements; they did not match,” Broadway said. “The individual in my organization was transferring funds form our bank account into her personal account.”
The bank had all the actual transactions, while Broadway had elaborate forged statements created by the employee. The bank manager then told Broadway that the $350,000 loan AHC applied for had been approved. Only, AHC hadn’t applied for a loan.
“I said, ‘How was she able to justify getting this loan?’” Broadway said. “And he said, ‘She pledged the investment portfolio as collateral.’”
Shocked, Broadway said such a move would require board of trustees approval and a letter from the investment advisor. It turned out that the bank had been provided forged copies of those documents by the employee. That’s when Broadway canceled the loan and asked the bank manager to call the police.
Because of the large amount of money stolen, the FBI became involved and the employee pleaded guilty. Broadway said AHC learned some valuable lessons and has made several changes since the theft.
“Here are my lessons to you: first of all, have a crisis-management plan,” Broadway said. “You don’t expect this kind of thing, and when it happens, you have to have a process to follow and be as transparent as you can possibly be. We did not want our members to hear about this through the scuttle. We wanted to be really upfront, and say, ‘Here is what we have uncovered.’ We really wanted to minimize any kind of reputational damage that there might be.”
AHC increased its employee theft and dishonesty coverage, too. “We had low coverage,” Broadway said. “We should have had more.”
Because AHC’s previous independent auditors did not catch the fraud, AHC hired new ones, who advised them on best practices for fraud prevention and detection. One good practice is to segregate duties, so people in charge of approving vendors don’t also pay out invoices. This is harder to do at small organizations. Since AHC only has a staff of three, it now outsources its accounting work.
“Organizations that are less than 100 employees obviously experience the most fraud, and we believe that’s because they don’t have the internal controls set up, the segregation of duties set up,” said Greg Plotts, CPA, a partner at Aronson LLC, the new auditors AHC hired.
There are also some signs that indicate employees might be up to no good. “An unusually close relationship to vendors or customers—are they getting any kickbacks from vendors or customers?” Plotts said. “Also, where people are hoarding their work. They don’t want to share responsibilities. That’s an obvious red flag.”
Associations that want to root out fraud should have a whistleblower policy. “This is the best way to catch fraud,” Plotts said. “People that see things in your organization want to tell somebody, so you’ve got to give them an avenue to tell somebody about what they’re seeing.”
Finally, Plotts recommends background checks of employees who have access to account information after they’ve been there for a while. “The best practice is to do one every three to five years,” Plotts said. “We hear associations pushing back on that. Why would we background check someone who has been here five years? They’re going to get upset.”
Plotts said that many who commit financial crimes turn to it after a significant life crisis, such as debt, divorce, or health problems. Those tend to happen during the course of employment, so it’s important to have periodic checks.
Broadway added that organizations must balance staff trust with proper oversight. “We all feel that we need to love and trust our staff, regardless of their tenure or their role, but don’t ever take for granted what motivates people at times,” Broadway said.
What practices and policies does your association have in place to prevent fraud? Please share in the comments.
(RapidEye/iStock/Getty Images Plus)