PKF O'Connor Davies Accountants and Advisors
PKF O'Connor Davies Accountants and Advisors
Insights

Fraud Risk Considerations for Foundations

Fraud can come in many different shapes and forms, and it is vital for foundations to address the fraud risks that are specific to their operations. Fraud is a significant risk that could result in reputational damage, regulatory compliance failure, as well as financial loss. Foundations and foundation managers should continuously evaluate the various fraud risk factors and identify ways that they can mitigate those risks.

In this bulletin, we will examine some of the common fraud risks that your foundation may be susceptible to both from external and internal sources.

Different Types of Fraud

Below are key areas of common fraud risk considerations that a private foundation may encounter as well as identified controls and procedures to safeguard your foundation from being a target of fraud.

Misappropriation of foundation assets: Foundations should determine whether proper controls over their assets are in place. Assets include: cash, investments, and credit cards. Mitigating such risk begins with robust documentation that reflects appropriate approvals and review to ensure that segregation of duties exists at the foundation. Examples include:

  • routinely reconciling cash and investment activity;
  • reviewing service organization controls (SOC) reports for internal controls utilized by the foundation’s investment custodian; if the foundation believes the custodian does not have strong internal controls in place, the foundation should consider adopting additional controls when reconciling their investment activity;
  • reviewing expense reports to ensure organizational credit cards are only being used for foundation-related purposes;
  • limiting the number of employees who have access to the foundation’s credit card.

Cash disbursements fraud: Cash disbursement fraud occurs when a foundation is manipulated into fictitious disbursements either by external or internal actors. Common examples of where this type of fraud occurs include:

  • billing disbursements, i.e., fictitious vendors or grantees are established in order to obtain foundation funds;
  • expense reimbursements, i.e., fraudulent expenses are submitted by employees for reimbursement;
  • payroll disbursements, i.e., payments are made to fictitious employees or for overstated hours, wage rate changes occurring without proper approval, ongoing payments to terminated employees, or unapproved bonuses being paid out;
  • conflicts of interest with vendors, i.e., employees or Board members having a financial interest in a particular vendor or grant recipient.

It is important for foundations to review their cash disbursement procedures to determine whether sufficient oversight exists over the cash disbursement process. Proper due diligence over the cash disbursement cycle can help prevent potential disbursement-related risks and protect the foundation’s available funds that can be utilized for its mission-related activities.

Financial statement fraud: As financial statement fraud is generally associated with the management of an organization, audit committees and Boards of Directors/Trustees have a significant role in mitigating such fraud. Financial statement fraud can occur in several ways, including: manipulation, falsification and alteration of accounting records, misrepresentation, misapplication of accounting principles, recognizing revenues before they are earned, and delaying expenses to later periods. The involvement of foundation committees and Boards in a supervisory role is key to prevent financial statement fraud and exposure to reputational risks.

Cyber fraud: Foundations of all sizes are susceptible to cyberattacks in the form of phishing, ransomware, business email compromises, and many others. At a minimum, cyber fraud should become a management and Board level agenda item. Foundations, management, and the Board should assess their risk for potential cyberattacks and determine the necessary steps to take to mitigate such risk.

Fraud Detection Considerations

Foundations should be alert to the various symptoms of fraud. Awareness of fraud risk at all levels can help prevent and detect fraud. Addressing fraud risk starts with proper tone at the top at the foundation, which can create an environment that is fraud averse. Proper controls, hotlines, and codes of conduct are considerations that can guard your foundation from potential fraud risks.

Contact Us

We welcome the opportunity to answer any questions you may have related to this topic or any other accounting, audit, tax or advisory matters relative to private foundations. Please call 212.286.2600 or email any of the Private Foundation Services team members below: