Common Fraud Strategies That Can Hurt Your Organization

Fraud can happen at any organization. An enterprising fraudster will quickly exploit any lapse in controls, and these crimes often slip past leaders and lead to significant financial losses. Help your organization stay secure by learning about some of the most fraud-prone areas, along with strategies to help mitigate risk.

Leadership Transitions

Red flag: Turnovers in executive management

Potential problem: Executive management changes can create gaps in oversight when an organization’s controller, CEO, or other key leader assumes more responsibility. Without additional oversight during these periods of leadership change, these interim financial leaders may take advantage of the opportunity to commit fraud.

Prevention strategy: Establish mechanisms to provide appropriate oversight of anyone with access to the organization’s finances, even if they are filling the role on an interim basis.

Red flag: Leaders who lack an institutional knowledge base

Potential problem: Especially in government and nonprofit organizations, new executives often rely on bookkeepers for training on accounting processes. If those bookkeepers choose not to share key information or fully explain the process, they can take advantage of the changeup in leadership to misdirect funds without detection.

Prevention strategy: Providenew leaders comprehensive training on accounting processes, internal controls, and their own oversight responsibilities. Teach them how to access full documentation of the organization’s financial activities.

Vendors and Contractors

Red flag: Lack of vendor and contractor documentation

Potential problem: Overbilling can take place even after a properly fulfilled procurement and vendor selection process, especially if no one asks for documentation that supports important details like work performed, hours logged, and rates charged.

Prevention strategy: Regularly review purchase orders and invoices and reference them against the original contract to enforce pricing terms and service agreements.

Red flag: Higher-than-expected vendor payment totals

Potential problem: Employees sometimes set up shell companies that mimic the names of legitimate vendors to collect fraudulent payments. Other times, they skip the shell company and add a new vendor into the books, using a name that’s similar to a legitimate vendor. Later, they’ll change the name on the check to their own. They may even make out checks to themselves and change the name of the recipient in the accounting software after the fact.

Prevention strategy: Periodically review vendor lists to check for multiple similar entries or unusually high vendor payment totals. If you suspect a problem, look at your bank’s image of the canceled check to see if the name matches the original payee in your records.

Red flag: A new vendor’s address matches an employee’s address — or other vendor details appear invalid (e.g., a vacant lot, unused PO box, or nonexistent location)

Potential problem: An employee could be creating a fictitious vendor and funneling payments to themselves. Since the vendor isn’t real, no goods or services are actually provided, but payments appear legitimate on the books.

Prevention strategy: Incorporate a verification process for new vendors:

• Require third-party documentation of the vendor’s legitimacy (e.g., W-9 form, business license).
• Cross-check the vendor’s address, phone number, and bank account against employee records.
• Periodically audit vendor addresses using online mapping and public records to confirm they correspond to bona fide business locations.

Credit Cards

Red flag: Increased purchases at common vendors

Potential problem: Rising credit card charges can signal fraud, especially when:

• There are no records to support the charges.
• Spending is inconsistent with historical periods.
• The timing doesn’t make sense (e.g., purchases at night, on weekends, or by staff who are off duty or on vacation at the time of the purchase).

Prevention strategy: Monitor spending at big-box stores, looking for trends and patterns within the records. Confirm that spending spikes relate to authorized charges, and examine receipts to verify that purchased goods align with your organization’s needs.

Red flag: Expense reimbursements from employees with procurement cards

Potential problem: Ethics-challenged employees often make purchases using an organization’s procurement card and submit the same receipts for reimbursement.

Prevention strategy: Closely scrutinize all reimbursement requests. Be alert to the potential for fraud, especially when employees with procurement cards submit significant reimbursement requests.

Red flag: Unexpected shipping addresses

Potential problem: Employees could be using company credit cards to order things for themselves from Amazon, Walmart, and other common vendors.

Prevention strategy: Pay attention to where goods purchased through company accounts are being delivered. If the shipping address doesn’t indicate a familiar office location or job site, start digging deeper to figure out where purchases are going and why.

Accounting and Bookkeeping 

Red flag: Late payments

Potential problem: Late payments to vendors, credit cards, and other accounts can signal misappropriation of funds. A clever thief can juggle payments and doctor the books to hide ongoing fraud, but only for a while. When the funds intended to cover routine bills no longer exist in company coffers, that fact eventually starts to show up in late payments.

Prevention strategy: Clearly communicate to staff that timely payments to vendors and others are an essential responsibility. View late payments as a sign that something may be seriously wrong, and take a deep dive into books and records to determine why it happened.

Red flag: Untimely records

Potential problem: One fraud technique is to present books and records that are out of date, which keeps leaders from seeing current financials. Any delay in completing and finalizing financial statements, bank reconciliations, budget reporting, or documentation of funds available calls for investigation.

Prevention strategy: Insist on timely maintenance of all books and financial records. Provide extra support for accounting functions as needed and do not allow employees to reject or redirect additional accounting resources. If leaders or board members don’t receive current financial data when requested, take a closer look. Is there something that staff, management, or others want to keep hidden?

Red flag: Higher-than-expected payroll totals

Potential problem: Unauthorized compensation adjustmentscan be an easy way for staff to test the limits of financial oversight by issuing themselves unapproved bonuses or duplicate checks for the same pay period. These crimes are usually a precursor — perpetrators are “kicking the tires” to see where they can get away with siphoning off money. If they succeed, the fraudsters typically move on to credit card thefts, vendor manipulations, or other crimes that allow them to steal larger amounts over time.

Prevention strategy: Implement strict internal controls and enforce separation of duties. Require multiple people to review and approve payroll, bonuses, and reimbursements, if possible. Regularly review payroll records and employee earnings to check for anomalies.

Board of Directors

Red flag: Inadequate board packages

Potential problem: Board members don’t always get all the information they need to provide proper financial oversight. It may be intentional or can simply reflect a gradual degradation of internal controls.

Prevention strategy: Make sure that board packages contain complete, current financial statements and other required information. Confirm that financial data is consistent and cannot be manipulated. Review the financial controls listed in formal policies (the documents that auditors see) and verify that board members have access to everything they should be relying on to monitor the organization’s finances.

Red flag: Related-party transactions

Potential problem: Board members sometimes commit fraud by writing off loans, disguising unallowed compensation, or paying inflated management fees to organizations owned by related parties.

Prevention strategy: Carefully consider all interactions with related-party entities. Consider whether a structure that includes related parties is necessary or logical in the first place: Does it achieve a legitimate goal, or is it simply a way to move money around to benefit certain individuals?

Red flag: Personal relationships

Potential problem: Tight-knit relationships between board members and executive management or vendors can enable conflicts of interest. This kind of environment discourages rigorous oversight and can allow quid pro quo arrangements for awarding contracts to related-party companies.

Prevention strategy: Pay attention to these relationships and be vigilant for any hint of impropriety. Adhere to all policies and procedures for contracting and oversight, even if personal relationships make these measures seem unnecessary or feel awkward.

Take Steps to Prevent and Detect Fraud

Contact your CRI advisor for more strategies to help you reduce the risk of fraud. While there’s no way to prevent it 100% of the time, a rigorous control environment can help safeguard your organization, quickly detect fraud attempts, and minimize any potential losses.