Electronic Embezzlement

How one CFO used digital signatures to bilk his church out of $850,000.

A church’s chief financial officer (the “defendant”) embezzled $850,000 in church funds, mostly by arranging increases in the church’s line of credit at a local bank. His technique was simple. As chief financial officer he had access to digital versions of the signatures of at least four of the church’s officers. He used these to create phony corporate resolutions bearing the officers’ signatures and authorizing increased borrowing. His deeds eventually came to light after he was terminated on other grounds, and he was charged with several financial crimes including aggravated identity theft (one for each of the officers), bank and wire fraud, making a false statement on a loan application, four counts of tax evasion, and first-degree fraud.

According to evidence introduced at trial, the defendant was hired by the church in 2001 and later became its chief financial officer. He had control over the church’s bank accounts, credit cards, and checks. He also was responsible for conducting “reconciliation” of the church’s accounts. Using his position of trust, between 2003 and 2008, he used various means to defraud the church. Evidence showed that he embezzled money from the church on a weekly basis. For example, he wrote himself numerous unauthorized checks in addition to his biweekly salary. He paid his home mortgage and personal credit card from church bank accounts. He also misused his church credit card to make numerous luxury purchases, including the purchase of three cars (a Lexus SUV, a Range Rover, and a Nissan Maxima), a $12,000 diamond ring, an addition to his home, high-end furniture, including a projection-screen home theater and leather seating, numerous vacations at four-star accommodations, and sports tickets, including courtside season tickets to professional basketball games.

The defendant was tried and convicted on 12 counts in federal district court, and sentenced to 97 months in prison. The district court judge also ordered the defendant to pay $850,000 in restitution to the church. Upon completion of his prison term, the defendant will be placed on five years of supervised release. During that time, the judge has ordered that he not work in any capacity handling the finances of any other church or organization.

The government estimated the loss to the church at more than $850,000. In 2007 alone, he took more than $145,000 in unauthorized payments and benefits. In certain instances, he took donations to the church, as well as rent payments from charities leasing space at the church, and directly converted those payments to his own use.

In addition to the theft, the evidence showed that the defendant evaded taxes, not reporting any of the income he embezzled from the church and failing to pay any taxes on it. The court ordered him to pay back taxes of $185,000.

On the day the defendant was convicted, a federal prosecutor stated: “His crime is beyond offensive-he stole more than $850,000 from a church, even diverting money intended for a food bank and a battered women’s group. He exploited other people’s charity to fund his extravagant vacations, VIP tickets to NBA games, and fancy cars. The prison sentence imposed today is a just end to his spending spree.” 710 F.3d 434 (D.C. Cir. 2013)

The defendant’s conviction and sentencing were affirmed on appeal by a federal appeals court.

Lessons for Church Leaders

There are several lessons to be learned from this case, including the following:

Many church leaders consider embezzlement to be a problem that couldn’t happen in their church. This “it’ll never happen here” attitude is what makes churches lax in creating proper internal controls, especially for handling cash and paying expenses.

The defendant was able to embezzle $850,000 in church funds through the following techniques:

He issued unauthorized checks to himself, which he concealed by performing “reconciliation” of the church’s accounts.

He paid his home mortgage and personal credit card from church bank accounts.

He misused his church credit card to make numerous luxury purchases.

He had access to the digital signatures of four church officers, and used them to forge the officers’ names on unauthorized corporate resolutions purporting to authorize increased borrowing to conceal his wrongdoing.

Had the church implemented the most basic “internal controls,” the defendant could not have engaged in his acts of embezzlement. Here are two internal controls that would have worked:

Require at least two signatures for all checks above a nominal amount.

Have monthly bank statements reviewed by a church official or employee having no responsibility for handling cash or writing checks.

The table following this article highlights several examples of poor internal controls, and steps church leaders can take to address such deficiencies.

Church leaders may not be discharging their fiduciary duties when they fail to implement basic internal controls over cash handling and the payment of expenses. Such a failure can result in a host of negative consequences, including the following: (1) Criminal liability for the embezzler. In this case, the defendant was sentenced to 97 months in a federal penitentiary. (2) Financial hardship for the church. Think of the impact to most churches of having $850,000 embezzled over a few years. (3) The court ordered the defendant to make restitution for his misappropriations. (4) The defendant was convicted of tax evasion for not reporting his ill-gotten gains as taxable income.

Digital signatures and signature stamps are easily susceptible to abuse and must be stored in a secure location with restricted access. If this is not possible, do not use them.

A CPA audit will provide church leaders with a management letter highlighting deficiencies in internal controls. This represents one of the most valuable benefits of an audit, and makes misappropriation of church funds less likely.

If the full amount of the embezzlement is not known with certainty, then church leaders can file a Form 3949-A (“Information Referral”) with the IRS. Form 3949-A is a form that allows employers to report suspected illegal activity, including embezzlement, to the IRS. The IRS will launch an investigation based on the information provided on the Form 3949-A. If the employee in fact has embezzled funds and not reported them as taxable income, the IRS may assess criminal sanctions for failure to report taxable income.

In many cases, filing Form 3949-A with the IRS is a church’s best option when embezzlement is suspected.

Cases of embezzlement raise a number of complex legal and tax issues. Our recommendation is that you retain an attorney to assist you in responding to these issues.

Key Point. The most important point to emphasize is “division of responsibilities.” The more that tasks and responsibilities are shared or divided, the lower the risk of embezzlement.

Key Point. Many churches refuse to implement basic principles of internal control out of a fear of offending persons who may feel that they are suspected of misconduct. The issue is not hurt feelings, but rather, financial accountability and integrity. The church, more than any other institution in society, should set the standard for financial accountability. After all, its programs and activities are rooted in religion, and it is funded with donations from persons who rightfully assume that their contributions are being used for religious purposes. The church has a high responsibility to promote financial accountability. This duty is simply not met when the practices described in the accompanying table are followed.

Richard R. Hammar is an attorney, CPA and author specializing in legal and tax issues for churches and clergy.

This content is designed to provide accurate and authoritative information in regard to the subject matter covered. It is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional service. If legal advice or other expert assistance is required, the services of a competent professional person should be sought. "From a Declaration of Principles jointly adopted by a Committee of the American Bar Association and a Committee of Publishers and Associations." Due to the nature of the U.S. legal system, laws and regulations constantly change. The editors encourage readers to carefully search the site for all content related to the topic of interest and consult qualified local counsel to verify the status of specific statutes, laws, regulations, and precedential court holdings.

ajax-loader-largecaret-downcloseHamburger Menuicon_amazonApple PodcastsBio Iconicon_cards_grid_caretChild Abuse Reporting Laws by State IconChurchSalary Iconicon_facebookGoogle Podcastsicon_instagramLegal Library IconLegal Library Iconicon_linkedinLock IconMegaphone IconOnline Learning IconPodcast IconRecent Legal Developments IconRecommended Reading IconRSS IconSubmiticon_select-arrowSpotify IconAlaska State MapAlabama State MapArkansas State MapArizona State MapCalifornia State MapColorado State MapConnecticut State MapWashington DC State MapDelaware State MapFederal MapFlorida State MapGeorgia State MapHawaii State MapIowa State MapIdaho State MapIllinois State MapIndiana State MapKansas State MapKentucky State MapLouisiana State MapMassachusetts State MapMaryland State MapMaine State MapMichigan State MapMinnesota State MapMissouri State MapMississippi State MapMontana State MapMulti State MapNorth Carolina State MapNorth Dakota State MapNebraska State MapNew Hampshire State MapNew Jersey State MapNew Mexico IconNevada State MapNew York State MapOhio State MapOklahoma State MapOregon State MapPennsylvania State MapRhode Island State MapSouth Carolina State MapSouth Dakota State MapTennessee State MapTexas State MapUtah State MapVirginia State MapVermont State MapWashington State MapWisconsin State MapWest Virginia State MapWyoming State IconShopping Cart IconTax Calendar Iconicon_twitteryoutubepauseplay