Internal theft of church funds remains a pervasive and largely unaddressed problem in churches.
Whether due to embarrassment, fear of bad press, or desire to “forgive and forget,” it appears that most fraud in the community of faith goes unreported and unprosecuted. The result is a loss of millions of dollars that would otherwise help fuel church ministries, outreach, and other important projects.
The real tragedy, however, is that fraud is a gross misuse of God’s resources and a breach of fiduciary duty between the church and its givers.
Church leaders would be wise to pay attention to fraud studies conducted by the Association of Certified Fraud Examiners (ACFE). Known as “Report to the Nations,” ACFE has released 11 studies since 1993. Based on responses from thousands of organizations that have been victims of fraud (“victim organizations”), these studies address occupational or workplace fraud in the US and around the world.
While not church-specific (although there are data points regarding nonprofits included), these studies offer information that is relevant to congregations and should help church leaders better understand how fraud takes place, how it is detected, the characteristics of both victims and perpetrators, and more.
What follows, then, are a number of findings from the 2020 “Report to the Nations” that I feel are most relevant to church leaders, along with my observations regarding many of the findings and links to pertinent articles.
What fraud costs
The typical fraud case lasts 14 months before detection, and costs $8,300 per month. Certified fraud examiners (CFEs) estimate that organizations lose five percent of their revenue to fraud each year. Worldwide, fraud costs organizations close to $4 billion annually.
These findings not only underscore the high cost of fraud but also the absolute necessity of early fraud detection. Note that in this court case alone, a church trustee embezzled close to $300,000 from church funds.
How fraud is detected
Fraud is detected in a number of ways, including:
- Tip or complaint: 43 percent
- Internal audit: 15 percent
- By accident: 5 percent
- Confession: 1 percent
For a complete list of ways fraud is detected, see this infographic.
When considering all the victim organizations, the study found that only 1 percent of fraud cases are revealed through a confession. From my own observation and study, a confession often is triggered by the offender’s perception that he or she is about to be caught.
A sound and enforced whistleblower policy can help detect fraud in churches.
Lack of internal controls
A lack of internal controls contributed to one-third of all cases of fraud.
The most basic and effective internal controls should be implemented and enforced. This article shows how to identify poor internal controls and offers preventive measures to correct any weaknesses.
High risk areas for small employers
Some risks are more likely in small employers than larger businesses. Billing fraud and payroll fraud are twice as likely in a smaller business, and check and payment tampering is four times more likely.
Regarding preventing fraud in small businesses, the report said:
Our data shows that there are clear opportunities for small businesses to increase their protection against fraud. Adopting a code of conduct and an anti-fraud policy, having managers review the work of their subordinates, and conducting targeted anti-fraud training for employees and managers are all measures that are correlated with significant reductions in fraud losses . . . yet each was implemented by fewer than half of the small businesses in our study.
I believe data billing fraud and payroll fraud are relevant information for smaller churches. Further, small churches would be wise to follow the advice offered above.
Men commit fraud in greater numbers than women
Men committed 72 percent of all cases of occupational fraud. The median loss for male perpetrators was $150,000. For female employees it was $85,000.
Consider this quote from the report in the context of male authorities and leadership in the church:
We examined gender distribution and median loss data based on the perpetrator’s level of authority. . . . At all levels of authority (employee, manager, and owner/executive), males committed a much larger percentage of frauds than women did. Male owners/executives and managers also accounted for much larger losses than their female counterparts. This was particularly true at the owner/executive level, where the median loss caused by men (USD 795,000) was more than four times larger than the median loss caused by women (USD 172,000). At the employee level, however, losses caused by males and females were equal.
Red flag: Living beyond their means
Forty-two percent of offenders were living beyond their means. A fraudster living beyond his or her means is the most common red flag by a sizable margin. This has ranked as the #1 red flag in every study since 2008.
Church leaders should be alert to employees having access to church finances who are living beyond their means. Note this observation from my article “Embezzling Church Funds: A Case Study”:
[The church administrator used] the church’s credit card on over 300 occasions to purchase personal items for himself and his family, including several luxury items. He knew that he was not permitted to use the church’s credit card for these purchases but continued to do so anyway.
Other red flags
Twenty-six percent of offenders were experiencing financial difficulties. Other offender traits: unwillingness to share duties, divorce or other family issues, and complaints about inadequate pay.
Church leaders should be familiar with the clues mentioned above. The chances of these behaviors leading to embezzlement can be greatly reduced when churches implement strong internal controls. Unfortunately, too many leaders and employees believe that these measures demonstrate a lack of trust, but consider this key point in my article, “Embezzlement Prevention”:
Many churches refuse to implement basic principles of internal control out of a fear of “offending” persons who may feel that they are being suspected of misconduct. The issue here is not one of hurt feelings, but accountability. The church, more than any other institution in society, should set the standard for financial accountability. After all, its programs and activities are rooted in religion, and it is funded with donations from persons who rightfully assume that their contributions are being used for religious purposes. The church has a high responsibility to promote financial accountability.
For a visual presentation of these and additional red flag behaviors, see this infographic.
How offenders hide fraud
The top four concealment methods used by offenders:
- Created fraudulent physical documents: 40 percent
- Altered physical documents: 36 percent
- Altered electronic documents: 27 percent:
- Created fraudulent electronic documents: 26 percent
All of these risks could be managed by having a CPA audit your financial statements each year. An audit accomplishes three important functions (as outlined in my article “Reducing the Risk of Embezzlement”):
- An audit promotes an environment of accountability in which opportunities for embezzlement (and therefore the risk of embezzlement) are reduced.
- The CPA (or CPAs) who conducts the audit will provide the church leadership with a “management letter” that points out weaknesses and inefficiencies in the church’s accounting and financial procedures. This information is invaluable to church leaders.
- An audit contributes to the integrity and reputation of church leaders and staff members who handle funds.
Nonprofit offenders and amount of fraud
Perpetrators of fraud falls in three categories in nonprofits—with the percentage of fraudulent activity and amount stolen (averaged below) highest among executives:
- Executive: 39 percent; amount taken: $250,000
- Manager: 35 percent; amount taken: $95,000
- Employees: 23 percent; amount taken: $21,000
Sometimes a church fails to properly monitor its leaders, leading to potentially costly consequences and even imprisonment of a leader who steals from the church.
Top weaknesses in nonprofits
Nonprofits have fewer anti-fraud controls in place, making them more vulnerable to fraud. The top three weaknesses in nonprofits—with highest percentage being the lack of internal controls—are:
- Lack of internal controls: 35 percent
- Lack of management review: 19 percent
- Override of existing internal controls: 14 percent
Consider this quote from the report about nonprofits in the context of small churches:
Nonprofit organizations can be more susceptible to fraud due to having fewer resources available to help prevent and recover from a fraud loss. This sector is particularly vulnerable because of less oversight and lack of certain internal controls.
Doing nothing to address financial fraud exposes any church to embezzlement. Churches are at higher risk than other organizations because an atmosphere of trust makes financial controls seem unnecessary.
For common examples of poor internal controls in churches and ways to mitigate each one, see my article “How Embezzlement Occurs.”
What about background checks?
When asked if a background check performed on the offender prior to hiring, 52 percent said yes and 48 percent said no. Of those surveyed, 13 percent said that the background check uncovered a red flag but they chose to still hire the person anyway.
The victim organizations performed the following types of background checks:
- Employment history: 81 percent
- Criminal checks: 75 percent
- Reference checks: 56 percent
- Education verification: 50 percent
- Credit checks: 38 percent
- Drug screening: 28 percent
All employees having access to church finances, or to church offices after hours, should have a background check that includes references and a criminal records search. Also, investigate thoroughly any red flags that are uncovered.
Previous convictions or disciplinary actions
Four percent of offenders had been previously convicted of a fraud-related offense; 16 percent had a prior employment-related disciplinary action for fraud (termination or punishment).
Be wary of hiring someone guilty of past fraud or who has been disciplined by a former employer for a fraud-related crime. Again, background screening is key to properly vetting potential employees. Evaluate your screening program with this checklist.
When fraud is substantiated, punishment takes a variety of forms—with two-thirds of the victim organizations choosing to terminate the offender:
- Termination: 66 percent
- Settlement agreement: 11 percent
- Mandatory or permitted resignation: 10 percent
- Probation or suspension: 10 percent
- No punishment: 5 percent
Churches that are tempted to avoid terminating or punishing an offender for fraud, should consider this quote from Shakespeare’s Timon of Athens: “Nothing emboldens sin as much as mercy.”
Editor’s note: Issues related to mercy, grace and forgiveness, along with other pertinent topics, are discussed in this interview with an executive pastor from a church where internal theft had taken place, the attorney called in to help the church navigate legal issues, and the certified fraud examiner who investigated the fraud.
Should fraud be reported to law enforcement?
Here are the top five reasons victim organizations gave for not reporting suspected fraud to law enforcement (with nearly half of those failing to report it because they felt internal discipline was sufficient):
- Internal discipline sufficient: 46 percent
- Didn’t want bad publicity: 32 percent
- Decided on a private settlement: 27 percent
- Too costly: 17 percent
- Lack of evidence: 10 percent
Here are the results when cases were referred to law enforcement (more than half of suspected perpetrators pleading guilty):
- Guilty plea: 56 percent
- Conviction: 23 percent
- Declined prosecution: 12 percent
- Acquitted: 2 percent
Nearly 80 percent of cases that were referred to law enforcement led to guilty pleas or convictions. Only 2 percent resulted in acquittal. These statistics make a strong case for reporting suspected fraud to law enforcement.
It is common for church leaders to deal with cases of embezzlement internally, with no report to law enforcement or the IRS, so long as the embezzler is terminated from employment and agrees to pay back the amount stolen. Why is this? In some cases, it is to conceal the crime from the congregation and avoid scandal. In other cases, it is to protect the embezzler, who is often a long-term and valued employee, from disgrace. But this approach requires some knowledge of how much was stolen, and this can be a difficult task. You cannot take the word of the embezzler. The best approach is to enlist the assistance of an attorney, a CPA, and quite possibly a certified fraud examiner.
A potential felony charge is just one consequence of embezzlement. For more on this consequence and three others, see my article “The Consequences of Embezzlement.”
For my analyses of court cases related to fraud, with relevance to churches, see the “embezzlement” category in Legal Developments.
For more on this topic, see the embezzlement section in the Legal Library or my book Pastor, Church & Law.