As church members, we probably do not want to entertain the idea that the people handling the church finances could be dishonest. But, the truth is that fraud is a serious problem in all types of organizations, and churches are certainly not immune. In fact, churches often have limited resources and staff, which makes it difficult to establish adequate internal controls. This creates an opportunity for fraud to occur, thus making your church vulnerable.
The following are three easy ways that any church can strengthen internal controls and protect its assets:
1. All Church Bank Accounts Should be Centrally Managed in the Church Office
All deposits made, and all checks paid, should go through the church office, not be handled by “outside” parties. Many churches have several bank accounts besides the main checking account, which are generally for certain groups or purposes. Some examples are accounts for mission trips, a cemetery fund, or a Ladies Auxiliary Group. It is not unusual for each of these bank accounts to be managed by individuals outside of the church office, or perhaps by non-finance church staff, who then provide a report or summary information to the finance team. This presents an opportunity for these individuals to take incoming cash or checks, or write checks on the account for personal use, and then alter the summary report given to the finance team. Therefore, all bank accounts should be managed and controlled by the finance team. This means that incoming cash and checks should be sent to the church office, and checks paid from these accounts should be processed just like checks from the main checking account.
2. Review Bank Statements and Cancelled Check Images
Like many organizations, your church likely has a couple employees that have access to check stock, are able to prepare checks, and have access to the accounting system to record transactions. Inherently, this creates an environment where fraud could occur by one of these employees cutting an inappropriate check to himself/herself. To address this, someone who does not have access to the accounting system and the check stock should perform an independent monthly review of the bank statement activity, including the cancelled check images. This person should verify that the checks, as well as any electronic payments, were paid to legitimate vendors. In addition, all transfers should be reviewed to ensure they are made between two church accounts, as opposed to a transfer to someone’s personal account. Sometimes when we suggest this bank statement review, we get feedback that it is not necessary because the person(s) preparing checks and with access to the accounting system is not a check signer. Or, that the church requires all checks to have two signatures. Please do not solely rely on this! If you have an employee willing to commit fraud, they almost certainly won’t be afraid to forge some signatures, too.
3. Limit Access to Your Safe and Use Tamperproof Bags
Churches frequently handle significant amounts of cash collected during worship services, particularly on the weekends. It is common for multiple people to be involved in the collection process at church, culminating in a person(s) putting the money in a church/office safe until a count team performs the official count on Monday mornings. However, it also seems to be common for the money to be put in the safe without using a tamperproof bag, and for numerous people to have access to the safe. This presents an opportunity for anyone with access to the safe to skim cash without being discovered. As such, multiple people should handle the cash at church, put it in a numbered tamperproof bag which they initial, and place it in the safe. The number of people with access to the safe should be minimal so that only a few people have access to these bags or any other sensitive items kept in the safe. The tamperproof bags should be given unopened to the members of the count team, which should consist of at least two unrelated individuals who document the amounts collected.
About the Author
Mike Hablewitz, Partner, has experience working with a variety of non-profit organizations, including health and human services, religious organizations, trade associations and labor unions, among others. Particularly interested in internal control issues, Mike enjoys helping his clients implement stronger internal controls to safeguard their assets and has provided services that resulted in uncovering fraud.