Why Doesn’t Auditing Catch the Fraud?
by Raj Attiken | 22 October 2020 |
“We do many of them. We don’t do enough of them. We don’t have funds to do all of them. We are unable to complete some of them. We cannot even begin a number of them.”
This, in essence, was the report from the General Conference Auditing Service (GCAS) at the 2019 Annual Council regarding the financial audits that it performs on church organizations. The report included a plea to church leaders to pay serious attention to the financial audit processes and findings, and to ensure that their financial officers prepare and submit the required financial statements. It suggested that even in offices with qualified and competent financial officers, sometimes financial statements are not properly prepared or even made available to auditors.
The church, as a custodian and steward of the funds entrusted to it by its members, has a responsibility to safeguard these funds and to ensure their proper use. Members should be able to have confidence that their offerings and monetary gifts to the church and church entities are protected and used appropriately. One step that the denomination has taken to assist its entities in this regard requires that they be audited regularly and goes as far as providing an auditing service to Conferences, Union Conferences, and educational institutions. The denomination also requires that its organizations’ boards or executive committees ensure that effective internal controls are in place – controls that are designed, documented, implemented, communicated, and monitored. It should be disconcerting to members in any given territory if their organization does not have appropriate internal controls or if their church administrators do not fully cooperate or participate in the annual audits or fail to act on their findings.
The Value of an Audit
A denominational audit is intended to provide reasonable assurance regarding the reliability of the organization’s financial reporting and its compliance with laws and regulations, including denominational policies; to provide assurance that resources are used in accordance with approved purposes; and to protect the organization’s assets from misuse. Before the audit begins, the denominational entity is required to provide a statement of financial position, financial activities, cash flow, and relevant footnote disclosures, etc. The organization is also required to have an Audit Committee that is competent in the field of finances and is independent (made up solely of persons not employed by the denomination). Shortly after the audit, the auditors provide an audit report to the Chair of the Audit Committee or to the Committee itself that includes an opinion on the financial statements, a report on compliance with the core policies of the denomination, and an audit committee letter which includes any significant deficiencies identified in the internal controls.
Despite these precautions and safeguards, financial irregularities do occur in church organizations. Funds do get misused or used in ways for which they were not designated. Fraud happens. In recent months we have seen reports from different parts of the world of alleged fraud or embezzlement related to church funds, purchase of properties, kickbacks from vendors, and other financial irregularities. According to its 2019 Report on The Status of Global Christianity, released by the Center for the Study of Global Christianity at Gordon-Conwell Theological Seminary, Christian organizations worldwide experience more than $68 billion in financial fraud annually. This figure on church fraud does not show the whole picture since most cases of church fraud go unreported and therefore are not included in the statistics.
When fraud is detected or irregularities are uncovered, one of the first questions that comes up is, “Why didn’t the auditors catch that?” Many church administrators rely on the auditors to uncover irregularities, and they breathe a sigh of relief when the audit comes up “clean.” They do not realize that audits, as they are currently structured, are not designed to identify poor planning or budgeting, to detect fraud, or to rescue an organization that is teetering on the edge of a financial precipice. The General Conference Working Policy states that the objective of a financial audit is to “provide administrators and controlling boards or executive committees moderate assurance (italics mine) on financial and non-financial information in accordance with applicable professional standards.”
“Moderate assurance” might be the best that the best of financial audits can provide. The outcome of an audit is not only dependent on the competence, skills, and diligence of the auditors, but also on the quality of the financial documents prepared and provided to them by the organization. While thoroughly preparing for an audit, and supporting the auditors as they do their work, administrators should recognize that there are things a financial audit does not do. Auditors don’t take responsibility for the accuracy of the organization’s financial statements. They do not establish or maintain internal controls; they do not establish value of assets and liabilities or implement corrective action plans. Auditors cannot require management to do anything or to make any representation.
Beyond Audits to Fraud Prevention
The purpose of an audit is not to detect fraud. Fraud in an organization is mostly detected independent of the financial audits. The incidents of fraud detected by an external audit is said to be as low as 4%. The primary responsibility for the prevention and detection of fraud rests both with those charged with governance of the entity (its governing board or executive committee) and with its officers or administrators. They have the responsibility to convey a tone at the top that promotes honesty and integrity. They can help foster a culture of morality and trustworthiness. They can ensure that strong internal controls are in place. Members of governing boards should be prepared to promptly respond to or investigate allegations of fraud, and to take appropriate actions towards those involved in perpetrating the fraud. If the allegations are directed at the officers or administrators of the entity, the intervention needs to occur from the upper levels of the denominational hierarchy. In the reported cases of alleged fraud in church entities, one or more of these actions were apparently neglected, resulting in financial loss.
Given today’s environment within the denomination where allegations of fraud surface now and again, organizations must work at fostering a culture of ethical conduct. Employees can be encouraged to speak openly, without fear of retaliation. Having an ethics hotline and whistleblower policies increases the chances of discovering fraud through a tip. Organizations with hotlines are said to have detected fraud 50% faster than those without hotlines. Educational efforts can be launched on what types of actions constitute fraud and how to raise concerns about potential fraud.
A common framework used by those studying fraud in organizations examines three elements: the incentive to commit fraud, the opportunity for fraud, and how perpetrators rationalize their actions in committing fraud. Besides greed, the main incentive for committing fraud for many fraudsters is economic necessity – they needed the money to survive. This factor points to the importance of not placing people who struggle with debt or with managing their personal finances in environments where they have access to financial dealings of the church. Opportunity for fraud is related to the weaknesses in the system for monitoring, having checks and balances, and responding promptly and decisively when fraud is suspected. Common examples of rationalization by perpetrators are to picture themselves as victims of circumstances or to claim that their actions are no worse than those of most other people in their position.
Fraud occurs when someone does something dishonest and enriches themselves at the expense of others. From a logical point of view, the presence of responsible, ethically conscious individuals, adequate governance and control, and swift and decisive action when fraud is suspected are likely to reduce the chances of theft, fraud, and embezzlement from occurring. We may never completely eliminate fraud, but it can be minimized by establishing an environment in which ethical behavior is expected.
As in most communities, the faith community we are a part of has elements that seek to exploit its goodness and trust. It is important not to overstate our problems. But it only takes a few bad actors to do a lot of damage, financially and reputationally.
The concern about fraud in church entities should interest all of us. In this endeavor we need resolute allies—not timid, ambivalent ones.
Dr. Raj Attiken is an adjunct professor of religion at Kettering College, the Adventist higher education institution in Dayton, Ohio, and former president of the Ohio Conference.