Table Stewards logo
Contact
Facebook Instagram Youtube Threads

. . . Educating To Inspire Stewardship Excellence . . .

Internal Control

How to Prevent and Detect Collusion

hands pointing to laptop
Collusion can compromise the best of internal controls, and is responsible for 51% of frauds worldwide. Knowing how to identify, prevent and detect collusion is therefore a must for churches and non-profit organisations, that want to protect their valuable assets and funds from fraud and misappropriation.

Contents

Introduction

 

Collusion is an overrider of sound internal controls.  Implementing mechanisms to prevent collusion, and to detect collusion when it occurs is therefore paramount.

 

The importance of sound internal controls for the effective stewardship of resources, funds and assets in churches and non-profit organisations cannot be over-emphasised.

 

Nevertheless, no matter how good the internal controls are, they can easily be compromised by Collusion.

 

The 2020 Report to the Nations by the Association of Certified Fraud Examiners shows that 51% of frauds were committed by two or more fraudsters working together in collusion.

 

35% of cases involved two perpetrators and had a median loss of $105,000 per case, while 65% of cases involved three or more perpetrators and had a median loss of $350,000 per case.

 

But can one prevent or detect collusion?  By understanding what collusion is, and measures that can be put in place to prevent or detect collusion, it is possible to create an environment that will frustrate or expose any collusion attempts.

 

This article takes you through what collusion is, how to prevent collusion, and how to detect it where it is attempted.

 

Table Stewards uses a light-hearted scene setting approach to introduce its topics, but if you would prefer to dive straight into any part of the article, please click the relevant link in the table of contents above.

 

 

Scene Setting

 

The Learning & Development Committee are congregating for their pre-meeting with Coach Emmanuel.

 

Sister Mary: Wow! I don’t think we need a pre-meeting today.  It’s part 2 of our masterclass on Collusion.  I really benefitted from the previous session on how Collusion can derail good internal controls.  

 

Coach Emmanuel: You are right! Let’s proceed to the conference room, do a quick recap of our previous masterclass on collusion and continue from where we left off…

 

 

What is Collusion and why should you be concerned?

 

Collusion basically means a collaborative action between different parties secretly or illegally towards a goal of deceiving, misleading or defrauding.

 

With regards to segregation of duties, collusion occurs when people responsible for different aspects of a process that is segregated to ensure internal controls, decide to come together to deliberately override the controls for their own benefit.  See the previous article on collusion for an example.

 

This could lead to minor to significant fraud, which can expose an organisation to great financial loss and reputation damage.

 

Usually, people who are bent on collusion for misappropriation, and seem to be getting away with it, will continue to increase the magnitude of the fraud for as long as possible.

 

Even the news of a small fraud successfully executed against a church or non-profit organisation funds, can deter future donations, giving, or offerings from members who now see the church or non-profit as poor at managing money risks.

 

Their hard-earned income is not for waste or misappropriation and they let you know that in withholding their giving.  It is therefore important to manage the risk of collusion effectively.

 

 

How to Prevent Collusion

 

Collusion is a great limitation of good internal controls.  But is it possible to prevent collusion? There are various ways to create an environment where collusion is difficult to implement, and in most cases a combination of methods is best.  Some of these methods are:

 

Recruitment practices

 

Obtain satisfactory references before entrusting people with critical roles and responsibilities, whether as volunteers or staff.

 

Don’t be quick to entrust new members with critical roles, assets or handling of money.  References can be obtained from external sources as part of standard recruitment practices for staff.

 

For volunteers, you may ask for personal references from someone of who is of good standing in their career, profession or business.

 

Where this is not possible or you don’t want to rely on personal references which cannot be verified, you can use the passage of time to obtain organic references.

 

That is, allowing individuals to build up “references” and prove their character and commitment through safe or non-critical roles for a certain length of time (advisably, minimum 6 months).

 

This should give sufficient time to observe them in fellowship, in relating with others, getting an idea of the level of integrity they display where called for, and their commitment to the faith.

 

Though not fool-proof on its own, it goes a long way in providing the opportunity to get to know the person before they are invited to join a committee or hold a critical role, even as a volunteer, in areas of high risk in the church or non-profit organisation.

 

Culture

 

An organisation that is serious about managing the risk of collusion, should ensure that it’s culture aligns accordingly.

 

If a church founder for example, is of the habit of overriding controls by asking for certain amounts to be taken out of the offering/collection rather than bank it intact after controlled counting processes, then this sends the message that it is okay to override controls.

 

A culture of zero tolerance to internal control breaches and fraud should be articulated and demonstrated from the top of the organisation through all levels of leadership and activities.

 

While not fool-proof, it helps minimise the chances of collusion as more people are against fraudulent practices than are for it.

 

It will be more difficult to find a collusion partner in an environment that propagates a zero-tolerance to fraud, internal control breaches or management overrides.

 

If reports of breaches of internal controls are taken seriously and dealt with appropriately, it further reinforces the culture and deterrence, and shows that you mean business!

 

Managing Conflicts of interest

 

The church is family focussed, as the bible says that salvation is not just for us as individuals but for us and our households.  Friends and family are welcome and majority of churches will have people that are related or have close friendships.

 

However, when it comes to implementing internal controls with segregation of duties, one way to prevent collusion is that the people performing each part of the process must not be related.

 

You cannot have the husband responsible for approving a requisition, while the wife makes the payment.  This is a recipe for collusion, and even if the couple operate with impeccable integrity, it may not been seen as such by other members of the church.

 

In implementing segregation of duties, the operatives for each transaction or process need to be unrelated and have no other interests that may conflict with their responsibilities.

 

Unrelated does not just apply to family but to business as well.  Business partners should not be part of the same segregated process.

 

As business relationships may not be as obvious compared to a marriage relationship, it is important to regularly assess conflicts of interest among key parties to a segregated process.

 

Conflict of interest forms can be used to facilitate this.

 

How can you detect collusion?

 

Can you detect collusion? The practices below are useful detective mechanisms for collusion.  They are also deterrents thereby also serving as preventive mechanisms for collusion.

 

Job rotation

 

Ensure that roles and responsibilities are rotated at reasonable intervals, including tenures for critical roles such as finance committee members.

 

For staff, ensure that HR policies mandate annual leave so that others have an opportunity to cover the role, which may help detect risky practices.

 

Audit Trail

 

This is about having the ability to track who carried out a transaction or performed an authorisation, so they can be traced if required.

 

Also can serve as a deterrent to collusion where systems can track the activity of each party.

 

For example, where a transaction is required to be approved by clicking within a system application to evidence approval.  The system date-stamps and records the user identification of the person who carried out the approval, thereby providing audit trail.

 

Whistleblowing

 

Promoting a culture of zero tolerance to fraud and internal control breaches goes hand-in-hand with identifying and dealing with incidents when they occur.

 

But how would you know when things are going wrong or about to go wrong?

 

People may have observed that a change in responsibilities has increased the risk for collusion in a process, or someone in a sensitive position is acting strangely, but they are not sure what to do with their observations.

 

They may confide in other staff or members, gossip about it, choose to ignore, dismiss their hunch as overthinking, or decide to play detective.

 

You want to be able to manage the risks or deal with the issues correctly.

 

One way is to articulate and issue a fraud and whistleblowing policy that makes it clear that the church has zero tolerance to fraud.

 

The policy should also outline the consequences for engaging in fraud or deliberate internal control breaches, as well as the mechanisms in place for whistleblowing.

 

Monitoring controls

 

These are detective controls that either help confirm that an internal control is working as intended or help identify when it is not so that corrective measures can be taken.

 

An example is bank reconciliations, which can help show bank withdrawals that are not in the organisation’s accounting records of approved transactions, enabling investigation.

 

Reporting is also a great monitoring control, if the right information is reported and reviewed by an appropriate authority regularly.

 

A report on purchases made in the month can reveal the frequent use of a particular supplier belonging to a church member, who may also be paid very quickly compared to others.

 

Such a report could also show split purchases that may have had better scrutiny if aggregated, or evidence of purchases of sufficient quantities of items that appear to always run out, which could indicate theft.

 

Periodic review of segregated roles and responsibilities, especially when people rotate duties is also a good monitoring control that can pick up conflicting duties to enable early correction.

 

For example, if a new member is sought for the finance committee, and the most qualified person happens to be the husband of the person who performs the bank reconciliation, they would not be eligible for appointment due to the related-party risks of collusion.

 

Conclusion

 

Collusion derails good internal controls, especially the control of segregation of duties. But while we may not be able to fully prevent collusion between determined people; by implementing a combination of the practices and controls covered above we can make it nearly impossible for collusion to succeed!

 

Click to read more in our articles about internal controls and segregation of duties.

 

Share this article:

Related Articles

Cash income controls image of hand touching cash notes and coins
  • Internal Control

Must-Have Cash Income Controls For Churches And Charities

The place of cash as a means of giving to churches and charities cannot be eradicated despite other electronic and digital giving methods. However, cash is easily susceptible to theft and misappropriation and needs to be properly safeguarded to prevent financial loss. Implementing appropriate cash income controls help churches and charities protect and direct their cash income towards their intended objectives.
Continue reading
5 ways internal audit benefits churches and charities depicted by an Internal Audit jigsaw puzzle
  • Internal Control

5 Ways Internal Audits Benefit Churches and Charities

Churches and charities are required to maintain high levels of accountability, operate effectively and efficiently, and comply with relevant laws and regulations. But how can the board and senior leadership be assured that they are indeed operating effectively and efficiently, and sufficiently mitigating their key risks? Carrying out internal audits can help provide such independent assurance, and also provide insight and advice that may not be available otherwise.
Continue reading
Cyber security - hacker image
  • Internal Control

Cyber Security: How To Protect Your Church Or Charity’s Data From Cyber-Attacks, Theft and Damage

With hacking attempts occurring every 39 seconds, churches and charities, like other organisations, are increasingly exposed to cyber-attacks that threaten to steal, damage or leak their data. The consequences can be quite damaging reputationally, financially and legally. Robust cyber security can protect churches and charities from being victims of cyber-attacks and help safeguard their data.
Continue reading
Free EBook
Table Stewards free eBook
Explore
Prevent internal control failure

How to Prevent Internal Control Failure in Churches & Charities

Read More
Steps to Risk Management

6 Steps to Risk Management in Churches & Charities

Read More
Who We Are

Table Stewards

Table Stewards shows churches and charities how to safeguard your finances and assets through good governance, risk management and internal controls, so that they can be effectively deployed towards your core mission.  If you are a founder, leader, trustee, board or committee member, staff or volunteer in a church, charity or nonprofit organisation, Table Stewards is for you!

 

Learn More

Read Our Latest Articles

Follow:

Facebook Instagram Youtube Threads
Useful Links

about

Contact

Privacy Policy

Terms & Conditions

Copyright ©2024 Table Stewards.  All Rights Reserved.