Fraud Risk: Every Nonprofit Mission is Exposed

by Whitney Claire Thomey

The US Internal Revenue Service and international organizations have teamed up to call attention to Charity Fraud Awareness Week, which takes place in October. Fraud awareness and prevention are top concerns for nonprofit leaders. What’s more, with the explosion of cybercrimes, this is a risk that affects all nonprofits no matter what size or mission scope you serve.

The Fraud Advisory Panel has compiled a list of resources to help organizations bring more awareness to charity fraud. One of the webinars they shared includes a basic counter fraud framework that nonprofits can employ to help safeguard their missions against fraudulent activities. This framework includes:

  • Policies
  • Fraud reporting mechanisms
  • Whistleblower reporting/protections
  • Response plans
  • Analyzing exposure and risk
  • Training
  • Networking, and
  • Reporting and accountability

Below is a compilation of NRMC’s top resources that will help you develop capabilities in these areas.

Build your knowledge

NRMC has published two issues of Risk Management Essentials on Financial and Cyber Risks. These two issues are a great place to begin building more knowledge about two fraud realms.

Risk Management Essentials: The Cyber Risk Issue

Risk Management Essentials: The Financial Risk Issue

Draft or revise your anti-fraud policies

One place to start fortifying your nonprofit against fraud is to examine any policies that address anti-fraud practices. Recently, Melanie Lockwood Herman, NRMC’s Executive Director, offered her top 5 tips on fixing what’s wrong with many organizational policies.

Do This, Not That: 5 Essential Risk Policy Drafting Tips

Analyze exposure and risk

An essential step in the risk management process is analyzing your organization’s potential exposure to and vulnerability to a particular risk. These steps are also helpful as you resolve to fortify your mission against fraud risks.

Read A Violation of Trust: Fraud Risk in Nonprofit Organizations for some insights into the cost of fraud risk, where and why nonprofits are vulnerable, common red flags to watch for, and helpful controls and principles that will enhance your action plan.

Create a plan of action

There are different ways that nonprofits can respond or fortify against fraud. Check out these NRMC resources for inspiration as you draft your anti-fraud action plan:

Provide reporting avenues and protections

According to the 2020 Report to the Nations produced by the Association of Certified Fraud Examiners (ACFE), 40% of fraud incidents were detected at nonprofits because of a tip or complaint. Therefore, it’s critical that nonprofit leaders encourage and support employees in raising concerns!

“…protecting whistleblowers from retaliation and encouraging constructive whistleblowing benefits nonprofits by increasing transparency and by giving management the opportunity to learn early on of unethical or unlawful practices directly from their employees rather than from the media, law enforcement, or a regulatory agency. In addition, effective whistleblower protection helps foster a work environment in which all employees are held accountable, thereby improving performance and empowering employees.”

Reporting isn’t just about whistleblower protections; it’s also about creating a culture of accountability and safety. Building psychological safety into the fabric of your nonprofit will help team members feel confident and comfortable about raising the alarm when something out of the ordinary is observed, or they have a suspicion about untoward activities.


Whitney Thomey is Lead Consultant and Risk Ethnologist at the Nonprofit Risk Management Center. She welcomes your questions about fraud prevention and your stories about building teams who feel comfortable raising risk concerns to safeguard your nonprofit’s mission at 703.777.3504 or