Mat Smith: The technology you need to keep your finances safe

28 Apr 2017 Expert insight

An effective financial management system can help safeguard your charity from internal fraud, advises Mat Smith.

It is impossible to gain 100 per cent protection against fraud. Anybody who is intent on committing fraud could potentially find a way, and it is a sad fact that despite all the good work that is done by charities around the world, there are those who choose to take advantage of gaps in business processes, inadequate systems and the trust of colleagues. However, it is essential that all reasonable steps are taken to help reduce your charity’s exposure to any potential fraud.

Fraud can be broadly categorised into two forms – internal and external. External fraud involves an external body attempting to extract money from charities. This would include issuing and receiving payment from a false invoice, unauthorised fundraising under the charity’s name and phishing emails.

Internal fraud is committed by a connected party – this does not have to be an employee but can be any person who has access to the financial systems or assets. This would include the capture of donations by an employee, wrongful access to finance systems and distribution of funds or staff claiming false expenses.

All charities are expected to have financial policies in place that are designed to minimise the risk of fraud and ensure that relevant controls are implemented to stop fraud from occurring. All too often controls are only tested retrospectively and therefore, the potential for fraud is still a real threat. Proactively countering the scope for fraud is a much more effective option than retrospective testing.

The long-term ramifications of being a victim of fraud can be devastating, especially for a charity. As charities, you are responsible and trusted to effectively govern donations and all other assets across your organisation. By being a victim of fraud, your reputation is damaged, discouraging donors to contribute to your charity in the future. Therefore, it is paramount for trustees to make themselves aware of the evolving risks around fraud, its impact, and the prevention solutions available.

Ultimately it is the responsibility and legal obligation of the charity trustees to safeguard their charity’s finances and drive any system or process changes to counter the dangers of fraud. Increasingly more charities and their trustees are turning to sophisticated finance systems with robust features to help them fulfil organisation-wide requirements and put the measures in place to deter internal and external fraudsters moving forward.

By implementing an advanced financial management system you can open opportunities for your charity to enforce robust financial controls.

Segregation of duties

Segregation of duties, as a term, essentially means one finance team member is unable to complete all stages of a particular process, whether this is a payment or receipt, and there should be at least two team members responsible. Examples of segregation include ensuring that staff entering purchase orders cannot enter purchase invoices or authorise purchase ledger payments, and staff that raise sales invoices do not record or collect the money received.

For this to happen, you must choose a financial management system with the features to restrict staff to complete the combination of actions required to make a payment or transaction – typically a workflow management engine is used to achieve this.

A workflow management engine allows bespoke business processes to be modelled. With higher-level finance systems, workflows can be initiated from a number of different places within your finance system on demand, on event trigger, on an accounting rule or an action. Therefore, approval scenarios can be created and predetermined actions performed to make your financial processes secure with a full audit trail. For example, if a bank transfer is made over a prearranged limit, email alerts and approval requests are sent to the designated recipients so staff cannot bypass the organisational chain of approval.

A workflow engine also protects charities’ master records. Using a comprehensive financial management solution, charities can limit the number of users who can access and edit master records – eliminating any unauthorised access. On top of this, many charities will design a system workflow to ensure that all changes are verified by at least one administrator.

Enforcing access security is another benefit you can achieve by implementing a modern financial management system. Controlling access to particular processes or modules within your finance system helps align system needs with the prescribed tasks across the job roles throughout your finance team. This will limit the potential for misappropriation of assets. If an employee has access to all aspects of an organisation’s financial data, the potential for fraud is greatly increased. For example, a purchase ledger clerk can only carry out their part of the process and the system access will not allow them to process cash or sales ledger transactions or authorise a purchase ledger payment.

An up-to-date finance system will also provide secure password encryption and regular forced password changing as a standard, reducing any unauthorised access to the system – internally and externally.

Active monitoring and fraud detection

Proactively analysing financial data and identifying anomalies holds huge importance when it comes to detecting fraud. Active monitoring helps deter fraudsters and aids charities to gain a better control of their finances.

With modern technology, charities can gain real-time insight on financial information through one source, enabling senior staff members to dig deeper into data to prevent and detect fraud. Budget checking is made a lot easier too. Budget holders can self-serve and obtain specific reports, receive email alerts regarding budget notifications and make the entire budget checking process efficient, enabling budget-holders to discover anomalies far quicker than the norm and be quicker to identify and act on anomalies.

Mat Smith is solution architect at PS Financials

Civil Society Media wishes to thank PS Financials for its support with this article 

More on