Internal Control Steps For NPOs To Help Prevent Embezzlement

Written exclusively for ChubbWorks for Not-for-Profit Zone

June 30, 2026

A former director level employee of the Spokane Tribe of Indians' Division of Children and Family Services was convicted in federal court on multiple counts of bank fraud and embezzlement from a tribal organization. In January 2026, a federal judge sentenced the former employee to one year and one day in prison, ordered restitution of the stolen funds, and imposed a period of supervised release.

Prosecutors showed the employee diverted more than $100,000 in funds for several years, including money intended to support children and family services programs. The scheme involved unauthorized checks and transfers drawn on tribal accounts under the employee's control.

Source: https://www.spokesman.com/stories/2026/jan/22/spokane-tribe-of-indians-former-employee-sentenced/

Commentary

In the above matter, a senior employee allegedly used privileged access to misdirect funds for personal benefit.

Many nonprofits rely on one highly regarded, often trusted, person to manage grants, purchasing, and banking with minimal oversight. That structure can unintentionally eliminate basic checks and balances, making it easy to issue unauthorized checks, create fictitious vendors, or move money between accounts without prompt detection.

Donors, regulators, community members, and grant-providing organizations increasingly expect boards to demonstrate active financial stewardship, and failure to detect or respond to fraud can lead to harm, including loss of the ability to access grant funds.

Practical steps for preventing embezzlement for nonprofits include:

· Develop, distribute, and enforce a policy promoting honesty and integrity and prohibiting embezzlement and employee theft. Have all board members and employees acknowledge in writing their receipt and understanding of the policy

· Develop and enforce standards of checks and balances regarding financial matters

· Develop and enforce standards regarding recording time at work

· Provide oversight for anyone with authority to make online bank transfers

· Make sure that mail is not diverted and that it is delivered to the organization

· Review all account statements monthly. Have more than one person review your account statements, and make sure the board regularly reviews all financials, in detail.

· Require two signatures on all checks

· Prohibit signatures on blank checks

· Limit the use of signature stamps

· Limit the use of credit cards. Place limits on the credit allowed per credit card

· Limit the amount of available petty cash

· Lock and limit access to inventory

· If possible, use cameras to visually record all transactions including returns

· Review video footage when investigating reasonable suspicions of theft, fraud, or embezzlement

· Disclose to employees that all transactions are visually recorded

· Limit access to financial matters to those who must access in order to perform their job

· Perform due diligence on all vendors.

· Prohibit employees and/or employee or board family members from being a vendor

· Require contracts from vendors

· Require vendors to bid for services periodically

· Perform due diligence on employees and board members who will have access to financial matters, including criminal background checks

· Perform "eyes on" audits of inventory, employees performing job duties, employees performing overtime, and goods delivered

· Require a receipt from vendors for all services performed

· Hold all payments to vendors for mistakes or suspicious invoices

· Hold payment of all unexpected or unauthorized invoices

· Do not provide access or oversight to employees with a history of embezzlement, fraud, theft, or other fidelity crimes

· Create a system of oversight so multiple people can view and/or oversee how financial matters are managed

· Select accounting/financial/payroll software that allows you to review up-to-date all activity online

· Contract with third parties for payroll, deposits, anonymous reporting lines, and auditing

· Eliminate or limit gifts from vendors

· Require receipts for reimbursement and returns

· Require key accounting employees to take mandatory vacations of at least one week during which others are responsible for his or her duties and an internal audit can be done

· Conduct scheduled and unscheduled audits periodically to identify discrepancies in accounting and to deter embezzlers

· Always review an entire financial or account statement. Do not accept summaries of financial or account statements

· Use an up-to-date accounting software program

· Use an up-to-date and secure online system that allows your organization and plan participants to easily and safely monitor all plan transactions and other activity

· For tracking of access to online financial systems and accounts, do not permit sharing of identities. Require each person with access to have their own unique user ID and password

· Train employees to secure their online identities with online accounts and financial services, including not writing down, changing, sharing, and/or employing weak passwords

· Safely file financial information when it is no longer needed

· Ensure different employees are involved in different aspects of managing organization finances

· Provide a means for employees and others to report suspicions of wrongdoing - including embezzlement and/or theft - easily, safely, and without retaliation

· Consider a third-party mechanism for employees and other workplace participants to anonymously report suspicions of wrongdoing

· Promptly investigate complaints from customers, employees or others of issues or concerns regarding financial matters

· Investigate all suspicious or unusual financial account activity in a prompt, thorough, and objective manner

· If an investigation is warranted, use a person trained in investigating fidelity crimes and/or a person experienced in forensic accounting

· If embezzlement or fraud is detected or reasonably suspected, consult legal counsel immediately

· Do not terminate a person or make accusations of embezzlement, fraud, or other fidelity crimes without seeking information from law enforcement and advice from an attorney

The final takeaway is that leadership that invests in simple but consistent internal controls, and models transparency from the top, makes it much harder for a single insider to steal funds.

Additional Source: https://tribalbusinessnews.com/sections/policy-and-law/15464-former-spokane-tribe-child-services-official-sentenced-in-100-000-embezzlement-case

Finally, your opinion is important to us. Please complete the opinion survey:

What's New

Animated Deception: How Data Thieves Use Slick Visuals To Lure Targets

Cybercriminals are using polished animated graphics, fake legal notices, and spoofed software updates to deliver malware that often evades traditional detection tools. How should organizations respond?

Spoofed Sites And Password Vault Servers: What IT Teams Must Monitor Every Day

A single employee action led to ransomware affecting dozens of state agencies and services. We comment on ways to limit damage.

AI, Public Wi-Fi, And Shared Screens: Hidden Dangers Of Personal Use At Work

A survey shows workers use their work devices for personal tasks. We comment on how new tools and habits magnify old risks and what policies must now cover.

Latest Numbers

  • Unemployment Rate
    4.3% in Jan 2026
  • Payroll Employment
    +130,000(p) in Jan 2026
  • Average Hourly Earnings
    +$0.15(p) in Jan 2026
  • Employment Cost Index (ECI)
    +0.7% in 4th Qtr of 2025
  • Productivity
    +4.9% in 3rd Qtr of 2025

Source: Department of Labor