The headlines reflect these realities: Ex-Mountain State Justice Office Manager Admits Stealing More Than $1.5 millionTrusted Assistant Steals $365,000 from Not-for-ProfitComptroller, Horse Lady and Crook.

Nonprofit organizations generally established for benevolent purposes fall prey to fraud at an alarming rate. The 2016 global fraud report, Report to the Nations on Occupational Fraud and Abuse, released by the Association of Certified Fraud Examiners (ACFE), details  findings from more than 2,400 case studies.

Simply knowing the characteristics of the typical perpetrator can help organizations create sound fraud prevention policies.

Trusted Employees

The perpetrator’s level of authority is strongly correlated with the size of the fraud. While executives commit less than 20 percent of fraud cases, the amount of loss is greater, because they have greater access to the organization’s assets. However, the split between managers and non-managers who commit fraud is nearly equal.

Non-manager employees commit 40 percent of fraud, while managers commit around 37 percent.

In many cases, the person committing the fraud is someone you know and trust. Long-term employees may not be monitored as closely by supervisors or coworkers. Smaller organizations may have weaker internal controls. Budget constraints cause organizations to run meaner and leaner. Nonprofits have a high rate of employee turnover and may also rely on volunteers. A lack of transparency in the organization can create an environment ripe for fraud abuse.

In all three stories behind the headlines listed above, the employees were long-term, trusted employees. One was an office assistant, but the other two were either a comptroller or an office manager. The office assistant was accused of stealing $365,000. The office manager was accused of stealing $1.5 million, and the city comptroller was accused of misappropriating more than $53 million. As the headlines bear, the higher the authority, the greater the loss.

Who is Your Typical Fraudster?

Most fraudsters have no prior criminal record. Individuals who commit fraud are not your typical criminal and are usually first-time perpetrators. Therefore, a background check may not reveal any risk for that employee.

In the U.S., 44 percent are female and 56 percent are male. Some 55 percent are between 31 and 45 years of age. They are college-educated. Most have positions of authority. The higher the authority level, the greater the losses. The higher the education level, the greater the losses.

What Does This Mean to You?

Preventing fraud is much easier than detecting fraud. Strong internal controls are a pillar of fraud prevention. In all the headline cases above, standard controls were violated. A key control is segregating the cash functions.

One person should not have approval, signature, and check printing privileges. The bank statements should be reconciled by someone who does not have deposit or check writing responsibilities. Organizations can require two signatures before money can be transferred between accounts.

Security precautions, such as locking up cash and check stock, is a good practice. In the case of the assistant who stole $365, 000, signed, blank checks were readily available to her.

Red Flags

The fraud study indicated that in over half the cases, there were two red flags indicating someone was committing fraud. What should you look for?

Pay attention to employees’ lifestyles. If someone has misappropriated more than $1 million, they’re probably living outside the means of their regular salary. Employees who take lavish vacations or engage in questionable personal habits, such as gambling or addictions, are at risk for committing fraud. Any employee experiencing financial stress where their pay is not adequate to cover expenses may be tempted to commit fraud.

Fraud is serious and devastating for nonprofits. Now is the time to review your controls and put policies in place to protect the organization’s assets.