One-sixth of all occupational fraud cases in the United States involve nonprofit organizations. The median loss is $76,000 — for religious and social service organizations, it's even higher at $85,000 or more. One-third of nonprofit fraud cases go undetected for more than two years. And in more than half of cases, the organization recovers nothing.
The typical nonprofit embezzler doesn't fit the profile most board members imagine. It's not a new hire with a criminal record. It's a trusted, long-tenured employee — someone who's been with the organization for years, who has gradually accumulated access to accounts, who processes donations, writes checks, reconciles bank statements, and handles payroll. The trust is earned over time, and the theft follows the trust.
Nonprofits are particularly vulnerable for structural reasons. Many operate with small administrative staffs where segregation of duties is impractical — the same person who opens the mail, records the donations, deposits the checks, and reconciles the bank statement. Board oversight of financial operations is often minimal. Audits, when they occur, may not include fraud-specific procedures. And the culture of trust that makes nonprofits effective at serving their missions also makes them susceptible to internal theft.
The schemes are remarkably consistent. Check tampering — writing unauthorized checks or altering payee information. Billing fraud — creating fictitious vendors and submitting invoices. Expense reimbursement fraud — inflating or fabricating business expenses. Payroll fraud — creating ghost employees or inflating hours. Skimming — taking cash donations before they're recorded. Each of these can operate undetected for years when internal controls are weak and board financial oversight is passive.
Employee dishonesty coverage — also called crime insurance or fidelity coverage — exists specifically for this exposure. A properly structured crime policy covers loss from employee theft, forgery, computer fraud, and funds transfer fraud. It can include coverage for volunteer dishonesty (critical for organizations where volunteers handle money), social engineering fraud (when someone is tricked into wiring funds to a fraudulent account), and third-party coverage for theft by contractors or service providers.
The problem is that many nonprofits either don't carry crime coverage at all, carry inadequate limits (a $25,000 policy against a $76,000 median loss), or have policies that exclude the specific schemes most commonly used to steal from nonprofits. Some policies exclude loss discovered more than a year after the theft occurred — which is useless when one-third of fraud goes undetected for over two years.
At PFTN, we build crime programs with limits calibrated to your actual financial throughput, discovery period provisions that reflect reality, and coverage that extends to volunteers and the specific fraud schemes nonprofits face. We also advise on the internal controls that reduce your exposure in the first place — because the best crime insurance is the one you never need to use.