​Ecclesiastical Crime

Lack of financial controls make churches and nonprofits vulnerable to fraud.​

Comments Views

​U.S. federal prosecutors have charged the rector of the Villa St. Joseph nursing home for priests with embezzling more than $500,000 from the Philadelphia Archdiocese facility over a nine-year period, the Philadelphia Inquirer reports. Prosecutors say the facility's bank discovered the theft last year when it flagged suspicious transactions at Harrah's Casino in Chester, Pa., from the private account that supports the nursing home. An investigation found that Monsignor William Dombrow had sole access to the private account and had used it for casinos, dinners, and tickets to Philadelphia Pops concerts. The account is funded from bequests from parishioners and life insurance payouts of priests who had resided at Villa St. Joseph. Dombrow remains rector at Villa St. Joseph, but the archdiocese says his administrative duties and handling of finances have been restricted since the theft was discovered.​

Lessons Learned

I've written about this kind of fraud before, both a specific case involving a Canadian priest, and more generally about the many ways nonprofit and charitable organizations could better protect themselves against fraud perpetrated by employees and volunteers. Not much has changed since the last time I wrote about "ecclesiastical crime" in 2013. This kind of crime amounted to more than $39 billion worldwide in 2014, more than the $35 billion spent on mission work to promote Christianity, according to the Center for the Study of Global Christianity. The center forecasts the amounts involved will balloon to $60 billion by 2025.

Culture change toward greater transparency — much of the fraud committed in church settings apparently goes unreported — and decisive action to redress weak or nonexistent financial controls are two fundamental improvements that need to be made. Here are nine more steps churches and other nonprofit organizations can take to help prevent and detect fraud from within. These steps are all about establishing and maintaining basic accounting, payroll, and finance functions, including oversight, monitoring, and auditing.​

  • Establish financial policy and procedures. Church organizations, particularly at the local level, should think about how the organization would like to control the handling of, and access to, church funds. These policies need not be elaborate, and can be adapted from available sources and resources. Basic policies covering matters such as cash handling, bank accounts, credit cards, security of money and financial records, two-person accountability, oversight and monitoring processes, and rotation of employees and volunteer roles should be starting points.


  • Put appropriate supervision and oversight in place. Church leaders are responsible for managing operations and practices. Whether that oversight is of employees or volunteers, it is critical to have good supervision of those who deal with church funds. The natural leadership tendency is to empower people with the freedom to work independently, but there always should be some form of accountability or check and balance to that freedom. A finance committee also should be established with authority to review documents and transactions, as well as ask questions of all employees and volunteers. That committee should meet regularly and review financials, including bank statements. If it is difficult to get a financial summary from a person who handles money, it is likely a red flag.


  • Train employees and volunteers who help with handling financial matters at least annually on the policies and procedures that relate to church funds. This training should cover the measures that the church takes to safeguard its financial resources. This step could make would-be perpetrators think twice because they will see that the organization is actively protecting its resources.


  • Control access to bank accounts, credit cards, and bank statements. Never allow an individual who has direct access to bank accounts, such as access to blank check stock, check-signing authorization, and reconciling the bank statement, to create a new account without authorization from above. This is one of the easiest ways for fraud to go undiscovered. All bank account statements at least should be copied to a financial official or a trusted individual such as a senior or administrative pastor, or better yet, a board member. This person should not have any access to the organization's bank accounts.


  • Establish authorization limits and require dual approvals on transactions for larger dollar amounts. For example, require that any purchase or transaction over $500 be signed by two people. Ideally, the two authorized signors of large checks should be the individual in charge of finance and accounting and a board member. Furthermore, the board member chosen to co-sign large checks should not be the same board member selected to review bank statements. The two people should not be related and should not have personal financial issues. Create a sign-off sheet that is submitted regularly to the same individual entrusted to receive the bank statements.


  • Conduct reviews and audits where possible. Most frauds go on for 18 months or longer before they are detected. Although church audits are expensive, it is important that the church conduct thorough audits by an independent auditor regularly. Internal auditors also can help in less formal ways, as part of their participation in their church community, by volunteering their services to help ensure it runs smoothly and free of fraud. 


  • Rotate employees and volunteers in their roles. According to U.S. insurance industry statistics, the average tenure of a church thief is eight years. Volunteers and employees who approve transactions and handle money should be rotated regularly. No one should stay in the role indefinitely, and the use of multiple, unrelated people will make it more difficult to steal.


  • Conduct periodic background and credit checks. In today's society, it is sensible to perform a background check periodically on all church employees and volunteers. Such checks should not be limited to just when individuals are first hired, because circumstances can and will change. In addition, people who have access to church funds should be subjected to a credit check. While this practice may seem invasive, it can provide information that can ultimately protect the church. Moreover, church officials should watch for warning signs of employee fraud, such as employees with access to money who are living beyond their means, have personal financial issues, or don't take vacations and guard against someone else doing their job.


  • ​​Encourage people to report suspected behavior. As much as 40 percent of frauds are caught through a tip, according to the Association of Certified Fraud Examiners.​

Art Stewart
Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to remove comments.

About the Author



Art StewartArt Stewart<p>​Art Stewart is an independent management consultant with more than 35 years of experience in internal audit, financial management, performance measurement, governance, and strategic policy planning.​​​</p>https://iaonline.theiia.org/authors/Pages/Art-Stewart.aspx


Comment on this article

comments powered by Disqus
  • Gleim-cia-changes-webinar_June 18-30_PRemium 1
  • SCCE 2018 June 19-30_Premium 2
  • IIA CIALS-CIA-Learning_June 2018_Premium 3