Featured Columns

Written by Dan Busby
From his column God, Government and Me—Money in the Church


When we hear the latest report of fraud occurring in a church, we usually say, “How could this happen?” Conditions that give rise to fraud follow common themes, and the actions that can prevent it rest on both policies and people.

In my experience, the person who commits fraud is always one of the most trusted individuals in the church. After all, if they weren’t so trusted, we would not give them so much responsibility with God’s resources.

Because the theft of funds from a church often extends over a year-and-a-half before detection, it is easy to see how reported church fraud can run into the tens of thousands and even the hundreds of thousands of dollars.

The first time an embezzler takes money, there’s generally some hesitation. They feel like they must justify in their minds to take money they know is not theirs. The second time is a little easier. The third time is easier still. And as the arc goes, it becomes easier and easier and easier. The sense of entitlement builds. And at the end of the arc of embezzlement, a person simply takes as much as they want because it’s their money. They’re entitled to it. The guilt and hesitation experienced at the beginning has long since vanished.

It is impossible to reduce the risk of church fraud to zero. If that is your goal as a church leader, it likely will be an expensive and unfulfilling endeavor. To try to eliminate all fraud requires spreading prevention efforts over all potential types of fraud. This detracts from giving proper attention to the highest fraud risks. It also results in added staffing—or at least using volunteers—in areas where fraud risk is minimal. The goal of eliminating all fraud is simply not a sound strategy.

The minimization of significant fraud should, however, be the goal of church leaders. This can be accomplished with a combination of solid financial controls and a supportive culture—but only if you have accurately identified your greatest fraud risks. Understanding these risks begins with thinking like someone who might commit fraud at your church. Frederick the Great said, “What design would I be forming if I were the enemy?” Good advice!

Start the fraud minimization process with the following three steps:

  • Run background checks on those handling church finances. We run background checks on individuals who work in children’s ministries, but we seldom extend this safeguard to church finance personnel. While some people with a checkered financial past will get through the background check, the process may reveal criminal records.

  • Identify the areas most susceptible to major fraud. In the church you serve, what area is most susceptible to fraud? If you can’t readily answer that question, fraud is probably not very high on your radar screen.

    The top areas of concern usually include handling physical church offerings, paying amounts to fictitious vendors, making fraudulent investments, or handling digital transactions. For most churches, the largest risk area will likely be electronic transactions—receiving gifts, fees, and sales.

  • Design and apply fraud prevention steps specifically to address the susceptibility of major fraud. Once major risk areas are identified, fraud prevention steps must be designed to minimize fraud in each one.

    Here are a few examples:
    • No one person should be responsible for all accounting functions.
    • At least for expenses over a predetermined level, two authorizations should always be required.
    • Bank and credit card statements and expense reports should be reviewed by more than one person.

    For a church with a high electronic transactions risk, the key steps might be:
    • Build a strong, multi-person payment processor relationship.
    • Limit authorized changes to payment processor accounts.
    • Set notifications to come to the church any time changes are made to payment processor accounts.
    • Verify the payment processor has appropriate internal controls in place.
    • Require regular payment processor transaction reports.
    • Regularly reconcile digital giving accounts
    • Limit access to giver management systems.

  • Review and revisit. Periodically review the top areas of fraud susceptibility. Why? Because these areas may change over time. Policies are not enough to reduce the risk of major fraud—the key is consistent application of policies.

Trusted churches are keenly aware of their susceptibility to fraud. They establish and continually test internal controls to minimize significant fraud. Such fraud can completely cripple a church’s trust level and reflect the opposite of the faithful administration of God’s resources.


Based on the “Minimizing Fraud” chapter from Dan Busby’s latest book: Trust, The Firm Foundation for Kingdom Fruitfulness.

Dan Busby is a certified public accountant (CPA) and president of the Evangelical Council for Financial Accountability(ECFA)—an accreditation organization that sets standards for governance, financial management, and fundraising/stewardship for churches and other nonprofits across the country.


Do most people who misappropriate church funds consciously start out intending to steal?

No. Most fraudsters are ordinary people with a financial need (motivation) that helps them internally justify (rationalize) why it is okay for them to take church assets (opportunity).

What are the three processes included in all e-giving setups?

  • Giving - Typically, the church collects credit card information, and perhaps bank account information through an online giving platform such as PushPay or SecureGive. Data security on the giving platform is essential.
  • Payment processor - The giving platform is in between the giver and payment processor (also called the merchant account provider), which processes the gift and delivers it to the church’s financial institution. It is usually a third-party service using a system of computer processes to receive, verify, and accept or decline credit card transactions on behalf of the church through secure Internet connections.
  • Giver management system - While some giving platforms have the option of processing giving records, most churches host giving records on their own network, which may or may not easily integrate with a giving platform.

Subscribe to eNews!