Protect Your Not-for-Profit Organization’s Credit Cards from Fraud

It seems more and more that not-for-profits are using credit cards as a convenient alternative to cash and checks to pay for expenses.   With the convenience of credit cards comes a new means of fraudulent activity that could occur at your not-for-profit organization.

Here are some easy steps to follow to protect your not-for-profit’s credit cards from being susceptible to fraud from outsiders:

  • Research before you give your credit card number and security code to anyone your organization has never done business with before.
  • Make online purchases through secure websites.  If a site is safe, it will usually have a secure site for payment.  The website address should change from "http://" to "https://" when on a secure site.
  • Keep credit card statements, which can include credit card numbers, filed under lock and key.
  • Notify the credit card company of address changes.
  • Immediately report any lost or stolen credit cards.
  • Obtain or cancel the credit card of former employees.
  • Consider establishing a purchase card program that features spending controls and limits

Even when following these steps to protect your not-for-profit’s credit cards from theft from outsiders, internal controls should also be in place to prevent and detect fraud perpetrated through the not-for-profits’ credit cards by employees. 

A formal credit card policy should be implemented by the board and management which all employees should know and understand.  The formal credit card policy should stipulate that supporting receipts be submitted for all charges with the purpose of the expense clearly documented, and the policy should limit the use of the credit card for certain specified transactions.  A board member or management should carefully review the credit card activity on a monthly basis.

The organization’s credit cards should be issued to only a few high-level employees and their usage should be kept to a minimum in order to strengthen the internal controls over disbursements and help prevent misappropriation of assets.  Employees that are assigned an organization’s credit cards should protect them as if they were their own but not use them as their own.

For additional information on not-for-profits and fraud, please visit our article “Nonprofits Not Immune to Fraud.”  


Brian Collins is an Audit Manager with over 10 years of public accounting experience. He performs audit, review, compilation, and tax services for a wide range of clients in various industries, including not-for-profits and automotive dealerships.

Contact Brian

* Required