Fraud Prevention and Detection for Local Government May 19, 2015 Ron Steinkamp, CPA, CIA, CFE, CRMA, CGMA 314.983.1382 [email protected]6 CityPlace Drive, Suite 900 │ St. Louis, Missouri 63141 │ 314.983.1200 1.888.279.2792 │ www.bswllc.com 2015 MSCPA GOVERNMENTAL ACCOUNTING CONFERENCE
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Fraud Prevention and Detection for Local Government
How did she do it?• Minimal oversight and small town trust.• Lack of segregation of duties.• Opened a secret bank account and transferred in City funds from other
accounts.• Used funds to pay for her personal and private business expenses.
- Horse farming/ranching operations and shows.- Personal credit cards.- Trips- Real estate.- Vehicles.
• Fooled the auditors by creating fictitious invoices from State of Illinois.
Lessons Learned• Segregate duties.• New bank accounts approved by the Mayor and Council.• Two responsible members of management approve all invoices.• Payments exceeding a certain amount require two signatures.• City Council reviews and approves all fund transfers.• Mayor and Council review and discuss financial reports and audits.• Anti-fraud orientation provided to all new employees.• Mandatory annual fraud reorientation for all employees.• Anonymous fraud hotline.• Mandatory job rotation.• Mandatory annual vacations.• Surprise audits.
Employee steals or misuses an organization’s assets/resources.
- Examples:• Skimming cash receipts.• Falsifying voids and refunds.• Tampering with company checks.• Overstating expenses.• Creating a ghost employee.• Creating a fictitious vendor and false invoice.
Employee’s use of his/her influence in business transactions in a way that violates his/her duty to the employer for the purpose of obtaining benefit for him/herself or someone else.
- Examples:• Conflicts of interest.• Illegal gratuities.• Bribery.
Intentional misstatement or omission of material information in the organization’s financial reports with the intent to mislead.
- Examples:• Inflating revenues on the financials to show greater profit.• Concealing liabilities.• Forcing actual expenditures to match budget by moving
expenses between accounts.• Improperly accounting for revenues and expenditures.
12. 77% of frauds were committed by individuals in one of six departments:• Accounting• Operations• Sales• Executive/upper management• Customer service• Purchasing• Finance
13. More than 85% of fraudsters had never been previously charged or convicted for
a fraud-related offense.
14. Fraud perpetrators often display warning signs – most common behavioral red
flag reported in the survey were perpetrators living beyond their means (36%)
and experiencing financial difficulty (27%).
15. Nearly half of victim organizations do not recover any losses that they suffer due
• Occupational fraud is a universal problem – trends in fraud schemes, perpetrator characteristics and anti-fraud controls are similar regardless of where the fraud occurred.
• The longer frauds last, the more financial damage they cause. Proactive detection methods – hotlines, management review procedures, internal audits, employee monitoring mechanisms – are vital in catching frauds early and limiting losses.
• Small businesses/organizations are disproportionately victimized by fraud and under protected by anti-fraud controls.
• External financial audits are among the least effective controls in combating fraud – primary detection method of fraud in 3% of cases versus 7% of cases detected by accident.
• Many of the most effective anti-fraud controls are being overlooked – data monitoring and analysis, surprise audits, fraud risk assessment.
• Majority of fraudsters are first-time offenders – don’t over rely on background checks.
• Set the tone at the top = Lead by Example– Responsibility of elected officials and City management– Behave ethically and openly communicate expectations to
employees– Treat all employees equally– Zero tolerance
• Create a positive workplace environment– Focus on employee morale– Empower employees– Communicate
• Hire and promote appropriate employees– Conduct background investigations before hiring or promoting– Check candidate’s education, employment history, references– Continuous and objective evaluation of compliance with entity
• Code of Conduct– Formalized and founded on integrity– Defines acceptable employee behavior– Communicated to all employees– All employees are held accountable for compliance
• Discipline– Sends a strong message throughout the entity– Should be appropriate and consistent– Consequences of committing fraud clearly communicated
• Apply to all Elected officials, City management, employees, consultants, vendors, contractors, etc.
• Should include:– Statement of organization’s position on fraud– Scope of the policy – who does it apply to– Management’s responsibility for prevention and detection of
fraud– Definition of fraud– Actions constituting fraud– Fraud reporting process/procedures– Fraud investigation process/procedures– Unit responsible for administration of the policy and
investigating fraud allegations– Statement on anonymity/confidentiality– Consequences
• Conduct an annual fraud risk assessment.– Assists management in systematically identifying where and how
fraud may occur and who may be in a position to commit fraud
– Focus on fraud schemes and scenarios to determine the presence of internal controls and whether or not the controls can be circumvented.
– General steps:• Identify areas and processes to assess• Identify potential fraud schemes in each area/process• Assess likelihood and significant of each scheme• Map existing anti-fraud controls to potential fraud schemes• Test operating effectiveness of antifraud controls• Identify any control gaps and/or deficiencies = Residual risks• Document and report on the fraud risk assessment
• All concerns/suspicions of wrongdoing should be reviewed and determination made whether a fraud investigation is warranted.
• Develop a policy for fraud reviews and investigations that specifies:– Who is responsible for the review/investigation– Roles of Legal Counsel, Human Resources, Internal Audit, others– Process for conducting the review/investigation– Documentation requirements– Reporting requirements– When to involve law enforcement
• Gather sufficient information and perform procedures necessary to determine:– Whether fraud has occurred– Loss or exposure associated with the fraud– Who was involved and how it happened
• Must prepare, document and preserve evidence sufficient for potential legal proceedings.
• Include experts = Certified Fraud Examiner (CFE)