This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Steps To Prevent & Detect
Occupational Fraud in GovernmentMay 20, 2015
Ron Steinkamp, CPA, CIA, CFE, CRMA, CGMA314.983.1238 | [email protected]
6 CityPlace Drive, Suite 900 │ St. Louis, Missouri 63141 │ 314.983.1200 1520 S. Fifth St., Suite 309│ St. Charles, Missouri 63303 │ 636.255.3000
2220 S. State Route 157, Ste. 300 │ Glen Carbon, Illinois 62034 │ 618.654.3100 1.888.279.2792 │ www.bswllc.com
WHAT IS THE LARGEST MUNICIPAL FRAUD IN US HISTORY?
Lessons Learned• Segregate duties.• New bank accounts approved by the Mayor and Council.• Two responsible members of management approve all
invoices.• Payments exceeding a certain amount require two
signatures.• City Council reviews and approves all fund transfers.• Mayor and Council review and discuss financial reports
and audits.• Anti-fraud orientation provided to all new employees.• Mandatory annual fraud reorientation for all employees.• Anonymous fraud hotline.• Mandatory job rotation.• Mandatory annual vacations.• Surprise audits.
Employee’s use of his/her influence in business transactions in a way that violates his/her duty to the employer for the purpose of obtaining benefit for him/herself or someone else.
- Examples:• City Council member trading votes for personal
favors.• Purchasing Department Manager awarding a City
contract to a vendor for a kickback.• Human Resources Director hiring unqualified
Pressure or incentive – need the fraudster is trying to satisfy.
Opportunity – ability to commit the fraud. Organizations can influence this characteristic the most = strong internal controls that avoid putting employees in positions to commit fraud and that detect fraudulent activities if they occur.
Billing schemes occur when an employee submits a false invoice or alters an existing one, thus causing the employer to willingly (but unknowingly) issue a check for false expenses.
How can billing schemes be prevented/detected?• Prior to authorizing payment, invoices should be checked
for validity of the vendor, validity of the goods or services invoiced, accuracy, and authenticity.
• Prior to processing payment, invoices should be checked for proper authorization, accuracy and authenticity. This will prevent overpayment, as well as payments being made to fictitious vendors.
• Strictly control access to vendor master data.• Regular vendor master file analysis.
How can fraudulent expense reimbursements be prevented/detected?• Expense reimbursement policy.• Require original itemized receipts.• Receipts should be scrutinized to detect alterations or
forgeries.• Other means of proving incurred expenses, such as
airline itineraries, credit card statements, etc. should not be accepted unless approved by a supervisor.
• All expense reimbursements should be reviewed and immediately processed upon approval.
• Use a specific credit card for all business expenses. Receive this information electronically from credit card company and require electronic filing of expense reports by employees. This will minimize the possibility of fraud and, if fraud is occurring, will provide an easier means to identify it.
Payroll fraud occurs when an employee submits false documentation (i.e., timecards) in an effort to inflate his/her wages/salary. Such documentation prompts the organization to unknowingly disburse funds to the perpetrator.
Possible ways in which Payroll Fraud can occur:• Falsified hours and salary• Ghost employees
Schemes involving the employee’s use of his/her influence in transactions in a way that violates duty to the employer for the purpose of obtaining a benefit for themselves or someone else.
How can bribery and conflicts of interest be prevented/detected? • Well publicized fraud hotline.• Strong ethics and conflict of interest policy.• Required reporting of potential conflicts of interest.• Limiting gifts from vendors and contractors.• Well defined procurement process.• Rotate buyers.• Contract audits.
Code of Conduct Formalized and founded on integrity Defines acceptable employee behavior Communicated to all employees All employees are held accountable for compliance
Discipline Sends a strong message throughout the entity Should be appropriate and consistent Consequences of committing fraud clearly communicated
Apply to all Directors, Management, employees, consultants, vendors, contractors, etc.
Should include: Statement of organization’s position on fraud Scope of the policy – who does it apply to Management’s responsibility for prevention and detection of
fraud Definition of fraud Actions constituting fraud Fraud reporting process/procedures Fraud investigation process/procedures Unit responsible for administration of the policy and
investigating fraud allegations Statement on anonymity/confidentiality Consequences
Conduct an annual fraud risk assessment. Assists management in systematically identifying where and how
fraud may occur and who may be in a position to commit fraud.
Focus on fraud schemes and scenarios to determine the presence of internal controls and whether or not the controls can be circumvented.
General steps: Identify areas and processes to assess Identify potential fraud schemes in each area/process Assess likelihood and significance of each scheme Map existing anti-fraud controls to potential fraud schemes Test operating effectiveness of anti-fraud controls Identify any control gaps and/or deficiencies = Residual risks Document and report on the fraud risk assessment
All concerns/suspicions of wrongdoing should be reviewed and determination made whether a fraud investigation is warranted.
Develop a policy for fraud reviews and investigations that specifies: Who is responsible for the review/investigation Roles of Legal Counsel, Human Resources, Internal Audit, others Process for conducting the review/investigation Documentation requirements Reporting requirements When to involve law enforcement
Gather sufficient information and perform procedures necessary to determine: Whether fraud has occurred Loss or exposure associated with the fraud Who was involved and how it happened
Must prepare, document and preserve evidence sufficient for potential legal proceedings.
• Code of conduct• Policies and procedures manual• Segregation of duties• Records retention• Documentation of transactions• Budgetary• Fraud Policy and reporting• Access to systems
• Policies and procedures.• All orders received are processed and recorded.• All orders processed are invoiced.• All invoices are posted to customer accounts.• Billings are accurate.
• Policies and procedures.• All purchase orders are authorized.• All vendors are authorized.• Individuals have authorization limits.• Check stock is controlled.• EDI/ACH transactions require authorization.• Credit card purchases are controlled and