Fraud Prevention Uniform Guidance Update Hot Topics September 21, 2018 Presented by: Derek Conrad, CPA Senior Manager, Government Services
Definition of Fraud “Intentional perversion of truth in order to induce another to part with something of value or to surrender legal right.” (Mirriam - Webster’s online dictionary) Association of Certified Fraud Examiners (ACFE) Misrepresentation of material facts Concealment of material facts Bribery Conflicts of Interest Theft of money and property Breach of Fiduciary Duty
Fraud Statistics 2018 Report to the Nations – ACFE $7 billion in total losses due to fraud between January 2016 and October 2017 Governments account for 16% of all cases Median loss of $118,000
Source: ACFE 2018 Report to the Nations on Occupational Fraud and Abuse
Schemes from Perpetrators working in Accounting Department Accounting Check Tampering 30.0% Billing 29.0% Skimming 19.0% Cash Larceny 14.0% Payroll 14.0% 2018 Cash on Hand 17.0% Expense Reimbursement 12.0% Corruption 23.0% Non-Cash 7.0% Financial Statement Fraud 13.0% Register Disbursements 2.0% 0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% Source: ACFE 2018 Report to the Nations on Occupational Fraud and Abuse
Types of cases at risk Government and Public Administration % of Cases Corruption 50.0% Billing 15.0% Expense Reimbursements 11.0% Non-Cash 22.0% Larceny 11.0% Check Tampering 9.0% Skimming 11.0% Cash on Hand 11.0% Payroll 7.0% Financial Statement Fraud 5.0% Register Disbursements 2.0% 0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% Source: ACFE 2018 Report to the Nations on Occupational Fraud and Abuse
Detection in US Tip 37.0% Other 7.0% Management Review 14.0% Internal Audit 13.0% By Accident 9.0% Account Reconciliation 5.0% Document Examination 5.0% External Audit 3.0% Notified by Police 3.0% Surveillance/Monitoring 2.0% IT Controls 1.0% Confession 1.0% 0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% Source: ACFE 2018 Report to the Nations on Occupational Fraud and Abuse
Cressey’s Fraud Triangle – C oncept that dates back over half a century. Generally for fraud to occur, three things must be present: Opportunity Pressure/Incentive Rationalization Source: ACFE 2012 Report to the Nations on Occupational Fraud and Abuse
Fraud Triangle Pressure – Financial need that is often unwilling to be shared (addictions, debt, etc.) or that emotions have impacted the person (sick child or “keeping up with the Joneses”) Opportunity – The ability to commit a fraudulent activity must exist (weaknesses in internal control or the ability to override them) Rationalization – When a person has the ability to justify their actions (I’m underpaid, I’ll pay it back, or the health of my child is more important)
Fraud Risk Areas Skimming of Cash Collections Missing Evidence IT Equipment and Purchases Off-the Books Bank Accounts Visit the AOS website for numerous stories and findings
What is Fraud Risk Assessment? Proactive approach to mitigating fraud in your organization Analyzing where fraud can occur in your organization Fraud Prevention vs. Fraud Detection Prevention = Proactive Detection = Reactive
Who is Responsible for Risk Assessment Governing Body Audit or Finance Committee Administrator/Superintendent Finance Director/Treasurer Executive Staff Everyone throughout the Organization – informal lines of communication
Risk Assessment Includes: Risk Identification Risk Likelihood Significance Assessment Risk Response
Risk Identification Risk Identification Gathering information from both internal and external sources • Brainstorming • Interviews • Outside training • Analytical Procedures – Trend analysis: vendor example – Monthly financial reports (budget vs actual, etc.) Where are the inherent risks? • Cash collection points • Lack of oversight
Risk Identification cont. Risk Identification Incentives/Pressures • Budget constraints • Performance Bonuses Opportunities • Cash collection points • Segregated accounts • Access to create vendors
Risk Likelihood Risk Likelihood Financial exposure Public opinion Designed controls vs. Inherent risks • Is there a gap?
Risk Response Consider cost-benefit Cost of Inaction How will Board/management respond Increased Training Surprise Audits Change in Policy and Procedure
Behavioral Red Flags Behavioral Red Flag Percent of Cases Living beyond means 41% Financial Difficulties 29% Unusually close association 20% with vendor/customer Control Issues, 15% Unwillingness to Share Duties Divorce/Family Problems 14% Wheeler-Dealer Attitude 13% Irritability, Suspiciousness or 12% Defensiveness Source: ACFE 2018 Report to the Nations on Occupational Fraud and Abuse
Behavioral Red Flags Behavioral Red Flag Percent of Cases Addiction problems 10% Complaining about 9% inadequate pay Excessive pressure from 7% within company Social Isolation 7% Past employment-related 6% problems Past Legal Problems 6% Source: ACFE 2018 Report to the Nations on Occupational Fraud and Abuse
Billing Schemes False invoicing through a shell company Personal purchases with government funds False invoicing through an established vendor
False Invoicing Fake invoice – no service or product exchange www.customreceipt.com
Fake invoices many times lack information Street address – PO box only Phone number Good description Logo Packing slip for products purchased Shipping destination for products Invoice numbers are sequential
Vendor Files Controls over vendor files Is there a policy in place over access/editing to vendor master list? Who is authorized to set up new vendors in USAS? Who is authorized to make changes to existing vendors in USAS? Require authorization forms that must be approved by Treasurer Search existing vendor files prior to setting up new requests Review vendor files regularly • Inactivate after a specified period of no payments • Review files for missing details (no address, only PO Box, etc)
Employee Expense Reimbursements – What to look for: Lack of invoice Fake invoices Lack of detail on invoices Wrong mileage False mileage Personal expenses Alcohol
External Risks Internet Merchandise Schemes Flash Advertising, spoofing of payment sites Fake Government Officials IRS Phishing schemes; more sophisticated Fueled by data breaches (Equifax, Uber) W2 and Wire Scams
Effective Fraud Deterrents Written Fraud Policy Policy sets expectations • Zero Tolerance Review and sign-off by each employee for personnel file Include Reporting Process • Whistleblower Protection • Issues addressed consistently and timely Ethics Policy, Conflict of Interest Policy Training Continuous Risk Assessment
Internal Controls - Examples Disbursements Written approval of authorization to purchase Review of account coding by knowledgeable employee Written receipt of goods/services (okay to pay) • Segregation of duties Payroll Process for hiring/termination of employees Review of account coding by knowledgeable employee Approval of timecards Approval of pay rates
Internal Controls - Examples Receipts Finance office receiving adequate support Segregation of duties Trend analysis Manual Journal Entries (Memo/Correcting Entries) Segregation of duties Formal approval by management • Treasurer, Council/Board
Source: ACFE 2018 Report to the Nations on Occupational Fraud and Abuse
Steps to Reduce Fraud Risk Fraud risk analysis performed Educate Tone at the Top Conflict Disclosures (Board of Education and Management) Establish whistle-blower hotlines Rotation of job duties Zero tolerance Background checks for new hires – don’t hire crooks Keep eyes and ears open regarding employee behavior Discuss concerns with auditors Establish effective Internal Audit division Use of Data Mining Software Surprise audits
Recent Case - IT Equipment Former IT Technician – theft of Apple products Theft Included: 85 iPhones 21 laptops 11 iPads 6 other Apple Products
IT Equipment (continued) Buying items at discounted rates through cell provider – often when employees were eligible for upgrades but declined them Majority of items purchased were then sold on Ebay – in all he made a profit of $45,138 Theft uncovered by his replacement after logging into accounts and becoming suspicious of activity who then notified his supervisor
IT Equipment (continued) Things to consider that may have prevent/detected sooner: Add’l outside monitoring of accounts – cell phones, store credit, amazon Packing slips – have all equipment delivered to the school, tagged and tracked User acknowledgment of receipt of upgraded phone – signed by employee Segregation of duties in requisition – purchase process
Uniform Guidance Update
Schedule of Expenditures of Federal Awards
Recommend
More recommend