Internal Control for Fraud Deterrence
advertisement
Internal Control for Fraud Deterrence Shawn H. Miller, CPA, CFE What is Fraud? • Definition • • Any intentional or deliberate act to deprive another of property or money by guile, deception or other unfair means Two main types of fraud • Misappropriation of assets – theft of company assets • • Overwhelmingly most common Fraudulent financial reporting – misrepresentations in financial reports • • Committed by top management More common among publically traded companies 2 Fraud Triangle • For fraud to occur, you need the Fraud Triangle Opportunity is the one area we can attempt to control 3 What Makes Not-for-Profits Unique? • • • • • • More trusting culture – people are “supporters” of cause Excessive control by founder, director or substantial contributor Failure to include individuals with financial expertise on Board of Directors Reduced resources result in cuts to administrative staff Nonreciprocal revenue sources make it easier to steal Job security based on financial reports (government grants) 4 Internal Controls • • • • Most effective way to deter fraud Important to ensure that controls are followed 100% of the time Segregation of duties is the key to fraud deterrence and prevention There are 2 types of internal controls: • • Deterrence Detection 5 Tone at the Top • Refers to the attitude and mindset of the Board of Directors and top management • This attitude permeates throughout organization • Is a major deterrence control 6 2012 ACFE Report to the Nation • 10% of frauds occur in not-for-profit organizations • Typically lasts 18 months • Approximately 55% were committed by single individual, median loss of $100,000 • Median loss for 2+ perpetrators was $250,000 • Does not include lost revenue from bad publicity 7 2012 ACFE Report to the Nation • Primary internal control weaknesses noted: • • • • Lack of controls Override of existing controls Lack of Management review Poor tone at the top One of these factors was present in over 80% of cases studied 8 2012 ACFE Report to the Nation • Behavioral red flags: • • • • • • • Living beyond means Financial difficulties Unwillingness to share duties Addiction problems Refusal to take vacations Unusually close relationship with vendor/customer Wheeler-dealer attitude 9 Cash Disbursements • Most common area for fraud • Common schemes include: • • • Billing schemes / fraudulent vendors Check tampering Expense reimbursement schemes 10 Segregate Key Areas Deterrence Controls • • • • • Access rights in accounting system should be limited to only the activities necessary to perform job and should be reviewed regularly Invoices and checks should not be approved by individual who prepares checks Individual who prepares check should not be allowed to add vendors Vendor codes should be used for all disbursements – there should not be a “temp” or “misc” vendor code Check should never be returned to individual who requested it (“U-Turns”) 11 Segregate Key Areas Detection Controls • • Bank statements should be opened and reviewed by individual who does not prepare checks Bank reconciliations should be reviewed by individual who does not prepare checks. All unusual reconciling items should be thoroughly investigated • Vendor complaints should not be handled by individual who prepares checks • Implement positive pay with your bank 12 Other Disbursement Controls • • • All checks should be mailed, not hand delivered Vendor files should be purged on a regular basis Change reports for vendor records should be reviewed by individual who does not prepare checks 13 Other Areas to Watch Give Special Attention to Credit Cards • Who reviews credit card statements? • Who collects and cancels credit cards when employees leave? • Are cards used for personal charges as well? • Who reviews expense reports, especially for top management? 14 United Way United Way / United Way of the National Capital Area (UWNCA) / United Way of New York City (UWNYC) • • All three entities had Executive Directors accused of excessive spending Former head of national organization spent six years in jail for misuse of over $1 million • • • • Founded organization Personal condo in Miami Concorde flights to Europe Trips to Las Vegas for secretary/mistress 15 United Way United Way / United Way of the National Capital Area (UWNCA) / United Way of New York City (UWNYC) • UWNCA Executive Director stole over $1.6 million • • • • • Closely associated with national Executive Director Fictitious expenses Trips to Las Vegas Cash advances that were never repaid UWNYC Executive Director diverted over $200,000 for his personal use • Discovered when longtime assistant went out on extended medical leave 16 United Way United Way / United Way of the National Capital Area (UWNCA) / United Way of New York City (UWNYC) • What was the impact? At UWNCA: • • • Lost contract to run Federal worker giving campaign Total overhaul of governance Contributions dropped 60%, had not totally recovered by 2009 Exorbitant amount of time, effort, and money spent on investigations and damage control 17 United Way United Way / United Way of the National Capital Area (UWNCA) / United Way of New York City (UWNYC) • • What can we learn? Any red flags? • • • • • • • Handpicked Board of Directors and leader of affiliates Intimidated others in tax-exempt community Pliant, overly agreeable Board of Directors Flaunted lavish spending Auditors were told to withhold information from Board Rumors of improper spending Employee terminated after raising questions 18 United Way United Way / United Way of the National Capital Area (UWNCA) / United Way of New York City (UWNYC) • How did UWNCA react? • • • • • • Commissioned a full top-to-bottom investigation covering almost 30 years Created Ethics, Polices, and Procedures task force Formed new audit committee Established code of ethics Implemented best practice financial policies Reduced size of Board of Directors by over 50% – smaller but more engaged Created a culture of accountability and transparency 19 City of Dixon, Illinois • Former controller embezzled $53 million • City budget in 1983 was only $9 million (same year controller hired) • Created fictitious bank account in the city’s name at Fifth Third Bank 20 City of Dixon, Illinois • Transferred funds among various legitimate city accounts and eventually into a fictitious account. • Created false invoices to support transfers. • Used money to pay personal expenses related to quarter-horse business • Fraud started in 1990 and lasted 22 years 21 City of Dixon, Illinois • Started small but grew exponentially over time. Stole under $200,000 in 1990 • Discovered when controller was on vacation and another employee opened bank statement from Fifth Third Bank 22 City of Dixon, Illinois • What was the impact? • • • • City’s current operating budget is $16.6 million in the red Capital development fund has deficit of $1.7 million General fund has deficit of over $12 million City is suing multiple auditors and banks Exorbitant amount of time, effort, and money spent on investigations and damage control 23 City of Dixon, Illinois • • What can we learn? Any red flags? • • • • • Blamed continued losses on money owed from state In 1997, the controller doubled the size of her house and added an in-ground pool Purchased 87.8 acre horse farm for $540,000 Built 19,000 sq. ft. horse barn, arena, office, and stalls In 2007 purchased 81 acres in Wisconsin. Her salary was under $80,000 at the time 24 City of Dixon, Illinois • What can we learn? • • • No oversight of controller’s work Able to initiate and execute large wire transfers without approval No review of bank statements Great example of what can happen if there is a lack of segregation of duties 25 Fraudulent Financial Reporting • • • • Improperly charging expenses to restricted funds or Federal grants Improperly classifying expenses to improve functional allocation Netting expenses with revenue to improve financial statement revenues Overstating receivables by either improper recognition or understatement of reserve for uncollectible amounts 26 Motivation for Financial Reporting Fraud • • • • • Better rating by watchdog groups Impress Board of Directors Impress donors/grantors Obtain financing Appear stable/strong in down economy 27 Mitigate Reporting Risk • Timely review of expenses and financial reports by management • Management must have an understanding of what should be charged to each program • Communicate importance of accurately reporting time and expenses • Have an engaged and properly trained audit committee 28 What Else Can You Do? • Set the tone – Follow control structure, communicate the importance of controls and accurate reports • Adopt and communicate a “whistleblower” and “code of conduct” policy • Take action against violators – make an example of them 29 What Else Can You Do? • Be Observant – Look for unusual items in financial reports • Be Observant – Look for unusual behavior • Be Observant – Be alert for individuals who are reluctant to train their replacement, accept promotions or take vacations among staff 30 Questions? Shawn H. Miller, CPA, CFE Calibre CPA Group, PLLC 202.331.9880 smiller@calibrecpa.com calibrecpa.com LEGAL NOTICE: The contents of this document are proprietary to Calibre CPA Group, PLLC and should not be distributed, copied or altered without express permission of Calibre CPA Group, PLLC. The information it contains is provided with the understanding that Calibre CPA Group, PLLC is not rendering legal, accounting or other professional advice or opinions on specific facts or matters, as each individual circumstance is unique. Contents have been prepared for the exclusive and private use of the intended recipient(s). © Calibre CPA Group, PLLC 31
