2015 Tennessee Government Auditor Training Seminars Program The Investigative Process and its Impact on Contract Audits Kevin B. Huffman, CPA, CGFM, CFE, Manager, Investigations Sheila Reed, CPA, Manager, Contract Audit Review Comptroller of the Treasury The Investigative Process and its Impact on Contract Audits OUR MISSION Investigate allegations of fraud, waste and abuse in state and local governments and other publicly-funded entities in the State of Tennessee 2 The Investigative Process and its Impact on Contract Audits HOW DO WE FIND OUT? Comptroller’s hotline (phone and online submissions), as well as local government fraud reporting form notifications, intergovernment fraud notifications, fraud notifications from local government contracted CPAs, correspondence from citizens and government officials 3 The Investigative Process and its Impact on Contract Audits HOTLINE NOTIFICATIONS In fiscal year 2014, the hotline received 1,629 notifications (1,522 calls and 107 online). Of the 1,629 notifications, 435 concerned allegations of fraud, waste, or abuse of government funds. 4 The Investigative Process and its Impact on Contract Audits OUR INTERNAL PROCESS Weekly “triage” meeting Facilitated and led by Office of General Counsel 5 The Investigative Process and its Impact on Contract Audits OUR INTERNAL PROCESS (cont.) Attendees: State and Local Government Audit Local Government Audit’s contract audit review Special Investigations Financial and Compliance Investigations 6 The Investigative Process and its Impact on Contract Audits OUR INTERNAL PROCESS (cont.) Weekly notifications are reviewed and discussed… Where does the notification fit – audit matter, investigative matter, referral to other state agency, etc… 7 The Investigative Process and its Impact on Contract Audits OUR INTERNAL PROCESS (cont.) Weekly notifications are reviewed and discussed… Notifications/allegations dealing with governmental entities who receive audits contracted thru Local Government Audit are shared with review staff… 8 The Investigative Process and its Impact on Contract Audits OUR INTERNAL PROCESS (cont.) Weekly notifications are reviewed and discussed… Review staff forward information to CPA firm for consideration/risk assessment on current audit… 9 The Investigative Process and its Impact on Contract Audits OUR INTERNAL PROCESS (cont.) CPA communications regarding these notifications/allegations are handled by Local Government Audit Review staff… 10 Contract Audit Process Notifications of Fraud, Waste and Abuse and the Contract Audit Process Objective: Contract Auditor Responsibilities 11 Notification Referrals to Contract CPAs Total Notifications of Alleged Fraud, Waste and/or Abuse Received by the Tennessee Comptroller’s Office during fiscal year 2014: 435 Assigned notifications from Triage for referral or follow-up with Contract Auditors during fiscal year 2014: 12 Notification Referrals to Contract CPAs Assigned notifications from Triage for referral or follow-up with Contract Auditors during fiscal year 2014: Municipalities Schools (Internal School Funds) Utility Districts E911 Districts Quasi Governments Housing Authorities Not-for-Profit Agencies County 13 Contract Auditor Communications to LGA Notifications reported to the Comptroller’s Office Triage LGA Flow of Information 14 Contract CPA Firms Notification Referrals to Contract CPAs The Communication 1. Confidential 2. Summary of the alleged fraud, waste or abuse 3. Request for response 4. Audit contract responsibility 5. Audit Standards 6. Fraud Reporting – GAS ICC – Schedule of cash shortages, thefts and fraud 15 Notification Referrals to Contract CPAs 16 Notification Referrals to Contract CPAs Confidentiality Issues • Comptroller’s Fraud Hotline (1) toll-free telephone (2) electronic submissions – – • Submissions in compliance with the Local Government Instances of Fraud Reporting Act – – • Protected by TCA 10-7-504(a)(22) “shall be treated as confidential and shall not be open for public inspection” Investigative Working Papers – including interagency communications, draft reports, schedules, notes, memoranda and all other reports related to an investigation. – – 17 Protected by TCA 8-4-505 “The detailed information received and generated pursuant to this part shall be considered confidential working papers of the comptroller of the treasury and is therefore not an open record pursuant to title 10, chapter 7.” All information and records received or generated by the comptroller of the treasury containing allegations of unlawful conduct of fraud, waste or abuse. – – • Protected by TCA 8-4-407 “The detailed information received and generated pursuant to this part shall be considered confidential working papers of the comptroller of the treasury and is therefore not an open record pursuant to title 10, chapter 7. “ Protected by TCA 10-7-504(a)(22) “shall be treated as confidential and shall not be open for public inspection” Notification Referrals to Contract CPAs 18 Notification Referrals to Contract CPAs 19 Notification Referrals to Contract CPAs Paragraph 7 of the Uniform Contract to Audit Accounts: 20 Notification Referrals to Contract CPAs Request for Response … Written Summary of Audit Conclusions 21 Notification Referrals to Contract CPAs Yellow Book Generally Accepted Auditing Standards Audit working papers should document that the allegations were appropriately addressed in accordance with applicable auditing standards. 22 AU-C Section 240 of the U.S. Auditing Standards – AICPA (Clarified) – June 1, 2014 (Consideration of Fraud in a Financial Statement Audit) Considerations Specific to Governmental Entities and Not-for-Profit Organizations §240.A8 The auditor of governmental entities and not-for-profit organizations may have additional responsibilities relating to fraud • as a result of being engaged to conduct an audit in accordance with law or regulation applicable to governmental entities and not-for-profit organizations, • because of a governmental audit organization's mandate, or • because of the need to comply with Government Auditing Standards. Consequently, the responsibilities of the auditor of governmental entities and not-for-profit organizations may not be limited to consideration of risks of material misstatement of the financial statements, but may also include a broader responsibility to consider risks of fraud. 23 Source: © 2015 Thomson Reuters/Tax & Accounting. All Rights Reserved. AU-C Section 240 of the U.S. Auditing Standards – AICPA (Clarified) – June 1, 2014 (Consideration of Fraud in a Financial Statement Audit) §240.A77 – Appendix B – Example Possible Procedures “Specific responses to the auditor's assessment of the risks of material misstatement due to fraud will vary depending upon the types or combinations of fraud risk factors or conditions identified, and the classes of transactions, account balances, disclosures, and assertions they may affect.” . . . “Differing circumstances would necessarily dictate different responses. Ordinarily, the audit response to an assessed risk of material misstatement due to fraud relating to misappropriation of assets will be directed toward certain account balances and classes of transactions. . . . the scope of the work is to be linked to the specific information about the misappropriation risk that has been identified.” 24 Source: © 2015 Thomson Reuters/Tax & Accounting. All Rights Reserved. Notification Referrals to Contract CPAs Fraud Reporting • GAS ICC • Schedule of Cash Shortages and Thefts 25 Yellow Book Options Yellow Book Auditor’s determination of whether and how to communicate such instances to entity officials is a matter of professional judgment. (GAS 4.26) Instances of fraud that “do not warrant the attention of those charged with governance.” (GAS 4.26) Report on I/C & Compliance Other No Communication Verbally 26 Separate written communication to management TN Audit Manual Impact Yellow Book Auditor’s determination of whether and how to communicate such instances to entity officials is a matter of professional judgment. (GAS 4.26) Instances of fraud that “do not warrant the attention of those charged with governance.” (GAS 4.26) Schedule of Cash Shortages & Other Thefts (Audit Manual) Report on I/C & Compliance Other No Communication Verbally 27 Separate written communication to management AU-C Section 240 of the U.S. Auditing Standards – AICPA (Clarified) – June 1, 2014 (Consideration of Fraud in a Financial Statement Audit) Considerations Specific to Governmental Entities and Not-for-Profit Organizations AU-C 240.A74 For governmental entities and not-for-profit organizations, requirements for reporting fraud, whether or not discovered through the audit process, may be subject to specific provisions of the audit mandate or related law or regulation. © 2014 Thomson Reuters/Tax & Accounting. All Rights Reserved. (Checkpoint) 28 AU-C Section 450 of the U.S. Auditing Standards – AICPA (Clarified) – June 1, 2013 (Evaluation of Misstatements Identified During the Audit) Considerations Specific to Governmental Entities AU-C 450.A26 In the case of an audit of a governmental entity, the evaluation of whether a misstatement is material also may be affected by the auditor's responsibilities established by law or regulation to report specific matters, including, for example, fraud. .A27 Furthermore, issues such as public interest, accountability, integrity, and ensuring effective legislative oversight, in particular, may affect the assessment of whether an item is material by virtue of its nature. This is particularly so for items that relate to compliance with law or regulation. © 2014 Thomson Reuters/Tax & Accounting. All Rights Reserved. (Checkpoint) 29 30