Download presentation
Published byMelina Brown Modified over 9 years ago
1
Fraud in the City Fleet - A Reputational Risk for Your Organization
Sam M. McCall, PhD, CGFM CPA, CIA, CGAP City Auditor City of Tallahassee
2
Session Outline Public Expectations Internal Control and Risk
The Elements of Internal Control Weaknesses in Internal Control can Result in Fraud and Illegal Acts Case Studies Reviewing Internal Control and Identifying Fraud and Illegal Acts, and Abuse Summary and Wrap Up
3
Public Expectations Expectation of high ethical and moral behaviors of Public employees Expectation that Public employees will conduct business within policy and procedures Expectation that Public resources will not be wasted, abused, lost or stolen
4
Definition of Terms Misfeasance Malfeasance Nonfeasance Abuse Fraud
Internal controls
5
What Is Misfeasance? The improper or wrongful performance of some act that a person may lawfully do
6
What Is Malfeasance? Comprehensive term including any wrongful conduct that interferes with the performance of official duties The doing of an act that a person should not do at all
7
What is Nonfeasance? Nonperformance of an act that a person is obligated or has a responsibility to perform Not doing what you should do Total neglect of duty
8
What Is Abuse? Improper or inappropriate program management
Everything that is contrary to good order Can be intentional or unintentional Does not have to violate a law, regulation, or contract provision
9
What Is Fraud? A false representation of a matter of fact
Concealing that which should be disclosed – deceiving to cause legal injury Intentional perversion of the truth To deceive another such that they rely on the false representation and surrender a valuable thing or a legal right
10
City Auditor Risk Assessment Criteria
Fiscal Impact Strength of Management 20 Sensitivity and Public Relations 15 Risk of Loss, Noncompliance, Corruption or Fraud 10 Complexity of Activity 20 Risk to Public Welfare 15 100
11
Components of Internal Control
Control Environment Risk Assessment Control Activities Information & Communication Monitoring
12
Components of Internal Control – Control Environment
The building block for all other components: Integrity & ethical values Commitment to competence Independent audit committee Management philosophy & operating style Organizational structure Assignment of authority & responsibility Human resource policy & practices
13
Components of Internal Control – Risk Assessment
Segmenting department into organizational components Analyze general control environment Analyze inherent risk Develop appropriate control activities
14
Risk Risk are essentially the opposite of control objectives
If the objective is to safeguard assets, the risk is that assets will be lost or stolen. Therefore, without knowing the risk, one cannot decide on the appropriate control activities
15
Risk – Questions to Consider
Chance of Occurrence - How likely is it to go wrong? (High, Medium, Low) Impact of Occurrence - What will happen if it goes wrong (assets lost, clients unserved, noncompliance with law, etc.) (High, Medium, Low) Assessment of Risk (High, Medium, Low)
16
Components of Internal Control – Control Activities
Link to objectives Accountability for resources Direct activity management Top level reviews Segregation of duties Physical controls Execution & recording of transactions & events
17
Components of Internal Control – Information and Communication
Information – Reports Communication – Dissemination of Reports
18
Components of Internal Control - Monitoring
Ongoing monitoring Separate evaluations Reporting deficiencies
19
Who Commits Fraud? Married Between 18 and 36 Has 2 children
Owns a home Does not have a drug or alcohol problem Does not recognize harm to victims Bright Strong sense of challenge and game playing Versed in technology and skillful Has a position of trust
20
Reporting Fraud – Employees Do It Best
Tip from employee Accidental discovery Internal Audit Internal controls External audit Tip from customer Anonymous tip Tip from Vendor Notification from law enforcement
21
Who Has the Responsibility for Detecting Fraud?
Management Employees External Auditors Internal Auditors Government Vendors Public
22
Management Responsibilities
Adopt and implement internal control policies Establish a control environment Assess and analyze risks Establish control activities to address risks Develop information and reporting systems Monitoring activities Role of Management is to …..
23
Management Responsibilities
Comply with applicable laws & regulations Establish & maintain effective internal controls Address findings & recommendations and to maintain a process to track their status Follow sound procurement processes when contracting for audits or attestation engagements
24
Employee Responsibilities
Be aware of where fraud can occur Look for irregularities Report suspicious activities (don’t assume others know) Conduct work in an ethical manner that complies with organization policies and procedures Role of employees is to …….
25
External Auditors Responsibilities
Review internal control over financial reporting Examine the government’s financial statements Plan the audit to detect fraud material to the financial statements and be alert to the possibility of fraud throughout the audit Role of External Auditors is to …….
26
Government Auditor Responsibilities
Review department, division, unit and/or program internal controls Review transactions for possible waste, fraud and abuse Plan the audit to detect fraud material to audit objectives Role of Office of the City Auditor is to …….
27
Vendors Responsibilities
Be aware of how and where fraud can occur in their operations Look for irregularities Report suspicious activities (don’t assume others know) Role of City Vendors is to …….
28
Public Responsibilities
Report suspicious transactions or behaviors Role of the public is to ………
29
Approach to Detecting Fraud
Exercise professional judgment Exercise professional skepticism Balance between a questioning mind and doubting everyone Critical assessment of evidence Neither assume dishonesty or unquestioned honesty. Do not be satisfied with less than persuasive evidence.
30
Management Red Flags Reluctance to provide information when requested
Employee turnover in high risk areas Lack of segregation of duties in a high risk area Excessive number of checking accounts Increase in purchase of inventory but no increase in productivity Abnormal inventory shrinkage Lack of physical security over assets Payments to vendors not on approved vendor list
31
Employee Red Flags Employee lifestyle changes (expensive cars, jewelry, homes, etc.) Behavior changes (drug, alcohol, gambling) Reluctance to provide information when requested Refusal to take vacation or sick leave Excessive purchasing of supplies Inappropriate overtime hours
32
How to Improve Your Chance of Detecting Fraud?
Assume anyone can commit fraud Good documentation does not mean something happened – only that someone said it happened Pay attention to detail (numbers, dates, amounts, alterations, reasonableness, etc.) Pay attention to hints or rumors of wrong doing Look for patterns or unusual transactions
33
Potential Red Flags Erased or crossed out figures
Inconsistent inks and typefaces Unusual dates, amounts, notes, phone numbers and calculations Consecutively numbered invoices Excessive voids or refunds Invoices in large even sums Multiple invoices to the same vendor just under $10,000 Show specific examples: Altered invoices to conceal pertinent information Invoices containing inadequate descriptions Consecutive payment requests for the same large amount Sequentially numbered invoices for the same part number and/or same large amount Purchases that appear to be divided to circumvent procurement procedures
34
Potential Red Flags (Continued)
Invoices printed on other than prepared forms Vendor address change Unusual number of payments to one payee Inadequate description of item purchased Delay in responding to request for documentation Stale invoice dates
35
What Conditions Make Fraud Easier
Weaknesses in Internal Controls relating to: Control Environment Risk Assessment Control Activities Information and Communication Monitoring The Fraud Triangle Incentive Opportunity Rationalization
36
Frauds to Discuss City Fleet Department – almost $3 million in fraud over a five year period
37
Case Study 3 – City Fleet Parts supervisor could order, receive, and issue parts. Could also open closed work orders and add cost, and adjust the inventory Suspicious transactions with three vendors identified Collusion with one vendor Losses totaled almost $3 million over five years. City employees and vendors prosecuted
38
See Page 2 for Invoices
39
Number of large dollar invoices all for the same amount
40
Notice instructions Valid Invoice
41
Same Amounts and Consecutive Invoice #
42
Same Amounts No Description Consecutive #
43
Invoice Altered with Whiteout
44
ZZ4 / 350 Engine 355 horsepower out of a small block aluminum head engine! The evolution of the ZZ series, this engine powers thousands of street rods, drag racers, and show cars. With 405 ft/lbs of torque, the ZZ4 is the best way to put a high performance small block engine under your hood!
45
High Risk Areas Susceptible to Fraud
Travel reimbursements Time & attendance Overtime Cash collections Use of vehicles and equipment P-card transactions Capital construction projects
46
10 Tips on How to Deter Fraud in Your Organization
Integrity at the Top Positive Reputation New-hire Screening Process Ethics Programs Written Fraud Program
47
10 Tips on How to Deter Fraud in Your Organization (Continued)
Communicate Policies to Vendors Proper Handling of Investigations Independent Internal Audit Function Effective Internal Controls and Auditing Open Internal Reporting
48
What are Some Suggestions for the Auditors
Plan the audit to detect fraud material to the audit objectives Document the use of professional judgment and professional skepticism Ask about background checks Discuss risk and fraud with auditee and whether there are mitigating controls Brainstorm with staff and supervisor on risk, controls, and testing to be done. Document discussions Look for persuasive fact-based evidence Document supervisory review of W/P’s and adequacy of response to questions
49
What to Do When You Suspect or Discover Fraud?
Do not pursue so as not to interfere with potential future investigations or legal proceedings Secure documentation Notify your supervisor Notify upper management (department directors) if you do not feel that your concerns have been investigated satisfactorily, or Call the Auditor
50
Questions?
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.