Category Archives for "Fraud"

governmental internal controls
Apr 02

Governmental Internal Controls

By Charles Hall | Fraud , Local Governments

Below I provide useful summary of governmental internal controls.

Why am I providing this list of useful controls? Most small governments struggle with establishing sound internal controls. So, the list provides a beginning point for preventing theft in your government. While not a comprehensive list, it will help. 

Many of the internal controls listed below are also pertinent to nonprofits and small businesses as well. You will find this same checklist in The Little Book of Local Government Fraud Prevention (available on Amazon) which provides many more fraud prevention ideas.

I am providing general fraud prevention controls and then transaction-level controls for:

  • Cash receipts and billing
  • Cash payments and purchasing
  • Payroll

governmental internal controls

General Governmental Internal Controls

Here are some general governmental internal controls.

  1. Have bank statements mailed directly to someone outside of accounting; recipient should peruse bank statement activity before providing it to accounting
  2. Perform surprise audits (use outside CPA if possible)
  3. Elected officials and management should review the monthly budget to actual reports (and other pertinent financial reports)
  4. Map internal control processes by transaction cycle (preferably done by a seasoned CPA); once complete, provide the map to all employees involved in the cycle; when control weaknesses exist, institute additional controls (see 11. below)
  5. Use a whistleblower program (preferably use an outside whistleblower company)
  6. Reconcile bank statements monthly (have a second person review and initial the reconciliation)
  7. Purchase fidelity bond coverage (based on risk exposure)
  8. Periodically request from the government’s bank a list of all bank accounts in the name of the government or with the government’s federal tax I.D. number; compare the list to bank accounts set up in the general ledger
  9. Secure computer access physically (e.g., locked doors) and electronically (e.g., passwords)
  10. Do not allow the electronic transmission (e.g., email) of sensitive data (e.g., social security numbers) without the use of protected transmission technology (e.g. Sharefile); create policy and train staff
  11. Where possible, segregate who (1) authorizes transactions, (2) records transactions, (3) reconciles records, and (4) has custody of assets; when segregation of duties is not possible, require documented second-person review and/or surprise audits

Transaction Governmental Internal Controls

Here are transaction level governmental internal controls.

Cash Receipts and Billing Controls

  1. Use a centralized receipting location (when possible)
  2. Assign each cash drawer to a separate person; require daily reconciliation to receipts; require second person review
  3. Deposit cash timely (preferably daily); require the composition of cash and checks to be listed on each deposit ticket (to help prevent check-for-cash substitution)
  4. Immediately issue a receipt for each payment received; a duplicate of the receipt or electronic record of the receipt is to be retained by the government
  5. A supervisor should review receipting-personnel adjustments made to accounts receivable
  6. Do not allow the cashing of personal checks (e.g., from cash drawers)

Cash Payments and Purchasing Controls

  1. Guard all check stock (as though it were cash)
  2. Do not allow hand-drawn checks; only issue checks through the computerized system; if hand-drawn checks are issued, have a second person create and post the related journal entry
  3. Do not allow the signing of blank checks
  4. Limit check signing authorization to as few people as possible
  5. Require two employees to effectuate each wire transfer
  6. Persons who authorize wire transfers should not make related accounting entries
  7. Require a documented bidding process for larger purchases (and sealed bids for significant purchases or contracts); specify procedures for evaluating and awarding contracts.
  8. Limit the number of credit cards and the chargeable maximum amount on each card
  9. Allow only one person to use an individual credit card; require receipts for all purchases
  10. Require a street address and social security or tax I.D. numbers for each vendor added to accounts payable vendor list (P.O. box numbers without a street address should not be accepted)
  11. Signed vendor checks should not be returned to those who authorized the payment; mail checks directly to vendors
  12. Compare payroll addresses with vendor addresses for potential fictitious vendors (usually done with electronic audit tools such as IDEA or ACL)

Payroll Controls

  1. Provide a departmental overtime budget/expense report to governing body or relevant committee
  2. Use direct deposit for payroll checks
  3. Payroll rates keyed into the payroll system must be supported by proper authorization in the employee personnel file
  4. Immediately remove terminated employees from the payroll system
  5. Use biometric time clocks to eliminate buddy-punching
  6. Check for duplicate direct-deposit bank account numbers
  7. A department head should provide written authorization for overtime prior to payment

Your Recommendations

What additional controls do you recommend? Share your thoughts below.

College theft
Feb 05

College Theft of Funds: Official Steals $4.1 Million

By Charles Hall | Asset Misappropriation

College theft happens more than we think. After all, aren’t these guardians tasked with looking after our children? Even in places where we expect unselfishness, sometimes there’s a bad apple. Today, we review a theft of funds involving a college aid official. 

College Theft

When I was a student at the University of Georgia, I needed every dollar I could find. I ate my share of cheap hamburgers and peanut butter sandwiches. In the summers, I scouted peanuts and cotton to make ends meet. So when I see a college aid official stealing student money, I wince. College theft hurts the needy.

College theft

A New York college aid administrator used a simple scheme to steal $4.1 million of student aid funds. How? She made out financial aid checks to nonexistent students and then endorsed them over to the name of an alias. The administrator set up a bank account in the name of the alias and deposited the checks into the bank account, allowing her to convert the checks to cash.

How long did the theft go on? Over ten years. The fraudster stole most of the money in the last two years of the scheme. As is often the case, the thief became bolder over time. 

How many fraudulent checks did she issue? Over 1,000, each to a different student.

How was the fraudster caught? A change in the accounting system required cross-referencing of financial records.

College Theft of Funds Control Weaknesses

No one was comparing the checks written to student admission files. Legitimate students have admission and other information that can be used to verify the students’ existence.

So let’s see how to reduce college theft.

Decreasing College Theft

A person other than the financial aid administrator should compare the student name on the check to student files to verify the existence of the student. If this control can’t be performed for each disbursement, it should be performed on a sample basis, and the persons creating and signing the checks should know their work is being monitored.

This test could be performed by someone in the financial aid office or by an external professional such as a CPA or a Certified Fraud Examiner.

The college can request from the bank the endorsement side of the cleared checks. If the back side of the checks are obtained, then the endorsements can be examined for appropriateness.

Banks Not Providing Cleared Checks

In an effort to save money, some banks don’t provide cleared checks to their clients. And very few banks (if any) provide the copies of the back side of checks. From a fraud prevention perspective, this is not good. Why? Because checks and endorsements can’t be inspected for potentially fraudulent activity. At least periodically, request some endorsements and test those on a sample basis. (The bank may require you to pay for these copies.) Additionally, as I said in another post, someone should be comparing cleared check payees to the general ledger–if not for every check, then at least on a sample basis.

Free Fraud Course

Click for free ten-day fraud course.

Nonprofit fraud
Jan 30

Nonprofit Fraud: Selling Donated Goods

By Charles Hall | Asset Misappropriation

Nonprofit fraud is real. Hard to believe? Yes. But it happens.

Sometimes nonprofit embezzlers sell donated goods. Today, we examine how nonprofit employees can steal assets rather than cash and how you can prevent such thefts.

Nonprofit Fraud

Several workers at a California Goodwill pled guilty to taking over $15 million. Their scheme involved the selling of donated goods by the barrelful to private dealers who sometimes wheeled tractor trailers up to the rear of Goodwill stores.

Nonprofit fraud
The dealers sold most of the goods in Mexico. The thefts–involving seven primary culprits, four of whom were sisters–occurred over a twenty-year period that started in the mid-70s.

So how were the fraudsters caught?

One culprit went through a bitter divorce, and the husband disclosed the scheme to authorities.

Nonprofit Fraud Control Weakness

The article describing this case did not provide details of the store operations, but it appears–at the time–inventories of donated goods were not properly documented. When assets, of whatever form, are not inventoried, they are more likely to disappear.

Lessening Nonprofit Fraud

Account for all inventories. Also, clothing that is sold in bulk should be documented. So each time a truck backs up to a store, the activity should be recorded—who received the goods, the sales price, who approved the sale, why the goods were sold in bulk. The store should have a policy that cash is not to be received for such sales.

Consider adding a whistleblower hotline. Nonprofit employees sometimes see signs of theft. Make it easy for them to report fraudulent activity. Doing so creates the camera effect

Also, install a security camera that records all loading dock activity.

Note–This case was adjudicated in the 1990s, and Goodwill has, since that time, made significant improvements to its controls.

Bid rigging case
Jan 23

Nonprofit Bid-Rigging and Kickbacks

By Charles Hall | Corruption , Fraud

In this article, we look at a nonprofit bid rigging case. (Some people refer to this as bid rig.) We sometimes think of nonprofit fraud as nonexistent. After all, these are the good guys. But today we see that nonprofit theft does occur–and to the detriment of those most in need.

Nonprofit Bid Rigging Case

Some nonprofit leaders prey on not-for-profit entities, harming the very people the organization is designed to help.

One such nonprofit leader was charged with bid-rigging, receiving kickbacks, and making fraudulent payments to vendors.

Bid rigging case
The Department of Justice charged a “former director of operations at…a Manhattan substance abuse treatment center, with bid rigging, conspiracy to defraud, and income tax evasion, in connection with a conspiracy to embezzle approximately $2.34 million from the organization over an eight-year period.”

The Department of Justice stated the charges stemmed from the director “conspiring with several outside vendors to rig bids and allocate contracts awarded by”  the nonprofit “for the supply of food, meat, health and beauty supplies, baby supplies, office supplies, printed materials, janitorial supplies, and medical supplies from 1990 until at least April 1998.” According to the charge, the director “steered nearly $10 million in contracts to those vendors.” No small bid rigging case.

The director was charged with taking kickbacks totaling at least $364,000 in cash or goods and services from vendors to ensure receipt of contracts. 

The Department of Justice went on to say, the director and seven vendors embezzled at least $2 million from  the nonprofit “by issuing false and fraudulent purchase orders to each of the seven vendors, who in turn issued corresponding invoices for goods and services that were never delivered or provided.”

Later, the director pleaded guilty to bid rigging, fraud, and tax charges.

What was the harm to the nonprofit’s 600 substance abuse patients? Well, money that should have aided the needy went into the pockets of fraudsters.

Bid Rigging Control Weaknesses

The first weakness was having a leader who was concerned more about his wealth than the people he served. Auditors often refer to this as the tone at the top–it’s the ethical makeup of those in charge. COSO calls it the control environment. Without a positive, honest culture, fraud is more likely to occur.

The second weakness was the bidding process never happened. There’s a reason for bidding: It keeps everyone honest, and it ensures the lowest price for the organization.

The third weakness was a lack of accounts payable controls (or the circumvention of such policies, if they existed). Collusion between an organization’s leaders and vendors can wreak havoc. In such cases, the vendors send invoices, but no service or product is provided. Since someone in the nonprofit is approving the invoice (with knowledge the invoice is fictitious), there is no gatekeeper, no one to prevent the theft. The person approving the invoices is aiding in the fraud.

What are the fixes for a bid rigging case such as this one?

Bid Rigging Fixes

First, fire unethical leaders. Nonprofits can’t afford the reputational damage—or the monetary losses.

Second, solicit (real) bids. Sealed bids should be received and opened in a public meeting.

Third, ask board members to review and vet the nonprofit’s vendor list, especially those vendors receiving payments over a certain threshold (e.g., $50,000). Alternatively, ask your external or internal auditors to verify the work of key outside vendors.

Cash receipts theft
Jan 08

Cash Receipts Theft: Supervisor Steals

By Charles Hall | Asset Misappropriation

In this article, I discuss cash receipts theft and how you can lessen this threat.

Sometimes the person you hire to prevent theft is the one stealing. This is one of the dangers of a trusted bookkeeper. Below I provide a real-life story of a cash receipts supervisor on the take.

Cash Receipts Theft

Is your cash receipts supervisor taking your cash? I once worked on a case where this person took over $300,000.

Cash receipts theft
Cash Receipts Supervisor

Many businesses funnel cash receipts to a supervisor who counts the money from each cash drawer and compares the funds to the daily receipts. The purpose of this step is to ensure no front-desk clerks are stealing.

The cash collections supervisor has usually worked a cash drawer in the past. So she knows all about how the receipts enter the system and how they are deposited.

Typical Deposit Cycle

The collections process often works as follows:

  1. Money is collected at the front cash-collection desks and placed in the cash drawers that are assigned to each clerk; receipts are written for each payment
  2. These clerks tally their collections at the end of each day and reconcile the monies in their cash drawers to the receipts written
  3. The daily reconciliation for each cash drawer goes to the cash receipts supervisor who recounts the funds received and reconciles collections to the receipts written (performing the same reconciliation as the front desk clerks)
  4. The cash receipts supervisor creates a deposit slip for all funds collected (if there are seven cash drawers, then the deposit slip represents the total collections for all seven cash drawers)
  5. The cash receipts supervisor gives the checks and cash and deposit slip to a courier to take to the bank
  6. The courier receives a bank deposit receipt from the bank
  7. The courier provides the bank deposit receipt to the cash receipts supervisor (so she can compare the bank deposit receipt with the copy of the deposit slip–to ensure the courier did not steal any funds in transit)

Cash Receipts Supervisor Theft

So how can the cash receipts supervisor steal funds in the above scenario?

In the case I worked on, the supervisor also reconciled the bank statement. After step 3., but before step 4., she would steal the cash and then lessen the deposit slip accordingly. So, if she took $2,200, the deposit slip would reflect the total daily collections less $2,200.

You’re thinking, “But then the bank account would not reconcile since the computers have recognized the front-desk collections?” You are correct—unless someone monkeys with the bank reconciliation. And that’s what she did. The supervisor adjusted the reconciling items–on the bank reconciliation–to cover up the stolen funds. The scheme worked until the annual audit.

When the auditors tested the outstanding items on the bank reconciliation, they could not tie substantial amounts to the subsequent bank statement. Generally, outstanding reconciling items clear the subsequent month’s bank statement—but large amounts on the year-end bank reconciliation could not be accounted for (because they were fictitious).

When confronted, the clerk confessed to her theft and method.

So what was the control weakness that allowed the cash receipts theft?

Cash Receipts Theft Control Weakness

The weakness was the cash receipts supervisor who had custody of assets (cash) also performed the reconciliation of the related bank account.

Correcting the Control Weakness

The person reconciling the bank statement should not also handle cash. It’s also a good idea to perform surprise tests of the receipting records. Doing so puts everyone on notice. The receipt employees know someone can appear at any time and review their work.

For additional assistance, see my article about how to audit cash.

1 4 5 6 7 8 10
>