Fraud in the Workplace

Document Sample
Fraud in the Workplace Powered By Docstoc
					   Fraud In the Workplace




        Patrick M. Didas, CPA, CFE, Associate Director, IACA
            Stacy DeRooy, Assistant Director/Investigator,
                            Public Safety

                        July 28, 2009
                                                               1
R·I·T
    IACA’s Mission
    Institute Audit, Compliance & Advisement promotes
    a strong internal control environment by objectively
    and independently assessing risks and controls;
    evaluating business processes for efficiency,
    effectiveness, and compliance; providing
    management advisory services; and offering
    training to the University community. We focus on
    preserving the resources of the University for use
    by our students as they prepare for successful
    careers in a global society.


                                                           2
R·I·T
   Internal Auditing at RIT
 Annual Risk Assessment Performed by IACA
    • Quantitative
    • Qualitative
    • Academic and non-academic areas

 Creation of Annual Audit Plan
     • Audit Engagements
     • Business Process Reviews
     • Questionnaire Reviews
     • Continuous Auditing
     • Management Advisement Requests

 Annual Audit Plan is approved by Audit Committee of the RIT
   Board of Trustees
                                                               3
R·I·T
        4
R·I·T
                 Objectives:
   •    Why you should be concerned about fraud
   •    Who typically commits fraud, and why
   •    Common fraud myths
   •    Methods typically used by individuals committing
        fraud
   •    How you can reduce the risk of fraud in your area of
        responsibility
   •    The fraud investigation process
   •    The legal process of a typical fraud case
   •    How to report suspected fraudulent activity
   •    What to look for to detect potential fraud


                                                               5
R·I·T
                    Introduction
   • Bad news – fraud cannot be totally
     prevented
   • Good news - you are not powerless; you
     can take action to reduce the risk of fraud
   • By the end of this presentation
        – You will know which actions to take
        – Your awareness about fraud will be
          heightened



                                                   6
R·I·T
                  What is Fraud?
  Fraud definition
        • Intentional misrepresentation
        • Victim suffers monetary or property
          loss
        • Wrongful obtaining of a benefit

  Cost of fraud to U.S. organizations
        • Over $650 billion annually
        • 5% of annual revenues of an entity
        • What is 5% of your department’s
          budget?



                                                7
R·I·T
          Occupational Fraud

   The use of one’s occupation for personal
   enrichment through the deliberate misuse
   or misapplication of the employing
   organization’s resources or assets.



                                              8
R·I·T
Why Should you be Concerned about Fraud?
 • White collar crime is increasing
 • Management is being held responsible
 • Applicable laws and regulations
    –   Federal Civil False Claims Act and whistleblower law
    –   Sarbanes Oxley implications
    –   State laws and contract provisions
    –   Fiduciary responsibility to taxpayers/donors
    –   SAS 99 requires external auditors to identify risks that
        may result in a material misstatement due to fraud.


                                                              9
R·I·T
Who Typically Commits Fraud and Why?
                                       Need
   The “fraud triangle”
        • Financial need
        • Opportunity
        • Rationalization


                     Rationalization          Opportunity



                                                    10
R·I·T
Who Typically Commits Fraud and Why?
    • Classic characteristics of
      person who commits fraud
        –   Lifestyle: flashy, addictive need
        –   Work habits: trusted, responsible
        –   Attitude “I deserve” mentality
        –   Repeat offender
        –   Works alone
        –   Reluctance to take vacations
        –   Intelligent
        –   Well respected
        –   Technologically savvy

                                                11
R·I·T
Who Typically Commits Fraud and Why?
    Non Profits                  All entities
    Female, no criminal record   Male, no criminal record
    Earning < $50k               Earning > $50k
                                 Worked at least 6 years
    Worked at least 3 years      Median age 51
    Median age 41                Employee 40%
    Employee 66%                 Manager 37%
    Manager 25%                  Executive 23%
    Executive 9%




                                                            12
R·I·T
  Signs of Trouble – The Employee:
   • Keeps disorganized books,
   • Frequently misfiles deposit records, supplier
     correspondence and other important documents,
   • Explains away controllers notices or inquiries as
     error,
   • Insists on handling activities such as picking up mail
     or liaising with financial contacts, or
   • Suggests that you get rid of your other staff to save
     money.


                                                              13
R·I·T
  How Management Unintentionally
  “Encourages” Fraud
  • Management Attitude
      - Too Embarrassing
      - Bad Press
  • Little or poor applicant screening - unqualified
    employees
  • Inadequate training
  • Not listening to employees
  • Weak enforcement policies

                                                       14
R·I·T
 How Management Unintentionally
 “Encourages” Fraud
 • Responsibility, accountability, and authority not established
   or documented
 • Goals and objectives neither established nor monitored for
   success
 • No written policies or procedures




                                                           15
R·I·T
Common Myths About Fraud
  •   It can’t happen on MY watch
  •   No one would do that here...
  •   We have an excellent accounting system
  •   My accounting clerk is my best employee
  •   We don’t handle cash - What’s to steal?
  •   Problem employees are likely suspects
  •   I wouldn’t know where to start looking
  •   Controls prevent collusion

                                                16
R·I·T
          Common Fraud Methods
   Fraudulent disbursements, in which the
     perpetrator causes his organization to
     disburse funds through some trick or device.

   Skimming, in which cash is stolen from an
     organization before it is recorded on the
     organization’s books and records.

   Cash larceny, in which cash is stolen from an
    organization after it has been recorded on
    the organization’s books and records.

                                                    17
R·I·T
   Fraudulent Disbursement Types

   Billing schemes – a fraudster causes the
    victim organization to issue a payment
    by submitting invoices for fictitious
    goods or services, inflated invoices, or
    invoices for personal purchases. This is
    done through…


                                           18
R·I·T
 More Fraudulent Disbursement Types
  Payroll schemes – an employee causes
   the victim organization to issue a
   payment by making false claims for
   compensation.

  Expense reimbursement schemes – an
   employee makes a claim for
   reimbursement of fictitious or inflated
   business expenses.
                                             19
R·I·T
  Even More Fraudulent
              Disbursement Types
   Check tampering – the perpetrator converts
    an organization’s funds by forging or altering
    a check on one of the organization’s bank
    accounts, or steals a check the organization
    has legitimately issued to another payee.

   Register disbursement schemes – where an
      employee makes false entries on a cash
      register to conceal the fraudulent removal of
      currency.
                                                    20
R·I·T
            Non-Cash Methods

   • Schemes involving non-cash assets
     are much less common, but more
     costly, on average.
   • Inventory
   • Fixed Assets
   • Insurance Claims
   http://www.whitecollarfraud.com/


                                         21
R·I·T
                 Fraud Discovery Methods

                                                    Not for Profit                     Overall
   Tips                                                          48.8%                  46.2%
   By Accident                                                   10.7%                  20.0%
   Internal Controls                                             24.8%                  23.3%
   Internal Audit                                                13.2%                  19.4%
   External Audit                                                14.9%                   9.1%
   Notified by Police                                             1.7%                   3.2%

   The sum >100% because some respondents identified more than one detection method.



                                                                                                 22
R·I·T
        10 minute




         BREAK
                    23
R·I·T
   Internal Controls Reduce Fraud Risk
   Internal control is a process, effected by people,
   designed to provide reasonable assurance regarding
   the achievement of objectives in the following
   categories:


    • Effectiveness and efficiency of operations
    • Reliability of financial reporting
    • Compliance with laws and regulations



                                                   24
R·I·T
    How can you Reduce Fraud Risk?
        Supervisory approval of financial/payroll
        transactions
         • Initiator and approver should not be the same
           person
         • Approver should be able to vouch for business
           integrity of transactions
         • Approver should not allow others to sign his/her
           name or use system passwords to approve
           transactions or use signature stamps



                                                              25
R·I·T
   How can you Reduce Fraud Risk?

  Segregation of duties
        • Ensures a person is not in a position to
          initiate and conceal an error or irregularity
        • If duties cannot be segregated,
          compensating controls should be
          established




                                                          26
R·I·T
  How can you Reduce Fraud Risk?
  Safeguard assets
        • Secure cash and other assets
          • Cash received by mail
          • Property and equipment inventory
          • Restrictive endorsements
        • Secure accounts payable and payroll
          checks
        • Review and approve accounts receivable
          write-offs

                                                   27
R·I·T
How can you Reduce Fraud Risk?
Personnel policies
   • Perform national criminal background checks
   • Train and cross-train employees
   • Require employees to take vacations
   • Ensure annual / sick leave is reported
   • Verify active employees on payroll; remove
     terminated employees
   • Establish written job descriptions incorporating
     internal controls
   • Obtain IDs of terminated employees

                                                        28
R·I·T
          When an Investigation Occurs
 Once fraud is suspected and reported, an
 investigation is started during which the typical
 scenario is:

 • Interview appropriate staff to gather all of the facts.
 • Obtain supporting documentation in the department
 • Secure computer and email activity
 • Review ledgers via Oracle to determine what was
 reimbursed to the suspect
 • Obtain supporting documentation if necessary
 • Interview the suspect


                                                             29
R·I·T
         When an Investigation Occurs
    • Prepare final evidence package for law
      enforcement authorities
    • A law enforcement investigator will meet with
      Public Safety and IACA to review the case
    • Depositions may be required from witnesses
    • The law enforcement agency will present the
      package to the District Attorney’s office
    • The DA’s office reviews the case and usually
      offers a plea deal
    • The case is registered in the court dockets at
      which time the case is a public record



                                                       30
R·I·T
                The Legal Process
        • Petit Larceny : When a person steals property. – Class A Misdemeanor
        • Grand Larceny 4th degree: Class E Felony: When property exceeds
          $1,000
        • Grand Larceny 3rd degree: D Felony: When property exceeds $3,000
        • Grand Larceny 2nd degree: C Felony: When property exceeds $50,000,
          or received by extortion
        • Grand Larceny 1st degree: B Felony: When property exceeds
          $1,000,000
        • Falsifying Business Records 2nd degree: A Misdemeanor:
        • Falsifying Business Records 1st degree: E Felony
        • Forgery 3rd degree: A Misdemeanor - Altering a written instrument with
          the intent to defraud, deceive or injure another
        • Forgery 2nd degree: E Felony - Same as above but includes public
          records, deeds, wills, contracts, etc.
        • Forgery 1st degree: C Felony - Same as 3rd degree but is dealing with
          money, stamps, securities and government instruments


                                                                          31
R·I·T
             The Legal Process

   Basic Sentencing guidelines

        • Class A Felony : At least 3 years up to life in prison
        • B Felony : At least 3 years but not to exceed 25
          years
        • C Felony : At least 3 years but not exceed 15 years
        • D Felony : At least 1 1/2 years but not exceed 7 years
        • E Felony :At least 1 1/2 years but not exceed 4 years
        • A Misdemeanor : up to and including 1 year
        • B Misdemeanor : Up to three months

                                                           32
R·I·T
  RIT Ethics Hotline
The EthicsPoint system is accessible via phone by calling (866) 294-
9358 or (866) 294-9572 TTY or online at www.EthicsPoint.com.
More Ethics Hotline information is available at
http://finweb.rit.edu/svp/ethics/

Alternatives to the hotline include contacting the:
       • responsible administrative office
       • management team within your department or division
       • other appropriate members of Institute management.

Reports are received by the Controller’s Office, HR, and Risk
Management. The hotline does not supersede other reporting
methods!
                                                                   33
R·I·T
                         Contacts
         Helpful Websites and Phone Numbers

        Institute Audit, Compliance & Advisement x57647
                     http://finweb.rit.edu/iaca/


                      Public Safety x52853
                 http://finweb.rit.edu/publicsafety/


                 Institute of Internal Auditors:
                       http://www.theiia.org


           Association of Certified Fraud Examiners:
               http://www.acfe.com/home.asp

                                                          34
R·I·T
                       Conclusion
  • Hopefully
        – Your awareness about fraud has been heightened
        – You are now prepared to reduce fraud risk in your
          area
  • Remember - implementing basic controls –
    approval of financial transactions, segregation
    of duties, and expenditure review – is the key
  • Many controls are common sense



                                                              35
R·I·T

				
DOCUMENT INFO