Common Frauds Found in Not-for- Profit Organizations

Transcription

1 Common Frauds Found in Not-for- Profit Organizations NCACPA Not-for-Profit Conference May 19, 2015 Presented by Lynda M. Dennis CPA, CGFO, PhD

2 Today s Session Overview 2014 Occupational Fraud Report Findings Why NFPs are different Characteristics Internal Controls Typical fraud risks Responding to Fraud Risks in NFPs

3 Financial Fraud Defined Financial statement fraud an intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception that results in a misstatement in financial statements that are the subject of an audit. Types Fraudulent financial reporting Material misstatement or omission» Designed to deceive users Misappropriation of assets Theft of assets

4 Characteristics of a Fraudster Often long-time employees Well respected & well liked All entities have long-time employees that are well respected and well liked and most certainly are not perpetrators of fraud What makes the fraud perpetrator different? Willingness to compromise one s values Sheer absence of values to begin with Fraud perpetrator has a motivation to commit fraud 232 Copyright 2013 Surgent McCoy CPE, LLC FANG

5 Characteristics of a Fraudster Potential characteristics and actions that an auditor may notice when talking to a fraud perpetrator include The individual expresses frustration with questions and provides explanations to questions that are not reasonable. The individual expresses an unusual amount of forgetfulness. Instead of answering questions asked, the individual tends to evade questions by answering questions that are not asked. This includes providing much information in areas not asked about and little information in the areas asked about. The individual indicates that he/she will look into an issue and provide information later and never provides the information. The individual refuses to provide information or states that no information is available. Copyright 2013 Surgent McCoy CPE, LLC FANG

6 Characteristics of a Fraudster Potential characteristics and actions that an auditor may notice when talking to a fraud perpetrator include Rather than accepting personal responsibility, an individual tends to blame others or use the excuse that something has always been done a certain way without reason. The individual seems extremely eager to settle questioned costs and move on quickly. The individual tries to control the audit procedures performed and the timing of the procedures. The individual is always too busy to meet with an auditor. Copyright 2013 Surgent McCoy CPE, LLC FANG

7 2014 Occupational Fraud & Abuse Report

8 2014 Occupational Fraud & Abuse Report Third time to include foreign countries 1,483 cases from 1/12 12/ US (48%) Governments 10%, NFPs 11% of cases Typical organization loses 5% of revenues annually to fraud Median loss $145,000 More than 22% involved fraud losses of at least $1 million Median time of fraud 18 months

9 2014 Occupational Fraud & Abuse Report Asset misappropriation 85% of cases Least costly - $130,000 median (up from $120,000) Fraudulent financial statements 9% Most costly - $1,000,000 median Most likely to be detected by Tips Employees account for 50% Hot lines Average duration 18 months Payroll = 24 months vs. 36 months Check tampering = 26 months vs. 30 months

10 2014 Occupational Fraud & Abuse Report Most Common - Governments Corruption 36% Billing frauds 19% Expense reimbursement 13% Theft of cash on hand 12% Check tampering 6% Most Common - NFPs Check tampering 35% Billing frauds 33% Expense reimbursement 33% Corruption 30% Theft of cash on hand 13%

11 2014 Occupational Fraud & Abuse Report Controls found to be effective Proactive data monitoring & analysis Median fraud losses with & without this control are $74,000 & $181,000, respectively. Surprise audits Median fraud losses with & without this control are $93,000 & $164,000, respectively.

12 2014 Occupational Fraud & Abuse Report Controls found to be effective Dedicated fraud department/team Median fraud losses with & without this control are $100,000 & $164,000, respectively. Formal fraud risk assessments Median fraud losses with & without this control are $94,000 & $168,000, respectively. Employee support programs Median fraud losses with & without this control are $90,000 & $200,000, respectively.

13 Overview What makes NFP organizations different?

14 What Makes NFPs Different? Contributions Operate for purposes other than to make a profit Ownership interests

15 What Makes NFPs Different? Contributions Donor restrictions Time or use Grants Contributed services Controls Legal Grant provisions IRS

16 What Makes NFPs Different? Operate for purposes other than to make a profit Mission driven Pricing issues Function of the bottom line

17 What Makes NFPs Different? Ownership interests For profit owners are a control Net assets upon dissolution Statutory IRS

18 Special Concerns & Considerations Significant contributions More with less Low paid & insufficient number of employees Lack of profit motive Lack of ownership interests

19 Internal Control Challenges in NFPs Insufficient staff Lack of qualified staff Employee compensation Turnover of employees Internal control & small organizations

20 Unique Fraud Areas in NFPs Contributions Lack of profit motive Lack of ownership interests Related party transactions Functional allocation of expenses Repeat control deficiencies or management letter comments Split-interest agreements

21 Fraud & NFP Organizations

22 Common Fraud Schemes in NFPs

23 Fraudulent Financial Reporting

24 Common Fraud Schemes Revenue recognition Premature Delayed Expense recognition Premature Delayed

25 Revenue Recognition Not-for-Profit Organizations Contributions Dues Fund raising Split-interest agreements Grants Healthcare receivables

26 Revenue Recognition Not-for-Profit Organizations Grants Advance Reimbursement basis Exchange vs. non-exchange Restrictions

27 Revenue Recognition Not-for-Profit Organizations Healthcare receivables Misstatement of services rendered or goods provided Upcoding Unbundling services Provision of unnecessary treatment Kickbacks

28 Functional & Fund Classifications Not-for-Profit Organizations Rationale Meet IRS requirements Expense ratio expectations of donors Other expectations Future funding National affiliate goals, etc.

29 Misappropriation of Assets

30 Assets Subject to Misappropriation Cash & Cash equivalent type items Inventories/assets Small High value/demand Convertible Lack ownership identification Equipment subject to personal use Physical assets susceptible to personal use

31 Common Schemes to Misappropriate Assets Procurement & contracting frauds Embezzlement of cash receipts Fraudulent disbursements Personnel frauds Diversion of physical assets Diversion of program benefits & assets

32 Common Schemes to Misappropriate Assets Procurement & contracting frauds Indicators Unusual vendor names & addresses. Copies rather than original documentation. Orders for materials/supplies Already on hand in sufficient quantities Scheduled for disposal/discontinued use

33 Common Schemes to Misappropriate Assets Procurement & contracting frauds Indicators Orders for materials/supplies not consistent with the operations and/or mission Delivery addresses not part of physical locations Purchases falling just below threshold for approval Split purchases

34 Common Schemes to Misappropriate Assets Procurement & contracting frauds Indicators Payments to vendors not on approved lists Signature of management or supervisory personnel when typically signed by subordinates Supplier/contractors receiving significant amounts of business Prices in excess of market or expected market

35 Common Schemes to Misappropriate Assets Procurement & contracting frauds Indicators Complaints from vendors/suppliers Not being allowed to bid, stringent specs or procedures, inadequate time to respond Contract award patterns Low quality combined with high prices Sole source procurements Significant number Without adequate justification

36 Common Schemes to Misappropriate Assets Embezzlement of cash receipts Cash receipts and disbursements Missing or out-of-sequence blank checks Significant bank reconciling items without reasonable explanation Second payee or unusual endorsements Unusual disbursement transactions or transactions with lacking or insufficient supporting documentation Customer complaints about amounts they owe

37 Common Schemes to Misappropriate Assets Embezzlement of cash receipts Accounts receivable Unexplained differences on confirmations Significant or unusual adjustments to receivables Amounts deposited inconsistent with amounts due Significant credit balances

38 Common Schemes to Misappropriate Assets Fraudulent disbursements Inventories Significant shrinkage Unusual inventory turnover Significant unusual or unexplained entries to control or subsidiary records Significant unusual or unexpected relationships in inventory ratios Receiving reports differing from purchase orders, contracts, etc.

39 Common Schemes to Misappropriate Assets Personnel frauds Indicators Unusual or second-party endorsements Employees without usual withholdings related to employer provided or offered benefits Missing, unusual looking, or altered time and attendance records Time and attendance records signed by someone other than the usual supervisor

40 Common Schemes to Misappropriate Assets Diversion of physical assets What type? Small in size High in value & demand Easily convertible to cash Lacking in ownership identification Subject to personal or non-program use Susceptible to personal use or redirection Donated assets

41 Common Schemes to Misappropriate Assets Diversion of program benefits & assets Potential risk factors Pressure from constituent or special interest groups Potential for programs to generate net revenues Pressure to use of lose budgeted amounts or grant awards

42 Common Schemes to Misappropriate Assets Diversion of program benefits & assets Potential risk factors Physical access to program benefits and/or assets Highly marketable and/or easily convertible assets Ability to draw down cash using letters of credit Decentralized outreach, intake, and/or eligibility certification processes Self-monitoring responsibilities

43 Common Schemes to Misappropriate Assets Diversion of program benefits & assets Potential risk factors Complex funding and reimbursement arrangements or restrictions Compliance and eligibility rules Use of third parties in determining or dispensing benefits Administrative cost allowability, cost sharing, and matching Insufficient resources Monitoring & oversight of sub-recipients

44 Common Schemes to Misappropriate Assets Diversion of program benefits & assets Common indicators Copies of or missing application forms & supporting documentation. Participant files lack required information Decentralized intake centers or centralized intake centers Little or no monitoring by management or supervisory personnel

45 Common Schemes to Misappropriate Assets Diversion of program benefits & assets Common indicators Inadequately trained and/or supervised program personnel Inadequate or ineffective controls over program assets Lack of periodic physical inventories of program assets

46 Responding to Fraud Risks in NFPs

47 Fraud Risks Defined Fraud risk factors Events or conditions indicating Incentives/pressures to perpetrate fraud Real or perceived Opportunities to commit fraud Circumstances conducive to fraud Attitudes or rationalizations to justify fraudulent actions Character or ethical values (or lack thereof) Aka the fraud triangle Collusion

48 Communication Concerns NFP attitudes Faith-based organizations People are good Fear of alienating donors Perception as being easily duped Long-term employees as perpetrators Feel guilty Rationalize the perpetrator was justified

49 Auditor Responsibilities Risk of Material Misstatement Due to Fraud

50 Auditor Responsibilities Professional skepticism Attitude throughout engagement Requires the auditor to have a questioning mind & critically assess audit evidence Clarity & authenticity of records Continuance & acceptance process Management & TCWG capable of fraud Long-term relationships Rotation requirements Limited number of qualified firms Political influences over auditor selection

51 Six Characteristics of Skepticism 1. Questioning mind Disposition to inquiry with some sense of doubt 2. Suspension of judgment Until appropriate evidence obtained 3. Search for knowledge Investigate beyond the obvious with desire to corroborate 4. Interpersonal understanding Motivations/perceptions can lead to biased/misleading information 5. Autonomy Self direction, moral independence & conviction to decide for oneself 6. Self-esteem Self confidence to resist persuasion & to challenge assumptions

52 Audit Planning & Fraud RMM due to fraud part of overall risk assessment process Client continuance & independence Understand business & its risks Preliminary analytical review Establish planning materiality & performance materiality

53 Audit Planning & Fraud Identify significant accounts & processes Audit team brainstorming session What could go wrong? Assess entity level Develop audit strategy

54 Responding to Risk Overall effect on audit Assignment of personnel & supervision Choice of GAAP Predictability of procedures

55 AU-C section 240 Identification of fraud risks Fraud triangle Other criteria Entity size Complexity of entity Ownership attributes of entity Required considerations Revenue recognition Management override JEs Accounting estimates Business rationale

56 AU-C section 240 Auditor response to known/likely fraud Communicate & document Evidence that a fraud may exist Level of communication Senior management = audit committee Material misstatement = audit committee Lower level employees = management one level up Reportable conditions = senior management & audit committee