Association Fraud: How It Happens and What You Should Know

Similar documents
Fraud Prevention: How to Identify and Protect Your Higher Ed Institution

Fraud Prevention, Detection, and Internal Controls

What Happens When Internal Controls Fail

Employee Dishonesty: Prevention and Detection

Can You Spot Fraudsters?

Fraud Prevention, Detection and Control. Elizabeth Coles, CPA Aldrich CPAs + Advisors LLP

Eric Kinsherf, CPA MMAAA Conference June 12, 2018

Internal Controls for Deans, Directors and Chairs

Data Analytics: Where Do I Start?

Fraud Prevention Training

2/27/2017. Segregation of Duties/ Internal Controls. Objectives. Agenda

Virginia Association of School Business Officers Getting Reacquainted with Internal Controls Presented by John S. Aldridge, CPA

STUDY UNIT TEN INTERNAL AUDIT RESPONSIBILITIES FOR FRAUD

Annual Audit and Other Financial Matters

Karen L. Mosteller, CPA, CHBC

Auditing the HR Function

Effective implementation of COSO s new anti-fraud guidance

Internal Control: The Human Risk Factor

Internal Control: The Human Risk Factor

GBAS Business Administrator Institute: Presenter: Brian Mikell, Chief Audit Executive Office of Audit and Compliance Review

Use of Forensic Data Analytics in Investigations. Gerry Zack, CCEP, CFE, CIA CEO SCCE & HCCA Minneapolis, MN

Embezzlement & Fraud How You Can Protect Yourself. Pam Newman, CMA,CFM, MBA

- Excessive gambling or investment habits - Strong challenge to beat the system - Undue family pressure such as divorce - Overwhelming desire for pers

FRAUD SCHEMES. South Carolina HFMA Finance & Reimbursement Forum. November 13, 2012 WITH RELATED INTERNAL CONTROLS

This Questionnaire/Guide is intended to assist you in decision making, as well as in day-to-day operations. Best Regards,

Internal Control 2015 Training

How to Prevent Financial Fraud at Your Church VONNA LAUE

Fraud Risk Management

EMPLOYEE FRAUD OPPORTUNITIES CHECKLIST

Internal Control: The Human Risk Factor

FRAUD AWARENESS UPDATE

CONSERVATION DISTRICT OPERATIONS REVIEW: A conservation district s self-guide to better operations CDB CD REVIEW VERSION. District Operations

Understanding Your Data and Best Practices in Data Analytics

Fraud Awareness Jennifer Murtha Clara Ewing

Office of Financial Services June 30, 2017

OUTSMART FRAUD. Strategic Internal Controls to Prevent Business Fraud

Fraud Prevention and Detection Michael Schulstad, CPA/CFF/CGMA/FBI (ret)

OCCUPATIONAL FRAUD IN GOVERNMENT AND STEPS TO PREVENT AND DETECT IT

FRD510. Principles of Fraud Examination - 20 hours. Objectives

Cash Receipting: Fraud Prevention and Internal Controls

Protecting Your Organization Against Fraud

Seattle Public Schools The Office of Internal Audit

Speaker: Steve Dawson 7/13/2017

Cash Receipting: Fraud Prevention and Internal Controls

Ten Payment Fraud Protections

Week 3: Fraud, Procure to Pay Process Controls

Cash and Internal Controls For SDA Organizations

ACCTG 533: Module 14: Asset Misappropriation Fraud. [Slide Content]: Asset Misappropriation Fraud. [Jeanne H. Yamamura]: Asset Misappropriation Fraud

Whether you take in a lot of money. or you collect pennies

Fraud Detection and Prevention

How to Keep Your Bookkeeper from Robbing Your Business Blind. Jen Deal CPA (252)

Purchase Card Program

Fraud Detection and Prevention

Moving the Needle: Fighting Fraud from the Inside Through Audit. Mary Breslin, CFE, CIA President Empower Audit Training and Consulting

Fraud Awareness February 27, 2015

AICC 2017 ANNUALMEETING PRESENTED BY MITCHELL E. KLINGHER CPA PROTECTING YOUR COMPANY FROM EMPLOYEE THEFT

Protecting Your IT Network from Financial Fraud

MANAGING FRAUD RISK. Teresa D. Thamer, CPA, CFE Brenau University

Fraud in the Insurance Industry How it Can Impact Your Agency

CHAPTER 6 GOVERNMENT ACCOUNTABILITY

LOYOLA MARYMOUNT UNIVERSITY POLICIES AND PROCEDURES

Audit Follow-Up. Audit of Selected Departments Performing Accounts Receivable Functions (Report #1204 issued February 15, 2012)

April 27, 2007 The Business Edge PRINT

Protecting your private business from fraud

Title: Financial Policies and Procedures: Protecting Your Organization's Financial Assets

Data analytics is a powerful tool to prevent fraud and manage risk

Advanced Finance for Governing Board Members. Charter Schools: Advancing the Promise!! 2015 Annual Conference

Cover Your Financial Butt Checklist

Review and Implementation. Of Practice Internal Controls

Updated January 1, 2017 New Client Engagement Letter / Notice Bookkeeping & Accounting Services

Keep Procure-to-Pay (P2P) Fraud at Bay with Fraud Detection Tools & Techniques

With Jodi Kippe, CPA & Partner Retail Dealer Practice at Crowe Horwath LLP. Moderated by Mike Bowers, Executive Editor at DealersEdge

With Jodi Kippe, CPA & Partner Retail Dealer Practice at Crowe Horwath LLP. Moderated by Mike Bowers, Executive Editor at DealersEdge

Internal Control Evaluation

Diocese of Covington Policies & Procedures Manual Section: Compliance Accounting Policy: Internal Control & Segregation of Duties

Using Data Analytics as a Management Tool to Identify Organizational Risks

Be on the Lookout for Fraud. Presented by: Ed McMillan, CPA, CAE Fraud Examiner Forest Hill, MD

Fraud prevention, detection and investigation

Fraud: What You Need To Know As A Non-Profit Organization. October 28, 2014

ADMINISTRATIVE RESPONSIBILITIES FOR UNIVERSITY AND COLLEGE ADMINISTRATORS, DEPARTMENT HEADS, AND DIRECTORS

1. Corporate management (including the CEO) must certify monthly and annually their organization s internal controls over financial reporting.

FRAUD DETERRENCE AND DETECTION

What Are Your Auditors Doing? Presented by Carrie Kennedy, Partner Travis Smith, Partner Moss Adams LLP

Kerkering, Barberio & Co. Certified Public Accountants

My experiences with Employee Fraud

Committee for Senior Business Administrators. Segregation of Duties

Detecting & Preventing Procurement Fraud Using Data Analysis to Detect Improper Disbursements

A nonprofit board member should consider the following five elements of OVERSIGHT:

Internal Controls. Presented by: Mark Payne, CPA Partner Rae Kerr, CPA Senior Manager. March 5, 2014

MSD Internal Control Policy 01/16/08. Metropolitan Sewerage District of Buncombe County Internal Control Policy

716 West Ave Austin, TX USA

Guide to Internal Controls

FUNCTION: To Protect and Enhance the Nonprofit Organization s Capacity to Serve the Community.

Data Analytics for Travel and Entertainment (T&E) Auditing. Robert Luu, Senior Solutions Consultant, ACL Date: September 27, 2016.

Before you start a fundraiser

Christopher Dawkins, CPA, CIA Director of County Audit Phil Diamond, CPA Orange County Comptroller s Office

Increasing Your Awareness of Fraud: Definitions, Roles and Responsibilities, Methodologies and Tools

Guide to Internal Controls

Final Audit Follow-Up As of May 31, 2015

Transcription:

Association Fraud: How It Happens and What You Should Know National Association Conference September 17, 2015 Chicago, Illinois Investment advisory services are offered through CliftonLarsonAllen Wealth Advisors, LLC, an SEC-registered investment advisor. 2015 CliftonLarsonAllen LLP

Four Key Points I. Common and Clever Schemes Employees Use to Commit fraud Against Employer II. Warning Signs, Red Flags and Indicators of Predications of Theft or Abuse III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized IV. Recommendations to Consider when Suspicion of Fraud Exists 2

I. Common and Clever Schemes Employees Use to Commit fraud Against Employer Fraud is defined as: A false representation of a matter of fact whether by words or by conduct, by false or misleading allegations, or by concealment of what should have been disclosed. The fraud triangle is a model for explaining the factors that cause someone to commit occupational fraud. It consists of three components which, together, often lead to fraudulent behavior: 1. Perceived unshareable financial need 2. Perceived opportunity 3. Rationalization 3

I. Common and Clever Schemes Employees Use to Commit fraud Against Employer (cont d) The fraud triangle originated from Donald Cressey's hypothesis: Trusted persons become trust violators when they conceive of themselves as having a financial problem which is non-shareable, are aware this problem can be secretly resolved by violation of the position of financial trust, and are able to apply to their own conduct in that situation verbalizations which enable them to adjust their conceptions of themselves as trusted persons with their conceptions of themselves as users of the entrusted funds or property. Donald R. Cressey, Other People's Money (Montclair: Patterson Smith, 1973) p. 30. 4

I. Common and Clever Schemes Employees Use to Commit fraud Against Employer (cont d) 5

I. Common and Clever Schemes Employees Use to Commit fraud Against Employer (cont d) Fraud is not always small growing over time. Lack of staff training and commitment to accounting ripe conditions for a trust violator to operator. 6

I. Common and Clever Schemes Employees Use to Commit fraud Against Employer (cont d) Example: AAMC (Association of American Medical Colleges) (information provided via internet search) one of the largest in Washington metro area administers the MCAT victim of a fraud over an 8 year period by a trusted long time employee according to the CEO. Bank accounts opened in names similar to organization Brookings Institution NOT Brookings Institute. Phony invoices in names of legitimate groups approved for payment with checks returned to perpetrator (not the vendor) and deposited into accounts perpetrator opened. Employee was sole sign off for invoices up to $20K. Payments to what seem like a reliable organization unchallenged. 7

I. Common and Clever Schemes Employees Use to Commit fraud Against Employer (cont d) Example: Virginia Scholastics Rowing Association (information provided via internet search) Treasurer touted and lauded because she did the job gratis. Treasurer entrusted with collecting, counting and depositing cash receipts and donations received at all the regattas. Outside vendor sent email about 1 year old $38,000 unpaid bill. Treasurer protested in tears it had been paid. Secretary of organization went to bank to clear up and found over years, thousands spent on personal items by treasurer. Association will never know exactly how much cash was lost. 8

I. Common and Clever Schemes Employees Use to Commit fraud Against Employer (cont d) Example: American Legacy Foundation (information provided via internet search) Managed hundreds of millions drawn from a government settlement with big tobacco. Estimated $3.4M loss linked to purchases from a business described sometimes as a computer supply firm and at others as a barbershop, and to an assistant vice president who now runs a video game emporium in Nigeria. Legacy officials waited nearly three years after an initial warning before they called in investigators. 9

II. Warning Signs, Red Flags and Indicators of Predications of Theft or Abuse Employees and other paid persons living beyond their means. Persons who DO NOT take vacation (credit card fraud and other misdeeds discovered this way). Significant diversions on 990s reported by more than 1,000 nonprofit organizations according to Washington Post article dated 10/26/13. 10

II. Warning Signs, Red Flags and Indicators of Predications of Theft or Abuse (cont d) 11

II. Warning Signs, Red Flags and Indicators of Predications of Theft or Abuse (cont d) 12

III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized Too Busy with the Programs and Wearing Blinders to What Goes Bump at Night or Takes a Walk in Broad Daylight? Think About the following: Employee Handbook document in writing with employees and executives signature and date that they reviewed, read, understood and agreed with the Employee Handbook. Bank account statements to CEO who should review for anomalies. 13

III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized (cont d) Review back of checks for subsequent endorsement. Hot line effective only if in place and organization wide personnel are aware that management take the hot line seriously and follow up. Consider third party compliance reporting hot line. Closely review reimbursements to employees and company credit card statements. 14

III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized (cont d) Separation of duties in smaller associations consider Board members for some duties. Person processing invoices should only process for approved vendors. If a standard amount due monthly, set controls so that amounts larger cannot be processed without higher level approval. 15

III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized (cont d) Multiple reviewers for certain items may seem ordinary but the devil is in the details. Example corporate credit card reflected personal items, and seemingly business items but used for personal benefit. No blanket credit card approval should exist. Tone at the top and tone from the bottom: establish environment of accountability, responsibility and stewardship. Double signatures on expenses over a threshold. 16

III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized (cont d) Due diligence on vendors. Internal controls not just something auditors look at organizations need to own accountability and responsibility. Data analytics on key general ledger accounts (compare to bank documents) Cash Accounts Receivable Accounts Payable 17

III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized (cont d) Employee reimbursements from personal credit cards keep to a minimum. Employee advances should be approved just as vendor invoices are approved. Process payment after services provided, if advance payment required, seek a deposit until service fully performed. 18

III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized (cont d) Contractors/consultants should be independent of the organization. Approval documented if such person is not deemed independent but Association believes should be retained. Central supply keep supplies guarded and locked. Examples include employees helping themselves by putting items in pockets, pocket books, baggy clothes, coats Travel advances and expense reports are they approved? 19

III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized (cont d) KYC, KYE, and KYV (Know Your Customer Know Your Employee and Know Your Vendor. Clear Report on employees and key vendors. Due diligence on vendors and approval documentation for period, amount. Seek vendor certification that they are in compliance with FCPA and other requirements. CHECK ALL deliveries to make sure what is ordered is received (personal items ordered at staples does this make sense)? Person checking supplies in should be different than person ordering. 20

III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized (cont d) No loans to employees, directors and related parties. Contracts should be reviewed and approved by the Board of Directors for key executives Risk assessments perform periodically based on management/board assessment of the largest areas of concern COSO Model (Committee of Sponsoring Organizations of the Treadway Commission) has five interrelated components. 21

III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized (cont d) COSO Model: 22

III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized (cont d) Recurring risk assessments periodically select certain financial processes (different) and test to determine if policies and procedures are followed. Increase awareness of the periodic testing acts as a deterrent. Internal control is geared to the achievement of objectives in one or more separate but overlapping categories. 23

III. Controls Aimed to Reduce Risk of Fraud and keep Reputational Risk Minimized (cont d) Protect passwords OPM and OPA Other Peoples Money and Other Peoples Assets. Don t forget to look at liabilities and expenses often indicative of costs related to asset but is the asset on the Association books? Budget to Actual review should be mandatory and at least quarterly. 24

IV. Recommendations to Consider when Suspicion of Fraud Exists Report to the Board of Directors, Audit Committee or other governing body as directed by the employee handbook. Reporting should be one level higher that the person involved. Board determines when to Retain Counsel, and which counsel to retain. Forensic accountant should be retained by the lawyer (with client paying the bill) this protects privilege because you do not know what you do not know. 25

IV. Recommendations to Consider when Suspicion of Fraud Exists (cont d) Retain forensic specialist to image computers immediately of persons under suspicion (can be done in evening). Notify insurance company Notify law enforcement Forensic Accountant (as consultant) can interview people to report to Management re Platinum Practices. Trained forensic people are accustomed to interviewing and can do so in a non-threatening way. Management often finds the interviewing distasteful and delegates to a consultant. 26

IV. Recommendations to Consider when Suspicion of Fraud Exists (cont d) Forensic Account or management under direction of Forensic Account to calculate the loss. Plan the messaging re the event and communicate appropriately what happened, what is being done to instill better controls, and what is being done to FIX IT. AVOID the temptation to sweep under the rug what happened. If unresolved, rumors and speculation result which can damage the Association. 27

IV. Recommendations to Consider when Suspicion of Fraud Exists (cont d) Swift investigation is best and can dispel rumors and negative press One last thought use professional skepticism. Be wary of trust violators. President Reagan said it best, Trust but verify. Interesting book to read: Snakes in Suits by Robert D. Hare QUESTIONS? 28

Marion A. Hecht, CPA, CFF, CFE, CIRA, MBA Principal CliftonLarsonAllen LLP marion.hecht@claconnect.com Direct: 571-227-9613 Cell: 202-701-3921 CLAconnect.com linkedin.com/company/ cliftonlarsonallen facebook.com/ cliftonlarsonallen twitter.com/claconnect

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback