In its 2012 Report to the Nations, the Association of Certified Fraud Examiners reported that the government and public administration sector was among the top three industries most commonly victimized by fraud. The other two sectors were banking/financial services and manufacturing.
ACFE estimated $3.5 trillion were lost due to fraud in 2011 for all organizations. This is a dramatic increase from the $652 billion reported just five years ago.
Who is committing these fraudulent acts? The answer could be internal perpetrators, external parties or both. Focusing on the internal side, fraud experts agree three conditions are usually all present to some degree if and when fraud occurs.
- Incentive is what drives an employee to commit fraud, such as financial pressures or supporting a habit, such as gambling or drugs.
- Opportunity is created from too much trust, poor internal controls and lack of supervision. For example, a municipality not conducting its state-mandated annual audit by independent CPAs can create an opportunity. The basic purpose of internal controls is to remove or reduce the opportunity for fraud.
- Rationalization is when perpetrators of fraud convince themselves that they are not stealing but rather they are correcting a perceived wrong, such as not being compensated enough.
While municipal leaders can do little to impact the incentive and rationalization aspects, they can reduce the opportunity for fraud to occur by enacting effective internal controls.
There are two major types of internal controls: active and passive.
Active controls, the most common type of internal controls, try to prevent fraud from occurring.
- Segregation of duties - This helps ensure no one person has the responsibility for transactions from beginning to end.
- Separation of functions - This divides transaction processing or functions so that different organizational units are involved. For example, an administrative assistant opens the mail and logs cash receipts before turning them over to the finance department.
- Physical asset control - Any movement of assets requires documents authorizing the movement, such as requiring employees to sign out a laptop for use.
Physical restraints "Examples include padlocks, fences and locked file cabinets. - Document matching and pre-numbered accounting forms - This helps restrict introduction of non-authorized forms and helps ensure receipt and processing of all forms in the sequence issued.
- Signatures - Signatures provide evidence the documents have been authorized and approved. Documents should not be valid until signed.
- Document countersigning - This demonstrates to a third party that two or more designated individuals have concurred on approval of the document.
- Passwords and personal Identification numbers - Use passwords and PINs for computer and mobile devices.
Passive controls try to deter fraud by significantly increasing the opportunity for fraudulent activities to be discovered. These controls can be both economical and effective.
- Audit trails - Many automated systems have audit trails that record every change made to a record. This allows auditors to trace changes back to their source.
- Review processes and procedures - This increases the opportunity of discovery of fraud
- Focused audits - These are audits with a very narrow focus and can be done by internal management. Often, they have a psychological impact on staff (i.e., sensitive areas are being surveyed).
- Surveillance of key activities - This can inhibit fraud if potential perpetrators know that they are being watched.
- Rotation of key personnel - This involves periodic rotation of personnel with other employees taking over the duties of an employee (preferably without advanced notice).
Top 10 warning signs of fraud
|
---|
Information in this article provided by Jackie Breland, CPA and Financial Consultant, Jackie Breland Consulting, PA.