Thomas G. Claassen CPA, ABV, CFE, CFF July 16, 2009 Nonp onpro rofi fit Symposium posium Fraud Risk Mitigation and Prevention in Nonprofit Organizations
Fr Fraud ud De Defi fine ned Fraud is: 1) any intentional act or omission 2) designed to deceive others, 3) resulting in the victim suffering a loss and/or the perpetrator achieving an ill-gotten gain. 2
Fr Fraud ud Thre hreshold shold “Intentional act or omission with intent to DE DECEIVE VE” • Key difference between an error and fraud is the intent of the individual that causes a given loss. • Identify honest individuals and attempt to minimize situational pressures within the organization. 3
Fr Fraud ud Type pes 1) Asset misappropriation - The theft or misuse of an organization’s assets – Billing – Diversion of funds – Expense reimbursements – Check tampering – Payroll – Wire transfers – Information – Securities 4
Fr Fraud ud Type pes 2) Corruption – Person uses his or her influence in a business transaction to obtain an unauthorized benefit contrary to that person’s duty to his or her employer – Conflict of interest – Bribery – Illegal gratuities 5
Fr Fraud ud Type pes 3) Fraudulent statements - Falsification of an organization’s financial statements or filings to make it appear more or less profitable – Misuse of restricted funds – Misrepresentations relating to program results – Tax reporting issues (Form 990) – Concealed liabilities – Fictitious revenues – Improper asset valuations – Improper disclosures – Timing differences 6
Fr Fraud ud Tri riangle le Rationalization (People Factor) Opportunity Incentive/Pressure (Control Environment) (External Influences) 7
Fraud Damage & Non onprofit ofit Organization ons • Direct Financial Damages • Indirect Damages Financial impact can be a multiplier of any direct financial damages incurred Inherent lack of trust that an organization has the ability to fulfill its mission Donors less likely to contribute if funds are being diverted or misused 8
Fraud Sta tati tisti tics by Organizati tion on Type * Organization Type pe Medi edian Loss ss Private Company $278,000 Public Company $142,000 Government $100,000 Nonprofit $109,000 * Information obtained from the 2008 ACFE Report to the Nation. 9
Com ommon on Types es of of Fraud * Scheme Cases Corruption 26.9% Billing 23.9% Expense Reimbursements 13.2% Check Tampering 14.7% Skimming 16.6% Cash Larceny 22.9% Non-Cash 16.3% Payroll 9.3% Fraudulent Statements 10.3% Register Disbursements 2.8% * Information obtained from the 2008 ACFE Report to the Nation and is based on results of 959 fraud cases compiled by the ACFE 10
Fraud Det etec ection on Method thods * Det Detec ection Percentage Met ethod of Case ses Tip 52% Accident 17% Internal Controls 15% Internal Audit 12% External Audit 16% Notified by Police 3% * Information obtained from the 2008 ACFE Report to the Nation 11
Th Three ree-Legged Sto Stool ol • Governance - Culture of Accountability and Ethics • Fraud Risk Assessment Current Status Address Gaps • Prevention, Detection and Corrective Action - Implement Best Practices 12
Gov Governa rnanc nce Tone at the Top Formal Code of Ethics – Regular Periodic Updates Management Example Vested Interest – Visibility Teach and Instruct 13
Gov Governa rnanc nce Positive Workplace Environment Honest and constructive feedback and recognition for job performance Eliminate fear of delivering “bad news” Treat employees with fairness throughout the organization Organizational responsibilities clearly defined Strong communication practices and methods Direct communication vs. innuendo Competitive compensation 14
Gov Governa rnanc nce Hiring and Promotions Smart, Honest and Tough ough – do not compromise Background investigations for job candidates or those being considered for promotion to position of trust Thorough check of candidates’ education, employment history and personal references 15
Ris Risk Ass ssess ssment nt Proc rocess • Management buy-in and communication • Assemble team • Brainstorm and identify fraud risks by area • Categorize risks according to potential exposure • Identify controls in place that mitigate fraud risks and/or fraud risks for which adequate controls do not exist • Prioritize fraud control gaps according to exposure • Develop remediation plans • Perform cost/benefit analyses • Implement controls to close gaps • Perform risk assessment updates 16
Risk As Asse sess ssmen ent Tea eam • Finance and Accounting • Business Unit and Operations • Internal Audit • Legal and Compliance • External Consultants with Fraud Expertise 17
Fr Fraud ud Risk sk Ide Ident ntif ificat icatio ion • What could go wrong? (Fraud Universe) • What are the internal control weaknesses? • Can controls be overridden or circumvented? • How could a fraud be concealed? 18
Fr Fraud ud Risk sk Ide Ident ntif ificat icatio ion Identification of Fraud Risks should not be performed in a vacuum. Need to consider across the organization (horizontally and vertically) by: Functional Area Position Relationship 19
Fr Fraud ud Risk sk As Asses sessm sment Example ple GOVERNANCE 20
Fr Fraud ud Risk sk As Asses sessm sment Example ple DISBURSEMENTS 21
Impl Implement nt Best Practi tices • Effective Governance and Oversight • Employee Hiring and Retention Integrity Competence Attention • Perform Fraud Risk Assessment • Documented Fraud Policy • Anonymous Fraud Hotline • Appropriate Responses to Suspected Fraud Activity • Culture of Healthy Skepticism 22
An Anti ti-F -Fraud Mea easu sures es in Pl Place at Time of of Fraud * Control Percent External Audit 70% Internal Audit 56% Employee Support 53% Programs Hotline 44% Whistleblower 5% Rewards * Information obtained from 2008 ACFE Report to the Nation. 23
Organizati tion onal Res espon onse se to Fraud PREPARATION TO RESPOND BEFORE FRAUD OCCURS • Identify skills needed to pursue allegations (legal, financial, etc.). • Determine persons authorized to investigate, handle requests for information, interface with outside authorities and engage outside consultants, if necessary. • Consider use of counsel to be the point person for investigations with the ASS SSUMPTION that ALL LL fraud incidents will result in prosecution and/or litigation. • Be prepared to communicate messages to be delivered to employees, donors, the press and others in a timely and forthright manner. Engage counsel to review such communications prior to delivery. 24
Fr Fraud ud Response sponse – Key Points oints • Construct Fraud Response Apparatus • Quickly Summarize Facts and Circumstances • Immediate Actions to CONSIDER to “Close the Door” Terminate access to accounts and/or systems Place individual on administrative leave BE CAREFUL not to jeopardize the investigation or fall victim to legal pitfalls • Perform Investigation • Awareness of Legal Issues – Civil – Criminal 25
Fr Fraud ud Response sponse – Key Points oints • Involvement of External Authorities • Loss Recovery – Insurance policies – Civil Action • Publicity Issues • Address Impact on Employee Morale and HR Concerns • Remediation of Control Weaknesses 26
Re Resource sources AICPA Anti-Fraud and Corporate Responsibility Center http://antifraud.aicpa.org/ IIA Fraud Resource Repository http://www.theiia.org/guidance/standards- and-practices/additional-resources/fraud- repository/ ACFE Site and Resource Repository http://www.acfe.com/home.asp http://www.acfe.com/fraud/fraud.asp 27
Re Resource sources White Collar Crime Fighter http://www.wccfighter.com/ Open Compliance and Ethics Group (OCEG) http://www.oceg.org/landing/IAG.aspx Evaluation of Compliance & Ethics Program http://www.oceg.org/view/HHG Hotline and Helpline Guide 28
Fraud Risk sk Mitigati tion on and Prev even ention on in Non onprofit ofit Organization ons Questions ?? 29
Recommend
More recommend
