afraud%anthology% - government finance …anthology% experienceperspecvve%//...
TRANSCRIPT
Erin Ballou, Metropolitan Development Housing Agency Shauna Woody-‐Coussens, BKD Kevin Huffman, Comptroller of the Treasury
Moderator:
Speakers:
Monday, June 1, 2015 3:35 – 4:50 1.5 CPE
A FRAUD ANTHOLOGY
experience perspecVve //
CPAs & ADVISORS
Detecting Fraud with Data Analytics Shauna Woody-Coussens, CFE Managing Director – Forensics & Valuation Services
1 • Fraud Trends
2 • Big Data & AnalyAcs
3 • ApplicaAons in Government Orgs.
4 • Plan for GeJng Started
PresentaVon Map
3 // experience perspecAve
Fraud Trends
5 // experience perspecAve
6 // experience perspecAve
7 // experience perspecAve
8 // experience perspecAve
Why Government Orgs. may Experience Fraud
o Too much reliance on audits to catch fraud – Most common detecAon methodologies
• #1: Tips = 42.4% • #2: Management review = 16.0% • #3: Internal audit = 14.1% • #4: By accident = 6.8% • #7: External audit = 3.0%
o More “service” driven versus “profit” driven – Staff are seen as being there to serve the public good
o Greater culture of trust
9 // experience ideas
Big Data & AnalyVcs
…processes & ac1vi1es designed to obtain & evaluate data to extract useful informa1on and answer strategic ques1ons...
DefiniVon of Data AnalyVcs
11 // experience perspecAve
o Answer quesVons through use of analyVcal so_ware – As simple as Excel
• Filter • Sort
– As complex as you want to make it • ACL • IDEA • Sequel
Data Ana-‐YOU WANT US TO DO WHAT??
12 // experience perspecAve
Data AnalyVcs – Common Challenges
o Existence of useful data o Data quality o Ownership of data o OrganizaVonal culture o Lack of experVse & personnel o Volume of data available
13
ApplicaVons in Government Sector
o Fraud happens in government orgs. the same way it occurs in the private sector
– Do have a tendency to see more corrupAon schemes due to large government contracts
o Lots of people do not like taxes and may not always approve of how their taxes are spent. So it is easy for some to jusVfy bilking government orgs
o A government org. is not a “person”; therefore, fraud o_en seen as a vicVmless crime
Fraud SuscepVbility of Government Orgs.
15 // experience perspecAve
o CorrupVon 36.2%
o Billing 19.1%
o Non-‐Cash 17.7%
o Payroll 15.6%
o Expense Reimbursement 12.8%
Top 5 Fraud Schemes in Government Orgs.
16
CorrupVon
17 // experience perspecAve
CorrupVon
o An employee misuses his or her influence in a business transacVon in a way that violates his or her duty to the employer in order to gain a direct or indirect benefit
o In most businesses, the most common form of corrupVon is the payment of kickbacks to related to purchases
18 // experience perspecAve
Red Flags for CorrupVon o Off-‐book fraud, so very hard to detect
– Payments o_en do not go through the organizaAon’s accounAng records
– Payments o_en paid in cash o Look for “behavioral” red flags
– Rapidly increasing purchases from one vendor – Excessive purchases of goods and services – Too close of a relaAonship with a vendor
19 // experience perspecAve
o Compare order quanVty to opVmal reorder quanVty
o Compare purchase volumes/prices from like vendors
o Compare quanVVes ordered and received o Check for inferior goods (# of returns by vendor)
o Unstructured data review (read suspected fraudster’s email….)
Data AnalyVcs for CorrupVon
20 // experience perspecAve
Billing Schemes
21 // experience perspecAve
o Fraudster creates false support for a fraudulent purchase, causing the organizaVon to pay for goods or services that are nonexistent, overpriced or unnecessary – Invoicing via shell company – Invoicing via an exisAng vendor
• False invoicing for non-‐accomplice vendors • Pay-‐and-‐return schemes
– Personal purchases with organizaAon’s funds
Billing Schemes
22
o Vendor asribute analysis o Trending of vendor acVvity
o IdenVficaVon of “high risk” payments
o Unstructured data analyVcs
Red Flags/Data AnalyVcs for Billing Schemes
23 // experience perspecAve
Vendor Asribute Analysis – Employee /Vendor Matching
24 // experience perspecAve
Data Mining -‐ Vendor Trending Analysis
Vendor: JLM Plumbing Authorized: Janice L. McPhearson
Test phase
Acceleration as confidence
builds
Getting Greedy
High Risk Vendor Asributes
26 // experience perspecAve
Matching Asributes Employee ID
First Name
Middle IniVal Last Name Vendor ID Name City State
Total Payments
Address 131313131 Beth E Davis D58468431 Davis Designs Anytown MO 5,768 Address, TIN 687431598 George R Davis
RelaVonship Analysis
27 // experience perspecAve
Vendor (A) Shauna’s Design Company, 123 5th Street, Anytown, MO (Total Payments = $84,337)
Employee (B)
Shauna Woody, 4300 Oak Street, Anytown, MO
Proximity Analysis
28 // experience perspecAve
Latent SemanVcs
To: Vendor Rep From: Employee -‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐ Thank you for the “gi_” – I’m so excited! It looks great in my driveway! I can’t wait to take it out on the open road! My neighbors are soooo jealous!
Latent SemanVcs
To: Employee From: Vendor Rep -‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐-‐ Think nothing of it, you deserve a treat every now and then for all you’ve done for us.
Evasiveness Vagueness Tension, Nervousness
EmoVonal Tone of Overall Department
32 // experience clarity
Non-‐Cash
33 // experience perspecAve
Non-‐Cash Fraud Schemes
o Any scheme in which an employee steals or misuses non-‐cash assets of the vicVm organizaVon – Employee steal inventory from a warehouse or storeroom
– Employee extracts customer’s personal and account informaAon from a database and then sells that data – idenAty the_
– Employee steals employer’s compeAAve data and supplies it to a compeAtor
• Common when employees change employers
34 // experience clarity
Non-‐Cash Fraud Schemes
– Inappropriate usage of organizaAon assets • O_en computers or so_ware
– Conflict of interest resulAng in personal benefit
35 // experience clarity
Red Flags for Non-‐Cash Schemes
o Shrinkage in inventory/supplies o Employees who frequently visit the office a_er hours
o Missing tools, equipment, office supplies, etc. o Missing, altered, or unmatched supporVng documents
o Employees borrowing office supplies, tools or equipment
36 // experience clarity
Data AnalyVcs for Non-‐Cash Schemes
o Automated monitoring of: – Online transacAons (monetary and non-‐monetary) and inquiries
– The date, Ame and source of online access, especially if the system can be accessed from a WAN or the Internet
– Report generaAon and downloading, including operaAonal and custom reports or queries, especially those containing student or account informaAon
37 // experience clarity
Data AnalyVcs for Non-‐Cash Schemes
o Automated monitoring of: – Cell/camera phone and flash drive use as compared with company policies and guidelines, including area restricAons
– Accessing of company and external websites by the employee
– E-‐mails sent and received and aoachment sizes – Telephone use, including use of restricted phone numbers
38 // experience clarity
Payroll
39 // experience perspecAve
o Ghost employees – FicAAous employees entered into payroll system
o Terminated employees – Terminated employees remain on payroll system
o Duplicate payroll o Overpayment schemes
– Higher pay rates, inflated hours, unauthorized bonuses
Payroll Schemes
40 // experience perspecAve
o Look for lack of: – Bank accounts for electronic payments – Home addresses and phone numbers – Holiday leave, vacaAon or sick leave – Benefit/tax deducAons
o Also look for – Duplicate SSNs – Duplicate bank account numbers – Duplicate home addresses – PO box addresses – Payments a_er terminaAon
Red Flags/Data AnalyVcs for Payroll Schemes
41
Expense Reimbursements & Purchasing Cards
Expense Reimbursement/P-‐Cards
o Any scheme in which an employee makes a claim for reimbursement or ficVVous or inflated business expenses – Employee files fraudulent expense report, claiming personal travel, nonexistent meals, etc.
– Employee purchases personal items and submits and invoice to employer for payment
– Employee purchases goods/services for inappropriate uses and charges to employer for payment
43 // experience clarity
Red Flags for Expense Reimbursement /P-‐Card Schemes
o Expenses exceed what was budgeted or prior years totals o Expenses claimed on days employee did not work o Purchases that do not appear to be business related o Minimal or non existent support for requests o Altered receipts o Unusual or excessive reimbursements to one employee o Submised receipts are consecuVvely numbered o Expenses in round dollar amounts o Expenses just below receipt submission threshold
44 // experience clarity
o IdenVfy transacVons on weekends, holidays or while employee is on vacaVon
o IdenVfy split transacVons in which a large purchase are split into smaller transacVons just under approval threshold
o IdenVfy unusually high or frequent expense reimbursement/p-‐card usage
o IdenVfy expenses in round dollar amounts
Data AnalyVcs for Expense Reimbursement/P-‐Card Schemes
45 // experience perspecAve
TransacVons in Round Amounts
46 // experience perspecAve
47 // experience perspecAve
High Risk Merchants
48 // experience perspecAve
Leveraging Data in Your OrganizaVon
Data AnalyVcs – A Guide to ApplicaVon 1. Build a profile of potenVal risks
• What are your highest risk business processes? • What frauds could occur in those processes? • What would red flags for fraud look like in those business
processes?
2. IdenVfy data available to help test for potenVal fraud • IdenAfy and define specific fraud risks to be tested • For each risk, idenAfy and define data requirements, data
access processes and analysis logic
3. Develop procedures & analyze data • Start with relaAvely simple tests and then add more complex
analysis building a library of specific tests • This is not tesAng a sample, it is tesAng the POPULATION
50
Data AnalyVcs – A Guide to ApplicaVon 4. Make analysis results understandable
• Try to answer one quesAon at a Ame
5. Does analysis result address the idenVfied fraud risk? • If not, go back to step #3 and refine • Are there addiAonal tests that are needed
6. Perform invesVgaVon of anomalies or unexpected paserns, as appropriate
51
Paper-‐based & limited electronic tesVng
(Sampling)
Data AnalyVcs (100% coverage, ad hoc
electronic tesVng)
ConVnuous AudiVng (Automated analyVcs,
100% coverage)
Reactive Proactive Responsiveness
52 // experience perspecAve
Closing Thoughts
o AnalyVcs does not tell the whole story o It tells you where to start looking o Creates efficiency in your review process o Once you understand your data and your environment, you can automate your analyVcs to repeat on schedule
One Tool in the Toolbox
54
Thank you
FOR MORE INFORMATION // For a complete list of our offices and
subsidiaries, visit bkd.com or contact:
Shauna Woody-‐Coussens, CFE// Managing Director
[email protected] // 816.701.0250
Fraud in Tennessee Trends and preventive measures
Kevin B. Huffman, CPA, CGFM, CFE Investigative Audit Manager Financial and Compliance Unit
Fraud in Tennessee o Who does it impact?
Fraud in Tennessee
o What we do: – InvesAgate maoers of fraud, waste, and abuse in governments or agencies receiving government funding.
– How are we noAfied? Audits, hotline calls, fraud reporAng forms, other agencies, CPA contracted auditors, Aps
Fraud in Tennessee o What we’ve been working on?
– During FYE 6/30/14, we released 17 invesAgaAve reports and leoers revealing losses of at least $713,051 due to fraud and cited an addiAonal $189,107 of quesAoned costs due to waste and/or abuse.
2013 Schedule of Cash Shortages and Other Thefts
Beg/Forward Balance
2013 Increase
2013 Decrease
2013 Year End Balance
Counties $ 563,373 $ 449,624 $ (237,775) $ 775,222
Municipalities 400,824 441,909 (53,948) 788,785
Internal School Funds 35,332 9,691 (765) 44,258
Utility Districts 2,100 210,600 (3,246) 209,454
Housing Authorities 255,121 187,539 (416,531) 26,129
Other Govt. Entities 949,000 3,570,247 (4,431,957) 87,290
Totals $ 2,205,750 $ 4,869,610 $ 5,144,222 $ 1,931,138
Unaudited Entities N/A 38,025 N/A N/A
Total Increase $ 4,907,635
2013 Reported Fraud by Area
Grand Division Reported Fraud
West $ 462,675
Middle 3,665,398
East 779,562
Total $ 4,907,635
Fraud in Tennessee o What we typically see…
o Lack of qualified competent staff
– Lack of management oversight – Lack of internal controls – “…I trust my people”
Fraud in Tennessee o Who steals in our governments?
– Fraud Triangle – RaAonalizaAon; Opportunity; Pressure
– 10/10/80 Rule
Fraud in Tennessee
o What you should take away from this presentaAon:
– Recognizing your risks
– Think about some addiAonal internal controls
– Trust, but also verify
Fraud in Tennessee
o Recognizing your risks: – According to Federal Law Enforcement:
• Employee the_ is one of the fastest growing crimes • Ten Ames the value of street crimes ($40 billion each year)
• Nearly one-‐third of all employees commit some degree of the_
Fraud in Tennessee o Recognizing your risks -‐ o Employee the_ takes many forms:
– Voiding receipts; adjusAng accounts = stealing cash
– FabricaAng invoices; ficAAous payees = stealing thru disbursements
– Use of gov’t equipment for personal use – The_ of Ame; “borrowing funds”
Fraud in Tennessee o Recognizing your risks:
– It can happen to you! If you don’t put the proper controls in place, it’s not a maoer of “if” something will happen…but “when”
– Fraud has a common thread – it happens regardless of the size of your gov’t
– Once you lose the public (taxpayer) trust, it’s difficult to get it back…
Fraud in Tennessee o Recognizing your risks: o Things we rouAnely hear –
“I trust my people…wouldn’t hire them if I didn’t” “I’ve been here for years and there’s never
been a problem” “We don’t handle much money…we’re small”
Fraud in Tennessee o Recognizing your risks:
o Once fraud occurs – – Taxpayers have a right to know… – EnAre operaAon is scruAnized… – Report is public…
Fraud in Tennessee o Think about some addiAonal internal controls:
– Internal Controls = safeguards
– #1 Control = Tone at the Top!
– Government leader = #1 control
Fraud in Tennessee
o Think about some addi1onal internal controls
o Tone at the Top – some things to think about – – Lead by example (many examples here)
• Make expectaAons of employees clear • Hold them accountable • The_ of any amount; “fudging” on Ame; “borrowing” is never allowable/tolerated regardless of who the employee is…
Fraud in Tennessee
o Think about some addiFonal internal controls
o Tone at the top (cont.) • Hire qualified, experienced employees • Find ways to improve employee morale • Let employees know it’s a TEAM effort • Be approachable -‐ Create an environment where employees feel comfortable coming to you at any Ame to voice concerns or issues
Fraud in Tennessee
o Think about some addi1onal internal controls
o Famous quote from military general – “The day my soldiers stop coming to me with their quesVons or problems is the day they think I either don’t care or can’t help them anymore…either way it’s a failure of my leadership”
Fraud in Tennessee
o Think about some addi1onal internal controls
Do you know all the cash collecVon points in your gov’t? How o_en are deposits made?
What are your procedures? Do ALL your employees know the procedures? Are they in wriVng? SVck to them!
Fraud in Tennessee
o Think about some addi1onal internal controls Keep cash on hand to a minimum (Do you know all the cash on hand amounts across your gov’t?)
Are there delays in deposits? Why are there delays? Should be made daily if possible… Consider security cameras
Fraud in Tennessee
o Think about some addiFonal internal controls Let employees know it’s a team effort to watch over operaAons of the office…
-‐Review what you sign -‐Require two signatures -‐Separate duAes (have an employee outside the approval process review invoices)
Fraud in Tennessee
o Think about some addiFonal internal controls
o Make it inconvenient and difficult to commit fraud… – RouAnely review voids or other adjustments to accounts
– Write-‐offs require management approval – employees involved in receipAng s/n/b wriAng-‐off accounts…
Fraud in Tennessee
o Think about some addiFonal internal controls Establish separate cash drawers for each employee… o Do not share passwords o Keep the office secure o Perform random “audits” in your office of employees cash drawers
o Understand the accounAng so_ware you use
Fraud in Tennessee
o Think about some addiFonal internal controls
o Official, prenumbered receipts should always be used
o Preferably, an employee outside the receipAng process should balance the day’s transacAons
o More than one employee should verify the deposit amounts
Fraud in Tennessee
o Think about some addiFonal internal controls
o Keep money contained in the office in which it was collected – – If it leaves the office and is taken to another locaAon for deposit, receipts and signatures should be generated on the exchange.
Fraud in Tennessee
o Think about some addi1onal internal controls o Rotate duVes in your office o Never a good idea to share keys, cash drawers, or deposit bags
o Consider invesVng in locking money bags, and cash drawers
o Keep an inventory of valuable items in your office
Fraud in Tennessee
o Think about some addi1onal internal controls
o Be mindful of loop holes in your operaVons – ConAnuously monitor your employees and other operaAons under your control
– Tighten up as needed
Fraud in Tennessee u Trust, but also verify
Provide management oversight -‐
u Monthly reports – Review them and ask ques1ons
u Annual audits – If you have findings, ask quesAons and correct them
Fraud in Tennessee u Trust, but also verify
o If you’re a gov’t leader on a Board – – Know your mission – how do you want it carried out?
– Know the policies and procedures – Require organizaAonal ethics
Fraud in Tennessee u Trust, but also verify
If on a Board (cont…) o Hold management accountable –
– If there are 3,000 customers and bills are $150 a month, revenue should be approximately $450,000…
• Require answers…quesAon reports and audits Review budgets closely and ask quesAons!
Fraud in Tennessee
o QuesVons
Fraud in Tennessee
Fraud in Tennessee
Fraud in Tennessee
o Contact InformaAon: Kevin Huffman Desk – 615.401.7843 [email protected] Comptroller’s Web Site also has a list of manuals and procedures for ciVes and counVes www.comptroller.tn.gov
Please provide feedback on the session
o Quick Text Feedback 1. Step 1 -‐ Text “GFOA” to 22333 2. Step 2 -‐ Did the session meet your expectaAons
for being high quality and relevant to your job? • Exceeded ExpectaAons– Text “T11EXC” • Met ExpectaAons – Text “T11MET” • Did Not Meet – “T11NOT”
o To provide more detailed evaluaVon on the session or full conference to go www.gfoa.org/evals