Presenters:

QR Code

Date:

Getting What You Bargained For: Contract Risk Management

• Rob Broline, McGladrey LLP

May 18, 2014

Course Objectives

By the end of this course, you will be able to: Understand the major types of contract delivery methods Understand the common myths that are relied upon to

mitigate fraud, waste and abuse Understand areas for the highest risk of fraud, waste

and abuse Identify contract / construction fraud risks & red flags Understand basic methodology employed in performing

construction audit engagements Understand specific audit procedures to detect fraud and

other irregularities related to contractor billings Understand ways to improve contract and to mitigate

risk of fraud, waste and abuse

The Need for CRM

- Nearly all third parties reviewed have some errors in reporting. Very few of these problems are detected by the internal controls of the client organization (in our experience).

- The main reasons are: • Complex and ambiguous agreements that are misunderstood

by both parties. • Failure of both the third party and the client to devote

sufficient resources to manage the contractual relationship. • Systems weaknesses at the third party and the client to

support compliance with contractual obligations. • Failure of the client organization to review the self reported

information from the third party. Often certain of these problems can be detected using information that the client already has.

- Few organizations have systematic programs for managing third party reviews.

- Audits are conducted as the exception not the norm.

CRM Sample Procedures

•General:

−Perform risk assessment, as needed, to prioritize contract compliance management

−Obtain and review the respective agreements −Summarize the key economic terms and conditions of the contract to monitor / manage compliance

•Process Review

−Obtain an understanding of 3rd party’s accounting and reporting systems, processes and controls related to the contract

−Establish an agreed-up reporting and accounting system based on the contractual economic and operational terms

•Data / Documentation Analysis:

−Review data / documentation to confirm / support the data / documentation received per the contract

−Perform extraction of applicable revenue data from the 3rd party’s accounting and reporting system.

CRM Sample Procedures

•Substantive Testing (Revenue – Share Agreement):

−Judgmentally select a sample of sales transactions and obtain the applicable customer invoice / agreement.

−Confirm / agree the revenue amounts per customer to amount in the extracted sales report.

−Confirm that all revenue components were captured pursuant to the applicable terms of the contract.

−Confirm that revenue-share was properly calculated based on the agreed-upon rates and components in the contract.

•Re-performance

−Perform a recalculation of the client’s revenue-share based on 3rd party provided data obtained during fieldwork.

•Limitations

–An example might be unable to obtain customer specific information.

The Value of CRM

Return on investment - It is not uncommon to experience a material ROI on a portfolio of reviews - Recovery of cash from under-reporting of revenue, overpricing, inappropriate

allocations, cost calculations, billing, etc.

Business process improvement - Improved quality of information - Improved internal control environment - Improved corporate governance over business partner relationships

Enhance contract language - Reduced ambiguity - Proper measurement of terms

Relationship enhancement - Focus on facts improves information flow, helping enhance the relationship with your

business partner

Access to business partner data (use of external Firm) - Independence allows outside Firm access to third-party data (non-disclosure

agreements) - Reduce risk of fraud

Contract Risk Management A Case Study – Construction Contract

Did you get what you paid for?

To save $$$$ (cost avoidance & cost savings!) Demonstrate good stewardship of public funds &

donations Address Conflict of Interest concerns when

management, or public official is associated with the contractor and / or subcontractor.

Process Improvement / Best Practices Fraud Prevention / Detection DISCLAIMER: McGladrey is not in the business of

providing legal advice. The examples in this presentation are for illustrative purposes only. Consult an attorney for legal advice.

Why do fiscal management of a construction project?

Owner - Project / Facility

Managers - Financial

Management Architects Developer

Contractor/Construction Manager - Subcontractors - Suppliers

Consultants - Engineers - Accountants (external

consultants) - Construction

consultants - Insurance

Consultants

Roles and responsibilities

1. Fixed price or lump sum contract • AUDIT POTENTIAL – Generally can only audit

change orders. [Does not preclude review of contract terms and conditions]

2. Cost reimbursable / cost plus contracts, with GMP • AUDIT POTENTIAL – Generally can audit all costs

unless excluded in contract. 3. Design / build method

• AUDIT POTENTIAL – Generally can audit all costs unless excluded in contract.

Major Types of Contracts / Methods

How are you going to know if you got what you paid for?

1. Myth #1 – I know since I have a good attorney

• What about the business and economic terms?

2. Myth #2 - I know since I have a Guaranteed Max Price (GMP)

• What if the actual cost was less than the GMP?

3. Myth #3 – I know since Architect certifies payment

• Architect’s disclaimer

4. Myth #4 – I know because of financial stmt audit

• Audit perspective: Pay application is a 3rd party document

• Business perspective: Look beyond and behind!

5. Myth #5 – I have a robust payables process

• Exercise right to audit: Proven experience and expertise

Five Reasons Myths

Median construction fraud loss of $300,000, the third highest amount of any industry. Billings (36 percent) Corruption (34 percent)

In the case of billings, there is no penalty for overcharging a customer, and often, a contractor is only caught if an audit takes place.

Source: Association of Certified Fraud Examiners (AFCE) report

Common Fraudulent Risks

• Scoping – does not provide all information • Truth - does not negotiate in good faith • Procurement – manipulates, or lowest bid not best • Specifications – may take shortcuts • Change orders – make up for low bids • Front-end or top-loading – bills in advance • Allowances – money set aside for specific task… • Prevailing wage rates – wage compliance, DBA

Common Risk Areas – Lump-sum Contracts

• Labor – labor burden in particular • Cleanup – subcontractors normally responsible • Negotiations – not accurate/complete information • Self-performed work – quality & pricing • Insurance – excessive, unnecessary, duplicative • Change orders – make up for low GMP • Overtime – bill when not incurred, or not necessary

Common Risk Areas – Cost-plus Contracts

• Labor / labor burden 51% • Cleanup 21% • Excess Billings 17% • Miscellaneous charges 10%

Most Common “Overbillings”

Tool uses three modules – a series of questions to perform a Construction Fraud Risk Assessment:

• Identify the potential inherent fraud risks.

• Assess the likelihood and significance of occurrence of the identified fraud risks.

• Evaluate which people and departments are most likely to commit fraud and identify the methods they are likely to use.

• Identify and map existing preventive and detective controls to the relevant fraud risks.

• Evaluate whether the identified controls are operating effectively and efficiently.

• Identify and evaluate residual fraud risks resulting from ineffective or nonexistent controls.

• Respond to residual fraud risks.

Construction Fraud Risk Assessment Tool

• The General Modules we use include the following:

• Employee Assessment • Key Management Assessment • Physical Controls

• We also use Modules or Schemes most relevant to

Construction: • Corruption: Kickbacks • Corruption: Conflict of Interest • Purchasing and Billing Schemes

Fraud Risk Assessment Tool - Modules

• Use data analytics to review for related parties (e.g. address) • Use data analytics to review for procurement that did not go

through procurement process (e.g. awards just below dollar threshold for competitive bids)

• Test for negotiating pursuant to Truth in Negotiations Act if applicable

• Examine awards for small and disadvantage business and if sole source

• Excessive increases in contract value (e.g. >10 percent) • Review timing of the receipts of competitive bids • Conduct appropriate background checks on

employee/vendors • Review for recently formed companies/vendors receiving work • Review for two or more vendors providing same service • Analyze any unusual costs for fees • Examine any weakness in segregation of duties.

Fraud Risk Procedures - Procurement

• Management override of key controls. • Inadequate or weak internal controls. • No written policies and procedures. • Overly complex organizational structure. • Key employee never taking leave or vacation. • High turnover rate, reassignment, firing of key personnel. • Missing electronic or hard copy documents that materialize

later in the review. • Lost or destroyed electronic or hard copy records. • Photocopied documents instead of originals. Copies are poor

quality or illegible.

Fraud Red Flags

• “Unofficial” electronic files or records instead of “archived” or “official” files or records.

• Revisions to electronic or hard copy documents with no explanation or support.

• Use of means of alteration to data files. • Computer-generated dates for modifications to electronic files

that do not fit the appropriate time line for when they were created.

• Missing signatures of approval or discrepancies in signature/handwriting.

• Computer report totals that are not supported by source documentation.

• Lengthy unexplained delays in producing requested documentation.

Fraud Red Flags – continued

Review of contract language prior to Owner’s acceptance

Review of “bid packages” to determine if criteria reasonably supports selection of subcontractors

Review of the proposed GMP including allowances and contingencies

Review of employees’ labor rates for the Contractor and its subcontractors

Review of the proposed method for computation of any savings clauses (i.e. early completion, buyouts, GMP)

Review of “buyout” items included in the schedule of values to determine potential cost savings from lower negotiated prices

Preconstruction Phase – Audit Procedures

Review of contractor’s employees’ labor rates Review of mark-ups for overhead and profit Review of applications for payment (contractor) Review of applications for payment(subcontractors) Review of general condition costs Review of proposed change orders Review of overtime costs Review of contingencies and allowances usage Review of Owner Direct Purchases Review of contractor financial and project records

Construction Phase – Audit Procedures

Construction cost review / final accounting –

including proper disposition of lien releases Contract amount calculation – including final

amount due under the GMP and proper determination of any cost sharing amounts

Calculation of adjustments Negotiation meetings between contractor and

owner

Closeout Phase – Audit Procedures

Consider for Incorporation in the Contract Agreement

- Specific reference to the owner’s right to audit the construction costs upon notice to the contractor

- Provisions to bind the subcontractors to the audit provisions

- Provision for the Contractor to pay the audit fee if recoveries exceed a threshold amount

Contract Review Example Audit Provisions

Consider for Incorporation in the Contract Agreement

- Provisions defining the amount of mark-ups for subcontractors and sub-subcontractors

- Provisions defining what costs can be included in change orders and what costs are covered by the mark-up for overhead and profit

- Not to exceed rates for CM fees, insurance, bonds, labor burden

- Do not fix rates or costs

Contract Review

Example Substantive Provisions

Perform Construction Fraud Risk Assessment & Procedures Review Pay Application Submittal Process:

- Require & Review 3rd party support for pay applications - Fix nothing – use NTE’s or Caps for rates and fees - Compliance with contract - allowability and supportability

Exercise Right to Audit:

• Use resources with proven experience and expertise

• Allowability and supportability • More than pay for themselves • Exercise right to audit before final payment is

issued!

Wrap-up

Yacht or dinghy?

Our Promise to YOU

At McGladrey, it’s all about understanding our clients -

Your business, Your aspirations, Your challenges.

And bringing fresh insights and tailored expertise to help you succeed.

McGladrey LLP is the U.S. member of the RSM International (“RSMi”) network of independent accounting,

tax and consulting firms. The member firms of RSMi collaborate to provide services to global clients, but are separate and distinct legal entities which cannot obligate each other. Each member firm is

responsible only for its own acts and omissions, and not those of any other party. McGladrey, the McGladrey signature, The McGladrey Classic logo, The Power of being understood,

Power comes from being understood and Experience the power of being understood are trademarks of McGladrey LLP.

©2012 McGladrey LLP. All Rights Reserved. Rob Broline, Director rob.broline@mcgladrey.com 321.751.6238 www.mcGladrey.com