ohio auditor of state published article kit articles combined.pdf · ohio auditor of state...

OHIO AUDITOR OF STATE

PUBLISHED ARTICLE

88 E. Broad St. Columbus, OH 43215 | 800-282-0370 | 614-466-4490

www.ohioauditor.gov

By the Auditor of State’s OfficeOriginally published in Ohio Township News

Petty cash funds can offer local governments an easy method of payment when the need arises to make small, occasional purchases.

Paying with petty cash for low-cost items like postage stamps or office supplies usually requires less time and effort than the government’s normal purchasing process. Without adequate monitoring and internal controls, however, petty cash can increase an entity’s risk of misuse, theft or fraud.

Unfortunately, the Auditor of State’s office sees the consequences of poor petty cash oversight far too often. In an audit released on April 12, auditors noted $312 that had no supporting documentation to support expenses made from a village’s petty cash account. The finding resulted in a finding for recovery against village officials.

The Pitfalls of Petty Cash: a strong policy helps avoid misuse


www.ohioauditor.gov


PUBLISHED ARTICLE

In another audit, released in 2013, auditors discovered that the former Executive Director of the Oxford Visitors and Convention Bureau in Butler County spent $322 of the bureau’s petty cash on personal expenses including parking tickets, alcohol and a CD. The expenditures were not considered to be for a proper public purpose, and the misused funds were included in a larger finding for recovery against the individual.

Local governments using petty cash funds can avoid similar scenarios by crafting policies that incorporate risk assessment and fraud prevention techniques. An effective policy should establish a maximum amount for the fund that is low enough that it does not tempt sticky fingers, while remaining high enough that it does not require frequent replenishing.

The policy should specify which employees are authorized to use the fund and include a statement indicating that they are responsible for any unauthorized expenses. Additionally, the policy should segregate duties between those authorized to use petty cash and a designated employee, such as a fiscal officer, who writes the checks to replenish the fund.

A common audit finding related to petty cash is a lack of documentation. To ensure the fund’s paper trail does not run cold, all authorized employees should provide detailed vendor receipts for every transaction.

The fiscal officer or other fiscal personnel should maintain a petty cash log documenting all purchases and deposits made to replenish the fund. The designated employees and management should periodically review the receipts to ensure that purchases are for a proper public purpose. They also should regularly compare the fund balance with the receipts supporting the checks issued to replenish the fund. Any shortages identified could be an indication of fraud.

While there are always risks involved with petty cash, these guidelines can help local governments that use the funds to fortify common risk areas and deter those looking for quick cash.

If misuse, theft or fraud is ever suspected at your entity, contact the Auditor of State’s Public Integrity Assurance Team at 1-866-Fraud-OH or email your tip to [email protected].

For permission to use this article in your publication, please contact Press Secretary Beth Gianforcaro at [email protected] or 614-644-1111.


PUBLISHED ARTICLE


www.ohioauditor.gov


The Auditor of State’s office identified thousands of dollars in overpayments this past year to township fiscal officers and trustees whose pay exceeded the rates permitted by state law.

The Ohio Revised Code (ORC) sections 507.09 and 505.24 list the rates at which township fiscal officers and trustees may be paid based on their township’s annual budget. However, findings from several recent audits suggest some townships do not properly recalculate compensation for officials when budget adjustments are made.

“The amount of financial resources available to local governments fluctuates,” Auditor Yost said. “It’s never been more important for townships to monitor changes to their budgets and adjust pay accordingly.”

Overpayments highlight need for compensation monitoring


www.ohioauditor.gov


PUBLISHED ARTICLE

Auditors say the error is typically accidental and stems from unfamiliarity with the rules regulating township budgets. The Auditor’s “Ohio Township Handbook” defines a budget, in this sense, as “the amount of money that the budget commission certifies that the trustees of a township would have available for expenditures during the fiscal year, as shown on its latest amended official certificate of estimated resources.”

When a township experiences an increase or decrease to its budget, the fiscal officer and trustees submit an amended certificate of estimated resources to their county budget commission for certification of the updated amount.

Following certification, township officials should check whether the new budget amount shifts their compensation rates to an increased or decreased level on the township compensation charts, which are available on the Ohio Township Association website. Any potential pay changes are effective on the date of certification by the county budget commission.

It is important to note that compensation changes are only effective moving forward and are not retroactive. This means administrators may not recoup the amount they would have received had the new rate been in place beforehand. Additionally, the ORC compensation levels in place when fiscal officers and trustees take office apply throughout the duration of their terms.

As a result of House Bill 64, township officials elected or appointed after Sept. 29, 2015 are entitled to a five percent pay increase effective Jan. 1, 2017. Townships should take care to ensure the correct adjustments are made to eligible officials’ compensation.

The Auditor of State’s office recommends townships stay up-to-date on other legislative changes affecting budgets and compensation. Township administrators can receive annual updates at the Local Government Officials’ Conference, scheduled this year for April 12-13 in Downtown Columbus. Many related questions also are addressed in the “Ohio Township Handbook,” available for free at www.ohioauditor.gov.

“Efficient government can’t exist without a complete understanding of the rules surrounding public spending,” Auditor Yost said. “Eliminating costly errors like this will enable township leaders to devote more dollars to improving the communities they serve.”



PUBLISHED ARTICLE


www.ohioauditor.gov

By the Auditor of State’s OfficeOriginally published in Ohio Government Finance Officers Association’s E-News Update

The exponential growth of cyberfraud should concern us all. The sophistication with which these criminals attack individual and government accounts is mind boggling.

That’s why I was so alarmed when we discovered that nearly half of Ohio’s local governments surveyed by our office said they are unfamiliar with fraud prevention services designed to safeguard their bank accounts against fraud. Cyberfraud is a real threat that should not be taken lightly.

Some 784 local government officials responded to the nine-question survey conducted by our office in early September 2016. The survey asked fiscal officers, treasurers and others responsible for the safekeeping of tax dollars to report on the levels of usage and effectiveness of anti-fraud bank services at their entities.

Survey finds many local governments unaware of banks’ anti-fraud services


www.ohioauditor.gov


PUBLISHED ARTICLE

Forty-nine percent of respondents said they are unfamiliar with services such as Positive Pay – a fraud detection tool offered by most banks that matches key information in transactions to determine whether payments should be made.

The lengths these slick thieves will go to in order to deceive honest people requires us to take additional steps to protect public dollars. I recommend all governmental entities review the safeguards on their bank accounts and consider adding Positive Pay to their arsenals. It’s hard to be too safe.

The September edition of my office’s Best Practices newsletter describes in greater detail the different services offered by banks and explains why Positive Pay is considered a best practice for deterring fraud in the financial world.

Generally speaking, governments using the service typically provide their banks with a list of checks scheduled for payment. The bank then verifies checks presented for payment against that list, withholding payment for any that do not match.

Of the survey’s respondents, 65 percent said they either have no anti-fraud systems in place on their bank accounts or are unsure. The leading reasons governments gave for choosing not to subscribe were unfamiliarity (45 percent) and expense (32 percent).

Of all the statistics, this one captured my attention: 41 percent of the respondents who use Positive Pay said the service prevented fraudulent checks from being paid or caught an inadvertent error. It works.

Twenty-one percent of respondents said their governments have been targeted by “phishing” or email cybercrime, and 24 percent were unsure. Some 2 percent experienced financial losses as a result.

In June, I urged local governments to be on high alert for criminals targeting their bank accounts due to an increase in reported attacks. In one case, a Liberty Township fiscal officer came across a fraudulent check for $134,000 cashed by the Royal Bank of Scotland – clearly not an institution the township does business with. The funds were returned, but township trustees decided their bank accounts needed an added layer of defense. They enrolled in a Positive Pay service for $50 a month, plus transactional fees that bring the monthly total to $65.

In August, staff from my office met with bank executives to brainstorm ways for local governments to shield their bank accounts from similar threats. The bankers agreed that Positive Pay is the most effective, yet low-cost option available for protecting public funds.

Fraud protection like Positive Pay is a necessary step to protect tax dollars. We think those entrusted with tax dollars at schools, libraries, townships, villages and beyond should look seriously at this option. It’s a relatively inexpensive safety net.



PUBLISHED ARTICLE


www.ohioauditor.gov


A bill aimed at boosting efficiency in Ohio’s local governments passed through the Ohio House of Representatives in May and was signed by Governor Kasich June 14, 2016.

Under House Bill 5, local governments and state agencies considering sharing resources with neighboring entities can request feasibility studies from the Auditor of State’s office to measure the potential benefits of the collaboration. It also establishes a grant program to cover the full cost of the studies.

“We all want to make our money stretch as far as it can – especially in government, when we’re talking about spending the public’s hard-earned dollars,” Auditor Yost said. “House Bill 5 removes roadblocks to equipment sharing and provides a valuable tool for local governments to study the potential for cost savings.”

Introduced in January 2015, the legislation was crafted to help

Legislative update: House Bill 5 aims to boost government efficiency


www.ohioauditor.gov


PUBLISHED ARTICLE

public offices research their cost-saving ideas before committing valuable time and resources, said Shawn Busken, director of policy and legislative affairs for the Auditor’s office.

“If someone has an idea that involves sharing, but they don’t know if it could work, this legislation provides them with the funding to get a study done before they fully commit tax dollars,” Busken said.

The legislation was sponsored by Representatives Stephanie Kunze and Kyle Koehler. In May, it passed through the House and Senate by votes of 94-3 and 30-0, respectively.

All local governments and state agencies can apply for one of the dozen or so grants through the Auditor’s office. After receiving an application, the office will notify all parties of their inclusion in the request. Unlike financial audits, the feasibility studies are completely voluntary, and entities may choose to opt out if they are included in another government’s application.

The Auditor of State’s office is currently developing the selection process and plans to begin accepting applications this year. After an entity is chosen, the Auditor’s Ohio Performance Team (OPT) conducts the study, and upon its conclusion, holds a public hearing to discuss the findings of the feasibility study.

Funding for the studies comes from the Auditor’s Leverage for Efficiency, Accountability and Performance Fund (LEAP Fund), half of which was set aside for the grants. The size of the grants will vary depending on the scope of the studies, Busken said.

In addition to the feasibility studies, House Bill 5 alleviates liability concerns for local governments considering collaborative partnerships.

Previous Ohio law prohibits local governments from indemnifying one another, meaning owners of shared resources would bear the liability for any possible loss. House Bill 5, however, allows for the risk of loss to pass from the lender to the borrowing entity in shared service agreements.

“This provision in the bill will help ease the minds of local government officials across our state and encourage increased participation by entities eager to collaborate,” Auditor Yost said during his testimony to the House Local Government Committee in February 2015.

OPT is currently accepting applications for entities to begin taking advantage of these feasibility studies.

For more information about House Bill 5, or to read the full text of the bill, visit: www.legislature.ohio.gov/legislation/legislation-summary?id=GA131-HB-5



PUBLISHED ARTICLE


www.ohioauditor.gov


In response to a rise in cybercrimes targeting local governments, Auditor Yost is urging officials in charge of public spending to be on alert for online threats.

“We’ve all seen and heard about the criminals who try to steal our personal funds. These scammers would like nothing more than to get their sticky fingers on our tax dollars, too,” Auditor Yost said. “We need to be vigilant because they are becoming increasingly sophisticated in how they attempt to steal money through the internet.”

The cybercrimes vary in how they scam individuals and governments, but typically involve an email – a practice known as ‘phishing’ – that contains either a link or an attachment that, when opened, infects computers or entices the recipient to share

Cybercrimes increasinglytargeting local governments


www.ohioauditor.gov


PUBLISHED ARTICLE

account information and passwords. Some of the attachments launch viruses that essentially take data hostage until a ransom is paid (known as ransomware).

Auditor Yost’s warning was prompted by several recent attempted scams, including one involving the Big Walnut Local School District in Delaware County. In early May, an employee in the treasurer’s office received an official-looking email from the treasurer asking that a vendor be promptly paid. The email had all of the markings of a district email, including the appropriate email address and letterhead. The employee and an individual who appeared to be her boss exchanged several emails to answer questions before the transfer of $38,520 was made.

“Some of these scam artists can make your eyes deceive you,” Auditor Yost said. “You need to be vigilant, especially if a proposed transaction originates from an email. When dispersing funds online, we must verify first, then trust.”

To avoid falling victim, the Auditor of State’s office recommends local governments review how their contact information is publicly displayed and consider removing email addresses to reduce the number of targets available to scammers. Officials also should consider creating established procedures for regular updates of anti-malware software and backing up of data. Governments also can better secure their funds by establishisng defined protocols for anyone dispersing public funds, especially when the requested transfer is initiated by email.

“The internet is the tool of choice for criminals, and we need to make it as difficult as possible for thieves to access community treasure chests,” Yost said.

Other recent instances of cybercrimes targeting local governments include• An eastern Ohio county’s court data was attacked by ransomware on May 31, 2016. A virus

had encrypted the court’s data and hackers demanded $2,500 for the key to unlock the information. Because a recent copy of the data wasn’t available, the county agreed to pay the $2,500.

• A similar ransomware attempt was made April 5, 2016 against a township in Clinton County. That cyberattack did not result in the payment of any ransom because the township’s data was backed up.

• In a Morrow County township, the fiscal officer’s computer began screeching on March 9, 2016 before a notice appeared on the screen advising that a solution was available by calling an 800 number. The township paid $200 to stop the attack.

• A local government in Madison County was scammed out of $60,491 in September 2015 through someone posing as the IRS, collecting back taxes.

More information about cybercrime is available at ohioauditor.gov/publications/cybercrime.pdf


ohio auditor of state published article kit articles combined.pdf · ohio auditor of state...

Documents