1 / 28

DENTISTAR, Inc. Case

DENTISTAR, Inc. Case. GROUP 5-A Silka Gonzalez Silvia Orozco Blanca Wegener. TASK ONE.

Download Presentation

DENTISTAR, Inc. Case

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. DENTISTAR, Inc. Case GROUP 5-A Silka Gonzalez Silvia Orozco Blanca Wegener

  2. TASK ONE

  3. Q-1) Prepare a flowchart or data flow diagram to document the flow of transactions and internal controls over manual disbursements for both subscriber termination refunds and expedited operating expense disbursements. (Please see attachment jpg.file)

  4. Q-2)Analyze the flowchart or data flow diagram and identify control strengths and weaknesses in the system. STRENGHTS: • Bank statements are received at the corporate level • Bank accounts are reconciled at the corporate level • Effective preparation of budgets and financial reports at Regional and Corporate level • Reports showing budget and actual amounts are reviewed at the corporate and regional level • Appropriate filing process of checks and supporting documentation.

  5. Q-2)Analyze the flowchart or data flow diagram and identify control strengths and weaknesses in the system STRENGHTS: • West Region personnel are not authorized to edit any of the transactions or balances recorded in the general ledger system. • Information System Group utilizes the information from the Request for Payment Adjustment to delete subscribers form the tracking system. • Information System Group files their copy of the Request for Payment Adjustment. • Once deleted, the subscriber is removed from the provider’s list of subscribers authorized to receive treatment through their office.

  6. Q-2)Analyze the flowchart or data flow diagram and identify control strengths and weaknesses in the system. WEAKNESSES • Inadequate segregation of duties. • The entire manual disbursement process is run by Tom Swindler and Sally Trusts. • The current system could allow Tom to manipulate the disbursement process and commit fraud. • Lack of an independent review by of checks after they are prepared and before they are mailed. • Lack of reconciliation of the payment original documents and documents mailed to corporate. • Inadequate monitoring mechanisms.

  7. Q-2)Analyze the flowchart or data flow diagram and identify control strengths and weaknesses in the system WEAKNESSES • Proper audit trails are not present in the current system. • Lack of proper restriction of the automated check signatures. • The current system could permit that some subscribers are never eliminated from the system, but receive a premium reimbursement check. • This condition exists because the checks are prepared and mailed before the subscribers are eliminated from the system and the deletion of the subscriber is performed by other individuals. • Highly confidential information such as the social security number is captured and retained on manual forms without any type of security controls. • The system is highly manual, inefficient and lack many controls that could be provided by an automated system.

  8. Q-3) In your opinion, is the overall control system in place for manual disbursements at the region effective? Describe any preliminary recommendation to improve this system that you would suggest Dentistar does not have an effective control system in place. They need to implement an appropriate system of internal controls. In general, we recommend the following actions: • Implement an automated system to make the entire process more efficient. • Implement adequate automated controls within this system. • Implement proper segregation of function both at the manual and automated level. • Prevention by segregation of duties will be a key factor to improve controls over manual disbursements. • One person should not have sole responsibility to receive payment request, prepares a manual check, run the check through a check signing machine, and edit the check stub. They need to hire more people for the Finance coordination group to create and adequate system of authorization and approval of transactions.

  9. Cont. Q-3) Describe any preliminary recommendation to improve this system that you would suggest • Rotate the duties of key employees to assist revealing potential fraud schemes. • Develop, implement and enforce proper policies, standards and procedures delineating how to process and control the disbursement process. • Ensure all subscribers are properly canceled before policy refund checks are generated and mailed. • Establish mechanisms to restrict the use and maintain a trail of the use of the automated check signatures. • Ensure checks are imprinted with holographic images, inks that cannot be erased and other security features.

  10. Cont. Q-3) Describe any preliminary recommendation to improve this system that you would suggest • Establish sound audit trails and monitoring practices. • Establish mechanism to ensure corporate monitor regional management in a regular basis because some members of management are in a distinctive position to perpetrate fraud and manipulate accounting records. • Ensure corporate focus on creating a set of core values that provides the foundation for an ethical environment. • Establish sound information security practices

  11. TASK TWO

  12. Q-1) Determine the risk factors relating misstatements in financial statements arising from the misappropriation of assets as suggested in SAS No. 82 • Risk factors that relate to misstatements arising from misappropriation of assets are also classified according to the three conditions generally present when fraud exists: incentive/pressures, opportunities, and attitudes/rationalizations. Some of the risk factors related to misstatements arising from fraudulent financial reporting also may be present when misstatements arising from misappropriation of assets occur.

  13. Q-1) Determine the risk factors relating misstatements in financial statements arising from the misappropriation of assets as suggested in SAS No. 82 Some of the risks presented in this case are: • Inadequate segregation of duties: Tom Swindler, West Region Finance Coordinator was responsible for all of the Finance Coordinator functions, such as, coordinating the collection of the region’s past due accounts receivable, manual disbursements in support of West Region operations, assist corporate personnel in organizing the financial support for all internal and external audits by the Internal Revenue Service, accounting agencies, and insurance bureaus, and assists Sally Trust with Regional human resources. • Lack of independent review of checks with their supporting documentation before they were mailed. • Inadequate audit trails and monitoring mechanisms. • Lack of reconciliation of bank statement information with original payment supporting documents and disbursement documents.

  14. Q-1) Determine the risk factors relating misstatements in financial statements arising from the misappropriation of assets as suggested in SAS No. 82 • The customer policy might not be terminated and used after the final reimbursement check was mailed. • Lot of pressure at a management level due to significant turnover in all other administrative positions within the region. • Inadequate system of authorization and approval of transactions.

  15. Q-2) Evaluate the risk factors in relation to the control system existing at Dentistar. What if any factors or controls mitigate the risks you have identified? • As mentioned before on previous questions, the entity had many risk factors present and not sufficient mitigating controls. Therefore, this condition created an environment where fraud was possible. • It might be possible to reduce certain fraud risks by implementing an adequate control system and by making changes to the entity’s processes.

  16. Q-2) Evaluate the risk factors in relation to the control system existing at Dentistar. What if any factors or controls mitigate the risks you have identified? • They must implement an effective, secure and controlled information system. • Because of the importance of information technology in supporting the processing of transactions, management also needs to implement and maintain appropriate controls within such system. • Dentistar must work on the segregation of duties within the organization, and improve the reviewing process within the West Region

  17. Q-3) What additional procedure should Sheila Tate perform in her fraud investigation? Review exhibits E, F, and G for any unusual or fraudulent transaction and perform the additional procedures you feel appropriate. • The auditor should perform tests of detail transactions. She needs to perform sufficient substantive procedures not merely test of controls • As an internal auditor Sheila Tate should inquire individuals involved in the manual cash disbursement process. • Test specific accounts such as Fees for services Acct# 4000-04, Refunds Acct# 4050-04, Provider Payments Acct# 5200-04. • Compare current management judgments and assumption with prior periods and with those of other companies in the same industry. • Reconcile West Region Cancelled Check Details with West Region Check Stub.

  18. Q-4) Prepare a brief description of the procedures performed and results obtained in step 3. Reconciliation of west region cancelled check details (Exhibit G) and west region check stubs (Exhibit H). • Verify the description and payee on both schedules (Exhibit G and H). • Reconciliation of west region cancelled checks with west region cancelled check supporting documentation. • In order to reconcile the date of the refund, name of the subscriber/payee and social security #s, the auditor needs to verify the information in west region subscriber termination list (Exhibit J) , west region cancelled check supporting documentation (Exhibit I) and west region check stub list (Exhibit H).

  19. Q-4) Prepare a brief description of the procedures performed and results obtained in step 3. • Based in our evaluation and reconciliation we have found that Tom Swindler has committed fraud in the manual cash disbursement area. He had altered the information on the check stubs. He had cut checks to himself as well as to Bob Turner, who is not a valid subscriber to Dentistar dental plans, and he had submitted to corporate different payee information in the pay stubs. (See Checks: 1142/ 1710/ 1922/ 2395) • We assume he also provided false information on the check request form. He is treating Bob Turner check as a patient refund; however, on the pay stub; he edited the information and changed the payee and purpose of the payment. As a result of this fraudulent activity, he coded the transactions as a regular expenses, such as Postage, Office maintenance, and Utilities expenses. • Dentistar processes all the checks manually, the Finance Coordinator, Tom Swindler, is in a unique position that allows him to manipulate accounting records and checks. Due to lack of segregation of duties, regional management has not been able to identify potential fraudulent activities.

  20. Q-4 Cont.) Discuss the factors within the control system that enabled any fraudulent transactions you identify to be processed at the West Region without detection by regional or corporate management. • Inadequate segregation of duties. • The entire manual disbursement process is run by Tom Swindler and Sally Trusts. • The current system could allow Tom to manipulate the disbursement process and commit fraud. • Lack of an independent review by of checks after they are prepared and before they are mailed.

  21. Q-4 Cont.) Discuss the factors within the control system that enabled any fraudulent transactions you identify to be processed at the West Region without detection by regional or corporate management. • Lack of reconciliation of the payment original documents and documents mailed from corporate. • Inadequate monitoring mechanisms. • Proper audit trails are not present in the current system.

  22. Q-5) What recommendations would you make to management of Dentistar to improve controls over manual disbursements at the West Region and to prevent additional instances of fraud? • Implement an automated system to make the entire process more efficient. • Implement adequate automated controls within this system. • Implement proper segregation of function both at the manual and automated level. Prevention by segregation of duties will be a key factor to improve controls over manual disbursements. • One person should not have sole responsibility to receive payment request, prepares a manual check, run the check through a check signing machine, and edit the check stub.

  23. Q-5 Cont.)Are there any operational improvements you would suggest that either corporate or regional management of Dentistar implement? • They need to hire more people for the Finance coordination group to create and adequate system of authorization and approval of transactions • Rotate the duties of key employees to assist revealing potential fraud schemes. • Develop, implement and enforce proper policies, standards and procedures delineating how to process and control the disbursement process. • Ensure all subscribers are properly canceled before policy refund checks are generated and mailed. • Establish mechanisms to restrict the use and maintain a trail of the use of the automated check signatures.

  24. Q-5 Cont.)Are there any operational improvements you would suggest that either corporate or regional management of Dentistar implement? • Ensure checks are imprinted with holographic images, inks that cannot be erased and other security features. • Establish sound audit trails and monitoring practices. • Establish mechanism to ensure corporate monitor regional management in a regular basis because some members of management are in a distinctive position to perpetrate fraud and manipulate accounting records. • Ensure corporate focus on creating a set of core values that provides the foundation for an ethical environment. • Establish sound information security practices.

  25. Q-6) The focus of this case has been on the manual cash disbursements of Dentistar. If you discovered an employee attempting to defraud Dentistar in this area it is possible that the same employee would attempt to steal from the company in an alternate manner. What are some of the additional areas that might process the risk of fraudulent activity? Q-6 Cont.) What controls does Dentistar currently have in place to prevent fraud in the areas you identified? If no controls currently exist what recommendations would you make to management? • Other areas within the Accounting Department where there is lack of segregation of functions and poor controls. • For instance, when the same employee has control over the general ledger area, bank reconciliation process, the revenue recognition process as well as control of the accounts payable process fraud could occur. • However, most transactions are processed at Corporate, and West Region employees are not authorized to edit any of the balances or transactions recorded in the general ledger system.

  26. Q-6) The focus of this case has been on the manual cash disbursements of Dentistar. If you discovered an employee attempting to defraud Dentistar in this area it is possible that the same employee would attempt to steal from the company in an alternate manner. What are some of the additional areas that might process the risk of fraudulent activity? Q-6 Cont.) What controls does Dentistar currently have in place to prevent fraud in the areas you identified? If no controls currently exist what recommendations would you make to management? • An additional area that might process risk of fraudulent activities is the Payroll Department. • Once the person committing fraud get access to the payroll database, he/she might create persons on the payroll who do not work for the company, overpay wages, and falsify worker’s compensation claims. • We recommend that Payroll management match payroll to social security numbers, sort the payroll social security numbers in numerical order and look for false, duplicate, or unlikely numbers. • They should also emphasize the use of direct deposits and hand-deliver paychecks to employees and require positive identifications.

  27. Q-6) The focus of this case has been on the manual cash disbursements of Dentistar. If you discovered an employee attempting to defraud Dentistar in this area it is possible that the same employee would attempt to steal from the company in an alternate manner. What are some of the additional areas that might process the risk of fraudulent activity? Q-6 Cont.) What controls does Dentistar currently have in place to prevent fraud in the areas you identified? If no controls currently exist what recommendations would you make to management? • The IT Department represents another area that may be affected. Employees with access to the IT operations and facilities could have the capability of manipulate company data. • We recommend that proper segregation of function is also implemented within the IT Department. Also, we recommend that adequate physical and logical security controls be implemented and enforced

  28. THANK YOU!

More Related