330 likes | 501 Views
Payroll Fraud & Continuous Monitoring Activities VLGAA – May 21, 2009. Darlene FitzPatrick , CIA, CFE, CCSA, Audit Director, Bon Secours Health System, Inc. Bon Secours Health System, Inc. $2.4 Billion Company 18 Acute Care Facilities 1 Psychiatric Facility 5 Nursing Care Centers
E N D
Payroll Fraud & Continuous Monitoring ActivitiesVLGAA – May 21, 2009 Darlene FitzPatrick, CIA, CFE, CCSA, Audit Director, Bon Secours Health System, Inc.
Bon Secours Health System, Inc. • $2.4 Billion Company • 18 Acute Care Facilities • 1 Psychiatric Facility • 5 Nursing Care Centers • 5 Assisted Living Facilities
Background of Local System • Acute Care Hospital • Approximately 1,700 people • Combination of union and non-union • Hospital was losing money • Discussions for selling and/or closing • Consultants brought in to manage hospital • Minimal internal management oversight
Background – Payroll Department Security person transferred to Payroll Clerk Conflict between Payroll Manager and Clerk One full time, two part-time Part-time only responsible for time entry Processing access locked down to Manager
Finance Structure CFO - Consultant Oversight Controller - Consultant Oversight Accounting Manager Consultant Bank Reconciliations Reconciling P/R to GL • Payroll Processing • Demand Checks • Quarterly Reporting Prep and Submission • W2 and W4 updates Payroll Manager
Discovery Whistleblower brought example to Controller Controller shared with CFO CFO shared with Internal Audit Internal Audit put together a team and was on-site within the week Work was conducted under privilege with our internal Legal Department
How Was It Perpetrated?Manipulation of the following areas: • Checks • Direct Deposits • PTO • Withholding Taxes • Overtime and Shift Differential • Quarterly Tax Reports • W-2 YTD Amounts
Manipulation Process Demand checks with gross pay of $0.01 Federal and State taxes were entered as a negative amount, resulting in net pay higher than gross Other deductions were used in the same manner as the bullet above Shift differential substantially greater than the hours worked
Manipulation Process Cont. Payments to terminated and leave of absence employees Paid regular hours in lieu of PTO hours Individuals had no taxes withheld in 2005, but W-2 was modified to appear as though taxes were paid Individual’s 2006 master file information was adjusted to appear that taxes were withheld
Manipulation Process Cont. • Checks were voided on the payroll system but not on the positive pay file held by the bank • Standard practice included reimbursement for taxes when overtime was combined on a regular bi-weekly payroll check • Transactions hidden by using word pad to change reports given to Finance
Recap of Losses Misappropriated dollars – BSHSI’s losses due to irregularities were $461,172.91. The table summarizes by year and category the irregularity involved:
Tax Implications Due to the methodology used to misappropriate funds, BSHSI incurred a sizable tax impact. The table summarizes by year and agency the tax impact:
Results of Investigation 9 Individuals terminated Prosecution performed by State Attorney General Results thus far: 4 have plea bargained and ordered to pay restitution Primary Instigator is pending grand jury indictment Remainder are in negotiations
CAATs Used Count of Checks issued $.01 Checks Negative deductions Exemptions greater than 9 Termination date less than check date Excessive overtime hours Shift differential greater than hours worked
Internal Control Breakdowns • Minimal oversight • Segregation of Duties • Reconciliations • Policies and Procedures
Minimal Oversight • Lack of issue ownership • Cutting Corners • Reducing Staff Volumes • Missing documentation (copies of tax filings, canceled checks, W-4s, etc.)
Lack of Segregation of Duties • Manual calculation and entry of overtime • Access to initiate payroll transactions within the payroll system and the bank • Recording payroll transactions in the payroll system • Custodial access to employer and employee bank accounts, funds, and related employee pay rate and tax records
Reconciliations • Federal and/or state quarterly reporting • Actual summation of the appropriate pay periods • Payroll bank accounts, payroll system, and the general ledger were being performed at a very high level • The lack of adequate reconciliations was previously noted
Lack of Policies and Procedures • Relevant documentation not consistently maintained • Payroll performing HR tasks • HR developed a practice that allowed overtime to be paid in a separate payment (Demand check) • Ad hoc practice allowed employees to request payroll refunds of the tax withholding variances
Future Audit Considerations Documentation: Where is it located? How current are such items as W4s, benefit elections, and pay increases? Policies and procedures: Are they in place? Are they being circumvented? Are there ad-hoc procedures?
Future Audit Considerations Overtime: • How is it approved? • Is it paid separately? • Are responsibility reports being reviewed as a verification?
Future Audit Considerations Demand checks: • Are there a large number of them? • Are “Penny” checks being issued? • Who approves demand checks? • Under what circumstances are they being issued?
Future Audit Considerations Security: • Who has the ability to do what? • How are checks numbered? Reconciliations: • Is the bank account being reconciled to the payroll information? • Are the payrolls/deductions being reconciled to the GL? • Are responsibilityreports verified to payroll?
Future Audit Considerations Tax Reporting: • Are the proper forms being filed on a quarterly basis? Electronically? • Are the forms being reconciled to payroll system details? • Who approves the forms before filing and how are the forms verified as to accuracy?
Future Audit Considerations System Integrity: Do the W4s, benefit elections, and pay increases match what is in the hard-copy file? Is a separate check writing system used? Who has access to the check, positive pay and direct deposit files? Are accruals (vacation, sick time, etc) being adjusted accurately? How are voids handled?
Future Audit Considerations CAATS: • List of negative deductions (federal, state taxes; corrections to direct deposits; etc.) • Shift differential or other types of incentives being paid for more hours than worked • Hours worked not matching hours paid • Net pay greater than gross pay • Individuals with no benefits
Future Audit Considerations CAATS (continued): • Voids (checks and direct deposits) on system • Multiple checks in a pay period • People terminated in benefits but not in payroll • People on leave getting checks • Checks to same address • Duplicate SSNs
Total Cost of Fraud • Amount Misappropriated - $461,173 • Investigation Costs (includes salaries, travel, external attorneys, administration) - $310,868 • TOTAL COST – $772,041
CONTACT INFORMATION Darlene FitzPatrick, CFE, CIA, CCSA Bon Secours Health System, Inc.8555 Magellan ParkwayRichmond, VA 23227 darlene_fitzpatrick@bshsi.org 804-289-7479