620 likes | 665 Views
Internal Controls and Fraud. Presented by Katherine Yuen, CPA, Partner Amy L. Meyer, CPA, Partner CMTA Essentials of Treasury Management Workshop September 30, 2010 www.MazeAssociates.com. Overview. Fraud – definitions and overview Internal Controls – definitions and overview
E N D
Internal Controls and Fraud Presented by Katherine Yuen, CPA, Partner Amy L. Meyer, CPA, Partner CMTA Essentials of Treasury Management Workshop September 30, 2010 www.MazeAssociates.com
Overview • Fraud – definitions and overview • Internal Controls – definitions and overview • Exercises – multiple choice discussions Page 2
Internal Controls and Fraud Page 3
Internal Controls and Fraud • Internal control is a process designed to provide reasonable assurance regarding the achievement of objectives in the following categories: • Reliability of financial reporting • Effectiveness and efficiency of operations • Compliance with laws and regulations Page 4
Internal Controls and Fraud • Ensuring Internal Controls are in place is not a new concept for municipalities or for auditors • Internal Controls reduce the risk that fraud can be perpetrated Page 5
Internal Controls & Cash and Investments How does internal control help to achieve the objectives discussed earlier in the treasury function? Page 6
Internal Controls & Cash and Investments • Reliability of Financial Reporting • Investment Reports reflect the holdings and activities of the municipality Page 7
Internal Controls & Cash and Investments • Effectiveness and efficiency of operations • Investments meet cash flow requirements without the need to sell investments early Page 8
Internal Controls & Cash and Investments • Compliance with laws and regulations • Investments are in compliance with the municipality’s investment policy and the government code Page 9
What is Fraud? Page 10
Fraud - Defined • “Criminal deception intended to financially benefit the deceiver.” -- The Accountants Handbook of Fraud & Commercial Crime Page 11
Two Types of Fraud • Fraudulent Financial Reporting • Misappropriation of Assets Page 12
The “Fraud Triangle” MOTIVE OPPORTUNITY RATIONALIZATION Page 13
MOTIVE “Something (as a need or desire) that causes a person to act”–Merriam-Webster Dictionary Motive Opportunity Rationalization Page 14
MOTIVE • Severe business pressures • Immediate financial needs Motive Opportunity Rationalization Page 15
MOTIVE Severe Economic Pressures • Unrealistic budgetary goals • Cash flow pressures • Economic decline • Maturing debt or restrictive bond covenants Motive Opportunity Rationalization Page 16
MOTIVE Immediate Financial Needs • Substance abuse • Involvement in an expensive relationship • Excessive debt (facing foreclosure of one’s home) Motive Opportunity Rationalization Page 17
MOTIVE Immediate Financial Needs • Desire to keep up the appearance of wealth • Medical/financial emergencies of family members Motive Opportunity Rationalization Page 18
OPPORTUNITY “A favorable juncture of circumstances” –Merriam-Webster Dictionary Examples include: • Weak design of internal controls • No monitoring or periodic review of internal control system • Employee turnover/lay off Motive Opportunity Rationalization Page 19
RATIONALIZATION “To bring into accord with reason or cause something to seem reasonable” –Merriam-Webster Dictionary Motive Opportunity Rationalization Page 20
RATIONALIZATION Examples include: • “It was for the good of the City” • “I was just borrowing the money. I would have paid it back if I didn’t get caught” Motive Opportunity Rationalization Page 21
RATIONALIZATION Examples include: • “I was essentially getting a pay cut with the furlough so I was just taking what I deserve” • “If management cared more about this District, they would not have let anyone steal this easily” Motive Opportunity Rationalization Page 22
RATIONALIZATION • An attempt to depersonalize his/her actions: • “I wasn’t stealing from my boss, I was stealing from the Authority” • “The only one to get hurt was the bank, and they can afford it” • “It’s covered by insurance anyway.” Motive Opportunity Rationalization Page 23
TheOrganizational Fraud Triangle Leadership (Motive) Management Controls (Opportunity) Culture (Rationalization) Source: MANAGEMENT CONTROLS: THE ORGANIZATIONAL FRAUD TRIANGLE OF LEADERSHIP, CULTURE AND CONTROL IN ENRON by Clinton Free and Norman Macintosh and Mitchell Stein Page 24
Common Investment Frauds • Misappropriation of Assets • Theft of investment schemes • Borrowing schemes – pledging of investments • Fraudulent Financial Reporting • Improper accounting methods • Fictitious investments, investments not owned by the municipality • Failing to record sales of investments Page 25
Misappropriation of Assets • Theft of investment • Symptoms • Unexpected or unexplained fluctuations in investment balances. • Unexpected or unexplained fluctuations in investment related income or expense accounts. • Unexplained/ongoing reconciling items Page 26
Misappropriation of Assets • Theft of investment • Management Responses • Authorized signer of investments account should not reconcile the investment accounts • Journal entries should be reviewed by someone other than the preparer before posting Page 27
Misappropriation of Assets • Borrowing scheme • Scheme • “Borrowing” the investment for personal use (e.g. pledging the asset as collateral for a loan or other financing arrangement.) • Symptoms • Securities held by unusual party. • Indications that securities may be pledged. Page 28
Misappropriation of Assets • Borrowing scheme • Management Responses • Investments should be held by a third party safekeeper • Segregation of duties: • purchasing investments • reviewing statements • preparing Investment Report Page 29
Fraudulent Financial Reporting • Improper accounting methods • Schemes • Involve one or more of the following methods: • Change of approach used to determine write-downs to manipulate earnings • Misclassification or misstatement of the value of investments • Failure to disclose liens on securities • Management Response • Culture that does not heavily rely on aggressive financial goals to determine employee rewards Page 30
Fraudulent Financial Reporting • Fictitious Investments • Scheme • Fictitious investments or investments that are not owned by the entity are recorded in order to increase an entity’s asset base. • Management Response • Investment reports, safekeeping statements and investment accounts reconciliation should be reviewed by another employee Page 31
Fraudulent Financial Reporting • Failing to Record Sales of Investments • Scheme • The sale of an investment is not recorded, resulting in overstatement of assets. The cash may then be infused back into the municipality as a capital or debt transaction. However, many times the proceeds of the sale are diverted. • Management Response • Investment reports, safekeeping statements and investment accounts reconciliation should be reviewed by another employee Page 32
Internal Controls Page 33
Internal Controls - Definition • As defined by the AICPA Auditing Standard, consists of five interrelated components: • Control Environment • Risk Assessment • Information and Communication • Control Activities • Monitoring Page 34
Internal Controls - Control Environment • Reflects management’s attitude, awareness and actions concerning the importance of controls and its emphasis in the organization. • It sets the tone for the organization and is the foundation for all other components of internal control. Page 35
Internal Controls - Risk Assessment • The identification and analysis of relevant risks to the achievement of its objectives, forming a basis for determining how the risks should be managed. • The auditing standard provides a checklist of factors that might increase the risk of improperly accounting for transactions or events – applying that checklist to the treasury function: Page 36
Internal Controls - Risk Assessment • Change in finance/treasury staff • New elected or appointed treasurer • New or revamped financial or treasury system • New investment types or new to investing • Agency-wide restructuring • New accounting pronouncements Page 37
Internal Controls - Information and Communication Systems • The systems or processes that support the identification, capture and exchange of information in a form and time frame that enable people to carry out their responsibilities Page 38
Internal Controls - Control Activities • The policies and procedures that help ensure management directives are carried out Page 39
Internal Controls - Control Activities • Specific control activities include: • Authorization for use of investment accounts (transactions and setting up new accounts) • Authorization for investment transactions • Segregation of duties – physical control of investments vs. recordkeeping function • Safeguarding – third-party safekeeper, transaction authorization • Asset accountability – reporting to Council/Board Page 40
Internal Controls - Monitoring • Involves the continuous or periodic processes used to assess the quality of internal control performance over time Page 41
Internal Controls - Implementation • The design and implementation of internal controls vary with the size and complexity of each municipality. Specifically, smaller municipalities may use less formal means and simpler processes and procedures to achieve their objectives. Page 42
Internal Controls - Implementation • In all situations, the cost of a control should not exceed the benefits likely to be derived and the valuation of costs and benefits requires estimates and judgments by management. Page 43
Internal Controls and the Treasury Function • Most investment policies contain an Internal Controls section that details functions and requirements that correspond to each of the five elements discussed previously • Excerpts from a county’s investment policy follow on the next slides Page 44
Internal Controls and the Treasury Function • The basic concept of investment return is based on a risk/reward relationship. Therefore, the higher the return, the higher the risk. • Risk management must be an integral part of any investment policy. Risk management must include adequate internal controls so the public has confidence that public monies are secure. Page 45
Internal Controls and the Treasury Function • The Chief Deputy Treasurer is responsible for establishing and maintaining an internal control structure designed to ensure that the assets of the entity are protected from loss, theft or misuse. The internal control structure shall be designed to provide reasonable assurance that these objectives are met. Page 46
Internal Controls and the Treasury Function • The concept of reasonable assurance recognizes that: • The cost of a control should not exceed the benefits likely to be derived; and • The valuation of costs and benefits requires estimates and judgments by management. Page 47
Internal Controls and the Treasury Function • Accordingly, the Chief Deputy Treasurer shall establish and maintain internal controls that shall address the following points: Page 48
Internal Controls and the Treasury Function • Control of Collusion • Separation of Transaction Authority from Accounting and Record Keeping • Custodial Safekeeping • Avoidance of Physical Delivered Bearer Securities • Clear Delegation of Authority to Subordinate Staff Members Page 49
Internal Controls and the Treasury Function • Written Confirmation of Telephone Wire Transfers • Development of a Wire Transfer Agreement with the Lead Bank or Third Party Custodian • Development of the Annual Treasurer’s Investment Manual • Provide for an annual independent review by an external auditor to assure compliance with policies and procedures. Page 50