180 likes | 213 Views
Performance Audit Fraud management in local government Report 19: 2014-15 David Toma Manager. 24 July 2015. Agenda. Context: roles and responsibilities Overview of audit findings Recommendations Types of fraud How councils can use our report Key questions. Context. Overview.
E N D
Performance AuditFraud management in local governmentReport 19: 2014-15David TomaManager 24 July 2015
Agenda • Context: roles and responsibilities • Overview of audit findings • Recommendations • Types of fraud • How councils can use our report • Key questions
Overview • Councils are exposed to high risks of fraud and corruption: • procure large volume of goods and services • often from local suppliers • In March 2013, we reported to Parliament that the risk of fraud occurring undetected in state government departments was unacceptably high • We surveyed all 77 councils in Queensland to determine how they performed against accepted standards for fraud and corruption control
Focus of this audit We focused on how well councils manage the risk of fraud occurring and remaining undetected Key areas examined • Fraud risk identification and monitoring • Fraud controls implemented to prevent frauds, or detect them Audit scope • Department of Infrastructure, Local Government and Planning • All 77 Queensland local councils
Conclusion • Most councils are not managing their fraud risks effectively • fraud and corruption is happening in councils • few understand sufficiently how widespread it is, or what it costs • Councils over-rely on internal and external auditors to detect fraud • Through our own data analytics and detailed analysis we identified potential fraudulent and corrupt activity in one council
Recommendations • The Department of Infrastructure, Local Government and Planning pursue amendment of the Local Government Regulation 2012and the City of Brisbane Regulation 2012 to require: • loss as a result of fraud to be a reportable loss to the Auditor-General and to the Minister responsible for local government • councils to keep written records of alleged and proven losses arising from fraud. • All councils assess themselves against the findings in this report as a priority and where needed develop, revise or update their: • policies and procedures for fraud and corruption management • fraud and corruption control plans • fraud risk assessments • data analytics capability for fraud detection.
Fraud planning and prevention Council key fraud management practices—response to survey
Fraud planning and prevention • 65 per cent of councils (43 out of 66 council respondents) do not have a fraud and corruption control plan • Councils with a plan have a more structured path towards preventing, detecting and responding to fraud that those without a plan Figure 3C (page 31) Fraud and corruption plans identified by council region
Fraud planning and prevention • Strong internal controls help to deter the occurrence of fraud and corruption Figure 3I (page 41) Control weaknesses causing fraud cases
Fraud detection and response • Councils’ fraud detection approach are outdated in today’s increasingly sophisticated and evolving fraud control environment • Both data analytics and fraud risk assessments were outside the top 10 detection techniques councils used to detect fraud • Managements are not owning the challenge of fraud control • Councils’ reactive approach to fraud detection means they are less likely to detect it early • Our survey data shows that once a fraud occurs, there is little recovery action. Where recovery is initiated the funds recouped are minimal.
Fraud detection and response Figure 4A (page 49) Council’s top 10 fraud detection methods
Fraud detection and response Figure 4B (page 50) Council detection methods used to detect alleged and confirmed cases
Types of fraud • Understanding of the extent and types of fraud occurring in the local government sector can inform targeted strategies Figure 2D (page 22) Council detection methods used to detect alleged and confirmed cases
How councils can use our report • Context chapter • Elements of fraudulent behaviour • Roles and responsibilities • Types of fraud councils are susceptible to • Fraud controls • Chapter 2 – Fraud in local councils • Types of fraud occurring in local councils • Chapter 3 – Fraud planning and prevention • The difference having a fraud and corruption plan can make • Case studies: • Fraud risk assessment • Supplier vetting • Senior officer overriding controls • Circumvention and lack of procurement controls • Undeclared conflicts of interest
How councils can use our report • Chapter 4 – Fraud detection and response • Case studies • Related party procurement data analytics • Data analytics as a trigger for analysis of fraudulent or corrupt activity • Appendix C – Fraud risk susceptibility analysis • Appendix E – Red flag indicators
Key Questions • Setting the tone: • Does your council clearly set the tone from the top and communicate a zero-tolerance approach to fraud? • Does your council have a fraud control policy? • Fraud and corruption control plan: • Does your council have a fraud and corruption control plan? • Does it establish clear objectives and assign specific actions? • Fraud risk assessments: • Does your council conduct regular fraud risk assessments and conduct more detailed assessments for areas considered high risk? • Has your council identified its susceptibility to fraud risk? • Data analytics: • Does your council use the results of fraud risk assessments to develop data analytics to target areas of risk?
Thank You Any questions please contact David Toma Phone: (07) 3149 6050 Email: david.toma@qao.qld.gov.au Mail: PO Box 15396, City East Qld 4002. David TomaManager 24 July 2015