1 / 76

Internal Controls Training

8/29/2012. 3. Department of Administration. Division of Internal Audits Internal Financial PostAuditsManagement Review. . . . . . 8/29/2012. 4. Why You're Here. NAC 353A.100

venedict
Download Presentation

Internal Controls Training

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    1. 8/29/2012 1 Thanks for attending Internal Controls Training E-Class Thanks for attending Internal Controls Training E-Class

    2. 8/29/2012 2 Internal Controls Training Steve Weinberger, CPA. Financial Manager Division of Internal Audits (775) 687-0130 sweinberger@iaudits.nv.gov

    3. 8/29/2012 3 Department of Administration Division of Internal Audits Internal Financial Post Audits Management Review Before we continue with our internal controls discussion, let’s take a quick look at the Division of Internal Audits. The Division of Internal Audits is part of the Department of Administration. The division consist of three sections; Internal Audits, Financial Management and Post Review. The Chief of the Division reports to the Director of the Department of Administration Before we continue with our internal controls discussion, let’s take a quick look at the Division of Internal Audits. The Division of Internal Audits is part of the Department of Administration. The division consist of three sections; Internal Audits, Financial Management and Post Review. The Chief of the Division reports to the Director of the Department of Administration

    4. 8/29/2012 4 Why You’re Here NAC 353A.100  “Training for administration of budgetary accounts” Head of each agency Employees who administer budgetary accounts “Shall attend Internal Controls Training every 5 years”

    5. 8/29/2012 5 Overview Training consists of Pre-test Presentation Post Test Total time approximately 3 hours This training class consists of a pre-test, a PowerPoint presentation, and a post test. The class should take approximately 3 hours.This training class consists of a pre-test, a PowerPoint presentation, and a post test. The class should take approximately 3 hours.

    6. 8/29/2012 6 Presentation Description Internal Control Requirements for the State of Nevada Controls for Major Fiscal Areas Current Issues for the State The presentation is intended to be a high level review of the design and implementation of internal control systems. It will also discuss how internal control systems are administered in the State of Nevada.The presentation is intended to be a high level review of the design and implementation of internal control systems. It will also discuss how internal control systems are administered in the State of Nevada.

    7. 8/29/2012 7 Presentation Objective Understand State Internal Control Requirements Familiarize with Basic Controls for Major Fiscal Processes Notify you of Current Issues This presentation is designed to: Help you understand the basic design of an internal control system. Enable you to design internal controls for your fiscal processes. Evaluate your existing internal controls. This presentation is designed to: Help you understand the basic design of an internal control system. Enable you to design internal controls for your fiscal processes. Evaluate your existing internal controls.

    8. 8/29/2012 8 What are Internal Controls (I/C’s)? Prevent and detect fraud Protect assets Comply with laws Reliability of financial reporting Accomplish specific goals Before we go any further, we may want to explain what an internal control system is. Internal control is defined as a process created by management designed to help the organization: Prevent and detect fraud Protect or safeguard assets Comply with laws and regulations Offer limited assurance of the reliability of financial reporting Accomplish specific goals or objectives Before we go any further, we may want to explain what an internal control system is. Internal control is defined as a process created by management designed to help the organization: Prevent and detect fraud Protect or safeguard assets Comply with laws and regulations Offer limited assurance of the reliability of financial reporting Accomplish specific goals or objectives

    9. 8/29/2012 9 Who’s Responsible for I/C’s Management Designs Implements Monitors The responsibility for having an adequate internal control system lies solely with management. Management is responsible for: Designing the internal control system Implementing the system, and Monitoring and reviewing the system for adequacy The responsibility for having an adequate internal control system lies solely with management. Management is responsible for: Designing the internal control system Implementing the system, and Monitoring and reviewing the system for adequacy

    10. 8/29/2012 10 Now let’s get back to our discussion on internal controls. Internal controls have become a major concern over the last 15 years for: Congress Federal and State regulators Public Accountants Attorneys Internal Auditors This is due largely to major corporate scandals costing stockholders and corporate employees billions of dollars. Here are some of the more significant scandals: Now let’s get back to our discussion on internal controls. Internal controls have become a major concern over the last 15 years for: Congress Federal and State regulators Public Accountants Attorneys Internal Auditors This is due largely to major corporate scandals costing stockholders and corporate employees billions of dollars. Here are some of the more significant scandals:

    11. 8/29/2012 11 Remember these Guys?

    12. 8/29/2012 12 Kenneth Lay Enron CEO and chairman of Enron from 1986 until his resignation on January 23, 2002 Convicted of 10 counts of Securities Fraud Died of Heart Attack Oct 2006

    13. 8/29/2012 13 David Duncan Partner at Arthur Andersen R.I.P. Auditor In charge of Enron Audit Fired for leading a document-shredding brigade Which was “against company policy”

    14. 8/29/2012 14 Scott Sullivan CFO WorldCom Indicted $7 billion accounting fraud at the “disgraced US telecom giant”

    15. 8/29/2012 15 Dennis Kozlowski Ex Tyco CEO

    16. 8/29/2012 16 That’s Enough! Pres. Bush signs first in a series of legislation requiring Management to establish and maintain internal controls External auditors to report in writing on adequacy of internal controls As part of a national response to the corporate scandal phenomenon, President Bush signed the Sarbanes-Oxley Act In July of 2002. This was the first in a series of legislation that required: Corporate managers to establish and maintain internal control systems, External auditors to report in writing on the adequacy of internal controls. Legal penalties for not establishing and maintaining internal controls CPA firms to include an opinion stating whether effective internal controls were maintained by management in the audited financial statements. As part of a national response to the corporate scandal phenomenon, President Bush signed the Sarbanes-Oxley Act In July of 2002. This was the first in a series of legislation that required: Corporate managers to establish and maintain internal control systems, External auditors to report in writing on the adequacy of internal controls. Legal penalties for not establishing and maintaining internal controls CPA firms to include an opinion stating whether effective internal controls were maintained by management in the audited financial statements.

    17. 8/29/2012 17 State of Nevada Government entities required to have internal controls External auditors review ours Comprehensive Annual Financial Report (CAFR) This new legislation eventually found its way to governmental entities. Our external auditors are now required to include any major internal control problems and accounting errors in the CAFR. In the past, such problems could be reported verbally to state management. This new legislation eventually found its way to governmental entities. Our external auditors are now required to include any major internal control problems and accounting errors in the CAFR. In the past, such problems could be reported verbally to state management.

    18. 8/29/2012 18 State of Nevada External auditors report in CAFR Major control problems Major accounting errors CAFR available to media The CAFR is available to the media. Consequently, we need to do what we can to prevent major internal control problems from being reported in the CAFR and maybe even in the newspaper. This is why having internal control systems that are deemed adequate by our auditors is so important. The CAFR is available to the media. Consequently, we need to do what we can to prevent major internal control problems from being reported in the CAFR and maybe even in the newspaper. This is why having internal control systems that are deemed adequate by our auditors is so important.

    19. 8/29/2012 19 Internal Controls - Nevada Now let’s turn our discussions to internal control issues regarding State Of Nevada agencies.Now let’s turn our discussions to internal control issues regarding State Of Nevada agencies.

    20. 8/29/2012 20 Internal Controls – Nevada Internal Control Requirements Legislated at 3 levels: Statutory Requirement Uniform System of Internal Controls Agencies’ Written Procedures In Nevada, internal control requirements for State agencies are administered by: Statute A uniform system of internal controls designed by the Department of Administration Internal control policies and procedures written by agenciesIn Nevada, internal control requirements for State agencies are administered by: Statute A uniform system of internal controls designed by the Department of Administration Internal control policies and procedures written by agencies

    21. 8/29/2012 21 Internal Controls – Nevada Statutory Requirement NRS 353A – “Internal Accounting and Administrative Control” Legislates internal control requirements Internal control requirements for state agencies are legislated by NRS 353A. NRS 353A defines Internal Accounting and Administrative Control as a method through which agencies can: Safeguard assets Check accuracy & reliability of accounting records Promote efficient operations Adhere to managerial policies Internal control requirements for state agencies are legislated by NRS 353A. NRS 353A defines Internal Accounting and Administrative Control as a method through which agencies can: Safeguard assets Check accuracy & reliability of accounting records Promote efficient operations Adhere to managerial policies

    22. 8/29/2012 22 Internal Controls - Nevada NRS 353A.020 Mandates a Uniform System of Internal Controls Segregation of duties Limit access to assets Authorizations and Record Keeping Practices followed in performance of duties Effective system of internal review Pursuant to NRS 353A.020 the Department of Administration has established a uniform system of internal accounting and administrative controls for State agencies. This is a set of control procedures intended to address: An organizational plan to provide segregation of duties A plan to limit access to assets Procedures for authorizations and record keeping to provide an accurate accounting system A system of practices to be followed in performance of duties An effective system of internal review Pursuant to NRS 353A.020 the Department of Administration has established a uniform system of internal accounting and administrative controls for State agencies. This is a set of control procedures intended to address: An organizational plan to provide segregation of duties A plan to limit access to assets Procedures for authorizations and record keeping to provide an accurate accounting system A system of practices to be followed in performance of duties An effective system of internal review

    23. 8/29/2012 23 Internal Controls - Nevada Uniform System of Internal Controls Self Assessment Questionnaire (SAQ) Control Activities Monitoring SAQ available at dintaud.state.nv.us The uniform set of internal accounting and administrative controls were written in the form of questions and consolidated into the Self Assessment Questionnaire (SAQ). The purpose of this is to provide agencies with a way to determine if they are in compliance with the uniform set of controls by answering these questions about their agency. The SAQ includes control questions for all material fiscal areas including Revenues, Accounts Receivable, Purchasing, and others. It also includes questions on monitoring procedures for agencies’ self-evaluation of their internal controls. The SAQ is available on our website at dintaud.state.nv.us click on the Financial Management link. The uniform set of internal accounting and administrative controls were written in the form of questions and consolidated into the Self Assessment Questionnaire (SAQ). The purpose of this is to provide agencies with a way to determine if they are in compliance with the uniform set of controls by answering these questions about their agency. The SAQ includes control questions for all material fiscal areas including Revenues, Accounts Receivable, Purchasing, and others. It also includes questions on monitoring procedures for agencies’ self-evaluation of their internal controls. The SAQ is available on our website at dintaud.state.nv.us click on the Financial Management link.

    24. 8/29/2012 24 Internal Controls - Nevada Self-Assessment Questionnaire SAQ Revenues.doc

    25. 8/29/2012 25 Internal Controls - Nevada Agencies’ Written Procedures NRS 353A.020 (3) Requires agencies develop written procedures to: Address control activities on SAQ Address monitoring procedures on SAQ Nevada State agencies are required by NRS 353A.020 (3) to develop written procedures to carry out the uniform system of internal accounting and administrative controls adopted by the Department of Administration. As previously stated the uniform system of internal accounting and administrative controls is documented in the Self-Assessment Questionnaire (SAQ) Consequently, agencies must develop written procedures that address all the applicable control activities noted in the SAQ. Applicable refers to transactions actually performed by the agency. For example, if an agency does not receive grants the grant questions in the SAQ would be not be applicable.Nevada State agencies are required by NRS 353A.020 (3) to develop written procedures to carry out the uniform system of internal accounting and administrative controls adopted by the Department of Administration. As previously stated the uniform system of internal accounting and administrative controls is documented in the Self-Assessment Questionnaire (SAQ) Consequently, agencies must develop written procedures that address all the applicable control activities noted in the SAQ. Applicable refers to transactions actually performed by the agency. For example, if an agency does not receive grants the grant questions in the SAQ would be not be applicable.

    26. 8/29/2012 26 Internal Controls - Nevada Agencies’ Written Procedures Financial Management Assistance Self Assessment Questionnaire Templates Contact us with any questions (775)-687-0120 The financial management section of the Department of Internal audit is available to assist agencies in developing their written procedures. We recommend using the Self Assessment Questionnaire as a guideline for your written procedures. We also have templates available to assist you in preparing your written procedures.The financial management section of the Department of Internal audit is available to assist agencies in developing their written procedures. We recommend using the Self Assessment Questionnaire as a guideline for your written procedures. We also have templates available to assist you in preparing your written procedures.

    27. 8/29/2012 27 Internal Controls - Nevada Financial Management Web Page dintaud.state.nv.us Click on Financial Management link

    28. 8/29/2012 28 Internal Controls - Nevada State Monitoring Requirements NRS 353A.025 - Agency Self Assessment Agencies periodically self-assess internal controls SAM 2418 (Revised) Annually complete SAQ Annually test a sample of transactions using “Testing of Transactions” on our website at dintaud.state.nv.us. Agencies are required to self assess their internal control systems as follows: Periodic monitoring of internal control systems is required by statute. (NRS 353A.025) Section 2400 of the SAM manual has been revised to provide additional instruction for agency self assessments. Agencies are required to annually assess both their written internal control procedures and their actual controls in practice for compliance with the uniform system of internal controls (as noted in the SAQ) The self assessment questionnaire should be used to evaluate actual procedures in practice, by observing and interviewing the people performing the procedures. When evaluating your written procedures, you should verify that your procedures contain the control activities in the SAQ. There is a cross reference column on the SAQ where you can list the page number and paragraph of you procedures that address the control activity. Agencies should also test a sample of 3 to 5 transactions for each type of transaction they have for compliance with their written procedures and the SAQ. A “Testing of Transactions” checklist is available on our website. Agencies are required to self assess their internal control systems as follows: Periodic monitoring of internal control systems is required by statute. (NRS 353A.025) Section 2400 of the SAM manual has been revised to provide additional instruction for agency self assessments. Agencies are required to annually assess both their written internal control procedures and their actual controls in practice for compliance with the uniform system of internal controls (as noted in the SAQ) The self assessment questionnaire should be used to evaluate actual procedures in practice, by observing and interviewing the people performing the procedures. When evaluating your written procedures, you should verify that your procedures contain the control activities in the SAQ. There is a cross reference column on the SAQ where you can list the page number and paragraph of you procedures that address the control activity. Agencies should also test a sample of 3 to 5 transactions for each type of transaction they have for compliance with their written procedures and the SAQ. A “Testing of Transactions” checklist is available on our website.

    29. 8/29/2012 29 Internal Controls - Nevada Biennial Report on Internal Controls NRS 353A.025 (2) Due July 1 of each even numbered year Are actual processes adequate? Are written procedures adequate? Do written procedures agree with actual processes? Signed by head of agency “Report on Internal Controls” available at dintaud.state.nv.us The results of Agencies’ self assessments are eventually reported to the Department of Administration as follows: Per NRS 353A.025 Agencies are required to report to the Director of Administration whether their internal controls are in compliance with the uniform system of internal accounting and administrative controls. This report is due July 1st of each even numbered year. Agencies are requested to complete the “Report on Internal Controls” form. (Available on our website) In this report, agencies note whether their actual procedures are adequate meaning they comply with the uniform system (or the SAQ) Agencies note whether their written procedures are adequate And whether their written procedures agree with actual practices The results of Agencies’ self assessments are eventually reported to the Department of Administration as follows: Per NRS 353A.025 Agencies are required to report to the Director of Administration whether their internal controls are in compliance with the uniform system of internal accounting and administrative controls. This report is due July 1st of each even numbered year. Agencies are requested to complete the “Report on Internal Controls” form. (Available on our website) In this report, agencies note whether their actual procedures are adequate meaning they comply with the uniform system (or the SAQ) Agencies note whether their written procedures are adequate And whether their written procedures agree with actual practices

    30. 8/29/2012 30 Report on Internal Controls Report on Internal Controls.doc

    31. 8/29/2012 31 Internal Controls - Nevada NRS 353A.025 (4) Submitted first Monday in February every odd numbered year Report includes: Did not submit “Report on Internal Controls” Not submitted timely No effective method of internal review Identification of agencies with weaknesses Extent and types of such weaknesses Agencies’ self assessment results are then reported to top State officials as follows: Per NRS 353A.025(4) The Department of Administration is required to compile the information reported from agencies on the “Report on Internal Controls Form” and report the following to the Governor, the Director of the Legislative Counsel Bureau, and the Legislative Auditor: Agencies failing to submit the “Report on Internal Controls” Agencies submitting the report late Agencies that could not effectively review their internal control system Agencies with material internal control weaknesses The extent and type of such weaknesses Agencies’ self assessment results are then reported to top State officials as follows: Per NRS 353A.025(4) The Department of Administration is required to compile the information reported from agencies on the “Report on Internal Controls Form” and report the following to the Governor, the Director of the Legislative Counsel Bureau, and the Legislative Auditor: Agencies failing to submit the “Report on Internal Controls” Agencies submitting the report late Agencies that could not effectively review their internal control system Agencies with material internal control weaknesses The extent and type of such weaknesses

    32. 8/29/2012 32 Major Fiscal Processes Risks, Controls, and Other Issues for: Revenues Purchasing & Expenditures Payroll and Personnel Contracts Travel

    33. 8/29/2012 33 Revenues Cash, Checks, Money Orders Most liquid asset Risk – Embezzlement

    34. 8/29/2012 34 Revenues Four Stages Receiving Depositing Recording Reconciling

    35. 8/29/2012 35 Revenues Control Activities Receiving Checks Restrictively Endorse Checks Numeric must agree with written amount No postdated checks, no foreign checks Record or log Immediately (voids initialed by supervisor) Cash Pre-numbered multi part receipt Large amount – 2 people receive Count in presence of customer

    36. 8/29/2012 36 Revenues Security Funds should not be left unattended Limit access to funds Lock doors when counting or preparing deposit Secure funds during break Don’t commingle with petty cash

    37. 8/29/2012 37 Revenues Control Activities Receiving NRS 353.1467   Payments of $10,000 or more by electronic transfer of money. All Agency Memo.pdf

    38. 8/29/2012 38 Revenues Control Activities Depositing $$ handled by as few people as possible Segregate depositing from receiving Prepare in secure area Secure funds until deposit Locked file cabinet, safe, etc. Change combo, keys, as necessary NRS 353.250 Bank Deposits Every Thursday $10k or more - next working day

    39. 8/29/2012 39 Revenues Control Activities Recording Post to ledgers (A/R, Sales, Fees, etc.) Segregate from receiving the $$$ Segregate from depositing the $$$

    40. 8/29/2012 40 Revenues Control Activities Reconciling Segregate from receiving and depositing Daily – A/R payments, sales, permits issued to $$$ received Daily - Bank deposit to $$$ received Weekly or Monthly - A/R payments, sales, permits issued to BSR Monthly – Review A/R delinquency reports Payments, sales, permits need controls Sales – secure inventory A/R payments – limit access to ledger Permits issues – secure inventory, use pre-numbered forms

    41. 8/29/2012 41 Purchasing and Expenditures Risk of billing schemes Purchase non-existent items From fake vendors Purchase real items for personal use Fake claims or reimbursements Most expensive employee theft Let’s try analyzing the risks identified for Purchasing. Purchasing is the most risky fiscal area in terms of fraud. Billing scams have historically been the most popular and expensive type of corporate and governmental purchasing fraud. This scam involves setting up phony vendors who sell non-existent items to the entity, or in our case, the state. Such a risk should most likely not be accepted and additional resources should be utilized to mitigate this risk. However, analyzing this risk in more detail may help you limit the amount of additional resources required. For example, you can analyze this risk based on the type of item purchased. Let’s try analyzing the risks identified for Purchasing. Purchasing is the most risky fiscal area in terms of fraud. Billing scams have historically been the most popular and expensive type of corporate and governmental purchasing fraud. This scam involves setting up phony vendors who sell non-existent items to the entity, or in our case, the state. Such a risk should most likely not be accepted and additional resources should be utilized to mitigate this risk. However, analyzing this risk in more detail may help you limit the amount of additional resources required. For example, you can analyze this risk based on the type of item purchased.

    42. 8/29/2012 42 Purchasing and Expenditures Control Activities Segregate ordering and receiving Match - P.O., invoice, receiving document Vendor numbers Require outside agency approval Over 1k Weapons Computers

    43. 8/29/2012 43 Purchasing and Expenditures Controls for tangible Items Verify item received Match to P.O. and invoice What if for: membership fees, professional dues or water rights? Intangible Assets (membership fees, professional licenses) Intangible assets present more fraud risk than tangible assets. The risk of purchasing a non-existing item would tend to be high, because there is no physical item to be received besides a certificate or receipt of some kind. Fake certificates and receipts are easy to create. Additionally, it would be relatively easy to create a fake vendor who supposedly sells membership fees. It would be beneficial to perform additional procedures to verify the existence of the items purchased and the legitimacy of the vendor. Intangible Assets (membership fees, professional licenses) Intangible assets present more fraud risk than tangible assets. The risk of purchasing a non-existing item would tend to be high, because there is no physical item to be received besides a certificate or receipt of some kind. Fake certificates and receipts are easy to create. Additionally, it would be relatively easy to create a fake vendor who supposedly sells membership fees. It would be beneficial to perform additional procedures to verify the existence of the items purchased and the legitimacy of the vendor.

    44. 8/29/2012 44 How to be a millionaire? Meet Paul Constantine Orphan A 20 year Washoe County employee Paul was authorized to purchase water capacity for the county Paul created 2 fake companies Paul supplied fake invoices to support the purchases He purchased non-existent water capacity from the fake companies he created Paul became a millionaire! His boss is not happy The Washoe County water rights fraud is an example of the high risk associated with purchasing intangible assets. It may have been prevented if someone besides Paul had investigated the vendor.The Washoe County water rights fraud is an example of the high risk associated with purchasing intangible assets. It may have been prevented if someone besides Paul had investigated the vendor.

    45. 8/29/2012 45 Purchasing and Expenditures Intangibles Assets Control Activities Receiving doesn’t work Verify vendor Google Call them Big bucks – visit if possible

    46. 8/29/2012 46 Purchasing and Expenditures Address for fake company was a plumbing supply storage building Control Activities Independent verification of companies Google Verify company address

    47. 8/29/2012 47 Purchasing and Expenditures Billing Schemes Red Flags Vendor’s address same as employee’s Vendor’s name consists only of initials Sudden increase in payments to vendor Vendor’s address is a P.O. box Invoices for unspecified consulting or poorly defined services Large billings broken into smaller invoices to not attract attention Let’s continue our discussion on billing schemes. As we stated before, this is the most common type of corporate fraud and usually involves setting up fictitious vendors. Here are some Red Flags for fictitious vendors: Vendor’s address same as employee’s Vendor’s name matches employee’s initials Checks are written to cash Vendor’s address is a P.O. box Missing vendor data (fraudsters often enter the minimum amount of data needed to get a payment, they may not enter a phone number, zip code, etc) Illogically formatted vendor data (fraudsters can be sloppy, they may miss a digit on a social security, phone number, etc.) Let’s continue our discussion on billing schemes. As we stated before, this is the most common type of corporate fraud and usually involves setting up fictitious vendors. Here are some Red Flags for fictitious vendors: Vendor’s address same as employee’s Vendor’s name matches employee’s initials Checks are written to cash Vendor’s address is a P.O. box Missing vendor data (fraudsters often enter the minimum amount of data needed to get a payment, they may not enter a phone number, zip code, etc) Illogically formatted vendor data (fraudsters can be sloppy, they may miss a digit on a social security, phone number, etc.)

    48. 8/29/2012 48 Purchasing and Expenditures Claims and Reimbursements Victims of Crime Program Employee Embezzlement Case worker gave 50K to family members Case worker verified loss of wages

    49. 8/29/2012 49 Purchasing and Expenditures Claims and Reimbursements Controls Verify Claim (lost wages) with 3rd party Involve second person in process

    50. 8/29/2012 50 Purchasing and Expenditures Pay-and-Return Schemes Employee intentionally overpays vendor Vendor refunds overpayment to company Employee embezzles refund

    51. 8/29/2012 51 Procurement Cards US Bank Available to all Agencies Internal Control Template Procurement Card Administrator Approval Cardholder Agreement Form

    52. 8/29/2012 52 Procurement Cards Internal Controls - Purchase Purchases Authorized Within Budget Complies with SAM Rules – Purchasing No Sales Tax, No Services Signed Receiving Document

    53. 8/29/2012 53 Procurement Cards Internal Controls – Audit Review Billing Statements Proper Authorizations Supporting Doc’s No Sales Tax, No Services No Unauthorized Merchants or Categories

    54. 8/29/2012 54 Payroll & Personnel Risk of: Erroneous salaries Fraudulent reporting of hours

    55. 8/29/2012 55 Payroll & Personnel Erroneous salaries Controls Compare ESMT to payroll report or HRDW Classified or unclassified listing Compare CAT 01 budget to actual

    56. 8/29/2012 56 Payroll & Personnel Fraudulent reporting of hours Controls Supervisor approves time sheet Maintain documentation for: Annual Leave Comp Leave Flex Leave Sick Leave

    57. 8/29/2012 57 Payroll & Personnel Fraudulent reporting of hours (cont’d) Controls Compare time sheets to: Leave documentation Internal time tracking

    58. 8/29/2012 58 Payroll & Personnel Other Reconciliations: HRDW to BSR Review any non-automated JV’s Notify Central Payroll of any variances Time sheets to Payroll Register Ensure NEATS entries recorded in Advantage

    59. 8/29/2012 59 Contracts Risks Bribes and kickbacks Undisclosed conflicts of interest Accepting illegal gratuities Economic extortion

    60. 8/29/2012 60 Contracts Pay to Play “$25,000 Club” In October 2006, it was revealed that Patricia Blagojevich, a licensed real estate broker, earned $113,700 in commissions from the owners of a company that holds a no-bid contract with the state Department of Children and Family Services. $25,000 Club In the midst of the Rezko trial, the Chicago Tribune reported on what it called a "$25,000 Club" in which 75% of businesses, unions and individuals that gave a $25,000 donation to Rod Blagojevich's political campaign received benefits from the State of Illinois, including state contracts and appointments to state boards.In October 2006, it was revealed that Patricia Blagojevich, a licensed real estate broker, earned $113,700 in commissions from the owners of a company that holds a no-bid contract with the state Department of Children and Family Services. $25,000 Club In the midst of the Rezko trial, the Chicago Tribune reported on what it called a "$25,000 Club" in which 75% of businesses, unions and individuals that gave a $25,000 donation to Rod Blagojevich's political campaign received benefits from the State of Illinois, including state contracts and appointments to state boards.

    61. 8/29/2012 61 Contracts Economic Extortion Bribes & Kickbacks Used connections Demanded kickbacks Companies wanting State contracts

    62. 8/29/2012 62 Contracts Controls $999 limit on direct purchases (SAM) Contracts of $2K Budget Approval (SAM) Contracts of $10K BOE approval (SAM) Contracts of 25K RFP (NRS 333.3)

    63. 8/29/2012 63 Contracts Controls (Cont’) Certified Contract Manager Contract Monitor Independent of authorizer Verifies dates and deliverables

    64. 8/29/2012 64 Travel Risks: Fictitious Expenses Inflated Actual Expenses

    65. 8/29/2012 65 Travel Fictitious Expenses: Personal stuff (hotels, alcohol) Fake conventions Canceled airline tickets, fake seminars or conventions 2 employees claiming mileage when they carpooled.

    66. 8/29/2012 66 Travel Inflated Expenses: Claiming tips (should be incidentals) Claims in excess of per diem Using inflated mileage totals Taking a state car to Disneyland

    67. 8/29/2012 67 Travel Controls Detailed travel policy (per diem, mileage) Formal review policy Require original documentation Look for alterations Question unusual items Avoid cash advances Prosecute offenders

    68. 8/29/2012 68 Travel Compensable Mileage and Commute Time Definitions Official Duty Station: The Office at 3427 Goni Road, Carson City Job site: Audit site, airport, other official state business location. Normal commuting mileage: The actual round trip mileage between the employee’s residence and “official duty station”. Normal commuting Time: The actual round trip commute time between the employee’s residence and “official duty station”.

    69. 8/29/2012 69 Travel Travel beginning and ending at official duty station or job site: Mileage and time will be compensated for based on round trip. Travel beginning or ending at employee’s residence When commuting to or from a “job site”, any mileage (or time) in excess of the employee’s “normal commuting mileage” (or time) is compensable.

    70. 8/29/2012 70 Travel Fair Labor Standards Act (FLSA) Back and forth to work not compensable (unless employee works while commuting) Regardless if Official Duty Station or Jobsite

    71. 8/29/2012 71 Travel Travel Cards – US Bank Ghost Account – State pays (air only) Individual Liability - Individual pays

    72. 8/29/2012 72 Travel Corporate Travel (Ghost Card) Reconcile and pay monthly Monthly supervisory review

    73. 8/29/2012 73 Travel Individual Liability Cards Travel Card Administrator (TCA) Track cards Ensure cardholders paying timely Late payments affect our rebate Use for business only Follow normal travel claim reimbursement rules

    74. 8/29/2012 74 ARRA American Recovery and Reinvestment ACT Reporting Requirements Who? Anyone receiving ARRA $$$ Primary recipients can report for subrecipients When? 10th day after end of calendar quarter First report due October 10th

    75. 8/29/2012 75 ARRA American Recovery and Reinvestment ACT Reporting Requirements What? Amount of funds received and spent List of projects and activities funds spent on Estimate of jobs creates and retained Details on sub-awards

    76. 8/29/2012 76 Thank You Thank you for taking this class Good luck on the test! Thanks for taking this class. Hopefully, you’ve realized the importance of being familiar with the COSO framework for establishing and evaluating internal controls, and the way internal controls are administered in the State of Nevada. Please feel free to contact the Division of Internal Audits Financial Management section with any questions or comments at: 775-687-0120 or diainformation@iaudits.nv.gov Good Luck on the post-test! Thanks for taking this class. Hopefully, you’ve realized the importance of being familiar with the COSO framework for establishing and evaluating internal controls, and the way internal controls are administered in the State of Nevada. Please feel free to contact the Division of Internal Audits Financial Management section with any questions or comments at: 775-687-0120 or diainformation@iaudits.nv.gov Good Luck on the post-test!

More Related