Nicola Mining Inc. Corporate Presentation March 2024
2013 12-12 Nonprofit Fraud Part 3
1. NONPROFIT FRAUD: WHAT
YOU NEED TO KNOW
PART III: THE PREVENTION
Lawrence J. Hoffman, CPA/CFF, CVA, CFE
Senior Partner and Director of Forensic
Consulting Services
Leslie C. Kirsch, CFE
Manager, Forensic Accounting Services
December 12, 2013
2. OBJECTIVES
NONPROFIT FRAUD: THREE-PART SERIES
PART I: THE FRAUD
•
•
•
•
•
Why it is important that you are educated in fraud
The magnitude of fraud in nonprofits
The types of frauds in nonprofits
Why does fraud occur in nonprofits
Some important fraud prevention takeaways
PART II: THE DETECTION
•
•
•
•
•
•
Who are the fraud perpetrators?
Why do people commit fraud?
How is fraud detected?
What are fraud red flags?
Fraud detection techniques
What do you do when you uncover fraud?
PART III: THE PREVENTION
•
•
•
•
What are the primary factors contributing to fraud in nonprofits?
Detective versus preventative controls
What are the best preventative measures?
The five critical takeaways!
Part III: The Prevention* Page 2
3. AGENDA
• What are the best preventative measures and controls?
• Key internal controls
• Conducting a fraud risk assessment
• Implementing a fraud prevention program
• The five critical takeaways!
Part III: The Prevention* Page 3
4. WHAT ARE THE BEST PREVENTIVE
MEASURES AND CONTROLS?
THE COMMON ELEMENT IN EVERY
FRAUD!
Part III: The Prevention* Page 4
5. WHAT ARE THE BEST PREVENTIVE
MEASURES AND CONTROLS?
THE BEST PREVENTIVE MEASURE!
HIRE ONLY HONEST, ETHICAL
AND MORAL PEOPLE!
Part III: The Prevention* Page 5
6. WHAT ARE THE BEST PREVENTIVE
MEASURES AND CONTROLS?
FRAUD IS A PEOPLE PROBLEM!
• Are you hiring fraudsters?
• Are you enabling someone predisposed to commit
fraud?
• Is your organization’s environment promoting fraud?
• Does your organization’s system of internal controls
provide the opportunity to commit fraud?
• Is your organization educated and aware of fraud
schemes and red flags?
• Do you have a process that provides your employees
and others to report possible fraud and abuse?
• Does your organization tolerate fraud? Do you have a
zero tolerance policy for fraud?
Part III: The Prevention* Page 6
7. REVIEW OF COMMON PREVENTIVE
CONTROLS
PREVENTIVE CONTROLS
Preventive controls attempt to deter or prevent
undesirable events from occurring. They are proactive
controls that help prevent a loss.
DETECTIVE CONTROLS
Detective controls, on the other hand, attempt to detect
undesirable acts. The provide evidence that a loss has
occurred but do not prevent a loss from occurring.
Detective techniques should be used to uncover fraud
events when preventive measures fail or unmitigated risks
are realized.
Effective Preventive Measures Serve as
Strong Deterrents
Part III: The Prevention* Page 7
8. WHAT ARE THE BEST PREVENTIVE
MEASURES AND CONTROLS?
1. Internal Controls
•design your system and procedures so you do not have to
rely on trust as a control!
•remember any person is capable of committing fraud!
•keep in mind the persons role and access to commit fraud!
•you must segregate the recordkeeping and the custody of
the assets!
•do you have adequate oversight controls?
REMEMBER
TRUST IS NOT AN INTERNAL CONTROL!
Part III: The Prevention* Page 8
9. WHAT ARE THE BEST PREVENTIVE
MEASURES AND CONTROLS?
2. Tone from the Top!
•What is your “control environment”?
•Do you have a strong internal control system?
•Directors and officers need to set the tone for ethical
behavior
•How effective is your Audit Committee?
•If unethical behavior is tolerated at the top you can be
assured it is happening in the rest of the organization!
Part III: The Prevention* Page 9
10. WHAT ARE THE BEST PREVENTIVE
MEASURES AND CONTROLS?
3. Know Your Employees!
•Background checks and investigations-know who
you are hiring!
– how well do you know that person?
– what due diligence are you doing?
– do you believe their resume?
– not just a one-time occurrence!
•Know your employees and what they are doing
– executives and managers need to pay attention
and spend time with their employees-be engaged!
– establish that baseline!
•Perform exit interviews
– what do employees leaving tell you?
– what do you ask them?
Part III: The Prevention* Page 10
11. WHAT ARE THE BEST PREVENTIVE
MEASURES AND CONTROLS?
TRUST BUT VERIFY EMPLOYEE BACKGROUNDS...
Part III: The Prevention* Page 11
12. WHAT ARE THE BEST PREVENTIVE
MEASURES AND CONTROLS?
4. Fraud Prevention Program
• Fraud risk assessment
• Fraud awareness and ongoing training for all levels of the
organization
• Reporting mechanisms and whistle-blower protections
• Investigation / response process
• Board and audit committee oversight
• Conflict resolution
• Communications
• Continuous monitoring
• Employer-provided employee assistance services (financial
counselors etc.)
• Evaluate performance and compensation programs
– do they promote fraud and abuse?
– are they fair and provide incentive for performers and hard
work?
Part III: The Prevention* Page 12
13. WHAT ARE THE BEST PREVENTIVE
MEASURES AND CONTROLS?
5. Your Employees Eyes and Ears!
• tips are number one method for detecting fraud!
• establish a formal written whistleblower policy
-procedures for receiving complaints
-procedures for investigating complaints
-policy for protecting whistleblowers
-confidentiality polices for whistleblowers
-role and responsibilities of audit committee
-educating employees on the policy
• establish independent hotline for tips!
You must create the impression that
someone is watching!
Part III: The Prevention* Page 13
14. KEY INTERNAL CONTROLS
SEGREGATION OF DUTIES
• Must segregate the recordkeeping and the custody of the
assets!
• Cash receipts-no single person should
− receive the money,
− deposit the money,
− record the receipts and
− reconcile the receipts to the books and records
• Cash disbursements-no single person should
− authorize payments,
− disburse funds (write checks, ACH, wires etc) and
− reconcile the bank accounts.
Part III: The Prevention* Page 14
16. KEY INTERNAL CONTROLS
SEGREGATION OF DUTIES
• Use a board member or volunteer if there is not enough
internal staff to achieve the segregation of duties
• Require accounting and finance personnel to take vacations
and not to take work home
Part III: The Prevention* Page 16
17. KEY INTERNAL CONTROLS
•
•
•
•
•
•
•
•
•
ACCOUNTS RECEIVABLE/CASH RECEIPTS
Restrictively endorse checks “for deposit only” immediately
Keep a permanent cash receipts log
Make and reconcile deposits daily
Ask donors and others to write out full name of organization on
checks
Use a bank lockbox service
Cash should be counted with two people present
Publish donor names
Review accounts receivable aging
Independent approval of all accounts receivable write-offs and
refunds
Part III: The Prevention* Page 17
18. KEY INTERNAL CONTROLS
ACCOUNTS PAYABLE/DISBURSEMENTS
• Have a formal purchase requisition system
• Understand procurement process between goods and services
(3 way match for goods!)
• Only original invoices and documents-no photocopies
• Require dual signatures for expenditures over a certain dollar
amount (no signature stamps or electronic signatures!)
• Mail all checks after approval and signature promptly
• No pre-signed checks!
• No checks made payable to “cash”
• Keep blank check stock locked up
• Have independent reviews of management expense reports
(even if a board members must do this!) (check calendars!)
Part III: The Prevention* Page 18
20. KEY INTERNAL CONTROLS
ACCOUNTS PAYABLE/DISBURSEMENTS
• Have preauthorized set limits on corporate credit cards and limit
on who receives them
• Have a written policy on use of corporate credit cards-no
personal use!
• Independent review credit card statements as soon as they
arrive
• Review vendor lists and have approval process for new
vendors-know your vendors Identify any related-party
transactions (watch for P.O. boxes!) (Google suspected names)
• Contracts for services and goods should be competitive bid (at
least 3) and approved by someone independent of person
requisitioning
• No hand delivery of checks by person requesting the check
• Investigate vendor complaints promptly!
Part III: The Prevention* Page 20
21. KEY INTERNAL CONTROLS
•
•
•
•
•
•
PAYROLL
Independent approval of employees added to payroll including
pay rate
Independent review of payroll register from payroll processing
firm
Verify that payroll taxes and other withholdings are being
deposited timely
Use a separate bank account for payroll
Timely reporting of time of effort by employees with proper
supervisory approval
Use outside payroll processing service
Part III: The Prevention* Page 21
23. KEY INTERNAL CONTROLS
•
•
•
•
•
•
FINANICAL REPORTING
Have a well defined and time lined financial reporting checklist
Financial statements should be timely and complete
Have a detailed annual/monthly budget-zero based
Budget versus actual analysis with detailed explanations (are
explanations in line with expectations?)
Review journal entries at the end of each reporting period
Reconciliations, including bank reconciliations, should be
prepared promptly after reporting period and independently
reviewed
Part III: The Prevention* Page 23
24. KEY INTERNAL CONTROLS
•
•
•
•
•
•
•
OTHER CONTROLS
Notification and alert services with your bank
– Wire notifications
– ACH Fraud Filters
– Balance threshold
– Positive Pay exceptions
– Credit card transactions
– Authorization limits
Conduct fixed asset inventories at least annually
Close inactive bank accounts immediately
Update bank authorized signatures promptly when
changes in personnel
Job rotation and mandatory vacations
Fidelity bond coverage
Surveillance
Part III: The Prevention* Page 24
25. CONDUCTING A FRAUD RISK ASSESSMENT
THE FRAUD RISK ASSESSMENT PROCESS
• Purpose is to identify where fraud may occur and how it may
be perpetrated
• The organization chart-the map of the people and processes
presents a picture and starting point
• Remember to overlay macro elements such as industry and
organizational changes, economic climate, government
regulations and climate, technology changes and
advancements
• Brainstorming the possible threats and schemes
• Are there any current warning flags?
• Where are you most vulnerable?
Part III: The Prevention* Page 25
26. CONDUCTING A FRAUD RISK ASSESSMENT
THE FRAUD RISK ASSESSMENT PROCESS
• Are there serious weaknesses in internal controls?
• Are there any mitigating controls?
• Do you have physical security breach threats?
• What do you need to do to secure significant threats?
Part III: The Prevention* Page 26
27. CONDUCTING A FRAUD RISK ASSESSMENT
FACTORS THAT CREATE ENVIRONMENT AND
OPPORTUNITIES FOR FRAUD
• Lack of awareness of fraud risk factors and warning signs
• Inadequate control activities to mitigate identified fraud risk
• Inadequate screening practices (for employees, vendors,
customers, and / or business partners)
• Insufficient understanding of ethical duties at all levels
• Ineffective mechanisms for reporting and investigating fraud
• Ineffective board and audit committee oversight
• Situational (internal and external) pressures that encourage
fraud
Part III: The Prevention* Page 27
28. CONDUCTING A FRAUD RISK ASSESSMENT
Source: Association of Certified Fraud Examiners, Report to the Nations on Occupational Fraud
and Abuse: 2012 Global Fraud Study
Part III: The Prevention* Page 28
29. CONDUCTING A FRAUD RISK ASSESSMENT
A PRACTICAL EXERCISE
Part III: The Prevention* Page 29
31. CONDUCTING A FRAUD RISK ASSESSMENT
KEY ASSESSMENT QUESTIONS
(RATE YOUR ORGANIZATION FROM 1 (POOR) TO 10 (GREAT)
• What is your “tone at the top”?
______
• What is the level of your certainty that people in your
organization will do the right thing?
______
• Are people in your organization made to fell that they are
part of a team and have a vested interest in the value of
the organization?
______
• Do people in your organization act with good moral/ethical
character without much force?
______
• How is your organization’s current financial health?
______
* How timely is your organization’s financial reporting?
______
Part III: The Prevention* Page 31
32. CONDUCTING A FRAUD RISK ASSESSMENT
KEY ASSESSMENT QUESTIONS
(RATE YOUR ORGANIZATION FROM 1 (POOR) TO 10 (GREAT)
• Is your key management hands on and visible?
______
• Is key management “connected” with their staff/baseline? ______
• How effective is your board of directors?
______
• How effective is your audit committee?
______
• Do you effective internal controls?
______
• How do you view the importance of your independent
audit and process?
______
Part III: The Prevention* Page 32
33. IMPLEMENTING A FRAUD PREVENTION
PROGRAM
KEY ELEMENTS AND OBJECTIVES
OBJECTIVES
• Opportunity – removing or lessening the opportunity to commit
fraud
• Detection – ensuring fraud and abuse can be timely detected
ELEMENTS
• Policies – implement clear and concise written polices for fraud,
code of conduct, and conflict of interest and be affirmed by all
employees in writing
• Communicated-continually communicated and reinforced
• Tone from Top – Board-appointed high-level executive responsible
for coordinating fraud-risk management and directly reporting to the
Board. Must lead by example.
• Leadership – executives and managers must lead by example
Part III: The Prevention* Page 33
34. IMPLEMENTING A FRAUD PREVENTION
PROGRAM
KEY ELEMENTS AND OBJECTIVES
• Training – ethical conduct and fraud prevention training is needed
on at least an annual basis for all employees
• Accountability-must make all people accountable in detecting
fraud
• Reporting – must have a means for employees to report potential
violations and issues, such as whistleblower process and hotlines
• No Retaliation – employees need to be encouraged to report
suspicious behavior and be reassured that any reports are made in
strict confidence and that the organization prohibits retaliation of
any type
• Communicate the Risks – All employees should be told whenever
any employee or others doing business with the organization are
arrested or discharged for fraudulent activity
Part III: The Prevention* Page 34
35. IMPLEMENTING A FRAUD PREVENTION
PROGRAM
KEY ELEMENTS AND OBJECTIVES
• Enforcement-you must prosecute fraud. An organization that does
not prosecute sends a message that encourages fraud.
• Zero Tolerance – you must have a zero tolerance for fraud and
must apply to ALL employees. As soon as a high-level executive
who commits any kind of fraud is not held accountable, the entire
program has lost credibility
• Surprise Audits – conduct surprise audits in high risk areas. Put
in policy that random tests may be performed to ensure that the
organization’s controls are not being circumvented (keep fraudsters
guessing!)
• Monitoring – you should conduct a periodic assessment and
ensure the process is working
• Remediation-all weaknesses in controls
immediately. Always be strengthening controls.
must
be
fixed
Part III: The Prevention* Page 35
36. THE FIVE TAKEAWAYS!
THE FIVE MOST IMPORTANT TAKEAWAYS – AGAIN!
1. Trust is not an internal control!
– Establish, to the extent possible, controls and procedures that eliminate
the element of trust
– Always segregate the custody of the asset with the recordkeeping for the
asset
2. Set the tone from the top!
– “If you are stealing, your employees are stealing!”
– E.g., office supplies, expense reports, etc.
3. Know your employees!
– Background investigations and public records checks before hiring
– Meet and establish a baseline relationship
4. Institute a fraud policy
– No tolerance
– Will prosecute
5. Establish a hotline for tips
– Number one method for detecting fraud!
– Can outsource
Part III: The Prevention* Page 36
38. HOW CAN RAFFA ASSIST YOU IN
PREVENTING AND DETECTING FRAUD?
A resource for the nonprofit community to help
organizations effectively manage risk and better ensure the
prevention and detection of fraud.
Check us out at WWW.RAFFA.COM/FRAUD
Part III: The Prevention* Page 38
39. HOW CAN RAFFA ASSIST YOU IN
PREVENTING AND DETECTING FRAUD?
FRAUD INVESTIGATIONS AND PREVENTION
• Fraud examinations and internal investigations
• Fraud risk assessments
• Review of internal controls and management practices
• Financial statement misrepresentations
• Background and workplace investigations
• Computer forensic analysis, imaging, data mining and recovery
• Asset tracing and recovery
• Reconstruction of accounting records
• Continuous audit services
• Anti-fraud consulting and training
Part III: The Prevention* Page 39
40. WHAT WE LEARNED ABOUT FRAUD IN
OUR THREE-PART SERIES
PART I: THE FRAUD
•
•
•
•
•
Why it is important that you are educated in fraud
The magnitude of fraud in nonprofits
The types of frauds in nonprofits
Why does fraud occur in nonprofits
Some important fraud prevention takeaways
PART II: THE DETECTION
•
•
•
•
•
•
Who are the fraud perpetrators?
Why do people commit fraud?
How is fraud detected?
What are fraud red flags?
Fraud detection techniques
What do you do when you uncover fraud?
PART III: THE PREVENTION
•
•
•
•
What are the primary factors contributing to fraud in nonprofits?
Detective versus preventative controls
What are the best preventative measures?
The five critical takeaways!
Part III: The Prevention* Page 40
41. RESOURCES AND SUGGESTED READING
• 2012 Report to the Nations on Occupational Fraud and
Abuse, Association of Certified Fraud Examiners,
http://www.acfe.com/rttn.aspx
• “The American Fraud Report,” www.jpsimsconsulting.com
• The CPA’s Handbook of Fraud and Commercial Crime
Prevention, AICPA
• Managing the Business Risk of Fraud: A Practical Guide;
AICPA, ITA, and ACFE; https://na.theiia.org/standardsguidance/Public%20Documents/fraud%20paper.pdf
Part III: The Prevention* Page 41
43. BIOGRAPHY
•
•
Started career with a Big-Four international accounting firm in Washington, DC.
•
Founded a regional certified public accounting and consulting firm in 1982 and grew it to
on of the Washington, DC’s largest firms in seven years. Merged his practice with Raffa
P.C. in 2008.
•
Managed and conducted audit and accounting engagements ranging from small privately
held to large publicly held businesses in various industries, including multi-national
businesses, nonprofit organizations, and governmental entities and agencies.
•
Performed economic and financial analysis, including projections and forecasts, in support
of litigation and claims for lost earnings and profits, business interruption, shareholder
disputes, patent and trademark infringements, bankruptcy and restructuring, and structural
settlements; assistance with interrogatories, document requests and depositions; and
serving as an expert and consulting witness.
•
LAWRENCE J. HOFFMAN,
CPA/CFF, CVA, CFE
35 years of consulting, audit, accounting and tax experience in the public and private
sectors.
Performed and supervised business valuations for both public and closely held companies
in a variety of industries, individuals and estates, family limited partnerships and limited
liability companies, including valuations for business combinations (SFAS 141R), mergers,
acquisitions, and divestitures, estate and gift taxes, marital dissolution proceedings, buysell agreements, intangible assets and intellectual property, purchase price allocations,
goodwill (SFAS 142) and long-lived asset (SFAS 144) impairment, fair value accounting
(SFAS 157), cheap stock (IRC 409A), stock-based compensation (SFAS 123R), phantom
stock and employee stock ownership plans.
•
Conducted and led teams of forensic accountants on fraud audits and investigations,
including fraudulent financial statements, misappropriations of assets and embezzlements;
money laundering, kickbacks, bribery and conflicts of interest; insurance claims;
bankruptcy; financial institutions and loan fraud.
Also has conducted fraud risk
assessments, anti-fraud programs, and fraud training and education.
SENIOR PARTNER
RAFFA, P.C.
1899 L STREET, NW
WASHINGTON, DC 20036
TEL. 202-822-5408
FAX 202-822-0669
LHOFFMAN@RAFFA.COM
Part III: The Prevention* Page 43
44. BIOGRAPHY
•
•
Formulated strategic short- and long-term business and financial planning for various
business organizations and served as interim “C” level positions, including for a major
North American sports league, European and U.S. aircraft manufacturer, aviation charter
airline and travel company, and a multi-chain quick service food chain.
•
Formulated syndication strategies and prepared business plans and private placement
offerings, including financial forecasts, market research and analysis, due diligence,
securities pricing and structuring for various public and private securities offerings,
including SEC filing.
•
Founded and developed a regional NASD licensed broker dealer investment banking firm.
Placed over $150 million in debt and equity and represented over $200 million in merger
and acquisition transactions.
•
LAWRENCE J. HOFFMAN,
CPA/CFF, CVA, CFE
Assisted companies and nonprofits with restructuring and turnaround situations, including
recapitalizations, reorganizations and liquidations. Advised entities on Chapters 11 and 7,
bankruptcy filings and proceedings and non-judicial workouts. Developed and
administered crisis management plans, cash flows, liquidation and turnaround analysis,
debt restructuring and creditor negotiations, and turnaround plans.
Founded and developed two private equity funds in excess of $10 million, including
investments in early stage and mature emerging companies in the form of debt and equity.
Portfolio investments included aviation, food and hospitality, software and technology,
telecommunications, sports and entertainment, banking and financial institutions,
healthcare, and wholesale and retail.
•
Co-founded and managed various real estate acquisition, ownership, and operating
entities, including commercial office buildings, shopping centers, flex warehouses,
residential housing and developed land.
•
Performed tax and financial consulting services for individuals and closely held
businesses.
•
Instructor in audit, accounting, finance, and forensic accounting.
SENIOR PARTNER
Part III: The Prevention* Page 44
45. BIOGRAPHY
EDUCATION & CERTIFICATIONS
•
•
Certified Public Accountant (CPA)
•
Certified Fraud Examiner (CFE)
•
Certified in Financial Forensics (CFF)
•
Certified Valuation Analyst (CVA)
•
Private Investigator (PI), Virginia
•
Series 7 General Securities Representative (not active)
•
Series 24 General Securities Principal (not active)
•
LAWRENCE J. HOFFMAN,
CPA/CFF, CVA, CFE
Bachelor of Science, Accounting – Mount St. Mary’s University
Series 63 Uniform Securities Agent (not active)
PROFESSIONAL ASSOCIATIONS & AFFILIATIONS
•
•
Virginia Society of Certified Public Accountants
•
SENIOR PARTNER
American Institute of Certified Public Accountants, Member
Association of Certified Fraud Examiners
•
National Association of Certified Valuation Analysts
•
Institute of Business Appraisers
PERSONAL INTERESTS
•
Private pilot with instrument, multi-engine, high performance complex and aircraft
ratings
•
Golf and fishing
•
Reading and politics
Part III: The Prevention* Page 45
46. BIOGRAPHY
•
•
Started career with U.S. Government Accountability Office’s Forensic Audits and Special
Investigations Unit
•
Led as many as 3 concurrent forensic audits and investigations on a variety of topics,
including: Federal contractor/grantee eligibility fraud and integrity issues; federal tax
collection program integrity; abuse of government purchase cards, travel cards, and premium
class travel privileges; employment of sex offenders and child abusers at schools and child
care facilities; passport application fraud; manufacture and marketing of herbal dietary
supplements
•
Planned, developed, and completed audit and investigative objectives, scope, and
methodology
•
Designed innovative analytical strategies and investigative techniques to identify fraud
indicators in complex datasets, using software packages such as IDEA and SAS
•
Leslie C Kirsch, CFE
9 years of fraud investigation and financial audit experience
Identified, investigated, and ultimately referred hundreds of cases of potential fraud, waste,
and abuse to federal authorities for administrative action
•
Led multiple undercover operations of varying complexity and political sensitivity
Manager
RAFFA, P.C.
•
Drafted numerous congressional testimonies and publicly available audit reports (see coauthorship experience below)
1899 L STREET, NW
WASHINGTON, DC 20036
•
Designed and implemented internal quality assurance policies and procedures
EDUCATION & CERTIFICATIONS
TEL. 202-955-7204
FAX 202-822-0669
LKIRSCH@RAFFA.COM
•
Bachelor of Science, Accounting – University of Maryland, College Park
•
Bachelor of Science, Finance – University of Maryland, College Park
•
Designated as a Certified Fraud Examiner (CFE) by the Association of Certified Fraud
Examiners
Part III: The Prevention* Page 46
Editor's Notes
From I Love You Phillip Morris, 2009Jim Carrey, playing con artist Steven Jay Russell, interviews for an accounting position that he is wholly unqualified for. This scene shows his employer’s “due diligence” effort prior to hiring.
From Arrested Development, Fox, 2005George Michael Bluth, manager of the Bluth family frozen banana stand, is convinced to go along with his cousin Maeby’s cash register theft scheme. George Michael’s father will be coming by later to independently verify inventory and daily sales figures, so Maeby comes up with a plan to circumvent the controls.
From ESPN’s Mayne Street, 2008Kenny Mayne reports in to Accounting when his expense reports are questioned.