I’m sitting here at my desk reading the Boston Globe newspaper and getting ready to create another great Newsletter for you. I see an interesting article about a case of fraud at the University of Massachusetts Medical School that generated the following discourse on fraud at colleges and universities.
The culprit was a $46,000 year financial analyst in an obscure department who somehow managed to drive a Porsche, collect Salvador deli paintings and build a palatial home for himself. He siphoned off nearly $3.4 million from payments intended for the state Medicaid insurance program over the last five years. The Globe reports this may be maybe the biggest theft by a state employee in more than a decade. Really? In only ‘more than a decade’ – I would have thought in more than a century. So, fraud appears to be a continual problem.
Here’s how he was caught. Not through continuous attention to procedure or monitoring of policies, but the fraud was only discovered after he died in a one car accident and a review of his work found all kinds of discrepancies. They eventually learned he had set up a dummy corporation to which he had been diverging state funds for years.
I did some more research into fraud at universities and found are many other examples:
- University executive embezzled $60,000 through extra payroll
- University accountant embezzled $30,000 through fictitious vendor
- University executive embezzled $600,000 over seven-year period by
manipulating institutional accounts
- University project manager embezzled $2 million over five-year period
through phony construction company
- University president/CEO/trustee embezzled $1.5 million over five year
period through various fraudulent reimbursement schemes
- University resident life employee embezzled $300,000 over seven year period through cash payments made by students
Conclusion: It appears that fraud can and does appear at all levels –employees, executives, students, Board Members and Presidents too.
I have little doubt there were written policies and procedures designed to prevent and detect fraud. Most universities and colleges have these policies in place. However, written policies and procedures are inherently ineffective in themselves.
One reason for this is they are seldom monitored or reviewed. Sure, human resources may give a new employee a stack of papers to sign that says they have read and acknowledged receipt of the policies on fraud and what might happen to them and how it might impact them (termination) and the fact that they might face criminal prosecution. But the fact of the matter is we don’t do several items that would help to reduce fraud. I say ‘reduce’ as I believe we will never eliminate fraud at colleges and universities.
- We don’t discuss fraud with employees. We simply don’t like to talk about it. It’s unpleasant to us and the employees. It takes more than just a written policy or procedure to prevent and detect fraud. How are you, as a Vice President communicating to your employees in the business and finance division and other divisions in the University that fraud is not acceptable and will be punished?
- “Trust is not a control”. Sure we know that Sam has been working here for 25 years. He’s a good guy, knows his ‘stuff’ and is always willing to help out. What is needed is constant monitoring of procedures, checks and balances, reconciliations.
- Annual review of written policies to insure they are current. That’s right, every year the policies are reviewed and updated. I see many policy statements that are ‘more than a decade’ old.
- It’s not my job. It is not the sole job of Internal Audit to detect fraud. It takes a village to deter and detect fraud. Your role in the village is that of the “town crier”. I know it’s not in your job description to be a ‘town crier’ however when all is said and done. I believe they will look to the business and finance division to correct and deter fraud from occurring in the future. After all, we’re talking about money and that is what the Business and Finance Division is all about.
- Culture will eat controls for breakfast. Everytime. Set the tone at the top.
It’s not easy to determine who might be or where fraud happens and one survey shows the ‘median’ losses of fraud at universities is between $100,000. and $125,000. Even if detected and convicted over 50% of universities recover nothing from the legal action. Normal background checks don’t always flag an individual as having potential commit fraud because most employees who commit fraudulent acts are first-time offenders. It is the long-term employees that typically cause greater losses along with high-ranking or executive positions. Makes sense right? They know how the system runs.
There are business areas to watch where fraud occurs most often and these include:
And let’s not forget executive management.
The most common fraud cases reported are billing scams followed by check tampering and fictitious expense reimbursement. Strangely enough these transactions are recorded in financial records such as an employee creating a fictitious vendor account and then sends the bill to be paid. Or an employee on a business trip decides to use university credit card for some personal expenses. So there is no need to ‘physically’ take cash or merchandise in order to commit fraud.
There are basically only two approaches to help eliminate fraud on campus: Deterrence and detection. Obviously the best approach is deterrence. As Vice President it is you who is responsible for ensuring that university funds are safeguarded from loss. It must be accepted reality that a fraud is possible in your University. Don ‘t fall into thinking that fraud symptoms are simply administrative errors because you can’t conceive of the existence of fraud in your organization, Ask yourself, “If assets or money were fraudulently obtained how would I know?”. Make sure there is an adequate system of internal controls in your organization. The major tenets of an internal control system include:
- separation of duties
- physical safeguarded over assets
- proper documentation
- proper approval
- adequate supervision
- physical inventories
- independent validation of transaction accuracy
How is most fraud detected?
Initially they are detected by
- A ‘tip’ = 43% (do you have an anonymous tip line in place?
- Management review = 14%
- Internal audit = 14%
- By accident = 7%
- Account reconciliation = 4.8%
- Document examination = 4%
- External audit = 3%
What are some weaknesses of Controls you may have in place?
Surveys have shown these weaknesses:
- Lack of Management Review = 19%
- Override of existing internal controls = 19%
- Poor tone at the top = 9.3%
- Lack of competent personnel in oversight roles = 7.5%
- Lack of independent checks in on its = 3.4%
- Lack of employee fraud education 2.6%
- Lack of clear lines of authority 1.8%
- Lack of internal controls = 36.3%
Let’s do the math.
- Increasing your internal controls gains you a 36% advantage
- Setting the tone at the top and you gain another 9.3%.
- Educate your employees and gain another 2.6%.
- Let’s really test the override of the existing internal controls increase the odds by 19.8%
To sum up, fraud is not going to disappear because I wrote this. We have seen that it has been happening for ‘more than a decade’. That fraud can occur at all levels. That even though policies were in place, fraud still will happen on your campus, what we can do to reduce fraud and why we don’t do them, business areas to watch for fraud, how it is detected, weaknesses of controls in place and some math to know where to go to work first in detecting and reducing fraud.
See my other articles on LinkedIn:
Three Predictions about the Future of Higher Education
When is a ‘Stipend’ Really Not?
Student Athletes: Payments for Services?
Is the President and the Finance Department on the Same Page?
Game Plan: Non-Profits vs. the IRS
Tax Happens, But It Doesn’t Have to be Hard
What the Internal Revenue Service Discovered
Steve Hoffman, aka, ‘The Tax Translator”, has many years of experience and education and is dedicated to providing education and consulting to colleges and universities. With 15 years’ experience at the IRS and 12 years in higher education, he is uniquely qualified to see issues from ‘both sides of the desk’. His focus while making presentations is on audience learning. Known as the The Tax Translator, he makes tax law easily understood and has been called ‘Tax with Personality’. His first book, “Taxation for Universities and Colleges: Six Steps to a Successful Tax Compliance Program” was recently published by Wiley Publishing. His second book, ‘Resources from The Tax Translator” is over 400 pages of samples of policies related to tax, questionnaires, flowcharts, decision trees and other helpful articles to implement the six steps of a successful tax compliance program at your school. Contact Steve at Steve@TheTaxTranslator.com