Fraud Awareness and Internal Controls

What is fraud?

• Fraud encompasses an array of irregularities and illegal acts characterized by intentional deception

• The elements of fraud are:• A representation about a

material fact – which is false• Made intentionally,

knowingly, or recklessly – which is believed

• Acted upon by the victim• To the victim’s damage

5 Myths About Fraud(Adapted from www.fraudauthor.wordpress.com Tracy Coenen)

1. Fraud will be detected by our auditors2. Small frauds aren’t important enough to worry

about3. If we follow government regs, we will be protected

against fraud4. Most people are honest and won’t commit fraud5. The University doesn’t have a fraud problem

“Fun” Facts

• According to the Association for Certified Fraud Examiners– 43.3% of frauds are detected through tips – 14.6% by management review– Lack of adequate internal controls is the biggest contributing factor– The average organization loses 5% of revenue to fraud and abuse– The median fraud loss is $140,000– The average fraud has gone on for 1.5 years before detection– Small organizations are disproportionately victimized– Only 13% of fraud perpetrators had prior convictions– In 81% of cases, the individual displayed one or more behavior red flags

Source: Association for Certified Fraud Examiners, www.acfe.org, 2012 Report to the Nations on Occupational Fraud and Abuse

The Fraud Triangle

Opportunity

Pressure Rationalization

Opportunity

Opportunity is generally provided through weaknesses in internal controls. Some examples include inadequate or no:

– Supervision and review– Separation of duties– Management approval– System controls

Who is likely to commit fraud?

• 1 in 10 people will not commit fraud regardless of the circumstances

• 8 in 10 will commit fraud if the fraud triangle is in place

• 1 in 10 people seeks a particular job in order to commit fraud (predatory employee)

Source: State of Utah Risk Management Workshop

Segregation of Duties• In an ideal world, no one

employee would have more than two of the key duty types

• If duties can’t be properly segregated, then compensating or mitigating controls must be implemented

• Supervision and review are an important compensating control

• Proper segregation of duties is important at all times – consider this when assigning backup responsibility or coverage when someone is out of the office

In summary….

We all have a role to play in strengthening internal controls – by doing so, the opportunity for resources to be misappropriated is reduced.

Resources

• Policy B-002 Internal Controls Policy• Policy B-003 Fraud Policy• Controller’s Internal Control Corner• Controller’s Office 305-284-6429