Presentation on theme: "Purchase Cards – Audits & Investigations The 12 th Annual GSA SmartPay® Training Conference August 10-12, 2010 Cindy Barnes US Government Accountability."— Presentation transcript:
Purchase Cards – Audits & Investigations The 12 th Annual GSA SmartPay® Training Conference August 10-12, 2010 Cindy Barnes US Government Accountability Office Forensic Audits & Special Investigations
2 Outline of Presentation FSI Background Purchase Card Program Summary of FSI Audit Approach Case Studies Concluding Remarks
3 Who We Are Nonpartisan congressional watchdog Advise Congress and executive agencies on making government more efficient, effective, ethical, equitable and responsive Work comes from requests, mandates, and Comptroller General authority
4 Who We Are The Forensic Audits and Special Investigations (FSI) team integrated antifraud and investigative activities Teamed auditors and analysts with criminal investigators Based fraud focus primarily on data-driven analysis Heightened ability to deliver high-impact testimonies and reports
5 Who We Are Staff Analysts Forensic auditors Criminal investigators Data mining and systems integration experts FraudNet hotline analysts Quality control staff such as communications analysts All permanent FSI staff are Certified Fraud Examiners Based in DC and Dallas
6 What We Do Why has fraud or abuse occurred? How big is the problem? Narrowly scoped investigations provide the facts and details that substantiate fraud or demonstrate a vulnerability Best antifraud work leverages both forensic audit and investigative approaches to deliver a powerful message about broken controls
7 What We Use Government data Tax records, Social Security data, grants and disbursement data Law enforcement tools National Criminal Information Center, Financial Crimes Enforcement Network, Lexis-Nexis law enforcement FraudNet Government hotline to report fraud, waste, and abuse www.gao.gov/fraudnet/fraudnet.htm email@example.com 1-800-424-5454
8 How We Do It Integrated Methodology Audit steps Data matching Data mining Statistical sampling Internal controls evaluation Investigative steps Undercover tests Social engineering Coordination with IGs or other law enforcement agencies NCIC, FINCEN, Lexis Nexis law enforcement Combined forensic audit and investigation Concludes on broken controls Substantiates specific fraud cases and/or provides first-hand evidence of fraud Where possible identifies magnitude Integration
9 FSI Methodology Data Matching Data matching compares two discreet data sets to identify questionable overlaps Reveals fraud indicators that require further investigation, for example: Commercial drivers also on 100% disability Prisoners who also received disaster assistance Governmentwide access to federal databases gives FSI broader authority
10 FSI Methodology Data Mining Data mining develops fraud targets for further investigation Specific types of transactions Patterns within the data Interviews of targets and other intelligence gathering help refine the data mining James Fine Dining example
11 FSI Methodology Undercover Testing Test programs or processes to identify vulnerabilities Criminal investigators perform red team exercises Firsthand knowledge of breakdowns and vulnerabilities in a realistic setting, rather than relying on representations of the tested entity Analysts and auditors help interpret the results of the undercover tests in a broader context and provide planning input
13 Purchase Card Program The Federal Purchase card program Grew from less than $1 billion in 1994 to over $19 billion in 2009. Initial focus was on getting programs up and running. Audits identified control weaknesses and vulnerabilities to fraud.
14 Government Purchase Card – Navy/Marine Corps Example
15 GAOs Approach to Auditing Purchase Card Programs
16 Understanding the Purchase Card Program Evaluating the adequacy of internal control designed to mitigate the risk of fraudulent, improper, and abusive transactions, requires the auditor to gain an in-depth understanding of: The risk of fraud The relevant laws and regulations and The specific organizations mission activity operations and its purchase card program operations (from purchase request to payment).
17 Definition of Fraudulent, Improper, and Abusive Activity Fraudulent purchases Use of the government purchase card to acquire goods or services that are unauthorized and intended for personal use or gain constitute a fraud against the government. Examples include a cardholders unauthorized purchase of power tools for his home, a vendors intentional charges for services not provided, and the unauthorized use by a third party of a cardholders compromised or stolen account for personal gain Generally referred to as potentially fraudulent unless there has already been a fraud conviction in a court of law.
18 Definition of Fraudulent, Improper, and Abusive Activity Improper purchases Government purchase card transactions that are intended for government use but are not permitted by law, regulation, or organization policy. Examples include certain types of purchases of meals or refreshments for government employees within their normal duty stations, purchases split to circumvent micropurchase or other single purchase limits, and purchases from other than statutorily designated sources, such as the Javits- Wagner-ODay program (JWOD).
19 Definition of Fraudulent, Improper, and Abusive Activity Abusive purchases Purchases of authorized goods or services at terms (e.g., price, quantity) that are excessive, are for a questionable government need, or both are considered abusive. Examples include purchases of items such as $300 day planners, $350 bedside radios, and allowable refreshments at excessive cost; purchases of designer leather goods, and year- end and other bulk purchases of computer and electronic equipment for a questionable government need.
20 Indications and Categories of Fraud Signs, signals, and patterns indicating the potential for fraud Weak management Failure to follow legal or technical advice Unethical leadership Weak internal controls Promise of gain with little likelihood of being caught Missing or altered documents History of impropriety Unexplained decisions, transactions, or both
21 Indications and Categories of Fraud Theft involves property, facilities, and services. An authorized or unauthorized cardholder purchase of goods or services intended for personal use or gain. An inmate at a local county jail made three purchase card transactions at local florist shops on a government purchase card that had either been lost or stolen.
22 Indications and Categories of Fraud Fictitious transactions can involve a single party (e.g., a cardholder supports the acquisition of goods or services for personal use with false documentation, or a vendor bills the government for goods or services never delivered). Fictitious transactions can include collusion (e.g., a cardholder knowingly approves documentation supporting a vendors invoice for goods or services never provided). A maintenance supervisor allegedly made $52,000 in fraudulent transactions to a suspect contractor for work that was not performed.
23 Indications and Categories of Fraud Kickbacks may be offered by a vendor or solicited by a contractor or government buyer. Kickbacks in a government purchase card program can include collusion between a cardholder and a vendor. The cardholder makes authorized purchases from the vendor, who charges the government an excessive price and kicks back a percentage of the amounts received to the cardholder. Two purchase cardholders conspiring with at least seven vendors received kickbacks on purchases with inflated prices, quantities, or both. Criminal investigation resulted in confinement or restriction, a bad conduct discharge, and a reduction in rank.
24 Indications and Categories of Fraud Conflict of Interest is present when a government official participates in approving or deciding a matter in which the official or a relative has a financial interest. The potential for a conflict of interest in a purchase card transaction exists whenever a cardholder or a relative has a significant financial interest in a vendor or contractor. A cardholder and his supervisor conspired to make nearly $400,00 in fraudulent purchases from companies owned by the supervisor, his sister, friends, and acquaintances.
25 Understanding the Purchase Card Program Laws and Regulations Establishment and Operations of the Purchase Card Program Federal organization purchase card programs must comply with the terms of the GSA SmartPay® Master Contract and the task order under which the organization placed its order for purchase card services. Organization purchase card programs must also comply with the Department of Treasury Financial Manual. Individual organizations may be subject to specific statutory criteria for the management of purchase cards.
26 Understanding the Purchase Card Program Laws and Regulations Procurement Methods and Standards Purchases made with the purchase card should be made in accordance with generally applicable procurement laws, regulations, and organization procurement policies and procedures. FAR provides governmentwide policies and procedures for acquisition by all executive agencies. Agencies frequently issue supplemental acquisition regulations as well.
27 Understanding the Purchase Card Program Operations and Programs Need to understand organization operations: The nature and size of overall operations What the individual activities involved in the purchase card program do and how they do it; The general job descriptions, level of education, and number of personnel in those activities; and The volume and appropriate type(s) of purchase activity to expect.
28 Understanding the Purchase Card Program Operations and Programs Need to understand the organizations purchase card programs: Review existing documents such as purchase card program descriptions, policies and procedures, operational manuals or instructions Conduct interviews with program personnel Conducting walk-throughs of selected purchase card transactions is a key process. Coordinate the audit effort with the bank service provider.
29 Internal Control and the Control Environment Recent GAO purchase card audit reports have identified the following six elements as significantly affecting the control environment surrounding a purchase card program Managements philosophy (tone at the top) Span of control Financial exposure Training Discipline Purchasing and reviewing authorities
30 Assessing the Adequacy of the Design of Control Activities Our audits of purchase card programs have the following six areas as key transaction-level control activities in mitigating the risk of fraudulent, improper and abusive purchases: The determination of a legitimate government need Screening for required sources of supply Independent receipt and acceptance Establishing accountability over certain property Cardholder reconciliation and AO review
31 Summary of Audit Approach Obtain a detailed understanding of the process Identify key controls and obvious vulnerabilities Sample transactions to test the effectiveness of key controls Obtain data file of all transactions
32 Summary of Audit Approach Use data mining and file comparisons to identify unusual transactions Analyze supporting documentation Consult with investigators and legal counsel to identify improper payments Verify that real property was actually recorded in the agencys property records
33 FSI Case Study Governmentwide Purchase Cards Federal employees committing fraud with their government purchase cards Statistical samples to test effectiveness of controls Investigative work for highly pilferable items Data mined using criteria such as prohibited goods or services or items likely to be for personal use (e.g, internet dating) Could not determine magnitude of fraud governmentwide
34 FSI Case Study Governmentwide Purchase Cards Findings: Estimated that nearly 41 percent of all federal purchase card transactions from July 1, 2005, through June 30, 2006, failed basic internal control checks Agencies were unable to locate 458 of 1,058 accountable and pilferable items totaling over $2.7 million Case studies of fraudulent purchases included: USDA employee embezzled $642,000 over 6 years for gambling, car and mortgage payments, and retail purchases U.S. Postal Service employee spent $1,100 on Internet dating services over a 15-month period Waste, abuse, and questionable purchases also identified
35 FSI Case Study Governmentwide Purchase Cards Examples: $1,100 – Subscription to Internet dating services $642,000 – Convenience checks to live-in boyfriend $80,000 – Year-end purchase of vehicles $8,000 – Laptop computers from preferred vendor $13,000 – Dinner & alcohol for 81 at Ruths Chris $77,700 – Clothing from Brooks Brothers, Talbots and Johnston Murphy
36 FSI Case Study Katrina/Rita Katrina/Rita individual assistance payments made to ineligible individuals Posed as disaster victims in an attempt to fraudulently obtain payments from FEMA Using FEMAs disaster assistance database, we: Drew a statistical sample for fraud/improper payments Identified multiple registrations and duplicate payments Compared payments to federal prison databases Data mined for inappropriate uses of debit cards
37 FSI Case Study Katrina/Rita Findings: Undercover investigators obtained payments from FEMA for bogus applications >$1 billion in fraud or improper payments, including duplicate payments and payments to ineligible or fictitious individuals Data mining revealed inappropriate debit card charges: Erotica products (Condoms to Go, Pleasure Zone) Girls Gone Wild videos (GGW Videos) 1-week Caribbean vacation (Vacation Express) Five season football tickets (New Orleans Saints)
38 FSI Case Study GAO Report on DHS Purchase Cards Inadequate staffing, insufficient training, and ineffective monitoring, along with inconsistent purchase card policies contributed to a weak control environment and breakdowns in specific key controls. GAO and DHS OIG found a lack of documentation that key purchase card internal controls were performed.
39 FSI Case Study GAO Report on DHS Purchase Cards Based on a statistical sample, GAO and DHS OIG estimated that 45 percent of DHSs purchase card transactions were not properly authorized, 63 percent did not have evidence that the goods or services were received, and 53 percent did not give priority to designated procurement sources. Other instances of abusive or questionable transactions included the purchase of a beer brewing kit, a 63-inch plasma television costing $8,000 which was found unused in its original box 6 months after being purchased, and tens of thousands of dollars for training at golf and tennis resorts.
40 Concluding Remarks Purchase card abuse has received high-level attention through audits, congressional oversight, and legislative mandates. Federal agencies have taken action to improve purchase card program controls and strengthen oversight and monitoring. Continuing efforts on data mining, investigations of fraud and abuse, and disciplinary actions are key to an effective purchase card program.
41 Questions Your turn- Questions Comments Experiences
Contact Information Cindy Barnes 202-512-9345 firstname.lastname@example.org