Presentation on theme: "Introduction to the Investigative Audit Services Group."— Presentation transcript:
Introduction to the Investigative Audit Services Group
Internal Audit’s Responsibility u Develop an annual audit plan based upon a system-wide risk assessment process; u Conduct audits in support of the plan; u Investigate fraud or fraudulent actions; u Report results to the Board of Regents, the Chancellor, and the Chief Executive Officers; and u Coordinate audit efforts with external and state auditors
Governor’s Executive Order RP-36 Preventing, Detecting & Eliminating Fraud, Waste & Abuse Each state agency shall develop a Fraud Prevention Program that includes the following components: u Culture of Honesty and Ethics u Antifraud Processes and Controls u Appropriate Oversight Processes
Culture of Honesty & Ethics u Ethics Policy u Fraud Policy u Ethics Training u Hotline for employees to report wrongdoing u Separate investigative group to review reports of wrongdoing u Thorough investigations conducted for allegations of fraud with disciplinary action taken against violators.
Antifraud Processes & Controls u Internal Audit prepares a System-wide risk assessment as part of the annual audit planning process u Fraud Policy states that CEOs have primary responsibility for identifying areas of risk u Internal Audit utilizes ACL to test for anomalies in financial data u System members utilize positive pay system with banks to detect fraudulent checks u Management tracking report for all audit recommendations
Appropriate Oversight Processes u Board of Regents is very active in addressing control issues identified in audits and investigations u Board of Regents approves the annual audit plan u Chief Auditor meets regularly with Committee on Audit u Committee on Audit reviews the audit tracking report u Management
A&M System Policy 07.01, Ethics All A&M System employees are expected to adhere to the highest of ethical standards and principles. These standards and principles are set forth in the A&M System Ethics Policy.
A&M System Policy 21.04, Control of Fraud & Fraudulent Actions Every employee is responsible for reporting factual information suggestive of illegal, improper or dishonest acts and/or practices that may involve the A&M System or one of the System members.
Fraud or Fraudulent Actions u Theft u Embezzlement u Kickbacks u Travel reimbursement schemes u Falsification of government documents u Misappropriation/misuse of property u Conflicts of Interest
Methods of Detecting Fraud in Governmental Agencies u Tip 39% u Internal Audit 20% u Internal Controls 20% u By Accident 16% u External Audit 15% u Police Notification 7% Association of Certified Fraud Examiners 2006 Annual Report to the Nation The sum of percentages exceeds 100% because some respondents identified more than one method.
Report Fraud To u Immediate supervisor u Agency/University Chief Executive Officer u The A&M System Fraud, Waste & Abuse Hotline (reports are anonymous) u The State Auditor’s Fraud, Waste & Abuse Hotline (reports are anonymous)
What Happens Next u Notification of Agency/University Chief Executive Officer u Investigative Group reviews applicable documentation & conducts interviews as necessary u Chief Auditor issues report of review findings u Management takes corrective action if necessary
Reporting Process u Report will identify possible criminal violations, as well as policy violations & significant control weaknesses u Draft report reviewed with management if necessary prior to being issued u Management required to provide a written response of corrective actions to be taken with regard to policy violations & control weaknesses u Summary of investigations is provided to the Board of Regents annually
Complaints Received Allegation Type Fiscal Year 2005 Fiscal Year 2006 Misappropriation of funds116 Misuse of resources (computers, vehicles, etc.) 2630 Theft of time51 Falsification of documents38 Contract/bid irregularities26 Conflict of interest54 Counterfeit cash or checks 2- Management Issues 1016 Failure to investigate hazing -1 Total6472
Final Report ConclusionNumber of Incidents Fiscal Year 2005 Number of Incidents Fiscal Year 2006 Criminal Acts25 Policy Violations137 Internal Control Weaknesses1624 No Issues Identified2742 Total5878 Investigative Report Findings
Common Themes in Identified Control Weaknesses: u No Segregation of Duties u Lack of Reconciliations u Lack of Documentation u Lack of Management Oversight
Segregation of Duties u An employee performs every step in a particular process: Authorizes purchases, receives invoices, prepares vouchers/approves payment, deposits funds, processes reconciliations u Important in A/R, A/P, Working Funds
Reconciliations u To check a financial account against another for accuracy u Perform periodically and independently to verify the account balances
Documentation u Ensuring contracts exist which authorize work and payments u Is there enough information on the invoice to confirm what is being purchased? u Did someone physically inventory or confirm deliverables?
Management Oversight u Do you know the duties of your employees? u Is there management approval for purchases, including travel and reimbursements? u Ultimately, the responsibility rests with management - “Tone at the Top”
Contact Information SIAD Phone: Hotline: Website: SAO Website:www.sao.state.tx.us/SIU Robin Woods Debi Fincher Mark Dickerson