OAS Mary Taylor, CPA Best PracticesOhio Auditor of State's website
OAS Mary Taylor, CPA Best PracticesSearch Best Practices

OAS Mary Taylor, CPA Best Practices

    In This Issue

  • Best Practices
    Special Fraud Issue 2010

      • SPOTLIGHT:
        Bringing Fraud into Focus
        Don’t Count on Your Annual Audit to Help Spot Fraud – Strong Risk Management Tools Are Needed for 20/20 Vision

        SIDEBAR:
        Elements to include in a
        fraud risk management plan

        Managing the Business Risk of Fraud: A Practical Guide

      • WEB EXCLUSIVE
        How Five Public Entities Turned Audit Weaknesses into Fraud-Fighting Strengths


  • emailSign Up for Best Practices Join the growing numbers of Best Practices readers. E-mail to subscribe or unsubscribe to the online version of Best Practices.

Foundations of Fraud:
Need, Opportunity and Rationalization

Understanding the Fraud Triangle
is a First Step in Preventing Economic Crime

By Auditor of State Mary Taylor, CPA

It’s no secret that Ohio families are facing difficult budget decisions in this lingering recession and that local governments and school systems serving those families are dealing with fiscal challenges of their own. What may not be as well understood is the way this poor economy has increased the risk of fraud and other economic crimes committed by employees who are driven to steal from the workplace.

A study by the National White Collar Crime Center (NW3C) shows that every U.S. recession since the 1950s has generated an increase in white-collar crime. For example, after the savings and loan crisis of 1990, white-collar crime arrests jumped 53 percent. One commentator put it well: “When the going gets tough, the fraud gets going!”

  • RISKY BUSINESS
    Three Places
    Where Fraud May Lurk

Fraud can strike any aspect of your organization, but it pays to be especially vigilant in three areas identified by the Ohio Auditor of State’s Office as particularly vulnerable to fraud and abuse:

Reimbursement policies can be abused when they are not specific. Having a complete, detailed policy can help prevent expensive charges for travel or inappropriate purchases of goods.

Credit cards also require a specific and detailed policy. In order to prevent abusive purchases, your policy should outline who is allowed to use cards and be certain to require receipts for all purchases. Additionally, approval for credit card purchases should be obtained in advance and one individual should never have the ability to approve a purchase they are making themselves.

Vendor use is another area that can pose a risk for fraud. If your vendor list is not properly maintained, there is the risk an individual might create false vendors, charge for certain equipment or supplies that are never received and keep the money for personal gain.

There is no need to reinvent the wheel when setting fraud-fighting policies for these and other areas of risk. Look at other leading practices used by organizations similar to your own, and then borrow those policies – in whole or in part – as they apply to your own organization.

Economic crime can impact public offices of every size, even those where officials believe they have sufficient controls in place. For example, my office recently investigated a former Toledo Public Schools official who later worked for Cleveland Municipal Schools – two of the largest districts in Ohio. He has been accused of stealing more than $800,000 from the two districts over a number of years, using elaborate purchasing schemes. In the much smaller Clyde-Green Springs Exempted Village School District in Sandusky and Seneca counties, a former superintendent stole nearly $300,000.

It’s also true that fraud in government is not confined to highly placed administrators or those directly overseeing accounts. Two examples investigated by my office: a college student working at a regional airport authority pleaded guilty to stealing more than $68,000 in public funds and a part-time cafeteria worker for a rural school district is now under indictment for taking more than $24,000 from cash receipts.

These are examples of public employees abusing power and taking advantage of organizations that lacked adequate controls. They serve as a warning that the size of your organization doesn’t matter. An office or agency of any size can find itself a victim of fraud if it lacks proper internal controls and monitoring.

To appreciate the root causes of fraud – an important first step in preventing economic crime – it helps to understand the mindset of an employee who arrives at the decision to steal. Fraud prevention and detection training programs, including courses offered by the Auditor of State’s Office, illustrate this motivation with the three points of the Fraud Triangle: need, opportunity and rationalization.

Need can be either real or perceived. An individual might feel the need for a luxury car or vacation home. There might also be more pressing needs, like a house payment or credit card bills. With the current recession and high unemployment in Ohio, financial need could likely be an increasing motivation for crime.

Opportunity arises when someone is given control over funds without proper supervision. This could happen in many ways, such as requiring only a single signature on a check, allowing credit card purchases to be approved by the person who is using the card or not maintaining strict controls over which vendors are used.

Rationalization is another critical aspect of the decision to commit fraud. Most people do not have an innate desire to steal and individuals who do so often convince themselves that circumstances justify the crime. Rationalization may take many forms. In some cases, an individual may justify workplace theft by thinking the money can be paid back later. Often persons committing fraud think they are somehow “owed” the money they take and therefore their crimes are justified. A thief might also rationalize by arguing that the organization is wealthy or wasteful, therefore stolen money won’t be missed.

Realizing that fraud can happen at any level of government, it is important to conduct a risk assessment of your operation to find out where internal controls may be weak. This would include looking at your policies and procedures to determine if internal controls and monitoring procedures are strong enough to deter and detect fraud in its many forms.

Once this assessment is complete, you can determine if implementing additional controls is worth it – based on your assessed risk. The Auditor of State’s Special Investigations Unit and Special Audit Section offer training on fraud prevention that can help organizations assess their risk and understand both the costs and benefits of additional controls.

Even with the best prevention methods, fraud and theft can still occur, which is why detection measures are critical as well. If you suspect fraud and want the Auditor of State’s Office to investigate, you should call the fraud hotline at 1-866-FRAUD OH or go to fraudohio.com.