Another high-profile public institution has been dragged into the headlines as a result of an alleged kickback/invoicing scheme. A senior manager at York University, in suburban Toronto, has been charged by Toronto Police after a long investigation stretching back several years. The university also has launched litigation against the employee plus several of his alleged co-conspirators.
The university claims that the senior manager extracted kickback payments and free goods from contractors who completed work for the university, and that these goods and services included extensive renovations and expensive upgrades to his home (the allegations have not yet been proven in court).
As sensational as this story sounds, it’s all too familiar for seasoned fraud examiners who know that public sector institutions and not-for-profit organizations (condominium corporations included) are vulnerable to be victimized by employee fraud schemes.
Employee fraud is typically an opportunistic act committed as a result of poor supervisory controls in the business.
Absence of internal controls, or poorly monitored controls, is the number-one reason why businesses may fall victim to employee fraud. And typically, this results from a lack of segregation of key duties within the organization.
For example, if your business has a single employee who accepts delivery of supplies, issues purchase orders, handles supplier invoices, and mails out payment cheques, the absence of segregation of these key business functions poses high fraud risk. It is not much of a challenge for an opportunistic and resourceful employee to create false invoices and issue payments to friends or family members, posing as suppliers, contractors or temporary staff.
When employee fraud eventually is discovered in a workplace, colleagues may offer comments in reaction such as, “he was such an exemplary employee and enormously productive”; or “she always showed high dedication and care in her job; we can’t believe she would do this.” The truth is that fraudster employees can’t afford to be poor performers or absent themselves from the office. Their intricate fraud scams require steady presence in the office to ensure no one picks up on any red flags. Yes, it’s a fact: if effective internal controls are not implemented in your business, top-performers you treasure as employees could actually be stealing thousands for their own pockets.
Here are some basic tips about internal controls for prevention and deterrence of employee fraud.
Effective internal controls are not difficult to establish, even in small offices typically found in not-for-profits, associations and condominiums. Here are a few tips that all businesses should follow:
- Never allow mid-level employee to sign cheques. Only company officers should be signing cheques. And never pre-sign blank cheques.
- Reconcile your bank account promptly each month. The person who opens the bank statement and completes the reconciliation must not be involved in expense record-keeping or processing of invoices.
- Ensure that your book-keeping software records an audit trail when changes are made to entries.
- For new suppliers, verify their corporate identity and contact details when their first invoice is received.
- Validation of the HST number for suppliers (as printed on an invoice) is particularly important. The CRA web site offers a simple validation form to check HST registration status of a business. If there’s an anomaly in the HST number, then you should hold back payment and demand further documentation from the supplier.
It’s time to verify what’s really happening, and protect your business from potential losses due to employee fraud.
YOUR SUGGESTED FOLLOW-UP: Discuss with your colleagues what internal controls are in place to segregate key business duties. If you have never completed a rigorous assessment of internal controls for your business, then it’s time to call Eagle Audit Advantage for a confidential discussion of your situation: 416.599.1212