Internal Controlsand

Fraud

Convery 2013 1

• Describe an Internal Controls System and its elements

• Identify specific Internal Control issues in a NPO

• Consider elements and strategies to reduce the risk of fraud

Convery 2013 2

the set of policies and procedures designed to safeguard the assets of the organization and ensure the accuracy of financial records

Convery 2013 3

The data are reliable (for both administrators and oversight agencies)

Assets are safeguarded (from loss or theft) The organization operates efficiently (without

waste) Policies are adhered to (so program goals are

met) Reports to oversight bodies have been made

(to comply with laws and regulations)

Convery 2013 4

1. Validity -- recorded transactions are valid 2. Authorization -- transactions are properly

authorized 3. Completeness -- existing transactions are recorded 4. Valuation -- transactions are properly valued 5. Classification -- transactions are properly classified 6. Timing -- transactions are recorded at the proper

time 7. Posting and Summarization -- transactions are

properly included in subsidiary records, and correctly summarized

Convery 2013 5

1. Competent, trustworthy personnel with clear lines of authority and responsibility

2. Adequate segregation of duties:• separate the custody of assets from accounting for them• separate authorization of transactions from custody of related assets• separate duties within the accounting function• separate operational responsibility from record-keeping responsibility

3. Proper procedures for authorization4. Adequate documents and records5. Physical control over assets and records6. Independent checks on performance

Convery 2013 6

1. Have the bank accounts been reconciled each month?2. Is a computerized accounting system in place providing reliable

information to make timely decisions? 3. Have you filed the proper reports with the State, Federal

government, and other oversight bodies on time? Is there a list of those reports and due dates?

4. Have the actual revenues and expenditures been compared to the budget with variances calculated and analyzed?

5. Is there proper documentation for the expenditures that have been made (e.g., approvals and invoices)?

6. How many people are on the payroll? Have the proper forms been filed with appropriate authorities?

7. What capital items have been purchased?8. Does the Board receive a Treasurer’s report each month? 9. Do you have adequate insurance?10.Have you engaged a CPA to perform an external audit for this

fiscal year?

Convery 2013 7

The elements of internal control should be evaluated separately for each of these cycles:Revenue and Collection CyclePayroll and Personnel CyclePurchasing and Payment CycleInventory and Warehousing CycleCapital Acquisition and Repayment Cycle

Convery 2013 8

Are two signatures required on each check? Does the CEO receive the bank statements directly? Are accounting personnel prohibited from signing checks? Are checks received in the mail endorsed immediately? Do you correct any internal weaknesses the CPA points

out? Are employees bonded? Do employees take regular vacations? Are unused checks under lock? Is the computer system effectively backed-up? Are policies and procedures written down and periodically

reviewed? Is there a reasonable document retention policy?

Convery 2013 9

Most fraud is committed by a person within the company “above suspicion”

“Collusion” between two people makes fraud difficult to detect

Checking past employment references for new employees can help minimize risk

Convery 2013 10

Get the facts through investigation Get advice from an attorney and/or CPA When terminating employees, get their keys, credit

cards, access to computer, and then escort them out of the building

Change the locks and computer passwords Contact your insurance company Re-evaluate the system of internal controls and correct

any deficiencies

Convery 2013 11