Introduction to the Investigative Audit Services Group

Internal Audit’s Responsibility Develop an annual audit plan based upon a

system-wide risk assessment process; Conduct audits in support of the plan; Investigate fraud or fraudulent actions; Report results to the Board of Regents, the

Chancellor, and the Chief Executive Officers; and

Coordinate audit efforts with external and state auditors

Chief Auditor

Cathy Smock

Staff AssistantLeigh Lobello

Staff AssistantLessie Koester

System Internal Audit DepartmentOrganization Chart

Director(Agencies & Regional

Universities)

Dick Dinan

Internal Audit ManagersMark Poehl

Amanda Jenami

Bill Williams

AuditorsAliza Dirden

Deedra JacobNora MilesTom Miller

Tracey SadlerKim Pekar

Christy JurneyHolly Blue

Kimberly RutledgeChris Powell

Internal Audit Managers

Brian BillingtonAmanda DotsonDavid Maggard

Sandy Ordner

AuditorsLori Ellison

Katina GreenleeMark Heslip

Susan McGrailDarwin RydlDeidra White

Katie RannebargerMadelyn GallowayJoseph Mitchell

Director(TAMU, HSC, &

SAGO)Charlie Hrncir

AdministrativeAssistantJudy Stovall

Administrative SecretaryPart Time

Penny ScottInvestigative Unit

ManagerRobin Woods

Sr. Investigative Auditor

Debi Fincher

Sr. Investigative Auditor

Mark Dickerson

12/6/06

Governor’s Executive Order RP-36 Preventing, Detecting & Eliminating Fraud, Waste & Abuse

Each state agency shall develop a Fraud Prevention Program that includes the following components:

Culture of Honesty and Ethics Antifraud Processes and Controls Appropriate Oversight Processes

Culture of Honesty & Ethics

Ethics Policy Fraud Policy Ethics Training Hotline for employees to report wrongdoing Separate investigative group to review

reports of wrongdoing Thorough investigations conducted for

allegations of fraud with disciplinary action taken against violators.

Antifraud Processes & Controls

Internal Audit prepares a System-wide risk assessment as part of the annual audit planning process

Fraud Policy states that CEOs have primary responsibility for identifying areas of risk

Internal Audit utilizes ACL to test for anomalies in financial data

System members utilize positive pay system with banks to detect fraudulent checks

Management tracking report for all audit recommendations

Appropriate Oversight Processes

Board of Regents is very active in addressing control issues identified in audits and investigations

Board of Regents approves the annual audit plan Chief Auditor meets regularly with Committee on

Audit Committee on Audit reviews the audit tracking report Management

A&M System Policy 07.01, Ethics

All A&M System employees are expected to adhere to the highest of ethical standards and principles. These standards and principles are set forth in the A&M System Ethics Policy.

A&M System Policy 21.04, Control of Fraud & Fraudulent Actions

Every employee is responsible for reporting factual information suggestive of illegal, improper or dishonest acts and/or practices that may involve the A&M System or one of the System members.

Fraud or Fraudulent Actions

Theft

Embezzlement Kickbacks Travel reimbursement schemes Falsification of government documents Misappropriation/misuse of property Conflicts of Interest

Methods of Detecting Fraud in Governmental Agencies

Tip 39% Internal Audit 20% Internal Controls 20% By Accident 16% External Audit 15% Police Notification 7%

Association of Certified Fraud Examiners 2006 Annual Report to the Nation

The sum of percentages exceeds 100% because some respondents identified more than one method.

Report Fraud To Immediate supervisor Agency/University Chief Executive Officer The A&M System Fraud, Waste & Abuse Hotline (reports are

anonymous) The State Auditor’s Fraud, Waste & Abuse Hotline (reports are

anonymous)

What Happens Next

Notification of Agency/University Chief Executive Officer

Investigative Group reviews applicable documentation & conducts interviews as necessary

Chief Auditor issues report of review findings

Management takes corrective action if necessary

Reporting Process Report will identify possible criminal

violations, as well as policy violations & significant control weaknesses

Draft report reviewed with management if necessary prior to being issued

Management required to provide a written response of corrective actions to be taken with regard to policy violations & control weaknesses

Summary of investigations is provided to the Board of Regents annually

Complaints Received

Allegation Type Fiscal Year 2005

Fiscal Year 2006

Misappropriation of funds 11 6

Misuse of resources (computers, vehicles, etc.)

26 30

Theft of time 5 1

Falsification of documents 3 8

Contract/bid irregularities 2 6

Conflict of interest 5 4

Counterfeit cash or checks 2 -

Management Issues 10 16

Failure to investigate hazing - 1

Total 64 72

Final Report Conclusion Number of Incidents Fiscal Year 2005

Number of Incidents Fiscal Year 2006

Criminal Acts 2 5

Policy Violations 13 7

Internal Control Weaknesses 16 24

No Issues Identified 27 42

Total 58 78

Investigative Report Findings

Common Themes in Identified Control Weaknesses:

No Segregation of Duties Lack of Reconciliations Lack of Documentation Lack of Management Oversight

Segregation of Duties An employee performs every step in a

particular process:• Authorizes purchases, receives invoices,

prepares vouchers/approves payment, deposits funds, processes reconciliations

Important in A/R, A/P, Working Funds

Reconciliations To check a financial account against

another for accuracy Perform periodically and independently

to verify the account balances

Documentation Ensuring contracts exist which authorize

work and payments Is there enough information on the

invoice to confirm what is being purchased?

Did someone physically inventory or confirm deliverables?

Management Oversight Do you know the duties of your

employees? Is there management approval for

purchases, including travel and reimbursements?

Ultimately, the responsibility rests with management - “Tone at the Top”

Contact Information SIAD Phone: 979.458.7100

Hotline: 888.501.3850

Website: www.tamus.edu/offices/iaudit/

SAO Website: www.sao.state.tx.us/SIU

Email:

•Robin Woods robin-woods@tamu.edu

•Debi Fincher dfincher@tamu.edu

•Mark Dickerson m-dickerson@tamu.edu