Embed Size (px)
Citation preview
Gordon Chan, CPA, CA, CFE, CRMA
May 29, 2016
GFOA Banff 2016
Government Finance Officers Association Conference
Fairmont Banff Springs Hotel May 29 – June 1, 2016
Lisa Majeau Gordon, CPA, CA!!IFA, CFE, CICA, CFF Chris Lavin, MBA, FCMC
Prepared By:
Date:
Page 2
Agenda
Lisa Majeau Gordon on Fraud and Fraud Prevention
Chris Lavin on Regional Collaboration
Gordon Chan on Business Resilience
Questions from the Audience
Page 3
Fraud Risk Management
Detection
Response
Prevention
Anti-Fraud Programs and Controls are focused on:
• Prevention: controls designed to reduce the risk of fraud and misconduct from occurring in the first place
• Detection: controls designed to discover fraud and misconduct when it occurs
• Response: controls designed to take corrective action and remedy the harm caused by fraud or misconduct
Page 4
Recent Municipal Cases 1. Employee who set up ghost employees to manipulate
direct deposit payroll defrauded an Alberta town of $485,000 in 3 years.
2. MNP conducted a conflict of interest investigation into allegations of bid rigging and kickbacks with local vendors by Councilors.
3. A Controller of a large municipality was found to have misappropriated funds electronically and concealed it within accounting records and bank reconciliations.
4. Allegations of corruption regarding development permits by elected officials in an Alberta Village was investigated by MNP.
Page 5
5
#5 Fraud Prevention Measure for Municipalities 5. User Access Controls • Unique user names and passwords should be created
for all individuals with access to the organization’s systems. Passwords should never be shared.
• Passwords need to be changed on a regular schedule. • Limit access to payroll and cheque production. • Online banking or accounting software access needs to
have unique access identifiers for each user.
Page 6
6
4. Control Access to Funds • Limit access to credit cards, p-cards, and bank
accounts. Develop and follow policies on employee expenses submitted for reimbursement. Monitor overtime claims.
• Reimbursement should not be processed without a review of receipts or supporting documentation.
• Procurement policy should be developed with protocols regarding competitive bids and tenders.
• Vendor setup, update, and deletion needs to be locked down.
#4 Fraud Prevention Measure for Municipalities
Page 7
7
#3 Fraud Prevention Measure for Municipalities 3. Reconcile Bank Statements Monthly • Bank statements should be sent directly to the
person responsible for reconciling them. All reconciling items should be listed and investigated.
• Bank reconciliations should be reviewed by another individual once completed.
• Reconciliation should not be performed by anyone with direct access to banking activity.
Page 8
8
#2 Fraud Prevention Measure for Municipalities 2. Documented Procedures • Day-to-day procedures for:
o cash handling and banking o accepting funds o creating cheques o accounting entries o reconciliation o Processing payroll o School generated funds
• Must be documented and tested for compliance from time to time
Page 9
9
The #1 Fraud Prevention Measure for Municipalities 1. Segregation of Duties
• Ensure no single individual is responsible for handling cash, issuing cheques, and reconciling the bank statement.
• Wherever possible, segregate banking activities from accounting/financial reporting activities. When it is not possible, add a layer of peer or management review.
Page 10
10
Segregation of Duties: 2 Executive Director Accountant or Other
Financial Personnel q Receive and open bank statements q Sign cheques q Make deposits q Perform interbank transfers q Distribute pay cheques q Review petty cash q Review bank reconciliations q Approve vendor invoices q Perform analytical procedures q Sign important contracts q Make compensation adjustments q Discuss matters with BOD or audit
committee
q Record pledges q Mail cheques q Write cheques q Reconcile bank statement q Record credit/debits q Approve payroll q Disburse petty cash q Authorize purchase orders q Authorize cheque requests q Authorize invoices for payment
• A receptionist or administrative employee could open mail and create a deposit log • In addition, non accounting personnel such as a receptionist, program
personnel etc. can be trained to perform some of the less technical duties. Board members can be used to further segregate duties
Page 11
11
Executive Director Accountant or Other Financial Personnel
Accounting Staff
q Sign important contracts q Make compensation
adjustments q Discuss matters with BOD
or audit committee q Sign cheques q Complete deposit slips q Perform interbank transfers q Perform analytical
procedures q Review bank reconciliation
q Approve payroll q Process vendor invoices q Mail cheques q Perform analytical procedures q Approve invoices for payment q Disburse petty cash q Open mail and log cash q Receive bank statements
q Record pledges q Write cheques q Reconcile bank
statement q Record credits/debits q Reconcile petty cash q Distribute payroll
Segregation of Duties: 3
• In addition, non accounting personnel such as a
receptionist, program personnel etc. can be trained to
perform some of the less technical duties. Board
members can be used to further segregate duties
Page 12
12
Executive Director Accountant Staff Accounting/Other Accounting/Other
q Sign important contracts q Make compensation
adjustments q Discuss matters with BOD
or audit committee q Sign cheques q Perform analytical
procedures
q Record pledges q Write cheques q Reconcile bank statement q Record credits/debits q Reconcile petty cash
q Distribute payroll q Open mail and log cash q Disburse petty cash q Mail cheques q Review bank
reconciliation
q Approve vendor invoices q Perform interbank
transfers q Approve payroll q Complete deposit slips
Segregation of Duties: 4
• In addition, non accounting personnel such
as a receptionist, program personnel etc.
can be trained to perform some of the less
technical duties. Board members can be
used to further segregate duties
Page 13
How can Finance contribute to REGIONAL COLLABORATION
Page 14
Financial Considerations of Regional Collaboration
• The Province is increasingly pushing improved collaboration and implications of reducing costs
• This will likely move from “nice to” to “must” in the coming year(s)
• Financial considerations will help frame the case for collaboration
Page 15
Collaboration Spectrum
• The range of collaborative opportunities within and between municipalities is almost infinite, but we have found 6 core archetypes
Page 16
Municipal Centres of Excellence
• Focus on each partners strengths • Understanding the real cost of service • Understanding the value of service use • Establishing clear SLAs with effective
performance metrics and cost sharing/pricing
• Ability for municipalities to “share” in cost improvements
Page 17
Single Shared Service Provider • Focus on each partner’s strengths • Understanding the real cost of service • Managing overhead and administrative costs • Establishing clear SLAs with effective performance
metrics and cost sharing/pricing • The challenge of a “Shared Service Buffet” • Ability for municipalities to “share” in cost
improvements • Human capital transfers and costs can be
significant
Page 18
Shared Service CO’s (one or multiple) • Either single service or full service, often as “Part
9s” • The cost of creating a shared service organization
with requisite governance and legal requirements isn’t small
• Transfer/lease of assets requires very strong understanding of existing service structures
• Potential to create “profit centres” has pros and cons
• Customer service orientation and relationship management essential
Page 19
Amalgamation
• Service delivery and financial structures similar to status quo
• However, master data and charter of accounts differences can have major impacts… work on aligning early
• Asset transfer and human capital transfers can be complicated especially if multiple parties involved. Get out in front.
• Expectations of improved service levels for same or less costs
Page 20
Page 21
Preparation, Response and Recovery
Emergency Procedures
Business as Usual
Normal Operations
Event
Page 22
Governance Strategy Sustainment Risk Assessment &
Analysis
Resiliency Plans
Objectives & Scope
Policy
Roles & Responsibilities
Reporting
Hazard Identification
Risk Assessment
Business Impact
Analysis
Critical Functions &
Services
Information Technology
Facilities
Resources
Infrastructure
Emergency Response
Crisis Management
Crisis Communication
Disaster Recovery
Business Continuity
Physical Security
Plan Maintenance
Training & Awareness
Periodic reviews & audits
Periodic Testing & Exercises
Continuous Improvement
How to Get Prepared
Page 23
Learning from Common Mistakes
§ Lack of Executive & Council support & engagement
§ Individual plans are not integrated
§ Plans are not reviewed/ audited
§ Do not perform exercises and test plans
§ Wrong person leading response & recovery
13
Page 24
Thank you!
( 780.453.5375 ! 780.454.1908 * [email protected]
Lisa Majeau Gordon CPA, CA�IFA, CFE, CICA, CFF
( 780.733.8640 ! 780.454.1908 * [email protected]
Chris Lavin MBA, FCMC
Gordon Chan CPA, CA, CFE, CRMA
( 403.537.8429 ! 403.269.8450 * [email protected]
Page 25
Page 26
The material presented today and contained in these slides contains a general overview of the subject, is provided solely for educational purposes and may not be applicable to a specific case, set of circumstances or facts. This material is based on laws and practices that are subject to change and may not represent the views of MNP LLP. This information is current as of the date of publication and should not be regarded as a substitute for professional advice. Although the course material has been carefully prepared, MNP LLP and the presenters accept no responsibility or liability for any loss or damage caused by your reliance on information contained in this presentation. Please feel free to contact your local MNP professional for advice specific to your circumstances. © MNP LLP 2014. All Rights Reserved.
*External Presentation Copyright Notice
