fraud and corruption control plan · web viewfraud and corruption control framework uniting church...

FRAUD and CORRUPTION CONTROL FRAMEWORKUniting Church in Australia - Synod of VIC & TAS

June 2012 (version dated 28 June 2012)

Table of Contents 1. Fraud and Corruption Control Framework.......................................2

1.1 Introduction..............................................................................................................................21.2 Definitions.................................................................................................................................31.3 Statement of Synod’s position on fraud and corruption............................................................31.4 Roles and accountabilities for fraud and corruption control......................................................31.5 Code of Conduct.......................................................................................................................41.6 Relationship with the Synod’s other policies.............................................................................4

2. Planning and Resourcing...............................................................62.1 Roles and responsibilities for fraud and corruption control.......................................................62.2 Fraud control responsibilities of management and staff...........................................................62.3 Role of Internal Audit................................................................................................................72.4 Program for fraud and corruption control review......................................................................7

3. Fraud and Corruption Prevention...................................................83.1 Implementing and maintaining an integrity framework............................................................83.2 Synod’s commitment to controlling the risk of fraud and corruption........................................93.3 Accountability for controlling the risk of fraud and corruption................................................103.4 Maintaining a strong control system and internal control culture...........................................103.5 Fraud and corruption risk assessment....................................................................................103.6 Communication and awareness of fraud and corruption.........................................................113.7 Conflicts of Interest.................................................................................................................113.8 Employment screening...........................................................................................................113.9 Policy dealing with taking annual leave and job rotation........................................................123.10 Supplier and customer vetting................................................................................................123.11 Specific initiatives aimed at controlling the risk of fraud and corruption................................12

4. Fraud and Corruption Detection...................................................134.1 Fraud and corruption detection program................................................................................134.2 The external auditor’s role in the detection of fraud and corruption.......................................134.3 Mechanisms for reporting suspected fraud and corruption incidents......................................144.4 Whistleblower Protection Program..........................................................................................14

5. Responding to suspected fraud and corruption incidents..............155.1 Procedures for the investigation of suspected or detected incidents......................................155.2 Disciplinary procedures..........................................................................................................155.3 External Reporting..................................................................................................................165.4 Policy for civil proceedings to recover the proceeds of fraud or corruption............................165.5 Internal control review following discovery of fraud...............................................................16

Appendix A Example fraud risk exposures..........................................17

Uniting Church in Australia – SynodFraud & Corruption Control Framework i

1. Fraud and Corruption Control Framework

1.1 IntroductionThe Uniting Church in Australia Synod of Victoria and Tasmania (“UCA Synod VIC & TAS”) is concerned about the vulnerability that any organisation has to the risks of fraud and corruption and that may damage the organisation’s reputation, goodwill in society and misdirect resources potentially reducing UCA Synod VIC & TAS ability to meet its obligations to the community. Consequently, UCA Synod VIC & TAS is committed to the prevention of fraud and corruption through the development and implementation of Synod’s Fraud and Corruption Control (“Framework’).

This Framework has been developed collaboratively by Synod and specialists from Ernst & Young. It is designed to protect the integrity, security and reputation of UCA Synod VIC & TAS while maintaining a high level of services to the community consistent with the values stipulated in the Synod’s Code of Conduct Policy. This Framework has been compiled incorporating relevant leading practices on fraud and corruption control. This includes the corporate governance series of Australian Standards (“AS 8000-AS 8002 and AS 8004”), The Institute of Internal Auditors’ (“IIA”) Internal Auditing and Fraud guide and Managing the Business Risk of Fraud: A Practical Guide by the IIA, American Institute of Certified Public Accountants (“AICPA”) and the Association of Certified Fraud Examiners (“ACFE”).

An effective Fraud and Corruption Control Framework requires an integrated approach as depicted in the diagram below.

(Source: Fraud Control in Australian Government Entities: Better Practice Guide, Australian National Audit Office, March 2011)

Uniting Church in Australia – SynodFraud & Corruption Control Framework 2

1.2 Definitions FraudThe Australian Standard AS 8001:2008 on Fraud and Corruption Control defines fraud as:

“Dishonest activity causing actual or potential financial loss to any person or entity including theft of moneys or other property by employees or persons external to the entity and where deception is used at the time, immediately before or immediately following the activity. This also includes the deliberate falsification, concealment, destruction or use of falsified documentation used or intended for use for a normal business purpose or the improper use of information or position for personal financial benefit.”

Corruption The Australian Standard AS 8001:2008 on Fraud and Corruption Control defines corruption as:

“Dishonest activity in which a director, executive, manager, employee or contractor of an entity acts contrary to the interests of the entity and abuses his / her position of trust in order to achieve some personal gain or advantage for him or herself or for another person or entity.”

SynodFor the purposes of this policy Synod means Uniting Church operations which include 130 Little Collins Street, CTM, Bethel and 96 Margaret Street, Launceston.

UCA Synod VIC & TAS entitiesIncludes institutions (Schools, Colleges & UnitingCare agencies) Presbyteries and Congregations, Uniting Aged Care and Funds Management.Synod Standing Committee {“SSC”) The body referred to in Clause 36 of the Uniting Church in Australia Constitution as the body which shall be empowered to act on behalf of the Synod between meetings of the Synod as set out in the constitution.

1.3 Statement of Synod’s position on fraud and corruption

The Synod has a zero tolerance stance towards fraud and corruption. Fraudulent or corrupt activity of any kind, including for the benefit of Synod, is expressly forbidden. The Synod management, staff members (employees and volunteers) are expected to conduct themselves in a manner consistent with the principles and values of the Synod as stipulated in the Code of Conduct.

The Synod is committed to the integrity of the organisation and views fraud and corruption as a serious matter. The Synod is committed to a comprehensive and systematic approach to the effective management of potential fraud and corruption risks.

All reports of alleged fraudulent activity will be investigated and a determination made as to the most appropriate course of action which may lead to legal, disciplinary or other action.


1.4 Roles and accountabilities for fraud and corruption control

The ongoing responsibility for the sound management of the Synod ultimately rests with the SSC. As such, the SSC has recognised that it is necessary to further enhance fraud and corruption control across the Synod and has delegated to the General Secretary the responsibility to oversee the effective implementation of the Synod’s fraud awareness framework.

To ensure that this Framework is effective, the ultimate responsibility for fraud control rests with all management and staff within the organisation.

1.5 Code of ConductThe Synod actively promotes a way of life which embraces Christian values and ethics including: ► Effective servant leadership► Respect and care co-operation► Inclusion► Justice► Integrity► Compassion► Achieving through teams► Wise stewardship► Professional excellenceThe Synod’s Code of Conduct is based on these values and provides guidelines for all staff members on the appropriate way to interact with other parties be they colleagues, volunteers, visitors, or members of the general public. By adhering to these guidelines the Synod staff members will all contribute to the development of a warm and friendly environment, and to the delivery of high quality, professional outcomes. In addition the Employee Assistance Program is available if needed in providing a supportive role in difficult times. Contact the HR department for further information.

1.6 Relationship with the Synod’s other policiesThis Framework interrelates with a number of the Synod policies, procedures, documented practice and internal controls which are to be read in conjunction with this Framework. These include:

► Synod Constitution and Regulations (as amended)► Code of Conduct for Synod► Information Technology (IT) Security Policies► Recruitment & Selection Policy► Police Records Check Policy► Conflict of Interest Policy► Whistleblower Protection Policy


► Internal Audit Plan and Charter► Risk Management Charter and Risk Management Framework► Synod Accounting Manual

Statutory and Australian Standard Compliance:► The Uniting Church in Australia Act 1977 (Vic)► The Uniting Church in Australia Act 1977 (Tas)► Crimes Act 1958 (Victoria)► Criminal Code Act 1924 (Tasmania)► AS 8000 Good Governance Principles► AS 8001 Fraud and Corruption Control ► AS 8002 Organizational Codes of Conduct► AS 8004 Whistleblower Protection Programs for Entities


2. Planning and Resourcing2.1 Roles and responsibilities for fraud and

corruption control The General Secretary has overall responsibility for fraud and corruption control within the Synod and has delegated to the Synod’s Risk Management and Audit Committees the developing and implementing the fraud and corruption control framework.. However, a key principle underpinning the Framework is that effective management of fraud and corruption risk also requires a holistic approach and therefore responsibility rests with all staff members having responsibility for financial matters for preventing, detecting and reporting fraud.

2.2 Fraud control responsibilities of management and staff

Each member of the management team in the Synod office is responsible for promoting a culture of ethical conduct in their respective areas of responsibility, as well as ensuring fraud and corruption risks are managed and that incidents are appropriately reported.

All such personnel are to:

► Implement effective internal control systems to reduce the likelihood of fraud occurring.

► Safeguard physical and intellectual assets under their control► Safeguard and ensure the legitimate use of information (this includes

electronic, verbal and written)► Ensure the efficient use of resources ► Ensure that allegations or suspicions of fraudulent or corrupt activity are

promptly investigated by specialist resources (internal or external to the Synod)

► Inform staff of their responsibilities for fraud and corruption prevention and detection

► Identify and evaluate areas of exposure to potential fraud and corruption risk► Develop / modify work practices to reduce the risk of fraud and corruption► Report suspected fraud, misconduct and corruption► Maintain open, honest and full communication with staff, so far as possible► Ensure staff awareness and participation in fraud and corruption awareness

training activitiesAll staff members:

Have a moral obligation to report any case of fraud or corruption which they reasonably suspect has been committed by other staff members or external parties to their immediate manager and if required they should refer the matter to the Manager, Risk and Insurance and Manager-Internal Audit. Staff members should feel comfortable knowing that they will not be incriminated or prejudiced for reporting suspected fraud or corruption. Each staff member should promote and encourage their peers to practice ethical conduct, with the support and


encouragement of their immediate manager/s (e.g. department/unit manager) when preventing, identifying and reporting suspected fraud and corruption.

Where possible, staff members are to look to assist in identifying and developing improved systems and procedures that will enhance the Synod’s resistance to fraud and corruption. All staff members are to:

► Safeguard physical and intellectual assets under their control► Report suspected fraud, corruption and/or improper conduct

2.3 Role of Internal AuditThe Synod’s Audit Committee through the Internal Audit Manager, is responsible for assisting management in the prevention and deterrence of fraud by examining and evaluating the adequacy and the effectiveness of the various systems of internal control across the UCA Synod VIC & TAS. It is not the role of internal audit to detect fraud as a main function of its work. However, internal audit will provide assistance to management in operating detection programmes. Internal audit will also provide assistance and advice to management to improve internal controls to mitigate the risk of fraud occurring in the relevant area.

2.4 Program for fraud and corruption control review

This Framework will be reviewed at least once every two years. The Risk Management and Audit Committees are responsible to the General Secretary for ensuring this is completed.Improvements to the Framework may arise due to changes in the business conditions, results of fraud and corruption risk assessments, outcomes from investigations into incidents of fraud and corruption, and changes in fraud and corruption control leading practice.


3. Fraud and Corruption Prevention

3.1 Implementing and maintaining an integrity framework

A healthy and sustainable Christian ethical culture within the Synod has been established partially through the implementation of an integrity framework, which includes a process of benchmarking and continuous monitoring, underpinned by a program of example setting by senior management.

Fraud can seriously impact the health and vitality of any organisation. Misplaced trust, inadequate hiring and supervision policies and a failure to implement strong internal controls can lead to an environment that is ripe for internal theft and fraud.

For every fraudulent activity, there is always a breakdown of internal controls.

Minimising the potential for fraud will require designing and implementing a control environment that prevents, detects and deters most fraudulent behaviour.

Internal controls that protect against possible fraud should include:

► Separation of duties – no one person should be responsible for a complete transaction from start to finish

► Access controls – physical controls, such as locks and passwords for valuable assets, including information and business systems

► Authorisation controls – policies that clearly articulate who is authorised to conduct business on behalf of the Synod and who is responsible for each step of a transaction, building in the separation of duties requirement.

Strategies to minimise the likelihood of fraudulent activities include1:

► Lead by example – Senior Management and board members set the example for employees and volunteers.

► Create a positive working environment – A positive work environment encourages employees and volunteers to follow established policies and procedures and act in the best interest of the Synod.

► Implement internal controls – Internal controls are designed to ensure the effectiveness and efficiencies of operations, compliance with laws and regulations, safeguarding of assets and accurate financial reporting and will ensure that the risk of employee/volunteer fraud is minimised.

► Create a code of conduct – This will make it clear that there is zero tolerance of any fraudulent activity on any level of the Synod.

► Implement a whistleblower policy and mechanism – A whistleblowing policy should outline the steps to be taken if an employee or volunteer suspects another individual of fraud. To supplement the policy a mechanism that allows employees or volunteers to communicate their concerns about potential fraud anonymously and without fear of negative consequences is recommended.

1 Sourced from CPA Australia Ltd Internal controls for not-for-profit organisations (2011)Uniting Church in Australia – SynodFraud & Corruption Control Framework 8

► Implement a comprehensive recruitment and screening policy for employees and volunteers –A recruitment screening policy should involve:► Past employment verification and reasonable explanations of any

employment gaps► Police checks for positions with a high exposure to the risks of fraud ► Verification of qualifications – sight original documents ► Reference checks.

► Monitor employee and volunteer behaviour – Telltale signs of fraud can sometimes be seen in employees who regularly work outside business hours or rarely take holidays or an employee who appears to be spending or living beyond their means.

► Implement supervisory processes – Strong supervision is vital especially in Not for Profits that may have difficulty in the segregation of duties.

► Perform regular accounting reconciliations - Regular appropriately performed accounting reconciliations (such as bank and UCA Fund account reconciliations and analyses between budget and actual figures) can make fraud concealment very difficult.

► Perform regular activity monitoring – Regular spot checks in key areas such as cash payments and cash receipts, will help uncover discrepancies, as well as show employees and volunteers that activities are subject to regular review.

► Implement physical access controls – Physical access controls should involve restricting access to premises, cash registers, computer systems and safes to those who require access to perform their job,

► Investigate incidents – A thorough and prompt investigation of policy and procedure violations, allegations of fraud or warning signs of fraud.

The elements of the Synod’s integrity framework include:

► The Code of Conduct ► Police Records Check Policy► Conflict of Interest Policy► This Fraud Risk Management Framework► Finance Policies including Delegations ► Human Resource Policies (e.g. Recruitment and Selection Policy)► Relevant training including fraud and corruption awareness training► Modelling appropriate behaviour by senior management► Mechanisms (including reporting by whistleblowers) for the reporting of

suspected incidents of fraud and/or corruption within Synod► Internal Audit Plan and Charter


3.2 Synod’s commitment to controlling the risk of fraud and corruption

The Synod promotes a culture of risk consciousness and ensures that all staff and relevant Church members have an observably high level of commitment towards controlling the risks of fraud and corruption within the organisation.

The Synod provides fraud and corruption awareness training to staff members including management together with relevant UCA Synod Vic & TAS bodies, relating to the risk of fraud and corruption. In doing so, it facilitates an environment in which:

► It regards the ramifications of fraud and corruption to be a serious risk ► Staff members gain an awareness of various fraud and corruption related

issues, including specifically:► An understanding of fraud and corruption (including their definitions,

the extent of fraud and corruption, types of fraud and corruption and why fraud and corruption is a problem)

► Why people commit fraud► Recognising the warning signals (fraud red flags)► The Synod’s fraud and corruption vulnerability areas► Responsibilities of the Synod’s staff and relevant congregational

members regarding fraud and corruption.

3.3 Accountability for controlling the risk of fraud and corruption

Managers within the Synod play an important role in the prevention of fraud and corruption risk. Managers have the responsibility of ensuring that all staff members in their respective areas are aware of fraud and corruption risks and the requirement to declare any potential, perceived and actual conflicts of interest. Managers need to encourage a culture where staff members feel comfortable disclosing suspicions of fraudulent or corrupt conduct, including any potential and / or actual conflicts of interest.

Managers are required to assess any change in the fraud and corruption control risk environment within their department/unit and implement and monitor appropriate preventative and detection controls.

3.4 Maintaining a strong control system and internal control culture

There is a strong link between the incidence of fraud and corruption and inadequate internal control systems within an organisation. In many cases where fraud or corruption is detected, it is possible to identify a control weakness or failure that allowed the incident to occur or failed to detect the incident in a timely manner.

Therefore, the Synod must maintain a strong control framework and a culture of compliance with control requirements to mitigate the risk of fraud and corruption within the organisation.


3.5 Fraud and corruption risk assessmentThe Synod has a Risk Management Strategy and Framework which has been developed to facilitate the systematic identification, analysis and evaluation (“Risk Assessment”) of risk within its operations.

As part of the fraud risk management strategy, the Synod will from time to time undertake fraud and corruption risk assessments which consider internal and external fraud and corruption risks. These fraud and corruption risk assessments focus on key functions and operations within the Synod which are currently assessed as susceptible to fraud and corruption risk. These fraud and corruption risk assessments are to be undertaken and form part of the risk assessment process through the Synod online risk register. Refer to Appendix A for a list of a list of relevant fraud risk exposures.

3.6 Communication and awareness of fraud and corruption

The Synod fosters an awareness of the risk of fraud and corruption control by:

► Including fraud and corruption awareness training during the induction process

► Providing key staff members with fraud and corruption awareness training ► Providing an online fraud awareness training module for all staff members ► Ensuring that any updates to this Framework are effectively communicated to

staff► Ensuring that staff members are aware of the alternative methods by which

they can report suspected instances of fraud and corruption ► Encouraging staff to report all suspected instances of fraud and corruption

3.7 Conflicts of InterestA conflict of interest arises when a person who is in a decision making position participates in an activity or acquires another interest or loyalty that jeopardises, or could jeopardise, their judgement, objectivity or independence.

Common conflicts of interest examples include:

► Holding outside jobs and affiliations which may have a perception of a conflict► Jobs and affiliations of close relatives (nepotism) or friends or acquaintances

(cronyism)► Offering or accepting gifts and hospitality (not declared and management

advice not sought)► Pursuing Synod business opportunities for personal gain► Influencing business decisions for a benefit for oneself or others A conflict of interest can be actual, potential or perceived. A conflict of interest can also arise when a Synod staff member accepts a gift or hospitality if such gift or hospitality has the potential to influence a decision to be made in favour of the giver or another person or entity with whom they are associated. To maintain integrity in the Synod, conflicts of interest must be appropriately declared and managed in accordance with the Synod’s Conflicts of Interest Policy.


3.8 Employment screening Employment ScreeningThe Synod recognises the importance of its people in achieving its objectives. As church activity expands, the Synod need to ensure that all staff members wherever situated and relevant Church members are aware of the culture and objectives of the Church. In this regard it is important that appropriate screening of all staff members in particular take place during the recruitment process.

The type of enquiries by Human Resources that take place as part of an employment screening process can include: ► Verification of identity► Police criminal history check► Reference checks with recent employers► Consideration of any gaps in employment history and the reasons for those

gaps► Verification of formal qualifications claimedRefer to the Recruitment and Selection Policy and Criminal Records & Working with Children Policy

3.9 Policy dealing with taking annual leave and job rotation

Human Resources monitor the taking of annual leave by all staff members. In particular, where a staff member has accumulated a high number of annual leave days, his/her manager is informed and their position is monitored. In addition, management will take reasonable steps to ensure that there is appropriate job rotation if practicable to mitigate the risk of fraud and corruption..

3.10 Supplier and customer vettingThe supplier vetting process undertaken by the Synod is managed by the staff members involved in the procurement process.

The enquiries made by the Synod in relation to each new supplier, if the supplier is a corporation, include the following:► ABN/ACN► Verification of the personal details of director(s)► Bank account details► Background check on potential suppliers► Search of legal proceedings pending and judgements entered► Telephone listing verification► Media searchThese enquiries need to be documented and a record maintained.

3.11 Specific initiatives aimed at controlling the risk of fraud and corruption

Other related programs include:Uniting Church in Australia – SynodFraud & Corruption Control Framework 12

► Regular review of conflicts of interest► Finance internal control procedures, financial analysts, monthly results

reviews / variance analyses► Enhanced focus and control in potential “red flag” areas (e.g. staff member

expenses)► Regular fraud and corruption awareness training (every 2 years)► Internal audit► External auditor’s letter of assurance


4. Fraud and Corruption Detection4.1 Fraud and corruption detection programDetective controls are designed to provide warnings or evidence that fraud and corruption is occurring or has occurred. Effective internal controls are one of the strongest deterrents to fraudulent and corrupt behaviour and actions. Simultaneous use of preventative and detective internal controls enhances any fraud and corruption risk management program’s effectiveness. Although detective internal controls may provide evidence that fraud and corruption exists, detective internal controls are not intended to prevent fraud and corruption.

Fraud detection methods need to be flexible, adaptable, and continuously changing to meet the changes in the risk environment. While preventative measures are apparent and readily identifiable, detective controls may not be as apparent (i.e. they operate in the background).

The Synod has a number of detective programs in place which include the Code of Conduct, the Whistleblower Protection Policy(TBA), process controls and the following example data analytics detective programs:

► Post transactional review – A review of transactions after they have been processed are effective in identifying fraudulent or corrupt activity

► Data mining and real-time computer system analysis – the Synod’s information systems are an important source of information on fraudulent and, to a lesser extent, corrupt conduct

► Analysis of management accounting reports to identify trends - Using relatively straightforward techniques in analysing the Synod’s management accounting reports, trends are examined and investigated which are indicative of fraudulent or corrupt conduct

4.2 The external auditor’s role in the detection of fraud and corruption

The Synod liaises with its external auditor, and seeks assistance of the external auditor in this regard, as and when required.

The Synod takes a proactive position in relation to the involvement of the external auditor in the Synod’s fraud and corruption detection, by:

► Emphasising to the external auditor, the Synod’s fraud and corruption detection philosophy and the importance the Synod places on fraud and corruption detection as part of the external audit

► Offering such assistance as the external auditor may require to enable a more comprehensive examination of the issue

► Requiring the external auditor to consider the “fraud risk factors” set out in the auditing standard ASA 240 The Auditor’s Responsibility to Consider Fraud in an Audit of a Financial Report

The Synod’s external auditors are to inform the Audit Committee / General Secretary and Manager – Risk and Insurance Services and Manager-Internal Audit immediately when a suspected incident of fraud and corruption is identified or involves senior management.


4.3 Mechanisms for reporting suspected fraud and corruption incidents

All relevant staff members should be alert and report any suspicions of fraudulent and corrupt activity occurring in their work area or elsewhere in the Synod. A staff member who suspects that a fraudulent or corrupt activity is occurring should report the activity to the Manager - Risk and Insurance Services or the Manager-Internal Audit.

The Synod ensures that adequate means for reporting suspicious or known illegal or unethical conduct are available to all personnel.

For example:

a. An appropriate system for reporting concerns through the entity’s usual organisational structure

b. Internal alternative reporting channels

c. External alternative reporting channels

4.4 Whistleblower Protection ProgramThe Synod maintains and promotes its policy regarding the protection and handling of whistleblowers and information as described in the provisions of the Whistleblowers Protection Policy consistent with the AS 8004 Whistleblower Protection Programs for Entities.


5. Responding to suspected fraud and corruption incidents

5.1 Procedures for the investigation of suspected or detected incidents

The investigation of fraud and corruption is crucial to effective fraud and corruption control. All allegations are subject to preliminary review by the Internal Audit Manager and Manager - Risk and Insurance Services (as applicable) in consultation with the General Secretary who then determines whether a formal investigation is to be pursued. Preliminary reviews and investigations into alleged fraud and corruption will be conducted according to natural justice principles, which mean staff members subject to the allegations:

► Are presumed to be innocent until proven guilty► Have a right to respond to allegations and to be represented during any

formal disciplinary proceedings.For all matters reported to the above managers, a preliminary review will be undertaken to determine the need for further investigation.

The preliminary review will decide whether:► The allegation is not substantiated and no further action will be taken other

than to debrief the informant(s)► There is sufficient information to support substantiation of the allegation and

will require a formal investigation to be undertaken by accredited Synod personnel

► Any investigation will be carried out by an accredited service provider, or internally

► The results of any investigation need to be reported to the appropriate authorities i.e. police

The decision of whether a preliminary review warrants an investigation to be initiated will be made / overseen by the General Secretary and managed by the Internal Audit Manager and/ or Manager - Risk and Insurance Services as required.

Appropriate procedures and guidance should be provided to internal investigating personnel to avoid any uncertainty or confusion as to how any matter should proceed and be handled. Particular care needs to be taken to ensure that evidence gathering and handling will not hinder or compromise the investigation process. Investigations undertaken by an external service provider are required to be undertaken by appropriately licensed personnel (e.g. In Victoria, in accordance with the Private Security Act 2004 and in Tasmania, in accordance with the Security and Investigations Agents Act 2002).

5.2 Disciplinary proceduresAny staff members alleged to have committed fraud and corruption may expect to face disciplinary procedures under the Synod’s relevant employment agreements and/or Policies and/or police action


The ultimate outcome of disciplinary proceedings may involve the admonition, termination of employment, demotion or reduction in seniority of a staff member or other internal person.

5.3 External ReportingThe Synod has procedures in place on how allegations of fraud and corruption conduct are reported to the police and other appropriate law enforcement agencies or government bodies.

5.4 Policy for civil proceedings to recover the proceeds of fraud or corruption

The SSC reserve the right to pursue those who have committed fraudulent or corrupt acts to the full extent of the law, recover any assets lost, and seek criminal or civil restitution, wherever possible.

5.5 Internal control review following discovery of fraud

The Synod Crisis Management Team will reassess the adequacy of the internal control environment and consider whether improvements are required. Where improvements are required, these should be implemented as soon as practical.

(Sources: Institute of Internal Auditors, IPPF-Practice Guide: Internal Auditing and Fraud, December 2009, p. 19)


Appendix A Example fraud risk exposures

The following illustrates the types of frauds an organization might encounter. This listing is not meant to be all-inclusive but to provide a starting point for an organization to identify which areas are vulnerable to fraud. The following is reproduced from Managing the Business Risk of Fraud: A Practical Guide by the IIA, American Institute of Certified Public Accountants (“AICPA”) and the Association of Certified Fraud Examiners (“ACFE”), 2008, pages 57-60.

1. Intentional manipulation of financial statements can lead to: a. Inappropriately reported revenues

i Fictitious revenuesii Premature revenue recognitioniii Contract revenue and expense recognition

b. Inappropriately reported expensesi Period recognition of expenses

c. Inappropriately reflected balance sheet amounts, including reservesi Improper asset valuation

(a) Inventory(b) Accounts receivable(c) Mergers and acquisitions(d) Capitalization of intangible items

ii Misclassification of assetsiii Inappropriate depreciation methods iv Concealed liabilities and expenses

(a) Omission(b) Sales returns and allowances and warranties(c) Capitalization of expenses(d) Tax liability

d. Inappropriately improved and/or masked disclosuresi Liabilities omissionsii Subsequent eventsiii Related-party transactionsiv Accounting changesv Management frauds uncoveredvi Backdating transactions

e. Concealing misappropriation of assetsf. Concealing unauthorized receipts and expendituresg. Concealing unauthorized acquisition, disposition, and use of assets

2. Misappropriation of:a. Tangible assets by

i Cash theft(a) Sales register manipulation(b) Skimming(c) Collection procedures(d) Understated sales(e) Theft of checks received(f) Check for currency substitution(g) Lapping accounts(h) False entries to sales account(i) Inventory padding(j) Theft of cash from register(k) Deposit lapping(l) Deposits in transit


ii Fraudulent disbursements(a) False refunds(b) False voids(c) Small disbursements(d) Check tampering(e) Billing schemes(f) Personal purchases with company funds(g) Returning merchandise for cash

iii Payroll fraud(a) Ghost employees(b) Falsified hours and salary(c) Commission sales

iv Expense reimbursement(a) Mischaracterized expenses(b) Overstated expenses(c) Fictitious expenses(d) Multiple reimbursements

v Loans(a) Loans to nonexistent borrowers(b) Double pledged collateral(c) False application information(d) Construction loans

vi Real estate(a) Appraisal value(b) Fraudulent appraisal

vii Wire transfer(a) System password compromise(b) Forged authorizations(c) Unauthorized transfer account(d) ATM59

viii Check and credit card fraud(a) Counterfeiting checks(b) Check theft(c) Stop payment orders(d) Unauthorized or lost credit cards(e) Counterfeit credit cards(f) Mail theft

ix Insurance fraud(a) Dividend checks(b) Settlement checks(c) Premium(d) Fictitious payee(e) Fictitious death claim(f) Underwriting misrepresentation(g) Vehicle insurance — staged accidents(h) Inflated damages(i) Rental car fraud

x Inventory(a) Misuse of inventory (b) Theft of inventory(c) Purchasing and receiving falsification(d) False shipments(e) Concealing inventory shrinkage

b. Intangible assetsi Theft of intellectual property

(a) Espionage(b) Loss of information(c) Spying(d) Infiltration


(e) Informants(f) Trash and waste disposal(g) Surveillance

ii Customersiii Vendors

c. Proprietary business opportunities

3. Corruption including:a. Bribery and gratuities to

i Companiesii Private individualsiii Public officials

b. Embezzlementi False accounting entriesii Unauthorized withdrawalsiii Unauthorized disbursementsiv Paying personal expenses from bank fundsv Unrecorded cash paymentsvi Theft of physical propertyvii Moving money from dormant accounts

c. Receipt of bribes, kickbacks, and gratuitiesi Bid riggingii Kickbacks

(a) Diverted business to vendors(b) Over billing

iii Illegal payments(a) Gifts(b) Travel(c) Entertainment(d) Loans(e) Credit card payments for personal items(f) Transfers for other than fair value(g) Favourable treatment

iv Conflicts of interest(a) Purchases(b) Sales(c) Business diversion(d) Resourcing(e) Financial disclosure of interest in vendors(f) Ownership interest in suppliers

d. FCPA violationsi Anti-bribery provisionsii Books and records violationsiii Internal control weaknesses

e. Money launderingf. Aiding and abetting fraud by other parties (customers, vendors


fraud and corruption control plan · web viewfraud and corruption control framework uniting church...

Documents