Fraud Prevention Best Practices
What to Prevent
Fraud, waste, and abuse take away funding from a project, and increase the chance that a grant will be decreased or terminated prematurely. Misuse of funds can result in SPPS having to pay back some or all of the grant funds. A history of funding misuse can make it harder to acquire future grants
Everyone who deals with funding is responsible for helping combat fraud.
Abuse involves behavior and activities that a prudent person would consider unreasonable and unnecessary. Abuse also includes the misuse of one’s position for personal financial interest or to benefit a close family member or business associate.
Abuse does not necessarily involve a violation of laws, regulations or provisions of a contract.
Fraud is an intentional act to deceive or cheat, ordinarily for the purpose of benefiting oneself or others, while causing harm to another person or entity. The use of grant funding for a purpose other than intended, is fraud.
Theft, misappropriation, concealment of assets, forgery, and false reporting are all acts of fraud. Acts of fraud are illegal.
Waste is the failure to receive a grant’s full value due to poor planning or organization, thoughtless spending, and mismanagement.
Waste is the squandering of money or resources, even if the action is not explicitly illegal.
How to Prevent
Maintain an Ethical Work Environment
Managers are responsible for maintaining a work environment that promotes ethical and honest behavior. All levels of management must behave ethically and communicate that this is the expectation of all employees, students, contractors, vendors and others.
Managers must demonstrate that unethical behavior will not be tolerated.
Implement and Maintain Effective Internal Control Systems
Many of SPPS’ policies and procedures function as internal controls to ensure reliable accounting and prevent fraud, waste, and abuse.
Internal controls are processes to provide reasonable assurance of:
- Compliance with laws, regulations, contracts, grants and policies
- Effective and efficient operations
- Reliable data (financial and other)
- Protection of assets and resources
- Records (data or physical systems)
Common examples of internal controls include:
- Documentation of transactions
- Documented supervisory review and approval of transactions or other activities
- Independent validation of transactions for accuracy and completeness
- Physical safeguards over cash, supplies, equipment and other resources
- Proper supervision of employees, processes, projects or other operational functions
- Separation of duties among employees
Perform regular assessments to determine whether internal controls are effective.
- Review operational processes
- Determine the potential risk of fraud, waste, or abuse inherent in each process
- Identify the controls included in the process that result in a reduction in the inherent risk
- Note any controls that could be included, but aren’t
- Assess whether any controls need to be improved or added
- Modify the process to alter or improve existing controls
- Identify additional processes and procedures that would contribute to those in existence
See Procedure to Make New Procedures to create a new SPPS procedure.
An internal audit can assess the adequacy and effectiveness of internal controls and will often result in improvement recommendations. During an audit, tests may be conducted to detect fraud, waste, or abuse that may have occurred.
These do not happen often enough for SPPS to rely solely on internal audits for review of internal controls.
One purpose of this type of audit is to evaluate an institution’s internal controls, which will often result in improvement recommendations. State audits will seek evidence of fraud, waste, or abuse that may have occurred.
These are not held frequently enough for SPPS to rely solely on external audits for review of internal controls.
Grants may be subject to audits or reviews by federal, state or other outside agencies. Although audits and reviews may include assessments of internal controls, the primary responsibility for prevention and detection of fraud, waste, or abuse belongs to managers.