Tag Archives for " Governmental "

governmental internal controls
Apr 02

Useful Governmental Internal Controls that You Need Know

By Charles Hall | Fraud , Local Governments

Below I provide useful governmental internal controls that you need to know.

Why am I providing this list of useful controls? Most small governments struggle with establishing sound internal controls. So, the list provides a foundation for preventing theft in your government. While not a comprehensive list, I thought I would share it.

Many of the internal controls listed below are also pertinent to nonprofits and small businesses as well. You will find this same checklist in The Little Book of Local Government Fraud Prevention (available on Amazon) which provides many more fraud prevention ideas.

I am providing general fraud prevention controls and then transaction-level controls for:

  • Cash receipts and billing
  • Cash payments and purchasing
  • Payroll

governmental internal controls

Useful Governmental Internal Controls

General Internal Controls

  1. Have bank statements mailed directly to someone outside of accounting; recipient should peruse bank statement activity before providing it to accounting
  2. Perform surprise audits (use outside CPA if possible)
  3. Elected officials and management should review the monthly budget to actual reports (and other pertinent financial reports)
  4. Map internal control processes by transaction cycle (preferably done by a seasoned CPA); once complete, provide the map to all employees involved in the cycle; when control weaknesses exist, institute additional controls (see 11. below)
  5. Use a whistleblower program (preferably use an outside whistleblower company)
  6. Reconcile bank statements monthly (have a second person review and initial the reconciliation)
  7. Purchase fidelity bond coverage (based on risk exposure)
  8. Periodically request from the government’s bank a list of all bank accounts in the name of the government or with the government’s federal tax I.D. number; compare the list to bank accounts set up in the general ledger
  9. Secure computer access physically (e.g., locked doors) and electronically (e.g., passwords)
  10. Do not allow the electronic transmission (e.g., email) of sensitive data (e.g., social security numbers) without the use of protected transmission technology (e.g. Sharefile); create policy and train staff
  11. Where possible, segregate who (1) authorizes transactions, (2) records transactions, (3) reconciles records, and (4) has custody of assets; when segregation of duties is not possible, require documented second-person review and/or surprise audits

Transaction Level Controls

Cash Receipts and Billing Controls

  1. Use a centralized receipting location (when possible)
  2. Assign each cash drawer to a separate person; require daily reconciliation to receipts; require second person review
  3. Deposit cash timely (preferably daily); require the composition of cash and checks to be listed on each deposit ticket (to help prevent check-for-cash substitution)
  4. Immediately issue a receipt for each payment received; a duplicate of the receipt or electronic record of the receipt is to be retained by the government
  5. A supervisor should review receipting-personnel adjustments made to accounts receivable
  6. Do not allow the cashing of personal checks (e.g., from cash drawers)

Cash Payments and Purchasing Controls

  1. Guard all check stock (as though it were cash)
  2. Do not allow hand-drawn checks; only issue checks through the computerized system; if hand-drawn checks are issued, have a second person create and post the related journal entry
  3. Do not allow the signing of blank checks
  4. Limit check signing authorization to as few people as possible
  5. Require two employees to effectuate each wire transfer
  6. Persons who authorize wire transfers should not make related accounting entries
  7. Require a documented bidding process for larger purchases (and sealed bids for significant purchases or contracts); specify procedures for evaluating and awarding contracts.
  8. Limit the number of credit cards and the chargeable maximum amount on each card
  9. Allow only one person to use an individual credit card; require receipts for all purchases
  10. Require a street address and social security or tax I.D. numbers for each vendor added to accounts payable vendor list (P.O. box numbers without a street address should not be accepted)
  11. Signed vendor checks should not be returned to those who authorized the payment; mail checks directly to vendors
  12. Compare payroll addresses with vendor addresses for potential fictitious vendors (usually done with electronic audit tools such as IDEA or ACL)

Payroll Controls

  1. Provide a departmental overtime budget/expense report to governing body or relevant committee
  2. Use direct deposit for payroll checks
  3. Payroll rates keyed into the payroll system must be supported by proper authorization in the employee personnel file
  4. Immediately remove terminated employees from the payroll system
  5. Use biometric time clocks to eliminate buddy-punching
  6. Check for duplicate direct-deposit bank account numbers
  7. A department head should provide written authorization for overtime prior to payment

Your Recommendations

What additional controls do you recommend? Share your thoughts below.

Local Government Fraud Prevention
Nov 30

The Little Book of Local Government Fraud Prevention

By Charles Hall | Fraud , Local Governments

Do you desire to fight fraud in governments? Or maybe you are just curious about how fraudsters get away with their wily schemes. See my book The Little Book of Local Government Fraud Prevention. You can purchase it on Amazon as a paperback. Also, the ebook is available as a Kindle download.

Local Government Fraud Prevention

Fraud occurs in local governments in a multitude of ways, yet many cities, counties, school systems, authorities, and other public entities are ill-prepared to prevent or detect its occurrence. Why is this so? Some governments place too much reliance on annual audits as a cure-all, but clean audit opinions don’t mean that fraud is not occurring. And some governments fail to understand how vulnerable they are–until it’s too late.

Why is local government fraud so common? Many small governments don’t have a sufficient number of employees to segregate accounting duties. It is also these smaller governments that place too much trust in their accounting personnel. This combination of a lack of segregation of duties and too much trust in key employees often leads to significant losses from theft.

The Little Book of Local Government Fraud Prevention provides several real-life stories of fraud. The stories will inform you about how local government employees steal. Then I provide you with prevention techniques to assist you in mitigating fraud risks. In one story, for example, the book shows how a single municipal employee stole over $53 million dollars, all from a city of just 16,000 citizens.

If you audit governments, you will find this book helpful in pinpointing common areas where governmental fraud occurs. The book also includes fraud audit checklists and fraud detection procedures. Whether you are an internal or external auditor, you will find fresh ideas for prevention and detection.

The Little Book of Local Government Fraud Prevention will assist you if you are a:

1. Local government accounting employee
2. Local government elected official
3. Local government auditor
4. Local government attorney
5. Certified Public Accountant
6. Certified Fraud Examiner

Even if you don’t work with governments, you’ll find this book useful. I provide fraud prevention steps for transaction cycles such as billing and collections, payables and expenses, payroll, and capital assets.

Together we can bring down the risk of fraud and corruption in our local governments. Come join the team. We’ll all be better for it.

If you don’t desire to spend money on the book, here’s a free list of controls.

Feb 15

Findings from Peer Reviews of Governmental Engagements

By Charles Hall | Accounting and Auditing , Local Governments

The AICPA has identified governmental engagements as a high-risk area. While governmental accounting is complex, the addition of Yellow Book and Single Audit standards (when applicable) make these engagements even more challenging.

I recall in the pre-GASB 34 days reviewing physical ledger sheets that contained all of the transactions for a local government. There were no Yellow Book or Single Audit requirements. Those idyllic days of simplicity are gone, and the complexity of governmental audits has increased a hundred-fold.

Governmental regulators have complained that CPAs are not performing these audits in conformity with professional standards. In addition, these regulators are saying that the present peer review process is not identifying non-conforming engagements.

Picture is courtesy of DollarPhotoClub.com

Picture is courtesy of DollarPhotoClub.com

AICPA’s Testing of Peer Review Process

In response to these concerns–and those related to other high-risk areas such as benefit plans–the AICPA performed enhanced oversights to gauge how well peer reviewers are performing.

Here are some of the key takeaways from the oversights performed on that initial sample of engagements:

  • Approximately 40 percent of the engagements selected as part of this pilot program were identified as non-conforming with the applicable professional standards by the industry experts.
  • The peer reviewers on these engagements had identified only around one out of ten as non-conforming.
  • Over the 2012 to 2014 peer review cycle, 8 percent of the must-select engagements reviewed were identified as non-conforming by their reviewers.

Peer review statistics related to governmental engagements reflect similar dynamics:

  • Significantly more GAGAS/single audit engagements were determined to be non-conforming by the oversighters and were not recognized as being non-conforming by the peer reviewers. There was an approximate 40 percent nonconforming rate for oversights of governmental engagements while none of these engagements were identified as nonconforming by the peer reviewers.

Governmental Engagement Deficiencies

The enhanced oversights identified the following governmental engagement deficiencies (many of these are related to Yellow Book and Single Audit):

  • Compliance requirements documented as applicable, but no testing performed for the compliance requirement
  • A lack of testing of internal controls over direct and material compliance requirements
  • A lack of documentation of management’s skills, knowledge, and experience to effectively oversee nonaudit services performed by the auditor
  • A lack of documentation or incomplete documentation related to the risk assessment of type A or type B programs
  • A lack of documentation supporting the assessment that compliance requirements were not applicable for the identified major programs
  • A lack of documentation showing the consideration of fraud risk regarding noncompliance for major programs
  • A lack of documentation of the internal control assessment over the preparation of the Schedule of Federal Awards (SEFA)
  • The Schedule of Findings and Questioned Costs missing required elements
  • Financial statements presented under GAAP instead of GASB
  • No materiality calculation on opinion units
  • A lack of documentation detailing the risk of management override of controls.
  • A lack of documentation to support the client’s designation as a low-risk auditee
  • Type A programs that were designated as low risk when they did not meet all of the requirements
  • An auditor’s report on internal control that did not include all required elements
  • The report on compliance with requirements applicable to each major program and internal controls over compliance that did not contain all of the required elements
  • A data collection form that did not properly summarize the auditor’s results
  • A calculation of amounts tested as major programs that was incorrect
  • The omission of a federal program from a cluster that should have been included when testing major programs

Increased Scrutiny

Expect increased peer review scrutiny of governmental engagements in peer reviews.

The CPA community must take these concerns seriously. If we don’t, we may end up with a complete change of the present peer review process. Without positive improvement, CPA firms could, one day, be reviewed by governmental regulators — think IRS audits. It is imperative that we self-regulate in an effective manner.

Oct 17

Trick or Treat? GASB 68: The Governmental Pension Standard

By Charles Hall | Accounting and Auditing , Local Governments

GASB 68 (Accounting and Financial Reporting for Pensions) has eaten GASB 27–RIP.

The magic date when the Great Pumpkin–the net pension liability–will rise out of the footnotes and land on the statement of net position is quickly approaching (year-ends of June 30, 2015). Instead of saying, “It’s the Great Pumpkin Charlie Brown!” we’ll be saying, “It’s the Great Debt Charlie Brown!” ARRG.

Courtesy of iStockphoto.com

Courtesy of iStockphoto.com

GASB 27 was a kind spook, allowing governments to bury pension liabilities in the notes. As long as public entities paid the “annually required contribution–ARC,” no liabilities were recognized on the statement of net position. But this is all changing. We have a new beast: the net pension liability–NPL, which will be recognized on the statement of net position. And, of course, as liabilities increase, equities (net positions) decrease. One saving grace: modified accrual accounting; governmental funds will not record the NPL, but the pension liability will appear on full accrual statements (i.e., government-wide statements and enterprise funds).

Under GASB 27, the ARC was treated as the funding amount. No longer. GASB 68 divorces funding from the pension expense.

So what is net pension liability?

It is the portion of the present value of projected benefit payments to be provided through the pension plan to current active and inactive employees that is attributed to those employees’ past periods of service, less the amount of the pension plan’s fiduciary net position.

In simple terms, it’s the computed debt less assets set aside for future payments.

What journal entry will be made to record the NPL?

Initial Entry to Record Pension Liability

AccountDr.Cr.
Net Position (Equity)XXXX
Net Pension LiabilityXXXX

Additionally, if the government previously recorded a net pension obligation (the result of the ARC not being paid), then this liability will also be removed (debited) as you record the NPL.

More Volatility

Governments will experience more volatility in their pension expenses since smoothing techniques are no longer used. Keep in mind that funding can (and I expect will be) fairly level. The pension expense is not intended to establish funding amounts. As a consequence, cash paid to fund the pension plan may remain fairly stable while the pension expense swings widely. Changes in the market value of pension plan investments will be felt more abruptly as they impact pension expense.

Changes Included in Current Pension Expense

Statement 68 requires that most changes in the net pension liability be included in pension expense in the period of the change. For example, changes in the total pension liability resulting from current-period service cost, interest on the total pension liability, and changes of benefit terms are required to be included in pension expense immediately. Projected earnings on the pension plan’s investments also are required to be included in the determination of pension expense immediately.

Changes Included in Current and Future Pension Expense

The effects of certain other changes in the net pension liability are required to be included in pension expense over the current and future periods. Changes in the net pension liability not included in pension expense are required to be reported as deferred outflows of resources or deferred inflows of resources related to pensions.

The effects on the total pension liability of (1) changes of economic and demographic assumptions or of other inputs and (2) differences between expected and actual experience are required to be included in pension expense in a systematic and rational manner over a closed period equal to the average of the expected remaining service lives of all employees that are provided with benefits through the pension plan (active employees and inactive employees), beginning with the current period.

The effect on the net pension liability of differences between the projected earnings on pension plan investments and actual experience with regard to those earnings is required to be included in pension expense in a systematic and rational manner over a closed period of five years, beginning with the current period.

Trick or Treat

When Charlie Brown would go Trick or Treating, he’d say, “I got a rock.” Governments, after knocking on the GASB 68 door, may feel the same way. Those entities that have not properly funded their pension plans will see sizable hits to their net position. Worse yet, a poorly funded plan is required to use a lower discount rate which increases the net pension liability.

If your government has debt covenants, it would be wise to consider the potential effects of these changes now.

OCBOA Financial statements
Jan 05

OCBOA Governmental Financial Statements

By Charles Hall | Accounting and Auditing , Local Governments

The AICPA recently provided a webcast titled: The New AICPA OCBOA Publications: What They Are and How They Apply to Governments and Not-for-Profits Using Cash, Modified Cash, and Regulatory Frameworks.

I was surprised to see the number of governments that present financial statements in accordance with an other comprehensive basis of accounting (OCBOA). The webcast did not provide an exact percentage of governments using OCBOA, but it looks like you can easily conclude that over 33% of governments use OCBOA. 

OCBOA Financial statements

Why Issue OCBOA Financial Statements?

As I said in my prior OCBOA post, the short answer is: Cost. If you’ve created GAAP basis governmental financial statements, you know how complicated these statements are. OCBOA statements—whether cash basis, modified cash basis or tax basis—are simpler to create. 

Many governments require GAAP basis statements so make sure, before making any changes, that OCBOA statements are permissible in your locale.

Modified Cash Basis of Accounting

The modified cash basis is the pure cash basis with modifications having substantial support. (A pure cash basis of accounting would reflect only cash inflows and outflows with beginning and ending cash.)

A common modification to the cash basis is the capitalization of assets purchased and recognition of depreciation over estimated useful lives. Though using the modified cash basis, impaired capital assets may also be written down. In addition, the related long-term debt would normally also be recorded. 

Another common modification is the deferral of revenue recognition for governments receiving cash that will be used in future periods; the deferral would be shown as a liability.

OCBOA Presentation Issues

GAAP basis governmental financial statements reflect government-wide and fund-level presentations. OCBOA statements will normally include the same type of presentation – government-wide and fund-level statements – though you are using different recognition criteria. A general rule for OCBOA statements is: follow GAAP guidelines where you can; this includes disclosures (though the notes are amended in accordance with the framework used).

While not required for OCBOA statements, you may include supplementary information.

Required supplementary information (RSI) is not required under the modified cash basis, but can be provided; if provided, the information is not considered RSI but supplementary information or additional information. RSI can only be “required” by GAAP.

While certain disclosures are not required in OCBOA statements (e.g., fair value of investments or the funded status of a defined benefit plan), such information can be provided in the notes. 

Use of the AICPA Financial Reporting Framework for Small- and Medium-Sized Entities 

Governments should not use the AICPA small- and medium-sized entity framework.

Updated AICPA Guidance

If you are issuing governmental OCBOA statements, I strongly recommend that you purchase the AICPA’s updated book: Applying OCBOA in State and Local Governmental Financial Statements. Mike Crawford and Mike Glynn have done a fine job in preparing this publication.

>