For full functionality of this site it is necessary to enable JavaScript. Here are the instructions how to enable JavaScript in your web browser.

CPE for Government Auditors

Pulling It All Together

What’s the matter with the crowd I’m seeing?
“Don’t you know that they’re out of touch?”
Should I try to be a straight-A student?
“If you are then you think too much.
Don’t you know about the new fashion, honey?
All you need are looks and a whole lot of money?”
It’s the next phase, new wave, dance craze, anyways
It’s still rock and roll to me.
Everybody’s talkin’ ‘bout the new sound
Funny, but it’s still rock and roll to me.
It’s Still Rock and Roll to Me, Billy Joel

Objectives:

  • Sequence the steps of developing an internal control structure

Whew!  You made it. We are in the last chapter! Congrats, you have held on through a long case study and a complicated model.

In this final chapter, we are taking another look at the steps of creating a control structure from scratch which will also serve as a review of this text. I will quote various excerpts from the Green Book as I go.  Also, we will address what happens when auditors visit to evaluate your controls.

Steps of developing controls

As I see it, the steps of developing controls are as follows:

1.Choose a subject matter

Maybe you have been asked to develop controls for a whole organization or just a segment of an organization.  In either case, you will benefit from breaking your subject matter down into smaller more defined segments because it is easier to imagine controls for something specific than to imagine controls for something broad.

For instance, if I asked you to control the University of Michigan, you would probably walk out the door never to come back!  But if I asked you to control student financial aid at the University of Michigan, you would feel better.  If I asked you to set up controls to make sure that student financial aid at the University of Michigan is distributed on time, you’d feel super because that is very doable!

The side of the COSO cube prompts us to break the subject matter down into segments.  In the COSO and Green Book literature, the side of the cube is dubbed the ’levels of organizational structure.’  I think of it instead as ‘what’ you are planning to control.

2. Focus on what is risky

Now that you have broken the organization up into segments, you can hone in on the segments that are the most likely to cause trouble.

Risk assessment is the second control component on the face of COSO model, but it is, in practice, the first component you consider when establishing controls.

For each piece, you ask four questions:

  1. What could go wrong?
  2. So what?
  3. How big of a deal is the ‘so what?’
  4. How likely are things to go wrong?

Here are the terms the Green Book uses for all of these questions:

  1. What could go wrong? The Green Book calls the answer to this question ‘identified risks.’
  2. So what?  The Green Book calls this ‘significance.’
  3. How big a deal is the so what?  The Green Book calls this ‘magnitude.’
  4. How likely are things to go wrong?  The Green book calls this ‘likelihood.’

From the Green Book:

7.05 Management analyzes the identified risks to estimate their significance, which provides a basis for responding to the risks. Significance refers to the effect on achieving a defined objective. 

7.06 Management estimates the significance of the identified risks to assess their effect on achieving the defined objectives at both the entity and transaction levels. Management estimates the significance of a risk by considering the magnitude of impact, likelihood of occurrence, and nature of the risk. Magnitude of impact refers to the likely magnitude of deficiency that could result from the risk and is affected by factors such as the size, pace, and duration of the risk’s impact. Likelihood of occurrence refers to the level of possibility that a risk will occur. The nature of the risk involves factors such as the degree of subjectivity involved with the risk and whether the risk arises from fraud or from complex or unusual transactions. The oversight body may oversee management’s estimates of significance so that risk tolerances have been properly defined. 

3. Decide if you want to tolerate the risk

When you are confronted with a risk, you have four choices of how to handle it:  you can accept it and live with the possible consequences, you can avoid it by not doing the activity, you can mitigate it by layering on controls or you can ask someone else to take on responsibility for it.

If you choose to keep on doing or to tolerate the activity that causes the risk, but you’d rather not suffer from this choice, you will proceed through the rest of the steps laid out here to help you create the controls to mitigate the risk.  Mitigate is a fancy word for ‘reduce.’

From the Green Book:

7.08 Management designs responses to the analyzed risks so that risks are within the defined risk tolerance for the defined objective. Management designs overall risk responses for the analyzed risks based on the significance of the risk and defined risk tolerance. These risk responses may include the following: 

  • Acceptance - No action is taken to respond to the risk based on the insignificance of the risk. 
  • Avoidance - Action is taken to stop the operational process or the part of the operational process causing the risk. 
  • Reduction - Action is taken to reduce the likelihood or magnitude of the risk. 
  • Sharing - Action is taken to transfer or share risks across the entity or with external parties, such as insuring against losses. 
8.06 Management analyzes and responds to identified fraud risks so that they are effectively mitigated. Fraud risks are analyzed through the same risk analysis process performed for all identified risks…


4. Come up with a control objective

In order to focus your efforts and make sure that everyone is clear about what you are working toward, the Green Book recommends you come up with a clear control objective.

The Green Book talks about objectives in two layers.  In one layer, they ask you to consider ‘why’ you want to control something.   Is it because you are concerned about operations, compliance or reporting? The GAO calls these ‘categories of objectives’ and they are listed on the top of the cube.
Description: Macintosh HD:Users:Leita:Dropbox:+TOPICS:controls:coso model picture:Slide1.jpg

OV1.01 Internal control is a process effected by an entity’s oversight body, management, and other personnel that provides reasonable assurance that the objectives of an entity will be achieved (see fig. 2). These objectives and related risks can be broadly classified into one or more of the following three categories: 

  • Operations - Effectiveness and efficiency of operations 
  • Reporting - Reliability of reporting for internal and external use 
  • Compliance - Compliance with applicable laws and regulations 

OV1.02 These are distinct but overlapping categories. A particular objective can fall under more than one category, can address different needs, and may be the direct responsibility of different individuals. 
Operations Objectives 

OV2.19 Operations objectives relate to program operations that achieve an entity’s mission. An entity’s mission may be defined in a strategic plan. Such plans set the goals and objectives for an entity along with the effective and efficient operations necessary to fulfill those objectives. Effective operations produce the intended results from operational processes, while efficient operations do so in a manner that minimizes the waste of resources. 

OV2.20 Management can set, from the objectives, related subobjectives for units within the organizational structure. By linking objectives throughout the entity to the mission, management improves the effectiveness and efficiency of program operations in achieving the mission. 

Reporting Objectives 

OV2.21 Reporting objectives relate to the preparation of reports for use by the entity, its stakeholders, or other external parties. Reporting objectives may be grouped further into the following subcategories: 

  • External financial reporting objectives - Objectives related to the release of the entity’s financial performance in accordance with professional standards, applicable laws and regulations, as well as expectations of stakeholders. 
  • External nonfinancial reporting objectives - Objectives related to the release of nonfinancial information in accordance with appropriate standards, applicable laws and regulations, as well as expectations of stakeholders. 
  • Internal financial reporting objectives and nonfinancial reporting objectives - Objectives related to gathering and communicating information needed by management to support decision making and evaluation of the entity’s performance. 

Compliance Objectives

OV2.22 In the government sector, objectives related to compliance with applicable laws and regulations are very significant. Laws and regulations often prescribe a government entity’s objectives, structure, methods to achieve objectives, and reporting of performance relative to achieving objectives. Management considers objectives in the category of compliance comprehensively for the entity and determines what controls are necessary to design, implement, and operate for the entity to achieve these objectives effectively. 

OV2.23 Management conducts activities in accordance with applicable laws and regulations. As part of specifying compliance objectives, the entity determines which laws and regulations apply to the entity. Management is expected to set objectives that incorporate these requirements. Some entities may set objectives to a higher level of performance than established by laws and regulations. In setting those objectives, management is able to exercise discretion relative to the performance of the entity. 

But later in the book, the GAO drills down into the categories and describes the need for a specific, customized control objective.

6.02 Management defines objectives in specific and measurable terms to enable the design of internal control for related risks. Specific terms are fully and clearly set forth so they can be easily understood. Measurable terms allow for the assessment of performance toward achieving objectives. Objectives are initially set as part of the objective-setting process and then refined as they are incorporated into the internal control system when management uses them to establish the control environment. 

6.03 Management defines objectives in specific terms so they are understood at all levels of the entity. This involves clearly defining what is to be achieved, who is to achieve it, how it will be achieved, and the time frames for achievement. All objectives can be broadly classified into one or more of three categories: operations, reporting, or compliance. Reporting objectives are further categorized as being either internal or external and financial or nonfinancial. Management defines objectives in alignment with the organization’s mission, strategic plan, and performance goals. 

6.04 Management defines objectives in measurable terms so that performance toward achieving those objectives can be assessed. Measurable objectives are generally free of bias and do not require subjective judgments to dominate their measurement. Measurable objectives are also stated in a quantitative or qualitative form that permits reasonably consistent measurement. 

Our objective was, “Do controls deter the coach from using his purchasing card for personal purchases as defined by Grace School District Policy #C7.459?”

5. Compare the baseline to the ideal

Now it is time to talk to managers and find out if there are any existing controls in place.  This will be your baseline of controls.

16.02 Management establishes a baseline to monitor the internal control system. The baseline is the current state of the internal control system compared against management’s design of the internal control system. The baseline represents the difference between the criteria of the design of the internal control system and condition of the internal control system at a specific point in time. In other words, the baseline consists of issues and deficiencies identified in an entity’s internal control system. 

16.03 Once established, management can use the baseline as criteria in evaluating the internal control system and make changes to reduce the difference between the criteria and condition. Management reduces this difference in one of two ways. Management either changes the design of the internal control system to better address the objectives and risks of the entity or improves the operating effectiveness of the internal control system. As part of monitoring, management determines when to revise the baseline to reflect changes in the internal control system. 

Next, you will compare the baseline to the ideal:  the list of 17 principles.  When management has not already addressed a principle with a control or two, then you will need to design a control for that principle.  Remember, in order to judge a control system as effective, all five components and the underlying 17 principles should be in place!

OV3.03 To determine if an internal control system is effective, management assesses the design, implementation, and operating effectiveness of the five components and 17 principles. If a principle or component is not effective, or the components are not operating together in an integrated manner, then an internal control system cannot be effective. 

Appendix I: The 17 principles support the effective design, implementation, and operation of the associated components and represent requirements necessary to establish an effective internal control system. The 17 principle requirements of the Green Book are as follows: 

  1. The oversight body and management should demonstrate a commitment to integrity and ethical values. 
  2. The oversight body should oversee the entity’s internal control system. 
  3. Management should establish an organizational structure, assign responsibility, and delegate authority to achieve the entity’s objectives. 
  4. Management should demonstrate a commitment to recruit, develop, and retain competent individuals. 
  5. Management should evaluate performance and hold individuals accountable for their internal control responsibilities. 
  6. Management should define objectives clearly to enable the identification of risks and define risk tolerances. 
  7. Management should identify, analyze, and respond to risks related to achieving the defined objectives. 
  8. Management should consider the potential for fraud when identifying, analyzing, and responding to risks. 
  9. Management should identify, analyze, and respond to significant changes that could impact the internal control system. 
  10. Management should design control activities to achieve objectives and respond to risks. 
  11. Management should design the entity’s information system and related control activities to achieve objectives and respond to risks. 
  12. Management should implement control activities through policies. 
  13. Management should use quality information to achieve the entity’s objectives. 
  14. Management should internally communicate the necessary quality information to achieve the entity’s objectives. 
  15. Management should externally communicate the necessary quality information to achieve the entity’s objectives. 
  16. Management should establish and operate monitoring activities to monitor the internal control system and evaluate the results. 
  17. Management should remediate identified internal control deficiencies on a timely basis. 

6. Consider cost 

Before you run out and implement all of the controls you designed in the last step, stop and think about how much each of the controls is going to cost you.  Do you need to invest in technology to make the control work?  Or do you need to beef up your staff?  Also, consider whether the new controls will slow down processes and frustrate employees, suppliers and customers.  Excessive controls are also known as ‘red tape’ and ‘burdensome bureaucracy!’

OV4.07 Management may decide how an entity evaluates the costs versus benefits of various approaches to implementing an effective internal control system. However, cost alone is not an acceptable reason to avoid implementing internal controls. Management is responsible for meeting internal control objectives. The costs versus benefits considerations support management’s ability to effectively design, implement, and operate an internal control system that balances the allocation of resources in relation to the areas of greatest risk, complexity, or other factors relevant to achieving the entity’s objectives. 

7. Does it prevent, detect or correct?

Again, before you proceed with the hard work of implementing the controls you designed, take some time to evaluate whether each control is preventative, corrective, or detective.  Detective controls are nice, but stopping the risk before it happens would be better than cleaning up the mess after it happens. This is especially true when it comes to unacceptable risks such as death and injury.  Make sure you have a good mix of all three types of controls with a preponderance of preventative controls.

8. Document

At this point, you are working with a large volume of information.  Just in case you get a little overwhelmed and forgetful, you’d better write down everything you have worked on so far.  The GAO is pretty firm about documentation:

OV4.08 Documentation is a necessary part of an effective internal control system. The level and nature of documentation vary based on the size of the entity and the complexity of the operational processes the entity performs. Management uses judgment in determining the extent of documentation that is needed. Documentation is required for the effective design, implementation, and operating effectiveness of an entity’s internal control system. The Green Book includes minimum documentation requirements as follows: 

  • If management determines that a principle is not relevant, management supports that determination with documentation that includes the rationale of how, in the absence of that principle, the associated component could be designed, implemented, and operated effectively. (paragraph OV2.06) 
  • Management develops and maintains documentation of its internal control system. (paragraph 3.09) 
  • Management documents in policies the internal control responsibilities of the organization. (paragraph 12.02) 
  • Management evaluates and documents the results of ongoing monitoring and separate evaluations to identify internal control issues. (paragraph 16.09) 
  • Management evaluates and documents internal control issues and determines appropriate corrective actions for internal control deficiencies on a timely basis. (paragraph 17.05) 
  • Management completes and documents corrective actions to remediate internal control deficiencies on a timely basis. (paragraph 17.06) 

OV4.09 These requirements represent the minimum level of documentation in an entity’s internal control system. Management exercises judgment in determining what additional documentation may be necessary for an effective internal control system. If management identifies deficiencies in achieving these documentation requirements, the effect of the identified deficiencies is considered as part of management’s summary determination as to whether the related principle is designed, implemented, and operating effectively. 

9. Evaluate the design vs. operation

Once you have organized your thoughts and chosen controls for all five components and the 17 principles, someone has to put them into action.  That could take a while.  As usual, it is best to be patient and thorough instead of agitated and spotty.  Ha.  Agitated and spotty is a great title for a teen romance novel!

The GAO takes pains to mention the difference between the design of a control and the implementation of a control in over a dozen places in the Green Book.  Here are a few quotes:

OV2.13 Internal control is a dynamic, iterative, and integrated process in which components impact the design, implementation, and operating effectiveness of each other. No two entities will have an identical internal control system because of differences in factors such as mission, regulatory environment, strategic plan, entity size, risk tolerance, and information technology, and the judgment needed in responding to these differing factors. 

OV3.05 When evaluating design of internal control, management determines if controls individually and in combination with other controls are capable of achieving an objective and addressing related risks. When evaluating implementation, management determines if the control exists and if the entity has placed the control into operation. A control cannot be effectively implemented if it was not effectively designed. A deficiency in design exists when (1) a control necessary to meet a control objective is missing or (2) an existing control is not properly designed so that even if the control operates as designed, the control objective would not be met. A deficiency in implementation exists when a properly designed control is not implemented correctly in the internal control system. 

10. Evaluate whether you can declare your controls effective!

Sorry to say that your work isn’t done when you finish designing, documenting and implementing controls.  True to the monitoring component of the COSO model, you can’t just set things up and forget them.  You need to come back and evaluate whether everything you have set up is working, correct any unintended consequences of your efforts, improve controls and start the cycle all over again.

OV3.03 To determine if an internal control system is effective, management assesses the design, implementation, and operating effectiveness of the five components and 17 principles. If a principle or component is not effective, or the components are not operating together in an integrated manner, then an internal control system cannot be effective. 

This is a great place to introduce auditors back into our conversation because they may be able to help you ensure that the controls you designed are functioning properly.  That is what we will do in our next newsletter.

Defining Corruption per the CFE’s Fraud Tree

More in the series on getting to know the fraud tree better.  To get a better sense of where we are on the fraud tree and which branch we are talking about in this newsletter,  please see the entire fraud tree at http://www.acfe.com/fraud-tree.aspx.

Objectives: 

  • Distinguish between the four major types of corruption and their subcategories

Corruption is the broad title for any behavior on the part of a person in a position of authority to further her own interests, forgetting her responsibilities to the people she serves.  In other words, corruption is when a powerful person acts selfish and greedy. This bad stuff has been going on since the beginning of time!  Was the apple offered by the serpent in the Garden of Eden a bribe?

Corrupt in the dictionary is defined as, “The act of corrupting or making putrid, or state of being corrupt or putrid; decomposition or disorganization, in the process of putrefaction” or “The act of corrupting or of impairing integrity, virtue, or moral principle; the state of being corrupted or debased; loss of purity or integrity; depravity; wickedness; impurity; bribery.”

Corruption is when a fraudster uses his influence in a business transaction to procure some benefit for himself or another person contrary to his duty to his employer (in our case, the citizen or taxpayer) or the rights of another.

For those of you who already work in the government environment, you will appreciate the references that follow.  For the rest of you, put on your red or blue taxpayer hat, this is going to get political!

When a public servant is corrupt, she forgets her duty to serve the public, as the GAO’s Yellow Book calls us to do, and instead serves herself.

2.07     A distinguishing mark of an auditor is acceptance of responsibility to serve the public interest.

Have you seen the corruption index?  A group called Transparency International ranks the corruption of the world’s countries on its website: http://www.transparency.org/policy_research/surveys_indices/cpi/2010/results.  America is ranked #22. Denmark is ranked number one as the least corrupt country?

The Association of Certified Fraud Examiners has divided the corruption section of the fraud tree into four parts:

  1. Conflicts of interest
  2. Bribery
  3. Illegal gratuities
  4. Extortion

3-9-1 Conflicts of Interest

Conflicts of interest arise when a fiduciary, agent, or employee does not act in good faith, with full disclosure, in the best interest of the principal but instead is serving other interests.

Conflicts of interest occur when persons in power have interests outside of their job and sway their decisions to benefit these interests.

In auditing, a conflict of interest threatens your independence and objectivity. The Yellow Book reminds you to stay clean and avoid corruption:

3.07     Auditors participating on an audit assignment must be free from personal impairments to independence. Personal impairments of auditors result from relationships or beliefs that might cause auditors to limit the extent of the inquiry, limit disclosure, or weaken or slant audit findings in any way.

In a small town, conflict of interest is a constant threat.  If you know everyone in town, how do you keep your objectivity?

The mayor of the City of Brandon says he was not in a conflict of interest when he voted along with City Council to allow a local developer to purchase $812,000 in land from the city.  This local developer was one of the mayor’s campaign volunteers.

“I don’t gain personally from anything to do with the applicant or any of the other applicants as well,” he told the Sun. “Of the five applicants (for the land), I know every single one of them.”

The Municipal Council Conflict of Interest Act states that a conflict of interest exists where a person stands to either directly or indirectly financially benefit from a decision of council.1

3-9-1A Purchases Schemes

Purchasing professionals have a lot of power that may go unchecked.  When I work for a government entity, they usually make me jump through hoop after hoop after hoop to prove that they were objective in their choice, although usually we both know that I am their first choice.

I frequently get requests for bids from governments with which I have no relationship.  But, I know they are usually just going through the motions.  I am not going to waste my time bidding on a job that I know someone else has locked in. And, unfortunately, a lot of people’s time is wasted in the process, especially when the bidding documents are 20 pages long!  But looks can be everything when it comes to purchasing. Is this the ideal?  No. True? Yes.

State criminal investigators are looking at efforts by the Oregon Department of Energy to steer federal money to a company run by the Governor of Oregon’s girlfriend after her firm lost the bid on a state contract. The winner of the bid was encouraged by the Department of Energy to include the girlfriend in the contract. The girlfriend was eventually employed as a subcontractor.  Three Energy Department officials happened to be on leave during the investigation.2

3-9-1B Sales Schemes

If you watch Fox News, you are familiar with Goldline Commercials.  In mid-2010, Congress formally opened an investigation of Goldline following an exposé on ABC News which detailed Goldline’s business model.3

Goldline employs several conservative pundits including Glenn Beck, Mike Huckabee, Laura Ingraham, and Fred Thompson to sell gold coins on the air. By feeding public fears during the recession, conservative pundits encourage their listeners to invest in gold.

Glenn Beck, for example, has dedicated entire segments of his program to explaining why the U.S. money supply is destined for hyperinflation with Barack Obama as president. He often promotes the purchase of gold as the only safe investment alternative for consumers who want to safeguard their livelihoods. When the show cuts to commercial break, viewers are treated to an advertisement from Goldline.

Goldline marks up its coins an average of 90% over the melt value of the coin.  The largest markup on any coin was 208% above the melt value. By selling gold at twice the melt value, the price of gold would need to double for consumers to break even on their “investment.” However, since Goldline is not licensed as an investment advisor, they have no responsibility to advise their clients.

Paul Harvey, the radio newsman whom my grandmother listened to on country radio, used to use a similar sales scheme. He’d talk about a snowstorm in Montana and, before you know it, you were being pitched some sort of miracle skin lotion. He was smooth. But I remember all of his ads as being relatively benign and for products that cost under $100.  I could be wrong.

3-9-1C Other Schemes

Wouldn’t it be great to create the rules you later have to follow?  Should consultants on government contracts draft the rules regarding those contracts?

Science Applications International Corporation served as an advisor to the Nuclear Regulator Commission to develop rules for recycling radioactive materials released from nuclear facilities.  At the same time, they entered into a partnership with another corporation, British Nuclear Fuels, to perform the recycling.

In a 2008 decision, a federal jury concluded that the firm’s executives knowingly concealed business interests that stood to benefit from its consulting role at the NRC. It found that SAIC had made 17 false statements and 60 false claims under the Federal False Claims Act.4

That story reminds me of a friend of mine who ran an internal audit shop at a state agency.  She hired an experienced CPA from inside the agency as a senior auditor.  Not until after she hired her and tried to assign her to projects did she realize her mistake.

The CPA had worked for the agency for five years in a variety of capacities. She was also married to one of the division directors and socialized with most of the others.  She was useless as an auditor because she was not independent of the audit subjects. Interestingly enough, my friend became a director of one of the divisions, and the administration decided to promote the less-than-objective CPA to director of audit.  Hmm.

3-9-2 Bribery

Bribery is when a person pays an official to make a decision in his favor.  The person in need offers or gives something of value to influence the action of an official in the discharge of his public duties.

Contractors for the federal government frequently appear in the news for bribing federal officials in hopes of landing lucrative contracts.

What follows is a portion of a press release from the
Department of Justice regarding one of our honorable congressmen:

Former Congressman William J. Jefferson Convicted of Bribery, Racketeering, Money Laundering, and Other Related Charges5In August, 2009, after a month of testimony in a federal court, a jury found former Congressman William J. Jefferson guilty on 11 charged counts, including solicitation of bribes, honest services wire fraud, money laundering, racketeering, and conspiracy.“We have been reminded today that we are a nation of laws, and not men,” said Dana J. Boente, U.S. Attorney for the Eastern District of Virginia. “It should be a clear signal that no public official – and certainly not a U.S. Congressman – can put their office up for sale and betray that office. It cannot be tolerated. It cannot just be another cost of doing business. And today, a jury of his peers held Congressman Jefferson accountable for his actions.”

“Trust and integrity in public officials is at the heart of our democracy,” said Joseph Persichini Jr., Assistant Director of the Washington Field Office of the FBI. “What a better way to ensure those virtues, than to expose those who breach that trust.”

According to evidence at trial, from August 2000 to August 2005 Jefferson used his position as an elected member of the U.S. House of Representatives to corruptly seek, solicit and direct that things of value be paid to himself and his family members in exchange for his performance of official acts to advance the interests of people and businesses who offered him the bribes. The things of value, according to evidence at trial, included hundreds of thousands of dollars worth of bribes in the form of payments from monthly fees or retainers, consulting fees, percentage shares of revenues and profits, flat fees for items sold, and stock ownership in the companies seeking his official assistance.

Evidence at trial showed that Jefferson performed a wide range of official acts in return for things of value, including leading official business delegations to Africa, corresponding with U.S. and foreign government officials, and utilizing congressional staff members to promote businesses and businesspersons. The business ventures that Jefferson sought to promote included telecommunications deals in Nigeria, Ghana, and elsewhere; oil concessions in Equatorial Guinea; satellite transmission contracts in Botswana, Equatorial Guinea and the Republic of Congo; and development of different plants and facilities in Nigeria.

Siemens pays huge fine
In 2008, the German engineering conglomerate Siemens paid an $800 million dollar fine to the Securities and Exchange Commission and the Department of Justice for widespread bribery of government officials. Among the billions authorities accuse Siemens of paying out to government officials is a $2.6 million payout to former Argentinean president Carlos Menem in order to win a bid to manufacture national ID cards for the country. Other allegations include a $55 million bribe to Russian officials for a medical devices contract, and $22 million to China for a metro trains contract.6

Chinese Officials Love Gucci!
Our fascination with China continues. They have really good taste, after all.

China seems to be the fastest growing country in every category, and now we can add fastest growing luxury market to the list.  Gifts to government officials are prohibited in China, but who can resist a Swiss watch?  Especially a $30,000 diamond studded one? It is just one little watch!

Bain & Company, a global consulting firm, estimated luxury sales of $7.6 million in 2008.  Industry experts say gifts to government officials make up close to 50% of that figure.  During the Communist Party meetings in March of 2009, sales of luxury goods in Beijing spiked.

One snobby land confiscation official in Chongqing was sentenced to 13 years in prison for accepting kickbacks.
Chinese officials confiscated 200 pairs of luxury shoes, 100 luxury suits, and a luxury car.  He even had the nerve to tell his female trial lawyer that she needed to polish her low quality shoes. I wonder what sort of shoes they will issue him in prison. Gucci?

China is countering this corruption with talk of creating a national registry to track the assets of government officials. 7

3-9-2A Invoice Kickbacks

Invoice kickbacks cause a client to be overcharged while the vendor and their fraudster friends share in the proceeds!

You wouldn’t steal food from a kid, would you?
What about stealing money that was intended to pay for kids’ lunches? Sodexo, the world’s largest food purchaser, had received rebates from food suppliers that it failed to pass on to the districts.

In order to continue to do business with the state, Sodexo paid a $15M fine to the state of New York for overcharging New York School district cafeterias. The organization also agreed to disclose rebates in writing to clients, establish a hotline for clients and whistleblowers, and pay for an independent audit of their compliance with rebate provisions of their contracts.8

3-9-2B Bid Rigging

Will I ever feel good about banks and Wall Street again?  I don’t think so.  I am afraid our business schools are churning out opportunistic financiers looking for a quick buck!  And unsophisticated governments are easy targets with lots of money.

Local governments beware of big banks offering investments!
Local governments often hire brokers to help them find investment contracts so that the government earns interest on millions of bond proceeds set aside for long-term projects. The U.S. Treasury requires that these contracts be bid on competitively to maintain the tax-exempt status of the proceeds.

Bank of America, however, decided in advance which bank would be the winner of certain contracts. They did their best to cover their tracks.  They occasionally submitted intentionally losing bids so that the bidding would look legitimate. As a result of bid manipulation, the Justice Department said Bank of America won investment contracts at “artificially determined price levels, which deprived municipal issuers of money and property.”  And, as of this writing, the investigation has only just begun.  On June 22, 2012, Moody’s downgraded Bank of America’s public finance obligations.

“This ongoing investigation has helped to expose widespread corruption in the municipal reinvestment industry,” said Robert Khuzami, director of enforcement at the SEC, one of the agencies in the probe. “The conduct was egregious – in return for business, the company repeatedly paid undisclosed gratuitous payments and kickbacks and affirmatively misrepresented that the bidding process was proper.”

As a result, four federal agencies and 20 states received a sweeping $137 million in their settlement with Bank of America for its role in a bid-rigging scheme that ripped off state agencies, cities, towns, and not-for-profits seeking to invest yet unspent bond proceeds.9

Here is a press release from the Department of Justice in a related case.

Former Agent Of Financial Products And Services Company Pleads Guilty For Role In Fraud Conspiracies Involving Proceeds OfMunicipal Bonds10A former agent of a financial products and services company pleaded guilty today for his participation in fraud conspiracies related to contracts for the investment of municipal bond proceeds and other municipal finance contracts, the Department of Justice announced.According to plea proceedings today in U.S. District Court in New York City, Adrian Scott-Jones, a resident of Morriston, Fla., pleaded guilty to participating in two separate fraud conspiracies with companies that provide a type of contract, known as an investment agreement, to public entities throughout the United States, such as state, county and local governments and agencies. These public entities were seeking to invest money from a variety of sources, primarily the proceeds of municipal bonds that they issued to raise money for, among other things, public projects. Scott-Jones also pleaded guilty to one count of wire fraud. According to the plea agreement, Scott-Jones has agreed to cooperate with the ongoing investigation.

The department said in court documents that Scott-Jones’ former company, located in North Palm Beach and Ocala, Fla., marketed financial products and services, including services as a broker or advisor to various public entities that issue municipal bonds. Public entities typically hire a broker to conduct a competitive bidding process for the award of investment agreements. Major financial institutions, including banks, investment banks, insurance companies and financial services companies, are among the providers of investment agreements and other related municipal finance contracts. Competitive bidding for these agreements is the subject of regulations issued by the U.S. Department of the Treasury and is related to the tax-exempt status of the bonds.

According to court documents, Scott-Jones participated in one fraud conspiracy from as early as September 2001 until at least November 2006, and in a second fraud conspiracy from as early as August 1999 until at least November 2006. In each conspiracy, Scott-Jones gave co-conspirator providers information about the prices, price levels or conditions in competitors’ bids, a practice known as a “last look,” which is explicitly prohibited by U.S. Treasury regulations. Scott-Jones also solicited and received intentionally losing bids for certain investment agreements and other municipal finance contracts. As a result of the bid manipulation, the co-conspirator providers won contracts at artificially determined price levels, which deprived municipal issuers of money and property.

The court documents also charge that Scott-Jones and co-conspirators misrepresented to municipal issuers or their bond counsel that the bidding process was in compliance with U.S. Treasury regulations. This caused the municipal issuers to award investment agreements and other municipal finance contracts to providers that otherwise would not have been awarded the contracts if the issuers had true and accurate information regarding the bidding process. Such conduct caused municipal issuers to file inaccurate reports with the Internal Revenue Service (IRS) and thus placed the tax-exempt status of the underlying bonds in jeopardy.

Each of the fraud conspiracies for which Scott-Jones is charged carries a maximum penalty of five years in prison and a $250,000 fine. The wire fraud charge carries a maximum penalty of 20 years in prison and a $250,000 fine. The maximum fines for each of these offenses may be increased to twice the gain derived from the crime or twice the loss suffered by the victims of the crime, if either of those amounts is greater than the statutory maximum fine.

This is the sixth guilty plea to arise from an ongoing investigation into the municipal bonds industry, which is being conducted by the Antitrust Division’s New York Field Office, the FBI and IRS Criminal Investigation. The department is coordinating its investigation with the Securities and Exchange Commission, the Office of the Comptroller of the Currency and the Federal Reserve Bank of New York.

Three former employees of Rubin/Chambers, Dunhill Insurance Services Inc., also known as CDR Financial Products, a Beverly Hills, Calif.-based financial products and services firm that acted as a broker of investment agreements and other municipal finance agreements, have pleaded guilty to bid-rigging and fraud conspiracies in relation to the ongoing investigation. Two other individuals have also pleaded guilty to charges related to the ongoing investigation.

As a result of the ongoing investigation, three former financial services executives were indicted on July 27, 2010, for participating in fraud schemes and conspiracies related to the bidding for investment agreements. In addition, CDR, two of its employees and one former employee were charged in October 2009 for participating in bid-rigging and fraud conspiracies and related crimes. The CDR trial is scheduled to begin on Sept. 12, 2011.

3-9-3 Illegal Gratuities

When someone gives a public official a gift that isn’t necessarily tied to any particular favor, it is probably intended to influence the official’s future decisions.

Imagine a government official who encourages corporations to fund his campaign.  The corporations and the official understand that the corporations will experience preferential treatment.  Sound like some remote South American banana republic?  Unfortunately, this is how our ‘system’ works in America.

If a lobbyist gives a government official a significant campaign contribution and helps her raise more money for her campaign while at the same time explaining his position on, let’s say, health insurance, is that bribery, extortion, or illegal gratuities?  Or is the congresswoman suffering from conflict of interest?  The behavior of our U.S. Congresswoman might be considered all three at once.

I got in hot water a few years ago with one of my government clients. One of my last names is Hart, and so I thought it would be cute to send out Valentine’s gifts to my clients instead of Christmas presents. Get it? Hart, Valentines?  So, I sent a small heart-shaped dish full of dove chocolate to one of my legislative audit clients.  And they promptly sent it back to me with a scolding letter from their lawyer admonishing me never to give them a gift again.  I guess they thought an $8 gift would make them hire me for the next decade.  I wish it were that easy to get business!

3-9-4 Extortion

Some people mistakenly call bribery “extortion” and extortion “bribery.” The difference between bribery and extortion is in who makes the first move.  The person wanting a favor from a powerful person initiates bribery.  And the person in power initiates extortion: in extortion the public official asks for goodies instead of being offered goodies.

One contractor conveyed that the head of the purchasing department for a large city always held a meeting with the bidders on a project before the project was awarded.  The experienced contractors realized that he was asking for gifts when he said things like, “My car is so filthy.  It needs a detailing!” “Or, my lawnmower sure is getting tired.” Whichever contractor took care of his car or his lawnmower got the job.

David Letterman was in the news in 2009 because the boyfriend of the woman with whom he was having an affair threatened to expose his infidelities to the public unless David Letterman paid the boyfriend several million dollars.  David Letterman decided to fess up on the air, but he turned the boyfriend into the authorities first.  What an interesting turn of events for the boyfriend.  He is broke, girlfriendless, and in prison for extortion.

If you have the power, you can demand the money!
Broward County Public School Board member Beverly Gallager, was arrested for extortion, wire fraud, and bribery after undercover FBI agents passed $12,500 to her in return for her awarding construction contracts.  U.S. Representative, Debbie Wasserman Shultz, was appalled saying, “It shakes the confidence of the public in their elected leaders.”11


1 Allison Dowd. “Mayor says decision didn’t put him into conflict of interest.” The Brandon Sun. September 29, 2010.
2 Brent Walth and Michelle Cole. “Department of Energy officials promoted firm run by ex-Gov. John Kitzhaber’s girlfriend for project.” The Oregonian [Portland]. August 23, 2010.
3 Matthew Mosk. “Exclusive: Glenn Beck’s Golden Advertiser Under Investigation.” ABC Nightline. ABC. July 19, 2010. Television.
4 Robert O’Harrow Jr. “Potential for Conflict Grows With Government’s Use of Contractors.” Washington Post. August 18, 2008.
5 United States. Department of Justice. Former Congressman William J. Jefferson Convicted of Bribery, Racketeering, Money Laundering, and Other Related Charges. FBI. August 5, 2009.
6 “Siemens Pays out $800M in Fraud Settlement.” National Association of Corporate Directors Directorship. Web. December 15, 2008.
7 David Barboza. “For Bribing Officials, Chinese Give the Best.” The New York Times. March 13, 2009.
8 Lucy Komisar. “Sodexo, exposed by Komisar for kickbacks, agrees to $20m settlement.” The Komisar Scoop. Web. July 21, 2010.
9 Rick Rothacker. ”Bank of America reaches bid-rigging settlement.” Charlotte Observer.  December 7, 2010.
10 United States. Department of Justice. Former Agent of Financial Products And Services Company Pleads Guilty For Role In Fraud Conspiracies Involving Proceeds Of Municipal Bonds. Press release. Washington, D.C. September 8, 2010.
11 “Broward County School Board member arrested.” Sunshine Review Gazette. September 24, 2009.
Stay Up-To-Date

Sign up here to have the lastest from Yellowbook-CPE.com delivered right to your inbox.

Just provide your name and email information below, and as an introductory “Thank You”, you’ll be able to view and download a free copy of our Audit Objectives whitepaper.

* indicates required




×
Stay Up-To-Date

Sign up here to have the latest from Yellowbook-CPE.com delivered right to your inbox.

Just provide your name and email information below, and as an introductory “Thank You”, you’ll be able to view and download a free copy of our Audit Objectives whitepaper.

[newsletters_subscribe list="20"]

×

Login

Lost your password?