Financial Fraud Policy and Processes to Prevent and Detect Its Occurrence

Objective
Financial Fraud
Examples of Financial Fraud
Internal Controls
Employee Responsibility
Management Responsibility
Reporting Fraud

Objective
 

To define financial fraud, state expectations for employees responsible for University assets, and identify means of reporting potential occurrences.
[Top]

Financial Fraud

Financial fraud is defined as a deliberate act or deliberate failure to act with the intent to obtain unauthorized financial benefit from the University for oneself, one's family, or one's associates. Financial fraud includes, but is not limited to, misappropriation of university funds or property, authorizing or receiving compensation or reimbursement for goods not received or services not performed, falsification of work/employment records, or unauthorized alteration of financial records.

It is a violation of University policy for any employee to engage in financial fraud, as defined above.
[Top]

Examples of financial fraud include but are not limited to:

  • Embezzlement or other financial irregularities;
  • Misappropriation, misapplication, removal, or concealment of University property;
  • Forgery, falsification, or alteration of documents and/or information (e.g., checks, bank drafts, deposit tickets, promissory notes, travel expense reports, contractor agreements, purchase orders, electronic files, etc.) with the intent to obtain an unauthorized financial benefit;
  • Deviations from standard procedures in the handling or reporting of money, cash equivalents or financial transactions, including procurement card with the intent to obtain an unauthorized financial benefit;
  • Theft or misappropriation of funds, securities, supplies, inventory, or any other University asset (including furniture, fixtures or equipment, data, trade secrets and intellectual property);
  • Authorizing payment to vendors when it is known that the goods were not received by the University, or services were not performed for the University, with the intent to obtain an unauthorized financial benefit or cause financial harm to the University;
  • Falsification of work/employment records related to salary and benefits with the intent to obtain an unauthorized financial benefit;
  • Misuse of University facilities, such as vehicles, telephones, mail systems, or computer-related equipment in violation of University policy with the intent to obtain an unauthorized financial benefit;
  • Violation of University purchasing procedures and requirements with the intent to obtain an unauthorized financial benefit;
  • Engaging in bribery, kickbacks, or seeking unauthorized rebates with the intent to obtain an unauthorized financial benefit;
  • Accepting money for research or gifts on behalf of the University or as part of University activities except as prescribed by University policy;
  • Actions related to concealing or perpetuating aforementioned activities.
    [Top]

Internal Controls

Internal controls are policies, practices, and procedures that are designed to provide reasonable assurance that objectives are achieved in the following categories:

  • Effectiveness and efficiency of operations (including safeguarding of assets and records).
  • Reliability of financial reporting.
  • Compliance with laws and regulations.

The University will utilize all reasonable internal controls, including proper segregation of duties, to monitor and control the use of University assets, and thereby reduce the potential for financial fraud.
[Top]

Expectations
 

Employee Responsibility

All University employees have a stewardship responsibility for University funds and other assets, consistent with the Board of Regents, State of Iowa, Code of Business and Fiduciary Conduct (http://www.iowaregents.edu/plans-and-policies/board-policy-manual/22-business-procedures/#Code%20of%20Business%20and%20Fiduciary%20Conduct).

University employees are responsible for safeguarding University resources under their control and for ensuring that those resources are used only for authorized purposes and in accordance with University rules, policies, and applicable federal and state laws. For example:

  • Employees will safeguard University property and other resources from inappropriate use, misappropriation, or abuse.
  • Employees will assure that all funds provided for research and other functions supported through external gifts, grants and contracts are spent in ways consistent with the funding documents and in compliance with sponsoring organization's guidelines on allowable costs.
  • Employees in charge of budgets will monitor records of expenditures for compliance with University policies and procedures and will allow these records to be viewed by University administrators and auditors.
  • The University seeks the cooperation of all UI employees who have reason to believe, or have knowledge indicating financial fraud could be occurring. The best way to cooperate is reporting the incident(s) and all relevant information to an appropriate University authority (see section IV below) or through the University's confidential reporting hotline, Ethics Point, at 1-866-294-9350 or anonymously via the web at: https://secure.ethicspoint.com/domain/en/report_custom.asp?clientid=9723.
  • The University will take appropriate disciplinary and legal action against employees who commit financial fraud. This may include discipline up to and including termination. The University will refer a criminal case for prosecution, if warranted.
    [Top]
     

Management Responsibility

  • Each manager should be familiar with the types of improprieties which might occur in her/his area of responsibility and assure that all reasonable internal controls are in place and effective to prevent and detect occurrence of fraud.
  • Each manager should also be alert for any indication that improper or dishonest activity is or was in existence within her/his area.
  • Supervisors are responsible for the employees assigned to them, and shall through education, coaching and discipline where justified, assist the University in avoiding financial fraud.
  • Members of senior management, by virtue of their leadership status, have additional responsibilities set forth by the Board of Regents, State of Iowa, as outlined in the Regents Code of Business and Fiduciary Conduct (http://www.iowaregents.edu/plans-and-policies/board-policy-manual/22-business-procedures/#Code%20of%20Business%20and%20Fiduciary%20Conduct).
    [Top]

Reporting

Any member of the University community or the public may use the University's confidential reporting line, Ethics Point, to report any suspected financial fraud: Phone: 1-866-294-9350 or anonymously via the web at: https://secure.ethicspoint.com/domain/en/report_custom.asp?clientid=9723

Employees are strongly encouraged to report any potential financial fraud through one of the following options:

  • Through their normal line of authority, starting with their supervisor, or anyone above, or,
  • To any financial or human resource representative within their organizational unit (e.g.: college), or,
  • To a central University office such as:
    • University Controller,
    • University Human Resources/Employee and Labor Relations,
    • Office of General Counsel,
    • Office of Internal Audit,
    • In the case of possible criminal activity, the Department of Public Safety, or
  • Through Ethics Point: Phone: 1-866-294-9350 or via the web: https://secure.ethicspoint.com/domain/en/report_custom.asp?clientid=9723
  • For UI Health Care Employees, you may report through the Joint Office for Compliance Helpline via email at: Compliance@healthcare.uiowa.edu or phone at 319-384-8282.

The University's Anti-Retaliation policy (see Policy Manual Part II, Chapter 11) prohibits adverse actions resulting from the filing of a report of University-related misconduct.

  • If a supervisor or senior manager, or a financial or human resource representative has received a report or has reason to believe that financial fraud may have occurred, they are expected promptly to contact one or more of the University resources listed below:
    • University Controller
    • University Human Resources/Employee and Labor Relations
    • Office of the University General Counsel
    • Office of Internal Audit
    • UI Health Care Joint Office for Compliance
    • Department of Public Safety (when criminal activity is suspected).

Fraud cases are usually complex requiring special expertise to investigate the underlying issues. Therefore it is important to notify one of these University offices immediately to minimize loss to the University. These offices will consult with one another to determine if further investigation is needed. Departmental personnel should not attempt to independently investigate instances of suspected fraud.

  • The University relies upon the Chief Audit Executive reporting directly to the Board of Regents to report suspected financial fraud to the State Auditor's Office in accordance with state law (Chapter 11.6(7) of the Code of Iowa).
    [Top]