compliance management and fraud prevention in sponsored research

Baker Tilly refers to Baker Tilly Virchow Krause, LLP,an independently owned and managed member of Baker Tilly International.

Compliance Management and Fraud Prevention in Sponsored Research

Introductions

2

Raina Rose TaglePartner and National

Practice Leader, Baker Tilly

Higher Education

Adrienne LarmettSenior Consultant,

Baker TillyHigher Education

Agenda

•Objectiveso Understand fraud as defined by the False Claims

Act (FCA)o Define warning signs and red flagso Learn from examples of fraud and noncomplianceo Appreciate the impact of fraudo Detect, investigate, and monitor fraudo Adopt standards and procedures for fraud and

compliance policy creation and enforcement

3

Background

Fraud occurs in all industries, and universities and research institutions are no exception. In addition, economic downturns raise the potential for fraud. Combine these with the facts that research activity brings an ever-expanding, complex set of regulatory requirements and sponsor expectations, that research institutions are facing a higher level of scrutiny than ever before, and recent examples of fraud and misuse demonstrate the concerns for research institutions. It becomes clear that every employee needs to understand the basics of why fraud occurs and how s/he can help prevent or detect it.

4

Key Construction Activities

5

Understanding Fraud

Understanding Fraud

The Federal False Claims Act (FCA) defines fraud as:•Knowingly presenting or causing to be presented to the federal government (or agent or employee of the federal government) a false or fraudulent claim for payment or approval; •Knowingly making, using or causing to be made or used, a false record or statement to have a false or fraudulent claim paid or approved by the federal government; and •Conspiring to defraud the federal government by having a false claim allowed or paid.

6

Understanding Fraud (Cont.)

In its 2012 Report to the Nation on Occupational Fraud and Abuse, the Association of Certified Fraud Examiners (ACFE) ranked higher education as the fifth most likely industry to experience employee fraud (of 23). 1

1The Association of Certified Fraud Examiners (ACFE), 2012 Report to the Nation on Occupational Fraud and Abuse

7


How can it impact your institution?The term “fraud” can refer to any false representation of a matter of fact. In the research world, this can take many forms, both financial and nonfinancial. Common types of fraud in research administration and examples of each include:

8

Types of Fraud Examples

Inappropriate conflicts of interest Hiring a brother as a subcontractor against policy and/or without proper disclosure

Theft Permanently “borrowing” a laptop from a lab

Embezzlement Using research money to fund personal purchases

Improper use of federal funds Using money from one project to fund another project that has gone over budget

Improper effort reporting Claiming a researcher spent 50% of their effort on a well-funded project, while in reality they spent much of their time working on other activities

Falsification of research Recording incorrect data to make the research fit the thesis

Fraud in research can result in decreased federal funding, lengthy litigation, and ruined reputations and credibility. Learning how recognize and act upon fraud can help mitigate risk to your institution.


Three elements of fraud have to be present in order for the perpetrator to be successful. Organizations should understand that while they have little control over the pressure a perpetrator may feel or their ability to rationalize their actions, management can mitigate fraud by minimizing the opportunity for it to occur.

9

• Financial need• Addictive behavior• Pressure of non

performance

• Sense of revenge or disloyalty towards the organization or colleagues

• Everybody else is doing it and nobody gets caught

• Access to sensitive information

• Confidence of not getting caught


10

Economic downturns increase our risk of fraud. Decreases in pay, reductions in employee headcount and internal controls, as well as diminished morale, are just a few factors that can open the door to fraud in a down market.


11

Warning Signs and Red Flags

Warning Signs and Red Flags

12

13

Unusual Behavior•Refusing to take vacation•Irritability or defensiveness•Complaining about the institution (e.g., inadequate pay, organizational pressure to obtain funding) to a greater extent than typical•Control issues or an unwillingness to share duties or information

Uncommon Relationships•Close or personal association with a vendor or subcontractor•Unusually close or personal relationship with an employee•Close relationship with a private funding group•Undisclosed conflicts of interest

Motivating Factors for Fraud• High personal debt• Divorce or family problems

Lifestyle Changes• Change in schedule (e.g., arriving early

and leaving late when the individual previously worked a steady eight-hour day)

• Sudden alteration of or maintaining a standard of living that does not match the individual’s position (e.g., simultaneous purchases of expensive items)

Employee complaints• Bullying behavior by a principal

investigator• Claims of unfair pay or uncompensated

overtime• Accusations of favoritism

Warning Signs and Red Flags (Cont.)

14

Irregular or Inaccurate DocumentationThe most concrete set of signs involves the documentation that you likely review in the course of your work. The following are specific areas where fraud frequently occurs, and some signals that may warn you to dig deeper:

Subcontracts, Independent Contractors, and Consultants• Executed agreements without workplans, budgets, or budget justifications• Large payment amounts to individuals, with or without a contract• Questionable methods of payment (e.g., wiring payments, unusual billing addresses)• Familial ties or other potential conflicts of interest (e.g., a researcher who subcontracts work to a biotech company he happens to invest in or own)

Procurement Cards, Procurement, and Purchasing• Purchases of a personal nature• Changes in spending patterns• Lack of segregation of duties (e.g., a procurement cardholder is also the reviewer and approver of expenses)• Lack of documentation or business support for purchases (e.g., missing receipts, copied or scanned documents, handwritten receipts)


15

Research Subject Payments (e.g., Petty Cash, Gift Cards)• Poor documentation of research subject payments (e.g., questionable or missing receipts from subjects, payments made to individuals not otherwise documented as part of the research)• Subjects paid in cash when standard institutional practice is to pay with gift cards or vice versa• Large amount of cash on hand with weak physical safeguards• Petty cash box that does not match log of receipts, or that requires replenishment more frequently than normal Travel Advances, Travel, and Expense Reimbursements• Unauthorized travel or deviations in authorized travel plans• Travel expenses in excess of authorized amounts• Expenses or activities that violate university policy• Missing, copied, or handwritten receipts• Lack of segregation of duties (e.g., the individual traveling is also approving his/her travel and expense reimbursements)


16

Stipends, Salaries, and “Ghost” Employees (e.g., student, Part Time, and Temporary Workers)• Wages paid not supported by time sheets• Hours clocked in excess of agreed or approved work schedules• Number of workers in excess of budget justification or scope• Student employees working greater than expected number of hours• Signs of inaccurate effort reporting (e.g., salary charged not commensurate with research completed per technical reports, 100% of salary charged to sponsored projects when the individual also performs teaching or administrative duties)



17

Examples of Fraud and Noncompliance

Examples of Fraud and Noncompliance

University of GeorgiaJune 2012; Rebecca Adams Hill, a former business manager of the UG Carl Vinson Institute of Government, embezzled nearly $220,000 from March 2005-September 2009. Hill abused the university’s reimbursement system by submitting fraudulent expenses for supplies purportedly purchased with personal funds. Hill was sentenced to 20 years in prison and ordered to repay $219,795 in restitution. Hill employee had worked at the university for 30 years.

Kansas City University of Medicine & BiosciencesMarch 2011; Karen L. Peltz, former President, CEO and Trustee, accused of embezzling more than $1.5 million over a 5 year period. Peltz allegedly engaged in a variety of fraudulent reimbursement schemes, including receiving additional compensation.

18

Examples of Fraud and Noncompliance (Cont.)

Columbia UniversityNovember 2010; George Castro, formerly affiliated with the university in some undisclosed manner, charged with embezzling $4.5 million over a several month period. Castro manipulated university accounts and caused electronic funds transfers to accounts he controlled under the name of an apparent vendor.

Iona CollegeOctober 2010; Sister Marie E. Thornton, former vice president of finance, charged with and ultimately plead guilty to embezzling $1.2 million. Thornton, who reportedly had a gambling problem, issued college checks and used college credit card accounts for her own benefit and was also fraudulently reimbursed by the college with phony invoices.

19


Duke UniversityLate 2010; Dr. Anil Potti resigned from his job at Duke University amid questions of research fraud. It was discovered that Potti exaggerated his credentials, claiming incorrectly that he was a Rhodes scholar, a discovery that led to the American Cancer Society suspending hundreds of thousands of grant dollars that were to be used for Potti’s work. Since then, nine of Potti’s papers on individualized treatments for cancer have been retracted.

20


Penn State UniversityProfessor Craig Grimes has been accused of defrauding the National Institutes of Health and Advanced Research Projects Agency of federal grant monies, to the tune of $3 million. Grimes requested grants to study the measurement of gases in a patient’s blood, but the money was not spent for this research. Instead, clinical trials were never performed, and the grant funds were misappropriated, largely for the personal use of Grimes. Grimes has been charged with making false statements, money laundering, and fraud. He faces up to 35 years in prison and a fine of $750,000.

21


22

The Impact of Fraud

The Impact of Fraud

Fraud can have a devastating impact for a university or research organization. Though fraud is perpetrated against an organization and typically thought of as an internal concern, there are many consequences of fraud to consider:

• Monetary damagesoOrganizations are estimated to lose up to five percent of

revenue to employee fraud. oThe ACFE estimates the average loss amounts to universities

at a median loss of $36,000.1

1 The Association of Certified Fraud Examiners (ACFE), 2012 Report to the Nation on Occupational Fraud and Abuse

23

The Impact of Fraud (Cont.)

• Reputational damagesoA University of Washington study 1 found that monetary loss due to

damaged reputations was much greater - more than 7.5 times the sum of regulatory system penalties.

o When news of fraudulent activities becomes public, the impact on an organizations’ value is just the start of reputation damage. Ultimately, the long-term impact of lower revenue and higher contracting and financing costs contributes to a larger total loss over a period of months and years.

• Impact on licensing potential for university discoveriesoDiscoveries based on falsified, or fraudulent date could hinder the ability

to patent, or license oA patented product or drug based on fraudulent data or studies could

potentially put a university at risk for suit should adverse events occur.

1 The Cost to Firms of Cooking the Books (with D. Scott Lee and Gerald S. Martin), Journal of Financial and Quantitative Analysis, 43 (September 2008), 581-612.

24


25

Detecting, Investigating, and Monitoring Fraud

Detecting, Investigating, and Monitoring Fraud

Fraud is discovered in a variety of ways, but the ACFE’s 2012 Report to the Nation on Occupational Fraud and Abuse found that fraud detection occurs most often through tips or whistleblowers, with employees providing the majority of tips.

26

Detecting, Investigating, and Monitoring Fraud (Cont.)

After potential fraud or noncompliance is suspected or detected, it is important to notify relevant parties, including:

• Key management personnel• Legal counsel• Internal Audit• Compliance function (if applicable)

Notification should also include a discussion of the roles and responsibilities of each party, and any necessary shift in the prioritization of workflow. Once the preliminary discussion is completed, the parties should work together to take preliminary steps to determine if an investigation is warranted. Investigations take time, cost money, and often detract the participants from their normal business activities.

27


Is an investigation warranted?

There are several procedures to determine if an investigation is necessary:

• Identify employee(s) to conduct the evaluation (e.g., compliance officer, internal audit, key management)

• Evaluate tips• Perform non-invasive investigative procedures• If leads and tips have been substantiated, initiate internal

investigations

When it is determined that an investigation is needed, it is important to have a realistic understanding of the scope and timeframe needed to complete.

28


When performing a fraud investigation:•Proceed quickly: Prematurely tipping off an employee may result in losing opportunities to obtain valuable information that can be used to substantiate the fraud. •Proceed cautiously: Making false allegations or a wrongful termination may backfire against an employer and cause damage worse than the fraud itself.•Gather the facts and safeguard the organization from continued fraud: Documentation substantiating your losses must be complete and thorough. •Develop your objectives: Will the organization be satisfied with a termination, or do they want full restitution and prosecution?•Obtain professional assistance: It is important understand employer rights concerning access to a suspected employee’s office and e-mail/voicemail communication. Professional assistance may be useful when interviewing suspected employees. The initial interview may be the last and best opportunity to obtain information before the suspected employee seeks counsel.•Identify appropriate personnel to coordinate the investigation: An investigation may quickly become overwhelming and disruptive to an organization. The fact finding phase may be quick to start and end but potential litigation is often prolonged and slow moving.

29


Monitoring for Fraud• Monitoring starts at the hiring stage. Appropriate hiring policies and procedures (thorough interviews, reference checks, and background checks) should be in place, as sound hiring practices serve to protect the organization and the individuals likely to perpetrate a fraud.•Implementing a code of conduct and having employees sign a fraud policy ensure that employees know what is expected of them, and provides protection should a problem arise in the future. It also sends a clear message to the employee that fraud of any kind is totally unacceptable.•Periodically perform background and record checks. This will capture questionable or illegal activities not available at the time of hire, or since the time of hire.

30


• Employees’ circumstances change, which may compel them to commit a fraud they otherwise would not have committed. As a result, organizations should have a policy that requires employees’ work and behavior be monitored on an ongoing basis. Work should be reviewed to see that appropriate procedures are being followed and that the individual’s manager is checking for both quality and propriety on a regular basis.• The financial records of the organization should be checked for changes on a regular basis. The monthly financial statements must be checked for unusual fluctuations. Changes of this type could be contribution income going down at a time of year when it should go up, or a noticeable and unexplained increase in office supplies or travel expenses. Major frauds may well be found by analyzing financial statement activity, but minor frauds will not.

31


32

Adopting Standards and Procedures for Fraud and Compliance Policy Creation, and Enforcement


Adopting standards and procedures for fraud is one measure an institution may take to safeguard itself from fraud. This may be achieved through the development of compliance policies. In developing a fraud policy, the following items should be considered for inclusion:• Policy purpose: what is the intent of the policy and what does it hope

to achieve?• Policy: what is the institutional rule, what are the procedures to be

followed should deficiencies be identified, and who does the policy apply to?

• Laws or regulations: what are there federal, state, or local laws that may apply or help reinforce the policy? Are there fines and penalties for noncompliance?

• Resources for employees: is there a compliance program or hotline an employee may use to report fraud? What is the policy on protection from retribution (i.e., whistleblower protection)?


Institutions also need to develop procedures for enforcing fraud and compliance policies.• Obtain buy-in from senior leadership that the institution has a zero-

tolerance policy on fraud• Communicate the policy across the institution• Include fraud checks in investigations across all functions of the

institution (e.g., purchasing card use, cash collection, academic dishonesty, research misconduct)

• Be consistent in investigations (e.g., approaches, procedures, methods)

• Be consistent in intuitional standards• Strive for equitable resolutions


The best deterrent to fraud is having a control environment that is communicated and supported by management. The perception of detection is the best deterrent to fraud. In order to have an appropriate environment in place, your institution should:

• Communicate expectations – tone at the top. More importantly consider your actions

• Assess your fraud risk – how would someone commit fraud here?• Train your employees on:

o Internal controlso Fraud awareness o Ethics

• Maintain an ethics and compliance program• Maintain an ethics/whistleblower hotline


Maintain a control environment –

• Require expenses to be well-documented. This will decrease the opportunity for fraud in your organization. This means that expenses should include original receipts and a clear explanation of the business purpose for the expense.

• Segregation of duties is important in many areas. There should be separate personnel completing tasks and performing reviews as described above.

• Conflicts of interest should be evaluated. Researchers who hire, contract to, or receive money from related parties have an inherently greater opportunity to commit fraud by inappropriately dealing with those parties.

Baker Tilly Beers & Cutler, PLLC, is a wholly-owned subsidiary of Baker Tilly Virchow Krause, LLP. © 2010 Baker Tilly Beers & Cutler, PLLC.

Questions & Comments

Raina Rose Tagle, CPA, CIA [email protected](703) 923-8251

Adrienne [email protected](703) 923-8134

compliance management and fraud prevention in sponsored research

Documents

employee fraud

occupational fraud

elements of fraud

term fraud

recent examples of fraud

thesisunderstanding

common types of fraud

research institutions