Monday, June 9, 2014

Poor Internal Controls Result in Half Million Dollar Embezzlement

Last week, the Department of Justice (DoJ) announced that a contractor employee had plead guilty to falsifying accounting records thereby over-billing the Government by at least $570 thousand. The scheme continued over a seven year period. The employee pocketed the amount of the over-billing and ostensibly, the contractor did not know about the scheme. It is not surprising that someone gets caught cooking the books or embezzling funds. That happens regularly. What is surprising to us however, is that it went on for seven years before someone caught on to the scheme. There was a serious internal control weakness here and probably a lack of Government oversight. We'll explain.

Matthews Media Group (MMG) had a NIH (National Institute of Health) contract to recruit, screen, and compensate participants in clinical research studies. The employee's job was to compensate study participants with cash or gift cards, obtain receipts from study participants, and keep a spreadsheet of participants' compensation with supporting documentation. The supporting documentation consisted primarily of signed receipts from study participants. The employees had access to the company bank account where he withdrew funds to pay participants. MMG invoiced NIH each month based on amounts taken directly from the employee-prepared spreadsheet. There was no evidence that MMG made any effort to audit or evaluate the data or trace the amounts to supporting data. They accepted the spreadsheet totals at face value.

There were a couple of ways that the employee perpetrated the fraud. In most cases, the employee paid study participants and obtained a receipt from them but logged a higher amount in his spreadsheet. He pocketed the difference between the two amounts. In other cases, the employee logged fictitious receipt numbers and amounts in his spreadsheet and pocketed all of the cash. In both cases, a periodic spot-check by management would have caught the scheme and the schemer early on. Some form of periodic review, oversight, or internal audit is internal control 101 and should have been implemented from contract inception. And too, where was the Government oversight in this process. The Government does have a role in ensuring the propriety of claimed costs.

Ultimately, the contractor, MMG, stumbled upon the fraud, not because of a systematic internal control process but by happen-stance when it was compiling some data for the Government. The employee will have to pay restitution and may face imprisonment and other fines.

MMG was lucky in this case. The employee will have to pay restitution, not the contractor. But that is somewhat unusual. Most of the time in Government contracting, the contractor has to repay the money and then somehow seek to recover it from the recalcitrant employee. Perhaps one reason the contractor was so negligent in setting up sound internal control systems is the perceived risk - everything it spends it simply passes on to the Government. Non-Government contractors and Government contractors with fixed price contracts would not be so lucky. The embezzlement would come straight out of its profits.

This illustrates one of the Government's perceived risk in flexibly priced contracts and is the primary reason why the Government is justified in increasing its oversight activities at those firms.

You can read DoJ's entire press release here.

No comments:

Post a Comment