Preparing as an Expert Witness for Not-For-Profit Entities
Forensic accounting examinations of not-for-profit entities
The keys to performing a successful expert forensic accounting fraud engagement is to gain an understanding of the present internal control system, including policies [or lack thereof] in place to prevent fraud and abuse, as well as other key steps and procedures, as John J. DeLuca outlines in this article.
I have recently received a deluge of engagement inquiries by not-for-profit entities needing expert witness reports in regard to forensic examinations concerning misappropriation of entity funds by employees. My typical approach to these types of engagements is to perform a forensic accounting examination titled, â€śBased on Agreed-Upon Procedures.â€ť This examination allows you to pinpoint an area of the financial system, and allows the client to participate in the process.
Many times, the client has a focus or idea where the shrinkage can be pinpointed. For instance, the client senses underreporting of revenues or expenses exceed budgeted amounts. What they may not realize is that there may be more than one defalcation occurring simultaneously. This is where the expert can suggest additional procedures, once the accounting system is understood. Then an â€śagreed-upon proceduresâ€ť work plan can be developed on a cooperative basis with the client. The work plan can be amended as finding dictate, and the client needs to be aware of this availability up front.
Upon considering the saturation of these types of recent engagements, it was a â€śno brainer.â€ť The economy is, well, limping along. The Gallup Poll reports that the January 2014 U.S. payrollâ€“to-population employment rate (P2P) is 42 percentâ€”the lowest P2P rate since March 2011. The unemployment rate has been a staggering 8-9 percent for several years now, and a fair number of people have just stopped looking for work. The actual unemployment rate is probably higher. Underemployment is possibly another explanatory factor. Not-for-profit organizations become a primary theft target for those employees that may be underemployed and/or who have family members responsible for contributing to household income that find themselves out of work. Many not-for-profit entities deal with large volumes in cash revenues. These entities may find themselves understaffed in critical accounting areas dealing with internal control,â€”as salaries are found to be well below that of the private sector. The very nature of the organization is that of a charitable, trusting entity that serves those less fortunate in the community.
The board of directors function, many times, as a part-time group of well-meaning individuals that focus on the charitable successes and the platitudes that are the byproduct of the organization. Many board members are surprised by their additional responsibilities in the areas of fraud prevention.
The role of not-for-profit boards can best be categorized as policy, planning, fiscal, and public outreach. Within the fiscal management role, there are specific oversight responsibilities in the areas of fraud and abuse. The boardâ€™s oversight functionality is to:
- Ensure that management has fraud and abuse policies in place
- Have adequate insurance policies that will provide a resource relative to risk of loss
- Press management to address and implement audit recommendations, within reason
- Adequately analyze the organizationâ€™s budgeting and financial reporting
Therefore, each board needs to have standing committees that address these issues. The financial committees are typically named finance, investments, and audit. The audit committee typically focuses on fraud prevention.
The first priority of the audit committee is the selection of the organizationâ€™s external auditors. The auditors are hired and directly report to this committee since the financial directives of the entity are approved and monitored by these board members. Some of the most important financial directives include:
- Approval of audit reports that are in accordance with applicable standards
- Review auditor recommendations and findings with management and monitor implementation
- Oversee financial controls that include those in place to prevent fraud
- Oversee the financial policies adopted to prepare financial statements
- Hire outside consultants and auditors to conduct special investigations into allegations of misappropriations
- Discuss pending litigation with outside counsel
- Review the timeliness and appropriateness of federal and state tax returns
Another leg of fraud prevention are the responsibilities borne by the outside auditors. Many audit committee members possess an unfounded theory that the auditors hired are responsible for finding any fraud or abuse within the organization. This theory is only partially true.
A 2002 report by the Association of Certified Fraud Examiners titled, â€ś2002 Report to the Nation: Occupational Fraud and Abuse,â€ť indicated that only 11 percent of the frauds studied were detected as the result of an external audit of the financial statements. Wait, does this mean that auditors are not doing their job 89 percent of the time? Well, no, not quite. It is true that some audits are poorly planned and managed by certain auditors, but audit standards and practices are limited by their very nature.
It is not reasonable for an auditing firm to test each and every transaction conducted by an organization within any one period. The cost to conduct such an engagement would be prohibitive. Therefore, the auditor conducts tests only on transactions based upon the documented risks in the entityâ€™s internal control.
A reading of the Independent Auditorâ€™s Report that accompanies a set of financial statements advises the reader of their â€śscope limitations.â€ť Typically, the second paragraph of the report, as required by standards, clearly indicates that the auditing firmâ€™s responsibility is to â€śplan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement.â€ť This is vastly different than stating that the auditing firmâ€™s responsibility is to obtain absolute assurance. Hence, the first limitation.
The second hint that the auditors are not fully responsible for detecting fraud is typically found in the third paragraph of their report whereby the auditors state that the financial statements â€śpresent fairly, in all material respectsâ€ť the financial position of the organization. The words â€śin all material respectsâ€ť add another level of disparity between what the entity might expect and the duties the auditor is professionally bound to perform.
Auditors may spend numerous hours and funds through local and national organizations in educating their clients and third-party users of their audits on this dilemma known as the â€śexpectation gap.â€ť Needless to say, the gap between users who understand the benefits provided by audit services and the services that auditors can attest to still exists. It can be more prevalent in a less-sophisticated group of board members.
The built-in â€ścushionâ€ť that auditors provide within their Independent Auditorsâ€™ Opinion does not allow them to totally escape their responsibility in the detection of fraud. Realizing this, the American Institute of Certified Public Accountants (AICPA) rolled out its Statement on Auditing Standards (SAS) No. 99, â€śConsideration of Fraud in a Financial Statement Audit,â€ť for audit years ending December 31, 2003 and later.
SAS No. 99 defines the auditorsâ€™ responsibilities in considering the risk of fraud and guides auditors in creating procedures that test for it. There are examples of management inquiries and procedures that can be conducted to address fraud risk. This SAS emphasizes additional inquiries of management in the areas of fraud. The keys to performing a successful expert forensic accounting fraud engagement is to gain an understanding of the present internal control system, including policies [or lack thereof] in place to prevent fraud and abuse.
In addition, other steps include:
- Determine the structure of the board of directors and the committee responsible for the annual audit
- Pinpoint the financial area of concern and develop procedures to isolate the alleged fraud and other areas that are susceptible to fraud, in collaboration with the audit committee
- Conduct the agreed-upon procedures and adjust procedures based upon findings and observations
- Prior to issuing your final report, ensure that audit committee members are knowledgeable about their personal responsibilities regarding the prevention of fraud and abuse
John J. DeLuca, CPA, CVA, is currently the managing director of Succisa Virescit, LLC, an international consulting firm specializing in the areas of forensic accounting, litigation support, business valuations, and expert witness testimony. Mr. DeLucaâ€™s experience spans more than 30 years of practice. John can be contacted at firstname.lastname@example.org.