fraud & corruption prevention policy · fraud & corruption prevention policy (13 -05-15...

Fraud & Corruption Prevention Policy

Prepared by: Robyn Winks General Manager – Business Services

Signed: Date: 23/06/2015

Authorised by: Michael Frawley Chief Executive/Museum Director

Signed: Date: 23/06/2015

Fraud & Corruption Prevention Policy (13-05-15 Final) 1 2 3 J une 2 0 1 5

Contents

1.0 Overview.............................................................................................................................2

2.0 The Framework....................................................................................................................5

3.0 Reviewing Systems and Procedures (Post Fraud) ...................................................................7

4.0 Recovery of Money or Assets Lost Through Fraud ..................................................................7

5.0 Communication Protocol ......................................................................................................7

6.0 Review ................................................................................................................................7

Appendix A: Roles & Responsibilities................................................................................................8

Appendix B: Internal Controls ........................................................................................................ 10

Appendix C: Detection Methods .................................................................................................... 11


1.0 Overview

This Fraud and Corruption policy (together defined as ‘fraud’) has been prepared by the Museum of Transport & Technology (MOTAT or the Museum) to ensure a high standard of integrity and conduct by all MOTAT Team members (i.e. employees and volunteers), Board members, consultants and contractors engaged with or representing MOTAT so as to protect the Museum from financial, reputational and other harm.

The Museum will implement and monitor the effectiveness of this policy which is aimed at preventing and investigating fraud in the unlikely event that it occurs.

MOTAT has a zero tolerance to fraud and all actual or suspected instances of fraud by MOTAT will be fully investigated.

1.1 Context

MOTAT receives funding from the Auckland City Council and the Office of the Auditor General (‘OAG’) undertakes an annual audit of the Museum’s affairs. Having an effective fraud policy is essential to ensuring that the Museum’s funds and assets are utilised legally, ethically and in accordance with the Museum’s strategic and statutory objectives.

1.2 Fraud Prevention Framework

The purpose of this policy is to provide a framework that:

1. Encourages transparency and ethical behaviour in all aspects of MOTAT’s operation and business.

2. Is consistent with the Museum’s values and ensures that all MOTAT Team members, Board members consultants and other representatives are aware of and comply with the ethical standards that are expected of those involved with the Museum.

3. Clearly articulates MOTAT’s position in relation to fraud the Museum’s commitment to ensure that it doesn’t happen.

4. Enables the Museum to implement and communicate appropriate procedures and systems that identify and eradicates fraudulent behaviour.

5. Educates and informs the MOTAT Team’s on the identification of fraud and the associated obligation and procedures for reporting it.

6. Facilitates the detection, reporting and investigation of fraudulent or suspected fraud.

1.3 Definitions

The Serious Fraud Office (SFO) provides the following for Fraud and Corruption:

• Fraud is defined as dishonest activity causing actual or potential financial loss to any person or entity, including theft of money or other property, by employees or persons external to the entity; and where deception is used at the time, immediately before or immediately following the activity.

• There is no legally binding definition of Corruption in New Zealand. However, the definition used by the Asia Development Bank and relied on by the SFO, defines corruption as:

"Behaviour on the part of officials in the public or private sector in which they improperly and unlawfully enrich themselves or those close to them, or induce others to do so, by

misusing the position in which they are placed".


1.4 Objectives

All of the MOTAT Team members must understand and actively demonstrate their commitment to working professionally and ethically at all times and in accordance with the Museum’s strategic and statutory objectives and Values

MOTAT has a zero tolerance to fraud, which means that it will investigate all reported incidents of actual or suspected fraud and minimise the opportunities of fraud through the development, implementation and regular review of this policy and the associated procedures the Museum uses to monitor, investigate and deal with fraud.

The policies objectives are as follow:

Objective How we will achieve the objective Review

Identify fraud risks and regularly update the Risk Management Plan and Delegation Register

• Undertake regular review of fraud risks and maintain Risk Management Plan and Delegation Register

• Identify suitable internal controls to remove, identify, mitigate and monitor any risk of fraud.

Annually

Develop procedures and finance areas that facilitate the identification of fraud, especially in accounting

• Develop and update procedures Ongoing

Ensure MOTAT Team members are aware of MOTAT’s Fraud and Corruption Prevention policies and procedures

• Provide fraud awareness training to all MOTAT Team members taking into account to the nature of their roles or involvement in the Museum

• Include fraud awareness in the orientation of all MOTAT Team members

• Communicate the internal controls including the reporting of any suspected or alleged fraud to all MOTAT Team members

Annually

On commencement

Bi-annually

Encourage and promote professional and ethical business practice

• Ensure that the Museum’s Values are effectively communicated

• Managers to demonstrate leadership especially by leading by example

• Identify and communicate to those concerned the roles in the organisation that have fraud control responsibilities

Ongoing

Bi-annually

Clearly communicate how suspected instances of fraud must be reported

• Protected Disclosure Policy included in MOTAT Team Handbook

Ongoing

Bi-annually


Objective How we will achieve the objective Review

• Communicate the Protected Disclosure Policy to the wider MOTAT team

Investigation of all instances of actual or suspected fraud

• Respond appropriately and in a timely manner to all reports of actual, alleged or suspected fraud

• Where appropriate appoint external qualified personnel to undertake investigation

Ongoing

As required

Take appropriate action in instances of actual, alleged or suspected fraud or corruption

• Undertake fair and thorough investigations

• Ensure investigations that involve employees meet our obligations as a good employer and in accordance with the Museum’s disciplinary procedures

• Where appropriate recommend prosecution of person/s and/or organisations for fraud offences where and when appropriate recommend referral to the appropriate authority (i.e. Police, Auditors or SFO)

• Where appropriate use all available resources to recover money or property lost through fraudulent activity

1.5 References

This policy should be read in conjunction with the following:

• MOTAT Strategy (including values)

• MOTAT Team Handbook*

• Audit & Risk Committee Charter

• Crimes Act 1961

• Local Authorities (Members’ Interests) Act 1968

• Protected Disclosures Act 2000

• Privacy Act 1993

• Local Government Official Information & Meetings Act 1987

• MOTAT Board – Register of Interests

• Annual Reports – Related Parties

• Risk Management Framework

MOTAT also has a number of policies and procedures which should be read in conjunction with this policy

• Protected Disclosure Act Policy (see MOTAT Team Members Handbook)


• Purchasing – Goods and Services

• Individual Employment Agreement

o Conflict of Interest

o Pre-employment Statements and Criminal History

o Misconduct

o Serious Misconduct

• People & Performance Policies and Guidelines

o Employment of spouses or relatives

o Application form for employment

o Application form for volunteer involvement

* The MOTAT Team Handbook contains a number of policies that are aligned to this policy and MOTAT Team Members should refer to the Handbook for more details.

2.0 The Framework

The policy is supported by the following framework which covers:

• Accountability/Responsibilities

• Internal Controls/Prevention

• Detection

• Reporting

• Investigation

2.1 Accountability/Responsibilities

The General Manager Business Services (GM Business Services) is the Fraud Control Officer (‘FCO’) and will report to the Chair of the Audit and Risk Committee. The FCO is responsible for overseeing investigations of actual or suspected fraud. While the Museum’s Manager Finance & ICT reports to the FCO, the FCO is not directly involved in the financial and accounting aspects of the Museum’s business or the implementation and monitoring of major projects.

Appendix 1 sets out the various roles and areas of responsibilities.

2.2 Internal Controls/Prevention

Internal controls are often the first line of defence against fraud. The Museum has and will maintain robust internal controls that are reviewed on a regular basis so as to ensure that they are up to date, effective and relevant.

The internal controls that MOTAT has in place to support the detection and prevention of fraud are set out in Appendix 2.

2.3 Detection

The internal controls, especially on the financial side, are one part of fraud detection and the Museum will utilise the detection methods outlined in Appendix 3, namely:

All MOTAT Team members play an important role in detecting fraud because of their first-hand experience and knowledge of the Museum, its work practices and accountabilities and the fact that they are on site on a regular basis and see and hear what is going on.

Internal Controls

DetectionResponse


2.4 Reporting

2.4.1 MOTAT Team Members

If a MOTAT Team member becomes aware of any actual or suspected fraud conduct they should report the matter immediately. Team members are also required to maintain strict confidentiality on any actual or suspected fraud so as not to “warn off” those concerned. MOTAT Team members should refer to the Protected Disclosures Policy in the MOTAT Handbook and in particular the following:

• The MOTAT Team member should report the matter to their line manager.

• If the team member feels that they are unable to report the matter to their line manager, they may report the matter to the Manager People & Performance, People & Performance Advisor, FCO, the CEO or the Chair of the Audit & Risk Committee on a confidential basis.

• Any person (especially if they are a manager) that receives a report of alleged fraud must advise the FCO immediately.

The intention of protected disclosures under the Protected Disclosures Act 2000 (“The Act”) is to support and protect people (also referred to as ‘whistle blowers’) who volunteer information in respect of serious wrongdoing that leads to the detection of or other criminal activity.

If a MOTAT Team Member, Board Member or consultant suspects actual or suspected fraud or any serious wrongdoing, they can advise the Museum of that in accordance with the Protected Disclosure Policy. The Protected Disclosure Policy provides guidance on the correct procedure to be followed. MOTAT requires that all MOTAT team members act in good faith and reasonably in making reports under the Act.

Disclosures made to avoid disciplinary action or are frivolous or vexatious in nature may not be treated as a protected disclosure.

2.4.2 Contractors and Members of the Public

Members of the public can report actual or suspected of fraud to the FCO who will satisfy themselves that the complaint is a legitimate one (i.e. not being made for a malicious or other purpose) before investigating further.

2.4.3 Museum’s Auditors

In accordance with the Museum of Transport & Technology Act 2000 an annual audit is undertaken by the OAG. The OAG appointed Auditors will provide to the Museum a report on the outcome of the Audit and identify any areas of concern especially in relation to actual or potential criminal activity including fraud and corruption.

If the Auditors discover or suspect that fraud has occurred they shall report the matter to the CEO or the Chair of the Audit & Risk Committee.

2.4.3 Internal Audit

MOTAT has no dedicated internal audit team, but it does have robust process in place to ensure that our procedures are followed. Internal audit tasks are performed daily by the Accounts Administrator, Accountant and the Manager – Finance and ICT. Any concerns that arise from these checks will be reported to the FCO and the Chair of the Audit & Risk Committee.

2.5 Investigation Procedures

All instances of actual, potential or suspected fraud must be reported in accordance with this policy.


The FCO is responsible for overseeing and managing the investigation process, in consultation with other members of an investigation team which may comprise member of the People and Performance Team, relevant senior managers and/or a member of the Audit & Risk Committee nominated by the Chair of the committee.

The investigations will also be conducted in accordance with the Museum’s employment investigation procedures.

If the FCO and the investigation team are satisfied that fraud has or could occur they will report the matter to the Police or other relevant authority and to the Chair of the Audit & Risk Committee and the CEO as soon as practical.

3.0 Reviewing Systems and Procedures (Post Fraud)

Where fraud is detected, MOTAT will review how it occurred and whether any of the Museum’s internal controls and procedures need to be changed so as to ensure that it doesn’t happen again.

4.0 Recovery of Money or Assets Lost Through Fraud

MOTAT will actively pursue the recovery of any money or property lost through fraud after considering all relevant issues.

5.0 Communication Protocol

Should fraud occur the following protocols shall apply:

(a) The CEO and Board Chair will make all decisions on the appropriate communication protocol to be adopted after taking advice from the Marketing and Communications Manager and Communications Advisor if required.

(b) The CEO and/or Board Chair will be the authorised spokesperson.

(c) The CEO will brief the Auditors on any suspected or actual fraud and on the progress and outcome of any investigation.

6.0 Review

This Policy will be reviewed by the Audit & Risk Committee at least every three years commencing 1 April 2015


APPENDIX A: ROLES & RESPONSIBILITIES

Role Fraud Control Accountabilities and/or responsibilities

Audit & Risk Committee

This Committee is directly accountable to the Board of MOTAT. The Chairperson is appointed by the Committee. In discharging its responsibilities, the Committee has authority to:

• Conduct or authorise investigations into any matters within its scope of responsibility;

• Access information, records and personnel as it requires to fulfil its responsibilities;

• Request the attendance of any MOTAT Team member (including Board members);

• Conduct meetings with External Auditors (i.e. Auditor-General appointees) and possibly the Office of the Auditor-General as necessary;

• Obtain advice from external parties as necessary;

• Resolve any disagreements between management and the auditor regarding financial reporting; and

• Pre-approve all auditing and non-audit services.

The Committee has no executive powers with regard to its findings and recommendations, except where expressly provided by the Board.

Fraud Control Officer

• Included in the Risk Management Plan internal controls and review/internal audits.

• Oversee fraud awareness and training of MOTAT Team members.

• Oversee MOTAT’s fraud risk assessment process and procedures.

• Undertake an annual review of this Policy or following any significant organisation structure review.

• Report to the CEO and the Chair of the Audit & Risk Committee on fraud control initiatives undertaken by MOTAT.

• Ensure that the CEO and the Chair of the Audit & Risk Committee are briefed on allegations of suspected fraud.

• Ensure fraud related policies and procedures are developed, communicated and accessible to all MOTAT Team members.

• Work with all areas of the Museum’s operation to develop and implement systems to prevent, detect and respond to fraud.

• Undertake investigations of alleged fraud in accordance with this policy and MOTAT’s People and Performance Policies and Procedures and where appropriate appoint a suitably qualified investigator to undertake the investigation on behalf of MOTAT.

Manager Finance & ICT

• Design, implement and monitor a fraud detection programmes and procedures incorporating data analysis, management accounting reviews and post transition reviews.


• Implement recommendations from the Museum’s Auditors that improve our systems and minimise opportunities for fraud.

Manager People & Performance

• Ensure that this policy and associated policies and procedures are included in the orientation of all MOTAT Team members, Board members and consultants.

• Ensure that fraud and awareness training is available to all relevant team members.

• Ensure that the Museum has robust recruitment processes in place and are adhered to and detect and remove those who have a history of fraud.

• Ensure that there are clearly communicated processes in respect of disciplinary or employment investigations that are transparent, robust and fairly applied.

Managers and Coordinators

All Managers and Coordinators must be vigilant to the possibility of fraudulent or corrupt behaviour and respond accordingly.

Managers must ensure that:

• Appropriate controls are in place at all levels to safeguard against fraud and take action to implement and monitor these controls

• Internal reviews are undertaken in their hub and business areas on a regular basis and that any significant changes in accountabilities/responsibilities that create a higher potential for fraud are reported to the FCO

• They regularly re-enforce the team’s understanding and awareness of the fraud policies and procedures

• Take appropriate action in liaison with People & Performance and the FCO when breaches of this policy and the associated procedures occur.

MOTAT Team members – employees and volunteers, Board Members and Consultants

All MOTAT Team members shall:

• Act professional and ethical at all times and set a good example to others.

• Not condone, or fail to take appropriate action in relation to, suspected fraud, corrupt or improper conduct at MOTAT.

• Assist and support the implementation of the fraud policies and procedures and actively participate in activities relating to fraud control.

• Not knowingly make a false or misleading report.

• Not act in a retaliatory, discriminatory or otherwise adverse manner in regard to a person, on account of that person making a genuine report or providing assistance in a relevant inquiry under this policy and its associated procedures.

• To cooperate with the FCO, CEO and Chair of the Audit & Risk Committee and any external or internal investigators in relation to any fraud investigation.

• Not hinder or impede an investigation, and shall give every courtesy and assistance to any person authorised by management to conduct an investigation.


APPENDIX B: INTERNAL CONTROLS

1. Accountability Map – Fraud Control

MOTAT has an Accountability Map which clearly sets out the roles that have accountability in respect of Fraud Control. Position Descriptions and Volunteer Assignments reflect the level of accountability for the individual team member.

2. Fraud and corruption prevention awareness training

Training is provided to all MOTAT Team members to assist in raising the general level of awareness amongst MOTAT Team members. The training will assist team members to better recognise the early warning signs of fraudulent activity and ensure team members understand how and to whom they should report their concerns. Team members that have been identified as requiring more specific awareness training will receive training to assist them accordingly.

3. Risk Management Plan

The Museum maintains a Risk Management Plan that is regularly reviewed by the Audit & Risk Committee. This provides a framework for identifying, monitoring and managing risk to the business including fraud, theft or corrupt conduct.

All teams must ensure that the initiatives or controls identified are effective and where required updated.

The FCO in consultation with the relevant General Manager or Team Managers will ensure that the proposed actions are implemented.

4. MOTAT Team Screening

Pre-employment and pre-volunteering screening enables the Museum to identify and screen those who may be more likely to commit a fraud or undertake corrupt activities (e.g. by identifying falsified qualifications or employment histories). As part of the screening process all prospective MOTAT Team members are required to consent to the Museum undertaking criminal convictions and other checks depending on the specific nature of the role.

5. Related Parties

In accordance with the Museum’s Purchasing Goods & Services Policy all purchases from related parties (i.e. where a MOTAT employee/volunteer is involved with a company, has a friend involved with a company or a family connection exists) the relationship must be clearly identified to the team member’s manager. In such cases, Purchase Orders are required to be signed by one of the Senior Management team, before any goods/services are ordered or supplied.

6. Segregation of Duties

Identified processes or functions will take into account whether a role should be given responsibility for more than one related function. These include but are not limited to:

• Role/s that approve invoices for payment should not be responsible for arranging/processing payment.

• Employee information is entered and maintained by People & Performance only and the payroll is processed by Finance only.

• People & Performance are responsible for all employment agreements, volunteer agreements and associated documents. Finance & ICT are responsible for all contractor documentation.

• Swipe cards for site access are assigned by People & Performance and activated or de-activated by Health, Safety & Security.


APPENDIX C: DETECTION METHODS

1. Financial Reviews

MOTAT monitors and analyses its financial management so that any adverse trends can be identified and investigated as this may be indicative of fraudulent conduct.

2. Data Analysis

MOTAT uses data analysis to identify fraud and other improper behaviour. This data may show patterns and relationships that may appear initially unrelated but a pattern emerges that may show fraudulent activity. For example, MOTAT regularly tests the accounts payable data for repeated invoice numbers (duplicate payments) and payroll data for duplicate bank account numbers which may uncover “ghost employee” payroll fraud.

The FCO is responsible for an annual review of these checks for appropriateness.

3. Post Transaction Review

MOTAT conducts monthly reviews of transactions after they have been processed as this can be an effective way to identify fraudulent activity. For example, the review may uncover altered or missing documentation.

MOTAT is audited by the OAG and sample checks are conducted as part of that audit.

4. Early Warning Signs

Identification and acting on early warning signs of fraudulent activity is an important part of early detection. The provision of fraud awareness training increases the Museum’s early warning capability so that the team members are able to identify the signs of potential fraud and report the fraud.

These methods taken together increase the likelihood of identifying fraudulent activity and the chances of being caught, which in turn decreases the chance of fraud occurring.

fraud & corruption prevention policy · fraud & corruption prevention policy (13 -05-15...

Documents