State auditor releases ‘best practices’ to curb government payroll fraud

Written on Nov 09, 2017

Payroll fraud is a perennial problem for local governments, putting tens of thousands of taxpayer dollars at risk, which is why Auditor of State Dave Yost today issued a “Best Practices” newsletter to help local officials reduce this threat.

When an employee games a local government’s payroll system to steal from taxpayers, he or she is the one who pays the price when caught. But negligent elected officials and administrators sometimes share the blame. They are responsible for creating the internal financial controls which are needed to deter payroll fraud and bring it to light quickly when it occurs.

By failing to set these controls in place – or worse, putting them in place then failing to enforce them – they leave the door open to fraud.

“People have stolen throughout history, and when someone is determined to steal, there’s little you can do to fully prevent it,” Auditor Yost said. “What’s critical for local governments is that there are systems in place to make the theft difficult to accomplish and easy to recognize.”

Without robust internal controls, payroll systems can be gamed in several ways by unscrupulous employees. A fraudster can inflate work hours or pay rates. He or she also can create a fictitious employee and steal the pay for that bogus worker. Or, the fraudster can simply write unauthorized checks.

Internal controls to prevent such schemes take several forms and reinforce each other.

At the most basic level, fraud prevention is about the integrity of payroll information, how accurate it is, who has access to it and what they can do with it. Fiscal integrity starts with basics such as knowing who is on the payroll, when they were hired, their pay rate, the hours that they work, authorized payroll deductions, vacation and sick leave entitlements, and their separation date.

The ability to access this information – and alter it – is key to perpetrating fraud. One form of payroll fraud is to create a fictitious employee and then collect the pay for that nonexistent worker. Another is to alter the record of an employee’s hours or pay rate in order to overpay the employee.

A sound payroll system must restrict access to such information and include regular review and verification of the actions of those authorized to makes changes in this data.

Another key protection is to limit the number of people empowered to alter payroll information. Each action should be subject to review and sign-off by someone else.

Segregating duties also helps to curb fraud. Dividing a payroll process into several steps and assigning a different person to each of those steps makes it more difficult for any one person to steal and then cover it up. For example, the person responsible for adding new employees to the payroll or changing pay rates should be different from the person who processes payroll. For the same reason, someone else should be responsible for reconciling payroll accounts.

Segregating duties ensures that it would require the collusion of two or more persons to commit fraud, making such schemes harder to initiate. With multiple eyes on these transactions, anomalies are more likely to be recognized and questioned.

Allowing one person to acquire multiple related payroll duties because he or she is the “expert” and because it takes the burden off everyone else opens the door to fraud.

Even the best system of checks and balances will fail if elected leaders and administrators don’t require adherence to the policy. Failing to insist on authorization procedures, periodic reviews and cross-checking renders internal controls useless.

This responsibility is particularly important in smaller governments, such as townships and villages, where one person – a clerk or fiscal officer – has primary responsibility for the payroll and other financial functions.

In such circumstances, township trustees and village council members must regularly check the fiscal officer’s work or appoint someone to do so. This would include comparing personnel records with the employees on the payroll roster, double-checking pay rates and vacation entitlements, and making sure that internally generated payroll reports match statements from the government entity’s bank account.

Leave a comment