Carl M. Cesarano in Board Operations
Obviously, boards should establish and monitor an operating and capital budget. But you also need to proactively institute guidelines, procedures and controls to prevent and detect fraud. You must establish ensure that the manager keeps books and records in reasonable detail that accurately and fairly reflect the organization's transactions. And you must scrutinize each month's management reports, including cash balances, bank reconciliations and revenue-collection.
Segregate Duties, Establish Oversight
Segregating those who handle money from those who record the receipts is an effective guard against fraud. For example, individuals responsible for the collection and recording of cash and checks should not also maintain lists of open invoices. Only authorized individuals should have access to blank checks, and payments made only to pre-approved vendors.
Checks for large amounts should require board approval and dual signatures, and non-recurring payments or payments to additional vendors should be approved on a case-by-case basis. In the abovementioned Queens co-op, a manager was able to perpetrate an $80,000 payroll fraud because he was allowed to approve payroll expenses and also write and approve paychecks.
Oversight over management companies is especially necessary when addressing major renovations and the selection of contractors. You should retain an independent engineer or architect to prepare specifications and bids. Require at least three bidders on small projects and five for significant ones. Bids should be opened at a board meeting or in the presence of several members of the board, and closely scrutinized — the lowest is not always the best.
Consider hiring a construction manager to control and monitor large projects with weekly on-site meetings with board representatives, the managing agent, the superintendent, the engineer and the contractor. Consider having a second engineer provide peer review when conflicting or unclear positions exist as to the scope of the work.
Another way to protect yourself is to prudently select the type of annual financial report to issue. Most bylaws do not specify the type of report and the level of service to be provided. Consequently, the board may engage the CPA to provide services that offer limited assurance or no assurance whatsoever over the information contained in the statements — leaving the organization with greater exposure to accounting irregularities and fraud.
There are three types to choose from: audits, reviews, and compilations.
Audits provide the highest level of assurance over the fairness and reliability of the information contained in the financial statements. The differences between an audit and its alternatives are the procedures performed. Audit procedures typically include tests of documentary evidence supporting the transactions recorded in the accounts of the organization.
These procedures may include tests of the physical existence of inventories, direct confirmation of receivables, and other assets and liabilities by correspondence with selected creditors, legal counsel, banks and individuals. The CPA may also employ specialized testing procedures. Auditors also review and evaluate the effectiveness of your internal controls and accounting procedures. Finally, they review and verify the entire financial statement to ensure that required disclosures and any other information needed to fairly present the entity's position are included. The CPA can then issue an opinion attesting to the fairness of the financial statements.
Financial-statement reviews offer less assurance than audits. During a financial-statement review, a CPA will ask management about its accounting methods and practices, procedures for recording transactions, and procedures for accumulating financial-statement information. In lieu of testing the statement's balances, the CPA will compare the current year's balances with prior years' to identify any relationships or items that appear to be unusual. The CPA then uses the information to determine whether the statements are in compliance with accepted accounting standards.
The CPA, however, does not perform most of the steps that an audit requires, and only issues a report stating that material modifications to the statements are not needed for the statements to meet professional standards. Thus, a review does not provide the same degree of assurance as an audit.
Compilations are used you need assistance in accumulating your accounting information and arranging it in financial-statement format. The CPA isn't required to perform any specific testing, the amount-inquiry and analysis is limited, and the CPA does not express an opinion or any other form of assurance regarding the financial-statement information.
When fraud is suspected or has occurred, a forensic audit may be conducted to investigate and gather evidence of suspected fraud, accounting irregularities and misconduct. (See: "Forensic Accounting: Four Cautionary Tales of Corruption")
Implementing strong internal controls, operational procedures and guidelines are important steps in protecting yourself from fraud. Financial statements can provide the independent perspective needed to reveal your financial health and to remedy any weaknesses.
Carl M. Cesarano is a partner in Cesarano & Kahn, CPAs .
Adapted from Habitat February 2007. For the complete article and more, join our Archive >>