Policy-Code-DIFC
DIFC Fraud Risk Prevention
Print Version
Introduction
Fraud is any intentional act or omission designed to deceive others resulting in the victim suffering a loss and/or the perpetrator achieving a gain.
All organizations are subject to fraud risks. Frauds have led to the downfall of organizations, massive investment losses, significant legal costs, incarceration of key individuals and erosion of confidence in nonprofit and educational institutions. Public disclosure of significant fraud can irreparably damage an organization’s reputation and ability to raise funds. Good governance principles dictate that Tucson Unified School District (District) ensure overall high ethical behavior in the organization and send clear signals to the public, funding sources and other stakeholders about the District’s fraud risk tolerance by adopting a fraud risk management policy.
Scope of Policy
This policy applies to the fraudulent acts of employees, volunteers, and other parties with a business relationship, paid or unpaid, with the District, such as agents, vendors and contractors.
Objectives
The objectives of this policy are:
Definition of Fraud
Fraud, as used in this policy, refers to any deception deliberately done or attempted to unlawfully or unfairly secure personal gain at another’s expense. Fraud includes, but is not limited to:
Responsibilities
The Governing Board will be responsible for understanding fraud risks by considering and approving policies related to fraud control and investigation. External auditors will receive evidence of the Board’s active involvement and concern about fraud risk management, and the Board will continue to be involved in fraud risk management by considering it as part of its risk assessment and strategic plans. The Board may delegate some or all said responsibilities to a board committee as it sees fit.
The Superintendent will be responsible for acting as a role model for the District, establishing and enforcing professional standards to foster an ethical environment where fraud risks are low and employees are likely to report any potential fraud that does occur. The Superintendent will review and recommend policies, systems and procedures to ensure that they are fair, equitable, and known to employees. In managing fraud risks, the Superintendent will:
Employees will be responsible for understanding their roles in the fraud risk program, and for reporting any weaknesses in the system that may increase the risk of fraud. Employees will monitor their areas of responsibility for fraudulent activity, understand signs of fraud, promptly report potential fraud through the established mechanism, and cooperate in investigations.
Reporting Fraud
When an employee suspects fraudulent activity, they will report their suspicions to the Superintendent or to the Audit Committee. If the Superintendent is suspected of fraudulent activity, employees will report to the Board President or to the Audit Committee. Employees will refrain from confronting the suspected individual personally, examining the incident further, hindering the investigation, or discussing their suspicions with anyone other than those authorized to investigate the allegation.
Any employee making a good faith report of fraud as provided under this policy can do so without fear of dismissal or retaliation for making such a report. If, however, the employee alleging fraudulent activity acted in bad faith or made the report without a justifiable basis, then the District may take disciplinary action against the employee making the erroneous allegation.
Risk Tolerance Level
The District has established $1,000 as its risk tolerance level. The District considers certain fraud risks as too time-consuming and costly to address through internal controls. No internal controls will be implemented to address those risks because the overall goal for a fraud risk policy is to maximize the benefits while minimizing the costs and losses. However, if the District discovers fraudulent activity then it will have zero tolerance for the act.
ADOPTED: October 5, 2021
LEGAL REF:
A.R.S. §§:
13-1802: Theft Definition and Classification
13-2310: Fraudulent Schemes and Artifices
13-2311: Fraudulent Falsification and Misrepresentation
38-421: Stealing, Destroying, Altering, or Secreting Public Records
38-422: Failure of Tax or Revenue Collector to Permit Inspection of Books
38-912: Civil Liability to Employers for Fraud
31 U.S.C. § 3729: Federal False Claims Act
41 U.S.C. § 4712: Federal Whistleblower Protection
CROSS REF:
DIFA: Office of Internal Audit
EJA-R: Acceptable Use of Technology Resources
GBEA: Staff Ethics
GBEAA: Staff Conflict of Interest
GBEB: Staff Conduct
GBP: Prohibited Personnel Practices
GCAA: Application for Position
Introduction
Fraud is any intentional act or omission designed to deceive others resulting in the victim suffering a loss and/or the perpetrator achieving a gain.
All organizations are subject to fraud risks. Frauds have led to the downfall of organizations, massive investment losses, significant legal costs, incarceration of key individuals and erosion of confidence in nonprofit and educational institutions. Public disclosure of significant fraud can irreparably damage an organization’s reputation and ability to raise funds. Good governance principles dictate that Tucson Unified School District (District) ensure overall high ethical behavior in the organization and send clear signals to the public, funding sources and other stakeholders about the District’s fraud risk tolerance by adopting a fraud risk management policy.
Scope of Policy
This policy applies to the fraudulent acts of employees, volunteers, and other parties with a business relationship, paid or unpaid, with the District, such as agents, vendors and contractors.
Objectives
The objectives of this policy are:
- To provide a clear statement to the public, employees, volunteers, vendors, contractors and agents forbidding any fraudulent or illegal activity.
- To ensure that management is aware of its responsibilities for identifying possible areas of exposure to fraudulent activity and for establishing controls and procedures to prevent such fraudulent activity; and
- To provide guidance to the public, employees, volunteers, vendors, contractors and agents as to action that should be taken when they suspect fraudulent or corrupt activity.
Definition of Fraud
Fraud, as used in this policy, refers to any deception deliberately done or attempted to unlawfully or unfairly secure personal gain at another’s expense. Fraud includes, but is not limited to:
- Theft, misuse, or conversion of District assets, including using the District’s electronic services for unlawful activity such as hacking and piracy;
- Bribery, including “quid pro quos” and kickbacks, meant to obtain a private benefit contrary to the public’s interest.
- Alteration, falsification, or concealment of any information in a record, certification, or document belonging to the d;
- Nonperformance of an obligation while being paid for said performance;
- Embezzlement (e.g., purchasing goods or services for personal use in the District’s name);
- Profiteering as a result of insider knowledge obtained by working for the District; or
- Aiding in another’s fraudulent act, such as by destroying evidence.
Responsibilities
The Governing Board will be responsible for understanding fraud risks by considering and approving policies related to fraud control and investigation. External auditors will receive evidence of the Board’s active involvement and concern about fraud risk management, and the Board will continue to be involved in fraud risk management by considering it as part of its risk assessment and strategic plans. The Board may delegate some or all said responsibilities to a board committee as it sees fit.
The Superintendent will be responsible for acting as a role model for the District, establishing and enforcing professional standards to foster an ethical environment where fraud risks are low and employees are likely to report any potential fraud that does occur. The Superintendent will review and recommend policies, systems and procedures to ensure that they are fair, equitable, and known to employees. In managing fraud risks, the Superintendent will:
- Designate qualified and knowledgeable employees to assess fraud risks in the District;
- Design, implement, and monitor a program of internal controls to identify and reduce the influence of factors that encourage and enable fraud, ensure employees detect and report fraudulent activity in an accurate and timely manner, and substantiate allegations of fraud with evidence after the act occurs;
- Implement and oversee procedures to investigate allegations of fraud without regard to the suspected wrongdoer’s length of service, position/title, or relationship to the District;
- Follow-up substantiated allegations of fraud by pursuing the appropriate consequences, such as making a report to the state authorities for criminal activity, taking legal action, or using disciplinary measures such as termination;
- Periodically report to the Board on identified fraud risks, the fraud management program, and the investigative procedure to discuss the program’s effectiveness;
- Make regulations to enforce this policy; and
- Meet with outside experts, finance or external auditors separate from management, and legal counsel to deal with issues of fraud and review the fraud risk management program.
Employees will be responsible for understanding their roles in the fraud risk program, and for reporting any weaknesses in the system that may increase the risk of fraud. Employees will monitor their areas of responsibility for fraudulent activity, understand signs of fraud, promptly report potential fraud through the established mechanism, and cooperate in investigations.
Reporting Fraud
When an employee suspects fraudulent activity, they will report their suspicions to the Superintendent or to the Audit Committee. If the Superintendent is suspected of fraudulent activity, employees will report to the Board President or to the Audit Committee. Employees will refrain from confronting the suspected individual personally, examining the incident further, hindering the investigation, or discussing their suspicions with anyone other than those authorized to investigate the allegation.
Any employee making a good faith report of fraud as provided under this policy can do so without fear of dismissal or retaliation for making such a report. If, however, the employee alleging fraudulent activity acted in bad faith or made the report without a justifiable basis, then the District may take disciplinary action against the employee making the erroneous allegation.
Risk Tolerance Level
The District has established $1,000 as its risk tolerance level. The District considers certain fraud risks as too time-consuming and costly to address through internal controls. No internal controls will be implemented to address those risks because the overall goal for a fraud risk policy is to maximize the benefits while minimizing the costs and losses. However, if the District discovers fraudulent activity then it will have zero tolerance for the act.
ADOPTED: October 5, 2021
LEGAL REF:
A.R.S. §§:
13-1802: Theft Definition and Classification
13-2310: Fraudulent Schemes and Artifices
13-2311: Fraudulent Falsification and Misrepresentation
38-421: Stealing, Destroying, Altering, or Secreting Public Records
38-422: Failure of Tax or Revenue Collector to Permit Inspection of Books
38-912: Civil Liability to Employers for Fraud
31 U.S.C. § 3729: Federal False Claims Act
41 U.S.C. § 4712: Federal Whistleblower Protection
CROSS REF:
DIFA: Office of Internal Audit
EJA-R: Acceptable Use of Technology Resources
GBEA: Staff Ethics
GBEAA: Staff Conflict of Interest
GBEB: Staff Conduct
GBP: Prohibited Personnel Practices
GCAA: Application for Position