Properly planned audits are designed to test for the existence of fraud, theft and other activities. This doesn't mean, however, that all forms of theft will be caught.
As an example, lets say that XYZ Association has a part-time bookkeeper. The bookkeeper is hourly and submits a timesheet. Hours are not supposed to be in excess of 20 hours per week.
The treasurer is supposed to review all time sheets prior to entering into the payroll system.
Bookkeeper always enters 20 hours per week. Treasurer always approves the timesheet.
One audit test would be to review the timesheets to verify approval by the treasurer. In this case, because the timesheets are approved, the auditor would not necessarily question if the 20 hours were legitimate. It might not even come to the auditors attention that the bookkeeper recorded 52 weeks (or more) of exactly 20 hours per week.
No vacation, no sick days no crazy-mad days where extra hours were needed to prepare for a board meeting where things changed at the last minute.
Effective systems which are designed to detect and prevent fraud and theft require that transactions like this be evaluated and questioned by the appropriate level of management. In this case, the treasurer should be asking if the time is accurate and if the time is being spent appropriately.
The auditor does have a professional obligation to discuss findings with the appropriate level of management. In this case, if the auditor detected that the time was inaccurate, it would be discussed with the board so that proper steps could be taken to address the findings.
The truth is, only a well-designed system of checks and balances can detect and prevent fraud. And even the most comprehensive system will likely not catch all fraud. Whenever multiple parties agree to work together to misuse property the odds go down that it will be detected.
Which is why we focus on segregation of duties and we insist on job rotation. Requiring that team members who record transactions do not initiate the transaction limits the ability of one person to create a fraudulent transaction that slips by unnoticed. Limiting access to the accounting records for those who handle money reduces the risk that transactions can be changed and eliminates a way to cover up fraud.
The key is intelligent design of the system for fraud detection and prevention. Separating the recording of accounts payable and receivable transactions does not help reduce the risk of fraud, although it might make employees more efficient. Separating out depositing money and recording it to the accounting system would help eliminate the risk of fraud by denying an employee who handles money access to the accounting system where they can make an adjustment to hide a fraud.
Understanding the risk of fraud is critical to the successful design of a fraud detection system. If you would like more information click the link below or send us an email if you would like to discuss how we can help you prevent and detect fraud.
We take a deep breath before answering this question.
The fact that the treasurer is handling everything is a warning sign but not necessarily a problem. For instance, if the rest of the board reviews all the vendor bills and approves payment and the checks are signed at the meeting, then the risk of fraud is probably limited. The more the treasurer handles everything, however, the greater the risk.
The board is not doing itself or the owners any favors by allowing the treasurer to remain in that position for an extended period of time. Yes, part of it is the risk of fraud going undetected, but more importantly, how does the board transfer responsibility in the even the treasurer eventually moves or worse, passes away?
The design of a system to prevent and detect fraud means ensuring that no one person, no matter how trustful we believe them to be, has complete control of the entire process. The board should reassign officers and then look at how individual board members are involved in the process so that duties are segregated and focused on reducing the risk of fraud.
We don't think there is a problem, necessarily. We are happy for you that your management is working well.
But, what happens when your manager quits, retires or passes away? What guarantees do you have that there is a system in place to detect and prevent fraud or accounting errors?
Have you asked your management company what contingency plans they have? Do you know who is handling your transactions and who is approving them? What system is in place to make sure that your management can continue to do a great job in the future?
Your responsibility as a board is to oversee management. If your evaluation of management is that the systems are in place to reduce the risk of fraud and everything is working, then I think your faith in management is appropriate but the fact that problems have not been identified doesn't mean that everything is working well, it simply means that nothing has been identified.
Make sure that the great job management is doing is backed up by documented evidence and you will continue to have a great relationship with that management.
The short answer is, no, converting your accounting to accrual basis is not required, but it begs the question, "Why does the auditor expect accrual?" Is it because your association is required to produce GAAP financial statements?
We believe that the association's books and records should be kept in accordance with the association's policies. Management should not dictate association accounting policies. So, if you need audited GAAP financial statements then management should not be preparing only cash basis financial statements in the first place.
On the other hand, if you are not required to issue GAAP statements, then there is nothing which requires you to change, except for perhaps consistency with prior year financial statements. Since prior years were prepared in accordance with GAAP, then it is not unreasonable for the auditor to assume it is the association's policy to prepare GAAP statements. And if this is the unstated, but consistently applied basis of accounting, management and the board should ensure that GAAP statements are prepared.
There is a problem though in having only cash statements during the year with someone then trying to convert to GAAP at year-end. What systems are in place to ensure that the financial statements are free of material error? This is one of those areas where you are better served having GAAP-based statements monthly and additional schedules prepared on cash to help you know what is happening. But regardless, speak with your auditor and management to see what can be done to accommodate your concerns.
The auditors' goal is to issue a clean, unqualified audit opinion on the associations' audited financial statements. We get there by performing tests of the balances, confirmations and analysis. Your help by answering questions timely and truthfully can speed up completing the audit tremendously.
At the end of the condo association audit, you and the board are generally asked to review and approve the
Some auditors combine the Management Representation Letter and the Board Representation Letter.
The important thing to understand about the representation letters is that it is a summary of everything you, the community manager, and the board, have stated and provided to the auditor.
For instance, in most representation letters, one of the items is that the association has title to all assets listed on the balance sheet. Another representation is that the auditor was provided all relevant information.
We occasionally hear concern about signing the representation letter at the close of the association audit. Thankfully, the concern mostly comes from a new board president or treasurer who is not certain about what was provided. When this happens we are happy to discuss their concerns to help them feel comfortable with providing the signed letter.
Once the representation letters are received, the audit is considered complete and the association receives the financial statement.
If during the homeowner audit, you have particular concerns, you should reach out to the audit manager and discuss them. At C.O.R.E., we understand that you work hard and appreciate that you try to set up strong controls to help minimize the risk to your association clients.
We hope we can be of service to you and your association clients.