search.noResults

search.searching

dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
FEATURE FOCUS: SCHOOL FINANCE


significant things can become when a position of trust is abused.


Case study – Haberdashers’ Aske’s Federation Trust The Haberdashers’ Aske’s Federation Trust (“The Trust”) is sponsored by the Haberdashers’ Company, which has its origins in the historical London guild companies, dates back to the fourteenth century and also founded the prestigious Haberdashers’ independent schools. The Trust currently runs nine academies, four


secondary and five primary, in South East London and Kent, although it was smaller when our story takes place. The Trust’s finances were administered by Sam


Kayode, the School Accounts Manager who reported to The Trust’s Chief Finance Officer and was supported by a finance team reporting to him. Sam earned a decent salary of £57,000 and as a part-time pastor in his local church was most likely regarded as an upstanding member of his community. Sam had a liking for the finer things in life and


when he showed off his new £600 Gucci shoes it may have raised some eyebrows, but he could afford the odd treat on his salary. The expensive goods continued to be flaunted though, with a £5,000 Louis Vuitton briefcase and a £33,000 Infiniti sports car. Even these could be rationalised depending on how Sam’s priorities lay, but the parade of expensive cars continued, including a £50,000 Audi and a £70,000 Mercedes. Sam was clearly flaunting his wealth in full sight of his work colleagues, who would have had at least a rough idea of what he earned, but nobody saw fit to question what was going on. When the truth was finally revealed, it emerged


that Sam had stolen a total of £4.1 million over seven years – up to £98,000 in any one month. As well as the portable property flaunted to his colleagues, he owned four properties in the UK, as well as others abroad. Sam received justice and was given a nine-year prison term but only £800,000 was recovered by The Trust. The fraud was a simple one. Sam transferred


large sums of money to a number of his own bank accounts, with the trail mainly covered as payments to fictitious suppliers. Sam’s activities were eventually uncovered by a cleaner who found some incriminating paperwork on Sam’s desk. They blew the whistle to the Chief Finance Officer, who had been suspicious due to Sam’s secretive behaviour, but had not acted on these suspicions!


Preventing internal fraud – lessons from Haberdashers and some thoughts There are a number of warning signs to look out for that may indicate fraudulent behaviour, and a number of environmental circumstances that may facilitate it. Some of the key ones are considered below with thoughts on what can be done to address them. You will recognise many from the case study, but they are by no means peculiar to that case.


• Staff living beyond their means: This should suggest that perhaps something is amiss, although addressing any concerns is not straightforward. Apparent wealth may have been acquired through another source such as the staff member’s partner or an inheritance, but it at least acts as a prompt to keep a closer eye on things.


• Dubious invoices: The head of finance, whatever their title, should have sight of all invoices over an agreed value and should take the time to ensure they make sense. The larger the trust, the more scope there is for things to slip through as the head of finance may have less knowledge of what is going on at all academies. If an invoice seems ambiguous, the supplier is unfamiliar, the project does not ring a bell, then time taken to properly verify the invoice is time worth spending. It is also worth periodical sense checks on invoices falling under the agreed authorisation level – this could involve a random check on the multiple small invoices which avoid scrutiny as well as those falling just under the agreed level, and those from suppliers not on the usual payment runs.


• Finance staff reluctant to take holiday or working outside normal hours for no obvious reason: If a member of staff takes holiday, they need to hand over their duties to a colleague for a week or two. There is a higher risk of any fraudulent activity then being discovered. Working outside office hours allows a fraudster to go about their business without the risk of detection. Compulsory use of annual leave of at least one-week duration at some point each year is good for mental health and a tool to foil fraud.


• Lack of segregation of duties: This is probably the biggest weakness of all, and allows a fraudster to abuse the trust placed in them to operate unchallenged. Ensure that processing of invoices is separated from the payment run, that more than one signatory is required for major payments, and simply that the whole process is seen to be monitored.


• Requests for blank cheques to be signed: While this is sometimes justified as being for practical purposes where the head of finance is not always available, this practice should never happen.


• Unexplained variances against budget: This is perhaps a case of after the horse has bolted, but the requirement for monthly management information to be provided to the board should mean that any anomalies can be identified and investigated early, and any necessary action taken promptly.


• Unusually high volume of new suppliers: Oversight of the finance function and adequate segregation of duties is essential to ensure that what is going on here is understood. It should not be possible to add a new supplier to the system without dual authorisation, and adequate verification of suppliers should be undertaken before added. This should be a fundamental process from a regularity point of view as well as fraud prevention.


External fraud We have focussed heavily on fraud perpetrated from within the organisation so far as the majority of academy frauds are internal, both in terms of number of incidents and value. However, academies are also as susceptible as any organisation – perhaps more so than many – to external attacks, as highlighted below:


28 www.education-today.co.uk November 2019


Cybercrime can involve hackers gaining access to your system and either holding your data to ransom or carrying out less sophisticated attacks to steal funds having accessed passwords and login details. A few simple steps can improve your security and so reduce the threat of falling victim to a cyberattack: • Use, and keep up to date, anti-virus software. • Use a firewall to stop unauthorised access. • Use strong passwords and use different ones for different accounts.


• Be wary of links and attachments in unsolicited emails.


• Always install software updates. • Be careful what personal information you publicly share on social media.


CEO fraud occurs when a member of the finance team (often junior) receives an urgent email, apparently from the CEO of the trust, giving orders to make an immediate transfer to a third- party account. This may be to a known existing supplier who is reported to have changed their bank details, with the new account given belonging, of course, to the fraudster. A fake but convincing email account has been used to convince the staff member that the sender’s identity is genuine; their absence from the recipient’s location is crucial and the apparent sensitivity and time criticalness of the matter can be enough to ensure that the action is taken. The measures to be taken to protect against


this particular fraud are principles that can be applied to many of the potential attacks on an academy: • Ensure staff are aware of agreed and approved processes and controls, and of the potential consequences of circumventing them – to the organisation and to them.


• Encourage staff to be sceptical of and alert to anything out of the ordinary, especially where they are being put under pressure to act quickly and need to override processes to do so.


• Provide training to make staff aware of potential forms of attack.


• Ensure there is a clear whistleblowing policy in place, that staff are clear on how they act and try to avoid a culture of fear in using it.


The cost of fraud in the UK is huge and is


growing. Just a few simple steps can reduce your chances of being a victim.


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48