Governmental and not-for-profit organizations without strong internal controls and proper segregation of duties are vulnerable to fraud. Case in point: former treasurer of Healdton, Oklahoma, Karen Kardaleff. According to a feature article in the November/December 2015 issue of Fraud Magazine, Kardaleff took advantage of three systematic flaws to amass $80,000 during her 10-year tenure. She eventually pleaded guilty and was sentenced to one year in jail and ordered to pay restitution.
Customers who paid their utility bills with cash at the city offices received receipts that weren’t pre-numbered when recorded. This—and Kardaleff being the sole employee responsible for bank deposits and reconciliation—made it easy to for her to furtively skim approximately $43,000 from utility payments.
Kardaleff had access to cash in an unsecured vault. The city clerk placed each day’s cash in the vault. Kardaleff would then obtain the cash and reconcile the revenue account with the day’s activity in preparation of making the bank deposit. No controls were in place to verify that the cash amount deposited was the same the clerk left in the vault.
Kardaleff had complete access to the city’s billing system. An investigation discovered Kardaleff had manipulated previously recorded activity to show lower amounts received to conceal her fraud. She had the ability to make changes within the system without approval or review.
Strong internal controls help reduce an organization’s vulnerability to fraud. No single employee should be able to authorize payments, disburse funds and reconcile bank statements. In addition, an organization’s billing and account system should have restricted access levels and require user-specific usernames and passwords.