The former utility manager for South Whitehall, Pa. has pleaded guilty to stealing US$854,000, according to
The Morning Call newspaper. Prosecutors say Nancy Tonkin pocketed cash payments made by utility customers and then manipulated accounting records to hide the missing money. The funds went undetected for several years until Tonkin's supervisor retired and the township's finance department was restructured. Prosecutors allege Tonkin and her husband spent the money at area casinos. As part of a plea deal, Tonkin was sentenced to a minimum of two years in prison, and she and her husband must forfeit their township retirement savings and pay US$333,032 in restitution.
Many of the columns I've written for InternalAuditor.org have profiled the lessons learned from frauds committed by public servants against taxpayer-funded public organizations. Typically in these cases, a long-employed and trusted public official — benefiting from a position of financial authority and a lack of oversight, controls, and an internal audit function — steals a significant amount of public funds over many years. This time I'd like to step back from the specifics of the story and provide a broader, yet more systematic perspective on what local governments, state and federal regulators, and internal auditors could do to help prevent and detect this kind of fraudulent behavior.
In making my observations, I found helpful
a 2014 research study conducted for The IIA Research Foundation (IIARF), Emerging Strategies for Performance Auditing: Insights From City Auditors in Major Cities in the U.S. and Canada. The study is based on surveys of numerous U.S. and Canadian municipalities. Although focused on performance auditing, this report provides insights — and potential remedies — into why local governments don't have the fundamental elements of an effective audit function in place that would allow them to protect against fraud.
Among the gaps the report discusses, four are noteworthy:
A lack of legislation or mandate for audit. A patchwork of state and municipal legislation still exists for many local governments regarding internal audit functions, with some having a very general mandate, and others none at all. For example, a search of the South Whitehall website for topics related to audit returned no results. Where a mandate does exist, it often is unclear about internal audit's roles and responsibilities, including for fraud and performance audit issues.
A lack of funding. In both the U.S. and Canada, federal and state/provincial authorities generally have not established clear funding parameters or formulas for the funding of audit functions. This has been exacerbated by current government fiscal pressures. Interestingly, the IIARF study includes examples of U.S. cities that have established minimum funding standards for audit functions. Moreover, the report suggests guidelines for funding audit relative to the size of the municipal organization's budget.
Inadequate or immature governance processes. In organizations that have them, audit functions may report to a wide variety of authority structures, including a city manager, treasurer, or chief financial officer, raising questions regarding conflict of interest. Audit committees, where they exist, may have different mandates and compositions.
A lack of understanding and support for internal audit on the part of officials, the media, and citizens. Misunderstandings and misrepresentations about internal audit's mandate, function, and value continue to persist. This is particularly common in local government environments where internal audit has few resources and may be perceived as a threat or an unnecessary bureaucratic burden.