​Milking Money From the College

Public institutions that are the most vulnerable to fraud often are the least prepared to defend themselves.

Comments Views

​A former University of Missouri (MU) administrative assistant has been sentenced to four years in federal prison after pleading guilty to embezzling more than US$781,000 from the university over a 13-year period, the Missourian reports. Carla Rathmann, an employee in the College of Agriculture, Food, and Natural Resources' (CAFNR's) Southwest Research Center, made unauthorized purchases on a university credit card and charged the university more than US$570,000 by submitting invoices and bills through shell companies. In 2015, new Southwest Research Center Superintendent David Cope noted concerns about Rathmann's purchases. A subsequent internal audit cited her misappropriations as a "key factor" in the closure of the center's dairy operations in 2015. That audit and a separate University of Missouri System audit reported a lack of oversight and accountability within the CAFNR and its 17 research centers.     

Lessons Learned        

Those public institutions most vulnerable to fraud, such as the CAFNR, frequently are among the least prepared to defend themselves. This news story, along with two related internal audits, reveals a litany of control, oversight, and accountability issues for which internal auditors and management must exercise vigilance. Key among them are:

  • Inadequate financial oversight. The audit of the CAFNR found that the remote locations of its agricultural research centers contributed to an environment where one person could have too much control. Rathmann was responsible for nearly all aspects of the finances, including entering payroll, accepting cash and check payments, purchasing with a university credit card, and completing a monthly review of all financial activity. Further exacerbating the problem, the workaround for a lack of resources to provide for adequate supervision and separation of duties was to ask her supervisor to conduct routine reviews of transactions, which frequently fell by the wayside in the face of other supervisory priorities. Rathmann also was able to take advantage of turnover of supervisors.

  • Poor financial controls over a wide range of processes, including credit cards, inactive bank accounts, invoicing, payments, and time reporting. Audit work revealed that some people never used their credit cards; others had card limits that were "excessive" for what their job required. Additionally, CAFNR employees did not document their credit card purchases appropriately. The audit said office support assistants didn't always submit receipts, and the financial officer in charge of approving purchases didn't always ask for them. Officers sometimes were not even fully aware of what kinds of purchases should be made with the cards. There also do not appear to have been adequate rules or policies, nor did anyone ask questions when Rathmann faked invoices and bills to the university to pay herself through the shell companies she created. She also faked payments for farm-related items such as propane and hay, and she was able to deposit and withdraw money to and from a bank account opened in 1967 that was supposed to have been closed down. But at the same time, the university did not keep a record of many of Rathmann's university credit card statements and receipts.

  • A failure to focus on good human resources management practices, including conflict of interest and fraud risk. Rathmann worked as an office support assistant while she was employed with the university from January 2000 to September 2015 — a long time that enabled her to become highly familiar with the CAFNR's financial systems and processes. Unfortunately, in parallel with Rathmann's long tenure, there were several gaps and turnover in supervisory staff, contributing to a climate where Rathmann was able to get away with stealing and making it more difficult for management to detect her fraudulent behavior. Changes in Rathmann's lifestyle also were overlooked: Despite earning a modest US$15.90 per hour before being fired, she was able to make significant luxury purchases with the funds she embezzled. Rathmann and her husband both falsified their work attendance records, which went undetected. Both Rathmanns were registered agents for the companies she created, and they also made purchases between them, which should have raised conflict-of-interest concerns.

  • Lessons were apparently not learned from a past significant fraud caseinvolving similar issues and amounts stolen. An administrative assistant named Christy Tutin pleaded guilty in 1994 to stealing US$666,755 from the MU Graduate School between 1988 and 1993. However, she was eventually given a short prison sentence, and the circumstances of her case were not widely shared among university staff.


CAFNR administrators have agreed to make several changes in the immediate future, including defining who does what in regards to the state and federal grants, new fiscal training for research center staff, and conducting quarterly reviews of the CAFNR Business Office. In addition to these initiatives, I recommend some others:

  • Consequences for management and supervisory staff members who fail to undertake adequate measures to detect and deter fraud, particularly where long-term situations are involved.
  • A commitment to ensuring that fraud risk assessment, detection, and prevention become an integral part of MU/CAFNR business culture and processes. This should include a commitment to fraud awareness across the organizations and, more specifically, further auditing of the effectiveness of measures taken to strengthen their financial controls and accountability in the wake of the Rathmann fraud case.


As part of the set of measures needed to strengthen MU/CAFNR financial controls and accountability, the organizations should consider restructuring the roles and authorities of the research centers. For example, they should centralize and limit their degree of autonomy where a single employee has too much financial approval discretion, and introduce centralized, automated ways of scrutinizing potentially fraudulent financial and human resource transactions.


Art Stewart
Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to remove comments.

About the Author

 

 

Art StewartArt Stewart<p>​Art Stewart is an independent management consultant with more than 35 years of experience in internal audit, financial management, performance measurement, governance, and strategic policy planning.​​​</p>https://iaonline.theiia.org/authors/Pages/Art-Stewart.aspx

 

Comment on this article

comments powered by Disqus
  • MNP_Natonal Can Conf_July2017_Premium 1
  • LockPath2_July2017_Premium 2
  • IIA_GRC_July2017_Premium 3