The Haight Ashbury Free Clinic: Internal Control Case Study
Internal Control Case Study
Jiyang Zhou
According to published reports, what happened at Haight Ashbury Free Clinic is typical of the types of employee fraud that happens day in and day out at many organizations. It was nothing overly sophisticated and demonstrated how insiders who know the peculiarities of differing requirements use their knowledge for their own enrichment.
A former CFO of the clinic took advantage his knowledge that requires nonprofits receiving federal grants to return any unspent money. This money is supposed to go directly to a federal office. However at the free clinic, authorities claim the CFO created an account at a Sacramento bank under a name similar to the federal office. For over two years he had clinic workers return these checks, which he deposited into this account that he actually owned.
He allegedly set up several accounts with names similar to legitimate vendors. The CFO had payments intended for these legitimate vendors be sent to his dummy corporations and later cashed the same checks.
These schemes began in June 2001 and went on for over two years. After the irregularities were uncovered and investigated, the CFO was fired and the case was turned over to prosecutors, who miraculously prosecuted and got a conviction. We say miraculously because white-collar crime is rarely prosecuted. Even more amazing is the fact that he was convicted. He was sentenced on April 30, 2008 to serve four years in prison, make restitution and pay back taxes and fines.
Returning checks to anyone besides the intended payee is a break in best-practice procedures. What happened here demonstrates clearly why returning checks to anyone but the payee is such a bad practice. Clearly the process for setting up new vendors was lax at the clinic. Possible Solutions
1. Use appropriate segregation of duties including master vendor file responsibilities. 2. Limit access to the master vendor file and require dual approvals before a new vendor
Jiyang Zhou
According to published reports, what happened at Haight Ashbury Free Clinic is typical of the types of employee fraud that happens day in and day out at many organizations. It was nothing overly sophisticated and demonstrated how insiders who know the peculiarities of differing requirements use their knowledge for their own enrichment.
A former CFO of the clinic took advantage his knowledge that requires nonprofits receiving federal grants to return any unspent money. This money is supposed to go directly to a federal office. However at the free clinic, authorities claim the CFO created an account at a Sacramento bank under a name similar to the federal office. For over two years he had clinic workers return these checks, which he deposited into this account that he actually owned.
He allegedly set up several accounts with names similar to legitimate vendors. The CFO had payments intended for these legitimate vendors be sent to his dummy corporations and later cashed the same checks.
These schemes began in June 2001 and went on for over two years. After the irregularities were uncovered and investigated, the CFO was fired and the case was turned over to prosecutors, who miraculously prosecuted and got a conviction. We say miraculously because white-collar crime is rarely prosecuted. Even more amazing is the fact that he was convicted. He was sentenced on April 30, 2008 to serve four years in prison, make restitution and pay back taxes and fines.
Returning checks to anyone besides the intended payee is a break in best-practice procedures. What happened here demonstrates clearly why returning checks to anyone but the payee is such a bad practice. Clearly the process for setting up new vendors was lax at the clinic. Possible Solutions
1. Use appropriate segregation of duties including master vendor file responsibilities. 2. Limit access to the master vendor file and require dual approvals before a new vendor