Source: www.glos.ac.uk. All Rights Reserved. 2024 University of Gloucestershire
Last updated: 9 June 2022
Appendix A: Fraud Response Plan
The University is committed to the proper use of funds, both public and private, and to the prevention of fraud and the promotion of an anti-fraud culture. As a consequence, it is essential that everyone associated with the University – including staff, students, employees, contractors and third-parties – are aware of the risk of fraud, corruption, theft and other activities involving dishonesty, in all its forms.
The University requires all staff, at all times, to act honestly and with integrity and to safeguard the resources for which they are responsible. Fraud is an ever present threat and must be a concern to all members of staff.
The University operates a zero-tolerance approach to fraud and requires staff to act honestly and with integrity at all times, and to report all reasonable suspicions of fraud.
The University will investigate all instances of actual, attempted and suspected fraud committed by staff, students, suppliers, subsidiaries and other third parties, and will seek to recover funds and assets lost through fraud. All investigations will follow the University Fraud Response Plan below (appendix A) and perpetrators will be subject to disciplinary and/or legal action which could lead to staff being dismissed from employment and students being de-registered from the University.
The University aims to reduce instances of fraud to the absolute practical minimum – and to also put in place arrangements that hold any fraud to a minimum level on an ongoing basis. The University’s approach to counter-fraud will be comprehensive, cost-effective and professional, using specialist expertise, as and when required.
This policy should be read in conjunction with the following:
2.1 Fraud can be defined as (i) wrongful or criminal deception intended to result in financial or personal gain and (ii) a person or thing intended to deceive others, typically by unjustifiable claiming or being credited with accomplishments or qualities. This can include theft, the misuse of funds or other resources, or more complicated crimes such as false accounting and the supply of false information.
2.2 Corruption can be defined as dishonest or fraudulent conduct, typically involving bribery.
2.3 Bribery can be defined as the offering, giving, receiving or soliciting of any item of value (money, goods, favours or other forms of recompense) to influence the actions of an official or other person in charge of a public or legal duty.
2.4 Examples include purchasing items for personal use using University funds, unapproved use of University assets for personal gain, falsely claiming overtime or travel expenses, or undertaking activities for personal gain during paid University time without appropriate approval.
2.5 The Universities Anti-Fraud policy also includes payments from students or other third parties into the University from suspicious or fraudulent sources.
2.6 Individuals can be prosecuted under the Fraud Act 2006 if they make a false representation, fail to disclose information or abuse their position.
2.7 The University has established procedures to encourage staff and students to report actual, attempted or suspected fraud and/or other forms of illegal activity without fear of reprisal. The Fraud Response Plan (Appendix A). See also the University’s Whistle-blowing policy (see Section 10, Associated policies)
3.1 Most organisations adopt a multi-faceted approach to fraud and the University is no exception. The eight key objectives of the University’s anti-fraud policy are:
The overriding objective of the University’s anti-fraud policy is to ensure that fraud is seen to have the unwavering focus of the University as a whole.
3.2 This document sets out the University’s policy and procedures for dealing with suspected cases of fraud, including corruption, and includes summarized instructions about what to do, and who to contact/notify, should any fraud-related concerns arise.
3.3 At a practical level, fraud is deemed to be:
4.1 The University is absolutely committed to the highest standards of honesty, accountability, probity and opened in its governance. As a direct consequence of this, the University is committed (i) to reducing fraud associated with any of its activities, operations and locations to the absolute practical minimum and (ii) to the robust investigation of any fraud issues that should arise. Any such investigation will be conducted without regard to factors such as position, title or length of service.
4.2 Where any acts of fraud or corruption are proven, the University will make every endeavor to ensure that the perpetrator(s) are dealt with to the full extent of the law and University disciplinary policy/contractual processes (where a third-party is involved), and will also take every step to recover any and all losses in full.
4.3 It is the responsibility of everyone associated with the University – including staff, students, employees, contractors and third parties – to report any fairly based suspicions of fraud or corruption. The University’s protection for workers who report suspicions can be found under the University’s Whistle-blowing policy, details of which can be found under Section 10, covering associated policies below.
4.4 This policy applies to any fraud, or suspected fraud involving everyone and anyone associated with the University – including staff, students, employees, contractors and third parties.
These can include, but are not limited to:
6.1 Dos and Don’ts
Where there is suspicion that fraud or corruption has occurred, or is about to occur, then it is essential that the Chief Financial Officer is contacted immediately in line with section 10 below;
6.2 The University’s Whistleblowing policy discusses no retaliation for people reporting reasonably held concerns and suspicions, and any retaliation against such people – including victimization and deterring/preventing reporting – will be treated as a Serious Offence under the University’s disciplinary processes. Equally, however, abuse of process by reporting malicious allegations will also be regarded as a disciplinary issue.
7.1 Avoid individuals or companies advertising fee payment services.
7.2 Don’t share passwords or payment account details with anyone and regularly change your password.
7.3 Check your account frequently to ensure that you recognise all transactions being made.
7.4 Police advise members of the public not to allow anyone to use their bank accounts to transfer money or to allow people to use their address to receive regular deliveries and to follow these steps to keep your identity safe:
8.1 Fraud can often be associated with direct financial gain, such as procurement and invoicing fraud. However, in the University/Higher Education sector, academic fraud is a further possibility, including fraud related to immigration, admissions, internships, examinations, awards and payment of fees.
8.2 Such a fraudulent activity could be very high-profile, with potentially significant consequences for the University. In such cases, it is again essential that an appropriate person is contacted at the earliest opportunity, together with other senior University officer(s), as deemed appropriate. As each case of this type is different, it is largely impossible to produce fully definitive guidance to follow.
8.3 Such a fraud may involve a number of stakeholders, including the police and professional bodies, but decisions regarding their involvement – generally – remain the scope of senior University officers. To ensure that the investigation is not compromised, however, it is vital that the number of people aware of the investigation is kept to an absolute minimum. Notwithstanding, it should be recognized that some frauds of this nature will involve the police initiating their own investigation.
8.4 Perpetrators will be subject to disciplinary and/or legal action which could lead to staff being dismissed from employment and students being de-registered from the University.
9.1 No system of preventative measures can guarantee that frauds will not occur. The University can however, implement detection measures to highlight irregular transactions and behavior.
9.2 Internal Management Systems – This is the most important measure because the risk of processing an irregular transaction is minimized where every transaction is reviewed systematically. Detective checks and balances must be designed into all systems and applied consistently. This would include segregation of duties, reconciliation procedures, random checking of transactions and review of management information, including exception reports and in particular, appropriate budgetary control processes.
9.3 Systems should identify transactions which would have not followed normal procedures. However, deception may be used to make improper transactions appear legitimate. The detective elements in each system must therefore be complemented by a general detective approach, to capture suspicions identified through chance, exit interviews and tip-offs.
9.4 Whistleblowing procedure – It is in the interests of the whole University community that individuals should feel able to come forward if they suspect that a fraud has been, or is being, committed. For this reason such approaches can be made in confidence within the framework of the University’s Whistleblowing Procedures, where there is more detailed guidance on how staff can raise concerns about fraud or other malpractice.
9.5 Role of HR – All suspected or actual cases of fraud brought to the attention of HR either through conversations with Managers or through initiating HR policies such as the disciplinary or whistleblowing policy should be reported directly to the Chief Financial Officer in line with this policy. An investigation will then be instigated in line with the Fraud Response Plan.
9.6 Role of audit – Procedures agreed by management should be robust and act as the first line of defence against fraud. The role of internal and/or external audit should be viewed as the ‘long stop’.
9.7 Warning signs – Managers should be aware that certain patterns of behaviour may indicate a desire for concealment (such as taking few holidays, regularly working alone late or at weekends, resistance to delegation, and resentment of questions about work).
9.8 HR and Occupational Health staff can provide advice to managers on how to address any concerns relating to the misuse of alcohol, drugs and other substances. The list of warning signs is not exhaustive and may in fact not be enough on their own to instigate an investigation. Therefore, it is important that the manager takes advice from the HR department. Any indication of dependency on drugs, alcohol or gambling should be addressed as early as possible, both for the welfare of the individual and to minimise the risks to the institution, which might include fraud.
10.1 All suspected fraud cases should be reported immediately to the Chief Financial Officer who will instigate action and investigation under the Fraud Response Plan (Appendix A), including convening the Fraud Response Group (FRG). In the absence of the Chief Financial Officer, or if she/he is personally implicated, suspected fraud should be reported to the Pro Vice Chancellor; Governance & Student Affairs. If they are personally implicated the matter should be reported instead directly to the Vice-Chancellor and the Chair of the Audit Committee.
10.2 It is important to ensure that initial investigation is carried out with care and sensitivity, confidential to those who contribute to the investigation, recognising the possibility of malicious accusations.
10.3 Fraud investigations should normally be independent of management, to ensure impartiality of reporting. Investigations are usually undertaken by an investigating officer, who combine independence, investigative techniques and local knowledge. All fraud investigations will follow the University Investigation Procedures.
11.1 The Anti-Fraud Policy is subject to review every 2 years by the Financial Controller or following a change to relevant UK legislation.
11.2 Updates to the Policy will be approved by the Audit and Risk Committee.
1. The purpose of this plan is to define authority levels, responsibilities for action, and reporting lines in the event of a suspected fraud or irregularity. The use of the plan should enable the institution to:
2. Suspicion of fraud or irregularity may be captured through a number of means, including the following:
3. All actual or suspected fraud should be reported without delay to the Chief Financial Officer.
4. The Chief Financial Officer should, within 24 hours, hold a meeting of the Fraud Response Group (FRG) to decide on the initial response. The group will normally include:
5. The FRG will decide on the action to be taken, considering the requirements of the University’s general investigation, disciplinary and dismissal procedures. The normal action will be to initiate an investigation. The FRG will determine who will lead on the investigation (investigating officer) this will be dependant on the nature of the fraud under investigation and could be another staff member or internal auditor. All serious/major fraud cases will be led by the internal auditor and be deemed a “special investigation”. The decision by the FRG to initiate a special investigation shall constitute authority to the internal auditor to use time provided in the internal audit plan for special investigations, or contingency time, or to switch internal audit resources from planned audits.
6. Insurers must be notified immediately of all special investigations.
7. All fraud investigations must be reported to Audit & Risk committee as a Reportable Event at each committee meeting.
8. Where initial investigation provides reasonable grounds for suspecting a member or members of staff, students or contractors of fraud, the FRG will decide how to prevent further loss. This may require the suspension of the suspects. It may be necessary to plan the timing of suspension to prevent the suspects from destroying or removing evidence that may be needed to support disciplinary or criminal action.
9. In these circumstances, the suspect(s) should be approached unannounced. They should be supervised at all times before leaving the premises. They should be allowed to collect personal property under supervision, but should not be able to remove any property belonging to the University. Any security passes and keys to premises, offices and furniture should be returned.
10. The head of security should be required to advise on the best means of denying access to the University, while suspects remain suspended (for example by changing locks and informing security staff not to admit the individuals to any part of the premises). Similarly, the head of IT should be instructed to withdraw without delay access permissions to computer systems.
11. The internal auditor shall consider whether it is necessary to investigate systems other than that which has given rise to suspicion, through which the suspect may have had opportunities to misappropriate the University’s assets.
12. A major objective in any fraud investigation will be the discipline of offenders, to act as a deterrent to other personnel. The University will follow disciplinary procedures against any member of staff, student, student, contractor or third party who has committed fraud and will normally pursue the prosecution of any such individual.
13. The FRG will:
14. All special investigations shall normally be led by the internal auditor. Special investigations shall not be undertaken by management, although management should co-operate with requests for assistance from internal audit.
15. Some special investigations may require the use of technical expertise which the internal auditor does not possess. In these circumstances, the FRG may approve the appointment of external specialists to lead or contribute to the special investigation.
16. A significant fraud or irregularity is usually where one of the following apply:
17. Recovering losses is a major objective of any fraud investigation. The FRG shall ensure that in all fraud investigations, the amount of any loss will be quantified. Repayment of losses should be sought in all cases.
18. Where the loss is substantial, legal advice should be obtained without delay about the need to freeze the suspect’s assets through the court, pending conclusion of the investigation. Legal advice should also be obtained about prospects for recovering losses through the civil court, where the perpetrator refuses repayment. The University would normally expect to recover costs, direct and indirect, in addition to losses.
19. The University has in place Fidelity Guarantee cover (theft by employee) up to a limit of £1million (which includes provision for auditor and other professional fees used to quantify the loss). This cover is subject to condition precedent that the operation of the Minimum Standards of Control is in force.
20. The HR handbook includes a requirement that any request for a reference for a member of staff who has been disciplined or prosecuted for fraud shall be referred to the Director of HR, who shall prepare any answer to a request for a reference having regard to employment law.
21. Any variation from the approved fraud response plan, together with reasons for the variation, shall be reported promptly to the Vice Chancellor and the Chair of Audit & Risk Committee.
22. On completion of a special investigation, the investigating officer will provide a written report to the FRG containing:
23. This report will normally be prepared by the investigating officer.
24. The FRG will decide whether disciplinary action should be taken, and shall provide a confidential report to the Chair of Audit & Risk committee, the Head of institution, the external audit partner. The scope of the report shall include:
25. This plan will be reviewed for fitness of purpose at least biennially or after each use. Any need for change will be reported to the Audit & Risk committee for approval.
; ?> "Visit the homepage"){kind=logo}
