21. WATCH YOUR CHECK STOCK.  Laser printers can transform plain paper stock into handsome

purchase orders, invoices, and checks. Check stock can be an attractive tool for the embezzler.  To discourage this behavior, build your controls into the check stock. One of our clients chose multiple security features to make its checks theft and tamper proof.  They chose to use control paper that is not sold in the open market, an artificial watermark, faint diagonal lines on the back of the check to prevent cut and past, a “void” pantograph that revealed itself in a photocopy, chemically protected paper to prevent lifting the signature or amount, and an inventory number pre-printed on each check to discourage theft.

22.  BE POSITIVE THAT YOUR CHECKS ARE BEING CASHED FOR THE AMOUNTS THAT YOU INTENDED.  Positive payroll and positive payables prevents changes to check amounts that lead to fraud by notifying banks in advance of payroll or accounts payable cashing of the amounts that have been authorized for payment.  Having check stock that is tamper-proof also discourages fraud, but a less vigilant bank employee may miss the telltale signs of tampering.

23. NICE GUYS MAY BE THE BAD GUYS.   Ironically, the nasty people may be the good guys.  Do not assume that nice people are good guys and nasty people are bad guys.   Dishonest people may actually be so sweet and passive that no one would every think of them as criminals. If you were acting as a thief, would it be wise to be the old curmudgeon who is crusty and complaining or the nice helpful person? Don’t make any assumptions about people until there is evidence to suspect someone of some wrong-doing.  Looks can be very deceiving.

24. REDUCE TEMPTATIONS. One municipality had two loyal and dedicated men who have been collecting money from the parking meters for at least two decades.  Although these men earn slightly over the minimum wage, they are each literally carrying metal buckets each day brimming full of quarters, dimes and nickels — totaling $20,000 per day, or about $1.3 million dollars a year.  They men open each meter manually and empty the money into the into small metal buckets, after which they then empty the coins into a large metal trash can.  Their next step is to take the money to the bank to count it themselves. 

Although there is no allegation that either man is embezzling money, it is inappropriate for management to provide such temptation.  If the City, with a population of about 100,000 residents, were to retrofit every parking meter to accommodate a lock-box form of collections wherein the money is never seen by the collectors, this would be most useful.  Many of the new parking meters can also utilize smart cards wherein patrons can pay in advance for so many minutes of parking and the balance is deducted from the smart cards. In this case management will be investing about $300,000 to retrofit the parking meters, which over a five year life cycle will net out to only $60,000 a year or 4.6% per year — not a significant sum to manage the collection of $1.3 million dollars annually.

25. BLAME TECHNOLOGY.  One of the clear advantages of technology is that most people, especially the mischievous, often project their dishonest character onto the possibilities of technology. Technology often is a weapon that permits un-earthing of mischievous deeds.  However, technologists are the modern sleuths. Technologists too often become the technology gurus who “know-it-all”.  They may say, “I will take care of it”  or say “don’t worry, I will make sure the computer knows,” or they become the sole knowledge base of how information is captured and retrieved.  Thus, at the time of bringing in technology innovations, be sure that non-technologists are managing the process and the security access codes.  Also, be sure that fiscal detail-oriented bean counters are very involved in the set-up and the transfer to the new technology.

Very often we have found that utility conversions unearth the fact that customers have been erroneously charged for decades.  The errors could be as major as wrong rates, to as minor as rounding of pennies each month.  The people who are the trusted bean counters are too often discarded in the conversion process.  This discarding could be a fatal blow.  Many of these bean counters may be so fastidious that they are a pain.  However, management, not the technologist, should determine whether the bean counter is trying to protect their old tedious task-based job, or whether this person has the legitimate concerns of their employer.  Maintaining the integrity of the system is most critical to the survival of an organization.

When one realizes that all of the viable audit trials are linked to the little computer black box, it become clear that it is imperative someone in management must entrusted with:

• routine daily back-ups off site
• routine independent auditing of the system by outside auditors
• highest level security access to be shared with the CIO, CFO, and the CEO
• defined steps to change security codes when a person leave the employ
• secure access of back-up data, source, and systems documentation

Never allow only the technology department or the finance department computer access to records. 

With a reasonable audit trail, upper management or their designated representative must have access to all financial records.  Computers can encourage larcenous temptations.  When we find that only the IS director can “really” secure all of the required information — this is a giant red flag.  The electronic database must be more secure than the paper databases and it must be [within the reasonable security clearances] fully accessible by key management professionals.  Management cannot be at the mercy of the CIO, CFO, or any other individual who is the only person who both understands the system or who is the only one who knows how to get valid information.

Conclusion.

Good information management protects the fiscal health of a local government, and protects the integrity of its employees.  The computer can be a vehicle for effective security controls, or it can be the gateway to an embezzler’s paradise.  Computer software has yet to embed the intelligence wrought from a careful understanding of the weak management and human desire that can result in compromised work flow, sloppy cash handling, concealed transactions, and opaque rather than transparent financial reporting.  A vigilant management that uses the computer as a tool to reinforce fiscal security will lead to citizen confidence in the accountability and integrity of local government. �

Barry Strock is President and founder of Barry Strock Consulting Associates, Inc located in Albany, NY. and has more than 30 years of public-sector software and computer systems analysis experience and is a Senior Associate and Consultant with Municipal Solutions, LLC .