Bank sweeps detect fraud

A “bank sweep” is a process where you check with financial institutions to make sure no bank accounts exist for your organization that you aren’t aware of.

Work with your local bank and ask for a list of all accounts open under your organization’s name and/or  tax identification number. Also, consider contacting other financial institutions to determine if there are any unexpected accounts open.

If you find accounts that you are not aware of, contact the Washington State Auditor’s Office  immediately.

If you would like an example of the type of fraud that could be detected by a bank sweep, check out the movie All the Queen’s Horses. It tells the story of how an employee of a small town stole $53 million without anyone noticing. You can find the movie website and trailer at: https://www.allthequeenshorsesfilm.com/

Bank sweeps detect fraud

Bank sign above entranceA “bank sweep” is a process where you check with financial institutions to make sure no bank accounts exist for your organization that you aren’t aware of.

Work with your local bank and ask for a list of all accounts open under your organization’s name and/or  tax identification number. Also, consider contacting other financial institutions to determine if there are any unexpected accounts open.

Continue reading

Lease accounting changes are coming soon

Close-up of a hand filling out lease agreement formIn June 2017, the Governmental Accounting Standards Board (GASB) issued Statement No. 87, a new accounting and reporting standard regarding leases. Under the prior approach, governments applied a somewhat subjective test to determine if a lease should be classified as “operating” or “capital.” Under the new approach, GASB assumes all leases (with a few stated exceptions) are just leases, eliminating “operating” leases. The primary goal of the new standard is to increase comparability across governments and provide financial statement users with better, more complete information by establishing a single model for lease accounting. The new standard will take effect for reporting periods beginning after December 15, 2019, and apply retroactively as if the standard was in place at the beginning of the implementation period. Early implementation is encouraged. To review the standard, see GASB Statement No. 87. Continue reading

Tax receivable: Are you reporting it correctly?

A pile of money and the word tax written on tiles.Are you reporting property, sales and other taxes in the correct period? Our Office recently found that some local governments were reporting these taxes when the cash was received, causing errors on the financial statements. Governmental Accounting Standards Board (GASB) Statement 33 – Accounting and Financial Reporting for Nonexchange Transactions provides guidance on reporting these revenue streams in the correct period.

Continue reading

Employer reporting requirements for other post-employment benefits (OPEB) have taken effect

Social Man Drawing Social Security BenefitsGovernmental Accounting Standards Board (GASB) Statement 75, Accounting and Reporting for OPEB is effective for the Reporting Year 2018 (this year!). OPEB, or post-employment benefits other than pension, includes benefits such as healthcare provided through a pension plan or separately (medical, dental, vision, hearing, etc.) and other benefits when provided separately from a pension plan, such as: life insurance, long-term care, disability, and more. Continue reading

Keep an eye out for workshops to help meet annual report filing deadline

Man and woman working together at a computer.Spring will be here before you know it, and so will the annual report deadline for local governments whose fiscal year ends December 31, 2018. For those governments, annual reports are due May 30, 2019. State law does not provide for any exceptions, so we recommend starting the filing process early, and we are available to help.

Once again our Office will be conducting free filing workshops to help with the reporting process. Participants will be able to register for a one-hour time slot for individualized assistance. We will provide one-on-one assistance in person at several locations around the state or remotely through video call (Skype). We will provide computers for the in-person workshops, so if you bring the materials needed to file your report, you might be able to complete and file your report during the one-hour appointment.

Stay tuned for more details and registration!

Thinking of ‘piggybacking?’ First check out this new guide on the practice

Mother giving her daughter piggyback ride

If you are a local government in Washington state, you may be aware of RCW 39.34.030, which allows governments to use other agencies’ contracts to buy goods and services – also called “piggybacking.” But what you might not be aware of are the potential pitfalls of piggybacking, which can land you in some big trouble. The law, as written, isn’t a carte blanche license to just find any contract that is for something your government wants and buy it through that contract; it is more nuanced than that. Fortunately, the Municipal Research and Services Center (MRSC) has written an extensive guide to piggybacking that will help you reap the benefits of this law without stepping into dangerous territory.

Local governments in Washington know the importance of cybersecurity, but need tools to address concerns

The results from our recent cybersecurity survey are in, and they reveal governments of all sizes across Washington recognize the importance of cybersecurity. However, the majority of the governments we polled lack dedicated IT staff, let alone dedicated cybersecurity staff. To address this gap in expertise and resources, the Office of the Washington State Auditor has begun to develop resources, tools and training targeted at the specific cybersecurity issues of local governments. The first group of these resources will be available soon.

Washington local governments have all taken steps to address cybersecurity concerns themselves, according to the survey results, through dedicated policies, staff roles and responsibilities, security reviews and training programs. However, without dedicated staff for handling cybersecurity, governments struggle to keep up with the ever-changing landscape of cybersecurity issues.

In response to our survey, governments asked us for resources that could help them in their cybersecurity efforts. Specifically, governments requested sample policies, cybersecurity risk management plans, guidance on risk assessments and training for non-IT staff as well as leadership.

Our Office is working quickly to give governments the tools they need to stay on top of cybersecurity concerns, and will have even more tools available soon.

If your government has any questions or feedback about cybersecurity issues, contact the Performance Center at performance@sao.wa.gov or call 360-725-5621.

Cybersecurity frauds are targeting direct deposit payroll at local governments

A red fraud button on a computer keyboard.Local governments should ensure they protect against cybersecurity frauds in which an employee’s direct deposit payroll gets redirected to a fraudster’s bank account.

In this type of fraud, the fraudulent request to change the bank account uses the government’s change form that is emailed or mailed to payroll. In other cases, the fraudulent request is made in an email that looks like it is from the employee’s email account. The fraudulent bank accounts are frequently associated with out-of-state or internet banks.

We recommend that any request to change a direct deposit bank account include an in-person or verbal verification with the employee before the change is initiated.

We caution you to NOT use email to verify a change request; in some cases, the employee’s email account has been compromised and the fraudster intercepts and responds to the emailed verification.

If your government is a victim of this fraud, you are required to report it to the Office of the Washington State Auditor at portal.sao.wa.gov/saoportal/public.aspx/LossReport.

We also recommend reporting it to the FBI’s Internet Crime Complaint Center (IC3) at www.ic3.gov/complaint/default.aspx