Reporting of Suspected Fraudulent Transactions
Date of Current Revision: December 2014
Primary Responsible Officer: Director of Audit and Management Services
The purpose of this policy is to establish procedures for reporting suspected fraudulent acts involving university property or resources.
The Board of Visitors has been authorized by the Commonwealth of Virginia to govern James Madison University. See Code of Virginia section 23-164.6; 23-9.2:3. The board has delegated the authority to manage the university to the president.
STATE OR FEDERAL STATUTE AND/OR REGULATION
Code of Virginia Section 30-138 requires the president to notify the Auditor of Public Accounts, the State Inspector General and the Superintendent of State Police of circumstances suggesting a reasonable possibility that a fraudulent transaction involving university employees has occurred. Code of Virginia Section 2.2-3011 provides whistle blower protection for all employees disclosing information about suspected wrongdoing or abuse to an appropriate authority.
A federal or state agency or organization having jurisdiction over criminal law enforcement, regulatory violations, professional conduct or ethics, or abuse; or a member, officer, agent, representative, or supervisory employee of the agency or organization. The term also includes the Office of the Attorney General, the Office of the State Inspector General, and the General Assembly and its committees having the power and duty to investigate criminal law enforcement, regulatory violations, professional conduct or ethics, or abuse.
The intentional deception perpetrated by an individual or individuals, which could result in a tangible or intangible benefit to themselves and/or could cause detriment to the university, the commonwealth or others. Fraud includes a false representation of a matter of fact (whether by words or by conduct, by false or misleading statements, or by concealment of that which should have been disclosed) that deceives and is intended to deceive. Fraudulent transactions can include but are not limited to the following prohibited acts:
- misappropriation of cash or funds with falsification of documents
- falsification of documents
- unauthorized use of university property or resources
- unauthorized access to (or misuse of) computer systems or equipment
- falsifying entries to payroll or travel records
- charging personal purchases to the university
- unauthorized use of university employees
Good faith report
A report of wrongdoing or abuse which is made without malice and which the person making the report has reasonable cause to believe is true.
An employee who witnesses or has evidence of wrongdoing or abuse and who makes or demonstrates by clear and convincing evidence that he/she is about to make a good faith report of, or testifies or is about to testify to, the wrongdoing or abuse to one of the employee's superiors, an agent of the university, or an appropriate authority.
A violation, which is not of a merely technical or minimal nature, of a federal or state law or regulation or a formally adopted code of conduct or ethics of a professional organization designed to protect the interests of the public or employee.
This policy applies to all university departments, activities, employees, students and student organizations.
The university will not tolerate theft, waste, abuse or misuse of state or university property or other resources. University employees and students will be required to report suspected irregularities or possible fraudulent transactions to Audit and Management Services. All reported allegations will be fully reviewed, and substantiated fraudulent activities will be reported to the proper authorities.
The university will not discharge, threaten, or otherwise discriminate or retaliate against a whistle blower who discloses information about suspected wrongdoing or abuse in good faith and upon a reasonable belief that the information is accurate. Disclosures that are reckless or that the employee knew or should have known were false, confidential by law, or malicious shall not be deemed good faith reports and shall not be protected. In addition, the university will not discharge, threaten, or otherwise discriminate or retaliate against a whistle blower because the whistle blower is requested or subpoenaed by an appropriate authority to participate in an investigation, hearing, or inquiry by an appropriate authority or in a court action.
Nothing in this policy shall prohibit the university from disciplining or discharging a whistle blower for his/her misconduct or any violation of university policy or law.
6.1 Upon the discovery of circumstances that suggest that a fraudulent transaction may have occurred, it is the responsibility of university employees and students to immediately notify the Director of Audit and Management Services. Upon such notification, the director will ensure that the appropriate vice president and the president are informed of the questionable transaction or specific event.
6.2 Audit and Management Services will perform audit procedures to determine whether there is a reasonable possibility that a fraudulent transaction has occurred. Audit and Management Services will also attempt to quantify any losses and make recommendations for improving internal controls.
6.3 Employees and students are required to cooperate fully with those performing investigations. Employees, departments, students and organizations (i.e., other than those responsible for conducting investigations pursuant to this policy) shall not conduct investigations on their own since this may compromise official investigations.
6.4 If Audit and Management Services determines that there is a reasonable possibility that a fraudulent transaction has occurred and involves a university employee (including student employees), the office will prepare a letter for the president's signature to report the possible fraudulent transaction to the Auditor of Public Accounts, the State Inspector General and the Superintendent of State Police in accordance with Section 30-138.A of the Code of Virginia.
6.5 Audit and Management Services will also consult with Public Safety for their opinion on whether a reasonable possibility exists that a fraudulent transaction has occurred. Further investigation of the transaction or specific event with the objective of prosecution is the responsibility of Public Safety and the Commonwealth's Attorney. The decision to prosecute is the responsibility of the Commonwealth's Attorney. Audit and Management Services will assist with further investigation if requested.
6.6 The university will take any necessary administrative actions and may request restitution of funds. Recovery of funds will be the responsibility of the Assistant Vice President for Finance unless otherwise decided.
6.7 University employees (including student employees) and citizens of the Commonwealth may also anonymously report suspicious activities to the State Fraud, Waste and Abuse Hotline (1-800-723-1615), maintained by the Office of the State Inspector General (OSIG). Audit and Management Services may be required to investigate these activities and report findings to OSIG.
6.8 Audit and Management Services will report incidents involving students to the Office of Student Accountability and Restorative Practices (OSARP) and, if student organizations are involved, the Dean of Students.
Employees and students are responsible for notifying Audit and Management Services of circumstances that suggest that a fraudulent transaction may have occurred.
Audit and Management Services is responsible for performing audit procedures to determine whether there is a reasonable possibility that a fraudulent transaction has occurred. The office is also responsible for preparing letters for the president's signature to report possible fraudulent transactions by employees to the Auditor of Public Accounts, the State Inspector General and the Superintendent of State Police in accordance with Section 30-138.A of the Code of Virginia. Audit and Management Services will report incidents involving students to OSARP and, if student organizations are involved, the Dean of Students.
Public Safety is responsible for performing investigations for the objective of prosecution.
The president is responsible for reporting possible fraudulent transactions by employees to the Auditor of Public Accounts, the State Inspector General and the Superintendent of State Police in accordance with Section 30-138.A of the Code of Virginia.
The Office of Human Resources is responsible for posting notices of whistle blower protection in accordance with Section 2.2-3013 of the Code of Virginia.
Regarding employees (including student employees), sanctions will be commensurate with the severity and/or frequency of the offense and may include termination of employment.
Regarding student organizations, sanctions will be commensurate with the severity and/or frequency of the offense and may include withdrawal of recognition and support for the student organization.
Regarding students, sanctions will be commensurate with the severity and/or frequency of the offense and may include suspension or expulsion.
In addition to the above administrative actions, individuals may also be subject to criminal prosecution. (See 6.4 and 6.5)
The authority to interpret this policy rests with the president and is generally delegated to the Director of Audit and Management Services.
Previous Version: December 2012
Approved by the President: November 2009