December 22, 2009 (rewrite)
A. General. This policy is established to facilitate the development of controls which will aid in the detection and prevention of fraud. This policy applies to any fraud, or alleged fraud, involving employees, consultants, vendors, contractors, or other outside agencies or other parties with a business relationship with the university.
A-1. Policy. Management is responsible for the detection and prevention of fraud, misappropriations, and other inappropriate conduct.
A-2. Definitions. For the purposes of this section, fraud includes, but is not limited to, the following types of misappropriation of University of Idaho (UI) assets:
- Theft or embezzlement of cash, equipment, or supplies;
- Falsification of official records such as contracts, timesheets or claim vouchers requesting reimbursement;
- Unauthorized use of university facilities, such as telephones, fax, mail systems, computers, or automobiles;
- Impropriety in the handling or reporting of money or financial transactions;
- Accepting or seeking anything of material value from contractors, vendors, or persons providing services/materials to the university with the exception of gifts less than $50 in value; or
- Destruction or inappropriate use of records.
The following procedures are also available to investigate allegations of employee conflicts of interest or ethics violations involving the use of one's public position for personal gain or advantage. If there is any question as to whether an action constitutes fraud, contact Internal Audit for guidance.
B. Reporting Procedures. Any fraud that is detected or alleged must be reported immediately to Internal Audit at 208-885-2133, or through the Confidential Hot Line at 1-800-775-1056 (Internal Audit Hotline). Internal Audit coordinates all investigations with support from the Office of General Counsel and other affected areas, both internal and external.
B-1. Reporting Requirement. Any employee who suspects dishonest or fraudulent activity will notify the Internal Auditor immediately, and should not attempt to personally conduct investigations or interviews/interrogations related to any alleged fraudulent act.
B-2. Independent Investigation. The reporting individual should be reminded that they should not (i) contact the alleged individual in an effort to determine the facts or demand restitution, and (ii) discuss the case, facts, suspicions, or allegations with anyone unless specifically asked to do so by the Office of General Counsel.
Great care must be taken in the investigation of alleged improprieties or wrongdoings so as to avoid mistaken accusations or alerting alleged individuals that an investigation is under way.
C. Investigative Process. Any investigative activity required will be conducted without regard to the alleged wrongdoer’s length of service, position/title, or relationship to the university.
C-1. Investigation Responsibilities. The Internal Audit office has the primary responsibility for investigation of all alleged fraudulent acts as defined in the policy. The auditor may receive support from representatives of other administrative offices when appropriate. If the investigation substantiates that fraudulent activities have occurred, the Internal Auditor will issue reports to the responsible administrators, and if appropriate, to the State Board of Regents through the Board’s Audit Committee.
a. Confidentiality. The university treats all information received confidentially to the extent allowed by law.
b. Access to Records. Members of the investigation team will have (i) free and unrestricted access to all university records (including electronic) and premises, whether owned or tented, and (ii) the authority to examine, copy, and/or remove all or any portion of the contents of files, desk, cabinets, and other storage facilities on the premises without prior knowledge or consent of any individual who may use or have custody of any such items or facilities when it is within the scope of the investigation.
C-2. Referral. Decisions to prosecute or refer the examination results to the appropriate law enforcement and/or regulatory agencies for independent investigation will be made in conjunction with the Office of General Counsel and senior management, as will final decisions on disposition of the case.
C-3. Resolution. As a result of an investigation, if management decides to terminate an individual, the recommendation will be reviewed for approval by the designated representatives from Human Resource Services, the Office of General Counsel, and other appropriate internal and external administrators before any such action is taken.
The Internal Auditor does not have the authority to terminate an employee. The decision to terminate an employee is made by the employee’s management. Should the Internal Auditor believe the management decision inappropriate for the facts presented, the facts will be presented to executive level management, and or the State Board of Regents’ Audit Committee for resolution.
D. Other Inappropriate Conduct. Alleged improprieties concerning an employee’s ethical or behavioral conduct should be resolved by departmental management in coordination with the Human Resources Office or Human Rights Compliance Office.
E. Administration. Internal Audit is responsible for the administration, revision, interpretation, and application of this policy. The policy will be reviewed annually and revised as needed.