Sarbanes Oxley : Auditing : Fraud
Tips and Techniques To Detect Fraud Or Errors In Timesheets
Weak timesheet controls and manual processes make a company vulnerable to fraud and errors
Corporate governance laws, state/federal labor laws, and accounting regulations are making companies and their executives even more accountable for transparent, true and timely performance and financial reporting. Regulatory and oversight bodies such as the SEC (security exchange commission), demanding and extremely cautious audit firms and nervous shareholders, now point the finger directly at the company?s senior executives and hold them personally and criminally accountable for the company?s accurate reporting on operations and any control weaknesses.
This article presents potential timesheet-related compliance violation scenarios. It recommends a set of fraud and error detection reports that will help internal and external auditors, project managers, and company executives detect unauthorized or illegal activity and achieve sustainable compliance for timesheet management. Here are the timesheet compliance reports you need:
Time Entry Modification Audit
? Time entries that were modified (created or deleted) by one user on behalf of another user. For every time entry show new and old amount, modification time and date, the name of the person who made the original time entry, as well as the modifier, and any notes describing the reason for the modification
? Time entries that were modified (created or deleted) by one user on behalf of another user without providing a note explaining the reason for the change
? Time entries that were modified by a project or group manager. For every time entry display both the new and old entry, as well as any notes describing the reason for the modification
? Time entries that were modified after having been approved
? Time entries whose attributes were changed such as from billable to not billable, R&D to non R&D, from funded to not-funded
? Time entries whose cost or billing rate was modified
? Unapproved time entries in a specified date interval
Timesheet Approval and Change Audit
? Timesheets that are approved by someone other than the person that was designated to approve them
? Timesheets that have been modified after having reopened a period
? Timesheets that are approved by administrative staff (instead of project or group managers)
? Timesheets that are approved long after they were submitted (e.g. a few months later or another specified date interval)
Project Time Audit
? List of projects that exceeded time budgets
? List of projects that show a sudden jump in time allocation
? Billable time entries that have not been invoiced after period closing and at the end of every quarter
Unusual Project Activity Audit
? List of users (employees or consultants) that submit timesheets with hours that far exceed
? List of users (employees or consultants) that submit timesheets with hours that far exceed the business unit?s defined timesheet period size
? Amount of time or number of employees working on a project (or allocating time against a business unit) changed by more than X percent in comparison to the previous quarter
? List of employees that required adjustments for X% of their time entries
? For non-exempt employees report on those who have done more than X hours of overtime over the last N weeks
How Software Can Help
The reports above would be very hard to produce if time is being tracked using spreadsheets, multiple disconnected systems, or a time entry system that lacks auditing and error detection capabilities. A compliance enabled timesheet management solution should provide:
? Definition and enforcement of timesheet policies and rules; validations should be performed by the system at the point of entry
? Lock down of approved timesheets and closed timesheet periods
? Auditing of every time entry change, all timesheet approvals/period closing and cost or billing rate changes
? Notifications when budget thresholds have been reached
? Reports and live analysis dashboards to monitor projects/operations and to detect inappropriate, fraudulent, or inefficient activity, misallocation of time, or other potential problem areas
Weak timesheet controls and manual processes make a company vulnerable to fraud and errors related to cost and budget allocation, and force the organization to expend considerable resources in preparation for a compliance audit. Ineffective time tracking can also result in revenue leakage, longer billing cycles, higher probability of payroll and invoicing errors, duplication of effort and extended correction cycles, project execution problems, and ultimately, a potential compliance-related audit failure.
The only way a company can ensure sustainable timesheet compliance and governance is for it to have the proper controls, reporting and auditing systems in place. Company?s executives and audit committee must have real-time access to error and fraud detection reports. This article provided a set of recommended timesheet error and fraud detection reports that every organization should have access to and analyze on a regular basis in order to validate that its employees and consultants follow a consistent timesheet entry and approval policy, are working on authorized projects based on approved budgets and scope, and that costs are allocated to the right projects.
This article is the first in a series, see the next installment, "Tips and Techniques To Detect Fraud Or Errors In Expense Reports."
Rudolf Melik, CEO Tenrox is an award winning entrepreneur and a recognized project and workforce management expert and thought leader.
For more information go to www.tenrox.com