Forensic Audit Services

The Vendor is required to provide to engage an independent forensic audit to review and analyze selected financial, operational, and contractual records of a contractor of the department.
- The audit is necessitated by the need to verify the accuracy, completeness, and integrity of transactions and to identify any irregularities, misstatements, or non-compliance with applicable laws, policies, and procedures.
- The forensic review will provide factual findings supported by verifiable evidence to aid management in decision-making and potential remedial actions.
- Objectives:
•    Determine the nature and extent of the embezzlement, including identification of sole person and/or group of individuals that may have had a role in this incident;
•    Identify the sources of funds impacted and/or used, including quantify the financial loss;
•    Assess the effectiveness of internal controls and determine which controls failed to prevent, detect, or correct the embezzlement in a timely manner;
•    Establish a clear chain of responsibility and potential fault-lines; and
•    Provide recommendations to strengthen governance, risk management, and internal controls.
- Planning and Risk Assessment
•    Obtain preliminary information on the reported embezzlement, including review of the police report (to be provided by City as received by vendor/contractor).
•    Identify relevant business units, departments, and financial records needed to complete forensic audit of records.
•    Develop an investigation plan, including a 90 day or less timeline and draft audit report outline.
- Data Collection and Review
•    Collect and examine all relevant financial records, including:
o    Bank statements, ledgers, payment vouchers, invoices, receipts, and reconciliations; and
o    Payroll records, procurement files, contracts, and expense claims.
•    Perform data analytics to identify anomalies, suspicious transactions, and unusual trends.
•    Secure and preserve digital evidence from accounting systems, emails, and internal databases.
•    Identify points of contacts (position title and role as available) and potential internal control points that could have failed or were circumvented.
- Interviews and Inquiries
•    Conduct structured interviews with:
o    Senior management to understand oversight, decision-making, and reporting.
o    Finance and operations staff to clarify transaction flows and document handling, including authorized signatories and measures used for chain of control record keeping.
o    Any employee or employees flagged as having direct or indirect involvement.
•    Document findings from interviews, focusing on:
o    The nature and extent of the embezzlement.
o    The methods used to divert or conceal funds.
o    Weaknesses in procedures, authorizations, or monitoring.
- Control Assessment
•    Review of key internal controls, including:
o    Segregation of duties in finance and operations.
o    Authorization and approval processes.
•    Evaluate why these controls failed to:
o    Prevent the embezzlement.
o    Detect it at an earlier stage.
o    Correct the issue once it occurred.