Most of us feel confident we could never be a target of fraud. But in reality, fraud is more common than you think and many incidents of internal fraud within schools are not necessarily criminal but a case of bad practise that can leave employees open to challenge and liability.
How many of us keep a password book that is easily accessible to other staff, which can not only enable us to recall passwords, but can often be handed around so that others can access certain platforms or websites? This is rule number one; ensure that your passwords are safe. The best recommendation is to create a password protected document for yourself that only needs one, secure, confidential password. You can even copy and paste passwords from it into logins to save time! Be wary of using saved passwords online such as on google or credit card details as this leaves the website open to easy access if your PC was accessible. The same can apply to keys, there is no point locking a safe or confidential cupboard only to place the keys in an accessible top drawer, they should be kept in a coded lock box with limited access.
Rule number two; never use another person’s log in and password. You are leaving yourself and that person open to challenge if there is ever question about the accuracy or responsibility of actions undertaken when representing yourself as another person. Take the time to create the additional person’s own log in to ensure that you everyone is responsible for themselves and again, avoid saving online passwords to mitigate unauthorised access. Schools need to follow their schedule of financial delegation or for academies, their academy financial handbook. As a consultant, I have seen first-hand school office staff sharing the passwords to online platforms, budgeting software, CPOMS and even payroll and banking! It might be frustrating if the banking cannot be completed as the correct signatory is not present, but robust planning should allow for the smooth operation of payments. Many schools forget to update signatories on bank accounts when employees or governors leave, but schools should be ensuring that this action is undertaken and by no means asking previous employees to still sign cheques.
Rule number three; be confident in saying no. Fraud can often be the result of the pressure on an employee to be quick to action a request. Perhaps it is placing an online order before the correct approval has been gained, using another employee’s lanyard to pop out for lunch as you left yours in the car, using the cash raised from the cake sale to buy some resources for your classroom, or putting a little bit of fuel into your own car using the school fuel card. Who would ever know! In reality, we all need to be responsible and follow the correct procedures. Failure to do so can lead to disciplinary action, suspension or criminal investigation. If you are asked to do something that is not the correct procedure, then challenge that request or say no, this will help to create a positive culture in your school. ‘We’ve always done it that way’ can be hard to change, particularly if coming from senior leadership, but be confident that you are following the correct procedures.
This leads me to rule number four; make the move to a cashless system. In this day and age, there is no need for cash within schools. All payments can be made online, including charitable donations, book fairs, cake sales, summer fayres. For parents that struggle with online payments, request that they come into the office so you can walk them through it. Cash in schools opens a high possibility and temptation of financial fraud. For summer fayres, sell tokens online for parents to buy in advance and on the day. Leaving large amounts of cash overnight in schools can promote minor theft or even burglaries. Additionally, schools are responsible for declaration of all income and expenditure and keeping pots of cash prevents this. Many years ago, I experienced resistance to this when working in a school, but after explaining to staff that I was largely responsible for the school’s finances and having spent many years gaining accreditation, I was not going to put myself at risk of financial discrepancy from potential missing money resulting from cash being unaccounted for. This seemed to work and continued to become normal practise.
There are many other risks in schools for internal fraud and this is rule number five; ensure robust checking of paperwork. There are many different areas in schools where this rule applies:
- Recruitment
- ID documents
- References
- VISA / Right to Work in the UK
- Online checks
- Employees
- Pay matches’ contract
- Absences
- Admissions
- Evidence of address / siblings / certificate of religious practise
- Attendance
- Evidence of medical appointments
- Correct completion or registers
- Site Management
- Statutory checks
- Service and maintenance
- Contractor insurance
- Inventory of equipment
- Supplier
- IR35
- Bank details
- Visitors
- ID checks
The list is long and again not exhaustive indicating that we need to take the time to ensure that all documentation is correctly in place and not rush things through due to a lack of organisation and preparation. By ensuring that everything is in place, we can be confident of a safe and secure working environment.
A reminder of my 5 rules to mitigate internal fraud in schools:
- Ensure that your passwords are safe
- Never use another person’s log in and password
- Be confident in saying no
- Make the move to a cashless system
- Ensure robust checking of paperwork
