SUNY PP Home Page   Print Page   Close Page   Convert current file into a PDF document

Internal Audit
Legal and Compliance

Responsible Office:

Procedure Title:
Fraud and Irregularities, Procedure on Reporting and Reviewing Fraud and Irregularities

Document Number:

Effective Date:
March 19, 2013

This procedure item applies to:
State-Operated Campuses
Statutory Colleges

Table of Contents

Related Procedures
Other Related Information


These procedures set forth the State University of New York’s (SUNY) procedures for reporting and reviewing suspected or detected fraud and irregularities. These procedures apply to any fraud and irregularities involving SUNY employees, officers or trustees, and campus-related entities, as well as vendors, consultants, contractors, funding sources, or any other parties with a relationship to SUNY. All complaints will be reviewed objectively and without regard to the suspected individual’s length of service, position, title, or relationship with SUNY.

  1. General
    1. Applicability of These Procedures

      These procedures cover activities at SUNY State-operated and statutory campuses, auxiliary services corporations, alumni associations, student associations, campus foundations, and other campus-related entities.
    2. Responsibility

      All members of the SUNY community are expected to promptly report any known or suspected fraud and irregularities. System Administration and each campus is required to identify an individual to whom suspected or detected fraud and irregularities must be reported. In addition, each campus is required to establish a mechanism (fraud hotline) such as a toll free number, e-mail address, or facsimile number that individuals can use to report suspected and detected fraud and irregularities. The fraud hotline must be readily accessible and provide the option of reporting anonymously.  Campuses and System Administration are further required to report any suspected or detected fraud to the Office of the University Auditor at System Administration using Form A.
    3. Types of Activities Covered

      For the purpose of these procedures, fraud and irregularities includes activities that are (1) a misappropriation of assets; (2) in violation of or non-compliant with any SUNY, New York State, or federal law, regulation, policy or procedure; (3) economically wasteful; (4) an indication of gross misconduct or incompetency; or (5) an unethical, improper, or dishonest act. Examples of improprieties include, but are not limited to, the following:
      • Theft of any State or SUNY asset including, but not limited to money, tangible property, trade secrets or intellectual property;
      • Misappropriation, misapplication, destruction, removal, or concealment of State or SUNY property;
      • Inappropriate use of computer systems, including hacking and software piracy;
      • Unauthorized disclosure of confidential or proprietary information;
      • Unauthorized disclosure of student educational records, personal information, or medical information;
      • Authorizing or receiving compensation for hours not worked or covered by appropriate and available leave;
      • Fraudulent or otherwise deceptive financial reporting;
      • Credit card and travel expense fraud;
      • Use of staff to perform personal errands, services or tasks;
      • Alteration or falsification of documents;
      • False claims by students, employees, vendors, or others associated with SUNY; and
      • Bribery, kickbacks, bid rigging, and conflicts of interest.
    4. Activities Covered Under Other Policies and Protocols

      Activities described above that may constitute fraud or irregularities may also be covered by existing policies and procedures on specialized topics.  Such activities may still be reported under this policy, but will be referred for handling to the extent such other procedures exist.  Examples of such policies include:
      • Individual employee grievances and complaints concerning terms and conditions of employment will continue to be reviewed in accordance with applicable academic and human resources policies and collective bargaining agreements.
      • Complaints regarding sexual harassment and unlawful discrimination on the basis of race, color, national origin, religion, age, sex, sexual orientation, disability, veteran or marital status should be reported to the designated officer and handled in accordance with the applicable complaint procedures. 
      • Student academic grievances should follow local campus policies and procedures.
      • Complaints regarding research administration are generally the responsibility of the Research Foundation for SUNY.
      • Complaints related to construction projects administered by the State University Construction Fund (SUCF) or the Dormitory Authority of the State of New York (DASNY) are generally the responsibilities of those entities.
      • Complaints related to a SUNY community college should be filed with the appropriate community college.
  2. Process for Reporting Detected or Suspected Fraud and Irregularities
    1. Individual Reporting Process

      All members of the SUNY community are expected to report any known or suspected fraud or irregularities. Generally, an individual may discuss the concern directly with a supervisor; however, if the individual is not comfortable speaking with the supervisor, the individual is not satisfied with the supervisor’s response, or the individual does not have a supervisor (such as a trustee or student), the individual may report the concern to the campus’ designated officer, any campus fraud hotline, or SUNY’s System Administration fraud hotline.

      Individuals who want to report suspected fraud or irregularities directly to SUNY System Administration may utilize the fraud hotline maintained by the Office of the University Auditor. These individuals may report in the following ways:

      Fax: (518) 320-1564
      Voice mail: (518) 320-1539
      Mail: University Auditor, State University Plaza,
      Albany, NY 12246

      Individuals have the option of either providing contact information or reporting the information anonymously. While not required, providing contact information will enable the reviewer to contact the individual to clarify the information being provided. At a minimum, individuals should provide key information such as a description of the incident; individual(s) involved; and financial loss, if any. When requested, SUNY will make every effort to handle all information received confidentially, to the extent permitted by law. Consistent with New York State laws, employees or other persons who lawfully report suspected improprieties shall not suffer discharge, demotion, suspension, threats, harassment, discrimination, or other retaliation as a result of making such a good faith report.
    2. Campus and System Administration Reporting Process

      Campuses and System Administration are required to forward a report to the Office of the University Auditor when sufficient facts and circumstances exist to create a reasonable suspicion that a fraud or irregularity has occurred, or where a review of the incident has commenced. The report should include key information such as a description of the incident; individual(s) involved; financial loss, if any; and applicable rules, regulations, and procedures violated (see Form A – Fraud Incident Report). The Campus must also report to the Office of the University Auditor any contact from the New York State Attorney General, the Inspector General, or any other outside agency regarding any investigation.  Pending the Committee’s review of the matter, campuses and System Administration should work with counsel and the Office of the University Auditor to determine appropriate action.
  3. Process for Reviewing Detected or Suspected Improprieties
    1. Initial Review and Determination of Appropriate Action

      Each Fraud Incident Report, as well as any relevant communication received through the fraud hotline (or other method), will be reviewed by the SUNY Fraud Committee (Committee). The Committee is coordinated by the Office of the University Auditor and includes representation from several offices within System Administration. The specific roles of each office represented on the Committee are as follows:
      1. Office of the University Auditor: The University Auditor chairs the Committee and coordinates overall case screening and management. The University Auditor will also provide expertise on financial matters, including accounting and administrative controls, and will coordinate any audit work including that with the campus-based internal audit departments. The University Auditor acts as a  liaison to the Office of the New York State Inspector General along with the Office of General Counsel.
      2. SUNY Counsel: SUNY Counsel provides advice on legal matters and serves as liaison between SUNY and external agencies such as the Attorney General and district attorneys. SUNY Counsel will also provide input regarding the Public Officers Law, Ethics in Government Act, Executive Law Article 4-A, and other laws and regulations.
      3. Employee Relations: Employee Relations provides technical expertise regarding the various responsibilities and obligations that may be applicable in each case under the pertinent collective bargaining agreements. In particular, Employee Relations will provide specific information regarding interactions with bargaining unit employees and their representatives on matters such as disciplinary actions, interrogations, and notices of discipline. Employee Relations acts as liaison to campus human resource and employee relations offices.
      4. University Police: University Police assists in the fraud investigation by utilizing its contacts with campus police and public safety departments, local police, other law enforcement agencies, and merchants to gather pertinent information. University Police will also provide suggested criminal investigation procedures and, when necessary, obtain assistance from campus police and public safety departments and external law enforcement agencies.
      5. University Controller: the University Controller provides expertise related to financial matters, including accounting and administrative controls. The University Controller works closely with  campus internal control officers.
      The Committee will review each report or complaint to determine what action, if any, should be taken. These actions may include (1) contacting the campus, System Administration, or the complainant for additional information, (2) initiating a review into the matter, or (3) referring the matter to an outside agency such as the New York State Attorney General, Inspector General, or law enforcement. Reviews may be conducted individually or jointly by the Office of the University Auditor, campus internal audit departments, campus staff, or externally, by an independent auditor, consultant, other State agency or an outside law enforcement agency. Generally, appropriate campus personnel will be involved in the reviews relating to campus activities.
    2. Review Process

      The objectives of the review are to verify the information provided, determine responsibility, identify improvement opportunities, and determine if the matter warrants reporting to the appropriate law enforcement agency. The review process may include interviewing the individual filing the complaint (unless the individual chooses to remain anonymous), campus employees, System Administration officials, and others, as appropriate; reviewing documentation submitted with the complaint; obtaining and reviewing other relevant documentation; and reviewing applicable laws, rules, regulations, and policies. Every effort will be made to maintain confidentiality throughout the investigation to the extent permitted by law; however, it cannot be guaranteed.
    3. Resolution

      Upon SUNY’s completion of its review, a determination will be made as to whether the review has resulted in sufficient evidence to show a violation of law, regulation, policy or procedure; or that fraud or irregularities may have occurred. If the results of the review rise to the level of sufficient evidence, the results may be forwarded to a law enforcement agency for further action, as appropriate. Office of General  Counsel will work with the campus, when appropriate, to take the necessary steps to make a referral to the appropriate entity (local district attorney, Office of the Attorney General, Inspector General, etc.).  Disciplinary procedures, if any, are initiated by the chief administrative officer, or designee, at each campus. Such disciplinary actions should be initiated in consultation with the Office of Employee Relations.

      The Committee will report the matter, as appropriate, to the Office of the New York State Inspector General, in accordance with New York State Executive Law Article 4-A, Section 55, and the Office of the New York State Comptroller, in accordance with Volume XI, Section 7.0200 of the New York State Accounting System User Procedure Manual. The Office of the University Auditor will periodically provide reports to the Audit Committee of the SUNY Board of Trustees regarding the number of reports and complaints, results of any reviews, and a description of those matters that resulted in findings of fraud or irregularities.

      The affected campus will be informed of the results of the review and any decisions and recommendations made by the Committee. In addition, any improvement opportunities related to policies, procedures, or control activities that were identified during the review will be shared with appropriate campus officials.


Fraud and irregularities include activities that are (1) a misappropriation of assets; (2) in violation of or non-compliant with any SUNY, New York State, or federal law, regulation, policy or procedure; (3) economically wasteful; (4) an indication of gross misconduct or incompetency; or (5) an unethical, improper, or dishonest act.


Form A - Fraud Incident Report

Related Procedures

There are no related procedures relevant to this procedure.

Other Related Information

SUNY Policy on Fraud and Irregularities, Policy Document No. 9002. - Fraud and Irregularities, Policy on Fraud and Irregularities

SUNY, SUNY System Compliance Initiative WebsiteFraud Policy and Procedure Webpage.

New York State Labor Law § 740, Retaliatory personnel action by employers; prohibition. (whistleblower protection)

New York State Civil Service Law § 75-b, Public Sector Whistleblower Law. (whistleblower protection)

New York State Public Officers Law §73, Business or professional activities by state officers and employees and party officers.

New York State Public Officers Law §73a, Financial Disclosure.

New York State Public Officers Law §74, Code of Ethics.

NYS State Finance Law § 8 (Duties of the comptroller)

New York State Accounting User Procedures Manual
, Volume XI, Section 7.0200.


Trustees’ Resolution 2013-013 (dated March 19, 2013) Fraud and Irregularities Policy and Procedure.


Memorandum to presidents from the senior vice chancellor, dated November 22, 1993, established protocol with regard to fraud investigations and audits that affect SUNY.

On March 19, 2013, the Board of Trustees adopted a Fraud Policy and Procedure through a resolution which updated the Fraud Procedure, Policy Document 9001.

The SUNY Board of Trustees adopted a Fraud Policy and revised Fraud Procedure at its March 2013 Board Meeting.


There are no appendices relevant to this procedure.