Table of Contents
Legal and Compliance
Fraud and Irregularities, Procedure on Reporting and Reviewing Fraud and Irregularities
March 19, 2013
Other Related Information
These procedures set forth the State University of New York’s (SUNY) procedures
for reporting and reviewing suspected or detected fraud and irregularities. These
procedures apply to any fraud and irregularities involving SUNY employees, officers
or trustees, and campus-related entities, as well as vendors, consultants, contractors,
funding sources, or any other parties with a relationship to SUNY. All complaints
will be reviewed objectively and without regard to the suspected individual’s
length of service, position, title, or relationship with SUNY.
Applicability of These Procedures
These procedures cover activities at SUNY State-operated and statutory campuses,
auxiliary services corporations, alumni associations, student associations, campus
foundations, and other campus-related entities.
All members of the SUNY community are expected to promptly report any known or
suspected fraud and irregularities. System Administration and each campus is required
to identify an individual to whom suspected or detected fraud and irregularities must
be reported. In addition, each campus is required to establish a mechanism (fraud
hotline) such as a toll free number, e-mail address, or facsimile number that individuals
can use to report suspected and detected fraud and irregularities. The fraud hotline
must be readily accessible and provide the option of reporting anonymously.
Campuses and System Administration are further required to report any suspected or
detected fraud to the Office of the University Auditor at System Administration using
Types of Activities Covered
For the purpose of these procedures, fraud and irregularities includes activities
that are (1) a misappropriation of assets; (2) in violation of or non-compliant with
any SUNY, New York State, or federal law, regulation, policy or procedure; (3) economically
wasteful; (4) an indication of gross misconduct or incompetency; or (5) an unethical,
improper, or dishonest act. Examples of improprieties include, but are not limited
to, the following:
Theft of any State or SUNY asset including, but not limited to money, tangible
property, trade secrets or intellectual property;
Misappropriation, misapplication, destruction, removal, or concealment of State
or SUNY property;
Inappropriate use of computer systems, including hacking and software piracy;
Unauthorized disclosure of confidential or proprietary information;
Unauthorized disclosure of student educational records, personal information,
or medical information;
Authorizing or receiving compensation for hours not worked or covered by appropriate
and available leave;
Fraudulent or otherwise deceptive financial reporting;
Credit card and travel expense fraud;
Use of staff to perform personal errands, services or tasks;
Alteration or falsification of documents;
False claims by students, employees, vendors, or others associated with SUNY;
Bribery, kickbacks, bid rigging, and conflicts of interest.
Activities Covered Under Other Policies and Protocols
Activities described above that may constitute fraud or irregularities may also
be covered by existing policies and procedures on specialized topics. Such activities
may still be reported under this policy, but will be referred for handling to the
extent such other procedures exist. Examples of such policies include:
Individual employee grievances and complaints concerning terms and conditions
of employment will continue to be reviewed in accordance with applicable academic
and human resources policies and collective bargaining agreements.
Complaints regarding sexual harassment and unlawful discrimination on the basis
of race, color, national origin, religion, age, sex, sexual orientation, disability,
veteran or marital status should be reported to the designated officer and handled
in accordance with the applicable complaint procedures.
Student academic grievances should follow local campus policies and procedures.
Complaints regarding research administration are generally the responsibility
of the Research Foundation for SUNY.
Complaints related to construction projects administered by the State University
Construction Fund (SUCF) or the Dormitory Authority of the State of New York (DASNY)
are generally the responsibilities of those entities.
Complaints related to a SUNY community college should be filed with the appropriate
Process for Reporting Detected or Suspected Fraud and Irregularities
Individual Reporting Process
All members of the SUNY community are expected to report any known or suspected
fraud or irregularities. Generally, an individual may discuss the concern directly
with a supervisor; however, if the individual is not comfortable speaking with the
supervisor, the individual is not satisfied with the supervisor’s response,
or the individual does not have a supervisor (such as a trustee or student), the individual
may report the concern to the campus’ designated officer, any campus fraud hotline,
or SUNY’s System Administration fraud hotline.
Individuals who want to report suspected fraud or irregularities directly to SUNY
System Administration may utilize the fraud hotline maintained by the Office of the
University Auditor. These individuals may report in the following ways:
Individuals have the option of either providing contact information or reporting
the information anonymously. While not required, providing contact information will
enable the reviewer to contact the individual to clarify the information being provided.
At a minimum, individuals should provide key information such as a description of
the incident; individual(s) involved; and financial loss, if any. When requested,
SUNY will make every effort to handle all information received confidentially, to
the extent permitted by law. Consistent with New York State laws, employees or other
persons who lawfully report suspected improprieties shall not suffer discharge, demotion,
suspension, threats, harassment, discrimination, or other retaliation as a result
of making such a good faith report.
Campus and System Administration Reporting Process
Campuses and System Administration are required to forward a report to the Office
of the University Auditor when sufficient facts and circumstances exist to create
a reasonable suspicion that a fraud or irregularity has occurred, or where a review
of the incident has commenced. The report should include key information such as a
description of the incident; individual(s) involved; financial loss, if any; and applicable
rules, regulations, and procedures violated (see Form A – Fraud Incident Report).
The Campus must also report to the Office of the University Auditor any contact from
the New York State Attorney General, the Inspector General, or any other outside agency
regarding any investigation. Pending the Committee’s review of the matter,
campuses and System Administration should work with counsel and the Office of the
University Auditor to determine appropriate action.
Process for Reviewing Detected or Suspected Improprieties
Initial Review and Determination of Appropriate Action
Each Fraud Incident Report, as well as any relevant communication received through
the fraud hotline (or other method), will be reviewed by the SUNY Fraud Committee
(Committee). The Committee is coordinated by the Office of the University Auditor
and includes representation from several offices within System Administration. The
specific roles of each office represented on the Committee are as follows:
The Committee will review each report or complaint to determine what action, if
any, should be taken. These actions may include (1) contacting the campus, System
Administration, or the complainant for additional information, (2) initiating a review
into the matter, or (3) referring the matter to an outside agency such as the New
York State Attorney General, Inspector General, or law enforcement. Reviews may be
conducted individually or jointly by the Office of the University Auditor, campus
internal audit departments, campus staff, or externally, by an independent auditor,
consultant, other State agency or an outside law enforcement agency. Generally, appropriate
campus personnel will be involved in the reviews relating to campus activities.
Office of the University Auditor: The University Auditor chairs the
Committee and coordinates overall case screening and management. The University Auditor
will also provide expertise on financial matters, including accounting and administrative
controls, and will coordinate any audit work including that with the campus-based
internal audit departments. The University Auditor acts as a liaison to the
Office of the New York State Inspector General along with the Office of General Counsel.
SUNY Counsel: SUNY Counsel provides advice on legal matters and serves
as liaison between SUNY and external agencies such as the Attorney General and district
attorneys. SUNY Counsel will also provide input regarding the Public Officers Law,
in Government Act, Executive Law Article 4-A, and other laws and regulations.
Employee Relations: Employee Relations provides technical expertise
regarding the various responsibilities and obligations that may be applicable in each
case under the pertinent collective bargaining agreements. In particular, Employee
Relations will provide specific information regarding interactions with bargaining
unit employees and their representatives on matters such as disciplinary actions,
interrogations, and notices of discipline. Employee Relations acts as liaison to campus
human resource and employee relations offices.
University Police: University Police assists in the fraud investigation
by utilizing its contacts with campus police and public safety departments, local
police, other law enforcement agencies, and merchants to gather pertinent information.
University Police will also provide suggested criminal investigation procedures and,
when necessary, obtain assistance from campus police and public safety departments
and external law enforcement agencies.
University Controller: the University Controller provides expertise
related to financial matters, including accounting and administrative controls. The
University Controller works closely with campus internal control officers.
The objectives of the review are to verify the information provided, determine
responsibility, identify improvement opportunities, and determine if the matter warrants
reporting to the appropriate law enforcement agency. The review process may include
interviewing the individual filing the complaint (unless the individual chooses to
remain anonymous), campus employees, System Administration officials, and others,
as appropriate; reviewing documentation submitted with the complaint; obtaining and
reviewing other relevant documentation; and reviewing applicable laws, rules, regulations,
and policies. Every effort will be made to maintain confidentiality throughout the
investigation to the extent permitted by law; however, it cannot be guaranteed.
Upon SUNY’s completion of its review, a determination will be made as to
whether the review has resulted in sufficient evidence to show a violation of law,
regulation, policy or procedure; or that fraud or irregularities may have occurred.
If the results of the review rise to the level of sufficient evidence, the results
may be forwarded to a law enforcement agency for further action, as appropriate. Office
of General Counsel will work with the campus, when appropriate, to take the
necessary steps to make a referral to the appropriate entity (local district attorney,
Office of the Attorney General, Inspector General, etc.). Disciplinary procedures,
if any, are initiated by the chief administrative officer, or designee, at each campus.
Such disciplinary actions should be initiated in consultation with the Office of Employee
The Committee will report the matter, as appropriate, to the Office of the New
York State Inspector General, in accordance with New York State Executive Law
Article 4-A, Section 55, and the Office of the New York State Comptroller, in
accordance with Volume XI, Section 7.0200 of the New York State Accounting System
User Procedure Manual. The Office of the University Auditor will periodically provide
reports to the Audit Committee of the SUNY Board of Trustees regarding the number
of reports and complaints, results of any reviews, and a description of those matters
that resulted in findings of fraud or irregularities.
The affected campus will be informed of the results of the review and any decisions
and recommendations made by the Committee. In addition, any improvement opportunities
related to policies, procedures, or control activities that were identified during
the review will be shared with appropriate campus officials.
Fraud and irregularities include activities that are (1) a misappropriation of assets;
(2) in violation of or non-compliant with any SUNY, New York State, or federal law,
regulation, policy or procedure; (3) economically wasteful; (4) an indication of gross
misconduct or incompetency; or (5) an unethical, improper, or dishonest act.
Form A - Fraud Incident Report
There are no related procedures relevant to this procedure.
Other Related Information
SUNY Policy on Fraud and Irregularities, Policy Document No. 9002. - Fraud and Irregularities, Policy on Fraud and Irregularities
SUNY, SUNY System Compliance Initiative
Website - Fraud
Policy and Procedure Webpage.
New York State Labor Law
§ 740, Retaliatory personnel action by employers; prohibition. (whistleblower
York State Civil Service Law § 75-b, Public Sector Whistleblower Law. (whistleblower
York State Public Officers Law §73, Business or professional activities by state
officers and employees and party officers.
York State Public Officers Law §73a, Financial Disclosure.
York State Public Officers Law §74, Code of Ethics.
NYS State Finance Law §
8 (Duties of the comptroller)
New York State Accounting User Procedures Manual, Volume XI, Section 7.0200.
Memorandum to presidents from the senior vice chancellor, dated November 22, 1993,
established protocol with regard to fraud investigations and audits that affect SUNY.
On March 19, 2013, the Board of Trustees adopted
a Fraud Policy and Procedure through a resolution which updated the Fraud Procedure,
Policy Document 9001.
The SUNY Board of Trustees adopted a Fraud Policy and revised Fraud Procedure at
its March 2013 Board Meeting.
There are no appendicies relevant to this procedure.