Approved by the Board on 30th January 2019
On this page:
- 1. Purpose
- 2. Scope
- 3. Policy
- 4. Definitions
- 5. Responsibility for the Detection and Prevention of Fraud
- 6. Reporting Fraud
- 7. Procedures for the Investigation of Alleged Fraud
- 8. Accounting for Loss, Restitution and Recovery
- 9. Notifying the HEA
- 10. References for Employees Disciplined or Prosecuted for Fraud
- 11. Review of Fraud Policy
- 12. Note
Trinity College Dublin, the University of Dublin, is committed to high standards of honesty, transparency and accountability and endeavours to take all possible measures to minimise the potential for fraudulent activity in the way it conducts its business. The University's fraud policy addresses the responsibility of students, employees and management for the detecting and reporting of fraud or suspected fraud and applies to all University staff and students.
This policy applies to all areas within the University and its subsidiary undertakings (as defined by S.1162 Companies Act, 2006). Members of staff and students should ensure they are familiar with other relevant University policies which can be accessed here: https://www.tcd.ie/about/policies/ The university also has a Protected Disclosures (Whistleblowing) Policy which should be read in conjunction with this policy.
It is the policy of the University to identify and promptly investigate any possibility of fraudulent or related dishonest activities against the University and, when appropriate, to pursue legal remedies available under the law. The University aims to promote an organisation culture which encourages the prevention of fraud by raising awareness of the need for high standards of personal conduct. It is envisaged that all employees and students report suspected irregularities should they become aware of same. Consideration should be given at all times to the nature of the alleged incident to avoid incorrect or false accusations.
Members of the College community are also reminded of their obligations to report under S.19 of the Criminal Justice Act 2011.
Any act of fraud ascertained upon investigation or through written acknowledgment by the employee(s)/student(s) concerned, shall result in the appropriate disciplinary and/or legal actions against the employee(s)/student(s) and/or entities. This includes the possibility of disciplinary action up to and including employment consequences, exclusion from study, restitution and/or forwarding information to the appropriate authorities for criminal prosecution. The university will normally pursue the recovery of all costs in addition to the recovery of losses.
For the purposes of this policy, fraud shall include but not be limited to:
- Theft or misappropriation of University assets
- Submitting false claims for payments or reimbursement
- Accepting or offering a bribe or accepting gifts or other favours under circumstances that might lead to the
inference that the gift or favour was intended to influence an employee's decision-making while serving the University
- Accepting an inappropriate commission from, or paying same, to a third party
- Colluding with vendors or third parties in providing preferred pricing or engaging in contract rigging
- 'Off Books' accounting or making false or fictitious entries
- Knowingly creating and/or distributing false or financial misleading reports or data
- Paying of excessive prices or fees where authorisation for or justification thereof is not justified or documented
- Research Fraud1
- Blackmail or extortion
- Violation of the University's procedures with the aim of personal gain or to the detriment of the University
- Overriding of University systems and controls to engage in fraudulent activity (e.g. sharing of accounts and passwords with 3rd parties, lack of due regard for the segregation of duties)
- Unauthorised or illegal use of confidential or proprietary information.
For the purposes of this policy, an employee refers to a staff member who receives remuneration, either full or part time from the University and those reimbursed by Trinity for the provision of externally contracted services. The term also includes any volunteer who provided services to the University through an official arrangement with the University or a University organisation.
A student refers to any registered student of the University and those students approved as off-register for a defined period i.e. ‘off-books’.
Employees/students should follow the guidance provided by IT Services for the prevention of cyber-crime, comply with all appropriate IT policies and immediately report any suspicious IT activities to the IT Services Helpdesk.
Heads of Division/Faculty Deans/Heads of School/Heads of Area and employees at all levels and students are responsible for exercising due diligence and control to endeavour to prevent, detect and report acts of fraud. Those who knowingly fail to carry out these responsibilities may be subject to disciplinary action or in the case of students in accordance with student disciplinary processes. Responsibilities associated with specific groups within the University are outlined here under.
Responsibility of Management
It is the responsibility of Heads of Division/Faculty Deans/ Heads of School/ Heads of Area to ensure adequate effective internal controls are in place and are being operated to manage risk and ensure that established objectives and goals will be achieved. Internal controls should be in place and operating to manage the risk of fraud. Heads and managers should endeavour to be familiar with the types of improprieties that might occur in their area and be alert for any indication that improper activity, misappropriation or dishonest activity is or was in existence in his or her area and put in place controls to manage the risk of such occurrences.
All employees and students are required to support and work with College Officers, other involved offices and law enforcement agencies if required in the detection, reporting and investigation of dishonest or fraudulent activity. If a fraud or attempted fraud is detected in an area the Head of Division/Faculty Dean/ Head of School/Head of Area is responsible for taking appropriate corrective actions to ensure adequate controls exist to manage effectively the risk of future improper actions. Informal advice can be sought from the Secretary to the College on the applicability of this Policy to any particular incident.
Responsibility of Employees
It is the responsibility of all employees and students to conduct their University business in such a way as to prevent fraud occurring. Members of the College community should also be alert to the possibilities for fraud and be on guard for any indications that improper or dishonest activity is taking place.
It is the responsibility of all University staff and students to report any suspicions of fraud without delay according to the procedure laid out below. Persons who intentionally cover up, obstruct, fail to report, or fail to monitor a fraud or attempted fraud that they become aware of, or ought to have been aware of, will be considered to be an accessory after the fact and may be subject to disciplinary action and/or discharge. Persons who conduct or threaten retaliation against a person reporting a suspected fraud shall be subject to the appropriate disciplinary process.
Great care must be taken in dealing with suspected dishonest or fraudulent activities to avoid:
- Incorrect accusations
- Alerting suspected individuals to an investigation underway
- Contaminating evidence or obstructing any criminal investigation
- Treating parties unfairly
- Making statements that could lead to claims of false accusations or other charges.
In all cases, the incident, facts, suspicions or allegations should not be discussed with anyone inside or outside the University unless specifically directed to do so by the College Officer investigating the incident. In particular, the matter should not be discussed with the individual suspected of fraud.
Fraud can be detected at any level within the University and the following general principles should apply in the reporting of suspected fraud:
- An employee who suspects that fraudulent practice may be operating should, in the first instance, report the matter to his/her Head of Division, Faculty Dean, Head of School/ Head of Area or immediate superior. Should it be inappropriate to make such a report to an immediate superior, the report should be made to that person's manager or directly to the Secretary to the College*.
- A student who suspects that fraudulent practice may be operating should, in the first instance, report the matter to his/her Head of School. Should it be inappropriate to make such a report to the Head of School, the report should be made to the Faculty Dean or directly to the Secretary to the College*.
- Should a report of suspected fraud be made to the direct supervisor/manager that supervisor/manager should report the suspicion to his/her Head of Division, Faculty Dean, Head of School/ Head of Area or immediate superior or directly to the Secretary to the College*.
- A Head of Division, Faculty Dean, Head of School/ Head of Area or immediate superior on receipt of a report of a suspected fraud should report the matter to the Secretary to the College* and Senior Dean* in the case of an academic member of staff and the Junior Dean* in respect of students.
- A Fraud Incident Report should be completed by the person reporting suspected fraud. (See Appendix 1).
- No investigation of the suspected fraud should take place until the Senior Dean* (in the case of academic staff) or the Junior Dean (in the case of Students) and the Secretary to the College* have been informed.
- Those making a report should also be aware that the University has a Protected Disclosures Policy which they should familiarise themselves with.
The Senior Dean*/Junior Dean* and the Secretary to the College* will (except in any case involving his or her Office) have responsibility for co-ordinating the University's response and will seek expert legal advice from the University's legal advisors or other advice if required. The Senior Dean*/Junior Dean* and the Secretary to the College* will inform the Provost, and relevant College Officers identified by the Provost (who might include Vice-Provost/Chief Academic Officer, Bursar/ Director of Strategic Innovation, Registrar, Treasurer/ Chief Financial Officer, Director of Human Resources) and others as appropriate and keep them informed of developments.
The Senior Dean*/Junior Dean* and or the Secretary to the College*, on behalf of the Provost, will notify the Internal Auditor as soon as they become aware of a suspected fraud, who will advise the Chair of the Audit Committee.
Consideration will be given by the Provost as to whether the incident is sufficiently serious to warrant invoking the emergency response plan.
The Internal Auditor, will, if appropriate, conduct an initial investigation to gather factual information and reach a preliminary view as to whether further action is required. The agreement of the Chair of the Audit Committee to digressing from the regular audit work-plan will be required. The Internal Auditor will report the findings, conclusions and any recommendations to the Provost via the Secretary to the College* and to the Audit Committee.
Where initial investigation provides reasonable grounds for suspecting a member or members of staff or the student body of fraud or a dishonest activity, the Provost, in consultation with the Secretary to the College* and other relevant College Officers, will decide if any actions are necessary to prevent further loss. This may require, in consultation with the Director of Human Resources, the suspension with or without pay of the member or members of staff (which will take place in accordance with the 2010 Consolidated Statutes) and/or the decision as to whether further investigation is required.
Each case will be considered individually in accordance with the expert advice obtained with a view to minimising the losses (both monetary and otherwise) to the University. Having reached a decision as to what further action is necessary and how such actions should be undertaken, the Senior Dean* or the Secretary to the College* will liaise with the Head of Division, Faculty Dean/ Head of School/ Head of Area.
When further investigation is required, an Incident Team and its Chair, normally the Senior Dean*/Junior Dean* or the Secretary to the College* will be appointed by the Provost for each case. The Incident Team will normally comprise, in addition to the Chair, the Internal Auditor, Treasurer/Chief Financial Officer, the College Solicitor, but may include others as appropriate in the particular circumstances *.
All meetings of the team will be treated as confidential and shall be fully documented with investigation work normally led by the Internal Auditor. The Senior Dean* or the Secretary to the College* will notify the Gardaí of the suspected fraud and be responsible for complying with any and all other relevant legal and regulatory disclosures as appropriate in the circumstances e.g. Data Commissioner, Charity Regulator, HEA, etc.
The Incident Team will be responsible for considering all aspects of the case and at its first meeting will identify the risks involved and will develop an action plan to address the issues. These matters will normally include liaison with the Garda Síochána and the Director of Public Affairs and Communications as well as steps to recover assets, liaison with banks, legal advisors, insurers or others as appropriate in the circumstances. Individual members of the Incident Team will be assigned responsibility for the tasks necessary which are within their area of competence. The Team will meet at regular intervals to share information and consider progress and further actions.
In circumstances where the investigation requires the use of technical expertise or staff resources which the Internal Auditor may not possess, the Incident Team may appoint external specialists to lead and/or contribute to the investigation.
Upon completion of its work, the Incident Team will submit a written report of its findings and its recommendation(s) to the Provost who, in consultation with the Senior Dean*/Junior Dean* or Secretary to the College*, and relevant College Officers, will issue a decision on the matter and determine whether internal disciplinary procedures should be invoked and the Gardaí and others should be notified as appropriate. The Secretary to the College* will communicate the decision to the person(s) accused of the fraud or related dishonest activity and will submit a copy of the report to the Audit Committee and via the Audit Committee to the Board.
Upon completion of its work, the Incident Team will also consider the lessons learned from the incident and the University’s response to it and document these in a report to the Provost. Where it considers changes to this Policy are necessary it will make recommendations to the Finance Committee.
The Incident Team will also consider making its report, or a redacted or summary version of it or lessons learned, available to staff to promote awareness and vigilance and to maintain good staff morale.
Employees/students who are involved in an investigation shall be entitled to have a member of University staff or other appropriate individual present during the course of any interview that is conducted in connection with the alleged fraud or related dishonest activity with a view to supporting the employee/student or defending their case.
The Secretary to the College* will notify the University's Insurance Brokers at an early stage to ensure that insurance matters are dealt with promptly and properly.
The Secretary to the College* and the Director of Public Affairs and Communications will be responsible for dealing with any enquiries from the press and other media.
The Audit Committee will, at an appropriate time, in consultation with the Internal Auditor consider the results of the investigation and the actions taken by management and will assess whether any weakness in the University's systems of internal control has been adequately addressed. The Audit Committee will report the findings, conclusions and recommendations, following consultation with the relevant area(s), to the Board of the College.
The area incurring the loss from a dishonest or fraudulent act will normally suffer the loss, including the costs of the investigation, until monies can be recovered through insurance or restitution. The amount of the loss will be as determined by the Incident Team.
The Provost, Secretary to the College* and other relevant College Officers will report as appropriate and in a timely fashion to the HEA the confirmed Fraud indicating what steps have been taken to address the weaknesses in the systems of internal control related to the Fraud.
Where there is a request for a reference for a member of staff or student who has been disciplined or prosecuted for fraud or a dishonest activity, the Director of Human Resources (for employees) and the Junior Dean (for students) shall prepare any reply to a request for a reference having regard to University’s policies and employment law.
This fraud policy will be reviewed tri-annually by the Finance Committee.
* The role and functions ascribed to the Officers in this Policy may be assigned to others in exceptional circumstances for good cause e.g. where the suspected incident occurred in their area.