OIG In Your Inbox – Whistleblower Hotlines
According to the Association of Certified Fraud Examiners (ACFE), most fraud is uncovered by tips from whistleblowers. The ACFE found that almost half of fraud tips come from within an organization, with roughly a third coming from outside sources. Organizations with fraud hotlines were nearly twice as likely to detect fraud than those without.
Read the AdvisoryOIG In Your Inbox: Multifactor Authentication
Cyberattacks against local governments are increasing. Such attacks often begin when a cybercriminal gains unauthorized access to systems and data by obtaining an employee’s password through methods such as phishing, malware, or automated guessing tools. An easy and effective way to prevent attacks against your municipality is to enable multifactor authentication (MFA).
Read the AdvisoryOIG In Your Inbox – Should Your Municipality Appoint a CPO? Yes!
Why should your municipality appoint a Chief Procurement Officer? CPOs have the knowledge and expertise to ensure that procurements comply with the law and follow best practices. They help avoid costly errors and mistakes.
Read the AdvisoryOIG In Your Inbox – Be Proactive
Municipal leaders are often confronted with pressing needs and competing priorities, making it difficult to plan ahead. This advisory provides guidance on how to build proactive practices into daily, monthly, seasonal, and annual operational cycles.
Read the AdvisoryOIG In Your Inbox – Contracting with Concessionaires
When properly executed and managed, concession contracts can be an alternative non-tax revenue stream for a municipality with a value-added use of public land. The contracts also benefit your constituents. This advisory provides guidance on proper management of concession contracts.
Read the AdvisoryOIG In Your Inbox — Key Documents
Documenting key policies, processes, and systems allows municipalities to operate efficiently, facilitate smooth transfers of knowledge, and save public funds. This advisory provides guidance on key documents and resources readily available to manage municipal operations.
Read the AdvisoryMitigate Risks Through Reasonable Timekeeping Controls – OIG in Your Inbox
Every year the OIG receives a number of time fraud-related complaints. The OIG sometimes directs these complaints back to the public employer because responsibility for the integrity of payroll rests with that employer. This advisory contains guidance and best practices related to timekeeping for municipalities.
Read the AdvisoryDPW Internal Controls – OIG In Your Inbox
Weak internal controls within public works departments, such as outdated (or nonexistent) policies, invite potential fraud, waste, and abuse of public resources. Specific risks include overtime abuse, misuse of public vehicles and facilities, or employees selling leftover materials for personal gain.
Read the AdvisoryMunicipalities Can Mitigate Risks of Accepting Cash – OIG in Your Inbox
Accepting cash creates an inherent challenge that is best to address head-on, while being mindful of practical limitations to eliminating all risks. While your municipality may feel obligated to accept cash as legal tender, and may even be required in some circumstances under Massachusetts law to accept cash when offering goods and services for sale, there are several actions you can take as a steward of public resources to limit the risks.
Read the AdvisoryGuidance for Municipalities on Opioid Abatement Funds and Chapter 30B
The Office of the Inspector General offers the following guidance to clarify how public procurement law, specifically Chapter 30B of the Massachusetts General Laws (Chapter 30B), applies to a municipality’s expenditure of opioid abatement funds. Note that all purchases using opioid abatement funds are also subject to the terms of the settlement agreements between the Commonwealth and opioid industry defendants.
Read the AdvisoryStrategies to Manage Mobile Devices – OIG in Your Inbox
In many workplaces, mobile devices are integral to employee productivity. Thoughtful policies concerning office-issued mobile devices are an important tool for the prevention of waste and abuse of office resources. Equally important are written procedures to collect devices and terminate lines for departed employees to prevent unauthorized use and additional charges. Regularly reviewing and updating your office’s policies and procedures is also critical to the successful mitigation of the risks around the use of these devices in the public space.
Read the AdvisoryDetect and Prevent Electronic Funds Transfer Fraud – OIG in Your Inbox
Municipalities face a growing variety of cybersecurity risks, including data breaches, ransomware attacks, and denial of service attacks. These risks can result in a variety of harms to the municipality, including loss of access to critical infrastructure, disclosure of confidential information, and reputational damage. One such risk that has affected many Massachusetts communities is the use of phishing tactics to conduct Electronic Fund Transfer (EFT) fraud.
Read the Advisory