Colorado School of Mines
Fraud Policy and Procedures
Reporting Fraudulent Financial Activities

Purpose and Background:

This policy is established to protect the assets and interests of CSM, to increase overall
fraud awareness, and to ensure a coordinated approach toward resolution of financial
irregularities. This policy establishes the procedures and responsibilities for reporting
and resolving instances of known or suspected financial irregularities. CSM has
responsibility for the stewardship of CSM resources and the public and private support
that enables it to pursue its mission. The policy outlines specific responsibilities for
individuals involved in addressing financial irregularities within the institution.

The State Controller requires that any suspected theft or embezzlement of state funds or
assets be immediately reported to the School’s chief executive officer (President) or his
or her delegate, and the chief financial officer (Senior Vice President for Finance and
Administration) and that appropriate action be taken. Suspected theft or embezzlement
of state funds or assets totaling $5,000 or more must be reported in writing to the State
Controller. Additionally, the results of any investigation or follow-up, including
corrective measures implemented to prevent or reduce the likelihood of future
occurrences, must be reported in writing to the State Controller in a timely manner.

All reported CSM incidents will be disclosed to the Finance and Audit Committee of the
Board of Trustees and, depending on severity or materiality of the incident, to the Board
of Trustees as a whole.

Definitions:

Financial Fraud: A willful or deliberate act with the intention of obtaining an
unauthorized benefit, such as money or property, by deception or other unethical means.
Examples include, but are not limited to: embezzlement; misappropriation of goods,
services or resources; diversion of assets; conflict of interest situations that result in
financial loss to the institution; and violation of CSM fiscal policies and procedures for
personal gain.

Suspected Financial Fraud: Circumstances that raise a reasonable belief that financial
fraud has occurred or is occurring.

Policy:

1. Any employee, student or volunteer associated with CSM who knows of or
suspects financial fraud within the School must promptly notify either one’s
immediate supervisor or one of the following internal units: Internal Audit, Legal
Services or Public Safety. The duty to report is consistent with State statutory
requirements and the State Fiscal Rules.

1
March 18, 2008

2. Employees and students should utilize the channel of communication with which
they are most comfortable. The primary internal contacts are Internal Audit and
Legal Services. In all cases, the initial contact will inform the other units, as
appropriate, to establish a team to proceed with the investigation of the alleged
financial fraud.

3. All affected departments and individuals shall cooperate fully with the
investigative team to identify whether or not actual or suspected financial fraud
has occurred.

4. The investigative team shall keep CSM officials apprised of ongoing
investigations as appropriate.

5. Any loss reporting will comply with State Fiscal Rules, using the dollar threshold
established by the State Controller. Procedurally, all internal audit reports are
presented to the Board of Trustees’ Finance and Audit Committee.

6. A monthly summary report of all investigative activity will be prepared for the
Board’s Finance and Audit Committee.

Procedures and Responsibilities:

The following sections outline the basic responsibilities of those units or individuals
involved in investigating or addressing an incident of actual or suspected financial fraud.

1. Responsible administrator for the unit where the known or suspected financial
fraud occurred is responsible for:
a. Reporting all known or suspected incidents as required by law and State
Fiscal Rules and consistent with these procedures.
b. Notifying one of the investigative units to obtain guidance on how to
proceed. The administrator should not attempt to conduct an independent
investigation or audit.
c. Fully securing and strictly limiting access to any relevant computer and
manual records as soon as the financial fraud is suspected. Common steps
in these circumstances may include, but are not limited to, making
changes in staff assignments, securing keys within the work area,
removing systems access, and reassigning signature and approval
authority.
d. Using discretion and treating the situation as confidential. Supervisors can
and should be informed if cleared by the investigative team. The
administrator should not confront or accuse the individual suspected of
financial irregularities, and should not make any arrangements for
resolution of the matter without consultation with appropriate supervisors
and members of the administration.

2
March 18, 2008

e. At the completion of any investigation, implementing changes in policy
and procedures for improved internal controls to prevent reoccurrence of
financial irregularities.

2. Internal Audit is responsible for:
a. Conducting a preliminary assessment of an incident where insufficient
facts or evidence is available to determine if financial fraud has actually
occurred.
b. Notifying other departments and campus officials who may need to be
involved in a review or investigation, as appropriate.
c. When a loss has occurred, determining how the loss occurred, the amount
of the loss and possible individuals involved. If the loss exceeds the State
Fiscal Rules threshold, notifying the CSM Controller.
d. Gathering available evidence to support loss findings.
e. Evaluating the systems of internal control and making recommendations
for improvements.
f. Meeting, as needed, with legal counsel, human resources, administration
and public safety to coordinate and review the assessment process.
g. Following standard audit reporting procedures.

3. Legal Services is responsible for:
a. Notifying other departments and units as appropriate, including Public
Relations.
b. Consulting with departments and campus officials as to appropriate
investigative and corrective actions.
c. Providing policy and legal interpretation and other legal advice, as needed,
throughout the investigative process and implementation of remedial
action.
d. Participating in negotiations, if any, to resolve the matter.
e. Assisting the School with the negotiation and documentation of any
settlement or other agreements related to the financial fraud investigation
or resolution of the matter.

4. Controller is responsible for;
a. Reporting the circumstances and corrective action taken, for any losses in
excess of $5,000, to the State controller after notifying the Vice President
for Finance and Administration.
b. Providing policy interpretation as required.
c. Working with the affected units to implement the necessary management
controls to modify and improve business practices to prevent the
occurrence of financial irregularities.

5. Public Safety is responsible for:
a. Conducting investigations of the financial irregularities as required by the
investigative team.

3
March 18, 2008

b. Coordinating with the District Attorney, Legal Services, and external law
enforcement agencies, as needed.

6. Human Resources is responsible for:
a. Providing guidance to the appointing authority, administration and others
affected as to appropriate personnel actions to be taken if CSM employees
are involved.
b. Providing personnel policy interpretation and guidance.
c. Participating in the resolution process and preparing reports, as necessary.






4
March 18, 2008