Federal enterprise information technology solutions provider NCI, Inc. [NCIT] said on Monday it discovered via an internal investigation that its controller embezzled about $18 million from the company over the past six years, leading to the firing of the individual and a finding of material weaknesses in its internal controls.
NCI said that about $5 million was embezzled in 2016 and the remaining $13 million stolen over the prior five years.
A corporate controller runs a company’s accounting department and typically is responsible for financial statements, payroll, accounts payable and receivable, and a host of other day-to-day financial and budget matters. NCI didn’t name its terminated controller.
NCI said it is working with “legal counsel and federal authorities to determine the best course of action from a legal, regulatory and recovery perspective.” The company expects it will recover a large portion of the misappropriated funds through direct recovery from the former controller and insurance coverage.
Preliminary findings from an analysis of the $13 million stolen before 2016 indicates that it is unlikely there are any material misstatements in NCI’s financial statements for its fiscal years 2013, 2014, and 2015, it said.
NCI also said it is reviewing its internal controls over financial reporting and believes that material weaknesses existing in the control during the periods in which the embezzlement occurred. NCI added that it is taking steps to strengthen its internal controls and fix identified weaknesses.
The embezzled funds were treated as allowable indirect costs on government contracts but should have been treated as unallowable costs.