State audit finds flaws in Morrisville-Eaton online banking procedures

State Comptroller Thomas DiNapoli issued a report Aug. 3 on several school audits; among them was that of the online banking practices of Morrisville-Eaton Central School

According to the report The Morrisville-Eaton Central School District (District) is located in the towns of Eaton, Fenner, Lebanon, Lincoln, Nelson, Smithfield and Stockbridge in Madison County.

The District is governed by the Board of Education (Board), which is composed of five elected members. The Board is responsible for the general management and control of District financial and educational affairs.

The Superintendent of Schools, as the District’s chief executive officer, is responsible, along with other administrative staff, for the day-to-day management under the Board’s direction. The Treasurer and Deputy Treasurer are responsible for online banking transactions.

The audit objective was to determine whether District officials ensured online banking transactions were appropriate.

“Key Findings

  • The Board did not adopt an online banking policy defining authorization, process and monitoring of online banking transactions.
  • District officials did not properly review online banking transactions or use a designated computer for online banking transactions.
  • Not all employees involved in the online banking process have received Internet security awareness training.

Key Recommendations

For online banking:

  • Adopt policies and procedures.
  • Ensure all transactions are reviewed in a timely manner.
  • Designate one computer to be used strictly for transactions.
  • Provide Internet security awareness training to involved employees.

District officials generally agreed with our recommendations and indicated they planned to initiate corrective action.”

The Comptroller’s Office recommended that “…the board should:

1. Establish a written online banking policy that specifies the online banking activities that will be used, the employees authorized to initiate, approve, transmit, review and reconcile EFT transactions and where online banking will be performed (e.g., a dedicated computer).

Further, District officials should:

2. Review online banking transactions regularly and ensure notifications and other security measures available from the District’s bank, including email notifications, are used to monitor all EFTs in a timely manner.

3. Designate a computer to be strictly dedicated for online banking transactions.

4. Ensure that employees involved in the online banking process are provided with adequate Internet security awareness training.”

To read the complete audit report, visit

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>