West Geauga Local Schools wired more than $40,000 in public money to scam accounts after staff changed a vendor’s payment information, according to a state audit released Tuesday. The transfers happened in October and November 2024 and surfaced during the Ohio Auditor of State’s routine financial review. The district’s insurer picked up most of the tab, but auditors still issued a finding for recovery on a $5,000 deductible and named two employees in that finding.
What the audit says
According to Scioto Valley Guardian, auditors found that West Geauga transferred $41,500 after receiving emails that looked like they came from a regular vendor but instead routed payments to a scammer-controlled account. The report says the district’s insurance provider reimbursed $36,500, and that the remaining $5,000, the policy deductible, became the basis for a formal finding for recovery against two employees. Auditors also flagged the district’s lack of formal cybersecurity policies and its absence of routine employee training to spot payment-redirection fraud.
State audit listing and formal finding
The Ohio Auditor of State’s office included West Geauga’s financial audit for July 1, 2024 through June 30, 2025 in its Feb. 24, 2026 audit advisory and marked the report with a "finding for recovery," according to the office’s release. That label formally calls for repayment of improperly lost public funds and places the audit on the Auditor of State’s public Audit Search site. The advisory highlights the case as part of the office’s effort to safeguard taxpayer dollars, and it puts the district’s mistake on the public record.
District numbers and response
West Geauga treasurer Karen Pavlat told News 5 Cleveland that the district sent two scam payments totaling $27,500 in late 2024 and recovered most of that through its cyber-insurance policy. The differing totals, $27,500 from the treasurer versus $41,500 in the audit and local reporting, may reflect additional transfers, timing differences or how the transactions were counted. Pavlat told investigators the problem started with a compromised vendor email and described the incident as human error, rather than some elaborate hacking caper.
Why auditors are holding employees responsible
The Auditor’s office issued a statewide bulletin in April 2024 that urged public entities to verify any request to change payment details and warned that skipping those steps could lead to findings for recovery, local reporting noted. That bulletin, along with later guidance, told offices to independently confirm banking changes before they update vendor records, a safeguard auditors say was not followed in this case. The bulletin spells out that when losses occur and procedures were ignored, auditors will hold officials and employees accountable.
Part of a wider fraud wave
State and local reporting show that dozens of Ohio governments have been hit by payment-redirect and vendor-impersonation scams in recent years, costing agencies millions and prompting repeated warnings from auditors. Investigations and state records indicate the schemes are getting more sophisticated and that public offices without clear verification protocols are especially vulnerable. Auditors and security experts say recurring incidents and rising cyber-insurance costs are pressuring local governments to tighten internal controls, or risk repeating the same expensive lesson.
What happens next
A finding for recovery sets a specific process in motion. Under state law the public office’s legal counsel has authority to try to collect the money within 120 days of receiving the audit, according to the Ohio Auditor of State, and unresolved matters can be sent to the Attorney General. West Geauga had previously been recognized with an Auditor of State Award with Distinction in February 2025, an awkward bit of timing next to this latest finding. Now the district’s leadership, school board and the Auditor’s office will determine whether the two employees will repay the $5,000 deductible or whether some other remedy will be used.
Bottom line for taxpayers
The audit recommends that West Geauga adopt formal cybersecurity policies and regular staff training focused on vendor-account changes, in order to avoid a repeat, according to local reporting. The full audit is available through the Auditor of State’s Audit Search, and the district now has to decide how to shore up its internal controls and how to handle any repayment required by the finding for recovery.
