Agencies must address several recurring lapses across public sector: Public accounts watchdog
SINGAPORE: The Public Accounts Committee has urged several ministries and public agencies to address several recurring lapses across different public sector entities, as cited in the Auditor-General’s report for the financial year 2017/18.
The committee said in a report on Friday (Feb 1) that a number of observations raised "were recurrent lapses found across different public sector entities" which the Auditor-General’s Office (AGO) had audited over the last few years.
These recurring lapses were in the management of contracts, management of user accounts and access rights in IT systems, and in the area of procurement and payments, said the committee. In one case, the instances of lapse had increased.
The committee clarified that in many instances, the lapses occurred not because of a lack of rules, procedures or systems, but due to agencies not complying with the controls put in place.
"The non-compliance could be due to various reasons such as the lack of understanding or clarity of the rules," it said.
LAPSES IN CONTRACT MANAGEMENT
One such lapse was in contract management. For example, there were cases of paying for services not rendered, not obtaining proper approvals for award of contracts and before carrying out variation works, and delays in the issuance of final accounts.
The ministries involved in these lapses included: Ministry of Defence (MINDEF), Ministry of Education (MOE), Ministry of Home Affairs (MHA) and Ministry of Culture, Community and Youth (MCCY).
For example, MINDEF'S facilities management agent (FMA) and contract manager, DSTA, had not detected overpayments of grass-cutting fees for a camp.
The defence ministry later indicated that DSTA would impose contractual penalties on the contractor for over-claiming and on the FMA for failing to properly check the contractor’s claims.
Additionally, it had also initiated verification of areas used by the contractor for computing charges of other services besides grass-cutting. MINDEF would also put in place various enhancements to its contract management process, said the committee.
"The Committee requested MINDEF for an update on the actions taken and details of the enhancements to the contract management processes. In addition, the Committee also asked MINDEF about the actions taken against DSTA for failing to exercise proper oversight of the contract management and payments," said the Public Accounts Committee.
One of the actions MINDEF then took was to share that letters on contractual penalty had been issued to the contractor and FMA in June 2018, and the cost deductions had been completed in July 2018.
Actions had been taken against the DSTA officers who failed to exercise proper oversight of the contract management and payments, said the committee.
ISSUES WITH IT, FINANCIAL CONTROLS
There were issues with IT and financial control systems as well, the report noted.
Common weaknesses in the area of IT controls included no monitoring of privileged users’ activities in IT systems and lapses in managing user accounts and access rights.
Under the Ministry of Finance (MOF) for example, the Accounting and Corporate Regulatory Authority (ACRA) did not activate a critical feature to log activities carried out under two privileged user accounts in the database server of its new business filing system.
A similar lapse had been highlighted by the AGO in the financial year 2012/13.
The committee then asked MOF the reasons for not activating the logging feature in the system despite a similar earlier lapse.
MOF said that ACRA had put in place relevant SOPs, activated the privileged user account audit logging feature, and carried out system pre-and post-commissioning audits, but these measures were not effective.
However, among some of its remedies, MOF said that it has implemented a log management system to detect changes to key settings and configuration.
MOF also said that it would commence in mid-October 2018 an independent comprehensive review of ACRA’s compliance with relevant standards to ensure effectiveness of controls
For financial controls, there were lapses such as laxity in the management of cash and assistance in-kind under welfare assistance schemes, weaknesses in overseas purchases and payments, and lapses in revenue contracting.
The Immigration and Checkpoints Authority (ICA) for example had given the right to use its premises to operate photo booths to the ICA recreation club without going through a competitive process and without charging rental.
GAPS IN MANAGEMENT OF RESEARCH AND DEVELOPMENT GRANTS
The committee also touched on the management of research and development (R&D) grants, stating that there were gaps in this aspect.
"The Committee noted that there were established processes for grant application, evaluation and award in the public sector agencies audited," it said.
"Nevertheless, there is a need to strengthen controls in the areas of monitoring and review of reports and the recovery of unutilised funds."
In this instance, the Prime Minister's Office (PMO) for example showed a laxity in verification of fund requests.
The committee noted that the National Research Foundation (NRF) has initiated the recovery of funds for the incorrect disbursements and would implement various measures to enhance the verification of fund requests.
It also asked PMO for the measures to enhance verification of fund requests and how PMO would ensure their effectiveness in addressing the gaps and preventing the recurrence of similar lapses. In addition, the Committee asked for an update on the recovery of funds for the incorrect disbursements.
PMO said that the NRF would put in place SOPs to facilitate detection of non-fundable items and to establish a process for the documentation of checks done.
"NRF had since recovered all funds for incorrect disbursements identified in
the Report of the Auditor-General," said the committee.
SOLVING RECURRING LAPSES
In light of these observations, the Public Accounts Committee urged that agencies learn from past lapses and put in place effective measures to prevent recurrence of similar lapses. The agencies need to understand and address the root causes to do so.
It also said that for the weaknesses in IT controls, the review of user access rights, removal of obsolete user accounts and not sharing accounts are fundamental controls which agencies are required to comply with.
"Weaknesses in these controls could become the weakest link in IT systems," the committee cautioned as it pushed for more effective compliance.
On compliance with rules, it said that it is "important that staff understand the purpose, underlying principle and rationale of rules put in place".
"Rules should be clear and effective, so that staff can understand and comply with them," said the committee, adding that due process was needed if a deviation from existing rules was warranted.
"In such situations, agencies should take ownership of their actions and there should be proper justification and approval obtained, and documentation of the decision."
MOF TO ADDRESS CONCERNS
The Public Accounts Committee also said MOF could provide inputs on what could be done to address the concerns at the Whole-of-Government (WOG) level.
MOF agreed that it is important that agencies learn from the audit findings and put in place effective measures to prevent recurrent lapses, noted the committee.
The finance ministry also informed the committee that it had identified the root causes of the lapses, and was reviewing existing rules and processes.
MOF noted to the committee that the root causes were due to human oversight, misjudgement, time pressure, insufficient staff capabilities, and poorly designed rules and requirements.
As for recurring lapses, MOF said that it was "working on several fronts" like setting the right tone at the top. This includes stepping up its engagement with public sector leaders to ensure that they understand their critical role in upholding a sound and robust system.
In particular, MOF is currently focused on addressing recurrent lapses in the areas of management of construction contracts (with the Building and Construction Authority) and IT controls (with the Smart Nation and Digital Government Group), noted the committee in the report.
On non-compliance with rules, MOF informed the committee that one of the causes was inappropriate rules or requirements that are overly onerous, prescriptive or unclear.
"In this regard, it had asked public sector agencies to review their internal policies and processes to strike a balance between strengthening controls and sustaining operational efficiency," said the Public Accounts Committee.
The committee is chaired by Ms Jessica Tan Soon Neo, Mr Ang Hin Kee, Mr Ang Wei Neng, Mr Liang Eng Hwa, Dr Lim Wee Kiak, Mr Leon Perera, Ms Tin Pei Ling and Mr Zainal Sapari.