2011 08-22-control-compliance-in-public-sector-procurement

1

Control and Compliance in Public Sector Procurement

Public Sector Fraud Risk Management & Internal Compliance22 to 23 August 2011

Yoong Ee Chuan, CPA, CIA, CISA, CISM, MSID

2

Evolution of public sector procurement Procurement risks Managing procurement risks Control and compliance issues

Agenda

3

Paper to Digital Centralisation to de-centralisation IM3B to IM on procurement Snapshot of procurement ecosystem

Evolution of Public Sector Procurement

4


5


6

Principles remain similar i.e. open and fair competition, transparency and value-for-money (or previously “lowest cost meeting specifications”)

Procurement processes were very manual IM3B – Government Instruction Manual on

Procurement prescriptive rules for manual handling of procurement exercises

Rules for quotations vs tenders Estimated procurement value (EPV)

◦ >=$3,000 < $70,000 – quotations◦ > $70,000- tenders


7


8

Quotations◦ Less onerous compliance wise to tenders◦ Confidentiality of quotations◦ Fax quotations vs mailed quotations◦ Dedicated fax, officer opening etc.◦ Posting of quotations on notice board


9

Tenders◦ Offer by vendors – more legal documentation as it

is binding◦ Confidentiality and integrity important

Tender boxes system with dual key Tender opening committee Tender witnessing officers Evaluation by committee Award by approving authorities based on value

◦ Posting of bids on notice boards


10

SLA Fraud 2011


11

SLA Fraud 2011 (BT 29/09/2010 cont’d)


12



13



14

SLA Fraud 2011


15

◦ [Post-SLA] Finance Circular No 1/2011 [4 March 2011] & Corrigendum [13 May 2011]New Roles: Approving Officer - AO (Approval of Requirement -

AOR) function Approving Officer (Bid Amendment) –Permanent

Secretary (PS) or delegated officerOther Requirements Period contracts require AO (AOR) approval Good practice to establish own period contracts for

regular purchases Limiting of “Limited” tenders – GPE should seek

guidance from PS/CEO/Head of Agency if in doubt


16

Quotation Approving Authority (QAA) preferable (good practice) to be from different department (division/section/unit) requesting procurement

Goods/services Receipt Officer ensure documentary evidence (e.g. delivery orders, service reports, inventory stock-take) that goods/services delivered or performed

Segregation of Payment Certifying Officer / Approving Officer duties extended to Statutory Boards


17

Centralisation to de-centralisation◦ THEN

Central procurement office (CPO) Stationeries e.g. pens obtained via CPO Savings from bulk purchases but spoilage from stock

obsolescence, matching demand/supply◦ NOW

Decentralised E.g. e-Catalogue buy, bulk tender, GeBIZ You buy what you need, block budget aproach


18

IM3B to IM on procurement◦ THEN

Instruction manuals came in paper files Updating was a pain, manually cross out super-ceded

paras, paste over new paras etc. People were more controls & rules conscious

◦ NOW Web-based Ease of reference and ease of forgetting (in some

cases)


19

Inherent Risks◦ Procurement is susceptible to corruption (in

general)◦ E.g. vendors gifts, ang-pows, free samples◦ Non-compliances can threaten openness, fairness

and transparency occur◦ Laxity and lapses in basic contract management

can result in loss of value-for-money◦ Report of the Auditor-General highlights cases

of non-compliance

Procurement Risks

20

In the past:◦ AG’s Report 1994/1995

Audit of Purchases under United States Foreign Military Sales Programme

Review of Financial Systems of Singapore Armed Forces Sports Association

Compliance with Government Procurement Procedures by Statutory Boards

Procurement Risks

21

Procurement Risks

22

Procurement Risks

23

Procurement Risks

24

Recently – Report of the Auditor-General FY2008/09, Auditor-General’s Overview

Areas of concern◦ Laxity in procurement and contract management◦ Lack of financial prudence in procurement and

poor management of contracts and agreements◦ Resulting in higher expenditure for goods and

services

Procurement Risks

25

Areas of concern (cont’d)◦ Under-performance not detected◦ Penalties for non-performance not imposed◦ Revenues due not collected◦ Little or no assurance of value-for-money in

projects carried out

Procurement Risks

26

Procurement Risks

27

Procurement Risks

28

Procurement Risks

29

Procurement Risks

30

People◦ Lapses due to the way people interpret and

enforce the rules as well as implementing the procedures

◦ IM3B now more principles-based, i.e. more room for people to interpret hence critical to educate staff handling procedure about how to apply the principles

◦ IM3B now provides case studies to help us◦ Segregation of responsibilities

Not one person do everything

Managing Procurement Risks

31

People◦ Segregation of responsibilities (cont’d)

GeBIZ – more different roles, e.g. goods received and goods inspection must be different officers, purchasing officer also cannot be approving etc.

Previously can circumvent if manual, now with GeBIZ roles, more difficult

Evaluation team for tenders shouldn’t all be from the same dept/team

◦ Education and awareness of IM 3B (and 3G)◦ Trade-off between controls and efficiency


32

System of procurement◦ Implement systems and processes that adhere to

IM3◦ But public agencies do vary in implementation

E.g. of SBs that had dubious quotations◦ Get internal audit to review◦ Perhaps external audit may review

However, does not focus too much on internal controls over procurement, i.e. more concerned about validity and authorisation, completeness of recording of purchasing and payment transactions then procurement principles: openness, fairness and transparency


33

GeBIZ: A game changer◦ Controls are built into the procurement process◦ More difficult (but not impossible! i.e Singapore Land

Authority case) to circumvent relative to manual processes

◦ Examples Openness of web invitations to quotes and invitations to

tenders and request for proposals (global) Routing for approvals Publication of awards

◦ Make full use of GeBIZ Because you HAVE to (SBs MUST follow IM3) Because it’s good for your agency


34

Some issues for agencies to consider:◦ To what extent does your agency adhere to

principles of IM3B/G?◦ To what extent is your standard operating

procedures for procurement in line with IM3B/G?◦ How familiar are your people with IM3B/G

principles and procedures (i.e. GeBIZ use)◦ Have you set-up assurance and audit of

procurement Get your internal audit to look into it Ask your external auditor to look into it Use data analytics to detect unusual patterns

Control and Compliance Issues

35

Mitigating Controls:◦ Segregation of duties

New AO(AOR), AO(Bid Amendment) etc. Goods receipt, inspection and 3-way matching (Purchase

Order, Delivery Order, Invoice)◦ Staff rotation

SLA fraud surfaced partly due to staff rotation◦ Oversight by Department Heads/Officers responsible

for budget and payment approvals Review monthly / quarterly expenditure against budget Review purchases or payment reports and query on

payments to “unusual” vendors Understand own department’s procurement needs


36

Mitigating Controls◦ Consider centralisation of procurement

Weigh balance between efficiency and controls and risk of procurement fraud

Central purchasing “acts” as AOR as all purchases routed through dept

Better able to spot split quotations / purchases◦ Consider lower approval limits

Not fool-proof as shown by SLA fraudulent transactions were below $70,000 (threshold for calling tenders) but makes fraudster “work” harder

◦ Whistle-blowing policy or Internal Disclosure Policy [PMO (PSD) Circular No. 3/2011]


37

Questions? Contact

◦ Yoong Ee Chuan, Director/Internal Audit Office◦ 535 Clementi Road, Singapore 599489◦ Ngee Ann Polytechnic (www.np.edu.sg)

[email protected] DID: 6460-6275 Twitter: @eechuan LinkedIn: http://sg.linkedin.com/in/eechuan

Thank you!

http://www.np.edu.sg/

mailto:[email protected]

http://sg.linkedin.com/in/eechuan

2011 08-22-control-compliance-in-public-sector-procurement

Business