This report presents the findings of the audit of the Departmental practices associated with the Management of Specified Purpose Accounts (SPAs). The objective of the audit was to determine the extent to which SPAs are managed in accordance with sound comptrollership practices and in compliance with legislative and regulatory requirements.
The Department's SPA balance, as at March 31, 2002, for the six General Ledger (GL) accounts selected for audit was $10.9M. We are concerned with the accuracy of the account balances in all but the Canadian Tourism Commission (CTC) GL account.
The Department of Foreign Affairs and International Trade (DFAIT) policy on SPAs does not provide sufficient information to enable managers to consistently determine whether receipts from third parties meet the criteria for an SPA, or whether the funds should be more appropriately classified as net-voting or non-tax revenues. The Chart of Accounts Manual does not explain the intended use of each GL account. As a result of the above, there are a variety of existing projects which, in our opinion, do not meet the criteria for an SPA. This adversely impacts the accuracy of the Department's financial statements including assertions made as to the use of its delegated net-voting authority of $27M. In addition, SPA information recorded in the Integrated Management System (IMS) is not subject to adequate monitoring by Mission and HQ program and financial personnel. The specific monitoring role and responsibilities to be assumed by the various stakeholders are not clearly articulated. The absence of any reference to monitoring responsibilities in the DFAIT SPA policy is a major cause for this situation.
Most departmental SPA stakeholders use Commitments (CO) as a means of tracking receipts and disbursements of third party monies. A combination of IMS and business processing issues have an adverse impact on the management of the SPA accounts and the related processing of receipts and disbursements to the appropriate CO. Consequently, SPA stakeholders often use off-line systems to monitor, track and report on the status of the funds, thereby increasing administrative costs. SPA stakeholders do not routinely reconcile the information in their off-line system to the data found in IMS. Managers could, therefore, be making decisions, and assertions to third parties, based on inaccurate and incomplete information. As a result, we can not give assurance to DFAIT management that SPA accounts are effectively managed.
Statistical samples were drawn from both expenditure (debits) and deposit (credit) transactions to determine whether evidence existed that key internal controls were operating effectively. The error rates for the expenditure sample items range from 0% to 100% with most of them exceeding 22%. In the case of the deposit sample items, the error rates also range from 0% to 100% with most items exceeding 50%. Accordingly, our sample results provide Management little assurance that key internal controls operated effectively during the 2001/02 fiscal year. (Note - the error rates are based on a review of the documentation supplied in response to our request. The request was clear and precise and, as such, it was not deemed necessary to follow-up with Missions and HQ fund centres to determine if they inadvertently excluded the supporting documentation in their response.)
The Office of the Auditor General (OAG) issued a management letter describing the results of its review of the Department's general computer and automated business processing controls. The OAG's conclusions on the controls, combined with our assurance statement on the manual controls, provides a comprehensive assessment of the adequacy of the control framework established for the management of SPAs.
In summary, third party monies are not properly and consistently identified, classified, controlled and accounted for in accordance with sound comptrollership practices and Departmental policy. As a result, it is difficult for the Department to accurately confirm the actual liability to a variety of third parties. This situation is due primarily to IMS and business processing issues, inadequate policy direction and weak active monitoring practices.
1.1.1 The audit focussed on the Departmental practices and controls related to the management of SPAs. More specifically, the audit assessed the management control framework that applies to SPAs to ensure that deposits and disbursements are properly identified, classified, controlled and accounted for in the Department's financial records.
1.2.1 The overall audit objective was to determine the extent to which SPAs are managed in accordance with sound comptrollership practices and comply with legislative and regulatory requirements. In particular, the audit focussed on determining whether:
1.3.1 The internal audit was conducted in accordance with the Treasury Board Policy on Internal Audit and the Institute of Internal Auditors Standards for the Professional Practice of Internal Auditing.
1.3.2 The audit examined the major business processes and key controls associated with the management of SPAs at both DFAIT Headquarters and Missions. The examination phase of the audit was conducted during the period of March 2002 to August 2002.
1.3.3 We conducted a comprehensive review of all SPA GL accounts to determine their purpose and use. We also conducted analyses of the account data (primarily for the 2001/2002 fiscal year) and documented an understanding of how each GL accumulated both the credits (deposits) and debits (disbursements) in the account. A generic management control framework was also developed and subsequently tailored to the SPAs selected for examination.
1.3.4 Based on the information gathered, the Audit Team identified potential audit issues and made decisions regarding which SPA GL accounts to examine as reflected in the following table.
|GL Account #||Description||Notes|
|24025||Distressed Canadian - prepaid financial assistance||1|
|24030||Non-government organizations/claims against Iraq||1a|
|24100||Specified purpose accounts - miscellaneous||1a|
|24105||SPA - PM led summits||2|
|24110||Shared costs - Tourism Program||3|
|24250||Canadian Tourism Corporation||3|
|37999||Crown Corp: CTC - Deposits||3|
|24115||Shared costs - Trade Program||4|
|27000||Canadian Cultural Institute - securities in trust CR||4|
|27050||Canadian Landmine Action Fund||4|
1. Full coverage - review focussed on whether money received for a specified purpose is properly identified, classified, controlled, accounted for and reported on and included carrying out compliance tests for a sample of transactions.
1a. Full coverage - in addition to the audit activities described in 1 above, specific "sub-accounts" (Commitments) were selected for more in-depth review due to the unique nature of the sub-account or as a representation of the variety of SPA sub-accounts included in the GL.
2. Limited coverage - review focussed on specific receipts and payments recorded in the account.
3. Limited coverage - review focussed on the Corporate financial administration, monitoring and reporting activities.
4. Account not subject to audit - GL opening or closing balances were immaterial and few or no transactions were processed during the 2001/2002 fiscal year.
1.3.5 For each of the above GL's included in the audit scope, an audit program was developed to test compliance with policies and procedures which govern the management of SPAs. In the case of GL's 24025, 24030 and 24100, a statistical sample of debits and credits recorded in these accounts during the 2001/2002 fiscal year was selected for testing purposes.
2.1.1 Roles and responsibilities and Central Agency Reporting requirements, as they pertain to SPAs are described in Chapter 5, Section 6 of the DFAIT Accounting Manual.
2.1.2 Responsibility for the management of SPAs is shared amongst various DFAIT organizational units. There are ten SPA General Ledger accounts, some of which relate to a single departmental program and fund centre, whereas others involve multiple programs and fund centres.
2.2.1 The following table provides the opening account balances for those SPAs selected for audit, the value of the Debits and Credits posted during the 2001/2002 fiscal year and the closing balances as at March 31, 2002.
Tombstone 2001/2002 Financial Data
|SPA GL #||SPA GL Account Title||Opening Balance @ April 1, 2001||Debit Postings||Credit Postings||Closing Balance @ March 31, 2002|
|24025||Private Fund Transfers||$ 90,600||$ 1,254,000||$ 1,274,400||$ 110,400|
|24030||NGOs and Claims Against Iraq||$ 16,201,600||$ 27,774,600||$ 14,671,600||$ 3,098,800|
|24100||SPA Miscellaneous||$ 1,549,700||$ 5,491,600||$ 5,924,400||$ 1,982,500|
|24105||PM Led Summits||$ 947,600||$ 1,349,400||$ 422,800||$ 21,000|
|24250||Canadian Tourism Commission - Transactions||$ 0||$ 48,720,800||$ 54,417,500||$ 5,696,700|
|37999||Canadian Tourism Commission - Deposits||$ 0||$ 40,870,500||$ 40,870,500||$ 0|
|Sub-Total - Selected SPA GLs||$ 18,789,500||$ 125,461,300||$ 117,581,200||$ 10,909,400|
3.1.1 The DFAIT Accounting Manual describes the Department's SPA Policy. It outlines the policy's scope, objective, key definitions and associated roles and responsibilities. It provides useful information for the management of SPAs, however, we noted some gaps. These gaps are as follows:
3.1.2 We observed an array of examples of incorrect classifications of funding arrangements which may not meet the Treasury Board criteria for SPAs. For instance:
3.1.3 The key impacts associated with the above observations are as follows:
3.1.4 SMS, in consultation with SMF and other SPA stakeholders, should strengthen the DFAIT SPA policy by tailoring it to the nature of the Department's program activities and net voting authorities by providing more explicit direction on its scope, objective, key definitions and associated roles and responsibilities.
3.1.5 SMS, in consultation with appropriate SPA stakeholders, should strengthen DFAIT's SPA Policy to incorporate the need to conduct on-going monitoring of SPA accounts and to assign specific responsibilities to both HQ and Mission Program and Financial Officers.
3.1.6 SMS, in consultation with SMF and other SPA stakeholders, should strengthen the Chart of Accounts Manual to better explain the appropriate financial recording and reporting structures required to meet the operational needs of program managers and corporate financial reporting requirements. The definition, purpose and use of each GL account, particularly unfamiliar Asset and Liability accounts, should be clearly presented for ease of understanding and use by both Program and Financial Officers.
3.1.4/3.1.5 Agreed. DFAIT refers to the Treasury Board Chapter 5-7 Policy on Specified Purpose accounts as the financial policy for Specified Purpose Accounts. SMSP, in consultation with all key stakeholders, will be developing a DFAIT specific Specified Purpose Account Policy linked to the TB SPA policy, highlighting specific DFAIT requirements and associated roles and responsibilities. It will be completed by March 31, 2003.
3.1.6 SMFQ has responsibility for maintaining an electronic version of the DFAIT coding manual. It had been available via the DFAIT Intranet site, but was pulled off some time ago for modifications (by SMFQ). A revised version will be posted. As well, additional detail will be incorporated upon completion of the DFAIT SPA policy. It will be posted by December 20, 2002.
3.1.7 SMF, in consultation with applicable SPA stakeholders, should review the nature and status of each of the projects currently residing in the designated SPA GL accounts to determine whether the project meets the criteria for SPAs. For those projects that do meet the criteria, implement the appropriate reclassification action, and if necessary, seek the appropriate net voting authority.
3.1.7 SMF will monitor accounts in accordance with the policy once it is articulated and the coding is in place. However, where it can be determined that corrective action is required, SMF will follow-up with the responsible organizational Program units to ensure action is taken.
3.2.1 During the review of SPA GL accounts, we encountered IMS and business processing issues that have a significant impact on the management of the GL accounts and their sub-accounts, and the related processing of receipts and expenditures.
3.2.2 One IMS financial management feature available to manage SPA projects is the Funds Commitment (CO). This feature allows management to set aside funds for specific expenditure purposes, to track payments made against that CO and to avoid overspending the funds set aside. While this feature may work well with appropriation budgets, it does not provide the same degree of control for SPA GL (liability) accounts. For instance, Program Managers are using various methods to track projects within the SPA GL accounts. CO's are used to represent some SPA project while other SPA projects do not refer to any CO when funds are received or expenditures paid. Some Missions use their own project code reference in the Allocation Field of IMS, while others use no project reference at all. The lack of a common 'sub-account' mechanism affects the ability to reconcile project fund balances to program information and to the GL and Fund levels.
3.2.3 We noted a number of deficiencies related to SPA sub-account controls. They are as follows:
As a result, there is no assurance that the liability appearing in the Department's financial statements reflects the true obligation to third parties.
3.2.4 IMS does not provide a report that presents a complete chronological history of all receipt and disbursement postings associated with an SPA Agreement entered into by the Department with a third party. Separate reports can be produced for deposits and disbursements, but only if properly coded to the Commitment established for the project. Consequently, monitoring of project receipts and expenditures is difficult.
3.2.5 SMS, in consultation with SPA stakeholders, should determine and implement the IMS program solutions, modifications to business processes, and training required to improve SPA controls and reporting.
3.2.5 Agreed. There are a number of ways in which SPA's can be managed within IMS, in compliance with Treasury Board Policy, (SIV noted the use of Commitments, but others exist as well, for example, Internal Orders, WBS elements, etc.). An analysis will be undertaken by SMS and SMF to determine the optimal solution. This analysis will be completed by June 30, 2003.
3.3.1 Separate statistical samples were drawn from expenditure transactions (debits) posted to three SPA General Ledger (GL) accounts: Distressed Canadians (GL 24025), NGOs and Claims Against Iraq (GL 24030) and Miscellaneous (GL 24100). A sample was also drawn of the deposit transactions (credits) posted to these accounts. The sample items were examined to determine whether evidence existed that key internal controls were operating effectively. The following tables summarize the sample error rates associated with the attributes examined. The error rates for the expenditure sample items range from 0% to 100% with most of them exceeding 22%. In the case of the deposit sample items, the error rates also range from 0% to 100% with most items exceeding 50%. Accordingly, our sample results indicate that key internal controls did not operated effectively during the 2001/02 fiscal year.
|Specified Purpose Accounts Summary of Disbursements (Debits) Sample Error Rates Expressed as a Percentage of the Attributes Tested|
|Attribute Category||GL 24025||GL 24030||GL 24100||# of Errors|
|HQ %||Mission %||HQ %||Missions %||HQ %||Missions %|
|Accuracy of financial coding||0/3=0||1/30=3||0/3=0||0/19=0||-||2/9=22||3|
|Appropriately certified under Sec. 34||1/2=50||8/25=32||1/3=33||2/11=18||-||0/8=0||12|
|Appropriately certified under Sec. 33||2/2=100||3/22=14||2/3=66||3/17=18||-||2/7=29||12|
|Adequacy of payment supporting documentation||0/3=0||0/27=0||0/3=0||0/18=0||-||0/8=0||0|
|Existence and content of MOU||N/A||N/A||0/2=0||8/48=17||-||6/16=38||14|
|Third Party monies received prior to making disbursement||0/2=0||0/22=0||0/2=0||1/18=6||-||2/8=25||3|
|Monies disbursed in accordance with MOU||0/2=0||3/22=14||0/2=0||0/16=0||-||0/4=0||3|
|Ratio: Errors/Total Attributes||3/14||15/148||3/18||14/147||-||12/60||47/387=12%|
|Specified Purpose Accounts|
Summary of Deposits (credits) Sample error rates expressed as a percentage of the attributes examined
|Attribute Category||GL 24025||GL 24030||GL 24100||# of Errors|
|HQ %||Mission %||HQ %||Missions %||HQ %||Missions %|
|Accuracy of financial coding||0/5=0||1/2=50||0/13=0||1/5=20||0/2=0||1/3=33||3|
|Adequacy of supporting documentation||0/5=0||1/2=50||0/13=0||3/5=60||0/2=0||3/3=100||7|
|Appropriateness of treating receipts as SPA liability||0/5=0||0/2=0||0/13=0||0/5=0||0/2=0||2/3=66||2|
|Existence and content of MOU||N/A||N/A||8/23=35||1/13=8||1/4=25||2/5=40||12|
|Ratio: Error/Total Attributes||0/15||2/6||8/62||5/28||1/10||8/14||24/135=18%|
3.3.2 The most frequent errors in our sample were the use of initials or indecipherable signatures to approve financial transactions, and the absence of supporting documentation, including the written Agreement. The Treasury Board SPA policy identifies the need for appropriate signatures and supporting documentation as well as a written Agreement between the Department and the third party that spells out the purpose of the funds, the roles and responsibilities of the respective parties and the use and disposition of the funds provided. The DFAIT policy is also quite specific regarding these requirements. The frequent absence of an agreement may be attributed to the fact that some SPAs established in the Department's financial system were net-voting arrangements and/or Program and Financial Officers were not aware of the requirement for an Agreement. Without appropriate written Agreements, the use of funds provided to DFAIT may not have been in accordance with the intentions of the third party. In addition, the disposition of unused funds for numerous SPA projects, if not clearly defined in the Agreement, may not have been properly credited to miscellaneous revenue and could have been used inappropriately for other purposes.
3.3.3 SMS, in consultation with SMF, should advise Financial Officers that when using initials to approve financial transactions, the specimen signature card should reflect their initials.
3.3.4 The requirement for the correct reflection of the signature on the specimen signature card is reflected in the DFAIT Chapter 28 - Signing Authorities under Paragraph 28.3.4. A reminder will be sent by March 2003.
3.3.5 SMF should advise HQ and Missions of the need for Program and Financial Officers to ensure that the appropriate supporting documentation is retained for reference purposes in accordance with Department records management policies for financial documents.
3.3.6 SMF should advise HQ and Missions the requirement of a signed Agreement with a third party and the need to substantiate that the funds were managed effectively and their use appropriately reported to the third party, as applicable.
3.3.5 This will be addressed in the DFAIT policy document and is also contained in TB policy Chapter 5-7. It will be completed by March 31, 2003.
3.3.6 This will be addressed in the DFAIT policy document and is also contained in TB policy Chapter 5-7. It will be completed by March 31, 2003.