Archived - Audit of Expenditure Management Monitoring

Date: September 2009

PDF Version (91 Kb, 25 Pages)

Table of Contents

• Initialisms and Abbreviations
• Executive Summary
• 1.0 Introduction
• 2.0 Objectives
• 3.0 Scope
• 4.0 Approach and Methodology
• 5.0 Conclusions
• 6.0 Observations and Recommendations
• 7.0 Management Action Plan
• Annex A - Audit Criteria

Initialisms and Abbreviations

Executive Summary

Introduction

Indian and Northern Affairs Canada's (INAC) operating expenses for 2007/08, excluding transfer payments and salaries/benefits, totaled $1.5 billion or 18% of departmental expenses (2006/07 - $1.1 billion or 16% of departmental expenses). This balance represents various types of expenditures including claims and litigation, environmental liabilities, court awards and settlements, travel, relocation and accommodation and other operating expenses.

Included within the 2008-2011 Risk Based Audit Plan, the Audit and Evaluation Sector (AES) identified Expenditure Management Monitoring as an audit project for 2008-2009. This project was identified as a priority by AES' risk-based planning process given the significant risks associated with the materiality of departmental expenditures, as well as the requirement for risk-based monitoring of expenditures to enable post-payment verification, as stated in the Treasury Board of Canada (TB) Policy on Account Verification.

Objectives and Scope

The objective of the audit was to provide assurance to senior management regarding the adequacy, effectiveness and efficiency of departmental controls for monitoring over expenditure management on a risk-informed basis.

This audit of expenditure management monitoring examined the adequacy of design and the effectiveness of management's key monitoring controls intended to provide assurance that expenditures are managed in compliance with applicable INAC and TB policies and that key issues are identified and communicated in a timely manner for informed decision-making purposes.

For the purpose of this audit, expenditure management monitoring is represented by two broad groups of activities:

• Monitoring of expenditures against budget to allow for timely resource allocation decisions; and
  
  
• Monitoring of expenditure management, specifically, INAC's Quality Management Program (QMP) to ensure compliance to the Financial Administration Act (FAA), TB and INAC policies and directives.

Audit tests were conducted on expenditures incurred for the period from April 1, 2008 to March 31, 2009. Walk-through tests, tests of transactions and control design assessments were performed based on information made available to AES during the conduct phase of the audit during the period of April through June 2009.

The scope of the audit included all operational expenditures with the exception of transfer payments and compensation related expenditures; both of which will be addressed through other ongoing and planned audit projects and related initiatives.

Conclusions

In our opinion, the management control framework over the monitoring of expenditures against budget is generally effective in identifying funding pressures in a timely manner for appropriate resource allocation decisions. Areas for improvement, including improved guidance and tools, have been identified to support management in assuming their responsibilities.

Based on our assessment of the Quality Management Program over expenditure management, it is our opinion that the monitoring controls are not effective in ensuring the adequacy of the account verification system. The significant findings related to the Quality Management Program are detailed below:

Quality Control - Pre-Payment Verification
The types of expenditures that are deemed high risk and subject to pre-payment verification may be inappropriate as each region is supplementing this process to varying degrees.

Quality Assurance - Post-Payment Verification
The risk-based sampling approach to post-payment verification is limited as it does not consider specific transaction types that may be higher risk and does not allow for flexibility in sampling based on historical error rates and trends. Further, minimal procedural guidance and documentation standards have been developed for the post-payment audit process, which has resulted in inconsistencies and gaps in the approach to the process and levels of documentation across the country.

There are weaknesses in the oversight of the post-payment verification as limited error details are reported and tracked from the results of the post-payment review, impacting the ability to effectively target root causes of non-compliance through action plans. Further, no formal management reporting, action plan development and follow-up procedures have been integrated into the post-payment audit process.

Recommendations

The audit report provides a number of recommendations intended to address the audit findings. The following is a summary of the recommendations presented in the audit report.

Guidance and Tools to Support Monitoring against Budgets

• The Director General (DG) of Corporate Accounting and Materiel Management (CAMM), in conjunction with the Planning and Resource Management Branch (PRMB), should ensure that current financial management guidance is reviewed and updated and appropriately enforced.
  
  
• The DG of CAMM, in conjunction with the regions, should ensure that Responsibility Centre Managers (RCM) are aware of the capabilities within and the requirements to use the monitoring tools within OASIS, specifically related to soft commitments. Ongoing monitoring and enforcement programs should be established to ensure appropriate take up and acceptance of the departmental policy.

Delegation of Authority Training

• The Director of Continuous Business Process Improvement (CBPI) in the CFO sector, in conjunction with the Human Resources and Workplace Safety (HRWS) Branch, should ensure that the mandatory financial delegation training is completed by all delegated authorities on a timely basis. A follow-up and escalation process should be developed when the training has not been completed in a reasonable amount of time.

Pre-Payment Verification

• The DG of CAMM should ensure, in conjunction with regional representatives, that an appropriate and consistent listing of high-risk transactions considered for pre-payment verification is determined, given the operational needs of the Department.

Post-Payment Verification

• The Director of the Corporate Accounting and Reporting Directorate (CARD) should ensure a review of the Department's post-payment sampling strategy is conducted to confirm that it reflects the current risk profile of the Department. Further, the capability of the sampling tool should be updated to build in the flexibility to adapt to changing risk conditions.
  
  
• The Director of the CARD should ensure that the approach to reporting and tracking verification results is revised. By tracking and trending errors by individual RCM and error type, more appropriate and targeted remediation can be taken.
  
  
• The Director of the CARD should ensure that a formal management reporting, action plan development and follow-up process is developed for post-payment verification results.

Statement of Assurance

In my professional judgment, as Chief Audit and Evaluation Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the conclusions reached and contained in this report. The conclusions were based on a comparison of situations, as they existed at the time of the audit against the audit criteria. It should be noted that the conclusions are only applicable for the areas examined.

1.0 Introduction

Indian and Northern Affairs Canada's (INAC) operating expenses for 2007/08, excluding transfer payments and salaries/benefits, totaled $1.5 billion or 18% of departmental expenses (2006/07 - $1.1 billion or 16% of departmental expenses). This balance represents various types of expenditures including claims and litigation, environmental liabilities, court awards and settlements, travel, relocation and accommodation and other operating expenses.

Included within the 2008-2011 Risk Based Audit Plan, the Audit and Evaluation Sector (AES) identified Expenditure Management Monitoring as an audit project for 2008-2009. This project was identified as a priority by AES' risk-based planning process given the risks associated with the materiality of departmental expenditures, as well as the requirement for risk-based monitoring of expenditures to enable post-payment verification, as stated in the TB Policy on Account Verification.

For the purpose of this audit, expenditure management monitoring is represented by two broad groups of activities:

• Monitoring of expenditures against budget to allow for timely resource allocation decisions; and
  
  
• Monitoring of expenditure management, specifically, INAC's Quality Management Program to ensure compliance to the Financial Administration Act (FAA), TB and INAC policies and directives.

A Quality Management Program (QMP) is a system of management controls and activities that together act to support compliance to relevant policies and directives. The QMP within the context of this audit consists of both Quality Control (QC) and Quality Assurance (QA) activities. Consistent with other areas across the Department, QC activities are those that are intended to support compliance to policies and directives and are maintained throughout a particular process. QA includes those activities used by management to independently validate compliance with requirements (i.e. QA activities are performed by an independent party that does not have operational responsibility).

2.0 Objectives

The objective of the audit of expenditure management monitoring was to provide assurance to senior management regarding the adequacy of design and the effectiveness of management's key controls intended to provide assurance that expenditures are managed in compliance with applicable INAC and TB policies and that key issues are identified and communicated for timely and appropriate decision-making.

3.0 Scope

The audit of expenditure management monitoring encompassed both the management controls in place within the CFO Sector and the accountabilities assigned for monitoring the management of expenditures assigned to the rest of the Department. The scope of the audit included all operating expenditures with the exception of transfer payments and compensation related expenditures. Both areas have been addressed through other ongoing and planned audit projects and related initiatives.

Audit tests were conducted on expenditures incurred during the period from April 1, 2008 to March 31, 2009. Walk-through tests, tests of transactions and control design assessments were performed based on information made available to AES during the conduct phase of the audit during the period of April through June 2009.

4.0 Approach and Methodology

The approach to the audit followed the requirements of the Institute of Internal Auditors' Standards for the Professional Practice of Internal Auditing and the TB Policy on Internal Audit. This means that sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the conclusions reached and contained in this report. The conclusions are based on a comparison of situations, as they existed at the time of the audit and against the audit criteria. It should be noted that the conclusions are only applicable for the areas examined.

The planning phase of the audit involved various procedures including: documentation review and interviews/teleconferences with representatives from the following regions/sectors: British Columbia, Alberta, Saskatchewan, Ontario, Corporate Accounting and Reporting Directorate (CARD) and Planning and Resource Management Branch (PRMB), both within the CFO sector.

Audit criteria were determined based on information gathered during the planning and risk assessment phase during the period of March and April 2009. The audit criteria served as the basis for developing the audit approach and detailed audit program for the conduct phase. The audit criteria are provided in Annex A.

During the examination phase of the audit, the activities in Manitoba, Northwest Territories (NWT), and Ontario regional offices as well as Headquarters (HQ) were examined in detail during the period of April to June 2009.

The principal audit techniques used included:

• Documentation Review – Thedocumentation that was subject to examination included, but was not limited to,policies, directives, frameworks, and procedures relevant to monitoring of expenditure management.
  
  
• Expenditure File Review – Detailed expenditure file reviews were conducted using an audit program developed to assess compliance with related audit criteria.
  
  
  • To confirm the effectiveness of the management of individual expenditures, file documentation was examined for a sample of 60 transactions in the four regions visited (with the exception of Manitoba where only 45 transactions were tested as no post-payment verification is performed in the region).
    
    
• Interviews – Interview guides were developed and utilized based upon the audit objectives and criteria developed. Interviews were conducted at HQ with representatives from the PRMB and the CARD within the CFO Sector. Interviews were further conducted at each of the four regions visited, including management and staff responsible for the management and monitoring of expenditures.

5.0 Conclusions

In our opinion, the management control framework over the monitoring of expenditures against budget is generally effective in identifying funding pressures in a timely manner for appropriate resource allocation decisions. Areas for improvement, including improved guidance and tools, have been identified to support management in assuming their responsibilities.

Based on our assessment of the Quality Management Program over expenditure management, it is our opinion that the monitoring controls are not effective in ensuring the adequacy of the account verification system.

6.0 Observations and Recommendations

6.1 Monitoring of Expenditures against Budget

Ongoing monitoring of expenditures relative to budget is critical for timely and appropriate resource allocation decisions given the increasing priorities of the Department, coupled with continuous resource constraints. Historically, the Department has struggled with timely re-allocation decisions. Over the last three fiscal years, INAC has lapsed between $15M and $17M in funding annually over and above its allowable 5% carry forward limit.

To prevent future lapses in funding, the Department has implemented a new initiative during fiscal 2008/09 whereby managers' financial management accountabilities are directly linked to their performance agreements. Each Responsibility Manager (RCM) is given a performance target which requires them to manage their expenditures to within 2.5% of their budget by the end of the fiscal year. This ensures that managers are held accountable for the management of financial resources and as a result, for fiscal 2008/09, it was expected that the Department would not lapse funds above the 5% threshold.

The Department monitors expenditures through the Financial Status Report (FSR) exercise which is performed six times per year. An extract of OASIS (the departmental financial system) is prepared monthly for each RCM; however, the manager is only required to formally update the FSR six times per year according to the schedule prepared by the CFO Sector. To perform this analysis, each RCM is required to update his/her forecast, provide justification for any significant variances and identify any funding pressures. Completed FSRs are rolled up to the regional and sector level and submitted to the ADM for approval. The signed Sector FSR is then forwarded to the CFO Sector.

As part of the overall financial monitoring exercise, a review of expenditures is performed on a monthly basis through the monthly certification process. This exercise provides assurance as to the integrity of the data in the financial system. An expenditure report is extracted from OASIS and submitted to each RCM for review at HQ and in the regions. RCMs must review their report and provide feedback for any unusual items, such as unmatched invoices, and then sign and return the report to the CARD within the CFO Sector. CARD reviews the monthly certification reports and makes the necessary corrections or works with the RCM to make the required changes or corrections.

6.1.1 Guidance Documentation Available to RCMs

While the ongoing monitoring of expenditures against budget is formalized within the Department, with roles and responsibilities understood by those involved, there are opportunities to enhance the guidance available to RCMs to support these activities.

According to the TB Guide on Financial Management Accountability in Departments and Agencies, managers must have a clear understanding of their financial management responsibilities and be able to demonstrate accountability for their performance in this regard. Financial management responsibilities include: giving consideration to obtaining the best possible value from public resources; making decisions in light of reliable and timely financial information; analysis and advice, ensuring cost effective controls are in place to ensure probity; and reporting appropriately on their financial accountability.

Within INAC, roles and responsibilities regarding financial management are defined in the job descriptions of each management position. Roles and responsibilities are also defined in the Departmental Manager's Guide to Financial Management which covers a number of Finance related topics such as planning and budgeting and managing budgets and transactions such as travel and hospitality.

Based on documentation review and interviews with key management within the CFO Sector and the regions visited, roles and responsibilities are clearly understood. It was noted; however, that RCMs in the field were not familiar with the formal guidance documentation available on the intranet, including the Manager's Guide to Financial Management. RCMs confirmed that they rely on regional based documentation or central support services for guidance and support. Further, our review of the Manager's Guide to Financial Management revealed that the guide has not been updated recently as it refers to systems and processes that are no longer in use by the Department.

OASIS provides ongoing information on the state of each RCM's budget, including funds available and forecast information based on the information input by RCMs. Each RCM must ensure that actual expenditures, commitments and obligations are accurately recorded in OASIS. The policy requiring the tracking and monitoring of soft commitments using the soft commitments module within OASIS ("Commitment Control" – Chapter 4.2 of the Financial Management Manual (FMM)) became effective April 1, 2009. However, it was identified during our interviews with RCMs across the Department, that this tool is not consistently being used as it is viewed as not meeting the needs of the RCMs in monitoring their budgets. Our audit revealed that RCMs and Responsibility Centre Administrators (RCAs) consistently developed their own monitoring tools, using spreadsheets to help manage their soft commitments. Tracking of budgets using tools outside the financial system of record impacts the reliability of decisions made, if based on information for which the accuracy and integrity cannot be confirmed.

Recommendations:

1. The DG of Corporate Accounting and Materiel Management (CAMM), in conjunction with PRMB, should ensure that the Manager's Guide to Financial Management is reviewed and updated to reflect the current environment and expectations across the Department. Once updated, in addition to the availability on the Department's intranet site, consideration should be given to distributing the manual to new and existing RCMs as a reference for their expenditure management and monitoring responsibilities.

2. The DG of CAMM, in conjunction with the regions, should ensure that RCMs and RCAs are aware of the capabilities within and the requirements to use the monitoring tools within OASIS, specifically related to soft commitments. Ongoing monitoring and enforcement programs should be established to ensure appropriate take up and acceptance of the departmental policy.

6.2 Monitoring of Expenditure Management – Quality Management Program

Financial management practices within the public sector must comply with Departmental and TB policies, as well as the various Acts of Parliament, including the FAA. The FAA outlines the authority required by individuals in order to fulfill their responsibilities for expenditure initiation and commitment authority (section 32), contract performance (section 34) and payment authority (section 33) across the Government of Canada (GoC).

The TB Policy on Account Verification requires that all payments and settlements be verified and certified pursuant to section 34 of the FAA by RCMs who are delegated the authority to certify under section 34 of the FAA. Under this policy, those individuals are responsible for the accuracy of the payment requested and the completion of account verification procedures. Responsibility for ensuring the adequacy of the system of account verification and related financial controls rests with those persons who have been delegated payment authority pursuant to FAA section 33.

Due to the high volume of transactions processed across the Department, it is not possible for the section 33 delegated authority to provide assurance of the adequacy of the section 34 account verification for each payment. As a result, the Department has implemented a Quality Management Program including both pre and post payment audit procedures, depending on the nature of the transaction. The QMP involves both quality control and quality assurance activities performed at specific points within and subsequent to the expenditure process.

The key QC activities designed into the expenditure management process include:

• FAA section 34 verification performed by the RCM; and
  
  
• Pre-payment audit process performed by the section 33 delegated authority, intended to confirm the account verification performed pursuant to FAA section 34 and to correct any errors prior to payment on specific inherent high risk expenditures.

QA over expenditure management, as outlined in the TB Policy on Account Verification, is based on the post-payment verification process which is performed subsequent to payment and provides assurance that the section 34 approvals meet account verification standards within the maximum tolerable error rate and support the section 33 approvals. A sampling approach, considering the risks of specific types of transactions, is used. Results of the post-audit are reported to the CARD to provide trend information on areas of weakness for the Department to take corrective action.

During the course of the audit, we learned that an initiative was completed to review and formally document the post-payment verification process. The initiative resulted in the development of quality assurance checklists for each type of expenditure such as travel, relocation and hospitality and a formal document describing the post-payment audit process including roles and responsibilities and corrective actions. To date, changes to the process have not been implemented.

6.2.1 Quality Control – Delegation of Authority Training

Monitoring and enforcement of the mandatory delegation of authority training is necessary to ensure compliance with INAC and TB policies.

The understanding of their roles and the level of oversight that RCMs have in their daily management of expenditures has a direct impact on the compliance with TB and INAC policies. The results of the post-payment audit program have confirmed the poor compliance rates in 2007/08. Testing a sample of transactions for a series of critical errors for the period from April 1, 2008 to December 31, 2008, the overall result was an 8.13% error rate, with the highest region yielding an error rate of 40%. The results of our detailed file review on a sample of regions and sectors demonstrated a higher error rate of 40% (66 out of 165 transactions tested for compliance to FAA section 34).

According to the INAC FMM, Chapter 4.1.1 - Section 6.8, all managers are required to complete the Expenditure Management – Overview of Sections 32/33/34 course prior to being granted financial delegation of authority. The course, which is offered online via the Department's Intranet site, provides a brief overview of the FAA, expenditure initiation and commitment authority (section 32), contract performance, pursuant to section 34 and account verification and payment authority as per section 33. In all four modules of the course, roles and responsibilities are described for each stage of the expenditure activity. It is also possible to print the contents of the course, essentially providing the manager with a summary of expenditure management for future reference.

Our review of the course content noted that while it covers all the main topics related to expenditure management, it is very brief. We noted other sources of information available within the Department to supplement this course, including the FMM and the Manager's Guide to Financial Management. As the primary means to communicate expectations and responsibilities of RCMs; however, the course is limited in the level of detail and supporting examples to provide context to the recipient. Further, our review noted that it is possible to bypass the content of the course. The only step participants are required to complete in order to confirm that they have taken the course is to click on the "Comments" box in the final window of the course. A test is not administered nor is the participant's progress through the course monitored. Finally, once an individual has been delegated authority, no refresher training or awareness information is provided to RCMs on their ongoing responsibilities under the FAA.

RCMs are further required to complete the Canada School of Public Service (CSPS) one-day course F901 "Fundamentals of Financial Management for Managers at INAC" as soon as possible; once they have been delegated financial signing authority. While the Human Resources and Workplace Services (HRWS) Branch is responsible for tracking the completion of this course, there is currently no monitoring of compliance to ensure all RCMs have completed the necessary training in a timely manner. Based on the interviews conducted within the regions visited, limited feedback was obtained on the completion of recent training related to financial delegation of authority.

Recommendation:

3. The Director of Continuous Business Process Improvement (CBPI) in the CFO sector, in conjunction with the HRWS Branch, should ensure that the mandatory financial delegation training is completed by all delegated authorities on a timely basis. For those RCMs who do not complete the training within a reasonable time period, an appropriate escalation process should be implemented, including revoking an individual's delegated authority.

6.2.2 Quality Control – Pre-Payment Audit of High Risk Transactions

There is currently no consistency in the definition of high risk transactions, impacting the transaction types that are subject to pre-payment verification.

While the pre-payment audit process has been designed to include transactions that have been designated as higher risk, this sampling approach has not been reviewed recently and, as a result, may not reflect the current risk tolerance of the Department.

We noted that while each region visited completed the minimum pre-payment verification as built into OASIS, each region was also performing its own additional level of pre-payment verification. This may indicate that the current listing of high risk transactions might not reflect the complete risk profile of the Department relative to the management of operating expenditures. For example, the following additions to the pre-payment verification process were identified within certain regions:

• One region previously developed a business case to complete 100% pre-payment verification of all transactions prior to payment. This was considered necessary given the turnover and level of non-compliance previously identified within the region. Since there is a 100% pre-payment verification of expenditures in this region, no post-payment verification is performed and no error information is maintained or tracked to identify causes of errors and potentially develop action plans to improve rates of compliance.
  
  Since this region is not subject to the post-payment audit process, due to the 100% pre-payment verification, there is limited trend information available to confirm that the pre-payment verification process is effective at reducing the number of errors over time.
  
  
• One region visited had supplemented the pre-payment verification process. As a result of the centralized data entry of all travel claims within the region, the Finance group completed a paper review of 100% of all travel claims for compliance to policy prior to payment. Further, all hospitality over $100 (and 100% for the Associate Regional Director General (ARDG) and Regional Director General (RDG)) were reviewed for compliance to policy and data entry accuracy into OASIS prior to release for payment.
  
  
• Another region had supplemented the required OASIS-based pre-payment verification process. For this region, all isolated post travel claims were verified for compliance to policy, all other travel was reviewed for key elements of compliance and depending on the dollar amount; various levels of verification are applied to hospitality transactions.

As demonstrated by the examples above, there were transactions that are considered to be higher risk beyond what is built into OASIS. Without a consistent risk-based approach to the pre-payment verification process, higher risk transactions may not be subject to the appropriate level of review and scrutiny required prior to release for payment.

Recommendation:

4. The DG of CAMM should ensure, in conjunction with regional representatives, that an appropriate and consistent listing of high-risk transactions is developed for pre-payment verification, given the operational needs of the Department.

Once determined, to the extent possible these transactions should be integrated into the pre-payment verification requirements within OASIS. Process and documentation standards should be developed to ensure consistency in the approach to pre-payment verification. Periodically, a validation of the high risk transaction listing should be completed to confirm the appropriateness of those transactions subject to pre-payment verification.

6.2.3 Quality Assurance – Post-Payment Audit Program

The existing quality assurance program and related monitoring controls over expenditure management are ineffective in ensuring the adequacy of the account verification system.

6.2.3.1 Appropriateness of Sampling Methodology for Post-Payment Audit

Our review revealed limitations within the existing risk-based sampling approach for the post-payment verification process. The existing sampling strategy does not consider specific types of payments which may have an inherent higher risk relative to others. As a result, all these transactions have an equal chance of being selected as any other expenditure. For example, contract payments are inherently higher risk due to the complex nature of the procurement process and compliance to relevant policies and as such the sampling approach should take into account the higher risk nature of this type of payments.

Our audit further noted that the current sampling strategy and associated tools lack the flexibility to allow the CARD to tailor the sampling strategy, as needed. For example, if a region has an error rate that consistently exceeds the Department's maximum tolerable error of 5%, the existing approach does not allow the flexibility to adjust the sample size for this region or overall. This lack of flexibility limits the ability of the CARD to adapt the level of monitoring to changes in relative risk.

Recommendation:

5. As part of an overall redesign of the post-payment audit process, the Director of the CARD should ensure that a review of the Department's post-payment sampling strategy is conducted to ensure that it reflects the current risk profile of the Department. In addition, the functionality of the sampling tool should be updated to incorporate the flexibility to adapt the approach to changing risk conditions.

6.2.3.2 Consistency of Post-Payment Verification Procedures across the Department

As noted previously, once the post-payment audit sample is selected by the CARD, it is distributed to the regions for the conduct of the verification activities and reporting of the results. The results of our audit testing noted inconsistencies in the approach to complete the verification process across the country and the associated documentation standards to evidence the completion of the exercise.

For the region that conducts a 100% pre-payment audit verification as outlined above, no post-payment verification procedures are performed and no statistics for the level of compliance and severity of errors identified are available for tracking.

In one region visited, we noted that the post-payment checklist provided by the CFO Sector is only completed when there is an exception noted; otherwise, there is no evidence to support the completion of the verification. Further, some confusion was noted regarding the level of detail of verification expected for the post-payment audit process. Based on subsequent discussions with CARD representatives, limited guidance and direction has been provided to the regions as to the expectations of the post-payment verification process.

Recommendation:

6. In conjunction with the redesign of the post-payment verification process, the Director of the CARD should ensure that a consistent and standard post payment audit process is developed, documented and implemented, including detailed responsibilities, verification and documentation standards and associated tools to support the efficient and effective completion of the verification process.

Once developed, this process should be formally introduced and training provided to those individuals with responsibility for these activities.

6.2.3.3 Tracking and Follow-Up on Errors Reported

According to the TB Policy on Account Verification, a department's sampling plan should include the approaches to corrective action. Without a formal follow-up process, the post audit process is ineffective in addressing the cause of high error rates reported.

As the results of the post-payment verification process are submitted to the CARD, they are tracked by region and by level of severity (critical and non-critical). No further information is submitted by the regions or tracked by the CARD, including the source of the error. The inability to track and trend this level of detail of the errors limits the ability of the Department to target the remediation action plans.

Our audit also noted that there is limited reporting and follow-up by the CARD on errors reported by regions to ensure proper corrective action has been taken. The summary results of the post-payment verification process are only submitted back to the individual in the region responsible for the post-payment audit process; no results are provided back to the Director of Corporate Services or the RDG. The summary results of the post-payment audit process are provided to the Associate Deputy Minister of INAC; however, no formal reporting schedule for this information has been developed.

As noted above, there is no formal follow-up mechanism built into the post-payment verification process; therefore, regions that consistently report error rates that exceed the Department's maximum tolerable error rate of 5% are currently not required to submit an action plan to address the high error rate. As a result, the Department continues to experience high error rates and incidents of non-compliance. The most common errors identified during our file review included:

• Lack of complete supporting documentation to substantiate a claim/invoice;
  
  
• Inappropriate section 34 approvals; and
  
  
• Incorrect rates for per diems and other travel related costs.

Recommendations:

7. As part of the redesign of the post-payment verification process, the Director of the CARD should ensure that the approach to reporting and tracking the post-payment verification results is more detailed to allow for more targeted action plans.

8. In conjunction with a redesign of the post-payment verification process, the Director of the CARD should ensure a formal management reporting, action plan development and follow-up process is implemented, including assigning responsibility for follow-up and periodic independent compliance reviews to CARD representatives.

By tracking and trending errors by individual RCM and by error type, more appropriate and targeted remediation can be taken. As an example, should an individual RCM be responsible for error rates above the maximum tolerable threshold over time, a specific and targeted remediation plan can be developed and implemented. Based on subsequent verification results, should no improvement result, further escalation should be considered, including revoking financial delegation. Longer term, department-wide trend results may be used to confirm the appropriateness of the processing model currently in place or whether an alternate approach should be considered.

7.0 Management Action Plan

Annex A - Audit Criteria