EXECUTIVE SUMMARY INTERNAL AUDIT REPORT. IOM Mogadishu SO November 7 December 2018

Transcription

1 EXECUTIVE SUMMARY INTERNAL AUDIT REPORT IOM Mgadishu SO Nvember 7 December 2018 Issued by the Office f the Inspectr General Page 1 f 12

2 Reprt n the Audit f IOM Mgadishu Executive Summary Audit File N. SO The IOM Office f the Inspectr General (OIG) cnducted an internal audit f the IOM Mgadishu, Smalia (the Cuntry Office ) frm 27 Nvember t 7 December The internal audit was aimed t assess adherence t financial and administrative prcedures in cnfrmity with IOM s regulatins and rules and the implementatin f and cmpliance with its internal cntrl system. Specifically, the audit assessed the risk expsure and risk management f the Cuntry Office s activities, in rder t ensure these are well understd and cntrlled by the lcal management and staff. Selected samples frm the fllwing areas were reviewed: a. Management and Administratin b. Persnnel c. Finance and Accunting d. Prcurement and Lgistics e. Cntracting f. Infrmatin and Technlgy g. Prgramme and Operatins The audit cvered the activities f the Cuntry Office frm 1 Nvember 2015 t 30 Nvember,2017. The Cuntry Office recrded the fllwing expenses based n IOM financial recrds: Nvember 2015 t Octber USD 24,349,570 representing 1.56 % and 11% f IOM Ttal, and f East and Hrn f Africa Regin, respectively Nvember 2016 t Nvember USD 51,740,257 representing 3.25 % and 20% f IOM Ttal, and f East and Hrn f Africa Regin Regin, respectively. The last internal audit f the Cuntry Office was August Because f the cncept f selective testing f data and inherent limitatin f the internal audit wrk, there is n guarantee that all matters f significance t IOM will be discvered by the internal audit. It is the respnsibility f lcal management f the Cuntry Office t establish and implement internal cntrl systems t ensure the achievement f IOM s bjectives in peratinal effectiveness and efficiency, reliable financial reprting and cmpliance with relevant laws, regulatins and plicies. It is als the respnsibility f lcal management t determine whether the areas the internal audit cvered and the extent f verificatin r ther checking included are adequate fr lcal management s purpses. Had additinal prcedures been perfrmed, ther matters might have cme t internal audit attentin that wuld have been reprted. The internal audit was cnducted in accrdance with the Charter f the Office f the Inspectr General and in general cnfrmance with the Internatinal Standards fr the Prfessinal Practice f Internal Auditing. Page 2 f 12

3 Overall audit rating OIG assessed the Office as largely ineffective which means that significant cntrl gaps exist. Either cntrls d nt treat rt causes r they d nt perate at all effectively. Satisfactry perfrmance was nted in Cntracting. This rating was mainly due t weaknesses nted in the fllwing areas: 1. Relcatin f supprt functins 2. Security risk management 3. Husing allwances fr internatinal staff 4. Prgramme spending and budget mnitring 5. Delegatin f authrity 6. Staff training 7. Payrll prcess 8. Bank signatries 9. Accunting prcedures and dcumentatin 10. Vendr transactins 11. Prcurement 12. Fleet management 13. IT backup prcedures 14. Prgram management 15. Dnr reprting Key recmmendatins: Ttal = 26; Very High Pririty = 4; High Pririty = 11; Medium Pririty = 11 Very High Pririty Recmmendatins Prmpt actin is required within ne mnth t ensure that prcesses will nt be critically disrupted and IOM will nt be critically adversely affected in its ability t achieve its strategic and peratinal bjectives. There are fur (4) Very High Pririty recmmendatins cnsisting f tw (2) recmmendatins fr Management and Administratin and ne (1) each fr Persnnel and Prgramme and Operatins. These are as fllws: 1. Prepare a Strategic Plan incrprating all aspects f the transitin, such as, but nt limited t financial, human resurces, actual ffice space, internatinal staff husing, cmpletin f the new ffice cmpund, and related security csts. 2. Assess the security cmpliance funding requirements and hw much culd be financed thrugh the prjects. Fr the remaining balance, supprt frm Head ffice shuld be cnsidered. 3. Review and crdinate with Head the ffice the cst recvery fr husing allwances and its implicatins. 4. Establish an effective mechanism t ensure that prject budgets are accurately and adequately calculated. Page 3 f 12

4 High Pririty Recmmendatins Prmpt actin is required within three mnths t ensure that IOM will nt be adversely affected in its ability t achieve its strategic and peratinal bjectives. The High Pririty recmmendatins are presented belw: 1. Tw (2) recmmendatins fr Management and Administratin, ne (1) recmmendatin fr Persnnel, tw (2) recmmendatins fr Prcurement and Lgistics, ne (1) recmmendatin fr Infrmatin Technlgy, and tw (2) recmmendatins fr Prgramme and Operatins. These recmmendatins aim t ensure that the assets f IOM are prperly safeguarded, staff welfare is secured and that IOM peratins are effective and efficient. Establish a new Delegatin f Authrity matrix including all the required apprvals fr different levels such as bank, human resurces, payrll, prcurement and finance and disseminate this t all staff. Establish a prper training plan r apprach fr bth internatinal and natinal staff. Cmply with IOM rules n Internal Cntrls related t Payrll Prcessing in rder t prduce an accurate payrll and address the bservatins nted. Establish purchase authrizatin matrix fr each sub-ffice with apprpriate ceilings and allwing fr tighter internal cntrls and immediately review all lng utstanding purchase rders fr validity. Urgently develp and intrduce Standard Operating Prcedures fr the use f vehicles allwing fr a prper versight f the fleet and accuntability f drivers and ther staff directly cncerned. Full cmpliance with IOM standards fr IT infrastructure set-up and backup prcedures. Develp a prject management plan that mnitrs the prgress in each prject activity in rder t identify limitatins and anticipated delays s that apprpriate measures can be taken thrughut the prject life cycle rather than at the end f the prject. Imprve mechanism in mnitring, preparatin and submissin f dnr reprts. 2. Three (3) recmmendatins n Finance and Accunting are directed twards the enhancement f the reliability and integrity f the Cuntry Office s financial and peratinal infrmatin. The Cuntry Office shuld mnitr and fllw-up n the status f revising the bank signatry panels and designate additinal staff frm the same ffice wh can authrize its wn bank payments. Fllw IOM guidelines and accunting principles t ensure eligibility f csts, having all supprting dcumentatin and apprpriate apprvals as part f the accunting dcuments. Full cmpliance with IOM rules and regulatins n accunting fr vendr transactins. Except in the area f Cntracting and Infrmatin Technlgy, there remains anther eleven (11) Medium pririty recmmendatins cnsisting f five (5) recmmendatins in Management and Administratin, tw (2) recmmendatins in Persnnel, tw (2) in Finance and Accunting, ne (1) recmmendatin in Prcurement and Lgistics, and ne (1) recmmendatin in Prgramme and Operatins which need t be addressed by the Cuntry Office within ne year t ensure that such Page 4 f 12

5 weaknesses in cntrls will nt mderately affect the Cuntry Office s ability t achieve its entity r prcess bjectives. Management cmments and actin plans Except fr tw (2) medium recmmendatins which were partially accepted, the remaining twentyfur (24) recmmendatins were accepted and is in the prcess f implementatin. Cmments and/r additinal infrmatin prvided have been incrprated in the reprt, where apprpriate. This reprt is intended slely fr infrmatin and shuld nt be used fr any ther purpse. Page 5 f 12

6 Internatinal Organizatin fr Migratin Office f the Inspectr General I. Abut the Cuntry Office The main ffice is lcated in Mgadishu, Smalia. As f Nvember 2017, the Cuntry Office has 243 persnnel categrized int: 32 fficials, 120 staff and 91 nn-staff. The Cuntry Office recrded the fllwing expenses based n IOM financial recrds fr the fllwing perids: Nvember 2015 t Octber USD 24,349,570 representing 1.56 % and 11% f IOM Ttal, and f East and Hrn f Africa Regin, respectively. Nvember 2016 t Nvember USD 51,740,257 representing 3.25 % and 20% f IOM Ttal, and f East and Hrn f Africa Regin Regin, respectively. Fr the perid frm 1 Nvember 2015 t 30 Nvember 2017, the Cuntry Office has a ttal prtfli f 118 prjects and ttal budget f USD 92,778,431. The tp tw prjects by type: 21 Prjects fr Cmmunity Stabilizatin amunting t USD 36,506, r % f the budget. 36 Prjects fr Assistance t Displaced Persns amunting t USD 22,548,134 r 24.3 % f the budget. The last audit was in August 2014 wherein the verall rating was Partially Satisfactry 1. (Fllw Up Audit in July 2015). II. Scpe f the Audit 1. Objective f the Audit The internal audit was cnducted in accrdance with the Charter f the Office f the Inspectr General and in general cnfrmance with the Internatinal Standards fr the Prfessinal Practice f Internal Auditing. The fcus f the audit was adherence t financial and administrative prcedures in cnfrmity with IOM s rules and regulatins and the implementatin f and cmpliance with its internal cntrl system. 2. Scpe and Methdlgy In cmpliance with Internal Audit standards, attentin was paid t the assessment f risk expsure and the risk management f the Cuntry Office activities in rder t ensure that these are well understd and cntrlled by the lcal management and staff. Recmmendatins made during the internal audit fieldwrk and in the reprt aim t equip 1 (Previus ratings used (up t 2014) is ut f the three ratings: Satisfactry, Partially Satisfactry, and Unsatisfactry). Page 6 f 12

7 the lcal management and staff t review, evaluate and imprve their wn internal cntrl and risk management systems. III. Audit Cnclusins 1. Overall Audit Rating OIG assessed the Office as largely ineffective which means that significant cntrl gaps exist. Either cntrls d nt treat rt causes r they d nt perate at all effectively. 2. Satisfactry perfrmance was nted in Cntracting. IV. Key Findings and Very High and High Pririty Recmmendatins Very High Pririty Recmmendatins: 1. Relcatin f supprt functins The remte management f the Smalia peratins frm Nairbi has nt been effective and efficient resulting t several internal cntrl weaknesses. Thus, it was decided that the majrity f the supprt grups relcate t Mgadishu. Hwever, there are serius security cncerns. Very High Pririty Recmmendatin: Prepare a Strategic Plan incrprating all aspects f the transitin, such as but nt limited t financial, human resurces, actual ffice space, internatinal staff husing, cmpletin f the new ffice cmpund, and related security csts. Management agreed with the recmmendatin and is implementing them. 2. Security Risk Management There are significant deficiencies in security risk management that requires funding in rder t address these. Very High Pririty Recmmendatin: Assess the security cmpliance funding requirements and hw much culd be financed thrugh the prjects. Fr the remaining balance, supprt frm Head ffice shuld be cnsidered. Management agreed with the recmmendatin and is implementing them. 3. Husing Allwances fr Internatinal staff The current plicy fr cst recvery fr husing allwances fr internatinal staff results t multiple recvery fr the same rm. Page 7 f 12

8 Very High Pririty Recmmendatin: Review and crdinate with Head ffice the cst recvery fr husing allwances and its implicatins. Management agreed with the recmmendatin and is implementing them. 4. Prgramme spending and budget mnitring There is lack f prper versight in resurce management, in particular, budgeting and financial mnitring. Very High Pririty Recmmendatin: Establish an effective mechanism t ensure that prject budgets are accurately and adequately calculated. Management agreed with the recmmendatins and is implementing them. High Pririty Recmmendatins: 1. Delegatin f Authrity The current Delegatin f Authrity matrix dated 2012 is n lnger up t date cnsidering the many rganizatinal and peratinal changes that have taken place. High Pririty Recmmendatin: Establish a new Delegatin f authrity matrix including all the required apprvals fr different levels such as bank, Human resurces, payrll, prcurement and finance and disseminate this t all staff. Management agreed with the recmmendatin and is implementing them. 2. Staff Training The Cuntry Office des nt have a prper training plan r apprach. Staff knwledge in areas such as resurces management cntinues t be lacking. High Pririty Recmmendatin: Establish a prper training plan r apprach fr bth internatinal and natinal staff. Management agreed with the recmmendatin and is implementing them. 3. Payrll Prcess There were significant internal cntrl weaknesses nted in the prcessing f payrll. High Pririty Recmmendatin: Cmply with IOM rules n Internal Cntrls related t Payrll Prcessing in rder t prduce an accurate payrll and address the bservatins nted. Management agreed with the recmmendatin and is implementing them. Page 8 f 12

9 4. Bank Signatries The current panel f bank signatries is fund t be insufficient. There are instances where the lne staff in the ffice is als the bank signatry r the signatries fr a subffice are statined in anther ffice. High Pririty Recmmendatin: The Cuntry Office shuld mnitr and fllw-up n the status f revising the bank signatry panels and designate additinal staff frm the same ffice wh can authrize its wn bank payments. Management agreed with the recmmendatin and is implementing them. 5. Accunting Prcedures and Dcumentatin There are significant deficiencies nted in the cmpliance with standard perating prcedures fr accunting f transactins and cmpilatin f supprting dcuments. High Pririty Recmmendatin: Fllw IOM guidelines and accunting principles t ensure eligibility f csts, having all supprting dcumentatin and apprpriate apprvals as part f the accunting dcuments. Management agreed with the recmmendatin and is implementing them. 6. Vendr transactins There is a high number f ld utstanding vendr pen items fr bth staff and suppliers such as unliquidated peratinal advances, travel expense claims, pen purchase rders, staff s medical advances that are pending clearance, amng thers. There are als separated staff wh still have pen items in their staff vendr accunts either as a payable r as a receivable frm IOM. High Pririty Recmmendatin: Full cmpliance with IOM rules and regulatins n accunting fr vendr transactins. Management agreed with the recmmendatin and is implementing them. 7. Prcurement There were significant internal cntrl weaknesses ver prcurement prcess, such as ineffective mnitring and fllw up f lng utstanding purchase rders, lacking prper and accurate dcumentatin, amng thers. High Pririty Recmmendatin: Establish purchase authrizatin matrix fr each (sub) ffice with apprpriate ceilings and allwing fr tighter internal cntrls and immediately review all lng utstanding purchase rders fr validity. Management agreed with the recmmendatin and is implementing them. Page 9 f 12

10 8. Fleet Management There is n standard perating prcedure n vehicle usage clearly defining the duties and respnsibilities f the drivers and ther staff using the vehicles, inspectin and reprting f vehicles. High Pririty Recmmendatin: Urgently develp and intrduce standard perating prcedures fr the use f vehicles allwing fr a prper versight f the fleet and accuntability f drivers and ther staff directly cncerned. Management agreed with the recmmendatin and is implementing them. 9. IT Backup Prcedures The Nairbi ffice des nt have an ff-site backup strage in place. In additin, the Hargeisa ffice des nt have any backup system fr the time being. The Mgadishu ffice als des nt have a server. High Pririty Recmmendatin: Full cmpliance with IOM standards fr IT infrastructure set-up and backup prcedures. Management agreed with the recmmendatin and is implementing them. 10. Prgram management There were nted weaknesses in prgram management and implementatin, sme f which are partly attributed t the Prject Manager wh left withut any permanent replacement in place. High Pririty Recmmendatin: Develp a prject management plan that mnitrs the prgress in each prject activity in rder t identify limitatins and anticipated delays s that apprpriate measures can be taken thrughut the prject life cycle rather than at the end f the prject. Management agreed with the recmmendatin and is implementing them. 11. Dnr Reprting There were significant deficient in the dnr reprting prcess resulting t delays r lack f submissins t dnrs. High Pririty Recmmendatin: Imprve mechanism in mnitring, preparatin and submissin f dnr reprts. Management agreed with the recmmendatin and is implementing them. Page 10 f 12

11 ANNEXES Definitins The verall adequacy f the internal cntrls, gvernance and management prcesses, based n the number f audit findings and their risk levels: Descriptr Fully effective Substantially effective Partially effective Largely ineffective Nne r ttally ineffective Guide Nthing mre t be dne except review and mnitr the existing cntrls. Cntrls are well designed fr the risk, address the rt causes and Management believes that they are effective and reliable at all times. Mst cntrls are designed crrectly and are in place and effective. Sme mre wrk t be dne t imprve perating effectiveness r Management has dubts abut peratinal effectiveness and reliability. While the design f cntrls may be largely crrect in that they treat mst f the rt causes f the risk, they are nt currently very effective. Or, sme f the cntrls d nt seem crrectly designed in that they d nt treat rt causes, thse that are crrectly designed are perating effectively. Significant cntrl gaps. Either cntrls d nt treat rt causes r they d nt perate at all effectively. Virtually n credible cntrls. Management has n cnfidence that any degree f cntrl is being achieved due t pr cntrl design and/r very limited peratinal effectiveness. Page 11 f 12

12 Audit Recmmendatins Pririties The fllwing internal audit rating based n IOM Risk Management framewrk has been slightly changed t crystalize the priritizatin f internal audit findings accrding t their relative significance and impact t the prcess: Rating Definitin Suggested actin Suggested timeframe Very High Issue represents a cntrl weakness which culd cause critical disruptin f the prcess r critical adverse effect n the ability t achieve entity r prcess bjectives. Where cntrl effectiveness is nt as high as fully effective, take actin t reduce residual risk t high r belw. Shuld be addressed in the shrt term, nrmally within 1 mnth. High Issue represents a cntrl weakness which culd have majr adverse effect n the ability t achieve entity r prcess bjectives. Plan t deal with in keeping with the annual plan. Shuld be addressed in the medium term, nrmally within 3 mnths. Medium Issue represents a cntrl weakness which culd have mderate adverse effect n the ability t achieve entity r prcess bjectives. Plan in keeping with all ther pririties. Shuld be addressed nrmally within 1 year. Lw Issue represents a minr cntrl weakness, with minimal but reprtable impact n the ability t achieve entity r prcess bjective. Attend t when there is an pprtunity t. Discussed directly with management and actins t be initiated as part f management s nging cntrl. Page 12 f 12