EXECUTIVE SUMMARY INTERNAL AUDIT REPORT IOM Kingstn JM201701 17-21 JULY 2017 Issued by the Office f the Inspectr General Page 1 f 9
Reprt n the Audit f IOM Kingstn Executive Summary Audit File N. JM201701 The IOM Office f the Inspectr General (OIG) cnducted an internal audit f the IOM Kingstn, Jamaica (the Cuntry Office ) frm 17 t 21 July 2017. The internal audit was aimed t assess adherence t financial and administrative prcedures in cnfrmity with IOM s regulatins rules and the implementatin f and cmpliance with its internal cntrl system. Specifically, the audit assessed the risk expsure and risk management f the Cuntry Office s activities, in rder t ensure these are well understd and cntrlled by the lcal management and staff. Selected samples frm the fllwing areas were reviewed: a. Management and Administratin b. Persnnel c. Finance and Accunting d. Prcurement and Lgistics e. Cntracting f. Infrmatin Technlgy g. Prgramme and Operatins The audit cvered the activities f the Cuntry Office frm 1 July 2015 t 30 June 2017. The ffice recrded the fllwing expenses based n IOM financial recrds: 1 July t 31 December 2015 - USD 550,739 representing less than ne per cent and 1 % f IOM Ttal and Central and Nrth America and the Caribbean Regin, respectively. 2016 - USD 960,592 representing less than ne per cent and 1 % f IOM Ttal, and f Central and Nrth America and the Caribbean Regin, respectively. 1 January t 30 June 2017 USD 575,109 representing less than ne per cent and 1 % f IOM Ttal, and f Central and Nrth America and the Caribbean Regin, respectively. Because f the cncept f selective testing f data and inherent limitatin f the internal audit wrk, there is n guarantee that all matters f significance t IOM will be discvered by the internal audit. It is the respnsibility f lcal management f the Cuntry Office t establish and implement internal cntrl systems t assure the achievement f IOM s bjectives in peratinal effectiveness and efficiency, reliable financial reprting and cmpliance with relevant laws, regulatins and plicies. It is als the respnsibility f lcal management t determine whether the areas the internal audit cvered and the extent f verificatin r ther checking included are adequate fr lcal management s purpses. Had additinal prcedures been perfrmed, ther matters might have cme t internal audit attentin that wuld have been reprted. The internal audit was cnducted in accrdance with the Charter f the Office f the Inspectr General and in general cnfrmance with the Internatinal Standards fr the Prfessinal Practice f Internal Auditing. Page 2 f 9
Overall audit rating OIG assessed the Office as largely ineffective which means that significant cntrl gaps exist. Either cntrls d nt treat rt causes r they d nt perate at all effectively. This rating was mainly due t weaknesses nted in the fllwing areas: 1. Bank recnciliatin 2. Prcurement 3. Delegatin f authrity 4. Third party service prviders 5. Security 6. Online banking payments 7. Petty cash fund 8. Flight ticket purchases Key recmmendatins: Ttal = 16; Very High Pririty = 2; High Pririty = 6; Medium Pririty = 8 Very High Pririty Recmmendatins Prmpt actin is required within ne mnth t ensure that prcesses will nt be critically disrupted and IOM will nt be critically adversely affected in its ability t achieve its strategic and peratinal bjectives. There are tw (2) Very High Pririty recmmendatins cnsisting f ne (1) recmmendatin each fr Finance and Accunting and Prcurement and Lgistics. These are as fllws: 1. Immediately perfrm bank recnciliatin f the bank accunts with recrded bk balances. 2. Full cmpliance with IOM rules and regulatins n prcurement. High Pririty Recmmendatins Prmpt actin is required within three mnths t ensure that IOM will nt be adversely affected in its ability t achieve its strategic and peratinal bjectives. The High Pririty recmmendatins are presented belw: I. Three (3) recmmendatins fr Management and Administratin and ne (1) in Prcurement and Lgistics. These recmmendatins aim t ensure that the assets f IOM are prperly safeguarded and IOM peratins are efficient and effective. Frmalize the Delegatin f Authrity matrix and cmmunicate this t all staff. A replacement vendr shuld be identified befre the ntice f cntract cancelatin gets cmmunicated t the current service prvider t ensure cntinuity f service. Minimum Operating Security Standards cmpliance be re-evaluated in light f this recent incident; all emplyees shuld cmplete the required security trainings. Dcument prcess fr the purchase f airline tickets in a step-by-step apprach identifying rles and respnsibilities ver each task. Page 3 f 9
II. Tw (2) recmmendatins n Finance and Accunting are directed twards the enhancement f the reliability and integrity f the Cuntry Office s financial and peratinal infrmatin. Cuntry Office shuld establish cntrl prcedures t ensure that all payments have been entered in the general ledger system. Full cmpliance with IOM regulatins and n petty cash fund management. There was satisfactry perfrmance in Infrmatin Technlgy. Except in the area f Management and Administratin and Infrmatin Technlgy, there remains anther eight (8) Medium pririty recmmendatins cnsisting f: Tw (2) in Persnnel; Tw (2) in Finance and Accunting; Tw (2) in Prcurement and Lgistics; One (1) in Cntracting; and One (1) in Prgramme and Operatins, which need t be addressed by the Cuntry Office within ne year t ensure that such weaknesses in cntrls will nt mderately affect the Cuntry Office s ability t achieve its entity r prcess bjectives. Management cmments and actin plans Management accepted all 16 recmmendatins and is in the prcess f implementatin. Cmments and/r additinal infrmatin prvided have been incrprated in the reprt, where apprpriate. This reprt is intended slely fr infrmatin and shuld nt be used fr any ther purpse. Page 4 f 9
Internatinal Organizatin fr Migratin Office f the Inspectr General I. Abut the Office The Main Office is lcated in Kingstn, Jamaica. As f 30 June 2017, the Office has 17 persnnel categrized int: 15 staff and 2 nn-staff. The ffice recrded the fllwing expenses based n IOM financial recrds fr the fllwing perids: 1 July t 31 December 2015 - USD 550,739 representing less than ne per cent and 1 % f IOM Ttal, and f Central and Nrth America and the Caribbean Regin, respectively. 2016 - USD 960,592 representing less than ne per cent and 1 % f IOM Ttal, and f Central and Nrth America and the Caribbean Regin, respectively. 1 January t 30 June 2017 USD 575,109 representing less than ne per cent and 1 % f IOM Ttal, and f Central and Nrth America and the Caribbean Regin, respectively. The Cuntry Office has a ttal prtfli f nine prjects and ttal budget f USD 2 millin. The tp tw prjects by type: One prject fr Migrant Prcessing and Integratin amunting t USD 1.4 millin r 73% f the budget. Three prjects n Cmmunity and Ecnmic Develpment amunting t USD 324,366 r 16% f the budget. II. Scpe f the Audit 1. Objective f the Audit The internal audit was cnducted in accrdance with the Charter f the Office f the Inspectr General and in general cnfrmance with the Internatinal Standards fr the Prfessinal Practice f Internal Auditing. The fcus f the audit was adherence t financial and administrative prcedures in cnfrmity with IOM s rules and regulatins and the implementatin f and cmpliance with its internal cntrl system. 2. Scpe and Methdlgy In cmpliance with Internal Audit standards, attentin was paid t the assessment f risk expsure and the risk management f the Cuntry Office activities in rder t ensure that these are well understd and cntrlled by the lcal management and staff. Recmmendatins made during the internal audit fieldwrk and in the reprt aim t equip the lcal management and staff t review, evaluate and imprve their wn internal cntrl and risk management systems. Page 5 f 9
III. Audit Cnclusins 1. Overall Audit Rating OIG assessed the Office as largely ineffective which means that significant cntrl gaps exist. Either cntrls d nt treat rt causes r they d nt perate at all effectively. 2. There was satisfactry perfrmance in Infrmatin Technlgy. IV. Key Findings and Very High and High Pririty Recmmendatins Very High Pririty Recmmendatins 1. Bank recnciliatin Several bank accunts remain unrecnciled with recrded bk balances since December 2015. Very High Pririty Recmmendatin: Immediately perfrm bank recnciliatin f the bank accunts with recrded bk balances. Management agreed with the recmmendatins and is implementing them. 2. Prcurement There were significant weaknesses nted in the prcurement prcess. Very High Recmmendatin: Full cmpliance with IOM regulatins and rules n prcurement. Management agreed with the recmmendatins and is implementing them. High Pririty Recmmendatins 1. Delegatin f authrity There was n written Delegatin f Authrity matrix in place. High Pririty Recmmendatin: Frmalize the Delegatin f Authrity matrix and cmmunicate these t all staff. Management agreed with the recmmendatins and is implementing them. 2. Third party service prviders The Cuntry Office is in the prcess f addressing the fraud incidents cmmitted by sme third-party service prviders. Page 6 f 9
High Pririty Recmmendatin: A replacement vendr shuld be identified befre the ntice f cntract cancelatin gets cmmunicated t the current service prvider t ensure cntinuity f service. Management agreed with the recmmendatins and is implementing them. 3. Security There was a reprted security risk at the building entrance. In additin, nt all emplyees have cmpleted the required United Natins Department f Safety and Security training. High Pririty Recmmendatins: Minimum Operating Security Standards cmpliance be re-evaluated in light f this recent incident. All emplyees shuld cmplete the required security trainings. Management agreed with the recmmendatins and is implementing them. 4. Online banking payments There are n sufficient reviews r cntrls t ensure cmpleteness, existence and accuracy f jurnal entries made fr nline banking payments in the general ledger system. High Pririty Recmmendatin: The Cuntry Office shuld establish cntrl prcedures t ensure that all payments have been entered in the general ledger system. Management agreed with the recmmendatins and is implementing them. 5. Petty Cash fund There were several weaknesses nted in petty cash fund management. High Pririty Recmmendatin: Full cmpliance with IOM regulatins and rules n petty cash fund management. Management agreed with the recmmendatins and is implementing them. 6. Flight ticket purchases There were nted deficiencies in the supprts f flight ticket purchases. High Pririty Recmmendatin: Dcument prcess fr the purchase f airline tickets in a step-by-step apprach identifying rles and respnsibilities ver each task. Management agreed with the recmmendatins and is implementing them. Page 7 f 9
ANNEXES Definitins The verall adequacy f the internal cntrls, gvernance and management prcesses, based n the number f audit findings and their risk levels: Descriptr Fully effective Substantially effective Partially effective Largely ineffective Nne r ttally ineffective Guide Nthing mre t be dne except review and mnitr the existing cntrls. Cntrls are well designed fr the risk, address the rt causes and Management believes that they are effective and reliable at all times. Mst cntrls are designed crrectly and are in place and effective. Sme mre wrk t be dne t imprve perating effectiveness r Management has dubts abut peratinal effectiveness and reliability. While the design f cntrls may be largely crrect in that they treat mst f the rt causes f the risk, they are nt currently very effective. Or, sme f the cntrls d nt seem crrectly designed in that they d nt treat rt causes, thse that are crrectly designed are perating effectively. Significant cntrl gaps. Either cntrls d nt treat rt causes r they d nt perate at all effectively. Virtually n credible cntrls. Management has n cnfidence that any degree f cntrl is being achieved due t pr cntrl design and/r very limited peratinal effectiveness. Page 8 f 9
Audit Recmmendatins Pririties The fllwing internal audit rating based n IOM Risk Management framewrk has been slightly changed t crystalize the priritizatin f internal audit findings accrding t their relative significance and impact t the prcess: Rating Definitin Suggested actin Suggested timeframe Very High Issue represents a cntrl weakness which culd cause critical disruptin f the prcess r critical adverse effect n the ability t achieve entity r prcess bjectives. Where cntrl effectiveness is nt as high as fully effective, take actin t reduce residual risk t high r belw. Shuld be addressed in the shrt term, nrmally within 1 mnth. High Issue represents a cntrl weakness which culd have majr adverse effect n the ability t achieve entity r prcess bjectives. Plan t deal with in keeping with the annual plan. Shuld be addressed in the medium term, nrmally within 3 mnths. Medium Issue represents a cntrl weakness which culd have mderate adverse effect n the ability t achieve entity r prcess bjectives. Plan in keeping with all ther pririties. Shuld be addressed nrmally within 1 year. Lw Issue represents a minr cntrl weakness, with minimal but reprtable impact n the ability t achieve entity r prcess bjective. Attend t when there is an pprtunity t. Discussed directly with management and actins t be initiated as part f management s nging cntrl. Page 9 f 9