E-Procurement Activities Audit
Corporate Audit and Evaluation Branch
Table of contents
- Executive Summary
- Focus of the Audit
- Findings, Recommendations and Action Plans
Background: One rationale for creating the Canada Revenue Agency (CRA) was to optimize the efficiency and effectiveness of the organization in managing administrative processes such as contracting and procurement. With the transition to Agency status in 1999, the CRA was delegated full procurement authority and since then, new ways of contracting have been established. For example, the Agency is able to establish competitive strategic sourcing arrangements with suppliers and utilize new methods of supply.
The Administration Directorate (AD) of the Finance and Administration Branch (F&A) has functional authority and accountability for the development and monitoring of procurement policies and procedures, in support of the CRA Act. In 2001, the AD developed CRA’s in-house e‑procurement system combined with a strategic vendor selection strategy. This Web-Based Rapid Order (WBRO) system is an end-to-end e-purchasing tool through which strategically sourced commodities are purchased using an acquisition card for payment. The WBRO system is also used to record external low dollar value purchases. The procurement accountability for using acquisition cards has been decentralized to cost centre managers. The WBRO system has been integrated with the Agency’s reporting system, the Corporate Administrative System (CAS).
Strategic vendor sourcing allows the Agency to establish long-term contractual relationships with competitively selected vendors to supply goods and services on a best value basis. Strategic sourcing is directly linked to the CRA E-Procurement Initiative and enables the Agency to fully optimize processes, service delivery, and product availability by providing users with easy-to-use online access to goods and services. E-procurement and acquisition cards have provided some benefits and cost efficiencies to the Agency such as a strong commitment toward green criteria items. In addition, the purchases in the fiscal year 2006-2007 have resulted in $434,000 of rebates. However much depends, on empowerment of the users of these systems to procure approved low dollar value goods and services for official CRA purpose. With this simplified process also comes obligations for employees and management who use the acquisition cards, namely that the card should be handled with the same diligence and respect as that of cash.
In the CRA, acquisition cards are generally used for procurement and payment of low risk goods and services with a value of $5,000 or less, including taxes. Some common goods and services purchased are office supplies, training, and translation. In fiscal year 2006-2007, the Agency had 1,700 acquisition cardholders. The CRA’s annual spending using acquisition card purchasing in 2006-2007 was $46 million, representing 159,000 transactions.
Objectives: The objectives of the audit were to determine whether the E-Procurement Initiative and associated activities are being managed to achieve Agency goals and objectives, and whether e-procurement and acquisition card transactions are in compliance with policies, procedures, and guidelines.
The audit covered fiscal year 2006-2007 e-procurement and acquisition card activities. During the course of the audit fieldwork, significant changes took place in the organizational structure of the AD and its management of the program. These changes included restructuring of organizational responsibilities, revisions of policies, the launch of a formal monitoring program, and the tendering of a new software platform to replace the WBRO system. Though these changes affected fiscal periods outside the scope of the audit, relevant information is included in the body of this report where appropriate.
The audit was conducted in accordance with the International Standards for the Professional Practice of Internal Auditing.
Conclusion: The CRA acted upon the new flexibilities supported by its agency status by introducing a new approach to administer and manage purchases of low risk, low dollar value of goods and services. E-procurement is in many ways an easier and more cost-effective way for the Agency to procure goods and services, as it streamlines internal procurement processes and encourages the use of strategic suppliers catalogues. Information gathered from interviews and analysis of data revealed that e‑procurement is used widely in the CRA, stakeholders like it, and they want more commodities to be added. Management of the E‑procurement Initiative and acquisition card activities is improving. The AD continues to review their e-procurement strategies and to work with suppliers to increase the number of products and services.
By their nature, E-procurement and acquisition card transactions must rely on financial and administrative controls to mitigate any inherent risks. Based on file review results, key controls tested were not always functioning effectively. The types of errors and compliance issues show that emphasis needs to be placed on managers and cardholders to exercise their due diligence in the e-procurement and acquisition card processes.
For example, controls need to be consistently applied, such as accountability and training for cardholders and cost centre managers concerning their respective responsibilities. The AD piloted new monitoring procedures starting in April 2007 to support improved compliance but the scope of the pilot did not include the whole Agency. Therefore, based on the review done of 2006-2007 data, there is a need for improved monitoring, reporting and analysis of e‑procurement and acquisition card activities to ensure compliance.
As E-procurement and acquisition card transactions grow in importance to the Agency and more vendor relationships are established, the Agency needs to be able to ensure that compliance is continually enhanced and improved, and that expected results are achieved.
Action Plans: The Administration Directorate (AD) and the Financial Administration Directorate (FAD) of the Finance and Administration Branch (F&A) agree with the recommendations and have provided action plans to address the findings of the audit and to further strengthen the E-procurement and acquisition card processes in the Agency.
In July 2007, the AD expanded its monitoring program in order to increase compliance for acquisition card purchases. They are also collaborating with the FAD to improve reconciliation processes and share monitoring results. In January 2008, the AD began reporting on the progress of the monitoring procedures in terms of their effectiveness and the level of compliance by each region and branch. Both the AD and the FAD will continue to use the results of these efforts to continually improve their monitoring functions.
The AD is in the process of implementing the Synergy procurement system which will include replacement of the WBRO tool. The first release of this system will allow management to increase the proportion of internal purchases which are subject to automated system validations and controls.
The AD will develop a training product to coincide with the release of Synergy by March 2009. This will specifically target existing cost centre managers to remind them of their responsibilities related to E-procurement and the use of acquisition cards. Collaboratively with the FAD, the existing Section 34 training will also be updated to reference the acquisition card.
One rationale for creating the Canada Revenue Agency (CRA) was to optimize the efficiency and effectiveness of the organization in managing administrative processes such as contracting and procurement. With the transition to Agency status in 1999, the CRA was delegated full procurement authority and since then, new ways of contracting have been established. For example, the Agency is able to establish competitive strategic sourcing arrangements with suppliers and utilize new methods of supply.
The Administration Directorate (AD) of the Finance and Administration Branch (F&A) has functional authority and accountability for the development and monitoring of procurement policies and procedures, in support of the CRA Act. The AD provides contracting services for all program and operational areas of the Agency when the purchase is of a high dollar value (greater than $ 25,000 for goods and $84,000 for services) and/or of a complex nature. The National Centre for Regional Contracting located at the Laval Tax Services Office responds to all regional requests for goods of a value below $25,000 and services below $84,000. AD also provides contracting services to 7 branches, regardless of the value. Responsibility for low-risk purchases of $5,000 or below is decentralized to the regions and headquarters' branches, where individuals in positions with delegated authority can perform this function on behalf of their own organizations.
In 2001, the AD internally developed CRA’s in-house e‑procurement system combined with a strategic vendor selection strategy. This Web-Based Rapid Order (WBRO) is an end-to end e-purchasing tool through which strategically sourced commodities are purchased using an acquisition card for payment. WBRO is also used to record external low dollar value purchases made with acquisition cards. This procurement responsibility for using acquisition cards has been decentralized to all budget managers. The WBRO system has been integrated with the Agency’s reporting system, the Corporate Administrative System (CAS).
Strategic vendor sourcing allows the Agency to establish long-term contractual relationships with competitively selected vendors to supply goods and services on a best value basis. Strategic sourcing is directly linked to the CRA E-Procurement Initiative and enables the Agency to fully optimize processes, service delivery, and product availability by providing users with easy-to-use online access to goods and services. E‑procurement and acquisition cards have provided some benefits and cost efficiencies, such as a negotiated rebate from the card provider based on volume of purchases, which was reported to be $434,000 for 2006-2007. The Agency also has a strong commitment toward green criteria items. However much of its effectiveness depends on empowerment of the users of these systems to procure approved low dollar value goods and services. With this simplified process also comes obligations for employees and management who use the acquisition cards, namely that the card should be handled with the same diligence and respect as that of cash.
An acquisition card is a government credit card that is used to purchase and pay for goods and services for federal departments and agencies. Organizations issue a card to an employee, but the card account remains the responsibility of the Crown. Acquisition cards were approved for use by federal government departments and agencies in 1991. The cards were made available government-wide through contracts established with acquisition card providers. The cards were established to be the most cost efficient method for purchases under $5,000 and were intended to reduce and simplify procurement of low value, low risk items.
In fiscal year 2006-2007 there were 1,700 acquisition cardholders. Much of the low dollar value procurement function had been decentralized to the administrative staff of the individual responsibility cost centres. The CRA’s annual spending in 2006-2007 using acquisition card purchasing was $46 million representing 159,000 transactions.
Focus of the Audit
The objectives of the audit were to determine whether the E-Procurement Initiative and associated activities are being managed to achieve Agency goals and objectives, and that e-procurement and acquisition card transactions are in compliance with policies, procedures, and guidelines.
The focus of the audit was on assessing the extent of compliance with the basic rules in place for procurement rather than assessing whether the Agency received value for money in individual procurement transactions.
For the purpose of this audit, e-procurement activities are acquisition card transactions processed through the automated WBRO tool. These transactions include both purchases from within the WBRO strategic source catalogues not requiring a physical credit card, and credit card purchases from external vendors.
The audit included a review of selected transactions, extracted from information systems, and an analysis of relevant reports, and applicable source documentation. It also comprised file reviews, focus groups and interviews in Headquarters (HQ) Branches, as well as selected offices in the Ontario, Prairie and Quebec Regions. The examination phase of the audit took place from July 2007 to December 2007.
The period under review was the 2006-2007 fiscal year. During the course of the audit significant changes took place in the organizational structure of the AD and its management of the e-procurement and acquisition card program. These changes included revisions of policies, changes of some regional and HQ responsibilities, the launch of a formal monitoring program, the tendering of a new software platform to replace the WBRO system, and the implementation of an interactive electronic forms tool. Although these changes affected fiscal periods outside the scope of the audit, relevant information is included in the body of this report.
The audit was conducted in accordance with the International Standards for the Professional Practice of Internal Auditing.
Findings, recommendations and action plans
1.0 Management of E-Procurement and Acquisition Card Activities
In order to assess the management of the E-Procurement Initiative and acquisition card activities by the AD, four areas were considered. First, whether clear policies and procedures are established and available to guide the stakeholders in using this program. Then, adequate training is identified and delivered to users to support them in carrying out their respective responsibilities. Third, appropriate controls are in place and functioning to ensure that the acquisition cards are being used as intended. Finally, the E-Procurement technological systems meet the requirements of the program.
1.1 Policies and Procedures
The AD has full accountability and authority for policies and activities regarding procurement and contracting. It is also responsible for the setting of policy, directions and framework in these areas for the CRA.
Policies and procedures for the e-procurement and acquisition card processes have been well established and are available to users through multiple sources. The Procurement Place, CRA’s procurement intranet site managed by the AD, is a major source of information; several procurement policies, communiqués and advisors are available, including information on procurement file documentation and acquisition card guidelines. In addition, approved CRA strategic sourcing vendors are listed for stakeholders to become aware of the procedures, and also of the types of goods and services, which can be purchased using the WBRO on-line procurement system. CRA has incorporated green criteria in all CRA strategic sourcing, and users are encouraged to procure these types of goods. There are also several policies in the Finance and Administration Manual, which cover subjects related to e-procurement and acquisition cards, for example acquisition card procedures, financial policies and responsibilities.
Policy documentation in place was adequate; however interviews and file review information demonstrated there was a weakness in the application of some policy guidelines. The different sources of guidance make it difficult for employees and managers to keep current of all possible restrictions and updates delivered through these policies, communiqués, and advisors. As an example, for the period under review, the audit noted inconsistent interpretation of restrictions on the purchase of IT equipment. A subsequent policy revision made by the AD in fiscal 2007-2008 has clarified this issue. For the cost centre budget manager providing purchase verification and approval (Section 34), the majority of the policies do not represent a deviation from normal procurement duties and obligations. Alternatively, cardholders in many situations may be employees who do not work in a finance capacity and, as such, do not routinely deal with policy sources such as the Finance and Administration Manual or have an appreciation of the responsibilities of the general procurement cycle. This combined with a high number of cardholders and budget managers faced with increased low dollar value procurement decentralization, have contributed to some inconsistent application of policy requirements, as highlighted in section 2.0 of the report.
At the start of the audit, the audit team was provided with draft copies of a revised Acquisition Card Directive and Acquisition Card Procedures, which were subsequently approved in June 2007 by the Chief Financial Officer and Assistant Commissioner, F&A.
The AD and the FAD should conduct ongoing reviews of policies to determine if they are being applied consistently, and where non-compliance and/or misinterpretations of the policy exists, determine if any policies and/or procedures should be revised.
The AD launched a monthly monitoring program in May 2007 to help regularly review policy and procedures through cardholder feedback, questions, and observed trends in non-compliance. This review enables identification of areas where further training is required, or policy need to be improved or clarified. Problem areas are also observed through the FAD statistical sampling process.
Ongoing, the AD and the FAD will communicate with each other whenever there are changes to procedures or policies so that any associated policies can be revised in light of the new information.
In accordance with the CRA Delegation of Procurement Authorities Policy, CRA employees must be fully trained and certified prior to receipt of an acquisition card and prior to be given access to the WBRO system to procure goods and services.
The audit found that technical WBRO and acquisition card training is adequate, but lacks sufficient procurement training when required to purchase externally. Since December 2006, the Contracting Division within the AD has the responsibility to design acquisition card training and ensure that its delivery has been completed. WBRO training is available for users, as well as a WBRO’s User’s Guide to support users with the e-procurement system, and to instruct on what information is required to be entered for approved internal and external purchases. Cardholder focus group comments gathered during the audit indicated satisfaction with the technical aspect of the training, but noted that there was a lack of training on general procurement aspects. Cardholders are skilled in the utilization of the e-procurement system, but often lack the necessary expertise in their procurement role. These users are comfortable purchasing routine office supplies, but feel they have insufficient guidance for less common external purchases that may require additional procurement steps. For example, users purchasing office furniture may not know where to source vendors, if any health and safety guidelines need to be considered, or what general ledger coding to use.
The audit team expected to examine records and logs of training to test if cardholders took acquisition card training but complete training logs did not exist at the time of the audit. Therefore, interviews with cardholders were used to determine if training had been offered. The majority of cardholders interviewed (94%) indicated they had completed the mandatory training. In December 2006, the AD began to track their training effort more rigorously.
There is no mandatory acquisition card training directed to the cost centre managers to assist them in making informed decisions about e-procurement and acquisition card transactions. Cost centre managers are required by the FAD to complete a mandatory course covering their obligations under Section 34 financial payment certification, but it does not cover e-procurement and acquisition card applications. Interviews with managers revealed they had varying levels of understanding of both procurement policies and their financial responsibilities.
The FAD in collaboration with AD should modify the existing Section 34 cost centre managers training course to cover acquisition cards in order to equip managers with an understanding of their e-procurement responsibilities and the related e‑procurement policies.
The AD will continue to work with the FAD to modify the existing S34 cost centre managers’ training by March 2009 to ensure that acquisition cards are referenced.
The AD will develop a training product by March 2009 and in conjunction with the release of Synergy specifically targeting existing cost centre managers to ensure that they are reminded of their responsibilities associated to E-procurement and the use of acquisition cards.
1.3 Administrative Controls
E-procurement and acquisition card transactions, through payment with the acquisition card are subject to a modified version of the controls that are required by the Financial Administration Act for the procurement of goods and services. To maximize efficiencies and reduce costs, credit card bills are centralized and paid by the FAD before a formal commitment of funds, purchase requisition or approval of an invoice can occur. With a reduction in these controls, the Agency has accepted an element of risk that may be associated with these types of transactions. For this reason, the acquisition card program is more dependent on effective preventative controls in the administration and management of the credit cards.
A statistical sample of 115 active credit cards [Footnote 1] data from the credit card provider was analyzed to assess effectiveness of two administrative controls: to ensure employee validity and proper segregation of duties, are met. In 10% of the cases (12 cards) the cardholder was not an eligible employee (i.e. a determinate or indeterminate CRA employee) during the period in which the credit card was active. Interviewees indicated that often information is not communicated to the AD when employees leave the Agency. Therefore, the AD is not in a position to formally track, retrieve or cancel credit cards. Of these 12 cards assigned to employees who had left the Agency, 3 cards had charges made against them, with total value of each transaction ranging from $28 to $150. This information was shared with the AD for further review.
To determine the validity and eligibility of employees requiring a new acquisition card, the AD indicated that in the course of the approval process, they use the CRA’s email address book. The Agency’s email address book is not a reliable source of information to determine cardholder’s eligibility or employee validity. HR information data should be used to support and confirm the status of CRA employees.
Tests were also performed to determine whether duties were properly segregated between the initiation of the procurement and the approval of payments. There were four cardholders (3% of the sample) who also had Section 34 signing authority during the same validity period. This does not comply with the fundamental segregation of duties control since it provides these individuals the ability to approve their own purchases. During the fiscal period under review, the AD did not have formal tracking mechanism to monitor users that had an acquisition card and Section 34 signing authority. Interviews with the FAD, the functional authority for financial signing authorities, revealed that they were unable to obtain cardholder listings from the AD to prevent these situations from occurring.
These issues were shared during the course of the audit with the AD who initiated several changes to their card management activities in 2007-2008.
The AD and FAD should implement a robust process to effectively administer the issuance and maintenance of acquisition cards, including steps to ensure that proper segregation of duties is respected.
In July 2007, the AD implemented an internal online card application administration tool to track cardholder information and incorporate mandatory automated and manual process confirmations, which include the signature of the cost centre manager and the acquisition card program manager on the Procurement Designation and Accountability Declaration document for each cardholder prior to being issued a card. The AD now uses this form to determine the cardholders’ eligibility through a self- confirmation statement and the cost centre manager’s signature.
Ongoing, the AD will continue to verify card applications through this tool to ensure that: all applicants are valid CRA employees; they do not have section 34 signing authority; mandatory training has been completed; the Procurement Designation and Accountability Declaration has been signed; and that the card has been activated with the bank by the cardholder. Inactive credit cards will also be monitored to assess the employees’ validity and the necessity of keeping the card open. The AD has taken actions to cancel cards where employees were found to be not eligible.
The revised acquisition directive provides a requirement that if cardholders also hold section 34 signing approval they must be approved by the Director of Contracting. All new applicants now are verified in CAS to ensure that they do not have section 34 authority. The AD is working with FAD to finalize a process whereby all new delegated cost centre managers are cross-referenced against the list of all acquisition cardholders to ensure that there is no duplication. This process will be finalized and implemented by the end of the third quarter in fiscal 2008-2009.
The AD has initiated, with their monitoring program release, a 100% monitoring review of the acquisition card transactions made by the individual cardholders who, as exceptions, also have section 34 signing authority. This monitoring ensures that the transactions are made in compliance with the acquisition card directive. The AD has accepted the risk of some individuals holding both a credit card and financial signing authority based on their compensatory approval and monitoring controls.
The e-procurement system requires the interaction of several stand-alone applications. Cardholder and purchase charges are contained within the credit card provider on-line billing system. This information is transferred into the Agency’s web-based procurement system (WBRO) where, for external purchases, the cardholder must enter purchase information to match billing amounts. Then, this reconciled information is processed and transferred overnight into the Agency reporting tool, CAS. The audit assessed if the information transferred to CAS was accurate and complete.
A number of challenges were encountered in the assessment of the various systems data to determine accuracy and completeness. Internal e-procurement transactions are assigned an order number that is consistent between each system, however external acquisition card purchases require merging different identifying numbers and databases. Also, during the period under review cardholders were able to group purchased line items together and process multiple transactions into one item, or not at all if they netted to zero. The audit also found instances where users altered the vendor or general ledger account information in one system, but not the others.
These actions could represent a risk to the Agency as it may impact the accuracy and the integrity of the data, and may hinder management’s ability to monitor their budgets. The current practices make the audit trail through all systems for external acquisition card transactions difficult and time consuming to trace, prevents automation of the complete matching process and thus makes the monitoring process less efficient. This also makes it more difficult for the Agency to report accurately and consistently on volume levels and the nature of transactions.
The AD has indicated that they have procured a new software program to replace the WBRO system. It is anticipated it will be implemented in fiscal year 2008-2009. This software aims at enhancing controls to better track and to monitor data, and has the capability requirements to allow additional catalogues which will support the increase in e-procurement transactions.
The AD should ensure that the different systems involved from procurement to payment are better integrated to support automated system validations and controls throughout the entire procurement process. Consideration should be given to implementing an automated matching process from the credit card provider’s online billing system through to the approved Section 34 process in CAS to ensure completeness and integrity of the data.
The AD is in the process of implementing the Synergy procurement system which will include replacement of the WBRO tool. The first release of this system will allow management to increase the proportion of internal purchases which are subject to automated system validations and controls. In addition to this measure, FAD and AD will undertake steps to strengthen the training material for cost center managers on the section 34 process to ensure that policy and legislative requirements in this regard are understood and met.
Random sampling test results
A statistical sampling approach was used by internal audit to select acquisition card purchasing transactions. The sample plan was designed to provide a 95% confidence level, an expected deviation rate of 6% and a tolerable deviation rate of 11%. These criteria are in line with the Finance and Administration Manual policy for the FAD’s statistical sampling for post-payment review to determine the level of accuracy and for compliance requirements. This policy defines critical errors as an error serious enough to require that a correction be made, while a non-critical error is considered not material and poses minimum risk. The critical errors found through the sampling process form the basis for measuring the adequacy and accuracy of the verification process.
The random statistical sample of 128 acquisition card purchases was selected for review to assess compliance with policy and accuracy of CAS data. The audit found that 93 out of the 128 files (73%) had no critical errors identified and these transactions were in compliance with the Agency’s procurement and financial policies. However, at least one critical error was identified in 35 of the 128 files (27%) reviewed, and therefore they were not in compliance with policy. All of the 128 files selected were available for review. In total, 40 critical errors were found in 35 procurement transactions:
- 17 of these errors were noted as being deficient in having key documents on file, i.e. the original invoice to support the purchase was not available;
- 12 purchases were noted where the Section 34 budget manager’s financial approval of the purchase was questionable, as the manager’s level of delegated authority was either incorrect or not verifiable;
- 2 files contained no original Section 34 report to authorize the purchase;
- provincial sales tax was paid for a tax-exempt purchase on one transaction; and
- 8 files were not in compliance as they pertained to items purchased that were restricted by the acquisition card policy.
Each of the critical errors alone carries its respective degree of severity. However, collectively these errors increase the exposure of the Agency to unnecessary risks. These results demonstrate that key controls tested at the time of the review were not functioning properly to ensure compliance with policies and procedures. Many of these errors could have been prevented by the existing internal controls if properly exercised by cost centre managers and their acquisition cardholders.
Overall, the test results of this random sample demonstrated that most of the critical errors found were related to external transactions [Footnote 2]. Although the sample was not designed to draw a conclusion on the level of compliance of internal transactions compared to external transactions, the results from the testing suggests that strategic catalogues (internal transactions) promote compliance with procurement rules. As evidenced in this random sampling result, internal e-procurement transactions still can have other critical errors such as no invoices on file or no budget manager’s signature to approve the purchase.
Directed sampling test results
A directed sample was conducted to address higher-risk external transactions made outside of the procurement catalogues. These were extracted using data-mining techniques. The audit selected 230 high-risk transactions similar to the types of purchases that should have been identified through a monitoring program, such as weekend transactions, international vendors, contract splitting, and various vendor categories.
Out of the targeted 230 files, 175 had at least one critical error. Furthermore, one file could not be provided for review; therefore, no conclusion could be made as to its legitimacy. Finally, the sample review found transactions for goods and services that are prohibited by the acquisition card policy such as donations to charities, greeting cards, flower deliveries and retirement gifts. Although non-compliant, these purchases were all approved by an authorized cost centre manager. Some of these non-compliant transactions had already been picked up and addressed by existing internal controls.
Although the audit was not designed to identify fraud or abuse within acquisition card purchasing transactions, a few transactions presented a high-risk of fraud and were reported to management for appropriate action. The Internal Affairs and Fraud Prevention Division in the Security, Risk Management and Internal Affairs Directorate have initiated investigations in the use of acquisition cards.
The AD, in concert with finance and e-procurement officers in regions and branches should ensure managers and cardholders comply with the Agency’s e‑procurement and acquisition card policies. The appropriate level of management should be informed of instances of non-compliance and ensure corrective action is taken.
The AD implemented a monitoring process in May 2007, which provided specific instructions to e-business officers concerning the Acquisition Cards Monitoring Procedures. All cardholders receive an email, with a copy to their manager, for non-compliance transactions. With this monitoring process now in place, the AD expects that there will be a drastic reduction in these types of transactions.
In the fall of 2007, the AD responded to these monitoring results by adding a one-hour presentation on Acquisition Card policies in the e-procurement training provided to all acquisition cardholders. The training highlights items such as contract splitting, after-the fact transactions, payments without reference and many other "do's and don'ts". This PowerPoint presentation was made available to the Regions, so that it can be incorporated into the training provided by the e-business officers.
The AD will continue with the monitoring program implemented in 2007, in order to address suspicious transactions and report them to management for action. The AD will also continue to apply consequences such as cancelling the acquisition card, for those who do not comply with policies and procedures, as well as reporting any cases of fraud discovered during the monitoring process.
3.0 Program Monitoring and Performance Reporting
A critical element of the success of the e-procurement and acquisition card program is an ongoing monitoring and reporting function to identify and address variances from policy or program goals. Timely response to potential problems ensures that errors are corrected, users are provided continuing and relevant support, and established performance targets can be assessed.
During 2006-2007, the AD had only limited local monitoring initiatives in place to review acquisition card purchasing transactions. For that period, FAD’s statistical monthly review did cover selected financial controls such as Section 34 approvals but it did not include procurement monitoring issues such as compliance with the acquisition card directive. In April 2007, the AD launched a pilot monthly Regional E-Business Officer Monitoring Kit to be used to monitor acquisition card purchases within the regions and some headquarters branches. Regional E-Business Officers were assigned the responsibility in the regions to monitor acquisition card purchasing transactions and to provide any general information to acquisition cardholders. The following are some types indicated for monitoring; weekend transactions, non-compliance strategic sourcing, contract splitting, purchases not reconciled, and purchases over $5,000. The monitoring kit includes an overview, instructions, email templates, and monitoring log sheets. The monitoring log sheets are to be sent on a monthly basis to the AD for their review. In place for approximately one year, the monitoring approach is still evolving. The AD has indicated they have not determined the effectiveness of the monitoring efforts nor have they determined compliance patterns of acquisition cardholders.
The AD has indicated the intended goals and objectives of introducing the E‑procurement Initiative have been achieved. These included a streamlined and standardized procurement process, implementing strategic supplier catalogues resulting from contracts on an e‑procurement tool, and the decentralization of the use of acquisition cards to procure and pay for low risk, low value goods and services.
Senior management is provided with a Quarterly Contracting Report that includes the total spending for the period. The quarterly reports demonstrate there has been an increased utilization of the E-procurement Initiative. Interviewees in regions and branches recognized the benefits of the E-Procurement Initiative, comments indicated they liked the e-procurement system and felt it was a cost-effective way to do business. However, performance information used by the AD is limited to volumetrics and does not include indicators such as the rates of use of strategic supplier catalogues, compliance rate and savings achieved. As such, not enough information was available to provide assurance on the Initiative’s effect on the achievement of goals and objectives.
1. The AD should expand the acquisition card monitoring program to include all branches and regions. The AD in collaboration with the FAD should also analyze their monitoring results to ensure compliance is being achieved, and to prevent reoccurrence of instances that should be addressed and corrected.
2. The AD should establish comprehensive measurable performance indicators to enable reporting on the achievement of the Agency’s overall e-procurement goals and objectives.
1. In July 2007, the AD expanded the Headquarters transactions monitoring to 100% review of questionable vendors, non-compliance to strategically sourced items, inactive cards, and over $5K transactions in all branches. The AD also met with the FAD to define the process for monitoring non-reconciled transactions. The process was included in the monitoring kit and updated on March 31, 2008. A system generated email is sent to cardholders for items which transactions have not been reconciled and are more than 7 days overdue.
In January 2008, the AD began reporting on the progress of the monitoring procedures. The intention of the report is to demonstrate effectiveness and the level of compliance by each region/branch by quarter and to provide information to the e-business officers as feedback on their monitoring efforts.
As of April 1, 2008, the FAD has implemented a Continuous Controls Monitoring tool, which will enable increased monitoring.
Ongoing, the FAD will share the results of their statistical sampling on acquisition card transactions with the AD to allow the AD to follow up on errors that are being detected by the FAD.
2. In 2007, the AD began making presentations to regions and branches depicting trends in their procurement activities. These presentations include yearly comparisons of acquisition card transactions and dollar values. It is the AD's intention to continue to deliver these presentations and improve upon them.
The AD will continue to improve their measurable performance indicators through their reporting with the roll-out of Synergy.
4.0 Managers’ Accountability
All managers in the Government of Canada are trustees of public resources. Managers are expected to have a clear understanding of their financial management responsibilities and to be able to demonstrate accountability for their performance in this regard. Interviews and file reviews revealed a vast range of awareness about these principles or application of both of these elements. For example, through the samples tested during the audit, cases were identified where managers had approved purchases with no supporting documentation, approved prohibited items, and/or inappropriate procurement practices such as contract splitting using the acquisition card. Many questionable transactions resulted from lenient interpretations of more flexible policies such as hospitality, gifts and awards. Results from interviews and file review have suggested that only a few disciplinary measures or corrective actions have been taken.
As the control framework for e-procurement and acquisition card transactions effectively relies on cost centre budget managers’ certification and verification after payment has been made, this role is fundamental to mitigating the risks of fraud, waste and abuse. Managers acting without probity, prudence or concern for effectiveness, efficiency and economy are directly exposing the Agency to unnecessary risks and jeopardizing the success of the E-procurement and acquisition card initiative.
The AD in collaboration with the FAD, should inform cost centre managers of non-compliant transactions and advise if any corrective actions should be taken.
Included in the AD’s monitoring process, is the requirement to send all emails to cardholders with a copy to their managers concerning questionable or potential non-compliant transactions. The AD follows up with an email with corrective actions to be taken, and/or provides further explanations of the policy. This email is escalated to the next management level when no corrective actions are taken. The AD will perform these follow ups with respect to errors detected as part of their internal monitoring process, as well as errors identified through the FAD's statistical sampling process.
The AD will continue with the monitoring activities initiated in 2007 and continue to report transactions which are not in accordance with the policies and procedures.
The CRA acted upon the new flexibilities supported by its agency status by introducing an E‑Procurement Initiative and it has established competitive strategic alliances with suppliers and utilized new methods of supply. Overall, the e-procurement and acquisition card purchasing process is in many ways an easier and more cost-effective way for the Agency to procure low value, low risk goods and services. Information gathered from interviews and analysis of data revealed that e-procurement and acquisition card are widely used in the CRA, stakeholders like them, and they want more commodities to be added. Management of the E-procurement and acquisition card initiative and associated activities is improving. The AD continues to review their e-procurement strategies, expand system capabilities, and to work with suppliers to increase the number of products and services.
By their nature, E-procurement and acquisition card transactions mustrely on financial and administrative controls to mitigate any inherent risks. Based on file review results, controls in place are not always functioning effectively. The types of error and compliance issues show that emphasis needs to be placed on managers and cardholders to exercise their due diligence in the e-procurement and acquisition card processes. For example, controls need to be consistently applied, such as accountability and training for cardholders and cost centre managers concerning their respective responsibilities. The AD piloted new monitoring procedures starting in April 2007 to support improved compliance but the scope of the pilot did not include the whole Agency. In addition, there is a need for improved monitoring, reporting and analysis of e‑procurement and acquisition card activities to ensure compliance.
As E-procurement and acquisition cards grow in importance to the Agency and more vendor relationships are established, the Agency needs to be able to ensure that compliance is continually enhanced and improved, and that expected results are achieved.
Report a problem or mistake on this page
- Date modified: