Common menu bar links
ARCHIVED - Audit of Delegated Authority Under Section 33 of the Financial Administration Act
This page has been archived.
Archived Content
Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.
Internal Audit Report
April 2009
Table of Contents
- Executive Summary
- Introduction
- Audit Opinion
- Findings, Recommandations and Management Action Plan
- Appendix A: Organizational Chart of the National Financial Transaction Centre Function
- Appendix B: Audit Criteria
- Appendix C: Flow Chart
- Appendix D: Summary of Benchmarking Exercise
- Appendix E: Audit Sampe Reviewed
- Appendix F: Acronyms
Executive Summary
Background
Parliament and Canadians expect the Government of Canada to be prudent regarding the stewardship of public funds. The Financial Administration Act (FAA) provides legislation on the financial administration of the Government of Canada. Section 32 of the FAA provides the authority to commit funds against an appropriation before the expense is incurred. Section 34 provides the authority to certify that the work was performed and that the goods were supplied or the services were rendered as contracted. Section 33 provides the authority to pay the expenditures after ensuring that the payment shall be a lawful charge against an appropriation and that section 34 has been properly exercised.
In 2005, the Canada Border Services Agency (CBSA) established the National Financial Transaction Centre (NFTC) in Montréal to centralize the payment authority function for all of the CBSA regional offices and branches. All regions and branches are now processed at the NFTC; however, the Pacific, Niagara–Fort Erie and Northern Ontario regions were transferred over in the last year.
The audit was conducted from July to October 2008 and follows the results of the section 34 audit that was completed in December 2008.
Objective and Scope
The objective of the audit was to provide assurance that section 33 functions at the Agency are in compliance with the FAA and that the control framework is operating effectively.
The audit scope included all aspects of the section 33 process and covered a random sample of 145 transactions from October 2007 to July 2008. The scope included those regions that had their payment authority functions transferred to the NFTC and those that were still exercising section 33 functions independently during the audit period.
Site visits were conducted at the NFTC and in the Pacific, Niagara–Fort Erie and Northern Ontario regions. The audit excluded transactions related to payroll, which are planned for a future audit, as well as capital assets and travel expenditures because those were subject to recent internal audits.
Statement of Assurance
This audit engagement was planned and conducted in accordance with the Internal Auditing Standards for the Government of Canada.
Audit Opinion
Section 33 functions at the CBSA are compliant with the FAA in all material respects. Improvements in the areas of payment processing and monitoring would strengthen the effectiveness of the control framework at the CBSA.
Main Observations
CBSA policies, directives and procedures for the administration of section 33 of the FAA were consistent with Treasury Board policies and directives. Managers with delegated authority for section 33 of the FAA knew and understood their roles, responsibilities and accountabilities; however, the role and mandate of the NFTC was not well understood by CBSA managers. Transactions sampled were in general compliant with the FAA but supporting documentation or other evidence of pre-payment verification review was not always in the file. Monitoring of gated and non-gated transactions was performed by the NFTC on an ongoing basis; however, there has been limited monitoring conducted by CBSA Headquarters (HQ) and no formal reporting of monitoring results with appropriate follow-up action taken.
Management Response
The Comptrollership Branch agrees with the recommendations in this report.
Introduction
Background
Parliament and Canadians expect the Government of Canada to be prudent regarding the stewardship of public funds. The Financial Administration Act (FAA) provides legislation on the financial administration of the Government of Canada. Section 32 of the FAA provides the authority to commit funds against an appropriation before the expense is incurred. Section 34 provides the authority to certify that the work was performed and that the goods were supplied or the services were rendered as contracted. Section 33 provides the authority to pay the expenditures after ensuring that the payment shall be a lawful charge against an appropriation and that section 34 has been properly exercised.
The FAA is supplemented by the Payments and Settlements Requisitioning Regulations, 1997, Treasury Board which prescribe the format, certification and integrity of payment requisitions. The Electronic Payments Regulations of 1998 include instructions applicable to every electronic payment made out of the Consolidated Revenue Fund. There are also other pertinent Treasury Board policies and directives in the areas of expenditure initiation, approval and processing of payments. These policies and directives also address areas such as financial management, internal control and governance. The Canada Border Services Agency’s (CBSA) Management Control Framework and Financial Administration Control Framework[ 1 ] also provide guidance on required controls for prudent management and use of Agency funds.
At the CBSA, the Corporate Finance Directorate of the Comptrollership Branch is responsible for the following:
- developing and maintaining the financial signing authorities and related financial delegation instruments;
- developing and implementing expenditure and revenue financial policies, procedures, controls and practices;
- providing advice on revenue and expenditure policies;
- monitoring financial processes and practices to ensure compliance,
- providing development and support services for the Corporate Administrative System (CAS); and
- developing the CBSA’s financial strategies and related financial planning, budgeting, reporting and analysis functions.
The Agency has entrusted its financial officers with the required payment authority through the delegation of financial signing authorities document, which is authorized by the President of the CBSA. Financial officers who perform section 33 functions are responsible for confirming the following:
- that expenditures are a lawful charge against the appropriation;
- that FAA sections 32 and 34 have been properly complied with; and
- that appropriate financial controls are in place.
In 2005, the CBSA established the National Financial Transaction Centre (NFTC) in Montréal to centralize the payment authority function for all eight CBSA regional offices and the seven branches.
The NFTC reports functionally to the Director of Corporate Accounting and Financial Policy Division in the Comptrollership Branch. The NFTC is headed by the Manager of Finance, who reports to the Director of Corporate Services of the Quebec Region. The Manager is responsible for resource management, comptrollership tasks, CAS coordination functions in the Quebec Region and the NFTC at the national level. The Manager is assisted by a team leader and 18 support staff (see Appendix A for details).
From 2005 onward, the payment authority functions of regional offices and branches were gradually transferred to the NFTC. As for the three regions visited during the audit, the functions for the Niagara–Fort Erie Region were transferred in December 2007, for the Northern Ontario Region it was April 2008 and for the Pacific Region it was November 2008.
Currently, the NFTC has full payment authority for branches at CBSA Headquarters (HQ) and for all of the CBSA regions. It is responsible for section 33 functions and for monitoring gated[ 2 ] and non-gated transactions.
Prior audits included the 2006–2007 horizontal audit of delegated financial authorities by the Office of the Comptroller General of Canada. This audit found that the CBSA had not implemented all relevant policies and procedures related to the delegation of authorities to reflect the CBSA’s organizational structure. Further, the delegations of authority were not widely communicated in a timely manner. The audit on the proper conduct of public business by the Auditor General of Canada in November 2006 found improperly sole-sourced contracts, abuse of acquisition cards and high levels of non-compliance.
In December 2008, the CBSA Internal Audit Directorate presented the audit report on delegated authority under section 34 of the FAA. The report found that the controls could be strengthened to ensure that transactions are authorized with sufficient and appropriate documentation on file.
This audit of delegated authority under section 33 of the FAA was approved in October 2007 by the Audit Committee as part of the CBSA’s multi-year audit plan for 2007–2010.
Risk Assessment
To assist in audit planning and to determine potential priorities and areas of audit, a preliminary risk assessment identified the following key risks:
Roles and responsibilities: There is a risk that roles and responsibilities may not be identified and communicated, or that they may not be well understood, given the recent centralization of section 33 functions at the NFTC in Montréal.
Policies and procedures: There is a risk that the policies and procedures on section 33 certification may not be complete, properly communicated or well understood by delegated authorities and support staff, which may result in non-compliance and/or inadequate controls over payments.
Knowledge and training: There is a risk that financial officers with delegated authority for section 33 of the FAA and their support staff may not have the necessary knowledge or have received adequate training to enable them to properly carry out their responsibilities.
Monitoring and control: There is a risk that the monitoring and reporting framework may be inadequate for the CBSA to ensure compliance, to identify problems and to take corrective measures in a timely manner.
Audit Objective and Scope
The objective of the audit was to provide assurance that section 33 functions at the Agency are in compliance with the FAA and that the control framework is operating effectively.
The audit scope included all aspects of the section 33 process and covered a random sample of 145 transactions over 10 months from October 2007 to July 2008. The scope included those regions that had their payment authority functions transferred to the NFTC and those that were still exercising section 33 functions independently. Supporting documents relating to all samples selected for review were requested directly from the regions and the NFTC.
Site visits were conducted at the NFTC and in the Pacific, Niagara–Fort Erie and Northern Ontario regions. Those regions were selected because they were still exercising section 33 payment-processing functions during the audit period.
The sample excluded transactions related to payroll, which are planned for a future audit, as well as capital assets and travel expenditures because those were subject to recent internal audits[ 3 ].
Approach and Methodology
The audit was conducted using the following approach:
- Review CBSA policies and procedures and other relevant documentation on the delegation of authorities.
- Follow up on management action plans from phase I of the audit of delegation of financial authorities conducted by the Office of the Comptroller General of Canada in 2006–2007.
- Consult with the regions and with key personnel from the NFTC to understand the audit area and identify gaps in the control framework.
- Visit the NFTC to observe, review and examine the administration of delegated authority under section 33 of the FAA.
- Interview delegated authorities on their performance of section 33 functions of the FAA.
- Assess the controls related to the administration and performance of the delegated authority under section 33 of the FAA
- Examine a representative sample of transactions between October 2007 and July 2008 to assess the accuracy and completeness of payment transactions and to ensure compliance with section 33 of the FAA.
- Review the monitoring and verification done by the NFTC and the Corporate Finance Directorate on gated and non-gated transactions, including the risk-assessment process used to determine which transactions will result in a section 33 review.
- Benchmark with other government departments and the Office of the Comptroller General of Canada to determine the level and responsibilities of section 33 functions and the number of resources that conduct the role.
Audit Criteria
The audit criteria used for the audit are outlined in Appendix B.
Statement of Assurance
This audit engagement was planned and conducted in accordance with the Internal Auditing Standards for the Government of Canada.
Audit Opinion
Section 33 functions at the CBSA are compliant with the FAA in all material respects. Improvements in the areas of payment processing and monitoring would strengthen the effectiveness of the control framework at the CBSA.
Findings, Recommendations and Management Action Plan
Roles and Responsibilities
Roles, responsibilities and accountabilities were clearly understood by financial managers with delegated section 33 authority. Policies and guidelines were communicated and available to employees. The mandate of the NFTC was communicated to all branches and regional offices; however, the role and mandate of the NFTC was not well understood by CBSA managers.
The Comptrollership Branch is responsible for establishing and formalizing the roles, responsibilities and accountabilities of the delegated financial signing authorities related to sections 32, 33 and 34 of the FAA.
In 2005, the Comptrollership Branch decided to centralize section 33 functions at the NFTC located in Montréal, Quebec. The centralization was phased in over three years; the Pacific Region was the last region to migrate payment authority functions in November 2008.
Policies and procedures on performing section 33 functions have been communicated through the Comptrollership Manual; they are also accessible on the intranet.
The mandate of the NFTC has been prepared and disseminated to all branches and regional offices. Although the mandate document exists, there is a lack of understanding on the part of some managers with section 34 delegated authority about the roles and responsibilities of persons exercising section 33 and of subordinate staff at the NFTC. This has resulted in challenges for these operational managers with section 34 delegated authority when NFTC staff request supporting documentation from them or when NFTC staff request further clarification on payment requests initiated by them. For example, there were instances of transactions exceeding $10,000 that were incurred without a purchase order and were forwarded to the NFTC for payment without a copy of the supporting agreement. The copy of the agreement was not forthcoming when requested and the NFTC was advised to make the payment to avoid it becoming overdue. As a result, NFTC staff were pressured into processing payments without having the benefit of all the necessary documents and associated information available to make informed decisions.
The audit also conducted a benchmarking exercise to compare the CBSA with section 33 centralized units at three other government departments or agencies to understand the total workload processed, the resources applied and the methodology used for monitoring. The analysis found that for control purposes, the delegated section 33 authorities at these entities were predominantly entrusted to a limited number of financial officers and this was also the case at the CBSA. At the CBSA, approximately 200,000 payment verification transactions were processed annually by a subordinate staff of 18 headed by a team leader and a manager of finance. This was also in line with other benchmarked entities (see Appendix D for details).
Recommendation
1. The Vice-President of the Comptrollership Branch should ensure that CBSA managers understand the role and mandate of the NFTC and that the section 33 delegate is the final authority to recommend and release the payment of funds on behalf of the Agency.
| Management Action Plan | Completion Date |
|---|---|
|
Corporate Accounting and Financial Policy Division |
|
|
The Division will establish a protocol to be approved by the senior financial officer. This protocol will be used to resolve situations where the individual who is exercising section 33 stops a transaction because he or she questions the adequacy of the section 34 account verification or because there are insufficient funds. |
May 31, 2009 |
|
The protocol will be included as part of the section 34 training provided to managers. |
Fall 2009 |
Delegation of Financial Authorities
The delegation of financial authorities instrument and the annual review of specimen signature documents (SSDs) were up to date and accessible to delegated financial managers; however, currently the annual review does not align individual delegated authorities with the results of monitoring.
The delegation of financial authorities is required to provide individuals with specific roles and responsibilities that relate to their job function. It also provides those delegated individuals with the onus of stewardship and accountability on the use of public funds. The delegations between sections 32, 33 and 34 of the FAA also introduce the notion of segregation of duties, a key control in exercising financial and expenditure functions.
At the CBSA, four individuals are authorized to process expenditure transactions electronically under section 33 of the FAA. Two are located at HQ and the other two are at the NFTC. The audit noted that the individuals with section 33 delegation at the NFTC who had diskettes for electronic payment authorization secured their individually assigned diskettes in a locked cabinet when the diskettes were not in use. Furthermore, the office was kept locked after office hours.
At the NFTC, section 33 payment verification signing is performed by the Team Leader (the Manager of Finance is the back-up, when required). The audit noted that section 33 transactions pertaining to the NFTC or to the Manager of Finance, Quebec Region (also functioning as the Manager of the NFTC), were handled between the Team Leader and the Manager, bearing in mind appropriate segregation of duties.
Regional finance units and the branch management services units (BMSUs) at HQ were responsible for ensuring that specimen signature documents (SSDs) of incumbents with delegated section 34 financial authority were updated and available, for reference purposes, to persons exercising section 33 of the FAA. For the sample transactions reviewed, the audit noted that appropriate and valid SSDs were in place, both for incumbents as well as for individuals who were acting in the position temporarily.
The audit noted that while a review of all SSDs was conducted annually, the review did not align the continuation of individual authorities to the NFTC monitoring results, particularly for any recurring section 34 authority lapses. In addition, in its recent horizontal audit of delegated financial authorities report issued in April 2008, the Office of the Comptroller General of Canada also advocated that monitoring activity results be taken into consideration to recommend adjustments to delegated authorities.
Recommendation
2. The Vice-President of the Comptrollership Branch should implement an annual risk-based review of all delegated authorities that considers corrective measures taken based on monitoring results.
| Management Action Plan | Completion Date |
|---|---|
|
Corporate Accounting and Financial Policy Division |
|
|
The Division will incorporate into its annual risk-based review of delegated authorities the possible removal or reduction of delegated authorities based on non-compliance identified through the monitoring of spending authorities. |
Fall 2009 |
Knowledge and Training
Delegates with section 33 authority at the NFTC have extensive experience in the finance domain of the public service and they provide coaching and on-the-job training to staff that carry out section 33 pre-audit verification functions.
Having sufficient and adequate knowledge allows employees to consistently ensure that all the provisions of section 33 of the FAA have been complied with as required.
Under the current Treasury Board requirement, before an employee is allowed to exercise section 34 of the FAA, it is mandatory for the individual to complete the Canada School of Public Service’s authority delegation training followed by an online knowledge assessment. However, currently there is no similar formal training developed for financial officers who exercise section 33 of the FAA or for their subordinate staff who perform the bulk of pre-payment verification reviews on their behalf.
At the NFTC, the Manager of Finance and the Team Leader have the delegated authority for section 33 of the FAA. They also have extensive experience and years of service in the finance domain of the public service.
Reporting to the NFTC Team Leader are financial officers, financial technical agents and other support staff who perform the necessary account verification prior to section 33 being exercised. Due to the unavailability of formal courses through the Canada School of Public Service, section 33 training was mostly conducted through coaching and on-the-job learning at the NFTC. New employees (support staff) were provided with six months of coaching and had access to CBSA policies and procedures through the intranet.
The audit concluded that the combination of experience and coaching addressed the knowledge requirements.
Section 33 Payment Process
The audit sample found general compliance with the FAA; however, supporting documentation or other evidence of pre-payment verification review was not always in the file.
Operational managers, upon receipt of goods or services and supporting invoices, are required to certify expenditures for payment by signing the hard copy of the section 34 report generated through CAS. The hard copy and supporting documentation are then forwarded to the NFTC for payment verification and processing (see Appendix C).
CAS automatically provides a section 34 report; in this report, all transactions that are gated or high-risk transactions and must be verified prior to authorizing payment are marked with an asterisk. The remaining transactions are considered non-gated or medium- to low-risk transactions and are reviewed post-payment using statistical sampling.
A walkthrough of the process for gated transactions confirmed that NFTC staff ensured that an original invoice supported the information on the signed section 34 report, that the quantities matched the goods received report, that the general ledger account corresponded with the description on the invoice and that the signature on the section 34 report corresponded to and was within the limits imposed by the SSD.
Purchase requisitions, purchase orders, and goods and invoice receipts were verified online through CAS. However, payments related to contracts or agreements were not always supported because the person exercising section 33 did not always have access to the contracts or agreements (these documents were not stored and available in CAS; they resided at other locations with the operational managers who exercised section 34). Sampled transactions indicated that 14 percent of the payments made were not supported by purchase orders and/or contracts (see Appendix E for details). Consequently, a great deal of reliance was placed on verifying section 34 delegates to support the payments or on contacting the necessary region or HQ branch for clarification and verification of prices or other terms and conditions that may be relevant.
The general protocol followed by the NFTC was that all payments made pursuant to section 33 were determined legal when transactions had a purchase requisition and a purchase order because funds would have been committed prior to incurring the expenditures. The audit noted that fund reservations were not always made to commit funds for expenses incurred without purchase orders, such as for utility bills or acquisition card payments.
Although NFTC staff initialled the section 34 reports upon verification, there was no auditable evidence of the extent of the review done by support staff because there were no specific desk procedures or checklists used to demonstrate this. As a result, it was not evident what steps of the account verification had been performed by the support staff. In the absence of a formalized review checklist for use by subordinate staff, the staff may not consistently carry out the payment verification for section 33 processing, as required by the CBSA’s Finance and Administration Manual.
Staff interviews indicated that a checklist would be very helpful for the pre-verification review exercise. They also indicated that a checklist would be a valuable tool to assist them with their learning and daily job function. The recent internal audit on delegated authority under section 34 of the FAA[ 4 ] also observed that desktop tools, such as checklists, would allow for a clear conveyance of delegated responsibilities. The checklist would facilitate consistent compliance with all the provisions of section 33 of the FAA such as the need for relevant supporting evidence, etc.
The audit sample of transactions selected for review revealed that payments made under section 33 of the FAA were generally processed on a timely basis at the NFTC. Processing time was five days for gated transactions and three days for non-gated transactions, as per the NFTC standard. The turnaround time was based on the date the payment request and supporting documents were received at the NFTC. None of the transactions sampled included interest for late payments. From the sample of 65 HQ transactions, three (five percent) were processed beyond the 30-day service standard and should have incurred interest charges.
Presently, CAS does not have an automated payment on due date functionality for calculating interest on any late payment of invoices, which was why interest was not being calculated or paid. Consequently, when required, interest for late payment was calculated manually, which resulted in delays in interest payments to suppliers and additional costs to the Agency.
The audit also noted that four (six percent) of the 65 transactions had invoice receipt dates that were the same as the CAS posting date (i.e. the dates were later than when the invoices were actually received at the Agency). Interviews confirmed that the invoice receipt date in CAS was not the actual date the invoice was received by the Agency, but rather the date when the invoice was received at the branch management services unit (BMSU) or when it was posted. Given this practice, it is difficult to track whether invoices were paid within the 30-day service standard. Therefore there is a risk that suppliers’ invoices may not be processed for payment within the required service standard.
The audit sample did not include any transactions that offered discounts for early payment. The audit also noted that interdepartmental accounts were settled promptly.
For the samples selected for the period of October 2007 to July 2008, there were no duplicate payments noted for the same supplier with the identical payment request. Additional testing for potential duplicate payments was also conducted to review identical amounts for the same supplier from the audit sample database. Based on the results reviewed, the audit did not find evidence of any duplicate payments.
Recommendations
3. The Vice-President of the Comptrollership Branch should ensure that a checklist is developed and implemented to strengthen section 33 functions and to support consistent payment verification.
| Management Action Plan | Completion Date |
|---|---|
|
Corporate Accounting and Financial Policy Division in consultation with the |
|
|
The Division, in consultation with the NFTC, will develop and implement a checklist in support of section 33 functions. |
Completed |
4. The Vice-President of the Comptrollership Branch should ensure that an efficient and effective section 33 payment verification process is in place to ensure that payment requests are properly supported.
| Management Action Plan | Completion Date |
|---|---|
|
Corporate Accounting and Financial Policy Division |
|
|
An independent review of the efficiency and effectiveness of the section 33 payment verification process will be completed to ensure that payment requests are properly supported. |
Fall 2009 |
5. The Vice-President of the Comptrollership Branch should monitor the processing dates entered into CAS for goods/services and invoice receipt dates. This will ensure that the dates correctly correspond to the actual dates when those goods/services and invoices were received at the Agency and that payments are made by the due dates.
Management Action Plan |
Completion Date |
|---|---|
|
Corporate Accounting and Financial Policy Division |
|
|
The NFTC will add to the list of checks performed on the monthly statistical sample. This check will ensure that the invoice receipt date entered in CAS for the good/service is the date the invoice was stamped as received by the Agency. Invoices not stamped when received by the Agency will be assumed to have been received five working days after the date on the invoice. This check will be performed on external invoices where the standard 30-day payment terms are applicable. The results of the statistical sampling will be provided to the branches and regions for corrective action and the process will be monitored for compliance by the Corporate Accounting and Financial Policy Division. |
Completed |
Monitoring
Monitoring of gated and non-gated transactions was performed by the NFTC on an ongoing basis; however, there has been limited monitoring conducted by HQ. Currently, there is no formal reporting of monitoring results with appropriate follow-up action.
Monitoring is a core fundamental control. Results of monitoring activities should be reviewed on a regular basis and reported to the appropriate management level to address any deficiencies.
The NFTC monitors non-gated transactions (transactions under $5,000) on a monthly basis. CAS was used to generate a random statistical sample in accordance with the CBSA Comptrollership Manual section on statistical sampling. CAS provides a computer-generated random sample selection based on selected criteria from a population of non-gated transactions processed for a specified duration. A walkthrough of the process found that sampled items were checked in accordance with CBSA policies on account verification and payment requisitioning. All critical errors in samples were identified and inputted into CAS; CAS then generates a monthly statistical sampling report for the period reviewed.
The report identified the client departmental office (HQ or region), the number of documents verified, and the number and percentage of critical errors (e.g. payee identification issues, legality, incorrect amounts or coding errors). A copy of the report was forwarded to the client departmental office for corrective action and for further training of the staff, if needed. A copy was also sent to HQ. HQ is responsible for monitoring overall section 33 payment functions, for developing and updating the CBSA’s policy and procedure on statistical sampling, and for taking other corrective measures as necessary.
Statistical sampling reports prepared by the NFTC for the period of January to July 2008 were reviewed for all client departmental offices except the Pacific Region because its section 33 functions had not migrated to the NFTC. The audit noted that the trend of errors remained almost identical with no major change being noted as a result of monitoring. For example, the monitoring exercise revealed the total documents with “critical errors”[ 5 ] to be 121 and 129 for January and July 2008 respectively (19 percent and 16 percent of the transactions reviewed by the NFTC for that respective month). Typical recurring errors include payment requests without purchase orders, missing section 34 reports or unauthorized acquisition card purchases (computer and information-technology-related purchases). The audit noted that there was no marked improvement to types of critical errors in those six months and similar types of critical errors were repeated month after month.
The NFTC did not receive any information or feedback on corrective action that may have been taken by the branches or regions. In addition, it was not evident that the error trends identified by the NFTC resulted in changes to the sampling plan or to the provision of any specific guidelines to branches (branch management services units) or to regions to be proactive and to ensure greater compliance in the future.
Besides the NFTC’s monitoring of non-gated transactions, the Corporate Accounting and Financial Policy Division is required to perform monitoring at least annually at the NFTC. The most recent monitoring was conducted in June 2007; it was similar to the monitoring performed by the NFTC and was not presented to senior management for their review. The specific monitoring methodology applied by the Corporate Accounting and Financial Policy Division was not provided during the audit. The absence of a formal methodology could lead to a duplication of the monitoring activity presently being performed by the NFTC and reduce the effectiveness or impact of HQ monitoring. Furthermore, there was no specific evidence of a risk-analysis or of an evaluation of error trends exercise conducted by HQ to establish a plan of action. Consequently, the same errors appear repeatedly month after month.
In terms of the benchmarking exercise done with three other departments/agencies (see Appendix E), the audit noted that all three departments/agencies pre-audited 100 percent of the sensitive and high-risk transactions (including priority payment requests) but monitored other transactions post-payment by using statistical sampling. One department was even contemplating using statistical sampling to re-validate section 34 verification, prior to exercising section 33, to ensure greater compliance. As well, results of monitoring are being reported to senior management at all three entities.
Recommendations
6. The Vice-President of the Comptrollership Branch should develop an integrated follow-up process, based on the monitoring results obtained through the monthly exercise conducted by the NFTC, to ensure that the regions and branches take corrective actions.
Management Action Plan |
Completion Date |
|---|---|
|
Corporate Accounting and Financial Policy Division |
|
|
The Division will establish a monthly process of follow up and reporting of branch/regional actions taken in response to the statistical sampling errors identified in the NFTC statistical sampling. |
June 30, 2009 |
7. The Vice-President of the Comptrollership Branch should review the current HQ monitoring methodology and include a risk-based targeted review of areas of concern, based on the types of transactions, specific offices or individual section 34 delegated authorities, and provide results to senior management.
Management Action Plan |
Completion Date |
|---|---|
|
Corporate Accounting and Financial Policy Division |
|
|
The Division will enhance the current HQ monitoring methodology to include a target review based on identified trends in non-compliance. |
Fall 2009 |
|
The results of the monitoring will be reported to the Budget and Resource Review Committee along with recommendations for corrective action. |
Winter 2009 |
Appendix A: Organizational Chart of the National Financial Transaction Centre Function
Appendix A also available in PDF format (41 KB)
- Corporate Finance Directorate
(Comptrollership Branch)
(Two section 33 delegates) - Director, Corporate Accounting and Financial Policy Division
(Comptrollership Branch)- Manager of Finance
(section 33 delegate)- National Financial Transaction Centre in Montréal (19 staff):
- Team Leader (section 33 delegate)
- financial officers
- support staff
- National Financial Transaction Centre in Montréal (19 staff):
- Manager of Finance
- Regional Director, Corporate Services Division
(Quebec Region)- Manager of Finance
(section 33 delegate)- Quebec Region:
- resource management
- comptrollership
- coordination of the Corporate Administrative System
- other functions
- Quebec Region:
- Manager of Finance
Appendix B: Audit Criteria
| Line of Enquiry | Audit Criteria |
|---|---|
| Roles and responsibilities |
|
| Delegation of financial authorities |
|
| Knowledge and training |
|
| Payment process |
|
| Monitoring |
|
Appendix C: Flow Chart
Appendix C also available in PDF format (56 KB)
- Branch management services units/regional finance offices*
- Prepare goods/services requisition in the Corporate Administrative System (CAS) and send to cost centre manager for approval
- Record “goods receipt” in CAS based on information received from cost centre manager
- Enter supplier invoice data in CAS
- Upon matching of documentations, prepare and send CAS section 34 report to cost centre manager for approval
- Forward package with original supporting documentation to the NFTC for payment processing
- Managers (region/branch at CBSA Headquarters)
- Initiate goods or services requisitions
- Verify receipt of goods or services; check invoices
- Sign section 34 reports
- Managers (region/branch at CBSA Headquarters)
- National Financial Transaction Centre (NFTC), Montréal
- Date-stamps section 34 reports
- Files reports in cabinet by date and client departmental number for subsequent pre-payment verification
- Support staff
- Retrieve section 34 packages
- Review 100 percent of gated transactions pre-payment
- Conduct a statistical sampling review of non-gated transactions
- Perform account verification
- Initial that package was verified
- NFTC Team Leader/Manager of Finance
- Receives verified batch of section 34 reports
- Reviews and test checks section 34 reports
- Authorizes batch for payment
- NFTC Team Leader/Manager of Finance
- Support staff
*Branch management services units (established in 2005 for each branch at CBSA Headquarters) or the equivalent regional finance offices are responsible for preparing specimen signature documents for incumbents with financial signing authorities and for providing the support to administer and manage those functions relating to section 34 of the Financial Administration Act.
Appendix D: Summary of Benchmarking Exercise
| Entity | Amount of transactions per year | Date of centralization | Total number of section 33 delegated individuals/number who regularly exercise section 33 | Number of other subordinate employees who perform pre-payment verification function | Monitoring methodology |
|---|---|---|---|---|---|
| CBSA | Approximately $200,000 | Between 2005–2008 | 4/2 | 18 | Risk-based method: statistical for gated and non-gated transactions. |
| Entity #1 | Approximately $26,400 | Since 2006 | 7/6 | 22 | Risk-based method: statistical for gated and non-gated transactions. |
| Entity #2 | Approximately $970,000 | Payment authority functions at regions centralized since 2006 | 105/7 | Those individuals delegated with section 33 authority also perform pre-payment verification. | Risk-based method: High risk in two streams (in excess of $500,000 and $250,000). Transaction subject to re-validation of section 34 before section 33 approval. All high-risk vendors or one-time vendors. Post-payment verifications on others through statistical sampling. |
| Entity #3 | Not specified | Since 2008 | 18/2 | 14 | Risk-based method: use of a national accounts verification framework with four levels — sensitive (pre-verification), high risk (100 percent post-audit), medium risk (statistical sampling post-audit) and low risk (statistical sampling post-audit). |
Appendix E: Audit Sample Reviewed
The following table sets out the results of the analysis conducted on randomly selected sample items of 145 gated and non-gated transactions from October 2007 to July 2008.
| Transaction analysis criteria | Number of instances of compliance* | Percentage of total transactions |
|---|---|---|
| Documentation(s) on file | ||
| Section 34 report | 145/145 | 100% |
| Supporting invoice | 144/145 | 99.3% |
| Evidence goods/services were received/rendered | 142/142 | 100% |
| Purchase order/contract/course registration document | 86/100 | 86% |
| Purchase requisition/training application and authority committing expenses | 86/100 | 86% |
| Invoice corresponded to approval documentation as follows | ||
| Vendor information on invoice same as information on purchase order requisition | 86/100 | 86% |
| Quantity invoiced same as quantity ordered | 91/105 | 86.7% |
| Payment not made in advance unless discount offered | 145/145 | 100% |
| Descriptions of goods/services on invoice same as information on contract/purchase order | 86/105 | 81.9% |
| Invoice price agreed with price on contract/purchase order | 86/100 | 86% |
| Calculations (including goods and services tax/harmonized sales tax) invoiced correctly | 134/134 | 100% |
| Amount invoiced same as amount reported on section 34 report | 145/145 | 100% |
| Financial coding used was appropriate | ||
| Verified cost centre coding was valid | 145/145 | 100% |
| Expenditure charged to appropriate general ledger account and fiscal year | 144/145 | 99.3% |
| Specimen signature document requirements were met | ||
| Signature on document corresponded to valid specimen signature document | 144/145 | 99.3% |
| Person exercising section 34 did not also exercise section 33 for that same transaction | 145/145 | 100% |
| Person exercising section 34 did not personally benefit from the transaction | 145/145 | 100% |
| The approved amount is within the incumbent’s limits in the specimen signature document and delegation instrument matrix | 144/145 | 99.3% |
| Name of incumbent clearly printed on section 34 report | 132/145 | 91% |
*Note that not all criteria were applicable to all 145 transactions reviewed.
Appendix F: Acronyms
| Acronym | Description |
|---|---|
| BMSU | branch management services unit |
| CBSA | Canada Border Services Agency |
| CAS | Corporate Administrative System |
| FAA | Financial Administration Act |
| HQ | CBSA Headquarters |
| NFTC | National Financial Transaction Centre |
| SSD | specimen signature document |
Notes
- Source: CBSA Comptrollership Manual, Finance Volume, Financial Administration Control Framework. [Return to text]
- As per the CBSA Comptrollership Manual (Finance Volume, Chapter 8, Account Verification and Payment Requisitioning), gated transactions include all supplier transactions equal to and over $5,000, all travel transactions over $1,000, and other transactions identified as sensitive payments that are linked to a cost centre or general ledger account (e.g. hospitality).[Return to text]
- The Travel and Hospitality Audit and the Audit of Asset Management – Detection Technology Equipment were reported to the Audit Committee in April 2007 and May 2008 respectively. [Return to text]
- The report was approved by the Audit Committee on December 5, 2008. [Return to text]
- As per the Comptrollership Branch, critical errors are errors that have adverse consequences. These errors relate to payee identification (incorrect or insufficient payee information), legality (missing or improper section 34 authorization, insufficient funds in appropriation or something is outside the scope and purpose of the appropriation), incorrect amount (incorrect price, quantities, taxes or calculations), coding (incorrect group of accounts) and miscellaneous errors (incorrect invoice receipt date that could impact interest for late payment).[Return to text]
To access the Portable Document Format (PDF) version you must have a PDF reader installed. If you do not already have such a reader, there are numerous PDF readers available for free download or for purchase such as:
