Compliance with legislation
Non-compliance with legislation
Compliance with key legislation improved slightly from the previous year, but remains low, as only 31% of auditees did not have material findings on non-compliance with key legislation. The lapse in oversight and lack of controls relating to compliance were most evident in the areas of:
- the quality of financial statements and the prevention of unauthorised and fruitless and wasteful expenditure (as dealt with earlier)
- procurement and contract management (more commonly known as supply chain management)
- irregular expenditure
- consequence management.
Other notable areas of non-compliance were expenditure management (16%), strategic planning and performance management (12%), and revenue management (8%).
We now look in more detail at two specific areas of non-compliance, namely supply chain management and irregular expenditure.
Supply chain management
In 2020-21, we noted some improvement in the compliance with legislation on supply chain management, building on the improvement trend from the start of the new administration. However, the compliance rate remains low, especially at departments, and the situation is still concerning.
The reasons for improvements were varied, with some auditees making the changes needed for sustainable improvement by enhancing control environments and ensuring stability in supply chain management units or key positions.
At the Commission for the Promotion and Protection of the Rights of Cultural, Religious and Linguistic Communities, the accounting officer and senior management were committed to, and directly involved in, ensuring that improvements in internal controls are implemented consistently and in good time. This improvement can be attributed to the additional controls (including preventative controls) management implemented to address the previous period’s misstatements and root causes. Management has also focused on supply chain management issues raised in the previous year and developed an action plan, which included our recommendations to address the previous year’s findings.
At some auditees, however, non-compliance only decreased because fewer tenders were issued, mainly due to budget constraints. For example, the Eastern Cape Department of Education did not issue any tenders for infrastructure projects in 2020-21 due to budget constraints.
It is thus early days to celebrate an improvement in supply chain management compliance, especially given the many procurement failures observed during the height of the pandemic and reported in our special reports. Chapter 5 provides further detail on the covid-19 procurement findings.
We were unable to audit procurement of R2 138 million at 27 auditees (7%) due to missing or incomplete information. The impact of these limitations was as follows:
- There was no evidence that auditees had followed a fair, transparent and competitive process for all awards. If unsuccessful bidders request information on the process, this information would not be available, thus exposing auditees to possible litigation.
- Poor record management created an environment in which it was easy for officials to commit and conceal improper or illegal conduct.
- Due to these limitations, we could not assess whether any part of the R2 138 million might represent irregular expenditure or material irregularities.
The highest contributors to these limitations, accounting for 90%, were:
- Department of Public Works and Roads (NW) – R550 million: The department did not submit any of the tender documents for auditing due to poor record management. The most significant contracts were for upgrading roads (R456 million) and extensions to the Mmabatho Convention Centre (R86,4 million).
- Property Management Trading Entity – R501 million: Due to poor record management, the entity did not submit for auditing the contract and all bid documentation for the unsuccessful bidders relating to the procurement process and contract for the urgent relocation of the national Department of Health from the Civitas building to alternative accommodation.
- Department of Defence – R387 million: The department did not submit one of the procurement contract files for auditing. The file relates to Unified Communication Solution and renewal of Microsoft software licences.
- Roads Agency Limpopo – R378 million: The auditee could not provide the documentation for nine awards as they are currently subject to court litigation by the losing bidder.
- Department of Health (NW) – R107 million:
- The department could not provide the tender documentation for the winning suppliers relating to the contract for the supply and delivery of coal. The reason for the limitations was improper internal controls implemented for the safeguarding of tender documentation.
Although there is no legislation that prohibits auditees from making awards to suppliers in which employees and their close family members have an interest, such awards might create conflicts of interest for employees and/or their close family members. As part of our audit, we assess the financial interests of employees of the auditee as well as their close family members in suppliers to ensure that any conflicts of interest are identified and reported to management, as these may result in an unfair procurement process.
As with employees and close family members, there is no legislation that prohibits making awards to suppliers in which state officials have an interest. However, the amended Public Service Regulations prohibit employees of departments from doing business with the state from 1 August 2016. During our audits, we identified 712 employees who were still doing business with the state (an increase from 560 in the previous year). The onus of complying with these regulations is on the employees, but departments have a responsibility to monitor such compliance.
Despite consistently raising concerns about contracts being awarded to employees and their families, we still find that contracts are awarded without the necessary declarations of interest being made.
The Mpumalanga Department of Health relied on the declarations submitted and the central supplier database compliance reports for all procurement to identify any interests and act in accordance with its policy. However, these reports did not pick up all the interests. This weakness in preventative controls allowed the increased procurement related to covid-19 to contribute to the high number of false declarations by suppliers. The department committed to investigate the false declarations and deal with the root causes.
The KwaZulu-Natal Department of Education relied on the declarations submitted and the central supplier database compliance reports for all procurement to identify any interests and act in accordance with its policy. The department’s internal control and human resource management directorate followed up on the suppliers we flagged to management for investigation of false declarations through our computer-assisted audit techniques. The suppliers were notified that they would have to either deregister as the directors of the company or resign from their employment at the department. Over the years, we have not seen a repeat of previously reported interests.
Uncompetitive and unfair procurement processes are still common. We reported findings (27% of which were material) on uncompetitive and unfair procurement processes at 51% of auditees, and contract management findings (6% of which were material) at 22% of auditees.
Often, findings on non-compliance with supply chain management legislation are viewed and commented on as procedural issues or possible fraud, while the potential losses for government due to the correct processes not being followed are overlooked. Less competition often leads to higher prices being paid for goods and services, while non-compliance relating to contract management can open the state up to losses when contracts are not in place or performance is not monitored. This results in further losses, placing the fiscus under undue pressure.
The aim of the Preferential Procurement Regulations is to support socioeconomic transformation. These regulations have a significant impact on the fair and equitable development of the country’s local economy. The public sector should lead by example to achieve this goal, but we again found that some auditees are failing in this area. As seen in the figure above, 53 auditees (14%) either did not apply the preference point system or applied it incorrectly.
The Preferential Procurement Regulations also require auditees to procure certain commodities from local producers. Auditees also failed in this area, as 77 (44%) of the 176 auditees at which we audited local content failed to comply with the regulation on promoting local producers on awards amounting to R918 million.
There were 38 auditees (10%) that failed to comply with the covid-19 emergency procurement requirements.
Chapter 9 provides further details and examples of what we discovered in terms of uncompetitive and unfair procurement processes and inadequate contract management.
Irregular expenditure is expenditure that was not incurred in the manner prescribed by legislation, and does not necessarily mean that money was wasted or that fraud was committed.
When an auditee incurs irregular expenditure, it indicates non-compliance in the process that management needs to investigate to determine whether it was incurred because of an unintended error, through negligence or with the intention to work against the requirements of legislation (which, for example, require that procurement should be fair, equitable, transparent, competitive and
These investigations also determine who is responsible for the non-compliance and what the impact is, and provide the basis for determining the next steps. If the non-compliance had no impact and negligence was not proven, one possible step is to condone the expenditure. Alternatively, if negligence was proven, the auditee can take disciplinary action, recover any losses from the implicated officials, or even cancel a contract or report it to the police or to an investigating authority.
Irregular expenditure remains high at R166,85 billion, and auditees are still slow to deal with it.
The biggest increase in irregular expenditure was in national government, mainly as a result of the National Student Financial Aid Scheme increase. If we exclude this amount (R77,49 billion), irregular expenditure for the current year would be R89,36 billion.
For the first time in many years, most of the irregular expenditure (R103,55 billion, or 62%) was caused by non-compliance with legislation that did not relate to supply chain management. As mentioned above, a significant portion of this amount (R77,49 billion) is from the National Student Financial Aid Scheme, mainly due to non-compliance with bursary-related regulations.
The R63,30 billion (38%) that relates to non-compliance with supply chain management legislation can be broken down as follows:
- Procurement without following a competitive bidding or quotation process – R7,43 billion (12%)
- Inadequate contract management – R4,65 billion (7%)
- Non-compliance with other procurement process requirements – R51,22 billion (81%)
All of the top 10 contributors to irregular expenditure are repeat offenders, having previously incurred this type of expenditure within the past three years. Further insight on some of these top 10 contributors is as follows:
- National Student Financial Aid Scheme –
R43,71 billion (56%) of the irregular expenditure was incurred in previous years but was identified and disclosed in the current year. The remainder was incurred in the current year and was mainly due to a failure to consult with respective Ministers on the funding rules and eligibility criteria for the student bursaries.
- Transnet – R16,96 billion (55%) of the irregular expenditure was incurred in previous years but was identified and disclosed in the current year. The remainder was incurred in the current year. Some of the more significant matters are being investigated by the Special Investigating Unit.
- Department of Transport (KZN) – R2,05 billion
(32%) of the irregular expenditure was incurred in previous years but was identified and disclosed in the current year. The remainder was incurred in the current year. Non-compliance with other procurement process requirements constituted 87% of the expenditure. The goods or services and key contracts affected included a bus service contract, security services and upgrading of roads.
- Department of Roads and Transport (GP) – R2,01 billion (100%) of the irregular expenditure was incurred and identified in the current year – most of this represents irregular expenditure incurred on ongoing multiyear contracts awarded in previous years. All of the expenditure is due to non-compliance with other procurement process requirements and relates mostly to extension of expired bus contracts.
Auditees have a poor track record in dealing with irregular expenditure and ensuring accountability. The year-end balance of irregular expenditure accumulated over many years continues to grow and remains unresolved.
Below are some examples of why this type of expenditure continues to grow.
Approximately R37 billion of the Transnet amount relates to the procurement of 1 064 locomotives that was found to be irregular. These transactions are the subject of ongoing investigations and court processes, the outcome of which will determine the appropriate steps to be implemented for dealing with the irregular expenditure, including recovery of losses incurred (if any), disciplinary steps and/or condonation if there are good grounds to do so.
The Gauteng Department of Health is not investigating all cases of irregular expenditure due to instability in leadership, lack or non-submission of requests for condonement of the irregular expenditure to the relevant authorities, and the fact that most of the irregular expenditure is from legacy issues, such as consignment stock, security contracts and cleaning contracts.
The biggest reason for growing irregular expenditure at the national Department of Defence is
the lack of an effective consequence management and control environment. In the current year,
74 new cases of irregular expenditure were identified, while only three were condoned and none were recovered or written off.
A culture of tolerance and even acceptance of non-compliance fuels the situation where officials are not held accountable and consequence management is not implemented. This blatant disregard brings into question government’s commitment to respect the Constitution of the Republic of South Africa, as required by section 41 of the Constitution.
Root causes of unfavourable audit outcomes
Status of internal controls and strength of assurance provided
Over the years, our message has remained consistent – departments and public entities must have a strong control environment with practical, automated and routinely executed internal controls.
Internal controls support the achievement of national and provincial objectives by monitoring the risk of human error, incorrect decisions, fraud, abuse and loss. Such controls also prevent financial loss, wastage and transgressions, and significantly improve financial and performance management and reporting.
Investing in and progressively building a disciplined control culture is the sustainable solution that national and provincial government needs to do more with the limited funds at its disposal. The status of internal controls reflects an improvement over the last three years that correlates with the improvement in audit outcomes – but it is still not where it should be, with almost half of the auditees still not receiving the necessary attention.
Status of internal control
The status of the financial and performance management controls shows that auditees need to invest further in building a disciplined control culture:
- Many auditees still struggle with basic and routine daily transactional disciplines and monthly controls such as reconciliations. These disciplines and controls are also not supported consistently and effectively by information technology system controls.
- We rarely find auditees with good, built-in processes to monitor and review all transactions, procurement, payments and decision-making to ensure that they comply with legislation, best practices and policies.
- There is lack of proper record keeping for financial and performance information, which weakens the potential for credible in-year reporting to enable national and provincial leaders to monitor performance and make well-informed decisions. Consequently, at year-end, financial statements and performance reports are riddled with misstatements.
- Our consistent call to implement audit action plans to address the root causes of audit findings is not getting the required attention, with plans being developed but not executed.
- If sound systems of internal control are lacking, there may be a regression in audit outcomes.
Our reporting and the oversight process reflect on history, as they take place after the financial year. Many other role-players contribute throughout the year to the credibility of financial and performance information and compliance with legislation by ensuring that adequate internal controls are implemented.
We assess the level of assurance provided by role-players in national and provincial government based on the status of auditees’ internal controls. We also assess the impact of the different role-players on these controls.
In chapter 10, we highlight the role of each key role-player in providing assurance.
Since the first year of administration, we have seen a significant improvement in the level of assurance provided by coordinating departments, public accounts committees and portfolio committees.
The poor quality of the financial statements and performance reports submitted for auditing, along with the continuing non-compliance, are clear indicators that there is a need for improved assurance at senior management level.
We also saw an improvement in the assurance assessment by internal audit units and audit committees over 2019-20, as well as a positive improvement over the first year of the administration (net improvement of 36 auditees). It is encouraging to see both internal audit units (67%) and audit committees (77%) playing a significant role in improving the audit outcomes. Accounting officers or authorities and senior managers should implement the recommendations of internal audit units and auditee committees and use the opportunity to interact with these bodies to help improve governance and control. However, at some auditees, these role-players do not have the desired impact because management is either not effective in its role as assurance provider or does not implement the recommendations from the internal audit units and audit committees.
Low levels of assurance show a breakdown in a crucial element of the improvement cycle, namely monitoring to ensure that internal controls are adhered to, risks are managed and outcomes are achieved.
Below are some examples illustrating the effect of inadequate controls and ultimately leading to low levels of assurance.
Leadership at the national Department of Defence did not exercise sufficient oversight over financial and performance reporting or compliance with legislation. We identified material misstatements in both the financial statements and the annual performance report submitted for auditing.
Management did not prepare regular, accurate and complete financial and performance reports that were always supported and evidenced by reliable information. Some of the supporting evidence provided differed materially from the reported achievement, while in other instances we could not obtain sufficient appropriate audit evidence to verify the reported achievements. This was mainly due to a lack of proper record management systems and insufficient controls over daily transaction reconciliation. Delays in rolling out clear guidelines for reporting also resulted in a lack of relevant and sufficient evidence to confirm the validity, accuracy, and completeness of the reported capabilities and number of members deployed which forms part of the performance programme of the department.
The department did not effectively implement and monitor the action plans developed to address matters from the previous year’s audit findings, which resulted in repeat negative audit findings. Additionally, controls for reviewing and monitoring compliance with legislation did not effectively detect and prevent non-compliance, which resulted in both irregular expenditure and material irregularities.
The North West Parks Board retained its qualified audit outcome from the previous year because it made no changes to the overall control environment. Although the entity prepared a post-audit action plan, there was inadequate control to ensure that the plan would be fully implemented. Only a few material misstatements identified during the previous year’s audit had been addressed, which affected the current year’s audit results. This was mainly due to instability in key positions, as all senior management positions were vacant at year-end.
Coupled with this, over the past five years critical executive-level positions, including chief executive officer, chief financial officer and head of strategic planning, have been filled by individuals in an acting capacity. During the current year, the entity appointed two acting chief executive officers and two acting chief financial officers, as well as an acting supply chain management manager. The chief audit executive was appointed during the 2020-21 financial year and the chief executive officer was appointed in June 2021. A new board was appointed in December 2020 and did not have enough time to perform proper oversight and ensure that controls were implemented.
The instability at these levels of assurance providers severely hampered the entity’s basic systems of internal controls over financial and performance management, including its ability to comply with legislation.
Where there were improvements in the internal control environment, we can see that the level of assurance provided by the key role-players also improved, as illustrated by the examples below.
The Gautrain Management Agency managed to sustain its clean audit status for three years. The entity continued to implement preventative controls such as processing and reconciliation, regular reporting, proper record management and adequate review, including using governance structures for reviews. Senior management is continuously implementing processes that ensure adequate and effective daily and monthly transaction reconciliations, as well as maintaining regular, accurate and complete financial records to avoid material misstatements and adequate controls to ensure compliance with legislation.
In the area of procurement and contract management (supply chain management), the entity holds annual panel discussions with experts focusing on supply chain management regulations to ensure that it complies with these regulations. Management responds promptly to any immaterial supply chain management findings raised by the audit team to ensure there are no repeat findings in the next audit. The entity’s governance structures have helped to provide the necessary oversight to ensure that the controls in the environment are operating effectively. Compliance reports are prepared every quarter and submitted to the audit and risk committee to ensure compliance with laws and regulations.
The entity’s internal audit unit has been operating effectively and providing the necessary assurance in terms of the control environment. It reviewed significant internal controls and provided management with an appropriate internal audit appraisal function focusing on key controls over financial and performance reporting and compliance. Quarterly performance reports with supporting evidence are prepared and submitted to the audit and risk committee after review by the internal audit unit. Quarterly reporting of performance information ensures that the annual performance report is of good quality and free of material misstatements. The entity responds timeously to any immaterial findings raised by the audit team to ensure that there are no repeat findings in the next audit that might escalate to being material.
The Gauteng Growth and Development Agency turned its situation around and improved its audit outcome to financially unqualified with no findings. This can be attributed to the agency’s good control environment, which is actively supported by the internal audit unit and audit committee.
The entity’s regression in 2019-20 was related to supply chain management regulations, stemming from misinterpretation of sections on participating in contracts secured by other organs of state. In the current year, senior management implemented our recommendation and consulted further with the provincial treasury to get clarity and further guidance on this matter. Although the auditee did participate in a contract secured by another organ of state, it implemented the legislation correctly, in line with our recommendation from the previous year.
The group chief executive officer was also actively involved in providing guidance and enforcing controls at the entity. The audit committee was strict during the year and held focused meetings on improving the controls and keeping the chief financial officer and his team accountable. The accounting authority is also positively influencing good governance and clean administration. The assurance provider’s assessment of the accounting authority is based on there being no control deficiencies directly attributable to the accounting authority during the financial year. The assurance provided by the accounting authority was adequate, and the level of oversight and monitoring required at a leadership level was sufficient to ensure audit matters and internal control deficiencies were adequately designed and put in place.
Slow response to recommendations
We have consistently recommended that auditees improve their internal controls, but given the slow response to this recommendation over many years, internal control environments remain weak. The most common reasons that auditees do not achieve clean audits (89% of cases) is because they either respond slowly to our recommendations or do not respond at all.
Our recommendations were ignored at 11 national auditees, 10 auditees in the Free State, six auditees in Limpopo, 11 auditees in North West and one auditee in the Western Cape. At some auditees, there was no response to our recommendations at management, political leadership or oversight level.
The following example shows how failure to adequately respond to our recommendations by implementing good audit action plans compounded the auditee’s ability to achieve
good audit outcomes.
The Department of Justice and Constitutional Development has received a qualified audit opinion for the past four years. In both the previous and current years, the department was qualified on contingent liabilities (liabilities that may occur, depending on the outcome of an event at some time in the future). We also identified reliability issues on the reported performance information relating to validity, accuracy and completeness, and reported these in the audit reports for the current and previous years.
If the department had adequately and timeously implemented our recommendations, and if all role-players had monitored the action plans to address key audit matters, the repeat findings could have been avoided.
In contrast, the example below shows how the auditee achieved favourable audit outcomes due to implementing our recommendations.
In 2018-19, the Northern Cape Department of Economic Development and Tourism regressed to a qualified audit opinion. During 2019-20, the accounting officer highlighted to management that the unfavourable audit opinion must be resolved in the current year.
Over the past two years, the auditee has applied our recommendations to resolve the matter raised and ensure that it provides sufficient supporting documentation to support the amounts disclosed in the financial statements. The department had numerous discussions with us to ensure that it was on track to resolve these issues, and both the accounting officer and the chief financial officer were involved in the matter from the outset. The department was able to collaborate with the audit team and admit to its errors to ensure that, together, we developed a workable approach to resolving the finding. The department has also identified the internal control process that it plans to implement to ensure that the improvement to financially unqualified with findings is sustainable.
Instability or vacancies in key positions, or key officials lacking competencies
Vacancies in key positions, or key officials lacking appropriate competencies, remains a key reason that auditees are not achieving clean audits (33%), although the number of such instances is decreasing. The percentages in this section are calculated based on the number of auditees that have the key positions included in their overall structure.
Instability in the key positions of heads of department, chief executive officer, chief financial officer and head of supply chain management has a negative impact on audit outcomes. The table below shows the impact of vacancies in the chief financial officer position at year-end for the past year.
Instability at accounting officer or authority level continues to delay the material irregularities process, an integral part of which requires accounting officers or authorities to take appropriate steps to recover the final loss suffered by an auditee from the responsible official. We give more detail on the importance of the role played by accounting officers and authorities in the material irregularity process in chapter 9.
BACK TO TOP