Treasury Board of Canada Secretariat
Symbol of the Government of Canada
Skip to content   Skip to institutional links

Common menu bar links

Breadcrumb Trail

Home  > Reports

Institutional links

Reports

Menu


Versions


ARCHIVED - Horizontal Internal Audit: Delegation of Financial Authorities in Large Departments and Agencies


Warning This page has been archived.

Archived Content

Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.

EXECUTIVE SUMMARY

Introduction

The Treasury Board Policy on Internal Audit, which came into effect April 2006, requires the Comptroller General to lead horizontal internal audits of risks that transcend individual large departments and agencies (LDAs). This report presents the results of the first such horizontal audit, an internal audit of the Delegation of Financial Authorities.

Audit Objective & Scope:  The purpose of the audit, led by the Internal Audit Sector of the Office of the Comptroller General, was to assess the use of delegation-of-authority instruments and related policies as key measures for managing risks and contributing to sound financial management within departments and agencies. The audit focused on financial signing authorities and addressed three principal considerations:

  • the availability of a current, approved delegation instrument;
  • monitoring of the exercise of delegations, and corresponding revision of authority delegations; and,
  • compliance with applicable legislation, regulations and policies.

The audit encompassed two phases. Phase I consisted of a review of the systems and procedures associated with the delegation of financial authorities in 24 large departments and agencies (See Annex A). This Phase was also attentive to best practices in the design and communication of delegated financial authorities. Subsequently, in Phase II, on-site audit work was performed at five of these organizations.

While certain transactions were examined to support an understanding of the delegation systems and procedures, the audit did not include detailed testing of financial transactions.

Overall Assessment

Overall Assessment

For all of the 24 departments and agencies forming part of this audit, an instrument was in place to formally delegate the financial authorities falling within the scope of the audit.  Further, the audit did not find obvious critical weaknesses in the form and content of these instruments. However, it was also observed that the instruments were not being exploited for their potential contribution to governance, nor as foundational risk-management mechanisms. Viewed primarily as administrative, the delegation documents had little visibility at the executive-management table. Consequently, insufficient priority was being given to ensuring that the documents were up-to-date, and approved by the current minister, as well as being subject to meaningful periodic review and adjustment to reflect changed circumstances and risks.

The audit also found that the structure and levels of delegation, as well as underlying management principles, including those pertaining to risk management, were not subject to regular, meaningful assessment and adjustment. Not only was there a lack of priority given to obtaining the endorsement and approval of new ministers, but there were also lapses in the monitoring of the exercise of delegated financial authorities. Additionally there was only limited substantive internal audit attention to fundamental financial controls over the processing of financial transactions. Notably, however, some organizations demonstrated exemplary practices warranting consideration by other departments and agencies.

Greater departmental and agency attention to, and profile for, delegation instruments, including analysis of limitations on the authority of the minister and deputy head, would be to advantage. This would encompass analysis of changed circumstances (e.g. inflation) and risks as well as providing the basis to assess the need for adjustments to the departmental authorities available. This could, for example, result in a request to the Minister of Public Works and Government Services (PWGSC) to extend the delegation of contracting authority, or other such remedy.

The mandatory annual reviews of financial signing authorities that are conducted by department and agencies often do not include a risk-based assessment of the design, configuration and extent of the pertinent delegations. These reviews are more inclined to be routinely focused on the authentication of specimen signature records;  a somewhat cumbersome source of information on the designation of individuals occupying positions having delegated authorities, and specifying local limits on these same authorities. A full view of the ultimate configuration of financial delegations within departments and agencies is dependant on access to these detailed physical records – records that are sometimes duplicated and/or edited after being authenticated.

Performance measures and risk tolerances are not consistently established as a basis for assessing and performing quality assurance on completed financial transactions.  In fact, such monitoring and measurement does not occur in a number of departments/agencies.  Therefore, an important risk management and control feature is foregone.  The results of ongoing monitoring should form an important basis for modifying, if not withholding, financial delegations.

Recommendations and Action Plans:  A number of audit recommendations have been directed to the Treasury Board Secretariat to address improvements that can be brought or reinforced through policy provisions, and/or the improved use of technology, to efficiently achieve appropriate risk-based financial control. 

Initial briefings of the audit results and recommendations encountered positive reactions from responsible officials within departments and agencies.  There were good indications that improvements would be pursued. At the same time, the Internal Audit Sector of the Office of the Comptroller General will engage Chief Audit Executives within departments and agencies to obtain detailed action plans, and to ensure that these are presented for endorsement by the respective Departmental Audit Committees. 

Statement of Assurance

In the professional judgement of the Audit Director responsible for Horizontal Internal Audits, sufficient and appropriate audit procedures were conducted and evidence gathered to support the findings and conclusions presented in this audit report.  These pertain to the 24 departments and agencies audited and are based on a comparison of the conditions observed at the time of the audit with pre-established audit criteria, supplemented by analysis of cause and effect. 

Assurance can be given that all 24 departments and agencies included within the audit, had in place instruments to formally delegate financial authorities.  Further, there were no obvious critical weaknesses in the form and content of the instruments.   However, assurance cannot be given regarding reasonable consistency or evenness in the extent to which pertinent management practices and controls, such as the annual review of delegations, and ongoing monitoring of the exercise of delegated authorities, were present.  This translates into variance in the levels of risk across the organizations.

Main Findings

Delegation of Financial Authorities as an Enabler – Governance

Within the departments and agencies audited, the delegation of authorities was commonly viewed as an administrative matter and senior leaders were not engaged in consideration of the principles, risk tolerances and the alignment between authority and responsibility.  Delegation instruments were not being sufficiently exploited for their potential contribution to good governance and risk management.

Currency of Delegation Instruments

Insufficient attention was paid to obtaining timely approval of delegation instruments from new ministers.  Although the Treasury Board Policy on Delegation of Authorities states that departments and agencies must prepare a document of delegation as quickly as possible for the new minister's approval, half of the departments and agencies audited had not obtained necessary approvals as of September 2006.  This involves an issue of compliance with policy, but, perhaps more importantly, is an indicator of the lack of profile given the delegation instruments and the tendency on the part of management to view approval of the documents as an administrative formality.

Annual Review of Delegation Instruments

There is much inconsistency in the quality and scope of annual reviews of delegation instruments, including the administration of specimen signature records. Relatively few annual reviews are genuinely risk-based or address the sources of, limitations on, and continuing appropriateness of, delegated authorities.  One circumstance was noted (as raised by the internal audit function in a large department), whereby changes in the marketplace had seriously affected the relevance and interpretation of delegated contracting authorities.

Internal Controls over the Exercise of Delegated Authorities

It was expected that the design of account verification and monitoring procedures would be risk-based.  However, this was rarely the case and much inconsistency was observed.  For example, half of the organizations audited did not perform ongoing post-payment monitoring of transactions. Invoice processing was often predominantly service oriented, as opposed to placing appropriate emphasis on control.  Further, there was limited internal audit attention to basic controls over the processing of financial transactions. 

Main Recommendations

Some Context:  The effective management of delegations of authority will be inherently important to deputy heads, particularly in the context of increased emphasis on accountability.  Accordingly, there will be interest in well-designed and managed delegation instruments as key governance and risk management tools. 

Technology can assist in the communication of delegations and in keeping them current.  Interfaces between people and technology will also play in the design of effective segregation of duties that is to be reflected in delegation instruments.   Such technology-assisted segregation can be more effective than traditional, labour-intensive controls.  Further, technology should eventually obviate the requirement for specimen signature records.  Similarly, it will facilitate ongoing electronic validation of the legitimacy of authorities exercised, accept or reject transactions, and produce exception reports for managerial review.  This will be particularly so as end-to-end business is transacted electronically.  Monitoring of expenditure trends, patterns and compliance will also be facilitated.

It has been observed that, with respect to stewardship, the Public Service experienced a vulnerable period as downsizing occurred, but the true benefits of technology were not delivered as early as anticipated. While some departments are now making good use of technology to improve the communication of delegated authorities and the ongoing monitoring of financial transactions, there is still an overall requirement for dialogue concerning risk tolerances, the corresponding extent of delegations, and the measures of performance of expenditure processing systems.  Routine consideration is also required of the implications of changing mandates, organizational structures, and compliance requirements as well as marketplace conditions (e.g. supplier concentration, brokers, competitiveness, inflation). 

The main recommendations of the audit are as follows:

Delegation & Governance 

Ministers should be briefed on the governance principles and capabilities, as well as the risk tolerances, that support departmental and agency delegation instruments. In providing this information, departments and agencies should give priority to seeking the minister's approval of a current delegation instrument. New ministers, with the advice of the deputy head, should have the earliest opportunity to decide on the appropriateness of delegated authorities.

Annual Review of Delegations of Authorities

Departments and agencies should ensure that processes are in place and functioning to require meaningful, risk-oriented annual reviews of delegation instruments.  At a minimum, annual reviews should consider:

a. the sources of, limitations on, sufficiency and continuing relevance of, delegated authorities;

b. the basic principles supporting and guiding the delegation of authorities within the organization;

c. compatibility of authorities with current organizational structure and mandates;

d. alignment of authorities with responsibility and necessary expertise;

e. clarity of communication of authorities;

f. exploitation of technology to enhance the management of delegated authorities; and,

g. changing circumstances affecting risk, including the results of ongoing monitoring of the delegated signing authorities.

The executive management table should be briefed on the results of the annual review.

In addition, the Treasury Board Secretariat, Office of the Comptroller General, should ensure that the next iteration of the Policy on Delegation of Authorities clarifies and reinforces a requirement for more meaningful periodic/annual reviews to be undertaken by departments and agencies. It should highlight the important contribution to be made to governance and risk management.

Account Verification, Monitoring and Internal Audit

Departments and agencies should develop and implement plans and procedures to promote a risk-based approach to pre-payment verification of accounts and post-payment monitoring and quality assurance.  A performance target should be established for the quality of processing of accounts, and automated checks and statistical sampling techniques should be employed to measure the quality of internal controls and to contribute to an improved understanding of higher-risk transaction types.  These monitoring activities must be documented and must generate reports for consideration by successive levels of management, as well as related follow-up actions, including recommended adjustments to delegated authorities.

It is also important to note that a service orientation regarding the processing of accounts for payment must not overshadow basic control and compliance imperatives.

It is further recommended that departments and agencies ensure that risk-based internal audit plans give sufficient attention to fundamental financial controls over the accounts payable function.

Innovations & Sharing

The Office of the Comptroller General should coordinate the accumulation and dissemination of useful and innovative post-transaction monitoring techniques developed by individual departments and agencies.

Additionally, the Office of the Comptroller General, in consultation with the Chief Information Officer Branch, should actively explore means to minimize, if not eliminate, the need for specimen signature cards and wet signatures in favour of alternative methods of electronically authenticating and validating the identity of individuals and the legitimacy of authorities exercised.



Date Modified: 2009-04-15
 
Return to Top of Page
 Top of Page
Important Notices