Background:
Late last year
a massive fraud was discovered at Barnet Council. One individual managed to
steal over £2 million in 62 separate transactions. I’ll say that again; 62
separate acts of theft, some of which were six figure sums, which took place between
July 2016 and December 2017. The individual made requests for payment on fictitious Compulsory Purchase Orders
(CPOs).
Did Barnet’s systems pick up these multiple acts of theft? No, it was
actually discovered by the individual’s bank who queried a transaction and
contacted the Council on 18th December last year. The individual worked
for the Capita joint venture, Re, and the transactions were processed by the
outsourced finance department, CSG, also run by Capita.
Having
identified very quickly that this was a fraud, Barnet commissioned Grant
Thornton to undertake a major review to identify how such a large scale fraud
had been able to take place. This project, called Project Rose, was given a
budget of “up to” £500,000 and has been on-going ever since. By the end of June
the bill was already £225,654. 26 and it looks like significant work has taken
place since then. I was made aware of the fraud back in February but nothing
was mentioned publicly until April when a major fraud investigation was
mentioned at the Audit Committee, although no details were given. The
individual who committed the fraud was eventually sent for trial and pleaded guilty
on 31 July 2018. He was sentenced to 5 years in prison.
The
Report:
On 17th
July members of the Audit Committee were given a draft copy of the Grant
Thornton Report in private session. It appears that this was a much briefer
version of the report and annexes which have now been released and which you
can read here. At the time I asked why the public were not allowed to see this report and
was told that the reason was:
“Council
officers/the report author determined that Appendix 1 (the Grant Thornton report)
should be exempt. Capita has made a request for more time to respond on the
accuracy of this document and this was considered”.
The
report version we have now is “7th Draft” so it looks like there have been long
and protracted discussions between Capita, Barnet and Grant Thornton as to what
the public finally get to see. I did wonder whether the version we would get to
see would be watered down. It may well be, but the version we have received
paints a vivid picture of a failure of epic proportions. In total, the report and
annexes run to 138 pages. What is interesting is that not only does the report
look at how the fraud was able to take place, but it goes much further in
examining the contractual obligations of Capita to deliver financial controls
and where those obligations have failed. This suggests that the pressure is being ramped up on Capita to hand back parts of the contract.
The Findings:
So let’s
look at some of the key findings.
The Five Pillars of Control Grant Thornton have set out five themes for financial control and then detail how Capita have failed on each one.
Some of this stuff is a bit technical but some of it is
just common sense, for example:
“There was a lack of clarity about both the role of the budget holder
and the allocation of budget holder responsibility between Re, CSG Finance and
the Council, in respect of regeneration projects and related financial
management activity”. This is something I have been raising with the council
since the start of the contract. It is a subject that has cropped up in a
number of internal audit reports back as far as 2014.
“We noted as part of our review, that due to the lack of a formal scheme
of financial authorisation, the CSG Finance Treasury Team could not check that
the officer requesting a CHAPS payment for a CPO was an appropriate person to
do so. There was a check by CSG Finance Treasury Team against the approval
levels for the recorded on Integra,(Capita’s own IT system) but this was not an
adequate check in the absence of a formal scheme on which Integra
authorisations should have been based”. This is such a basic error that it is
shocking when you see it in such a large organisation.
“During the period of the fraud, there were no CHAPS (a faster version
of BACS for same day bank transfers) procedures or task checklists in place for
those working in CSG Finance Treasury to guide them through the CHAPS approval
process. This resulted in the officers loading bank details onto Bankline and
authorising and releasing payments who were unclear on their checking and
verification responsibilities”. Just
remember we are talking large sums of money here, typically tens of thousands,
with the largest being £124,750. It is beyond belief that there were no written
procedures or checklists for checking and verifying who was authorised to request such large sums of
money.
“We found that schedules of expected property acquisitions did appear to
be held by Regeneration Managers, in some form although this tended to be on
non- standardised spreadsheets. Finance officers we interviewed in CSG Finance
Treasury and the Business Partner team were not aware of the existence or
potential application of these schedules, which could help them monitor the
value and timings of large payments, including through the CHAPS process. We
would expect lists such as these to be to be used to cross check spending on
regeneration cost centres as part of the budget monitoring process”. So they
didn’t even check against a list of properties to be acquired to make sure which
payment related to that property. That a basic error and not one you expect of
a FTSE250 outsourcing company.
“Where payments were processed via CHAPS there has been no direct
verification with the supplier/vender (e.g. by telephone) to confirm the bank
details are correct. The payee’s bank details were not checked against independent
information. This control alone would have prevented the fraud”. Again, a
simple common sense check that simply was not undertaken.
"In the cases of reporting to both Growth and Regeneration Oversights Board
(GROB) and the Performance and Contract Management Committee, the information
is relatively high level and therefore significant onus is placed on CSG
finance business partners to challenge the narrative on budget variances
provided by budget holders, for the cost centres they are responsible for." I have attended most of the Performance & Contract Management committees and there is seldom any real challenge from councillors. Part of the problem is that they are given so much high level information and in ever changing formats that even if the information was available I am not sure they would spot it.
In the absence of this detailed understanding of Re transactions, CSG
finance business partners will be unable to effectively challenge the narrative
provided by the regeneration manager, weakening the review control that could
identify error or fraud. As CSG Finance act on behalf of the Council in this
capacity, this in turn exposes the Council to significant risk”. So we have appointed people to act on the Council's behalf and in the residents' best interest but one part of Capita under the CSG contract has failed to challenge another part of Capita under the Re joint venture. These types of conflict were predicted at the outset, now they have come true.
“The current
Business Director for Regeneration, with overall responsibility for
regeneration projects, had only nine months experience of regeneration and was
not directly involved in reviewing the financial management activity of his
managers or the Individual, in regard to regeneration budgets and related
ledger codes. In its current form this role is geared more towards commercial
account management, focusing on the contractual relationship with the Council
and not with detailed functional and technical oversight of the projects themselves”. So we are paying for a
skilled team of experts and what we got were inexperienced sales people.
Lack of Oversight:
The report
is damning about the attitude of CSG and Re management when it says:
“A number of officers in CSG Finance and Re commented during our meetings that they were aware of control weaknesses (for example, through Internal Audit findings or their own observations) or recognised in hindsight that control weaknesses should have been identified and addressed. This report describes several situations where a higher level of professional scepticism and rigour on the part of senior managers within Re and CSG Finance, could be reasonably expected to have identified and challenged unusual and potentially suspicious transactions – notwithstanding weaknesses in formal controls and CSG Finance when approving journals, payments and system access, and when reviewing budgetary performance. Some of this may be attributable to the turnover of personnel in key roles and the lack of effective knowledge transfer”. This is what I call, “Don’t give a s**t syndrome” something that is not uncommon when people have no direct link with the organisation they are managing. Creating a culture where staff are both engaged and empowered to act when they see problems is what we should aspire to and something that can be delivered.
“A number of officers in CSG Finance and Re commented during our meetings that they were aware of control weaknesses (for example, through Internal Audit findings or their own observations) or recognised in hindsight that control weaknesses should have been identified and addressed. This report describes several situations where a higher level of professional scepticism and rigour on the part of senior managers within Re and CSG Finance, could be reasonably expected to have identified and challenged unusual and potentially suspicious transactions – notwithstanding weaknesses in formal controls and CSG Finance when approving journals, payments and system access, and when reviewing budgetary performance. Some of this may be attributable to the turnover of personnel in key roles and the lack of effective knowledge transfer”. This is what I call, “Don’t give a s**t syndrome” something that is not uncommon when people have no direct link with the organisation they are managing. Creating a culture where staff are both engaged and empowered to act when they see problems is what we should aspire to and something that can be delivered.
The report
also pins blame on the council itself:
"In our view,
there has also been insufficiently close scrutiny and client side management on
the part of the Council and the Chief Officers coupled with an over reliance on
the limited scope and frequency of work carried out by the Internal Audit
service, to highlight issues. This is likely to have contributed to the lack of
focus on effective controls". What I want to know is where were Capita’s Internal
Audit and Anti Fraud teams as they also have responsibility for these
contracts? I have been raising questions on these types of concerns for years at
both the Performance & Contract Management Committee and Audit Committee
meetings. Consistently my questions and concerns have been ignored, patronised
or dismissed by a council that was in denial about any failings of the precious
outsourcing contracts. We now know the truth and it is all bad.
How did we arrive at this mess:
To my mind outsourcing the finance function (and most of the others services)
was always a reckless decision based on false assumptions. Back in March 2011
when the business case for outsourcing was being considered I specifically asked
why Barnet were outsourcing the finance function and they said;
“It is entirely appropriate that the Finance and Revenues & Benefits
functions are included in the cluster of services to be outsourced, as this is
the option that it is believed will best deliver the desired outcomes for these
services. It is true to say that they are already relatively high
performing and relatively low cost, however there is potential for
improvement to make these services higher performing and lower cost than they
already are, and the options appraisal recommends that outsourcing these
services is the option that will best enable this desired outcome to be
delivered”.
Seven
years on and these are definitely not the desired outcomes. I and other
bloggers and activists have been highlighting the risks with this contract from
day one and the entirely inadequate business case built on assumptions and
aspirations that have proved nothing more than exactly that.
In April 2012 I flagged up the financial control risks in the speech I
gave to Audit committee which I republished in November 2012 and which can be
read here. Based on the Grant Thornton report it
looks like my concerns were entirely justified.
I have no
confidence in senior Councillors who have exhibited hubris and contempt over
the years and, as such I think it is time for a complete review of the committee
system and the people who chair those committees. We need people who are
prepared to challenge officers, to query facts to scrutinise properly, not
people who are seeking favour and a special responsibility allowance. We also
need to look closely at the Council’s senior management team to see if they are
up to the job (Interim Finance Director excepted). We need strong leadership
from people who can command respect and engender commitment, something which
I do not see that at present.
The Council are currently reviewing which of the Capita and Re services should be
brought back in house. What worries me is that this report has only addressed two
functions - the Finance and Regeneration departments,
one in the Re contract and one in the CSG contract. Are the issues identified
by Grant Thornton a symptom of a much wider problems across all the functions
of the CSG and Re contracts (and for that matter the Cambridge Education
contract)? I reckon they probably are.
Outsourcing
has been tried and in Barnet it has failed. We have inadequate services, a culture
of denial and procrastination. It is time to draw a veil over this experiment in political ideology and start building a new council structure that will deliver the services we
need with the massive budget cuts we still face.
No comments:
Post a Comment