|
Justice of the peace wrote in Jan 2001.
The number of detected offences by corrupt councillors and council officers has been rising for some time. The main areas in which these frauds by council insiders are increasing are; misappropriation of council income and corrupt claims for pensions, pay and allowances. Amongst the frauds detected in 1997 were; a council employee who defrauded £750,000 by creating records for 18 bogus pensioners and then collecting the payouts for two years before he was caught. In another case three senior council officers set up companies which they then used to defraud the council of £500,000 over two years. The fraud was worked with one officer using his council position to order goods and services, another certified that they had been supplied and the third approved payment.
Many councils in England and Wales remain complacent about the problem. Many do not have a register of council officers' interests or of the hospitality received by councillors, half do not have an anti-fraud strategy and a third have no arrangements to protect honest employees who report on the corruption that they uncover.
Many councils are taking steps to prevent fraud but corruption is difficult to identify and to prosecute successfully, and the true level of corruption is almost certainly greater than the low number of cases reported.
There are a number of steps that should be taken to minimize fraud — amongst these are:
*
● Different levels of access should be used. Some officers will need to view and inspect data whilst others will be authorized to change data.
*
● Different council officers should be responsible for the ordering and authorization of payment for goods and services.
*
● Computer users should only be able to access those parts of the computer system which they need to use to carry out their duties.
*
● The level of access granted to users should reflect their responsibilities and be no more than is necessary to carry out their duties.
*
● Different levels of access should be used. Some officers will only need to view and inspect data while others will be authorized to add, delete or edit data.
*
● Access should be by passwords which are changed frequently, consist of a mixture of letters and figure and are not written down.
*
● A two password system should be used, one password unique to each user and another for their authorised level of access.
*
● A log of access to the computer system should be kept.
The separation of responsibilities is the fundamental control required to fight fraud, yet in many councils the ordering, receiving and authorization of the payment for goods and services are the responsibility of one council officer. Basic control standards are disregarded and there is no effective monitoring. Councils should carry out risk analysis reviews, have a rigorously implemented security policy, give staff computer awareness training that focuses on threats and precautions to be taken, ensure that the internal audit department has computer audit skills and make the necessary financial commitment to security for the council's computer system.
The following measures should be incorporated into the council's security policy:
*
● A clear statement by the council of the importance that it places on IT security.
*
● A statement of the relevant legislation (Computer Misuse and Data Protection Acts) confirming that these will be enforces.
*
● A statement of the steps that will be taken by the council to encourage and enforce high security standards.
*
● The steps taken to minimize computer misuse (the use of secure passwords).
*
● The internal control mechanisms for monitoring that the policy is working and being adhered to.
*
● The role of internal auditing and other monitoring agencies of the council.
The Government published a Local Government White Paper, which included proposals for a compulsory national code of conduct which would be enforced by an independent standards board with the power to suspend or disqualify council officers and councillors who did not meet its standards. The Audit Commission amongst others believes that detected fraud is low when viewed against the annual expenditure of local government and estimates that a nearer figure would be £4 billion.
_________________
Copyright notice © The contents of this post are copyright of JD and are not to be reproduced outside of TDO without written permission.
|
Login
Register
FAQ
