SINGAPORE - The Islamic Religious Council of Singapore (MUIS) has been found by the government’s auditor-general to have had ‘lapses’ in a number of its operations.
The office of Singapore’s auditor-general (AGO) releases an annual report of its audit of government bodies in relation to proper accounting and use of public resources to the country’s President and Parliament. The MUIS is a statutory board under the Ministry of Culture, Community and Youth, and comes under the direct supervision of the Minister-in-Charge of Muslim Affairs.
For the MUIS audit, the AGO covered five areas in its checks: procurement and payment; access controls over selected IT systems; management of haj administration fees; management of inheritance moneys and financial assistance, and management of zakat-related records.
The AGO said in its report, which was released on July 2 that its audit of MUIS revealed a “number of lapses which indicated weaknesses in MUIS’ financial controls and administration across the areas audited.”
“These included lapses in procurement such as failure to establish evaluation sub-criteria and scoring methodology before the close of tenders and quotations, evaluations of proposals not done according to the published evaluation criteria, and errors in the scores awarded to the proposals,” wrote the AGO.
“There were also weaknesses in the management of access rights granted to users of a few IT systems and instances where Haj administration fees relating to deceased applicants were not refunded in a timely manner.”
The authority noted its “more significant observations” in three areas: lapses in evaluation of tenders and quotations, weaknesses in management of access controls of IT systems (including for eHalal), and haj administration fees relating to deceased applicants not refunded in a timely manner.
AGO’s audit of controls over user accounts and access controls of IT systems, including the eHalal, the portal for the application of Singapore’s halal certification, revealed weaknesses that included no segregation of duties due to conflicting access rights assigned to five out of 25 users checked.
“Four users were able to assign or re-assign applications for certification to themselves, conduct inspections, and approve applications and their own inspections,” said the report.
“Furthermore, three of the four users were also granted the system administrator role, which would enable the user to create or deactivate user accounts, activate obsolete accounts, assign roles, etc.
“For the remaining user, apart from being granted the system administrator role, the user was also granted other operational roles such as updating payment status, and assigning or re-assigning applications.”
These weaknesses increased the risk of unauthorised activities, said the AGO.
“In this regard, AGO noted 22 applications where two officers who conducted the inspection also approved their own recommendations relating to the applications,” said the report.
In a statement on July 16, MUIS said these issues were due to “limitations” of its “legacy IT systems”.
“These have been addressed with the implementation of new IT systems in January 2019 with capabilities that address the shortcoming of previous systems,” said MUIS.
“This is part of MUIS’ continual efforts to refresh our IT systems and harness technology to improve governance and serve citizens better, such as digitalising zakat payments through the new iPARS system, and leveraging the LicenceOne platform to expedite halal certification applications,” said MUIS.
MUIS earlier informed the AGO it was rolling out a new eHalal system in two phases.
“Phase One, which is the public facing portion of the new system went live on 15 October 2018,” wrote AGO in its report.
“Phase Two, which serves internal users, is currently undergoing business process re-engineering and is expected to be completed by end 2020.”
LAPSES IN ZAKAT RECEIPTING SYSTEM
Still on the issue of user accounts and access rights vis-à-vis IT systems, the AGO checks found weaknesses in MUIS’ zakat receipting system as well.
Lapses include eight obsolete accounts, out of 686 user accounts, that were not deactivated. One of these user accounts belonged to an external party who had ceased to be an agent of MUIS for more than 10 years, wrote the AGO in its report.
Thirteen users were found to have access rights “in excess” of their job functions, such as rights to add and edit users and to delete and edit receipts.
“Such weaknesses not only exposed the system to unauthorised access, but also increased the risk of unauthorised activities being performed in the system,” said the AGO.
MUIS informed AGO that it had “since replaced the zakat receipting system with a new receipting system with effect from January 2019” that would fully address the issues.
LAPSES IN EVALUATION OF TENDERS AND QUOTATIONS
The AGO’s audit of 22 tenders and quotations MUIS awarded--that had a total contract value of 30.85 million Singapore dollars ($22.7 million)—from April 1, 2016 to June 30, 2018, revealed a number of lapses, said the authority.
These lapses include not establishing evaluation sub-criteria and scoring methodology before the close of tenders/quotations, evaluation of proposals not done according to the published evaluation criteria, and errors in the scores awarded to the proposal during the evaluation process.
“As a result, there was inadequate assurance that the Government procurement principles of transparency, open and fair competition, and value for money had been adhered to,” wrote the AGO.
In its observation of errors in scoring, the AGO said that in three of the six tenders and quotations—that had a total contract value of 4.4 million Singapore dollars—“had the proposals been properly evaluated and scores correctly computed, the awarded vendors could have been different.”
MUIS’ response was that it had “found no evidence of fraud”.
“The lapses were due to human error and procedural weaknesses,” said MUIS in its statement.
“MUIS acknowledges these lapses, and immediate steps have been taken to address the gaps and ensure alignment with government best practices,” it said.
More resources have been deployed to procurement and IT-related functions to ensure compliance with government financial procedures, said MUIS.
LAPSES IN HAJ ADMIN FEES REFUNDS
The AGO checks revealed there were 226 haj applicants who had passed away between 2012 and 2018 but the administration fees collected had yet to be refunded to the estate of the deceased.
Under Singapore’s Administration of Muslim Law (Haj) Rules, pilgrimage administration fees are collected by MUIS from would-be pilgrims. If an applicant passes away before performing the haj, the fee has to be refunded to the estate of the deceased applicant.
“The total value of haj administration fees yet to be refunded amounted to $57,900,” said the AGO report.
This was not the first time the AGO has pointed out this lapse to MUIS.
“In the selective audit of MUIS in financial year 2012/13, AGO had raised similar concerns regarding Haj administration fees not refunded to the estate of deceased applicants in a timely manner,” it said.
MUIS said in its response that it “has taken steps over the years to improve processes” in this matter.
“Out of the 226 cases raised by AGO, 181 cases (80 percent) have received their refunds, or are in the process of being refunded,” said the Islamic body.
“For the remaining 45 cases, the families of the deceased were uncontactable,” it added.
MUIS said it has established a taskforce, chaired by its chief executive, which will review and monitor the “timely implementation of measures to address the findings of the audit.”
(Reporting by Emmy Abdul Alim email@example.com; Editing by Seban Scaria)
© SalaamGateway.com 2019 All Rights Reserved