Several recurring lapses across various public sector agencies has surfaced in the Report of the Auditor-General for the financial year 2018/19.

The Public Accounts Committee has urged the ministries, statutory boards and public agencies to address the lapses observed in the audit report by the Auditor-General's Office (AGO).

The recurring lapses were found mainly in information technology (IT) controls, procurement and contract management and the management of social grant programmes, said the committee in its 84-page report on Friday, Jan. 17.

MCCY's lapses in contract management resulted in S$13 million waiver of contract provision

The audit report found lapses in procurement and contract management in the Ministry of Culture, Community and Youth (MCCY).

The report highlighted the National Gallery’s Development Project, which was owned by MCCY and managed by the National Gallery Singapore.

Some of the factors resulting in the lapses of procurement and contract management included contractors obtaining approval from MCCY only after works had commenced or had been completed.

Contractors also obtained approval from the incorrect approving authority, and did not seek approval for substantial increases in variation cost.

A total of S$13 million of contractual provisions was waived "without adequate monitoring by MCCY".

The report added that the lapses by MCCY "did not give assurance that public funds had been properly managed".

In August 2019, Minister for Culture, Community and Youth Grace Fu stated in Parliament that MCCY will not seek to recover the S$13 million in waivers of contractual provisions because there was no fraud involved in the waivers

MINDEF's IT vendors granted unrestricted access to HR info

The report noted a number of weaknesses in its audit among public agencies, which included inadequate monitoring of users’ activities in IT systems and lapses in the management of user access rights, especially among third-party users.

A number of ministries were found with lapses, including MINDEF.

MINDEF's IT vendor staff were granted unrestricted read-only access to personnel and payroll information in its Human Resource (HR) system.

The vendor staff was able to access 73 types of data which MINDEF required controlled access to be in place, and there was no review of access log records to the available information.

In response to the audit, MINDEF stated that it had put in place a set of strict controls to mitigate the risks arising from granting access to IT vendor staff.

Such measures included rigorous security clearance of the IT vendor staff, designated rooms that were monitored by CCTV for them to work in, and regular reviews of CCTV footage.

The ministry added that it had limited access rights to IT vendor staff based on job scope since July 2019.

Since May 2019, weekly log reviews of access by vendor staff members have been conducted as well.

Lapses in administrative processes of flying allowances by MINDEF

The report also flagged that flying allowances (FA) paid to pilots in the Republic of Singapore Air Force (RSAF) revealed erroneous payments to 14 pilots.

Out of the 14 cases, which involved a total of S$278,970, comprised 12 cases of overpayment and two cases of underpayment.

For one case, the erroneous payments took place over a period of almost six years.

MINDEF informed the AGO that it had since recovered the erroneous payments for nine cases, and was in the process of recovering or making good the payments for the remaining five cases.

MINDEF also explained that the FA payment processing currently relied mainly on manual checks, it would look into automating the payment processing and reviewing policies to minimise manual inputs as far as possible.

According to CNA, the Public Accounts Committee noted that the audited agencies have taken the audit findings seriously, and were committed to fixing the lapses surfaced.