By Bassey Udo
The ineffective governance, operation and management of the Integrated Personnel and Payroll Information System (IPPIS) and the Government Integrated Financial Management System (GIFMIS) may have cost the Federal Government several billions in losses annually, the Office of the Auditor General of the Federation (OAuGF) has uncovered.
The IPPIS project was conceived and rolled out in 2007 as an ICT solution to centralize the payment processes to store and maintain the personal information of all Federal Government employees.
Similarly, GIFMIS was conceived in 2004 and rolled out in 2019 as an Accounting Transaction Recording and Reporting Systems (ATRRS) in Federal Government Ministries, Departments and Agencies (MDAs).
However, more than 14 years since the IPPIS was deployed, and more than 108 months GIFMIS took off in over seven hundred MDAs, flawed and ineffective management by the Office of the Accountant General of the Federation cost the government huge losses.
Findings included in an IT audit of IPPIS and GIFMIS systems published late last year by the OAuGF, a copy of which was obtained by MEDIATRACNET on Tuesday, highlighted how operators of the two systems connived with the consulting vendors and operators to defraud the government.
The audit report showed that as at November 2020, more than 14 years after the roll out of IPPIS, over N3.96 billion was paid to the two vendors between 2012 and 2018, without the system fully operational as envisaged in all the Federal MDAs nationwide.
The payment, the report said, excluded additional payments to the Project Management Consultants, Customer Relationship Managers and other experts hired to help run the system.
On GIFMIS, the report said the flawed contract management between the OAGF and the consulting vendor has so far cost the Federal Government over $27.4 million; over €8.490,961.59, and over N6.52 billion between 2011 and December 31, 2020.
Audit Findings
Details of the audit findings contained in the final report submitted in September 2021 to the National Assembly by the Auditor General of the Federation, Aghughu Adolphus, showed that despite the high payout, the IPPIS system is yet to be successfully completed, as one of its key components, the Human Resource (HR) Module, is still “work-in-progress”.
“There was over-reliance on the two vendors (Messrs Soft Alliance and Resources Ltd) contracted to manage key aspects of the Systems, like enrollment and making changes to employee critical data, monthly payrolling and managing/maintaining the database of employees, in spite of the significant funds committed to the project already,” the report noted.
“The HR component is not fully implemented, because is still experiencing challenges with the solution provider, in terms of getting analytics, as the software is not fully developed and tested, and the cleared data of core MDAs yet to be migrated to the oracle EBS,” the report added.
Although the Office of the Head of the Civil Service of the Federation said significant progress has been made in the implementation of the HR module since its introduction in 2013, the delay has been as a result of the initial difficulty to log-on the IPPIS portal due to problems associated with the solution provider.
On GIFMIS, the audit found that the “application is not completely owned and managed by the Federal Government”, and “there was no clause in the contract agreement stating where source codes could be kept secured with a third party to ensure access, continued operation and maintenance of the software when the vendor is unable to do so.”
Besides, the audit found that the GIFMIS project did not have defined start and end dates, thereby making it a continuous project, and that there was no adequate capacity building to manage the system independent of the solution provider.
The audit noted that after over 108 months of the deployment of GIFMIS in over 700 MDAs, there has not been adequate training to equip the OAGF staff to independently maintain and manage the application.
“Since the GIFMIS Application Contract provides for customization of Hewlett Packard Enterprise (HPE) application to suit Federal Government of Nigeria (FGN) Public Financial Management (PFM) requirements, the application is not custom made. Hence, the intellectual property as per the contract, belongs to the vendor,” the audit noted.
Financial infractions
As a result of the flaws in the IPPIS system, the audit found that in October 2020, about N296.98 million deducted from the employees of some MDAs for October 2020 was not remitted to their PFAs for their benefit.
For instance, the Pension Fund Administrator (PFA) Personal Identification Numbers (PINs), 110014000000 and 110015000000, in the payroll of the Federal University, Wukari, Taraba State were replicated with different PFAs 69 and 67 times respectively, while 165 staff had no PFAs and/or PINs.
In the same month, the audit found that out of total number of 9,664 staff of the Ahmadu Bello University, Zaria, 5,388 had issues with their PFAs and/or PFA PINs.
Also, in the Nigeria Police Force (NPF), over 139,000 officers had similar issues, with over 85,000 of them having 100000000000 as their PINs; over 19,000 Officers with 101000000000 as their PINs, and over 17,000 with 200000000000 as their PINs.
Most of the officers who had incomplete, and/or inaccurate data with respect to their Pension Deductions, had entries like “null”, “unspecified”, “not available” “-”, “00000000”, “0”, etc. against either their PFA names or PINs.
Yet, the audit discovered that Pension for 1,035 staff of the Federal Ministry of Defence valued at about N17.93 million was neither calculated, deducted nor remitted, while pension contributions from another 949 staff totaling N8.1 million was deducted although they were not paid salary for the month.
Between January 1, 2018 and October 31, 2020, the audit discovered that 41 different employees were mapped to Account No.: 0001801050 in a microfinance bank into where a total of N116.73 million was paid, same as another 14 staff mapped to the Account No.: 4010282648 with another microfinance bank with N28.46 million for the same period.
Again, the audit discovered multiple entries of employees’ names, date of birth and/or date of first appointment in the nominal rolls of some MDAs.
For instance, 996 names were found to have been repeated in the nominal rolls of the Ahmadu Bello University (ABU), Zaria; same as 178 employees’ records, and 1,097 employees of the Federal Road Safety Corps (FRSC) had “null’ first names in their nominal rolls, while 174 others with the Nigeria Police Force had abbreviated employee names, “null”, “NA”, “-”, etc.
The relevant sections of the Public Service Rules (PSR) outlaw appointees into the Federal Public Service to be less than 18 years and not more than 50 years of age, and the date of birth of such appointees changed throughout their career.
But the audit revealed that 74 officers who are less than 18 years of age, and 405 others said to have been employed before their dates of birth, as well 17, 558 officers with future dates of employments were found of the nominal roll of the Nigeria Police Force.
These were blamed human errors during data entry caused by either lack of knowledge of the public service rule by the consultants during the enrollment of MDA staff on the IPPIS platform, or the absence of input controls on the application.
Again, the PSR puts the compulsory retirement age for all grades in the Service at 60 years or 35 years of pensionable service, whichever is earlier”, while the Universities Miscellaneous Provisions (Amendment), Act 2012 makes 70 years the compulsory retirement age of academic staff in the professorial cadre and 65 years for non-academic staff.
But, the audit uncovered that 13 staff of the Federal Ministry of Defence and 2,605 officers of the NPF with 35 years in service were still found in the payroll data sets.
Another 7,016 staff in six MDAs were found to have attained 60 years of age, but still in the payroll data sets. The breakdown showed 6,619 officers were on the nomination roll of the NPF; Nigerian Correctional Services (293); Federal Ministries of Agriculture (31); Federal Ministry of Defence (30); Federal Ministry of Education (22); Federal Ministry of Works (21), while and 77 staff in ABU, Zaria who attained 70 years of age were still being payrolled.
Due to management failure, the audit found that there was no human resources strategy and policy for staff on the IPPIS; defined skill-set for the staff posted to the IPPIS, and training plans for the staff on the IPPIS project.
In addition, the audit found massive changes made to the Employee Master Data in the IPPIS system, including Employee Name, Date of Birth and/or Date of First Appointment, by users other than the staff approved schedule officer.
On the GIFMIS system, the audit found that despite spending $900,852.64 and €7,603,846.21 to acquire the GIFMIS Budget Preparation System (BPS), its operations were as not automated, as the payment officer still manually apply tax rates to payments.
The GIFMIS BPS entailed revenue estimation using current information of oil production and non-oil receipts, and the Budget Execution System (BES), which includes budget execution, treasury management and warrant control, while other GIFMIS Modules, which included Human Resource Management, were used to perform the entire financial management cycle.
As a result of the flaws in the GIFMIS system, the audit said automated reconciliation for failed payments has not been functional since February 2019, resulting in over N650 million worth of failed payments were still pending resolution and not being reversed back to their respective MDAs. Audit detected over
On the poor physical and environmental security of the Data Centre, the audit found that there was no business continuity and disaster recovery policy provided for the management of the Data Centre and the security of the GIFMIS data, information, and its ICT infrastructures.
For instance, the audit found that the entrance to critical data centre rooms, such as the power and servers’ rooms had no biometric access, while only 12 users, out of the 29 active registered users on the biometric entrance list, were confirmed officers assigned to the PDC. The other 17 users could not be traced.
The audit observed that two FM 200 fire extinguishers available had not been serviced since they were installed on April 28, 2011, while there was no evidence of any fire drilling or testing of available fire service equipment carried out since inception.
Besides, the audit also observed that none of the officers assigned to the data centre received any training on firefighting and emergency techniques, despite lots of combustible items (cartons and plastic ropes) littering around the Data Centre (DC) capable of easily intensifying damages during a fire outbreak.
Although there were seven Closed-Circuit Television (CCTV) cameras installed in the Data Centre, the audit found a blind spot in the power room not captured within the camera purview, while the CCTV monitors did function through the period of audit.
Reacting on the allegation about the absence of Business Continuity Plan in the Data Centre, the OAGF said although contract was awarded to a consulting firm to prepare and submit a Business Continuity Plan for the GIFMIS & Integrated Personnel & Payroll Information System (IPPIS), it was yet to be activated.
Apart from the GIFMIS project not having a completed and approved Information Security policy document and guideline, the audit found that the N10 billion GIFMIS IT equipment neither has an insurance policy cover since inception in 2012, nor the policies and classification of assets with respect to insurance coverage.
Although the Office of the Accountant General of the Federation is yet to react to the audit queries and recommendation for sanction for various acts of negligence and infraction of the Financial Regulations uncovered by the audit, a senior official told our reporter on Wednesday in Abuja the office would soon release a robust response to all the issues raised in the audit.