A performance audit that was conducted by Office of the Auditor-General of the Federation has revealed that operators of the federal government-owned Integrated Payroll and Personnel Information System (IPPIS) still have access to the backend of the platform that gives them the leeway to manipulate the system at will.
Former auditor-general of the Federation, Mr Ukura Tyonongo said the good intention of government for introducing the integrated payroll system has been defeated (while government is unaware) by the operators. “The intention of government was good but the operators messed it up,” the immediate past AuGF said in an exclusive chart with our correspondent. According to the specialised audit, “some contractors from Soft Alliance Ltd have access to the database and the ability to set up new users and to change live data and could not easily be identified.”
IPPIS is a unified platform for payment of salaries and wages directly to Government employees’ bank accounts with appropriate deductions and remittances.
The report showed that application controls have not been activated in IPPIS to ensure, for example, that: Gross pay is input from salary and allowance tables, rather than the actual amounts being input directly; completeness checks are not activated to ensure that all necessary data has been entered, for example, bank account number, grade level and job title and duplicate checks to check, for example, that bank account numbers or employee numbers are not used by more than one payee.
“Reasonableness checks are not activated so that an officer of age less than 18 years or more than 60 years can still be paid,” the report said. “User profiles are not adequately restricted, so for example, an officer in one MDA can amend the payroll date for other MDAs.
“The ability to create new users on the system is not adequately protected and restricted to a few, ‘Super users’. Changes to date of birth and date of first appointment are not adequately controlled.”
As a result of these deficiencies in the controls, the audit identified series of potential overpayments. In the first case, it discovered that nearly 300,000 payments totaling N330 million where the gross pay differed from approved salary scale, with double payments of nearly N30 million in September – December, 2011.
The audit report that was obtained from the website of the AuGF by our correspondent claimed that the password controls for access to IPPIS are not adequate. “This is important as access can be undertaken remotely via the internet.”
The findings of the AuGF audit showed that passwords do not expire after 90 days, so officers could use their password after leaving the service; some user names and passwords were shared by several users; users cannot necessarily be adequately identified as the user name is just “Consultant” or “Technical”; there is no restriction on the number of sign-on attempts and there is no minimum password length.
“The audit trail for IPPIS has not been enabled. As a result, it is not always possible to trace which user made particular inputs or changes (for example fraudulent transactions cannot be traced to a particular user). Detailed analysis of the report revealed that 40 payees were paid a total of over N12 million each month, but were not included in the nominal role of the relevant MDA.
“152 officers on IPPIS did not have personnel files in their relevant MDAs. 193 payments of more than one million naira each were identified. 1,163 payments were made to 596 employees without income tax deductions (from April 2012 and September 2013). Nearly 2,000 employees had no pension deductions,” it stated. Tagged: ‘The audit Highlights of observations on key issues raised in the audit of IPPIS by the office of the auditor-general for the federation 14 march, 2016,’ the report was conducted in 2016 but was watered down and never implemented.
Charles Omofoma who was trained in Ghana led the audit team whom Tyonongo said discovered a lot of things that are being done different from the way the government wanted them to be done.
The former auditor-general Tyonongo had remarked that the audit that was conducted under his watch as the AuGF was shielded from public view.
He stressed that the report exposed the huge fraud in the system. “We just want the leaders to hear what is good. Tell him the truth! The money that is being siphoned …you see IPPIS is so great. I stand on my feet to tell you that. And I wish I had the opportunity when the President was here to tell him. Go into the system, you will see what is happening there. When we did the audit we saw people were changing names, changing dates of birth,” Tyonongo who left office in 2016 remarked at the 2nd edition of the conference of Auditors-General of Nigeria, in Abuja.
When asked who the operators are, he sighed and said “you won’t understand until somebody explains in details. What they discovered was huge.”
When calls were put to the deputy director, public relations department in Office of the Accountant-General of the Federation, Henshaw Ogubike, for reaction, he failed to either answer or return calls.