DECS Financial Management Compliance Framework


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

DECS Financial Management Compliance Framework

  1. 1.   DECS Financial Management Compliance Framework May 2009        
  2. 2. DECS Financial Management Compliance Framework Introduction Following the completion of the review of the Financial Management Framework (FMF), the FMF has been withdrawn and a revised Treasurer’s Instruction 2 Financial Management and a new Treasurer’s Instruction 28 Financial Management Compliance Program, has been issued, effective 1 July 2008. The Department of Treasury and Finance has issued The Financial Management Toolkit to provide guidance to assist agencies with their financial management responsibilities. The main change is the TI28 requirement that the Chief Executive develop, implement, document and maintain a robust and transparent Financial Management Compliance Program (FMCP). The FMCP includes an assessment of relevant policies, procedures, systems, internal controls, risk management, financial reporting and the adequacy of management reporting. In order to comply with the requirements of TI2 and TI28, the DECS Financial Management Compliance Framework (Figure 1) has been developed, consisting of the following elements: Control Environment Context The DECS control environment consists of processes developed to provide reasonable assurance regarding the achievement of objectives outlined in the DECS statement of directions, improvement and accountability framework and the overarching State Strategic Plan. Governance Structures The key DECS governance structures overseeing the maintenance of the control environment and the compliance processes include, but are not limited to, the Corporate Executive Team, Audit & Risk Management Committee, ICT Governance Committees and Portfolio Leadership Groups. As outlined in the organisational values contained in the statement of directions, accountability for the maintenance of the control environment is a shared responsibility of every employee in the organisation. External Regulatory Requirements The financial management compliance framework includes assessment of compliance with financial management, financial administration and financial reporting matters contained within, but not limited to: Relevant legislation Public Finance and Audit Act1987, Public Sector Management Act 1995, State Procurement Act 1995, Public Corporations Act 1993, New Tax Systems Act 1999, Education Act 1972 and Occupational Health, Safety and Welfare Act. Sub-ordinate legislation 2
  3. 3. DECS Financial Management Compliance Framework Treasurer’s Instructions, SA Public Sector Code of Conduct and State Procurement Board Policies. Entity and Process Level Controls The core financial processes covered by the framework include income, expenditure, payroll, grants/specific purpose funding, assets, liabilities and financial management reporting. As required by TI2, the framework includes clear documentation of policies, procedures, systems and internal controls relating to income and expenditure transaction processing, management of accounts receivable and payable balances and the processing and management of asset and liability account balances. The methodology for the implementation and maintenance of entity and process level controls are contained in the financial management policies and procedures, risk management policy and framework, fraud control policy and framework, financial management authorisations, ICT general controls, corporate strategic management cycle, procurement framework and shared services SA service level determination. Responsibility for the maintenance of the relevant processes and controls are outlined in the individual documents. The overall framework however requires that all employees adhere to controls outlined within their assigned area of responsibility. Financial Management Compliance Program The purpose of the FMCP is to document and communicate the DECS financial management monitoring processes that have been implemented to ensure the requirements of TI28 are met. The key elements of the DECS FMCP are: A. Assessment of Broad Level Compliance i. Corporate Compliance • Customised Self-Assessment FMCP Checklists • Internal Control Questionnaires (ICQ) • Verification audit of compliance ii. Site Compliance • Self Assessment Internal Control Questionnaires (ICQ) • Site Financial Audits • Enrolment Audits (Survey and Census) B. Non-Compliance and Reporting All employees are responsible for reporting any compliance failures or departures from internal controls to their respective line management. All compliance failures should be documented to enable appropriate action to be taken. C. Financial Management Compliance Maturity Model 3
  4. 4. DECS Financial Management Compliance Framework The financial management compliance maturity model (Figure 2) outlines the objective to continuously improve the effectiveness and efficiency of the financial management processes of DECS over the next three years to achieve a state of consistent alignment with better practice across the organisation. 4
  5. 5. Figure 1 DECS Financial Management Compliance Framework Control Environment Process Level Controls External Governance Entity Level Context Regulatory Core Financial Processes Structure Controls Requirement DECS Corporate Public Finance Financial Income Expenses Payroll Grant Assets Liabilities Financial Statement of Executive & Audit Act Management Specific M’gmnt Directions Team Policies and Funding Reporting Treasurer’s Procedures Instructions Audit & Improvement & Risk Public Risk Accountability Committee Corporation Act Management Compliance Processes Framework Policy and New Tax System Framework ICT Governance (GST Act) State Committee Fraud Control Strategic Public Sector Framework Financial Management Compliance Program Plan Management Act Portfolio Financial State Management Risk Leadership Key Control Control Self Compliance Groups Procurement Authorisations Management Act Indicators Assessment Monitoring ICT General Monitoring Controls Education Act Corporate Key Children Strategic Management Internal External Performance Services Act Management Testing Audit Audit Cycle Indicators SA Public Sector Code of Conduct Procurement Framework Occupational Financial Management Compliance Maturity Health, Safety & Shared Services Welfare Act SA SLD
  6. 6. Figure 2 Financial Management Compliance Maturity Model 2008/09 2009/10 2010/11 Achieve compliance with Leveraging value from Alignment with Better TI2 &TI28 Internal Controls Practice •TI 2 TI 2 TI 2 •Policies. Procedures, systems and • Annual review of all policies, •Annual review of all policies, internal controls developed and maintained procedures, systems and procedures, systems and for the following processes: internal controls internal controls • Risk Management • Annual review of financial and tax risks (Risk • Financial management compliance and • Authorisations Management Framework) control coverage aligned to key risks • Income Management • Root cause analysis of control failures to • Consolidation of Financial Management • Expenditure management identify sustainable corrective actions Compliance Framework to align business • Asset & Liability Management • Perform gap analysis based on review processes and controls with “better • Review control improvements, allocate practice” identified • Annual review of financial and tax risks responsibility and incorporate into action plan • Introduce program to enhance control (Risk Management Framework) for improvement consciousness across the organisation • Identify “better practice” across the organisation TI 28 •TI 28 TI 28 • Financial management compliance • Develop, implement, document and • Update control self assessment program to complement enterprise risk maintain a financial management compliance documentation (financial management management and internal audit coverage program (FMCP) incorporating the following compliance checklists and internal controls •Establishment of continuous control processes: questionnaires) monitoring environment • Financial Management Compliance • Develop supplementary checklist for sites in • Consolidated continuous control Checklists addition to the ICQ’s to incorporate further monitoring reporting to CE on any control • Internal Controls Questionnaires for aspects of financial compliance failure Corporate • Align FMCP with Risk Management and • Consolidated annual report to the CE on • Internal Control Questionnaires for Internal Audit (both site and corporate) results of assessment process (including schools/sites. •Consolidated annual report to the CE on failures) • Develop Financial Management Maturity results of assessment process (including • Monitor Shared Services SA Model outlining actions going forward. failures) compliance to SLD terms & conditions • Consolidated annual report to the C E on • Monitor Shared Services SA results of assessment process (including compliance to SLD terms & conditions failures) • Monitor Shared Services SA compliance to SLD terms & conditions