A technical audit and analysis of the government computerised financial system has discovered that transactions of up to K14.3 billion (US$34 210 526) were deleted from the database between July and September 2013 in the ongoing cashgate scandal, Weekend Nation can reveal.
A November 2013 report of Soft-Tech Consultants Limited – the institution that manages the Malawi Integrated Financial Management Information System (Ifmis) – affirms that four user names corresponding to four public servants; were used in this process in four offices.
They are the Office of the President and Cabinet (OPC), Local Government and Rural Development, Irrigation and Water Development and Tourism and Culture ministries.
There were also remote connections to the financial system that allowed officers to enter the system even from outside the office.
Police said they are aware of these findings and that the law is already dealing with the concerned officers.
Said deputy national police publicist Kelvin Maigwa: “We are aware of this development. These people are being dealt with according to law.”
On the other hand, Ministry of Finance spokesperson Nations Msowoya said there have so far been administrative actions to public servants known to have had a hand in the infamous cashgate scam.
The Soft-Tech documents titled Database Analysis and Audit Report and Restoration of Data, allege that deletion of data was done on 10 different dates across the duration under review – July 1 to September 24, 2013.
The deletions were done on July 1, August 20, 21, 23, September 3, 5, 16 and 24.
“It is important to mention that at this stage this report does not indicate which actual people were involved and how much funds were misappropriated. Therefore, this report just provides information on which usernames were used to abuse the system and indicates the values of those transactions that were deleted,” reads the report in part.
The report mentions the usernames as Frank.mwanza. Geofrey.Sinoya, Samuel.Mzanda and Felistas.Njathu.
According to Msowoya, all but Njathu have been interdicted saying “we have not received anything from ACB or Police on Njathu to warrant an administrative action.”
Although the report fails to attach the usernames to real people, our investigations matched the username Frank.Mwanza to a Frank Mwanza, an accounts assistant close to Ifmis control and arrested from the Office of the President and Cabinet (OPC).
The username Geofrey.Sinoya was matched to an accounts assistant in grade M at Accountant General’s office while Samuel Mzanda belonged to a grade J officer at Ministry of Tourism accounts department.
The username Felistas.Njathu, is associated with a Njathu in accounts department at Local Government Ministry.
According to the report, using these usernames, some 144 voucher journals and 133 payment journal records “were deleted using database access gained due to lack of controls on the firewall and system security.”
In computing, firewall is software or hardware-based network security system that controls the incoming and outgoing network traffic by analysing data and determining whether they should be allowed through or not, based on applied rule set, according to Google.
The deleted voucher journals and payment journal records “totalled in values of MK5 656 134 300 and MK8 682 916 313 respectively.”
According to Soft-Tech report, the Ifmis abusers bypassed two major system controls: Commitment Control, leading to expenditure beyond funding and Cash Control which led to ministry votes being used to abuse bank account overdraft controls.
Direct database access to the database server was the main method used to bypass controls, according to the report.
“No paper documents were retained to verify that the deleted records were valid or invalid procurement of good goods and services. The paper documents are mandatory requirement for transactions to be processed and all paper documents are signed and stamped as per statutory requirements,” reads the report.
According to Evelyn Mwapasa, chief executive officer of the Institute of Chartered Accountants in Malawi, general ledger is a central repository for accounting data while an audit trail is documentary/recorded evidence of the sequence of activities.
She says if these documents miss, “it means that there are some difficulties being encountered in the audit because of gaps in data available.”
But she provides some hope: “This does not automatically mean complete failure to finalise the audit as the auditor will always try to use other means/techniques to make sense of the available data/information.”
“…but it means the auditor will utilise more effort/expertise to try and compile all the information required in the audit. Whether the auditor finally succeeds in compiling all the information will depend on the actual circumstances,” said Mwapasa.
Soft-Tech undertook to restore the deleted data “to bring the system to a state of not losing the data”.
Msowoya confirmed that restoration was done.
The Soft-Tech suspects that “collusion amongst all the members of the transactions is likely as the same usernames were involved in the transaction cycle.”
For example, the report shows a voucher entered by Felistas Njathu, approved by Vestina Store was posted by Felistas Njathu.
Payment for the same was generated and posted by one username Vestina Store while the payment journal was done by Geofrey Sinoya.
Such cases were repeated in several other transactions bearing various usernames in a trail that clearly suggest collusion.
“The approvals were done using the system interface and the named users had access rights to the application. It is necessary to investigate further as to who granted these users the access rights,” recommends Soft-Tech.
The country’s major donors, under the Common Approach to Budgetary Support (Cabs) on November 7 last year withheld support after billions of money were looted from the Capital Hill by civil servants in a scandal called cashgate.