In 2017-18, the Western Australian public sector paid a total of $23 billion in operating expenses, and services and contracts. In 2016-17 local government entities reported over $4 billion in expenditure. The vast majority of these payments were made through accounts payable systems that rely on the accuracy of information in supplier master files.
The supplier master file is a central, comprehensive file that holds information about suppliers; including method of payment, bank account details, ABN and contact details. To ensure payments are correctly made, this information needs to be valid and complete. Changes made to the supplier master file are typically varied and may include adding new or deleting redundant suppliers, changing contact or bank account details, and variations to payment frequency. Well publicised instances of fraud that have occurred in the past across Australia, and payment errors reported from our audits, demonstrate the importance of adequate control processes over changes to this information.
We previously performed this audit in 2012, for a sample of 8 state government entities. In that audit, we reported the need for those entities to improve their monitoring and review of supplier master files, and 3 needed to improve their policies and procedures for managing supplier master files.
Most of the 10 entities we audited did not have comprehensive policies or procedures, which resulted in a lack of formal monitoring and review of their supplier master files. More than half the entities had weaknesses in controls over creation or amendment of their supplier records. In addition, at 3 entities, some suppliers were owned by or related to employees and the entities did not adequately manage these conflicts of interest processes.
What we did
The focus of this audit was to assess whether entities had suitable policies, procedures and controls for the management of supplier master files, to promote effective payment processes.
We assessed the policies and practices at 10 state and local government entities of varying sizes over a 9-month period from 1 January to 30 September 2018. We used the following lines of inquiry:
- Do entities have appropriate policies, procedures and controls over the creation and management of their supplier master file used in the payment process?
- Do entities effectively implement these policies, procedures and controls?
- Is the supplier master file operating to promote effective accounts payable processes, and reduce the risk of fraud, duplicate payments and other errors?
We tested 2,395 out of total 150,386 supplier records across 10 entities to assess if policies, procedures and controls over the supplier master files were followed, and promoted effective accounts payable processes. We also assessed how well entities managed conflict of interest in circumstances where entities procured from suppliers which were either owned by or related to their employees.
We conducted this audit under section 18 of the Auditor General Act 2006 and in accordance with Australian Auditing and Assurance Standards.
The following 5 state and 5 local government entities were included in this audit: