Annual reports
The current management team of the Swiss Federal Audit Office (SFAO) has been at the helm for six years now, the duration of a first term of office. As I write this roundup, much has been written and said about the publication of reports, media presence, SFAO resources or the tone of our publications.
These questions of form are important; getting a message across is all about the delivery. They have taken centre stage and attracted a great deal of attention. In this regard, the Finance Delegation took a clear stance on the SFAO’s publication practices, when it declared in its last activity report: "The Finance Delegation believes that, through the measures it has implemented, the SFAO has clearly improved its information and publication practices. (...) The DelFin rejects any further self-restriction of the SFAO in its information autonomy".
The questions of style having thus been addressed, let us turn to the substance. It, too, is important. Performing a perfect audit on a minor topic or ignoring major risks will probably have much more far-reaching consequences for the taxpayer than worrying about the contents of the SFAO’s Twitter feed.
So what have we done and achieved over the last six years? What priorities drove our work?
Our first priority was public corporations. We audited them systematically, with three areas of focus. First, we verified that governance tools were in place and functioning correctly. This was not the case for compliance management at RUAG, nor for risk management at Swiss Post. Happily, the situation has improved in the meantime. Second, we audited nationally important IT systems, such as the IT security in the tunnels of the Swiss Federal Railways (SBB), the national pricing system NOVA or, in the military domain, IT security at RUAG. Finally, relations between the Confederation and its enterprises. The SFAO looked at the merger of civil and military air traffic at Skyguide and the subsidies paid to SBB. Our objective: to ensure that the money set aside for one task was not diverted to another. These audits of federal enterprises naturally provoked a reaction. RUAG attempted, unsuccessfully, to cite a Zurich legal opinion from 2016 to avoid being audited. As for Swisscom: before our first risk management audit was even finished, a parliamentary motion had been launched to prevent us performing another one...
What is the SFAO’s trump card? We are the only body that can legally carry out checks in situ – even abroad – on whether the situation at an enterprise matches that reported to the Federal Council and Parliament. For example, we went to Hungary and Germany for RUAG, and to France and Liechtenstein for Swiss Post. These are what we call “boots on the ground” audits. In recent years, we have also favoured this approach for subsidy audits. These formed our second area of focus: visiting the recipient of federal aid to check what it is doing, whether this is a transport company, a foundation such as Pro Senectute, an NGO operating in Africa or a cheese dairy.
Our third area of focus over the last six years has been financial crime. In 2015, we observed that a number of federal offices and bodies play a key role in the fight against this type of crime. On the basis of a study commissioned from the former prosecutor Paolo Bernasconi, we identified around ten audit topics, ranging from sequestered funds to international legal assistance, from gold trading to the operation of federal courts, and from specific fedpol tasks to the restitution of state assets. In six years, we have built up a picture which has revealed numerous areas for improvement.
Fraud is not the sole preserve of white collar criminals, which is why social security insurance abuses have also been at the forefront of our activities. A risk analysis conducted in conjunction with our cantonal partners revealed the main risks and the areas to audit. After the results achieved in the initial stages proved conclusive, we decided to strengthen our data analysis capabilities. At federal level, this is the most effective way of identifying and combating systemic abuses.
At the request of the Parliamentary Finance Delegation, our fourth area of focus was cross-departmental offices. Over a three-year period, the SFAO systematically audited the federal offices in charge of finance, human resources, IT, risk management, logistics and buildings. The aim was to check that these offices, in addition to issuing directives, are also ensuring their application and have a system for sanctioning non-compliance. This is the only area in which we have not improved. Despite some serious findings by the SFAO, the Federal Council is sticking to department-level management of the Federal Administration without supervision and overall control, and does not want to strengthen the powers of cross-departmental offices. It therefore remains the responsibility of the seven general secretariats to check whether, for example, the IT security rules or procurement procedures are being adhered to in their own departments.
This brings us to the fifth and final point of our mandate: ICT projects. Following the resounding failure of the INSIEME project, a number of measures have been implemented, including regular auditing of key ICT projects by the SFAO. This requires considerable resources but the effort is justified, not just because of the investment volumes but also because of the potential savings linked to these projects – as demonstrated by the DaziT programme for Swiss Customs. This transformation is not just IT-related. It reviews processes and makes things easier for the administration, but also for the economy and users of customs services. However, this is only possible if the will to review procedures exists. The SUPERB programme will be an interesting test case. The transformation of Federal Administration support processes will only be achieved if those responsible for supra-departmental governance grasp the nettle of department-level administration management. Otherwise, several hundred million francs will have been spent without concrete results to show for it.
We will continue to monitor the situation closely and adjust our future activities as risks emerge.
Thank you to all those who support our activities!
Information:
Michel Huissoud, Director of the SFAO, tel. 058 463 11 11