Professional Documents
Culture Documents
Forensic Audit Report - 1
Forensic Audit Report - 1
FORENSIC AUDIT
Covering transactions and controls in the six-month
Section
1. Executive Summary
4. Disclaimer
Page 1 of 24
1. Executive Summary
1.1. Introduction
Rajnish Shukla (Chartered Accountant and a Forensic Auditor) currently holds a
framework contract to provide forensic and investigation services to the finance
ministry India for the state development government funds.
As per the initial briefing of the matter by the said department a large chunk of fund
has been misappropriated by the states.
1.2. Background
In 2006 fund was provided to the states for the toilet preparation run by the
government of India. The said scheme to achieve “Open Defecation free” (ODF) India
by October 2019 to construct 100 million toilets in rural India with a projected cost of
Rs. 1.96 Lakh crore.
The following issues involved instigated the government for a forensic audit.
➢ Bihar toilet scam: How govt officials, NGOs, bankers stole Rs 15 cr meant for Swachh
Bharat
https://www.indiatoday.in/magazine/states/story/20171218-bihar-scam-swachh-
bharat-mission-1102469-2017-12-08
Page 1 of 24
https://timesofindia.indiatimes.com/city/coimbatore/toilet-scam-5-
suspended/articleshow/63661892.cms
Page 2 of 24
https://www.dailypioneer.com/2016/state-editions/toilet-construction-scam-to-hit-
many-in-state.html
The funds are provided directly to the respective states by the Ministry of Finance
under the “Swach Bharat Mission”. These funds are utilized as per the objective of the
mission and a timely reporting mechanism is devised to have a check on the fund
utilized and the target achieved by the various states.
The funds are directly transferred to the states as per the budget allocated to the
respective states.
Preliminary checks by the finance department has revealed that the funds after
reaching to state government are not allocated to various districts which has resulted
in not achieving the desired targets within the time frame.
Also, cases have been found where fund have been transferred but have not reached
to the desired beneficiary within the states.
Page 3 of 24
Also, it is alleged that the perpetrators were able to transfer funds from the government
bank accounts to the vendor accounts for goods and services that were never supplied
and then to delete these transactions from the accounting packages maintained and
in few cases proper trial also could not be retrieved.
Also, it has been claimed that the system was manipulated to release funds without
lawful authority, create and approve unauthorized payments, issue cheques through
the Accountant General’s Department and transfer funds into supplier accounts
without authorization.
The preliminary audit work completed by the ministry revealed that, a significant
number of transactions had been deleted.
The outputs of the accounting package (Oracle) report have been relied upon to inform our
work.
.
1.3. Scope of the Review
The team of Rajnish Shukla has been working since the contract was assigned at
various locations in India to unearth the fact.
The team has interacted with the key stakeholders including the Auditor General,
Accountant General, the oracle team, police and various other authorities who have
the bearing of the same.
Page 4 of 24
• Provide factual information that can be utilized in support of any possible
litigation process to re- claim funds that were inappropriately paid during this
period, as well as for any civil or criminal prosecution of entries involved, if the
government so decides;
• Identify failures and weaknesses in internal controls, including failures within
procurement system, that led to these breaches and provide recommendations
and suggested actions to strengthen controls and mitigate future risks; and
• Provide suggested actions to strengthen any other procedures as may be agreed.
We have undertaken work to understand the position of the Ministry of Finance the
funds transferred to various state governments and how the same has been
appropriated and misappropriated.
Our initial data assessment considered the bank account statements for the period
covering 1st January 2019 to 30th June 2019.
The data allowed the audit team to consider patterns and trends of deposits
withdrawals and adjustments to inform the transaction selection for the auditable
period.
A further risk assessment was undertaken based on selected criteria using Benford’s
Law
We obtained cheque images for these transactions and collected data and evidence to
allow a secondary risk assessment to be undertaken.
The transactions identified in oracle package and thereafter deleted were also
considered.
The audit trail for each transaction has been recreated by tracing the corresponding
cash book entry, obtaining scans of the signed cheques identifying the cheque
signatories and locating any third-party supporting documentation.
Page 5 of 24
A review of the deleted transactions has been completed and matched against
payments made from the state ministry bank accounts.
It should be noted that not all of the deleted transactions have been cleared through
the banking system and therefore some remain unpaid.
This report is based on our findings and specifically the completed reviews of
transactions we believe to meet similar criteria to that identified in the deleted
transactions or considered to be higher risk based on our selection criteria.
We consider that our work has included all lines of available supporting evidence.
With the exception of specific work on the deleted transactions, the sample we selected
for detailed investigation was not based on criteria such as company, Ministry or
individual but based on high values and payments of the same value made more than
once.
To limit the risk of prejudicing any current or future legal action, this report does not
comment on specific transactions, names or companies.
Where we believe fraud, theft or unethical actions have taken place, these have been
and / or will be referred to the relevant Law Enforcement Office of the Police and Anti-
Corruption Bureau through the Office of the Auditor General.
Based on our work we consider that funds have been stolen from the government funds
through a variety of means. We believe there are at least two methods being used.
The first method focuses on extraction of ‘cash’ using systematic money laundering
activities through commercial organizations
This method would appear to be premeditated, planned and was not opportunistic.
We noted a number of companies opening new bank accounts two or three months
prior to the receipt of government cheques.
For other payments, cheques were paid into the bank accounts of companies who were
either dormant prior to payment or showed limited transaction activity through the
Page 6 of 24
bank account.
We believe that up to an amount of Rs. One Thousand Crore could be classified as theft
of government funds which needs appropriate legal action.
We believe that the amount could further increase if the sample size and period of audit
is increased further.
The second method identified may be part of a wider corruption scandal that focuses
on overvalued and high value transactions, payment for goods not received and/or
funds transferred to various unauthorized beneficiaries.
A preliminary review of the deleted transactions has been completed and a total of
615 entries have been found to have been deleted from oracle.
At the time of this report our findings have identified payments to 10 companies where
payment has been done which should be classified as theft of government funds and
an appropriate legal action is required.
Page 7 of 24
During our fieldwork we noted significant sums of cash withdrawal, higher than the
cash holding insurance in short periods of time from the commercial banks.
It appears that the banking system failed to identify these unusual transactions with a
limited number of Suspicious Transaction Reports being sent to the state finance
ministry.
Significant control failures and lack of application of the existing controls are key
factors contributing to the failures and to the theft and misappropriation of funds.
1.5. Limitations
This report does not indicate which individuals or companies are involved in any of the
potential frauds identified.
This has been done deliberately to limit the risk that we will prejudice any on-going or
future legal proceedings.
Where we found appropriate, we have included reference to the values at risk based on
the evidence provided and seen.
The findings expressed in this report are based on the documents and explanations
provided to us.
Insofar as this report refers to matters of law, it should not be taken as expressing any
formal opinion whatsoever.
This report is based on the facts established from documentation provided by the
various representatives of the State government, various commercial banks,
individuals and fund recipients.
Page 8 of 24
We have accepted the various documents provided for what they purport to be and we
did not enquire into their authenticity unless we had cause to do so.
Electronic scanned copies of original documents are available should they be required.
As part of the audit methodology, sampling techniques have been used and as such we
cannot provide assurance that the procedures applied will have detected all potential
anomalies or irregularities.
This review does not constitute a statutory or external audit of the records maintained
by any party.
The audit sample of 500 transactions has been selected based on our risk criteria and
does not include all transactions processed during the review period.
ii. An income and expenditure account for the six-month period was prepared to
gain an understanding of the nature of expense. The same as analyzed with
the estimates provided by the respective government. Also, previous period
data was collated to have a clear understanding of the nature of expense done.
iii. Cash flow and fund flow was analyzed for the review period and for the past
period to understand the fund movement.
iv. A project development timeline was reviewed to ascertain unusual delay which
in turn will increase the cost of the project.
The electronic bank data for the Government’s main bank accounts was extracted
from the oracle system by the finance staff of the state under the supervision of
Page 9 of 24
members of the audit team.
The bank accounts were asked in electronic form. A comparison and fund movement
analysis were done with the funds transferred to various districts and the utilization
of the fund thereof.
Also, the same was cross checked with the budget and estimates provided to us.
The list of accounts was maintained which were regularly supervised and the
unsupervised one.
A review of the electronic bank data extracted under supervision was completed and
two types of transactions selected for the test sample; all payments greater than Rs. 50
lakhs and duplicate payments of the amounts exceeding Rs. 50 Lakhs.
A number of these payments are the aggregated total of a number of smaller payments.
Page 10 of 24
Documentary evidence to support the payments was obtained from the respective
banks including images of the front and backs of cheques from the bank’s
information hosting system.
Where possible screen shots of transactions were also taken to provide a complete
audit trail showing which bank employees had reviewed, approved and authorized
the payments.
A similar exercise was undertaken for the deleted transactions identified by oracle
software.
To support the audit sample matching cashbook and other associated reports were
extracted from the oracle software.
Extracts were obtained of the cashbooks for all the relevant Government Ministries and
Departments for the two financial years relevant to our sample period.
Various information covered included the procuring entity, method, date, item,
description, value, supplier and contract type.
Working with the commercial banks we obtained bank account opening documents
(bank mandates), bank statements and, where necessary, cheque scans or other
supporting documents.
We visited various Government Ministries and Departments to try and obtain the
invoices, receipts, contracts and other supporting documents provided by suppliers. In
instances where no supporting information could be provided the suppliers of the
goods, services or works were visited and asked to provide the necessary paperwork
justifying why they had received Government funds.
Page 11 of 24
various suppliers.
1.7. Report
Upon delivery of this report to the Ministry of Finance, the Comptroller & Auditor
General of India office will assume responsibility for the report.
Page 12 of 24
2. Findings: Control Environment
2.1. Introduction
Organizations usually operate through various mechanism of defense to protect their
assets; the same can be simplified as
• Operational Management and internal controls, those being the staff,
management, regulations;
• Compliance, risk management and secondary review including that expected of
the State Finance Ministry, and
• Internal and external audit and other statutory bodies, this includes the
commercial banks.
The failure of the above has led to the opportunity created for the embezzlement of
cash.
The audit team was provided with contradictory information regarding the role and
responsibilities of the Directors Accounts & Audit and we have therefore applied the
roles established in the Treasury Instruction and State Finance Management guidelines
when assessing the expected roles and responsibilities of the Directors Accounts &
Audit, including assessing the elements of the control framework which as to what
should be the exact responsibility of the Director’s Account & Audit.
Various barriers were noted on commencing our work at the department of Accounts
and Audit.
These included delays by the IT department in providing full read only access to oracle
software.
Hard copy bank statements for the main bank accounts were also not available for
review and poor filing initially made identifying these accounts difficult.
At the time of the commencement of our audit we noted significant failures in the
Page 13 of 24
control environment encountered at the Accounts & Audit Department.
Basic accounting procedures and protocols, including those required by the State
Finance Guidelines, were not being followed or applied.
A lack of oversight, accountability and individuals who were ‘unchallengeable’ by
juniors has provided opportunity for a higher level of loss than had the prescribed
controls been implemented.
We noted that cheques brought to the Director’s Accounts were signed without proper
or adequate review and without checks being made regarding the values, purpose of
the payment.
When challenged it was stated by the Assistant Account Director that, under the
current review process, payments were authorized and reviewed by two other
authorized signatories before the cheque was signed and therefore it was unnecessary
for any further review.
The roles of the Accountant and Assistant Account’s Director in the final approval
process are an essential part of the final government check functions.
‘As authorizing officer, the Account and Assistant Account’s Director are a key element of the
control process and are as noted below liable for the approvals made and therefore the payments
made’.
We understand that all cheques payments over Rs. 50 Lakhs require three signatures
to allow the Bank to process payment.
In our sample of the 500 transactions, 22 transactions with values between Rs. One
crore to Rs. 5 crores contained only two signatures. All were honored by the
respective bank.
50 transactions in our sample required signature. 32 were signed by the Asst. Accounts
Director between February and April 2019 with a value of Rs. 650 crores. The same
includes 19 cheques found on the deleted transactions listed with a value of Rs. 453.6
crores.
Between May and June 2019 our sample identified 140 cheques signed and approved
by the Assistant Accounts Director to the value of Rs. 700.26 crores where 35 entries
were found in the deleted transaction amounting to Rs. 586.25 crore.
Page 14 of 24
In the majority of cases we noted limited supporting documentation (with the exception
of oracle generation report) which can support the deleted transactions. This was
confirmed by suppliers/ vendors interviewed.
‘In our view payment for goods and services received shall be effected upon verification and
confirmation that goods were received or that those services were rendered. Payment shall be
made where, a copy of the local purchase order, an invoice and goods received note are attached
to the payment voucher.’
Both the Accountant and Assistant Accounts Director, as well as the Accountant
Director in post prior to their appointment, could be considered to have failed in their
public duties by not challenging and checking the validity of the payments they have
approved thereby contributing to the loss of government funds.
‘The authorizing officer shall be personally liable and shall be surcharged in respect of any such
incorrect payment’.
We noted that key individuals in the Account’s Department, including those who can
be seen to be accountable for approving the unsupported payments, have since been
redeployed to other Ministries.
At the time of our review, monthly bank reconciliations had not been completed by the
Accountant Department since November 2018.
The policy and procedure ask for a monthly reconciliation and a gap analysis with a
proper reporting of the same.
The issues have not been undertaken by either of the previous Account offices and
Directors or has been flagged properly for cognizance.
Bank reconciliations are an important and basic check to reduce the potential for
accidental or deliberate errors.
In absence of the same, no assurance can be provided that the bank transactions have
been recorded correctly in the State Government’s records.
The audit team witnessed the preparation of cheques in the Account’s Department of
State. The department had blank cheques left in printers overnight.
Page 15 of 24
Cheques should be written out by authorized personnel in designated and secured
manner.
However, it is our understanding, the Account’s Director makes the decision on which
budget expenditure is allocated; this does not require the approval of the necessary
controlling officer.
We noted situations where expenditure allocated to one Ministry budget may not have
been incurred by that Ministry.
Where a dispatch list is generated through oracle software by the Ministry making
payment, we noted evidence of additional payment vouchers being added to the
dispatch lists after they had been generated and then being applied to the Ministry
budget.
Whilst we understand the need for effective cash management, each Minister and
Controlling Officer is accountable for their budget and should be made aware of, and
approve, any additions made.
We noted that no bank statements are provided to the accounting officers at each
Ministry to allow them to reconcile their own transactions. This should be
implemented with immediate effect; discrepancies should be flagged by the
accounting officers to the Auditor Department.
Manual cheques were prepared for the period stating reason for the improper working
/not working or oracle software for the period covering February and March 2019. Also,
worth stating here that the copy of the same was not kept for record.
In the scenario where bank reconciliation is not available and also non availability of
copy of cheques leaves us with minimum or no trail in various cases.
Page 16 of 24
account. We have not seen evidence of any independent financial audits on the
financial statements prepared by the various Ministries.
Limited independent assurance can therefore be provided on government spend by
Ministry.
Unsatisfactory record keeping and filing of official documents makes it difficult to trace
records and vouchers.
Basic filing techniques are not applied thus clouding the audit trail and leading to
increased time being spent in tracing documentation. A lack of audit trail also increases
the opportunity for concealment or fraud, theft or error.
We observed that the financial management systems are not new. Oracle data will only
be as good as the data input into the system and the application of the security controls
around it.
The deletion of any accounting entries and any subsequent payment of government
funds is not a fault within Oracle.
Instead from weak application of the controls by the individual users and by staff
circumventing the controls designed to ensure that the system works effectively e.g.
sharing user IDs.
The server is located in an unsuitable environment; it does not have adequate cooling
or electricity back up facilities.
Page 17 of 24
We noted that 248 of the 631 records deleted were actioned outside of office hours
(between 10PM to 7 AM) during our audit assignment.
No exception reports are run or reviewed where these incidents could have been
identified.
It was noted that there is no procedure in place to terminate the user profiles of
departed employees and employees transferring from one Ministry to another.
The same may lead to unauthorized access to a particular Ministry’s data.
This account receives funding from the Ministry of Finance and subsequently the funds
are transferred to various Bank accounts managed at district level in a particular state.
‘The Bank in collaboration with the Government of India should ensure that no fraudulent
movement of fund takes place. We observed in various instances similar amount of high value
cheques have been cleared in a particular day. The same was never questioned by the bank
authorities.
• The bank statements for the period 1 January 2019 to 30 June 2019 for the
relevant organization;
• Information showing when the bank account was opened, by whom and a list
of the signatories on the account(s);
• Details of any other bank accounts held by these companies and the
directors/owners of said companies;
Page 18 of 24
• Bank statements for any other accounts that these companies held with your
bank for the period 1 January 2019 to date; and
• Report of any suspicious activity or any red flag raised by the system.
The information was initially refused by the banks. After involvement of high
authorities from Ministry of Finance from state and center, the details were made
available for verification.
The staff and employees who have major contribution in fund movement or to whom
regular allowances are paid should have their profile incorporated in Oracle Software.
We observed lack of supporting documents in majority of cases where trial was not
available for verification.
It was further observed that the procurement was based on the budget. The
management was free to purchase goods/ services until the same was within the
budget.
“In our opinion controls needs to be placed in reference to the monetary value to strengthen
the process and avoidance of fund leakages.
A walk-through test was done for a certain good purchased. The sample could not
produce desired result due to lack of evidences and unavailability of proper trial.
Page 19 of 24
3. Findings: Deleted Transactions
3.1. Background
We were requested by the Director Finance & Accounts in the Ministry of Finance to
analyze the Oracle data base from 1st January 2019 to 30th June 2019 to check for the
deleted transactions and search for the information which can lead to embezzlement
/ siphoning of funds from the exchequer.
We found 615 entries deleted from the system. There were instances where entries
related to particular transaction were deleted in entirety.
The deleted transactions and the impact of the same is already in the media and the
effect of the same is in public domain.
3.2. Findings
The deleted transactions were analyzed in detail We found that the transactions deleted
in the oracle software were duly paid as per the bank statements in our record.
An analysis of the deleted transaction data was competed to identify the extent of the
deletions and any trends or patterns.
The database analysis identified 132 voucher journals and 234 payment vouchers
deleted from three ministries and different user ID’s were used to delete the same.
The highest value deleted transaction that was not paid was Rs. 10.5 crore. These
cheques may have been printed but not presented at the bank for payment and should
be cancelled.
A similar pattern revealed while verifying the payments to various districts and rural
authorities.
Page 1 of 24
3.3. Summary
The username IDs of five personnel’s is used to delete the financial transactions &
information from the Oracle financial management system.
Not all the deleted transactions show withdrawals in the bank statements.
The payment made to various companies were vouched for its accuracy.
• Instances have been found that companies were not having track record of
working in the similar line of business.
• We have observed few dormant accounts which were activated only and after
this contract i.e. this contract was the reason of reactivating the bank accounts.
• In most instances, account balances were either zero or overdrawn prior to the
deposit.
• The companies observed had linkages with few ministry personnel’s where
their relatives were found to be the Directors or were controlling the
Page 2 of 24
management of such companies.
Company Rs (Crores) %
1 154.81 38.70%
2 10.00 2.50%
3 5.60 1.40%
4 2.40 0.60%
5 3.60 0.90%
6 36.20 9.05%
7 77.90 19.48%
8 102.34 25.59%
9 7.15 1.79%
Total 400
Report ends.
4. Disclaimer
The data above is hypothetical and does not relate any way with the actual findings
other than the links which are purely from google search. The same is only developed
for the project preparation for the Institute of Chartered Accountants of India.
Page 3 of 24