Report No.102796-ZW Assessment of the Zimbabwe Public Finance Management system for investment lending projects May 2015 A Currency unit = United States Dollar (As of February 11, 2015) Financial Year or Fiscal Year (FY): January 1 to December 31 Acronyms and Abbreviations AcG Accountant General AcGD Accountant General’s Department ACL Audit Common Language AFTFM Africa Technical Financial Management AFDB African Development Bank AG Auditor General CAATs Computer Assisted Auditing Techniques/Tools CIA Chief Internal Auditor CIFA Country Integrated Fiduciary Assessment CO Controlling Officer CRF Consolidated Revenue Fund DFID Department for International Development (UK) DMFAS Debt Management and Financial Analysis System FMR Financial Monitoring Report FRA Fiduciary Risk Assessment GGODR Governance Global-Practice Office of the Director GoZ Government of the Republic of Zimbabwe HRMIS Human Resource Management Information System ICT Information Communication Technology IDEA Interactive Data Extraction and Analysis IFMIS Integrated Financial Management Information System IMF International Monetary Fund ISN Interim Strategic Note INTOSAI International Organization of Supreme Audit Institutions IPSAS International Public Sector Accounting Standards LOA Loans Department MDA ministries, Departments and Agencies (of government) MOFED Ministry of Finance and Economic Development NDF National Development Fund OAG Office of the Auditor General PAC Public Accounts Committee (of Parliament) PAD Project Appraisal Documents PAYE Pay As You Earn (Employment Tax) PDO Project Development Objective PFM Public Financial Management PFMA Public Financial Management Act PMG Pay Master General RBZ Reserve Bank of Zimbabwe 1|Page SAP Systems, Applications and Products in Data Processing TSA Treasury Single Account UCS Use of Country Systems UNDP United Nations Development Program USAID United States Agency for International Development WBG World Bank Group ZIMFUND Zimbabwe Multi-Donor Trust Fund managed by AFDB ZIMREF Zimbabwe Re-Construction Fund managed by World Bank Vice President: Makhtar Diop Country Director: Guang Zhe Chen Country Manager: Camille Nuamah Task Team Leader: Daniel Yaw Domelevo 2|Page Table of Contents Acronyms and Abbreviations ................................................................................................................ 1 Executive Summary ............................................................................................................................... 2 Summary of findings and proposed measures ....................................................................................... 4 Introduction .......................................................................................................................................... 11 Objective of the assessment ................................................................................................................. 11 Rationale for Using Country FM Systems ........................................................................................... 12 Scope and Methodology ...................................................................................................................... 12 Overview of The Country and Public Financial Management ............................................................ 14 Country and Economic Background .................................................................................................... 14 Overview of Public Financial Management in the Country ................................................................ 16 Fiduciary Risk Assessment in Using Country FM Systems ................................................................ 16 Planning and Budgeting ....................................................................................................................... 17 Accounting and Reporting ................................................................................................................... 22 Treasury management and Funds Flow ............................................................................................... 25 Internal Controls and Audit ................................................................................................................. 31 External Audit ...................................................................................................................................... 34 Payroll and Other factors affecting fiduciary risks .............................................................................. 37 Way Forward ....................................................................................................................................... 39 Annex 4: Risk Concepts....................................................................................................................... 46 Executive Summary 1. This study was undertaken under the leadership of the Ministry of Finance and Economic Development (MOFED) to assess fiduciary risks in using country financial management (FM) systems1 in full, or in part, for implementing Donor and Bank-financed investment projects in Zimbabwe and to identify risk mitigation measures required for such use. Fiduciary risk is the risk that Bank funds (or donor funds) will not be used for their intended purposes or that they will be used without due attention to economy and efficiency. In projects using country FM systems, Bank funds are potentially commingled with the country’s own funds; therefore, a fiduciary risk assessment also needs to consider broader country PFM risks that could affect the fiduciary risk. This assessment uses a risk-based approach consistent with the interim guidance note issued by the FM Sector Board in 2009, entitled “Assessment of Fiduciary risks in the Use of Country FM Systems in Bank-Financed Investment Projects�; and supplemented by the Framework Methodology for Channeling Investment Lending Projects through Country Financial Management Systems (attached as Annex 3 to this report) and the approach used for regular FM assessments. The risk- based approach provides a ranking of the fiduciary risks to be managed as High, Substantial, Moderate, or Low.2 The decision to use country systems for a specific project then rests with the project's task team, guided by the country management team, after taking into account this fiduciary risk assessment and other factors such as the nature and complexity of the project and an assessment of implementing entities. 2. The team first undertook a desk review of reports and publications relating to public financial management in Zimbabwe, then held interviews with government officials during the field visit to carry out a detailed assessment of the financial management arrangements covering budgeting, accounting, internal control, funds flow, financial reporting, and auditing. The findings were discussed by the assessment team with key government officials and Development Partners. 3. Zimbabwe has made progress in strengthening its public financial management systems (using the 2012 CIFA report as an analytical base); however, some challenges remain. Some areas needing focused attention include: improving discipline in budget management; managing expenditure arrears; strengthening payroll controls; strengthening internal and external audits; and improving the demand side of accountability and transparency. 4. An enabling legal framework and the mechanisms to fight corruption are in place. However, corruption remains an area of concern in Zimbabwe. Enforcement of legislation is a major challenge in the fight against corruption. In view of the generalized challenge of compliance with rules and regulations, which cuts across public and private sector entities, experience has shown that even ring- fenced arrangements are not immune to problems related to poor compliance allied with fraud and corruption. To mitigate this risk, it is recommended that even when the projects are on budget, they should still continue to maintain their separate bank accounts, outside of the consolidated fund. The projects’ funds should not go through the normal budget release process of the MoF. The respective ministry/project authorities should have control over their project funds for entering commitments, 1 1 Country FM systems means a country’s national budget systems, accounting and reporting systems, internal control and internal audit systems, treasury and funds flow systems, and audit by its supreme audit institution. This study does not cover systems used by local governments or state- owned enterprises nor public procurement aspects. 2 Residual Risk – is the combination of the inherent and control risks in the country’s PFM system as mitigated by combination of government’s efforts in PFM reforms, the proposed mitigation measures and Bank supervision effort. In line with the FM Sector Board’s FM Practices Manual, FM risk is rated as Low (L), Modest (M), Substantial (S) or High (H). and approving invoices and payments. There should be intensive project monitoring and supervision and the implementation support provided by FM and Procurement Staff of the Bank should also be intensified. 5. The assessment shows that there are several weaknesses in the country’s financial management (FM) system. If the mitigation measures recommended in this report are implemented, the FM system could be used for development-partner-investment project-financing and it would improve fiduciary risk management for all funds. On the specific components of the PFM system, recommendations on the appropriateness of country systems for donor-financed projects are as follows:  The review team recommends the use of the Office of the Auditor General to audit donor projects as the beginning point.  The use of the budgeting system can continue at the current level where expenses related to donor projects (carried out themselves or through non-governmental agencies) are incorporated into the national budget and are also disclosed in the financial reports.  With an improvement in the internal controls (especially the security, reliability and integrity of the IFMIS), the budget execution, accounting and reporting, treasury and cash management systems of Government could be used for projects.  The Internal Audit function is in a nascent stage and, as such, it can provide little protection and security in terms of its internal oversight mechanism in its present form. 6. The Government and donors are encouraged to implement the mitigation measures stated in the report in order to further reduce the risk of using the country’s financial management system and enhance the reliability of the systems; there could thus be significant savings and cost-effectiveness in moving from donor systems and ring-fenced implementation arrangements to a focus on improving the capacity of ministries and central government systems. The merits and demerits of using country systems and the use of implementing agencies are summarized below. Table 1. The Current FM Arrangements and Use of Country Systems compared Current situation (Outside national systems) Proposal (national procedures) Advantages Advantages - Budget tracking by donors - Completeness and consistency of the - Availability of data facilitated by quarterly national budget with the integration of a budget monitoring project financed with external resources Budget Disadvantages/risks Disadvantages/risks - Incomplete budget execution. - Delays in the availability of budget - Negative impact on public financial information management performance - Cumbersome procedures if a mid-term - Risk of inconsistency between the national adjustment is required. budget and the budgets of externally funded - Possible use of project funds for other projects activities Advantages Advantages - Efficient banking services - Optimal cash flow management, Treasury/ Cash flows - Traceability of resources substantial savings - Uniform procedures for internal control over cash flows (bank reconciliations, etc.) Disadvantages/risks Disadvantages/risks - Lack of government control over these cash - Delays in payment processes (Treasury accounts. department services) - Sub-optimal cash flow management (surplus cash remains held in commercial banks) - Multiplicity of designated accounts, increased 3|Page control risks Advantages Advantages - Preparation of project financial statements - Complete and comprehensive national within the set deadlines accounting data - Reliable audit trail Accounting Disadvantages/risks Disadvantages/risks - Manipulation of accounting data - Possible delays in availability of financial - Poor quality of accounting data statements Advantages Advantages - A more secure internal control system with better segregation of duties Internal control/ Disadvantages/risks Disadvantages/risks - Weak internal control and internal audit - Internal audit units may not cover all Audit system operations usually due to non-availability - Accumulation of incompatible functions of funds - Non-compliance with public finance - Inadequate skills within government management rules inspectorate staff Advantages Advantages - Compliance with deadlines for submitting - Enhanced degree of independence audit reports - Broad audit scope (financial statements, External audit quality of management, performance) Disadvantages/risks Disadvantages/risks - Limited degree of independence (recruitment - Lack of recourse if the Office of the by project management units) Auditor General fails to meet deadlines- - Poor quality external audit reports with little this can be managed using joint audits or added value delegation of the audit to audit firms supervised by the Office of the Auditor General Summary of findings and proposed measures 7. The assessment focused on reviewing the following elements of UCS: Planning and budgeting; accounting and reporting; treasury management and funds flow; internal controls and internal audit; external audit and staffing. The risk ranking and proposed mitigating measures for each element are summarized in the following paragraphs. 8. Planning and Budgeting Currently, donors do not use country systems for budgeting. The risk rating for the current systems used by donors for their projects is substantial. Development assistance in Zimbabwe is largely outside the Government budget, and the methodology varies from donor to donor. Some donors undertake the implementation using their own systems while others use non-governmental agencies. The merit in this approach is that donors can monitor the disbursement rate of their individual contributions. The greatest disadvantage of the current system is that it hinders transparency and accountability because, in most cases, no one knows the total resource envelope available to a ministry, department or agency. This can allow for double-dipping or gaps in financing. Not all the funds go to the intended beneficiaries because the NGOs or the intermediaries used to implement projects do not have sufficient oversight over the projects; and, in other cases, their fees and reimbursable expenses take a material percentage of the funds away from the intended beneficiaries. 4|Page 9. There is substantial risk that donor funds may not be used for their intended purposes if donor- financed projects are moved onto the national budget for appropriation; i.e., if the funds are deposited into the National Development Funds earmarked for use through the treasury system. In the past, information about donor-funded projects was not disclosed in the national budget but the 2015 budget estimates show some donor-funded projects at the ministry levels. This information captured in the national budget is for disclosure purposes only and not included in the Appropriation Act. The budget preparation process is reasonably participatory, starting with call letters and consultations with sector ministries and other key stakeholders-- including Parliament and the public. The national budget is usually submitted to Parliament and approved before the beginning of the fiscal year. The budget estimate for 2015 was approved on December 20, 2014,3 and, in addition to the appropriated Consolidated Revenue Fund, it captures the revenues and expenditures of ministries, Departments and other spending Agencies’ (MDA) internally generated funds (called statutory funds), as well as some donor funded projects. It is estimated that the donor projects information captured in the budget is less than sixty percent. The team noted the improved relationship between the Government and donor nations as a result of which donors are willing to provide information about development assistance and also channel their support through multi-donor trust funds (such as ZIMFUND and ZIMREF). In some cases, donors are ready to provide direct aid to the Government.4 The MDA need to identify all projects to be funded using their statutory funds and those of donors and ensure that budget estimates for such projects are included in the budget at the level of the individual project and in a timely manner. The MOFED should intensify its donor coordination efforts to ensure that information on planned and actual project support from Developing Partners is collected and disclosed in the budget. Overall, if the mitigating measures are implemented there would be moderate risk that donor-funded projects are not correctly and completely reflected in the budget. Accounting and reporting 10 The risk-rating for the current accounting and reporting system used by donor projects is moderate. Current accounting and reporting systems used vary from project to project and are designed to respond to the information and reporting needs of the donors. The merits of this approach are that the reporting is generally done on time; and the standards are acceptable to the donors-- in some cases, it is the donors’ internal accounting and reporting systems. The disadvantage is that the accounting standards, the chart of accounts, the accounting policies and classifications may differ from that of the Government-- to the extent that one simply cannot consolidate or reconcile the two. In some cases, the accounting and reporting systems are internal to the donor and no information is available to the Government. Also, there is a risk that the accounting systems used are not secure (from an IT point of view). 11. The overall risk of using a country’s financial management system for accounting and reporting for donor projects is substantial. The existing legal framework stipulates reporting requirements for the Government. The existing integrated financial management information system (IFMIS) uses SAP –EC 6 Enhancement Package 7 for budget execution, accounting and reporting. The IFMIS is capable of tracking budgets and expenditures online and producing monthly, quarterly and annual financial statements. To enhance reliability of the IFMIS system, there was an independent security audit of the IFMIS in 2012 by SAP South Africa and an IT audit by the Office of the Auditor General (OAG) in 2013. There is the need to continuously validate the robustness of the system controls. Therefore, it is recommended that the OAG should repeat its audit of the system on an 3 http://www.herald.co.zw/parly-approves-budget/ 4 http://reliefweb.int/report/zimbabwe/eu-resumes-direct-aid-zimbabwe 5|Page annual basis. It is also recommended that the independent security audit should be done every two years. 12. The use of the IFMIS is prone to delays because it is not available at the district level and spending units have to commute to Provincial offices to process expenditures through IFMIS in order to spend their budget appropriations. In addition, information relating to projects and activities funded from statutory funds and donor funds are not captured in the system. The Grants Management Module of the IFMIS has been activated and should be used by all MDA to track statutory and donor funds. The government and UNDP have agreed to pilot three grants (of the Global Fund) by using this module to track the disbursements into Government accounts and associated expenditures. The Chart of Accounts has been revised to allow the grant management module to facilitate budgeting, accounting and reporting on projects funded by donor and statutory funds. The revised Chart of Accounts will enable preparation of customized reports for donors, including the interim unaudited financial reports required by the Bank. As the Government prepares to install the Business Intelligence Module of the SAP on the IFMIS, the generation of reports to meet the needs of Development Partners will become even easier and interim unaudited financial statements should be generated in a more timely manner. In other words, the ministries will be able to report on donor-funded projects on a quarterly basis and statutory funds on a bi-annual basis as required by the PFMA. In addition to installing the Business Intelligence Module and the Grant Management Module, the IFMIS needs to be rolled out to the districts in order to facilitate timely capturing and reporting of expenditures. Overall, the residual risk that financial information may not be accurate, timely and reliable will be moderate once the implementation of the grant management module in the IFMIS is completed and rolled out to all the ministries and districts. Treasury management and funds flow 13 The risk rating for the current systems used for treasury and funds flow by donor projects is moderate. Currently, almost all development assistance happens outside the treasury and funds flow system of the Government. Projects open their own accounts in commercial banks into which disbursements are made in order to finance the activities of the various projects. In some cases, donors simply buy goods and consulting services on behalf of Government. The merits are that funds are usually available on time and may be used for the intended purposes-- except for the large percentage that usually goes to intermediaries. The disadvantage is that such funds (especially when held by the donor) get re-allocated when the priorities of the donor change. In several cases, amounts promised by donors are not disbursed—for reasons unrelated to the project. Also, Government cash balances do not benefit from these funds, which generates additional costs for the Government. 14. This risk of using the treasury management and funds-flow system of Government for management of donor projects is rated moderate. The PFMA has no specific provisions to prevent the Government from rationing the transfer of funds to a donor project. If project funds are commingled with Government funds using the National Development Fund (NDF)5, it seems likely that this risk could materialize. Furthermore, the Government requires that the Bank Accounts for ministries and other spending agencies be kept at the Reserve Bank; hence, balances on project accounts funded from statutory funds and donor-support may be swept into the Pay Master General Account at the end of the fiscal year.6 Section 31 of the PFMA provides that all appropriations 5. The NDF is being set up as an account into which all donor funds will be deposited before a transfer is made into the proje cts’ accounts except in situations where the project does not maintain a separate account. 5. Section 31 of the PFMA provides that every appropriation by Parliament of public money for the service of a financial year shall lapse and cease to have any effect at the close of that year, and the unexpended balance of any moneys withdrawn from the Consolidated Revenue Fund shall be repaid to the Consolidated Revenue Fund. 6|Page elapse at the end of the financial year-- but this provision is specific to appropriated funds from the Consolidated Revenue Funds and should not impact unutilized project funds at the end of a particular fiscal year. Notwithstanding, the PFMA does not have any provisions which make it an offence to violate this rule. The Minister of Finance needs to clarify in the Regulations (1) the rules for virement as required by Section 78(n) of the PFMA; (2) state clearly that the ‘lapsing’ rule in Section 31 does not apply to donor and statutory funds; and, (3) indicate existing sanctions provided for in Zimbabwean laws that would apply should donor funds be diverted from their intended purpose. There should be automatic roll-over, to the following fiscal year, of the balances of donor and statutory funds that have already been earmarked to finance specific project activities. It is recommended that donor funds should be protected in designated accounts outside the NDF to be held in commercial banks independent of Government. With improved controlled environment, these funds may then flow through the NDF. If the proposed mitigating measures are implemented, residual risk is expected to remain moderate. Internal Control and Internal Audit 15. The risk rating for the internal control and auditing currently used by donor projects is moderate. The size of the team available to manage donor projects is usually small and the segregation of duties gets compromised in order to cut down on cost. It is usual to find one or two staff handling all the financial issues of a project, and transactions that should naturally be handled by different persons get handled by one individual. Many projects do not have internal audit staff to provide independent assurance that the project’s risk management, governance and internal control processes are operating effectively. The normal solution is to outsource the internal audit to accounting firms, which can lead to issues of independence and quality. 16. The risk that the internal audit system of Government is unable to provide assurances on the financial administration and compliance with the procedures for donor projects is substantial. Internal audit function across the Government remains weak, and the ability of internal audit function to assess, with reasonable credibility, the cost-effectiveness of any projects undertaken by the ministry is limited. In its present structure, depth and coverage, it provides very limited assurance on the Government’s internal oversight mechanism to Donor agencies. To mitigate the risk, it is recommended that there should be an immediate capacity-building effort in regularity audits, performance audits, risk-based audits and systems audits.7 It is also recommended that changes be made in the legal framework to: (i) ensure independence and professionalism in internal auditing; (ii) establish a Central Unit or Agency with the mandate to oversee internal auditing in the public sector, provide guidance, quality assurance, and follow-ups on audit findings; and, (iii) establish the reporting relationship between the Internal Audit, the Controlling Officers and the Central Unit. If the recommended mitigating measures are implemented, the residual risk that internal audit may not provide assurance of robustness and compliance with internal controls would be moderate. External Audit 17. The risk of the arrangements currently used for external auditing of donor projects is rated moderate. For donor projects that use implementing agents, the external auditing is done by private accounting firms. The merits in using these firms are that the reports are produced on a timely basis and are usually of reasonable quality-- the firms coming with experience and lessons learnt from many other projects they audit. The disadvantage of utilizing private accounting firms is that their scope is limited to the specific project and they may not be able to expand their scope to cover other 7 The GoZ may have to prioritize and fund this capacity building effort- the pipeline Public Financial Management Enhancement Project provides a good opportunity to address the capacity gap in internal audit. 7|Page institutional settings and related projects that may help them get a broader perspective of the risk environment within which the project operates. Unlike the Auditor General, who has access at all times to the documents, accounting systems and financial management arrangements of the project, the private firms are not able to follow up on audit findings until the audit of another year is due. They are also not fully conversant with Government rules and regulations, and do not typically include a compliance paragraph in their audit opinions on financial statements. 18. The risk of the OAG not effectively playing an independent external oversight role for donor projects is moderate. The OAG has the key competencies to audit appropriated and statutory funds, as well as donor-funded projects. The Constitution, the Audit Office Act and Public Finance Management Act provide the regulatory framework and auditing requirements for Government entities and elucidate the role of the OAG. The team was informed that INTOSAI auditing standards are applied by the OAG. However, reviewed reports confirm that some of the requirements in the standards are not incorporated in the report; thus, the level of compliance with these standards needs to improve. Audited financial statements are required to be submitted to the legislature within six months after the end of each fiscal year, but this deadline has not been met. Audited financial statements for the year ended 2013, for example, were presented three months after the deadline. Though the AG’s office witnessed several improvements in the recent past, it still faces multiple structural, financial and operational challenges. To mitigate the risk: (i) regulations for the Audit Office Act should be made operational; and, (ii) the Bank should agree the audit terms of reference for Bank projects (including target dates for submission of audited financial statements to the Bank) with the Government and the AG during project negotiations. In addition, the AG’s Office needs additional-capacity building reforms8 that would enhance its level of compliance with INTOSAI standards. Residual risk is expected to remain moderate. 19. Staffing. It is clear that there is an insufficient number of competent public finance management practitioners in the country, leading to substantial inherent risk. Comparing the approved establishment list to numbers at post, there is a huge gap. For instance, while the Office of the AG has an authorized establishment strength of 334, only 257 are at post; Internal Audit has authorized positions for 450, but only 320 are at post. This gap was created as a result of the “brain-drain� that happened during and after the economic crises. Expenditures for salaries or personal emoluments is such that recruiting staff with specialized skills will be a challenge-- not just because of the numbers but because of the level of pay needed to retain them. In the long-term, there would be a need for public service reforms with initiatives to attract and retain suitably qualified practitioners-- and to empower existing personnel. A comprehensive capacity-development strategy should aim at developing a professional PFM cadre (planners, budget officers, accountants, auditors, statisticians, monitoring and evaluation officers).9 In the interim, it will be necessary for the AG, in particular, to partner with private sector auditing firms who can share some of the audit responsibilities. There will be a need to re-skill and retrain the audit staff to supervise audits performed by private firms and to collate the reports. The private-sector audit firms will also need exposure to public-sector accounting and financial management and public-sector auditing. These mitigating measures would help to bring the residual risk owing to staffing issues to moderate. 20. The legal framework in Zimbabwe. The risk that the legal framework may not protect project funds is substantial. The legal framework for public financial management needs to be enhanced because: a. To date, the regulations for the Public Finance Management Act (2009) (PFMA) have not been finalized (these are necessary to facilitate effective implementation of the 8 Same as 5 above 9 Most of these capacity gaps can be addressed by the pipeline PFM Enhancement Project 8|Page PFMA). The PFMA authorizes the Minister of Finance to make regulations to cover specific issues and provide details on how to comply with provisions of the Act. Sections 78 and 88 of the PFMA provide a list of issues that must be clarified by the Minister in regulations. Unfortunately, the PFMA has been in force for the past five years and the regulations are still in draft and do not cover all the issues listed therein. b. The PFMA does not have provisions or rules on virements -- the procedure to be followed and approvals needed before funds approved for one activity, entity or project can be used for another-- Section 78(n) provides that the procedure for virement should be included in the regulations; c. The PFMA needs to be amended for consistency with the Constitution; e.g., Section 28 of the PFMA should reflect Section 305 of the Constitution which allows the national budget to be submitted to Parliament earlier than the first of December. Late submission of the budget to Parliament and late appropriation may delay project implementation. d. The regulations for the Audit Office Act 2009 need to be finalized (they are still in draft mode). It is expected that the residual risk after amending the PFMA to address the concerns above would be moderate. 21. Recommended implementation steps are as follows: a. Discuss findings with the country management team. It is important to share the assessment report with the country management team and discuss the findings; this approach helps in reaching consensus on next steps and in getting the country systems agenda on the radar screen of the country management team. b. Incorporate the findings of the assessment report in the ISN. The next ISN should consider the use of country FM systems as one of the key goals of Bank support to the country; this provides strong incentives to the Government and a clear message to task teams. c. Reach agreement with the authorities on cross-cutting issues and proposed mitigating measures. The country team should reach agreement with Government authorities on such cross-cutting issues as modalities for ensuring a timely and credible flow of funds for project-implementation and for timely approval of Bank-financed projects--including, general formats of periodic and annual financial reports to be generated using the Government accounting system, and other matters outlined in the table above. Such issues need to be tackled on a portfolio-wide basis rather than project-by-project. d. Focus Bank/donor support to the Government’s PFM reform program. It would be important for the team to review how the PFM reform program also supports the use-of- country-system agenda. e. Carry out supplementary FM assessments for pipeline investment projects. Despite apparent uniformity in structure and systems, ministries and departments might vary in their actual practices and capacities. For each project, therefore, it would be important to supplement the results of the assessment of central institutions and systems with an assessment of implementing ministries/institutions. Task teams may seek inputs from INT’s Preventive Services Unit in designing specific corruption-risk mitigation measures. 9|Page f. Ongoing monitoring of country fiduciary risks. As PFM diagnostics are updated (for example, when a repeat PEFA assessment is carried out), it will be good practice to update the fiduciary risk assessment report. 22. Supervision of Projects Using Country FM Systems. Use of country PFM systems would result in streamlined supervision activities, focusing on sector-specific performance and issues. In addition, it is expected that the current weaknesses in internal controls (including internal audit) and external audit arrangements will require focused capacity-development support to reduce risk levels, over time, to a more acceptable standard. The Bank’s implementation review and enhanced project- implementation support will continue until such time as sufficient confidence is built into the Government’s mechanism for monitoring and supervision of projects-- together with improved independence and professionalism in audit oversights. 10 | P a g e INTRODUCTION Background 23. The Bank’s Operational Policy (OP) 10.00, Investment Project Financing (paragraph 6 on Financial Management), provides clear direction for the use of country systems by stating that, where feasible, the Bank will use existing financial management (FM) arrangements that are an integral part of the borrower’s institutions. The current strategy to use country systems is consistent with that policy, and, indeed, integral to a number of policy initiatives that have been adopted within the Bank and at the global level over the last few years; e.g., the Paris Declaration and the Accra Action Agenda. The Bank’s Governance and Anti-Corruption (GAC) Strategy also states that the World Bank Group (WBG) will strive to strengthen, rather than bypass, country systems.10 It is recognized that better national institutions are a more effective and long-term solution to governance and corruption challenges and to mitigating fiduciary risks for all public money-- including that provided by the Bank. Although the Bank has made some progress in the use of country FM systems for implementing Bank-supported projects, there is a need to accelerate and deepen efforts in this regard. 24. This work assumes additional significance in view of the targets specified in the Paris Declaration to which the Bank is a signatory. As of 2010, the Paris Declaration aimed at a two-thirds reduction in the percentage of aid to the public sector that does not use partner countries’ public financial management (PFM) systems. The Accra Agenda for Action, adopted by donors and partner countries in 2008, reiterates the importance of using country systems and exhorts donors to accelerate and deepen that use and to explicitly state the reasons when not using the country system. Given the considerable attention to reform and development of Public Financial Management (PFM) systems in recent years, the Bank believes that the objective of encouraging use of country PFM systems can now be successfully pursued. This study is to assess the feasibility of using country FM systems for implementing Donor and Bank-financed projects in Zimbabwe. Objective of the assessment 25. The objectives of this study are to: (a) assess fiduciary risks in using country FM systems in full, or in part, for implementing Bank-financed investment projects in Zimbabwe; (b) identify any risk mitigation measures required for such use; (c) agree how the Bank can assist the Government to strengthen the aspects of the system which need improvement before they can be used; and, discuss relevant implementation issues with the Government, and the Country and Sector teams, including transition measures if any. Development Partners will also be better informed to take concrete actions to meet the commitments made in the Accra Agenda for Action (AAA), especially: “We will strengthen and use developing country systems to the maximum extent possible.� It is hoped that this report will help the Government of Zimbabwe (GoZ) to harmonize donor practices similar to that achieved by Vietnam-- as indicated in the report on ‘Harmonizing Donor Practices for Effective Aid Delivery’, OECD (2003). 10 “Country systems can be defined as a country’s normal institutional arrangements and processes for financial management�; s ee Making Greater Use of Country Financial Management Systems: An Approach Note, Financial Management Sector Board, May 20, 2004. In practical terms country FM systems means country’s national budget systems, accounting and reporting systems, internal cont rol and internal audit systems, treasury and funds flow systems, and supreme audit institution. 11 | P a g e Rationale for Using Country FM Systems 26. There are several important reasons why the Bank should use country FM systems to implement Donor and World Bank- financed projects:  Scale up development impact. Capacity-building efforts within a Project Implementing Unit (PIU) often do not strengthen the ministry where the PIU is located, and using PIUs can also reduce the sustainability of results. Development assistance can have a broader impact, well beyond the activities it funds directly, if its work more systematically strengthens the country’s systems and practices themselves, and results in improved systems that can be used for all government expenditures.  Increase country ownership. Client ownership is higher when projects use the systems already in place in the country. Using country systems also aligns the incentives of recipients and the Donors to strengthen these systems and closes the gap between policy and actual practice, thus helping to ensure sustainable development impact.  Build capacity. The use of a country-system approach focuses attention on whether that system follows broadly accepted “good practices� and whether the country has the capacity to successfully implement and sustain implementation of such practices. Thus, it brings capacity- building to the forefront of the interactions among borrowers, the Bank, and other Development Partners who support the use of country systems, with immediate benefits at the project level. It can also form the basis of larger-scale programs to enhance the borrower’s institutional capacity over the longer term.  Facilitate harmonization. Using country FM systems is one of the most appropriate ways to achieve harmonization among different donors.  Increase cost-effectiveness. Using the country’s FM systems reduces transaction costs to the country—for example, the costs involved in creating new structures, often staffed with highly paid consultants. Scope and Methodology 27. The Bank team conducted a field visit from January 25 to February 7, 2015 to establish a dialogue with stakeholders after carrying out a desk review of existing PFM systems in Zimbabwe. During the field mission, interviews were conducted with officials from the MOFED11 , the Public Service Commission, Salary Services Bureau, the Auditor-General, Reserve Bank of Zimbabwe, Public Accounts Committee, Ministry of Health and Child Care, Ministry of Agriculture, Mechanization and Irrigation Development, Ministry of Information Communication Technology, Postal and Courier Services, the Acting Clerk of Parliament, the Chairpersons of the public accounts committee and the Budget and finance committee, and all major international donors. Relevant examples from other regions of the Bank were considered as part of the desk review. In addition, the assessment drew on available sector work in the area of public financial management (PFM) in Zimbabwe, particularly the Country Integrated Fiduciary Assessment in 2012; but, more importantly, the team also considered new developments in PFM systems since 2012. 11 the Accountant General Department; National Budget; Fiscal Policy, Advisory Services & Investment Facilitation, Debt Management, Revenue, International Cooperation, Financial & Capital Markets; and Internal Audit 12 | P a g e 28. This assessment uses a risk-based approach, consistent with Use of Country FM Systems methodology and the approach used for regular FM assessments in the Africa region. The risk-based approach does not provide a “go/no go� answer to the question of whether country FM systems can be used; rather, it provides a ranking of the fiduciary risks to be managed as High, Substantial, Moderate, or Low. The decision on using country systems in a specific lending project then rests with the task team, guided by the country management team, after taking into account this fiduciary risk-assessment and other factors-- such as the nature and complexity of the project and an assessment of the implementing entities. 29. This assessment focuses on the fiduciary risks in using Zimbabwe’s central government institutions and systems, such as the Integrated Financial Management Information System (IFMIS), the central treasury system and the central government accounting system, in Bank-financed projects. It is, however, important to note that, despite apparent uniformity in structure and systems, there is wide variation in actual practices and capacities across various ministries and departments. It will therefore be important to supplement the results of this assessment with the fiduciary assessments of implementing ministries and departments when considering a specific project. 30. This review does not cover systems used by local governments or state-owned enterprises (Parastatals). However, the methodology and approach used in this review could be replicated at the local government level. This review focuses on FM issues and excludes procurement-related issues. Acknowledgments 31. The Practice Manager, Patricia Mc Kenzie (GGODR) and the Zimbabwe Country Management Unit have authorized this study to assess the feasibility of more complete use of country FM systems for implementing projects in Zimbabwe. It has been reviewed by Renaud Seligmann, Practice Manager, (GGODR). 32. The team, comprising Daniel Yaw Domelevo (Senior Financial Management Specialist, GGODR), Khuram Farooq (Senior Financial Management Specialist, GGODR), Srinivas Gurazada (Senior Financial Management Specialist, GGODR), Trust Chamukuwa Chimaliro (Financial Management Specialist, GGODR) MacDonald Nyazvigo (Senior Finance Assistance) and Rosa Dube (Financial Management Specialist, GGODR), gratefully acknowledges the extensive cooperation and assistance of officials of the Government of Zimbabwe (GoZ) and contributions from colleagues in the Zimbabwe Country Team. 13 | P a g e Overview of the Country and Public Financial Management Country and Economic Background 33. Zimbabwe is a landlocked country sharing borders with South Africa, Mozambique, Botswana and Zambia. It is a low income country with a GDP of US$12.80 billion, Gross National Income per capita of US$820 and a population of 14.15 million (2013 estimates). The country has, over the past five years, emerged from nearly a decade of economic decline. Between 1999 and 2008, the economy contracted by an estimated 45 percent and experienced hyperinflation due to disruptions caused by the land reform program and flawed macroeconomic policies. The country’s economy rebounded in 2009 as GDP grew by 25.2 percent between 2009 and 2011 (a constant annual growth rate of 7.8 percent). GDP growth slowed down to 4.6 percent in 2012, 2.9 percent in 2013 and is forecast to reach 2.0 percent for 2014.12 The country remains vulnerable to shocks and adverse weather conditions. The 2013 poverty report, covering the period 2011-2012, revealed that 72.3 percent of Zimbabweans are poor.13 The report further reveals rural areas are poorer-- with 84.3percent of rural dwellers considered poor; 62.6percent of rural households considered poor; and 16.2percent of them living in extreme poverty. The social sector (especially health and education) is constrained by declining public financing, the introduction of informal fees and levies, an acute shortage of relevant personnel and logistics. 34. In March 2013, Zimbabwe adopted a new Constitution. This was followed by general elections held on 31 July, 2013, which saw the re-election of the incumbent President, Robert Mugabe-- whose party, ZANU-PF also won a Parliamentary majority. The GoZ has prepared a five -year recovery program, the Zimbabwe Agenda for Sustainable Socio-Economic Transformation (Zim-Asset),14 which focuses on four strategic clusters: (i) Food Security and Nutrition; (ii) Social Services and Poverty Eradication; (iii) Infrastructure and Utilities; and, (iv) Value Addition and Beneficiation. In June 2013, Zimbabwe signed an IMF Staff-Monitored Program. This followed the lifting of IMF Board Technical Assistance (TA) restrictions in October 2012. Further, the first SMP was successfully concluded in late 2014 and a new fifteen- month SMP approved by IMF management in October 2014. 35. Zimbabwe exhibits both the characteristics of a middle income country and those of a fragile state. The country is not a typical “fragile�. The country has high levels of backbone infrastructure and human capacity on the one hand, but it has lost institutional capacity, especially in core government functions to deliver services to citizens; reduced capacity in the private sector, and limited capacity to resolve political and economic challenges also cloud the country’s future. Owing to the degradation of its institutions, the country has difficulty managing political, economic, and external stresses that reignite political conflict and economic vulnerability. The World Bank and development partners have been supporting analytical work in public and private sectors of the economy while also providing technical assistance in the public sector. This provides a foundation for direct engagement with the public and private sectors as Zimbabwe 12 http://data.worldbank.org/country/zimbabwe 13 Zimbabwe National Statistics Agency (ZimStat) 14 See paragraph 17 for the link between the ZIM ASSET and the project 14 | P a g e continues to move toward re-engagement. 36. Prior to the onset of economic decline, the GoZ was in the process of strengthening the building blocks of the PFM system, largely through the implementation of IFMIS in 1999. The IFMIS supports the basic financial management functions for the Consolidated Revenue Fund (CRF). It runs on a central database against a standard chart of accounts, with centralized oversight and control by the Accountant General (AcG) and decentralized data input by line ministries. IFMIS brought about a fair level of systemic budget control, accounting and reporting. It enabled the production of budget reports in real time-- allowing timely dissemination of budget reports to all line ministries, and timely annual financial statements. Commitments and payments were measured against budgets captured in the IFMIS. The Reserve Bank of Zimbabwe (RBZ) provided banking services to Government and the bank accounts were controlled by the Accountant General’s Department (AcG). This was a traditional system of a main Exchequer Account, main Paymaster-general (PMG) Account and sub accounts for line ministries which were managed on a Single Treasury Account basis. Bank reconciliations were done manually, mainly for technical reasons at the RBZ. Procurements above a certain threshold were administered through the State Procurement Board, since the enactment of the Procurement Act of 1999, which was later supported by the Procurement Regulations in 2002. Payroll control was centrally handled by the Salary Service Bureau. Data on domestic and external debt was recorded on the Debt Management and Financial Analysis System which is not integrated with IFMIS. 37. Due to major political crises, the economic melt-down and the resultant hyperinflationary environment during the years leading to 2009, the PFM system became dysfunctional. IFMIS was replaced by manual authorization, payment, accounting and reporting procedures. In 2009, the first National Budget Statement was presented in three currencies: USD, South African Rand (ZAR) and Zimbabwe Dollar (ZWD). In January 2009, centralized measures to limit budget payments to actual government revenues were implemented and quasi-fiscal operations of the RBZ were suspended. During the early part of 2009, owing to limited revenue inflows, Government payments were principally limited to its wage bills. 38. Owing to the relative economic stability that the GoZ had achieved in 2009, it focused on reforming its public financial management systems again. The management of the PFM system is mainly concentrated within MOFED-- with the exception of public procurement management which is vested in the State Procurement Board. Within MOFED, the Permanent Secretary has overall responsibility for public financial management (PFM) while the Principal Director has responsibility for budget planning and execution and the AcG is responsible for the IFMIS, treasury duties, internal controls, and production of timely and appropriate management and financial accounts. Within the MDA, the Controlling Officers have overall responsibility for effective PFM and are assisted by the Finance Directors. 15 | P a g e Overview of Public Financial Management in the Country 39. The legal framework that governs management and control of public finances in Zimbabwe mainly consists of the Constitution, the Public Finance Management Act 2009, the Audit Office Act 2009, the Public Procurement Act 2001, and regulations issued by the Minister of Finance. The main legal framework within which Public Financial Management (PFM) is exercised is the Public Finance Management Act, 2009 (PFMA). The PFMA specifies the responsibilities of the Minister of MoFED together with the powers he or she may delegate to senior officials. The Act also defines the responsibilities of the Secretary and Paymaster-General (PS), the Accountant-General and Accounting officers. The appointment and roles of Accountant-General, Internal Auditor and Audit Committees are also set out in the Act. MOFED has the main responsibility for PFM. 40. Section 80 of the PFMA provides that the Public Service Commission may assist the Treasury in carrying out its duties by appointing an officer of the Public Service as an internal auditor to any ministry or any reporting unit of a ministry. The Internal Audit has no central unit or body that oversees its functions across ministries. The internal audit is currently operational in all central government entities but has not benefited from any significant capacity-building in the recent past. Training is required in order to shift focus from pre-audit to a risk-based approach and systems audit. Adoption of international auditing standards and methodologies are necessary to ensure improvement in internal auditing. Internal audit reports do not follow a fixed plan and once completed they are distributed to the audited entity, Auditor-General, Principal Secretary and audit committee. Generally, there are notable weaknesses in follow-up on Unit recommendations by management and controlling officers. 41. The Constitution, Audit Office Act, and the PFMA define the responsibilities of the AG. The AG is appointed by the President and approved by Parliament with the mandate to audit and report on accounts and records of Government ministries, Parastatals and other statutory bodies-- including local authorities. The AG undertakes financial and performance audits. The office budget is under MOFED and its employees were part of civil service (recruited by Public Service commission) until the operational applicability of the Audit Office Act, separating the AG and the staff from the public service. In addition, the fact that the AG reports to Parliament through Ministers15 impacts on office independence (in reference to the rules of INTOSAI – LIMA declaration). Fiduciary Risk Assessment in Using Country FM Systems The Bank’s Operational Policy (OP), set out in OP 10.0 for Investment Project Financing,16 provides that the Borrower or Implementing Entity maintains-- or causes to be maintained-- financial management arrangements that are acceptable to the Bank and that, as part of the overall arrangements in place for implementing the project, provides reasonable assurance that the proceeds of the Bank Loan, the proceeds of the Bank-guaranteed debt or Bank-guaranteed payments are used for the purposes for which they are granted. Fiduciary risk-assessment, for the purpose of this report, covers five aspects of the country FM system: (a) Budgeting, (b) Accounting and Financial Reporting, (c) Treasury Management and Funds Flow, (d) Internal Controls and Internal Audit, and (e) Audit and Oversight 15 The audit report on the consolidated financial statements goes through the Minister of Finance and that of ministries and agencies go through the Minister responsible. 16 Financial Management paragraph 6 of OP 10.00 16 | P a g e 43. Fiduciary risks refer to risks that project funds will not be used for the intended purposes and will not be used economically and efficiently. In the context of the use of country systems for implementing Bank-supported projects, fiduciary risks need to be analyzed from the larger prism of use of budget funds: funds are fungible, and Bank-provided funds are commingled with budget funds. 44. Consistent with definitions of FM arrangements and guidelines contained in the Bank’s Financial Management Manual, operations of these elements in Zimbabwe’s PFM system are assessed in detail below from a control risk17 perspective. Conclusions are drawn as to whether particular elements of the PFM system can satisfactorily be used for projects if areas that have been recommended for improvement are fully addressed so as to reduce the risks to a tolerable level acceptable to the Bank. Planning and Budgeting 45. The risks associated with the use of a country’s national budget system are: (a) inadequate appropriation of funds for the project; i.e., that the risks of annual budget appropriation are less than the estimated annual project cost included in the project implementation plan; (b) delay in budget approval and release-- the annual budget should be approved on time so that project procurement can be initiated and implementation carried out in a timely manner; (c) diversion of project budget funds to other activities; i.e., the risk that the amount appropriated to the project would be reallocated to other projects/activities during the course of the year; and, (d) rigidity in budget classification leading to difficulty in collating and monitoring project expenditures; i.e., budget classification system limitations in enabling tracking of individual project expenditures. The current system used by donors has been compared to the government system in the paragraphs that follow. The current planning and budgeting system used by donors 46. The rating for the current systems used by donors is substantial. Development assistance in Zimbabwe is largely outside the Government budget and the methodology varies from donor to donor. Some donors use trust funds such as the Analytical Multi-Donor Trust Fund and the Zimbabwe Reconstruction Fund (administered by the World Bank), the Zimbabwe Fund (administered by the African Development Bank), and the Global Fund (administered by UNDP). The planning and budgeting systems for these trust funds depend on the project. Some of the projects are Bank-executed and others are recipient-executed. In most cases, the project amounts are disclosed in the budget statement of the country-- but not in the appropriations or the budget estimates. Other development assistance is provided directly by the donors-- either using a Non-Governmental Organization (NGO) or using their internal procurement processes to procure the goods or services needed and delivering them to the facilities where they are needed. The merit in the current systems is that donors are sure that their funds are used for intended purposes. The greatest disadvantage of the current system is that it hinders transparency and accountability because, in most cases, no one knows the total resource envelope available to a ministry, department or agency. For instance, a donor may simply deliver a vehicle to a ministry, a quantity of medical supplies to a hospital, textbooks to a school, or computers to a ministry without disclosing the amounts delivered. Furthermore, the current system creates room for duplicating 17 Control Risk – is the risk that the country’s financial management system is inadequate to ensure project funds are used economically and efficiently and for the purpose intended Risk ratings: High, Substantial, Modest, or Low 17 | P a g e the efforts of the Government and other donors and, at the same time, leaves gaps. A huge percentage of the funds do not go to the intended beneficiaries. This is because the NGO or the intermediaries being used do not have sufficient oversight of the project or the fees; additionally, reimbursable expenses take a huge percentage of the funds away from intended beneficiaries. The planning and budgeting system used by government 47. In the budget statement for 2014,18 the Minister of Finance reiterated the call to development partners to channel development assistance through the budget in order to ensure effective planning, monitoring and evaluation of utilization of public funds. However, it is necessary to evaluate fiduciary risks associated with the full inclusion of projects in the budget planning and appropriation processes. For example, what are the risks of annual budget appropriations being less than the estimated annual project cost? Is the annual budget approved on time so that project procurement could be initiated and implementation carried out in a timely manner? What are the chances that the approved project budget appropriation would be reallocated to other projects/activities in the course of the year? Does the budget classification system enable tracking of individual project expenditures? Appropriation for the projects in the annual budget 48. The risk that insufficient appropriation may be made for projects in the annual budget is substantial. The budget process is clearly set out annually in the budget-call circulars. Budget ceilings are determined by MOFED in accordance with policy and cognizant of resource-envelope constraints. In order to implement the principles of prioritized results-based budgeting, the concept of a Pre-Budget Strategy Paper was introduced in 2011. It provides ingredients for stakeholders to meaningfully input into Budget formulation, procurement management and supportive measures. The Pre-Budget Strategy Paper seeks to facilitate informed debate on key fiscal and other macro-economic policy issues. It also assists in building national consensus over some of the priorities that should be addressed through the Budget. After the Pre-Budget Strategy Paper, budget ceilings are usually communicated to line ministries. Line ministries are responsible for the preparation of their budgets within the ceilings when they submit their budget proposals to MOFED. 49. During the period of CIFA, the budget did not serve as an effective instrument for ensuring aggregate and allocative efficiency. With respect to risks for aggregate fiscal discipline, PIs 1 through 4 show low ratings. However, the actions taken to prevent spending exceeding receipts put an end to unsustainably large fiscal deficits, which declined from 18.6 percent of GDP in 2000 to 3.2 percent in 2008. The 2011 Mid-Year Fiscal Policy Review (page 54 of the report) shows Central Government revenues of 16.6 percent-- exceeding expenditures of 16.3 percent. The CIFA report indicates that the budget has not served as an effective instrument for directing expenditures and allocating resources. The situation has not changed very much over the years owing to a lack of fiscal space-- salary and wage bills mobilizing nearly 80 percent of revenues. It is expected that residual risk would be moderate should there be a significant increase in fiscal space. 18 paragraph 627, 18 | P a g e Budget transparency and comprehensiveness 50. The risk of not being transparent and comprehensive in the use of the budgeting system of the country is substantial. The budget development process needs to improve effective allocations of resources to priority functions and it needs to provide currently absent feedback on results achieved. The budget classification is not fully consistent with GFS and COFOG standards. The results-based budget, when fully implemented, will be supported by reporting performance results achieved, as well as financial data. The roles of the Portfolio Committees of Parliament in scrutinizing the budget need to be enhanced. Parliament should be expected to play a key role in the strategic allocation of budget resources, especially in the current situation where the fiscal space is so confined. Zimbabwe is heavily reliant on the performance of its Public Enterprises but there is insufficient transparency and accountability from these State Owned Enterprises (SOE). Related fiscal risks should be monitored more closely, which requires regular reporting. 51. PIs 11 and 12 show that there is the basis for a sound budget framework based on the multi-year budget framework and the results-based budgeting system, which provides for monitoring and evaluation of activities. This sound budget development process needs to be fully implemented and followed through in the budget execution phase to assure that service delivery goals are met-- including full implementation of the results-based budget-reporting processes. 52. Concerning risks for the revenue side of budget execution, the country has in place a good framework for tax administration. There is, however, scope for improved systems to enhance revenue management and improve revenue estimating in order to increase control over fiscal discipline. The key challenge facing the Government is that of tax arrears. There is a relatively low rating performance in some aspects of the payroll, procurement, and internal controls (including internal audits) and these need to be improved so that service delivery intentions can be achieved. 53. The GoZ has issued a medium-term national development framework, the Zimbabwe Accelerated Sustainable Social Economic Transformation (ZIM-ASSET October 2013- December 2018) that clearly states medium-term policy objectives. The framework was developed within a macro-fiscal perspective which outlines the priority areas of Government. At present, fiscal forecasts of revenue and expenditure aggregates are prepared for three-year horizons, following the budget year, based on GFS standards. MOFED publishes the fiscal forecasts and includes them in the budget documentation submitted to Parliament. Residual risk is expected to be low if the fiscal reporting becomes fully compliant with GFS classification. Timely approval of the annual budget 54. The risk that the incorporation of the projects in the annual budget will lead to delays in the projects’ implementation is moderate. According to the PFMA,19 the budget cannot be presented before the House of Assembly before December 1, and not later than January 31. However, Section 305 of the Constitution provides that this transmission should occur no later than January 31, with no limit on how early it could be sent. Therefore, the PFMA needs to be amended to bring it in sync with the Constitution. Budgets are usually submitted on time to Parliament20 and they are approved before the 19 Section 28(1) 20 2014 budget was presented on December 19, 2013 and that of 2015 was presented on November 27, 2014 19 | P a g e commencement of the financial year. On a positive note, recently there has been far greater scrutiny of the budget than previously. Project implementation and related procurement activities may be delayed when budgets are not approved on time by Parliament. Section 26 of the PFMA provides that should the budget not be authorized in time, the President may authorize--in advance of the main Appropriation Act for that year-- issuance from the Consolidated Revenue Fund of such money as may be necessary to carry on the services of the Government. There is, therefore, a moderate risk that large-value procurement could be delayed and may need to be compressed to fit into the remaining nine months of the fiscal year. The GoZ currently holds an overwhelming majority in Parliament and the 2015 budget has been passed on time. This is likely to be the case up to at least 2018 when the term of the current Administration comes to an end. The perceived risk that delays in approving the budget may forestall projects should therefore be moderate-- in recognition of the timely approval of the budget by the Legislature in the years starting from 2011 to 2014. The residual risk after the mitigation measures are effectuated is expected to be low. Diversion of approved budget allocations 55. The risk of diversion of project funds is assessed as substantial. Comparing the composition of aggregate expenditures out-turn to the original approved budget is an essential measure of budget credibility. Large deviations would suggest significant distortions to the original policy objectives captured in original budget estimates. The legal framework provides neither virement rules nor how re- allocating budget resources could be done after approval. In other jurisdictions around the world, the PFMA provides various levels of authority, as well as the limits within which virements can be conducted. Use of funds meant for a particular activity for another purpose without complying with the virement rules amounts to misapplication of funds. Such misapplication is a breach of financial discipline-- or a misconduct for which disciplinary measures are typically defined in the PFMA. The review concluded that the current Zimbabwean legal framework does not provide the assurance that monies appropriated will be used for the intended purposes. That is because that framework does not have provisions or rules on virements; hence, there is no procedure to be followed and no approvals needed before funds approved for one activity, entity or project can be used for another. Section 78(n) of the PFMA provides that the procedure for virement should be defined in regulations; but, to date, the regulations are still in draft. Should the regulations be operationalized, they would not provide sufficient assurance that funds will be used for the intended purposes because the regulations can be easily changed by the Minister. In the event that funds are used for unintended purposes-- either because such activities were not budgeted or the budget was inadequate, all that is required of the Minister of Finance under section 307 (1) of the Constitution is that he or she introduce a bill to the National Assembly seeking condonation of the unauthorized expenditure within 60 days after the unauthorized expenditure has been made. 56. The PFMA should provide a limit to unauthorized expenditures and also the circumstances under which such expenditures can be incurred. Without having a system in place to link the sources of funds to activities, it is difficult to know whether funds have been used for the intended activities. To attend to this, the Government intends to track donor funds through the use of a Grants Management Module. The Government and UNDP have agreed to process three grants of the Global Fund through this module in order to track the disbursements into Government accounts-- with associated expenditures. For in- year budget amendments, there are clear rules in the Constitution (Section 305) and these are supported by budget controls in the IFMIS. However, the cash-planning-system still needs improvements and it is 20 | P a g e recommended that the Treasury or the AcG set up a cash-planning unit which will help the cash- planning committee to perform better. It is expected that the residual risk will be moderate after virement rules are enacted to disallow arbitrary reallocation of funds. Adequacy of the budget classification system 57. The risk that the budget classification may not adequately cater to projects is substantial. The budget classification is presented on a cash basis employing functional, sub-functional, program, sub- program, economic and administrative classifications. The budget classification (as identified in the budget documents and macro-fiscal tables) identifies only 4 main functions; however, the structure could be mapped to a standard table consistent with the Classification of the Functions of Government (COFOG) . The macro-fiscal tables and the chart of accounts are consistent with the budget structure and hence the exercise of expenditure controls within that budget classification. The budget formulation process includes top-down and bottom-up reconciliation at the administrative budget-head level, but not within the functional and sub-functional classifications. 58. Segments in the IFMIS Chart of Accounts are depicted in Table 2 below. (Provision is made for tracking of donor-funded transactions, with the feasible intent to channel, manage and report donor funding through the Government’s own bank account configuration and financial management system.) Table 2. Chart of Accounts format Box 3 – Chart of Accounts Segment 1 Segment 2 Segment3 Segment 4 Responsibility Performance Analysis Accounts Accountability Related Budget Sector Vote / Account Type Cost Prog / Donor / Objective/ District GFS Item / Head / Center Sub Project Target / Classifi- Sub Dept. Prog Activity cation Item X xxx X Xxx Xxxx Xxxxx Xxxxxx Xx Xx xxxx 59. Key fiduciary risks in the area of budgeting: the risks of inadequate budget appropriation for the project, of delays in the annual budget-approval process, and of diversion of budget appropriations to other activities—are, overall, assessed to be substantial. These risks stem from weaknesses in the legal framework and processes. The degree of Government ownership for the project and importance of the project in the sector strategy is critical in the appropriation process. Where strong linkages between the project and the sector strategy ensure the Government’s strong commitment to the project objectives, there is less likelihood that the project will receive inadequate appropriation in the annual budget. To minimize some of the risks associated with the budgeting process, the team recommends amendments to the PFMA to ensure that the project is part of the approved sectoral strategy and that virement rules are clear. Roll-over of project funds could be used as a measure to ensure continuous project implementation; and this needs to be further discussed with the GoZ. The residual risk after implementing the mitigation measures is expected to be low. 21 | P a g e Conclusion 60. The risk with the current system for planning and budgeting for projects is substantial and it is substantial for UCS as discussed above. The current practice relies on Implementing Entities (IE). The fees and reimbursable expenses for the IE in Zimbabwe are very high.21 Payments to IE are not illegal, but they proportionately reduce the financing available for project activities. Since these amounts are not reflected in the Ministry’s or Department’s Budget, there is lack of transparency in the total resources available to a Ministry or Department. It is expected that, after implementing the mitigation measures, the planning and budgeting system of Government could be used for donor projects since the risk level would then be moderate. Accounting and Reporting 61. The key fiduciary risks in the area of accounting and reporting are delays in recording transactions in the accounting system, inability of the accounting system to prepare Interim Financial Reports (IFR) in a format acceptable to the Bank within 45 days, or to produce annual Financial Statements using the International Public Sector Accounting Standards in a format acceptable to the Bank. The current system used by donors for accounting and reporting on their projects have been compared to the Government system in the paragraphs that follow. The current Accounting and Reporting system used by Donors 62. The risk-rating for the current accounting and reporting system used by donor projects is moderate. The current accounting and reporting systems used for development assistance vary from donor to donor and from project to project. The systems are designed to respond to the information and reporting needs of the donors. The merits in using these systems are that the reporting is done on time and the standards are acceptable to the donor. In some cases, it is the donor’s internal accounting and reporting system that is used. The disadvantage is that the information or data from such accounting and reporting systems are not compatible with that of Government, and, hence, cannot be consolidated. In other words, the accounting standards, the chart of accounts, the accounting policies and classifications may differ to the extent that they simply cannot be consolidated. In some cases, the accounting and reporting systems are internal to the donor and no information is available to the Government. The Accounting and Reporting system of the Government 63. Currently, recording and accounting for statutory funds and donor-funded projects are done outside the IFMIS-enabled controls. Staff in the districts have to travel weekly, or twice a week, to process payments against their budget releases; these expenditures could have been incurred much earlier. The assessment concludes that this risk is substantial; even though the IFMIS is capable of producing the IFRs and other ad hoc reports, the data may not be complete or reliable. The reporting requirement for the AcG and the Controlling officers for funds appropriated from the Consolidated Revenue funds are met. Section 35(12) of the PFMA requires the AcG within 3 months after the end of the financial year to prepare and submit financial statements to Auditor-General for audit. Section 35(12) requires the 21 The fees and reimbursable expenses range between twenty and forty percent 22 | P a g e audited financial statements together with the reports of the Auditor-General to be presented to Parliament not later than 30th June each year. The financial statements and reports do not include the internally generated funds (statutory funds) of the ministries and donor funds for projects. The assessment noted that work was far advanced towards capturing of the budget and spending of statutory and donor funds on the IFMIS-- which is based on SAP. The system has been implemented in all line ministries and 10 provincial areas. The system is underpinned by a centralized payment system, using the Reserve Bank of Zimbabwe, to support the operation of the Consolidated Fund from which the Budget is annually appropriated. This enables the preparation of financial statements for MDA as well as the consolidated financial statements. Delay in accounting for the transactions 64. The risk of delays in financial reporting for projects using the accounting system for Government is substantial. The transactions of ministries at national and provincial levels operate on IFMIS and are recorded on a timely basis, which indicates that the accounting records are reliable and up-to- date. The transaction processing layer of the system is in place with a reasonable set of fiscal controls. All payments out-of-appropriation funds undergo budget/warrant checks before a payment is authorized and no payment is done outside the system. The system therefore provides a good source of controls and also accurate as well as up-to-date information on Government finances. However, statutory and donor funds do not use IFMIS and therefore are not subjected to the same controls that are embedded in IFMIS. IFMIS does not extend to districts, and, consequently, districts are required to travel to their respective provinces with documents in order to access the system. This is likely to result in delays in processing transactions and negatively affect the comprehensiveness of financial reporting, especially the monthly and quarterly reports. The relevant PEFA indicator on timeliness and regularity of account reconciliations was last rated C. While the supporting dimension on timeliness of bank reconciliation has been rated B, the dimension on regularity of reconciliation and clearance of suspense accounts/advances was rated D owing to long outstanding backlog. There has been substantial improvement in regularity and timeliness of bank reconciliation as well as advances/suspense accounts and as such risk of delays in recording transactions due reconciliation back log is not substantial. There is still substantial risk of delays in recording transactions from districts due to absence of IFMIS in those areas. Additionally, non-capturing of statutory funds and donor funds makes reporting incomplete. Capturing revenues and expenditures of statutory and donor funds and extending the IFMIS to the districts will reduce residual risk to moderate. Reliable and timely financial statements 65. The risk of project financial statements not being timely and reliable is substantial. If decision makers do not have access to reliable and timely financial information for monitoring performance, the fiduciary risk in the use of funds increases. IFMIS has contributed to issuance of monthly, quarterly and annual reports on a timely basis. The CIFA 2012 report rated the indicator P1–25 on quality and timeliness of annual financial statements a “D�, with dimension (i) for completeness of the financial statements and dimension (ii) for timeliness of submission of the annual statements; for external audits both rated “D�. However, substantial progress has been made on timeliness of financial reporting, evidenced by submission of the 2013 report much earlier than in previous years. There is need to further improve timeliness so that the audited accounts are submitted to Parliament not later than June 30-- in accordance with the statute. While timeliness has improved, completeness may still be a problem given 23 | P a g e the processing of statutory and donor funds outside IFMIS. It is recommended that the Government include all funds in IFMIS and extend IFMIS to districts in order to improve on completeness and timeliness of financial statements. In extending IFMIS to the Districts, it is recommended that one or two points-of-presence (or data entry centers) are created per district, instead of extending the system to individual district offices of ministries. It is expected that, if IFMIS is rolled out to all the Districts and the Grant Management module is fully operational, residual risk would reduce to moderate. Acceptable accounting standards for the preparation of financial statements 66. The risk that project financial statements may not be in compliance with internationally accepted accounting standards is substantial. The GoZ applies the cash basis of accounting, recognizing transactions as and when paid. This is done without applying an internationally recognized accounting standard to prepare its financial statements-- such as the International Public Sector Accounting Standards (IPSAS) Cash Standard. However, standard format templates are applied consistently (over time). The Government intends to migrate to the IPSAS Cash Standard. IMF is working with Government towards adoption of IPSAS cash-basis as a step towards full accrual accounting. Recommendations have been made for a legal and institutional framework for implementation of the standard. The timeframe for implementation has not yet been determined. To enhance reporting on projects, the Bank should agree at the project preparation stage on the format of financial reports with the Government and the Bank should request the establishment of project assets registers. In addition, the Government is encouraged to accelerate implementation of IPSAS (starting as planned with cash basis before moving to accrual). Government should initiate a process to start recording liabilities in IFMIS. To strengthen accountability at the ministerial level, there is a need to enforce the provisions of Section 32 of the PFMA-- which requires ministries to prepare annual financial statements that should be audited. The residual risk is expected to be moderate after migrating to cash-based IPSAS. Ability to track project-related transactions in the accounting system 67. The risk of not being able to track project-related transactions in the accounting system is substantial. Weak accounting systems may make it difficult to track resource transfers to, and expenditures of, actual service providers, increasing the probability that funds may not be used for the intended purposes. The IFMIS configuration, user setup, chart of accounts and audit trails provide the ability to control access, and to record and track project related transactions. IFMIS functionality has the capability to incorporate additional codes that could meet donor resources’ information-processing and reporting requirements. The Government intends setting up a National Development Fund into which all donor funds will be paid before they are transferred into the designated account of the respective projects. IFMIS has got a project module called the Grant Management Module. Three grants of Global funds are being piloted in 2015 using this module. After the pilot program has been assessed, the Government is planning to deploy this module to the line ministries to cater to detailed information-processing for projects to satisfy diverse reporting requirements by both Government and donors. The module will track receipts and uses of funds and report in accordance with donor and government requirements. There should be special, or designated, accounts for each project. The designated account should be configured in according to IFMIS for easy traceability of funds. The residual risk of not tracking project transactions is moderate. Integrity and reliability of data stored in the IFMIS system 24 | P a g e 68. The risk of project data lacking integrity and reliability is substantial. The SAP-EC 6 Enhancement Package Ehrd 7 software, functioning as the Government IFMIS, has all of the appropriate security features. A security audit of the system was performed on the IFMIS in 2012 and it is time for a repeat audit to assure that the system remains intact and is being used appropriately. Most organizations implementing highly integrated systems undergo systems audits by systems security professionals to continuously validate the robustness of the system controls. This is because automated financial management systems are not only vulnerable to cyber-attacks, but can be manipulated if the system controls are not robust; therefore the AG is encouraged to regularly repeat the security audit carried out in 2013. 69. The existing control environment is encouraging, as password controls are reportedly strict and adhered to; a firewall has been established and further strengthening of the firewall has been planned; user roles and access controls are centrally monitored and managed as per rules; and master data creation like vendor creation is centralized as per good practices. However, there are no interfaces with the payroll system, revenue systems, nor debt management systems, and the budget is not integrated with the budget execution in IFMIS-- the Government planning to implement the budget module for the financial year 2016. It is recommended that: (i) both internal and external audit units are provided with IT-specialized skills in order for them to perform security audits on IFMIS; (ii) IFMIS should be used in accounting for all Government funds, including those from donors; (iii) IFMIS should be extended to districts to enable timely and complete reporting from districts; (iv) the Government should move quickly towards compliance with recognized accounting standards (cash-basis IPSAS and, later, accrual-basis IPSAS); (v) the Government provide for virement in the PFMA; (vi) that Government initiate a process to integrate the different systems that logically relate to accounting in IFMIS; (vii) that Government migrate the payroll into the SAP-based HRMIS module for better integration with establishment registers, controls and efficiency; and, (viii) the Budget Consolidation Module of the IFMIS should be used for the Fiscal Year 2016 budget compilation. Residual risk is expected to be moderate after robust system-audit arrangements are implemented. Conclusion 70. The existing accounting and reporting system for donor projects is rated as moderate. Overall risk of using IFMIS for accounting and reporting in respect to donor-funded projects has been assessed as substantial. The existing system therefore provides a better assurance to donors, but the risk associated with the Government systems would reduce to moderate and the accounting and reporting system of Government could be used for donor projects if the recommended mitigation measures are successfully applied. Treasury management and Funds Flow 71. Treasury management and funds flow ensures that funds are available in a timely manner to facilitate the implementation of a project. The current system used by donors for managing funds flow for projects financed by them has been compared to the Government system in the paragraphs that follow. The current treasury management and funds flow used by donors 25 | P a g e 72. The risk rating for the current system used by donors for treasury and funds flow is moderate. Currently, almost all development assistance happens out of the treasury and funds flow system of the Government. In other words, projects open their own accounts into which disbursements are made in order to finance the activities of the project; or, donors simply pay for goods and services from their own accounts. The merits are that funds are available on time and may be used for the intended purposes (except for the huge percentages that usually go to the intermediaries). The disadvantage is that such funds (especially when held by the donor) get re-allocated when the priorities of the donor changes. In several cases, amounts promised by donors are not disbursed for other reasons not related to a project. This includes changes in leadership at the donor’s headquarters, or at the local country office or at political levels in the donor’s country or the recipient’s country. The Country’s treasury management and funds flow 73. Despite controls within IFMIS to ensure cash and budget compliance for operational expenditures, about eighty nine percent22 of the budget is executed outside IFMIS. The system is used for operational expenditures of the Consolidated Revenue Fund which constitutes about 11percent of the total budget. The following summary of the composition of the Budget FY2015 will clarify the issue: Table 3. Breakdown of 2015 Budget Expenditure Category Budget 2015 percent Employment Costs 3320 80.7 Capital Expenditures 341 8.3 Operations and maintenance 454 11 Total 4115 100 74. A small increase in the wage bill has a negative impact on non-wage current expenditures, and hence adversely affects the reliability of releases to line ministries. The ministries, therefore, are left to finance operational expenditures largely from the statutory funds (retained earnings). A detailed assessment is given below. 75. The Public Finance Act mandates that the Secretary and Paymaster General, responsible for the Treasury, manage the Consolidated Revenue Fund. The Act also authorizes the Treasury operationalize this fund through the establishment of banking accounts, called “Consolidated Revenue Funds Accounts�, and one or more of its sub-accounts, including separate sub-accounts for the investment of surplus funds. These accounts have been maintained at the Reserve Bank of Zimbabwe (RBZ). They were transferred to the Commercial Bank of Zimbabwe in 2009 and back to RBZ in 2014. To ensure that ministries spend within the cash available in these bank accounts, MOFED issues budget releases. This is an authority to spend, followed by cash releases, which move funds from the main account to the ministry account. The ministries incur expenditures against these budget releases, and approve payments against the cash releases. Key risks discussed in this section pertain to consolidation of cash balances in a single treasury account, extent of cash forecasting at the line ministries, the reliability of budget and 22 The 89percent includes employment costs, donor projects and statutory fund expenditures none of which runs on the IFMIS 26 | P a g e cash ceilings given to the ministries, and in-year changes to the budget of the ministries through virements/re-allocations. Consolidation of cash balances in the treasury single account (TSA) 76. Overall risk that consolidation of cash balances in the TSA may not include balances on project accounts is moderate. The Government has two main accounts in the RBZ: the Exchequer Account or Consolidated Revenue Fund (CRF) Account and Paymaster General (PMG) Account for revenues and payments respectively. The sector ministries have sub-exchequer and sub-PMG accounts linked to the main accounts at RBZ.23 These are zero-balance accounts. For ministry receipts—the non-retained portion--, the cash in the sub-exchequer accounts of the ministry is swept back into the main exchequer account electronically at the end of every day to remit the statutory funds. The consolidation of cash balances in the main account is adequate. For the retained portion, ministries have commercial bank accounts where the received funds are deposited. The Treasury has issued instructions recently to all the ministries to move these accounts into the RBZ. This arrangement is valid for only two cities-- Harare and Bulawayo, where RBZ has its branches. For the remaining districts, the commercial banks will continue to hold bank accounts for the statutory funds. For payments, funds are transferred from the main PMG account into the sub-PMG accounts of the ministries only when it is required to make final payment to the vendors. The sub-PMG accounts are used for the operational/recurrent expenditures only against the appropriations. The ministries have separate bank accounts for statutory funds and donor-funded projects. These accounts are not linked accounts of the TSA and are maintained usually in commercial banks. All Government payments are sent through the PayNet interface between the Globus Core Banking Solution and IFMIS. The review team was informed that manual instructions and checks are not permissible in this arrangement. In the event of system failure, which is rather rare, the Treasury can issue written instructions to make certain payments. The team was also informed that the IT security of this interface is adequate, as it has encryption, fire-wall and other necessary controls. E&Y have carried out an evaluation of this interface as part of the external audit work for the RBZ, but the report is not finalized yet. 77. Treasury has a service-level agreement with the RBZ. This is a basic agreement that defines the service charges that the Government has to pay for using the banking system. The RBZ does not charge or give interest to the Government as this issue is not prominent enough due to several cash constraints. The RBZ raises Treasury Bills for short-term borrowing on the instructions of the Treasury. But the scope of this operation is very limited. The currency of Government’s financial management, accounting and fiscal reporting is the US dollar. All other currencies are acceptable, though, for invoicing purpose. These are converted to the dollar rate of the day at the time of payment. 78. National Development Fund (NDF): The Government has created a National Development Fund to channel donor money through a central fund, separate from the Government funds to avoid co- mingling the two. The Treasury, at the time of the assessment, was yet to open the NDF accounts at the RBZ. The residual value of the use of the Treasury system remains moderate. 23 RBZ holds about fifty-eight bank accounts for ministries, Departments and Agencies 27 | P a g e Cash Forecasts by the line ministries 79. The risk-rating that project-cash-forecasts may not be timely and reliable is moderate. The process is well entrenched in the ministries. MOFED requires all line ministries to submit cash forecasts by months for the following financial year immediately after budget approval. The line ministries, in addition, are required to submit monthly cash forecasts/release requests, to reflect the adjustments in the annual cash forecasts submitted at the start of the fiscal year. Before the 2015 Budget, these requests only included planned current expenditures and commitments to be met from the appropriated funds. The information on current expenditures to be met from the statutory funds and other sources was not included. However, this practice has improved since FY2015 owing to the improved format of the Blue Book. The Blue Book now includes information provided by MDA and donors, respectively, on expenditures to be met from statutory funds and donor sources, respectively, in addition to the appropriations. Therefore, the monthly release request from the ministries, following the Blue Book format, now includes information on expenditures planned to be met from the appropriations, statutory funds and other sources. Despite improved formats and contents of release requests, the reliability of releases from MOFED has material weaknesses, as explained in the next paragraph. The residual value of risk for this area is expected to be low. Reliability of budget and cash ceilings 80. The reliability of budget disbursements to projects is a substantial risk. The Government operates on cash-based budgeting-- the estimates of expenditures being largely within the revenue forecasts. For example, for the FY2015, 96percent of the expenditures are planned to be met from the projected expenditures of $4.1 billion, against the projected revenue of $4.0 billion. This shortfall has resulted in cash rationing during budget execution. The ZIMRA weekly informs the Budget Department of MOFED on the cash collections. The Treasury, informed by the Cash Management Committee’s report, issues budget releases to the line ministries after prioritizing non-discretionary expenditures like wages and important programs/projects. These releases are done on a very ad-hoc basis, typically weekly or so, against the requirement to release budget on a monthly basis. This is largely because of the very limited space available for better cash planning of an overly bloated wage bill. The situation is worsened by limited ability of the Government to raise short-term borrowing. Consequently, the line ministries do not get releases as and when required. This has a knock-on effect that partially contributes towards the build-up of arrears, especially for the ministries like Health that deliver essential services. The ministries either meet their expenditure needs from the statutory funds or issue purchase orders to the suppliers--for example, for the supply of essential medicines, by-passing IFMIS which enforces commitment control. Vendor invoices associated with these purchase orders, after the supply of goods, cannot be approved and paid, owing to non-availability of cash, leading to the build-up of arrears. A significant portion of the arrears, though, are attributed to non-payment of utility bills, as a result of over-consumption, under-budgeting and disputed billing. 81. On the recommendations of the Cash Committee, the AGD makes the budget releases in IFMIS. These releases are issued at the spending-unit-cum-commitment item level. This release is the basis of the commitment control, exercised at the time of purchase requisition. The spending units process their commitments and payments in IFMIS on-line against these budget releases for the appropriated funds only. The spending units of the government process their payments using IFMIS. The district level spending units are not connected to IFMIS and therefore, process their expenditures in the system by 28 | P a g e travelling to the nearest on-line location, typically ministry office in the provincial HQ, as explained above. Around two thousand spending units of the twenty-six ministries are using the system at three locations where the system has been rolled-out. Most of the rolled-out sites are located in buildings that house multiple spending units. The accounting and procurement officers of these spending units and departments are able to access the system and operationalize the transaction processing. The residual risk is expected to be moderate. Cash releases to projects 82. The risk that cash releases will not be on time to facilitate implementation of projects is substantial. The Director Budget of the respective departments approves the final invoices and associated payments in the system. Thereafter, the ministry head office conducts a payment run-- a batch processing of all approved payments. This program calculates the total amount of approved payments to be paid out. After the payment run, the AcGD is able to get the consolidated cash requirements of the line ministries in IFMIS. Again, these requirements are prioritized against the available cash in the banks. The AcGD then transfers the cash from the main PMG (Paymaster General) Account to the sub-PMG bank accounts of the ministries. Upon receipt of the funds in their bank accounts, the ministries approve the final payments to be made from these bank accounts to the vendor bank accounts directly. This is achieved through interface of IFMIS with the Banking system through PayNet, through which detailed payment instructions are sent to the RBZ for online transfer of funds to vendor bank accounts. There are no treasuries to manage bank accounts at the districts to facilitate payments on behalf of MDAs delivering services at the district level. These spending units depend upon the sector headquarters to process their payments as explained above. Without district treasuries all payment runs are done at the national level. Residual risk is expected to be moderate. In-year changes to the budget 83. The risk that changes may be made to amounts allocated to projects is substantial. MOFED is authorized to do the re-allocation or virements. Instructions are issued at the time of the budget-call circular that no ministry is allowed to do virements. The virement rules are not spelled out in the draft financial instructions. The re-allocations are done largely to accommodate priority expenditures like wages. Owing to the large impact of wage increases, the budget changes drastically for operations and maintenance. The following budget execution report for Budget FY2014, up to October, highlights the point: Table 4. Budget Execution Report for January to October 2014 Exp. Category Original % of total Target Exp Actual Exp: % of target: %Overspend/Underspent Budget budget Jan-Oct Jan-Oct Jan-Oct Jan-Oct Employment 2998 72.77 2351 2505.4 106.57 -6.57 Costs Operations 615 14.93 502.9 324.1 64.45 35.55 Interest 15 0.36 15 38 253.33 -153.33 Capital 492 11.94 401.3 261.7 65.21 34.79 Expenditures Total 4120 3270.2 3129.2 29 | P a g e 84. It is normal to make adjustments to the budget or effect budget transfers during the implementation period. It is recommended that the procedure and the various levels of approval should be spelt out in the PFMA. The key challenge to the treasury and cash-management system of the Government is the lack of fiscal space. This can be ameliorated by increasing the revenue base of the economy but that change cannot be immediate. What can be done immediately is to control expenditures—especially, employment costs. If the GoZ takes advantage of the improved relationship with donors, there may be an opportunity to put more money into the economy. The AFDB and the Global Fund have taken the lead and the Zimbabwe Reconstruction Fund (ZIMREF) is in the pipeline. Though these monies may not be rendered as budget support, they would free up resources that would have otherwise been appropriated from the Consolidated Revenue Fund. 85. The donor-funded projects and statutory funds (the retained part) are not using IFMIS. This is because, after reviving IFMIS 2009/10, time was needed to roll-out the system to the ministries in Harare and later to the ten provinces. The appropriations from the Consolidated Revenue Fund have been administered using IFMIS. The remitted part of the statutory funds has been recorded in IFMIS using the sales and distribution (S&D)’ module of IFMIS. Using the S&D module was a consequence of the grant-management module not existing on IFMIS. It has now been installed and the Ministry of Health is planning to pilot their donor-funded projects using the Grants Management Module-- effective March 2015.24 The review team was taken through: (1) the configuration of the grant management module; (2) the process for capturing data; and, (3) the various levels of report generation. The module allows capturing and tracking of expenditures at different levels, starting from the source or fund type, the project, component, sub-component and activity level. Below the activity level, individual items of expenditure can be shown or reported if there is a need to show them as annexes. The residual value is expected to reduce to moderate after putting in place the virement rules. Conclusion 86. Risk associated with current treasury management and funds flow arrangement for projects is moderate, but that of the country system is substantial. There are very few mitigation measures possible, as the key challenge facing the treasury and cash management system is inadequate fiscal space. Improving internal controls and controlling the employment costs would help create some fiscal space and reduce the risk of using country systems to moderate. Until that is achieved there is risk that fund releases will not be made in time or the funds will be diverted. Therefore, we recommend that even when the projects are shown on budget, they should still continue to hold their separate bank accounts, outside the consolidated fund and National Development Fund (NDF). The respective ministry/project authorities should have control over their project funds for entering commitments, and approving invoices and payments. The donor disbursements into the bank accounts should be considered as the release- the authority to spend. The IFMIS system should be configured to support this process. These will mitigate the risk of co-mingling of donor funds with the NDF, until reasonable assurance has been obtained that the operations of the NDF are stabilized and concerns of the donors have been addressed. At the moderate level, the country’s treasury and cash management system could be used for donor projects. 24 . The scope of the pilot will be Global Fund from the UNDP for 3 grants only: Malaria, TB and administration grants to be dispersed into the bank accounts controlled by the Ministry. 30 | P a g e Internal Controls and Audit 87. Internal controls are measures (such as reviews, checks and balances, methods and procedures) instituted by an organization to: (1) conduct its business in an orderly and efficient manner; (2) safeguard its assets and resources; (3) deter and detect errors, fraud, and theft; (4) ensure accuracy and completeness of its accounting data; (5) produce reliable and timely financial and management information; and, (6) ensure adherence to its policies and plans. The role of internal audit is to provide independent assurance that an organization's risk management, governance and internal control processes are operating effectively. The internal controls and audit currently used by projects funded by donors are compared with those of the Government in the following paragraphs. Internal control and audit used by donor projects 88. Risk rating for the internal control and auditing used by donor projects is moderate. A key ingredient of ensuring checks and balances is to ensure there is division of labor in the management of the project. The size of the team available to manage donor projects is usually small and the governance system tends to be compromised in order to cut down on costs. It is usual to find one or two staffs handling all the financial issues of a project; as well, transactions that should, naturally, be handled by different persons get handled by one individual. Many of the projects do not have internal audit units or staff to provide independent assurance that the project’s risk management, governance and internal control processes are operating effectively. For projects being implemented through implementing agents without internal audit units, the normal solution is to outsource the internal audit. Accounting firms provide this assurance to management using international standards. The internal controls and audit system of Government 89. The risk that the internal control system is unable to prevent or detect serious irregularities, misuse, and inefficient use of public funds is high. An Internal Audit system is automatically triggered to provide oversight in case of donor-funded projects that use other-country systems such as budgeting, accounting and reporting, cash flow and procurement. It is therefore critical to have a strong Internal Audit in terms of its independence, competence, quality control and ability to provide assurance to the Government and donors through its audit products. The ability of internal audit within government to assess with reasonable credibility, the cost-effectiveness of any project is limited. In its present structure, depth and coverage, the internal audit provides very limited assurance on the internal oversight to donors. 90. The AG’s report (FY ended 31 December, 2013) flags serious Governance challenges and weak control systems in ministries which lead to unsupported payments, losses and fraudulent activities. Record- keeping in a number of ministries is poor, and ministries and funds were not able to provide assets-registers, cash books and ledgers for audit-- possibly because they are not maintained. Some ministries did not reconcile differences between the Sub-Paymaster General Accounts and the PFM System and, as such, the accuracy of the Appropriation Accounts of such ministries was not reliable. Several ministries had unauthorized expenditures—derived from diverting money from Fund Accounts to meet Appropriation Accounts. There were cases of flouting formal and informal tender procedures, payments before supply of goods, and the purchase of overpriced goods and services. 31 | P a g e 91. The internal control systems in Government have substantial scope for improvements. The audit opinion issued by the AG in 2014 is an indicator of the weak internal controls and prevalence of irregularities. Ninety-four percent of ministries (thirty-one out of thirty-three) had material audit findings, sixty-seven percent (twenty-two out of thirty-three) ministries were issued qualified audit opinions on their Appropriation Accounts, and one ministry was issued a disclaimer of opinion. Even out of the ten ministries that were given unqualified opinion, 8 of them had other material issues reported. The risk is expected to be moderate after strengthening internal controls and internal audit. Institutional arrangements for Internal Auditing 92. The institutional arrangement for internal audit is assessed as high risk. Section 80 of the PFM Act identifies the role of internal auditor as one who will assist Treasury in carrying out its duties. However, internal audit across the Government operates in silos in the ministries. There is no central agency (Internal Audit Department or Head of Internal Audit) reporting to senior level functionaries in MOFED. Internal audit units report to Permanent Secretaries of the concerned ministries and have minimal linkages with the Ministry of Finance. The current system has the following limitations: (i) internal audit’s independence is very limited, since the entire reporting mechanism is internal in each line ministry; (ii) the Chief Internal Auditor (CIA) is a relatively junior-ranking official (Deputy Director level), which is inappropriate considering the internal oversight expected to be exercised over units headed by several senior officials-- including Directors and Principal Directors; (iii) the absence of learning across sectors, sharing experiences and developing a common solution to cross-cutting issues; (iv) the risk of development of vested interests owing to permanent location in the same ministry; and, (v) the limited role of the Ministry of Finance to exercise financial oversight over ministries through internal audit. 93. Either an Internal Audit Department or an office of Controller of Internal Audit should be created-- and the head of this organization should report to the Permanent Secretary. All Internal audits staff of the ministries may, on a permanent basis, belong to this new organization and be posted to the ministries on a rotational basis. While deputed to the ministries, the Chief Internal Auditors may report to the Permanent Secretary of the ministry and also have a regular formal collaboration mechanism with the Internal Audit Departments/Controller of Internal Audit. The Chief Internal Auditor in a ministry needs to be at least of a rank equivalent to that of a Director to ensure adequate independence in his/her exercise of oversight functions. This risk is expected to be moderate after these mitigation measures. Financial independence 94. The risk rating for this is high. The Internal Audit function across the ministries faces severe financial constraints. Most internal audit assignments involve travel costs, per diem’s, fuel and other expenses. Treasury has not been able to provide funding and there is no system of formally earmarking funds towards Internal Audit in most ministries. Internal audit does not feature high in the spending priorities of ministries-- resulting in limited coverage of the audit universe. At the Ministry of Agriculture, the team was informed that internal audit visits are usually funded by the auditee units. The auditee units therefore decide the size of the team and duration of the assignments. This not only limits the scope of the audits, but seriously affects the independence of the internal auditors. In some cases, planned audits are cancelled because of a lack of funding. 32 | P a g e 95. It is recommended that Government review the existing practices to ensure that reasonable financial resources are available to Internal Audit in each ministry. It may be appropriate to introduce a budget line-- earmarking funds towards internal audit at each ministry and the amount to be appropriated should be based on annual risk-assessment and an audit-planning exercise. The residual risk is expected to be moderate after the mitigation measures. Audit Committees 96. The risk rating for this is substantial. Audit Committees prescribed under Section 84 of the PFM Act are yet to become functional. The requirements of Audit Committees and the role envisaged under the legislation are consistent with international best practices and local requirements. However, Audit Committees have not been constituted in any of the ministries—except for the Ministry of Health. The Ministry of Health, with external funding derived from its own initiative, has constituted an Audit Committee but it does not include external members-- as envisaged in the PFMA. MOFED plans to play a facilitator role after regulations to the PFMA are promulgated. Funding availability for the Audit Committees is also an area of concern. It is recommended that Audit Committees be constituted in all ministries in accordance with the PFMA and the Audit Office Act with the Ministry of Finance facilitating the process by issuing directives and technical advice. Funding should be made available for the committees to function well. The risk is expected to be moderate after these mitigation measures. Staff skills & competencies 97. Risk rating is substantial for skills and competencies. There have been noteworthy positive steps in the recent past to upgrade knowledge and skills of Internal Auditors by a donor-funded project. That project is supporting forty Internal Auditors to study towards becoming qualified Certified Internal Auditors (CIA). Other training initiatives, including the AFDB, supporting Risk-Based Audit training for one hundred and thirty-six auditors are noteworthy. Nevertheless, the academic qualifications and training to Internal Audit staff are quite limited considering the key role played by Internal Audit in the accountability chain. The entry requirements at junior level require a higher diploma and most of the learning is through on-the-job experience. There are very few auditors who would comply with the International Audit Education Standards in the Internal Audit. There are over five hundred internal auditors in the public service-- out of which a small fraction of auditors hold professional certifications appropriate to their work.25 Despite the training, the capability to embark on large–scale, risk-based audits is limited. Most auditors do not possess skills on Computer Assisted Audit Techniques (CAATs) like ACL or IDEA, and most of the audit teams lack access to CAATs software. Therefore, their ability to interrogate IFMIS is limited. The team was not provided with the basis for the number of internal auditors in each ministry— a number which should be commensurate with the audit universe and risk assessment. Generally, staff shortages are considered one of the bottlenecks for internal audit function. It is recommended that action plans be developed to progressively strengthen the technical competencies of internal auditors by professional certifications and training-- including training in IT tools. The residual risk is expected to be moderate after these mitigation measures. 25 less than 30 are members of the Chartered Institute of Secretaries, Chartered Accountants of Zimbabwe, and Certified Public Accountants 33 | P a g e Nature of audit and quality 98. The risk associated with the nature and quality of internal audit reports is substantial. Internal Audit is exclusively focused on compliance audits and review of financial statements. It has a very limited role in conducting a Performance Audit, an Information Technology audit or other modern audits. Internal auditors take up ‘special audits’, based on complaints or suspected frauds; however, they use the normal compliance audit techniques in these assignments instead of forensic auditing techniques. There is no assurance of the consistency of audit quality across ministries or even within a ministry. There are no auditing standards or quality processes in place to govern audit engagements. There is a need to establish quality assurance practices for internal audit across the ministries. It is recommended that standard practices on audit charter, audit manual and audit practices across ministries be implemented. The risk is expected to be moderate after these mitigation measures. Auditees’ response and follow up 99. Risk is substantial. There is no consistent pattern of the quality of responses from auditees to audit observations. While some ministries/agencies do respond well, many others are insufficient in terms of timeliness and quality of responses. Though the reports are shared with AcG, the AG and other stakeholders, they are primarily dealt with by the Chief Internal Auditor and the head of the audited entity. Internal Audit function in most of the ministries does not follow up on audit observations and responses owing to financial constraints on conducting follow-up audits. The Ministry of Agriculture is one of the exceptional ministries where follow-up audits are conducted; however, such practice is not wide-spread. Internal audit in most ministries does not maintain a database of audit observations for follow-up. It is recommended that appropriate standard practices across ministries be developed to follow up on audit observations and responses. It is expected that after the implementation of the mitigation measures above, the residual risk will be moderate. Conclusion 100. The risk of the current system for internal controls and internal audit is moderate, and that of the country system is high. Most of the project-implementing entities do not have internal audit units. The function is outsourced to accounting firms which provide timely assurance to management on a quarterly or semi-annual basis, depending on the needs of the project. This arrangement works well because the auditing and reports are timely and done in accordance with international standards. Prior to using the internal auditors in the public sector for donor projects, there is the need to implement the mitigation measures so as to bring the risk level to moderate. External Audit 101. An external audit is the examination and expression of opinion on the accounting system and the financial statements prepared for a project as performed by an independent and qualified accountant (practicing auditor), using international auditing standards and terms of reference usually agreed with the Bank. The external auditing currently used is compared with that conducted by the AG in the paragraphs below. 34 | P a g e Current external auditing system for donor projects 102. The system currently used for external auditing of donor projects is rated moderate. For donor projects that use implementing agents, the external auditing is done by private accounting firms which have been licensed by the Public Accountants and Auditors Board to practice auditing in the country. Most of these accounting firms have the appropriate competencies and the audits are done using international auditing standards and terms of reference agreed with the World Bank if it is a World Bank-financed project. The merit in using these firms is that reports are produced on a timely basis and of good quality. They come along with experience and lessons learnt from many other projects that they audit. The disadvantage they have is that their scope is limited to particular projects and they may not be able to expand their scope to cover other institutions and related projects that may help them to have a broader perspective of the risk environment within which the project operates. Unlike the AG, who has access at all times to the documents as well as accounting systems and financial management arrangements of the project, the private firms are not able to follow up on audit findings until the audit of another year is due. Using the office of the AG to audit donor projects 103. The risk that the Office of the Auditor General (OAG) would not be able to provide adequate audit oversight for donor projects is moderate. With the strengthened institutional structure under the Constitution, the PFMA and the Audit Office Act 2009, the AG is in a much stronger position than ever before to provide quality audit products on donor-funded projects. The legal framework provides that the Audit Office Commission oversees the appointments and HR practices in the Audit office. It provides for Audit Committees in ministries to review accounts and internal and external audit findings and provides for taking of corrective action. The scope of audit has been increased to cover local bodies. The AG has embarked on modern audits, including Performance Audits and IT Audits. The AG conducted a system audit of IFMIS in 2013, following IT-audit training. The institution benefitted from collaboration with AFROSAI–E in training and institutional development. Manuals on Regularity Audit and Performance Audit have been customized to meet Zimbabwe requirements and are in use. The AG has sound practices in terms of a strategic audit plan, operational plan and risk-based audit practices to govern activities. However, there is still significant scope for improvement in the AG’s organization. Financial independence and budget constraints 104. The risk that financial independence and budget constraints will affect auditing of donor projects is substantial. While the AG structurally reports to the Parliament and has adequate legal safeguards in terms of security of tenure and power to do his or her work, the office has minimal financial independence. Sec 26 of the Audit Office Act 2009, identifies several sources of funding for the OAG, but the office primarily relies on budget allocations controlled by MOFED. There seems to be a very weak correlation between the priorities of AG-- in terms of strategic plans and operational plans-- with the availability of funding. The AG in her Report for the financial year ended on 31 December, 2013, specifically reported that there are a number of outstanding (i.e., incomplete) audits (of provincial and district stations) as a result of inadequate funding. A mere 47 stations were audited in that year covering 8 ministries (out of 33). The majority of expenses of Government were left outside of the audit coverage-- primarily because of financial constraints. The AG does not have any field offices and all 35 | P a g e audit engagements are centrally coordinated and operated. Further, the unpredictability of cash releases from the Ministry of Finance places uncertainty in the field audits and audits have been deferred/cancelled because of a lack of timely funding towards travel, per diem expenses and petrol. It is recommended that appropriate measures to ensure the financial independence of the AG be considered. This can be achieved through several means, including: a legal provision whereby the AG’s financial requirements are not revised downwards-- except through Parliamentary discussions-- could be a first step in the right direction; and, each project should provide a budget for the external audit until such time as the AG would have enough financial resources to undertake the audits. The residual risk, following these mitigations, is expected to be low. Skills and competencies in the auditing of donor-funded projects 105. The skills and competencies available at the OAG to audit donor projects is rated moderate. Historically, the AG has been auditing externally aided projects (donor-funded projects). Since 1998, the AG has had a specialized division with trained staff for conducting such audits. During the past five years, given the steep decrease in external assistance and donors preferring to use ring-fenced arrangements or donor systems to route the funds to public offices in Zimbabwe, the role of the AG in audit of donor-funded projects has declined. There are very few donor-funded projects with funds routed through the Government financial systems. Donors prefer to appoint private firms of auditors partly because of perceived challenges relating to independence, capacity, quality, timeliness, trust and responsiveness to development partners’ needs. Further, the practice of not using the country budgeting, treasury, banking and accounting systems for routing donor funds reduces the advantage that an AG audit has over private audit in terms of the AG’s understanding of the expertise of various Government offices, staff and practices. The AG presently carries out audit of five donor-funded projects under the Ministry of Environment. The Ministry of Health has recently been tasked with leading several components of the UNDP-supported health project and it was decided that the AG would audit the project accounts relating to the Ministry of Health. 106. While significant progress has been made in recent years to train the teams, major challenges in terms of skills and competencies remain. The AG’s office falls short in terms of both professionally qualified staff and total audit staff when compared to the increasing responsibilities the organization is expected to shoulder. Out of authorized establishment strength of 334, only 257 posts have been operating as of 31 December, 2013. About 180 staff are engaged in actual audit functions. There are very few qualified accounting professionals. In 2013, academic support programs in the organization have facilitated training for various qualifications including ACCA (21), CPA (3), CISA (4) and CISM (1). In the absence of incentives for qualified professionals, the risk of high staff turnover among qualified professional staff is a major concern. The AG has to collaborate with the private sector and outsource the audits of Parastatals and some of the ministries. The AG is not even in a position to exercise quality control over the audits conducted by private firms of auditors for Parastatals. The AG is, therefore, collaborating with the Public Accountants and Auditors Board to ensure quality review of audits done on behalf of the AG by private auditing firms. The AG has been tasked by the new Constitution with the responsibility of auditing local bodies, which would increase the requirement for resources in the organization. It is recommended that the OAG be augmented with additional human resources and training in various aspects of audit. The residual risk will remain moderate. 36 | P a g e Timeliness and effectiveness 107. Risk rating is moderate. In order to increase the effectiveness and timeliness of country-level external audit arrangements, Government needs to address the challenges of delays in the finalization of accounts and in responding to audit queries. Audit reports for the financial year ended December 31, 2013, were signed by the AG on 31 October, 2014. While this is a marked improvement when compared to the previous year (when the report was signed only in December 2013), it significantly falls short of the legal requirement of audit report presentation within six months of the end of the fiscal year (requirement of Section 10 of the Audit Office Act). There are several audit observations in the audit report to which management did not respond and many others where corrective action was not taken, thereby affecting the effectiveness of the audit process. The Audit Office Act provides that the annual audit reports on the consolidated financial statement will be tabled in Parliament by MOFED. Similarly, audit reports on line ministries’ financial statements and performance audit reports are to be tabled in Parliament by the respective ministries. These provisions cause delays in tabling of audit reports in Parliament and affects the independence of the AG as he or she has to depend on the “Auditee� Ministers for tabling of audit reports in Parliament. Follow-up on audit observations is limited and delayed, as most of the follow-ups take place in the subsequent audit of the same entity. There is no centralized database to monitor and review the progress on action taken on audit observations and draw common themes for Government-level control improvements. The residual risk is expected to be moderate Leveraging technology 108. This risk is moderate. The office of the AG seeks to optimize the scarce hardware and software available and to leverage such in order to improve audit quality. The OAG made significant progress on IT-auditing and conducted an audit of IFMIS. However, there is substantial scope for improvements. The OAG uses Interactive Data Extraction and Analysis (IDEA) and Audit Common Language (ACL) applications as Computer Assisted Audit Techniques ( CAATs) for data analysis. The licenses are few and the means for audit staff to upgrade their skills in automated tools are limited. The residual risk is expected to remain moderate. Conclusion 109. Risk associated with the current arrangement where independent private audit firms are used to audit donor projects is moderate. The effectiveness of the OAG is also moderate, but with the comparative advantage of a harmonized approach in auditing, reporting and follow-ups. The AG is better placed to ensure that audit observations are addressed by the auditees. The AG has a broader mandate and a better understanding of the auditing environment. It is recommended that the OAG will be used for donor projects. Payroll and Other factors affecting fiduciary risks 110. A number of IT systems are not linked to IFMIS, but their transactions are manually captured in it. These include the Debt & Aid Management System, the Human Resource Management System (including the payroll), and Revenue Authority. The current payroll system is not sustainable, as this system (hardware, network and software) has been in place since 1994, with decreasing opportunities for 37 | P a g e maintenance in recent years; thus, system failure poses a genuine risk. Manual integration increases the risk of data manipulation and in the case of Zimbabwe, staff costs (payroll and pensions) constitute about 80 percent26 of government expenditures. The payroll of the civil service runs on in-house software—even though the Government has adopted SAP as its overall platform. The establishment registers are being maintained manually and not integrated with the payroll. The Government plans to implement HRMIS, including the establishment register, on the SAP platform by 2016, but it would be costly and complicated to maintain establishment register in SAP and run payroll on a custom-developed system. The payroll should be integrated with the establishment registers in the HRMIS through the use of the same SAP platform to achieve better controls and enhanced sustainability. It is good to note that apart from the better controls and enhanced sustainability, IFMIS, E-procurement and a number of Parastatals,27 and private companies in Zimbabwe are currently using the SAP platform successfully. This makes it imperative for the payroll module in the SAP to be used-- as the skills exist in the country and within Government to manage the payroll in a better-controlled environment. The SAP platform provides the opportunity for better payroll management; commitment controls, and revenue mobilization from the PAYE. The team was also informed that the Public Service Commission is going to conduct a payroll and personnel audit to address any challenges that may exist regarding the payroll; it will also conduct a head-count to eliminate names that are wrongfully on the payroll. It is recommended that the audit should be outsourced and done by an entity independent of the public service. The exercise may be guided by lessons learnt from the payroll and personnel system audit funded by the World Bank in 2009, as well as similar exercises within the African region. Public-Private Partnership through Contracted audits 111. Given the limitations in staff strength and skills available to the OAG, and the excessive wage and salary bills, it will be difficult (at least in the interim) for the AG to recruit the number of staff needed with the prerequisite skills (given the low levels of remuneration). The solution could be to use Section 9 (1) of the Audit Office Act which empowers the AG, by notice in the Gazette, to appoint a person (auditing firms) registered as a public auditor-- in terms of the Public Accountants and Auditors Act-- to inspect, examine and audit accounts, records or stores as required by the Act-- or by any other enactment, to be inspected, examined or audited by the Comptroller and AG-- and report the results. This is in line with section 32 of the PFMA which states that the AG-- or any independent auditor-- shall audit the annual financial statements and return the audited statements to the accounting officer within sixty days of receipt thereof. 112. The Role of Parliament in Providing Oversight in Public Financial Management Public Under the 2013 Constitution of Zimbabwe, Parliament has an oversight responsibility for PFM. Section 299 requires that Parliament must monitor and oversee expenditures by the State and all commissions and institutions and agencies of government at every level-- including statutory authorities, government– controlled entities, provincial and metropolitan councils and local authorities-- in order to ensure (among other things) that all revenue is accounted for and all expenditures have been properly incurred. The major challenge facing Parliament is inadequate funding from the Executive Branch. In 2014, the 2626 The payroll if the Civil Service is about 50%. The other 30% covers pension and payroll cost for the Judicial Service, the Security services, Universities 27 including the National Railways of Zimbabwe, Air Zimbabwe, TelOne, Grain Marketing Board, Zimbabwe Electricity Supply Agency and Zimbabwe Minerals Development Corporation 38 | P a g e World Bank, using the multi-donor trust fund, trained the public accounts committee (PAC) and their secretariat staff in PFM and equipped them with skills for identifying key issues in the Audit Reports. As a result of the support provided to finance long sessions of the PAC, 32 audit reports were considered within the 1st Session of the Eighth Parliament-- which ended on Thursday, 25th September, 2014; previously, the average number of audit reports considered in a session was five. It is recommended that the Parliamentary Committees, especially the Budget and Economic Management Committee and PAC (including their secretariats) will be capacitated to discharge their oversight responsibilities, thus ensuring that funds are used for intended purposes and accounted for in a timely and reliable manner. Way Forward 113. It is recommended that the use of country system should be on an incremental basis. The use of the OAG to audit donor projects should be the beginning point. The budgeting system can continue at the current level where project expenses are incorporated into the national budget. The budget execution, accounting and reporting, treasury and cash management systems of Government could be used for projects after a considerable increase in the internal control system (especially internal audit). The security and integrity of IFMIS can be guaranteed through continuous system-security audit. A repeat of the security audit by SAP every two years, complimented by that of the AG (on an annual basis) is a pre-requite for the use of country systems. 114. The Government is encouraged to implement mitigation measures, as stated in the report, to reduce the risk of using the country’s financial management system, and to enhance reliability. There will be significant savings and cost-effectiveness in moving from donor systems and ring-fenced implementation arrangements to a focus on improving the capacity of ministries and central government systems. Donors are also encouraged to help improve the PFM system in order to ensure efficiency for all GoZ expenditures and that of donor funds. Furthermore, a country’s ownership of development programs and projects is stronger when its own systems, rather than externally imposed systems, are used; such usage will incentivize the GoZ to focus on strengthening PFM systems. Longer term, there will be significant scope for reducing the costs of aid-- both the costs for countries to do business with the donors and the donors’ own costs of project preparation if the GoZ can use its own systems and procedures. 39 | P a g e Annex 1: Summary of Risk Assessment Risk Area Key Risk Element Current system Use of country Proposed Mitigation Residual Risk system Insufficient appropriation Ensure that financing agreements bind the Moderate may be made for projects in Low Substantial GoZ to full appropriation of loan proceeds Planning and the annual budget over the life of the project. budgeting Include Donor-funded projects-- agreed to by management-- in the budget at the (individual) project level. Not being transparent and Substantial Substantial Mandatory requirement for MDA to provide Low comprehensive in the use of estimates of all planned projects. public funds Roll-out Grant Management Module to all ministries to facilitate budgeting, accounting and monitoring of project costs. Procedures for project implementation need to Project implementation may Moderate Moderate be agreed with MOFED, until such time that be delayed as a result of late the project can be included in the estimates for Low appropriation Parliamentary approval. Procedures can be treated in terms of effectiveness or disbursement conditions. The PFMA should provide rules for virement and prohibit use of project funds for other Diversion of project funds Low Substantial purposes. Financing agreements should have Moderate a covenant prohibiting use of project funds for other purposes. Revise chart of accounts to cater to projects. Roll-out the Grant Management Module. The budget classification may not adequately cater for High Substantial projects Low Overall Risk for Planning and Budgeting Moderate Substantial Low Delays in financial reporting Moderate Substantial Define project-reporting requirements directly Low Accounting for projects in IFMIS. and Unauthorized access and Moderate Substantial Set up in IFMIS specific bank accounts, Moderate 40 | P a g e Risk Area Key Risk Element Current system Use of country Proposed Mitigation Residual Risk system Reporting unreliable data expenditure accounts, and reconciliation controls for each project. Project financial statements not compliant with international standards Moderate Substantial Agree standards and format of the project for Moderate annual financial statements. Fully implement IPSAS on IFMIS. Implementation of the Project Management and the Business Intelligence Modules of SAP and roll-out to in all ministries. Difficulty in tracking project- related transactions Revise Chart of Accounts and roll-out Grant in the accounting system Moderate Substantial Management Module to all MDA to allow for Moderate easy recording and reporting of project-related expenses. Project data lacking integrity Moderate and reliability Tighten access controls, ensure segregation of Moderate Substantial duties and conduct regular system audit. Moderate Weak audit trail Improve record keeping and filing. Substantial Moderate Moderate Overall Risk for Accounting and Reporting Moderate Substantial Moderate Treasury and Consolidation of project The designated account for the project should cash balances in the treasury High Moderate be defined in IFMIS. Moderate funds flow single account Project cash forecasts may Moderate Moderate not be timely and reliable Financing agreement should provide latest Low dates for submission of procurement and work plans. The reliability of budget Moderate Substantial disbursements to projects Establish authority, capacity and process to Moderate ensure timely submission of withdrawal applications. In-year changes to the budget Low Substantial Prohibit in-year changes in the financing Moderate agreement and PFMA to provide guidance. Inability of Treasury and RBZ to support banking Low Moderate Specific project bank accounts need to be needs of projects opened and incorporated into IFMIS. Low The likelihood of losing project funds if they are Project funds should be transferred to sub- commingled or unutilized at control account of the Pay Master General the end of the fiscal year; or, Moderate Moderate Account and allowed to automatically roll lack of access to project over to the next year. This can be stipulated in Moderate funds over year-ends the financing agreement. Overall rating for Treasury and Funds Flow Moderate Moderate Moderate Internal Ineffective control Substantial High Normal project expenditure procedures and Moderate framework and procedures or controls prescribed in the PFM Act, Control and weak compliance with regulations and other instructions will be 41 | P a g e Risk Area Key Risk Element Current system Use of country Proposed Mitigation Residual Risk system Internal internal controls applied to the project, subject to compliance to procurement arrangements agreed in the Audit . Financing Agreement. The development and maintenance of fixed asset registers for projects needs to be agreed. Institutional arrangements Moderate High Agree specific internal audit requirements for Moderate for Internal Auditing each project, which could include scope, approach and reporting requirements. Financial independence Substantial Substantial There is a need to revise the legal framework Moderate to provide for independence and better institutional arrangement. Audit Committees Moderate Substantial The ministry where the project resides should Moderate set up the committee-- an important effectiveness condition. Staff skills, competencies Moderate and nature of audit and Substantial Substantial Need to train and equip Internal auditors; quality otherwise, outsource the audit. Auditees’ response and Need to agree at the initiation of projects that follow up without resolving audit queries, the Bank may suspend disbursement. Payroll system has limited Low High Payroll should be moved onto the SAP Substantive controls, the cost is huge and together with the HRMS and the disturbs budget establishment controls. implementation. The limited fiscal space created by the payroll poses the danger of diverting project funds. Internal Audit is unable to Moderate Substantial :  Establish the office of Comptroller of Moderate provide the assurance of Internal Audit, reporting to appropriate robustness of, and senior level officer in Ministry of Finance. compliance with, controls  Provide internal audit with appropriate capacity-development support.  Establish Audit Committees-- as envisaged by the law.  Ensure that Chief Internal Auditor of MDA is of a rank consistent with the role envisaged.  Strengthen Internal Auditby providing a legal mandate for the unit, developing an internal audit charter, and applying international internal auditing standards which focus on risk and systems audit. Overall rating for Internal Control and Audit Moderate High Moderate 42 | P a g e Risk Area Key Risk Element Current system Use of country Proposed Mitigation Residual Risk system External Timelines: OAG is required Moderate Moderate:  During the project negotiation, agree on Moderate to submit financial audit terms of reference, specifying the Audit and statements to the Legislature approach, type of audit opinion and timing oversight within six months after fiscal to submit the report. year end. OAG is required  Operationalize the Regulations to the Audit to submit financial Moderate Moderate Office Act. Moderate statements of projects to the  Revise strategic plan to include World Bank or Donor within collaboration with private audit firms. six months after fiscal year  Undertake capacity-building reforms to end. enhance compliance with INTOSAI Standards. OAG’s limitations in Moderate Substantial Moderate competencies and operational & financial independence Addressing audit observations should be made Follow up of audit Substantial Moderate a disbursement condition. Moderate observations FM and procurement staff will offer training Competence in audit of Moderate Moderate regarding the FM and procurement Low donor-funded projects arrangements for Bank-funded projects. Funding should be provided under the project for external audit. Moderate Substantial Financial independence and Low budget constraints The capacity-building envisaged in the strategic plan should be carried out. Moderate Moderate Skills and competencies The skills-training should be complemented Low by audit assisted systems. Moderate Substantial Moderate Leveraging technology Overall Risk for External Audit Oversight Moderate Moderate Moderate Staffing Low number of suitably Moderate Substantial Agree staffing skills and requirements to Moderate qualified public finance manage Donor/Bank-funded operations during management and auditing project preparation. staff Design and implement a long-term, comprehensive capacity-development strategy to develop more professional PFM cadre (planners, budget officers, accountants, statisticians, monitoring and evaluation officers). Overall Risk for Staffing Moderate Substantial Moderate Legal Weak legal framework may Need to provide in the PFMA the rules for Moderate provide room for funds to be Moderate Substantial virement. framework used for unintended purposes Operationalize the regulations for the PFMA and the Audit Office Act. The draft PFM regulations Financing agreement should cover gaps in the and Draft Regulations for the legal framework. Audit Office Act not operationalized Overall Risk in the legal framework Moderate Substantial Moderate 43 | P a g e Annex 2.a: Summary of PEFA scores for Zimbabwe-2012 Indicator Rating A: PFM Out-turns 1. Aggregate expenditure out-turn compared to original approved NR budget 2. Composition of expenditure out-turn compared to original approved D budget 3. Aggregate revenue out-turn compared to original approved budget D 4. Stock and monitoring of expenditure payment arrears C+ B: Key Cross-Cutting Issues 5. Classification of the budget C 6. Comprehensiveness of information included in budget B documentation 7. Extent of unreported government operations D+ 8. Transparency of intergovernmental fiscal relations NA 9. Oversight of aggregate fiscal risk from other public sector entities C 10. Public access to key fiscal information C C: Budget Cycle 11. Orderliness and participation in the annual budget process B 12. Multi-year perspective in fiscal planning, expenditure policy, and C budgeting 13. Transparency of taxpayer obligations and liabilities B 14. Effectiveness of measures for taxpayer registration and tax C+ assessment 15. Effectiveness in collection of tax payments D+ 16. Predictability in the availability of funds for commitment of D+ expenditures 17. Recording and management of cash balances, debt and guarantees B 18. Effectiveness of payroll controls C+ 19. Competition, value for money and controls in procurement D+ 20. Effectiveness of internal controls for non-salary expenditure C+ 21. Effectiveness of internal audit C+ 22. Timeliness and regularity of accounts reconciliation C 23. Availability of information on resources received by service D delivery units 24. Quality and timeliness of in-year budget reports A 25. Quality and timeliness of annual financial statements D 26. Scope, nature, and follow-up of external audit C+ 27. Legislative scrutiny of the annual budget law C+ 28. Legislative scrutiny of external audit reports D+ D: Donor Practices D-1 Predictability of direct budget support NA D-2 Reporting on project/ program aid A D-3 Proportion of aid that is managed by use of national procedures D 44 | P a g e Annex 2b: PEFA SCORES IN 2013 Annex 3 – Logical framework for channeling investment projects through country FM systems 45 | P a g e Annex 4: Risk Concepts Risk Description Inherent Risk Inherent risk arises from the environment in which the project is located. It is the risk that the project financial management system does not operate as intended due to such factors as country governance, environment, rules, and regulations. Inherent risk comprises three elements:  Country-level risk. This rating is determined at a portfolio level, for each fiscal year, and is the same for all projects for which a risk assessment is prepared during the same fiscal year.  Entity-level risk. When entities have implemented Bank-financed operations in the past, the Bank may determine this risk using internal sources, such as Implementation Completion and Results Reports and Country Portfolio Performance Reviews. If the entity is new to implementing Bank-financed operations, a risk assessment of the entity is undertaken.  Project-level risk. This risk is project-specific and is assessed for each project. Control Risk The risk that the project’s financial management system is inadequate to ensure project funds are used economically and efficiently, and for the purpose intended. Control risk is measured for all six elements of financial management: budgeting, accounting, internal control, funds flow, financial reporting, and auditing. Detection The risk that a material misuse of loan proceeds takes place and is not detected. Risk Detection risk is lowered by: (1) capacity-strengthening measures for the weaknesses identified as posing unacceptable levels of risk; and/or, (2) increasing Implementation supervision. Residual Risk Residual risk is the combination of the project’s inherent, and control, risks-- as mitigated by borrower-control frameworks and Implementation supervision. The fiduciary risks are mainly “control� risks, whereas the broader PFM risks are mainly “inherent� risks. The financial management risk rating is expressed as “high,� “substantial,� “modest,� or “low� based on professional judgment; the rating provides a benchmark against which various aspects of project design, supervision, and other actions that may be taken are established. Professional judgment exercised in this context refers to the Financial Management Specialists’ (FMS) appreciation of the Borrower’s financial management system to comply with the Bank’s financial management policies. To provide such professional judgment, the Bank’s FMS assesses the evidence collected as a result of procedures conducted, and he or she derives a conclusion. The professional judgment which is provided is determined by the procedures performed, their results, and the country context. The assessment is planned and performed with an attitude of professional scepticism and a developmental approach recognizing that circumstances may exist which may affect the ability of the financial management system to provide reliable and accurate data on which to evaluate whether funds have been utilized for the intended purposes. 46 | P a g e References Constitution of the Republic of Zimbabwe Public Finance Management Act 2009 Audit Office Act 2010 Country Integrated Fiduciary Assessment Report 2012 Budget Statements 2010 to 2015 Audit Reports on Consolidated financial statements 2013 and 2014 Staff Monitoring Programme Report 2014 Introducing Cash- Basis IPSAS Financial Reporting by IMF Fiscal Department September 2014 47 | P a g e 48 | P a g e