Internal Controls are Still Lacking

Performance Evaluation and Research Division
Building 1, Room W-314

State Capitol Complex

(304) 347-4890

July 1999

Issue Area 1: The Department of Administration Failed To Implement The Internal Controls Recommended By The Legislative Auditor's Office In 1982.

Recommendation 1:

The locks for meters and collection boxes should be changed and strict controls implemented to secure the keys. The keys should not be removed until signed for by the individuals deemed collectors and should be returned upon completion of collections with a deposit signed by the Treasurer's Office.

Level of Compliance: Partial Compliance

The General Services Division uses a sign out sheet for the meter keys. The employee must sign for the meter keys, record the date, the time the keys were taken, and the time the keys were returned. When the deposits are made at the Treasurer's Office, the collection employees retain a copy of the signed deposit slip.

General Services has not changed the locks on the meters and collection boxes. Any keys that fit the locks during the embezzlement period could still be available for use. This is still a viable concern if there were in fact meter keys in the possession of unauthorized personnel. General Services explained that they would have to replace the meters to accomplish this, and currently is not a feasible option. It was noted during the review of the key sign out sheet, that there were three days that the keys were never signed back in. The sign out sheet did not contain a list of individuals authorized to take the keys. The keys were signed out 74 times from September 14, 1998 to June 22, 1999 by five individuals, one of whom accounted for 62 sign outs.

Management action to improve internal controls and provide increased oversight of parking meter collections reflect an almost doubling of revenues.

Table 2 below shows the amount of revenues collected since the new employees have taken over the collection responsibilities. The table also contains the amounts collected in the same time period of the previous year. These November 1997 through August 1998 amounts were collected during the embezzlement period. The revenues nearly doubled during the same time period for the current year with less meters in operation.

New Collectors
Embezzling Period
November 986,055November 972,563
December 985,673December 973,390
January 99 1,677January 98 1,260
February 990February 98138
March 99*12,455March 981,161
April 996,085April 984,364
May 996,734May 984,355
June 995,240June 983,992
*Revenue from parking meter investigation per circuit court order 98-F421 (I) = $10,303.13. Actual parking meter revenues for March were $2,151.69.

The Legislative Auditor believes change in the locks and increased rotation of persons collecting meter funds would constitute full compliance with this recommendation.

Recommendation 2:

Written procedures for the collection of all meter revenues and citation revenues should be documented and signed by the Secretary of Administration. These procedures should outline 1.) who is responsible for the collection, 2.) the actual procedure of the collection, 3.) procedures for auditing the collections for fluctuations and how the fluctuation was resolved, 4.) who has responsibility of keys for collection boxes and meters, and 5.) the frequency of collection.

In addition, there should be written procedures for the issuing of parking violations. The tickets are the only means for determining the amount of revenues which should be collected from parking citations. The employees delegated to collect coins should not collect the parking violation fines and should be rotated periodically. This will reduce the risk of collusion.

Level of Compliance: Non Compliance

There have been no written procedures in regards to the collection of meter coins, or the system in place to evaluate collections. We were not provided with the following information:

1. The individuals' names who are assigned to rotate in the collection of meter revenue;
2. Information regarding the actual procedure of the collection;
3. Procedures for auditing the collections for fluctuations and how the fluctuation will be
4. Who has responsibility for the meter and collection box keys;
5. The frequency of the collection.

As noted earlier in the report, Administration has not provided all phases of the revenue cycle. The sign out sheet noted above in Recommendation 1 is an improvement but not sufficient for written procedures. The five items listed above are all procedures that should be documented to prevent the process from ceasing due to personnel changes. They are also crucial to instilling the collectors' position's importance and responsibility. There are written procedures for the deposit of the collections at the Treasurer's Office, but not the collection itself. This is the beginning phase eluded to earlier.

The second section of Recommendation 2 deals with the controls over parking violations. No procedures were provided to our office for the issuing of parking violations. Here again, the latter phases of tracking written tickets and pursuing non paying offenders are documented. The beginning phase of maintaining the ticket books and writing the tickets were not provided.

The collection responsibilities have been rotated 12 times in 74 total collections. The rotation was performed by the Captain of Capitol Security. The amount of rotations should be increased and the collections should not be done by officers who write parking tickets. This is due to the fact that these individuals also collect the parking violations. It would create a high risk environment if individuals that write tickets can also collect the fines. This, in effect would be the same scenario that led to the embezzlement.

Recommendation 3:

Random audits should be conducted by the Department of Administration to oversee the collection and assure all monies are being deposited once collected, noting the date any below average amounts are collected. This date can then be cross-referenced to parking citations written on that date. There should be an inverse relationship between parking meter revenues and citation revenues.

Level of Compliance: Non Compliance

The Department of Administration has produced written procedures for their revenue unit. Based on the information we received there is no one in an objective position charged with monitoring the collection process and amounts collected. Random audits of the collection process are extremely important.

Recommendation 4:

The lack of internal controls over collection of paid citations from fine boxes leaves the Department of Administration without accurate records of individuals who may have paid in cash. The DOA should consider voiding all uncollected parking violations issued during the time period of the recent embezzlement.

Level of Compliance: Non Compliance

The Department of Administration did not concur with this recommendation and continued to pursue ticket revenues from tickets issued during the embezzlement.

Recommendation 5:

All ticket books should be pre numbered and accounted for by recording who receives the ticket book and require the employee to sign a receipt for the book. All books should be audited regularly to detect unaccounted for books of tickets. It is also recommended that Administration require the inventory of books be secured and distributed each month to prepare reconciliations with yellow copies (carbon copies of the tickets) returned.

Level of Compliance: Partial Compliance

The Department of Administration provided us with a ledger used to record the officer receiving a book of tickets. This is maintained by the Captain of Capitol Security. However, we have not received documented procedures as to how the Department of Administration keeps up with this list, or the overall inventory of the ticket books. Our concerns lie with the tickets that could be taken from General Service's inventory and not submitted to the Department of Administration after use. The yellow copy of the ticket would never be received by Administration and would never realize it is missing. If there are individuals writing tickets and collecting fines, this could be a major weakness in the system.

Recommendation 6:

The Department of Administration should continue to pursue collecting the recent embezzlement loss from the Board of Risk and Insurance Management. The DOA should report to the Joint Committee on Government Operations at the January interims the status of this action and any improvements made to the parking meter controls.

Level of Compliance: In Compliance

The Board of Risk and Insurance Management has informed the Department of Administration that they are close to settling the claim for $27,000.00.

Issue Area 2: Many Parking Meters Desperately Need To Be Replaced With State of the Art Equipment.

Recommendation 7:

The Department of Administration should consider replacing the old meters with a state of the art system which would provide locked vault type collection points and an audit trail for collections. This type of system would reduce the risk and temptation for an employee to steal parking meter funds during the collection process.

Level of Compliance: Planned Compliance

In the Agency's Response to the 1998 report, the Department of Administration was in agreement with the recommendation. The DOA is delaying the evaluation of the meters upon completion of the parking building and the planned bus turn around for the cultural center parking lot. After the projects are completed, the DOA will evaluate parking meter needs and make the necessary changes.

The collection system is still on a trust basis. The collection canister is no longer used. However, PERD has observed the staff is using an open plastic bucket. It may be wise for the collection employees to continue to use the canister for their own safety.