FOI Request - Anti Fraud Measures
Request 101003842905
Following the recent 2023/24 audit of Aberdeen City Council (particularly the section 'Lessons for others'), I'm seeking information to understand how your council ensures robust internal controls to prevent and detect similar fraud incidents.
Please provide the following:
Segregation of Duties
1. What controls are in place to ensure that no single officer can process a transaction from initiation to payment without independent oversight?
2. Please provide details of any system access restrictions (including role-based permissions) that are used to enforce segregation of duties.
3. On what date were these segregation controls last reviewed or updated?
Reconciliations
4. How does your council ensure that feeder systems (e.g. council tax, benefits, sundry debtors) are reconciled to the general ledger?
5. How frequently are these reconciliations carried out, and by which role(s)?
6. Are third-party sources (such as bank statements or suppliers’ statements) routinely used to verify transactions? Please provide details.
System Documentation
7. Does your council maintain up-to-date documentation for all key financial systems that sets out the fraud-prevention and error-prevention controls to be applied by staff?
8. Please provide the date(s) this documentation was last reviewed or updated.
Monitoring
9. What reports, exception checks, or scrutiny mechanisms are used to identify unusual or high-value transactions at an early stage?
10. How often are these reports reviewed, and by whom?
11. Please provide examples of any specific anomaly detection processes in place.
Counter-Fraud Arrangements
12. When was your council’s current counter-fraud policy last refreshed or updated?
13. What steps have been taken in the last three years to promote the counter-fraud policy to staff (e.g. training sessions, awareness campaigns, internal communications)?
Response 16-09-2025
Segregation of Duties
1. User profiles within software applications are configured to enforce segregation of duties. This ensures a clear distinction between transaction processing and the authorisation of payments by management. Where practical, these controls are reinforced through the implementation of physical safeguards.
2. Access to individual software applications for officers is structured through defined user profiles to ensure an effective segregation of duties across service delivery functions and within teams, including processing, reconciliation and transaction- authorisation.
3. External and Internal Audit Services undertake regular reviews of system-controls to assess the effectiveness of governance frameworks and the operation of internal control processes.
Reconciliations
4. Established processes are in place to reconcile postings between software applications and the Financial Management System. This activity may involve collaboration between officers from various Council services.
5. Ongoing reconciliations are performed regularly to verify that income recorded within software applications is accurately reflected in the Council’s bank account.
6. Reconciliation procedures are in place to ensure that entries recorded within software applications are accurately verified against corresponding bank statements.
System Documentation
7. All services are required to maintain up-to-date procedures for financial systems. These procedures include system and processing controls designed to ensure financial accuracy and mitigate the risk of fraud.
8. There is an ongoing requirement to update procedures and processes to reflect changes in service needs.
Monitoring
9. Specific details within the Council’s counter-fraud arrangements are not disclosed to prevent criminal activity. However, established controls to identify transactions requiring further investigation and authorisation.
10. The reports are reviewed on a case-by-case basis, depending on the nature and materiality of the transactions.
11. Various checks are performed, including data-matching exercises within and across databases. Additionally, computer-assisted information interrogation software is utilised to review transactions and identify those requiring further investigation.
Counter-Fraud Arrangements
12. The Council’s Policy to Combat Fraud, Theft, Bribery, and Corruption was updated and formally approved by the Council’s Corporate Committee on 30 January 2024.
13. All employees have been briefed on the Council’s Policy to Combat Fraud, Theft, Bribery and Corruption. Additionally, the Internal Audit Section undertakes regular reviews of the Council’s counter-fraud arrangements. The Council also participates in national data-matching exercises to support the detection and prevention of fraud.