Nova Scotia’s auditor general December report dropped Tuesday morning and says the province is reporting a “clean” audit, but there’s room for improvement in government controls.
For the 20th year in a row, the auditor general identified no significant issues with the quality of the information in provincial financial statements.
“This is an accomplishment that governments over the past 20 years should take pride in,” The report says.
However, weaknesses in the government’s internal controls have been identified, which the report says “should be addressed in a timely manner.”
Internal control weaknesses found
Weaknesses were found in two provincial departments: the Department of Service Nova Scotia and Internal Services and the Department of Lands and Forestry.
Statements from the Department of Service Nova Scotia and Internal Services showed issues in processing controls for purchases and payments. Eight of these weaknesses have been identified in prior years, the report said.
“We reported previously that SNS-IS may not be able to prevent and detect unauthorized or fraudulent payments or ensure purchases achieve value for money due to these significant control weaknesses,” the report says.
The Department of Lands and Forestry did not complete sufficient investigations of abandoned mine sites that have potential areas of contamination, the auditor general report says.
“There is a risk that potential contamination is not identified or managed, resulting in possible unaddressed human health or ecological concerns.”
In addition to the two departments, eight government organizations had significant control weaknesses identified in their audits, according to the report.
- Canadian Sports Centre Atlantic
- Harbourside Commercial Park Inc.
- Housing Nova Scotia
- IWK Health Centre
- Nova Scotia Education Common Services Bureau
- Nova Scotia Health Authority
- Nova Scotia Innovation Corporation
- Sydney Steel Corporation
The report says the NSHA should work to improve its financial reporting and payroll processes. Insufficiency in this area was reported in prior years as well, and remains outstanding, the auditor general says.
The IWK has two outstanding weaknesses in capital asset processes and Housing Nova Scotia has three deficiencies related to IT that have yet to be addressed.
“Although accounting standards have been met, underlying control weakness exist, and they increase the risk of unreliable financial reporting and misuse of assets in the future,” acting auditor general Terry Spicer says in a release.
Financial impact of COVID-19
The coronavirus pandemic resulted in many Nova Scotians and industries taking a financial hit. The provincial government was no different.
According to the auditor general report, Nova Scotia’s economy is expected to shrink by 5.5 per cent this year.
“The Province was initially budgeting for a surplus of $55 million and is now forecasting a deficit of $853 million in 2020-21, an almost $1 billion swing,” read Spicer’s statement.
The provincial government is forecasting $460 million in spending on COVID-19 relief in the 2020-21 fiscal year.
In the 2019-20 fiscal year, COVID-19 spending totalled at $120 million.
To date, several financial measures were made in an effort to help Nova Scotians, the auditor general says.
This includes $100 million to be administered by Dalhousie University, and deferred provincial loan payments of $151 million.
The province also “committed $270 million in cash advances for university and colleges, $380 million in loans for municipalities and is projected to spend $228 million in infrastructure stimulus funding next year.”
The Department of Health and Wellness projects its COVID-19 spending will cost $331 million in the 2020-21 fiscal year. This number includes the cost of personal protective equipment.
A Tuesday release on the auditor general report says the auditor did not comment on the government’s decisions regarding COVID-19 spending in this report.
“Office is currently conducting a performance audit that will look at the various provincial spending programs established to support Nova Scotians through the COVID-19 pandemic. That audit will be released in 2021 and will consider the approaches selected for both program administration and oversight.”
Spicer also pointed out that Nova Scotia has not yet released a long-term COVID-19 recovery plan.
“The impacts of COVID-19 will be felt well beyond this year. Governments across the country are developing long-term recovery plans that set the course to improve business activity, promote the safety and wellbeing of citizens, and help the economy rebound,” Spicer said in the release.
Cybersecurity risks identified
The 2020 December report says Nova Scotia is still developing cybersecurity programs and a response to cybersecurity risks.
These risks can include data breaches, information held for ransom and theft of financial assets, the auditor report says.
Risks to provincial cybersecurity have increased during the COVID-19 pandemic, with many provincial employees working from home and accessing the network away from government locations.
“Despite that, Service Nova Scotia and Internal Services still hasn’t finalized regulations to define roles and responsibilities for cybersecurity,” the auditor general report statement said.
The Canadian Centre for Cybersecurity has identified increased cyberattacks in government health sectors across the country in the last fiscal year.
“Cybersecurity experts say the sector is targeted more than any other industry in the country; health information can be even more valuable to hackers than a credit card,” reads the auditor report.
According to the report, 10 provincial departments have not completed fraud risk assessments. These include:
- Fisheries and Aquaculture
- Communities, Culture and Heritage
- Lands and Forestry
- Education and Early Childhood Development
- Municipal Affairs and Housing
- Energy and Mines
- Service Nova Scotia and Internal Services
“COVID-19 underscores the need for effective cybersecurity programs. Without proper measures, departments and organizations are at risk of threats including data breaches, theft of financial assets and disruption of operations,” Spicer said in the release.
The report says nine public service units and 19 government organizations have also not completed the assessments. In addition, nine government organizations do not have fraud policies whatsoever, many of which are education centres.
The Department of Education and Early Childhood Development noted it would implement a common fraud policy for all regional education centres, but due to COVID-19, it was not able to implement the policy before the end of the last fiscal year, the auditor report says.
Six provincial departments and three public service units have fraud training completion rates below 80 per cent.
“It is very important that departments and public service units have all their employees complete the mandatory fraud training,” the report reads.
Low completion rates reduce the province’s ability to address fraud.
“I find that government continues to take steps to manage fraud risk, but it’s still not acting fast
enough,” Spicer states.