Communications regulator the Independent Communications Authority of SA (ICASA) says the existing General Licence Fees Regulations are ambiguous, leading to different interpretations by licensees.
ICASA was reacting to its third consecutive qualified audit from the auditor-general (AG). In the year to March, the AG could not "obtain sufficient, appropriate audit evidence" to confirm that ICASA had received R793 million in licence fees, and that it consequently paid a balance of R801 million to National Treasury.
The regulator collects licence fees from operators, which it must pay over to treasury's National Revenue Fund within 30 days. It collects these payments from broadcasters, telecoms operators and Internet service providers for the use of spectrum.
Spokesman Paseka Maleka explains that the AG is referring to a lack of adequate systems to record and report financial transactions for its debtors. He says electronic communications licence holders do not always submit reports for licence fees to be calculated.
Maleka says there is no financial impact for treasury and for spectrum licence holders, as invoices were billed for all registered licensees and fees collected.
However, there is an ambiguity in the General Licence Fees Regulations, which has led to different interpretations from licensees and abuse by the big operators, as they inflate total costs, leading to negative gross profits and no licence fees being billed, says Maleka.
ICASA is amending the General Licence Fee Regulations to levy fees based on an auditable and ambiguity-free method, says Maleka. ICASA is also requesting permission to retain its financial information for the past three years as is, while it is in the process of rectifying the regulations, he says.
Lacking
The AG also found that ICASA did not implement controls over daily and monthly processing and reconciling of transactions. It also failed to prepare regular, accurate and complete financial and performance reports that are supported and evidenced by reliable information.
The AG states: "Due to the lack of controls over the invoicing and collection of licence fee revenue, the entity's records did not permit the application of alternative audit procedures, and consequently, I was unable to determine whether any adjustments to the National Revenue Fund Receivable and resulting payable figures were necessary."
ICASA was found to have failed to implement record-keeping in a timely manner to make sure that complete, relevant and accurate information is accessible and available to support financial and performance reporting, notes the AG.
Management did not adequately review and monitor compliance with applicable laws and regulations. The institution did not design and implement adequate formal controls over IT systems to make sure they were reliable and that information was available, accurate and protected.
In addition, the AG found ICASA's accounting officer did not establish adequate procedures for quarterly reporting of performance to the executive authority to facilitate effective performance monitoring, evaluation and correction as required by the Public Management Financial Act.
The AG also found the accounting officer did not exercise adequate oversight responsibility around financial and performance reporting and compliance and related internal controls.
Getting there
Maleka says a number of internal controls have been established, which will be continuously measured as part of its performance standards. In addition, an IT governance framework is being developed based on COBIT 5, ITIL and King III.
"This framework will be completed and approved during the third quarter of the current financial year."
Maleka concedes that ICASA did not implement controls over daily and monthly processing and reconciling of transactions. The annual financial statements submitted on 31 May were incomplete, resulting in material changes to the annual financial statements after the end of the month, he says.
This led to non-compliance as reported in the audit report, explains Maleka. However, a monthly finance and annual closure timetable is being enforced.
"Above all, access rights on some servers and databases have been restricted. In addition, audit logging software is currently being procured to mitigate [these problems], which will ensure a complete audit trail of log files is available."
Share