COUNCILS must ensure IT system access is restricted and staff duties are segregated to avoid a repeat of the £1 million fraud that hit Dundee, the public spending watchdog says.
Mark Conway was jailed for more than five years for siphoning more than £1m from Dundee City Council between 2009 and 2016.
The IT officer, who was sentenced in August, had been with the local authority for 30 years and helped design some of the systems he used to make almost 60 payments to himself. The Brechin man entered fake invoices and changed the bank details of suppliers to divert money to cover his gambling problem.
Today an Accounts Commission probe has found the fraud could have been limited if the authority had addressed significant weaknesses in its invoicing systems. It states that processes were “ineffective”, adding: “The lack of segregation of duties allowed the perpetrator access to a number of systems, enabling them to carry out the fraud.”
The body recommends all councils now address processes surrounding budget monitoring, system documentation and IT access rights.
Graham Sharp, Accounts Commission chair, said: “This case provides clear lessons for every council in Scotland.
“Councils must have fundamental internal controls in place to ensure secure IT systems, and those responsible for using them must be managed appropriately.”
A report considering the Accounts Commission’s findings will go before a meeting of Dundee City Council next month. A spokesperson said: “The council has taken action to prevent a fraud of this type from happening again in the future. An independent review of procedures has already gone ahead and measures have been put in place to strengthen controls.
“The council has been engaging with Police Scotland to ensure that lessons are learned from the fraud by other local authorities and public sector agencies.
“Dundee City Council was involved in ongoing efforts which ensured that the funds taken from the authority by this individual were fully recovered.”
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here