← All insights
ACCOUNTING OFFICER LIABILITY

PFMA Section 38 and irregular ICT expenditure.

Section 38(1)(f) of the Public Finance Management Act makes the accounting officer personally responsible for taking effective and appropriate steps to prevent irregular expenditure. The phrase ‘effective and appropriate steps’ is the one the Auditor-General tests against. For ICT contracts, this responsibility is harder to discharge than for many other categories because ICT spending often deviates, extends, or operates outside the original procurement event. Five patterns catch most accounting officers off guard.

1. Deviations from supply chain management policy

Deviation from the standard procurement process is permitted under National Treasury Regulation 16A6.4 and equivalent MFMA provisions, but the deviation must be justified, documented, and approved by the accounting officer in writing. ICT deviations are common: an emergency replacement, a sole-source vendor for a niche product, a continuation of an expiring contract while a new tender runs.

The Auditor-General tests the deviation file against three questions. Was the deviation actually necessary, or was it a planning failure dressed as an emergency? Was the rationale documented in writing before the spend was committed? Did the accounting officer apply their mind and approve in writing, with reasons that hold up on review?

The most common failure is post-hoc justification. The deviation memo is written after the order has gone out, the reasons are generic, and the approval signature is dated after the invoice. AGSA reads files in that order and flags the discrepancy.

2. Contract extensions beyond original scope

ICT contracts drift. A three-year managed services contract becomes a four-year contract via a one-year extension; the extension becomes two; the original procurement event recedes into history. Each extension is a procurement decision in its own right and needs to be justified against the original tender's competition principles.

MFMA Section 116(3) and equivalent PFMA Treasury Regulation 16A8 set strict conditions for contract modification. The modification must be permitted by the original contract terms, must not exceed value thresholds, and must not so substantially change the nature of the contract that a fresh procurement event was required. Cumulative extensions often breach the second and third conditions even when each individual extension was permissible.

The audit defence is a contract register that tracks every modification, the cumulative value uplift against the original award, and the supply chain approval for each. When AGSA pulls the file, the register answers the question before the auditor asks it.

3. Variation orders without supply-chain re-approval

ICT projects produce variations more than most other categories. A scope addition because the original design missed an integration. A timing change because a dependent project slipped. A pricing change because the original estimate was wrong. Each variation needs supply-chain re-approval if it materially changes the contract.

What ‘materially’ means is judged on substance, not form. A 5 percent value uplift on a R5 million contract is below most thresholds. A 5 percent value uplift on a R50 million contract is R2.5 million and crosses most thresholds. A scope addition that introduces a new technology platform is material regardless of value because it changes the nature of the work.

The pattern AGSA catches: variations approved by the project manager and the supplier, signed off by a procurement officer who didn't realise the variation should have gone through the bid adjudication process again.

Variation orders are the procurement event you didn't run. The accounting officer wears them either way.

4. Sub-contracting without prior approval

Many ICT contracts contain a clause requiring prior written approval before the supplier sub-contracts work. The clause is routinely included and routinely ignored. The supplier sub-contracts to a delivery partner without notifying the entity, the entity discovers it during a service review, and the contract is breached on paper from the moment the sub-contract began.

AGSA's interest in sub-contracting is twofold. First, the procurement integrity: was the original bid actually self-performed at the level claimed, or was the bidder a prime contractor with a hidden delivery partner? Second, the B-BBEE recognition: if sub-contracting shifts work from a Level 1 supplier to a non-compliant sub-contractor, the entity's preferential procurement claim weakens.

The fix is supplier-side discipline. Sub-contracting register maintained by the supplier and reviewed quarterly by the entity. Approval workflow before any new sub-contractor is engaged. Disclosure on every monthly service report of which work was performed by sub-contractors during the period.

5. Time-and-materials variations becoming fixed-price scope changes

The fifth pattern is more subtle. A contract is structured as time-and-materials for a defined volume of effort. The entity asks for an additional capability mid-contract; the supplier quotes the additional capability on time-and-materials and the entity agrees. The work is then delivered as a discrete deliverable that looks like a fixed-price project.

From a procurement-event perspective, the entity has just bought a fixed-price project from the supplier without running a procurement. The original contract was for an effort pool, not for an outcome. The substance of what was bought differs from the form of the contract.

This catches good-faith procurement officers regularly. The work needs to be done, the supplier is in the room, the marginal cost of variation feels lower than running a new tender. The fix is procedural: any scope addition that produces a defined deliverable goes through bid adjudication regardless of how it is priced, unless the original contract explicitly anticipated it.

What the file needs to look like

When AGSA pulls an ICT contract file, the auditor reads in a specific sequence: original tender documents, bid evaluation record, original award letter, original contract, modifications register, modification approvals, current contract value reconciliation, sub-contracting register, performance reports, payment record. If any of these are missing or out of sequence, the audit moves to a deeper test.

The accounting officer's defence is not the absence of findings. It is the completeness of the file. The Auditor-General's framework treats irregular expenditure findings less harshly when the entity can show it took reasonable steps. A current, complete contract file is the primary evidence of reasonable steps. The entity that cannot produce one accepts the heavier finding regardless of whether the underlying procurement was substantively sound.

This piece is a summary of common patterns from accounting-officer-facing advisory work. It is not a substitute for compliance review by an attorney or by National Treasury. Specific contracts should be reviewed on their facts.

INDEPENDENT REVIEW

Need an independent review of an ICT contract file?

Sgananda Group reviews ICT contract files for accounting officers, audit committees, and internal audit functions. Two-to-four week engagement, written report, recommendations on file completeness and remediation. Privileged where appropriate.

Request a meeting →