Audit: Md. Judiciary failed to document, limit access to contracts

The Maryland Judiciary, whose judges often go to great lengths in explaining their legal decisions, failed to document sufficiently why it awarded $26 million in service contracts between July 2012 and December 2015, according to legislative auditors.

The Office of Legislative Audits also said the Judiciary did not sufficiently limit the number of people with access to initiating and approving purchases or payment transactions. Specifically, OLA said 91 people had “improper access,” including 20 who could have processed “both purchases and the related payments without supervisory review and approval.”

In addition, auditors said the Judiciary’s Traffic Processing Center lacked adequate controls to ensure all citations were recorded and that all collections from motorists were deposited. Payments for traffic violations generated about $28 million in revenue during fiscal year 2016, according to the OLA, a division of the Department of Legislative Services.

The report, covering the period from July 1, 2012, to Dec. 20, 2015, did not say any needless expenditures were made or revenues lost as a result of the Judiciary’s cited deficiencies.

The Judiciary, which cooperated with the auditors, is exempt from state procurement regulations but relies on its own rules, the OLA stated in its report, publicly released Friday and submitted to the General Assembly’s Joint Audit Committee.

In a letter appended to the report, the Judiciary said it has procedures for preventing the shortcomings cited by the auditors and will make improvements based on the report and its recommendations.

ISP contract

In the report, OLA said the Judiciary insufficiently documented its $21 million, five-year, sole-source contract with its internet-services provider.

The Judiciary “could not substantiate that vendor invoices were verified prior to payment” in one of the four contracts reviewed, the auditors stated. Contract awards for two vendors “were not adequately justified” and awarding decisions for three contracts were “not maintained,” the auditors added.

“Without such documentation, there is reduced assurance that the Judiciary received the best value for goods and services procured,” the report stated.

The auditors also faulted the Judiciary’s system for ensuring that access to purchasing and payment systems was not granted to more people than necessary.

“(T)he Judiciary did not perform periodic reviews of critical access granted nor maintain a record supporting supervisory approval for the system access granted to each user,” the report stated. “Consequently, there was a lack of assurance that only authorized transactions were processed.”

Regarding insufficient documentation, OLA said the Judiciary should “sufficiently analyze and thoroughly document its procurement decisions”; “adequately document” vendor invoices, including “assurances that rates were paid and discounts were applied”; and retain bidding documentation, including all technical and financial proposals and evaluations by the Judiciary’s selection panel.

The auditors also called on the Judiciary to “restrict access to its financial management system so that critical procurement and disbursement functions cannot be unilaterally performed by the same individual.” In addition, the Judiciary should “periodically conduct reviews of employee access and remove system access on a timely basis from individuals who do not require it.”

The report also urged the Judiciary to “ensure that recorded collections (of traffic-citation payments) are independently verified to validated bank documentation of deposits made.”

Pledge to improve

The Judiciary, in its letter responding to the report, stated it has followed but plans to improve its policies for contract awards and allowing access for purchase and payment transactions. The Judiciary has procedures in place to ensure traffic citations and related deposits are properly recorded, officials said.

“The Judiciary has followed the Judiciary policies for sole source and award determinations,” states the letter, signed by Court of Appeals Chief Judge Mary Ellen Barbera and State Court Administrator Pamela Q. Harris. “However, the Judiciary will ensure that award decisions, including sole source awards, are thoroughly documented.”

The Judiciary said it has formed a workgroup to develop guidelines to “ensure invoices are thoroughly and consistently reviewed and associated rates and discounts comport with contractual provisions.”

In addition, the Judiciary has had procedures in place since July 2013 to ensure that each person with access to purchases and payments completes a security form approved by a supervisor, according to its letter.

“However, there were some forms not on file as a result of the initial implementation/set-up of the new system, but as of February 2017, the issue has been resolved,” the letter added. “In addition, as part of the planned financial system upgrade, which will be completed as of May 2017, financial system user accounts will be automatically disabled after 180 days of inactivity.”

In December, the Judiciary began cross-checking the Traffic Processing Center’s daily citations log with the Maryland Automated Traffic System to ensure no citations or payments are missed, the letter stated.