Seal of the Commonwealth of Massachusetts
Massachusetts Audit Explorer - what the State Auditor found

← all audits

Audit of the Essex Sheriff’s Department

August 27, 2018 · Essex Sheriff’s Department · Read the full official report on mass.gov ↗

Published August 27, 2018 Audit covers July 1, 2015 – December 31, 2016 Under Suzanne M. Bump · 2011–2023

In plain English
The auditor found several management and money-control problems at the Essex Sheriff's Department, including weak purchasing records, outdated internal controls, missing reports, poor asset tracking, weak separation of financial duties, missing approvals, and problems with police detail billing and documentation.
source
“In this audit, we reviewed the adequacy of SDE’s internal control plan (ICP); compliance with the requirements of Chapter 647 of the Acts of 1989 regarding the reporting of any unaccounted-for variances, losses, shortages, or thefts of funds or property to OSA; budgeting and procurement practices; cash receipts and expenditure practices; and the reconciliation process for the Police Detail Fund (PDF), Civil Process Enterprise Fund, Inmate Benefit Canteen Fund, and inmate accounts.”
Read the plain-English breakdown
What is this?

This is a performance audit of the Essex Sheriff's Department covering July 1, 2015 through December 31, 2016.

“I am pleased to provide this performance audit of the Essex Sheriff’s Department.”
Why was it audited?

The newly elected sheriff asked for a transition audit to understand the department and identify areas needing fixes after taking office.

“SDE’s newly elected Sheriff, who was sworn in on January 4, 2017, requested this transition audit.”
Why it matters

The findings matter because weak records and controls make it harder to know whether public money was spent fairly, properly, and at good value.

“As a result, the Commonwealth cannot be certain that these procurements were conducted openly and fairly or that SDE obtained these goods and services at the best possible value.”
What's in it for me?

For residents, this report is about whether a public agency that runs jails, inmate programs, civil process work, and public safety functions is managing tax dollars and other funds responsibly.

“SDE is responsible for running and overseeing all aspects of its facilities, which include its administrative office in Middleton; the Essex County Correctional Facility in Middleton; the Correctional Alternative Center in Lawrence; the Women in Transition Center in Salisbury; and three Offices of Community Corrections in Lawrence, Salisbury, and Lynn.”
The bottom line

The department had repeated weaknesses in financial controls and documentation, but the audited agency said it had begun making changes under the new administration.

“The conclusions reached in this report refer to office operations in effect during the previous administration.”
What happens next

The report recommends that the department improve procurement files, update its internal control plan, report losses promptly, track assets annually, separate financial duties, document spending approvals, and tighten police detail operations.

“SDE should develop policies addressing all business functions of PDF operations, including the collection of an administration fee from all hiring entities to ensure that it charges them enough to support PDF operations.”
Why it's significant

The audit found problems large enough to affect more than $1 million in purchasing documentation and raised concerns about whether the department could properly protect funds, assets, and operations.

“SDE had inadequate documentation regarding the procurement of $1,035,383 in goods and services.”
Jargon, unpacked

An internal control plan is the department's written system for identifying risks and setting procedures to prevent mistakes, misuse, fraud, or poor management.

“SDE did not develop an internal control plan (ICP), an agency-wide document that summarized risks and controls for all of its business processes, in accordance with state guidelines.”

7 figure(s) pending source verification - not shown

What the Auditor checked

What the Auditor found

SDE did not maintain required procurement documentation for goods and services.
procurement/contractsrecordkeeping/documentationinternal controls

Why it matters: The Commonwealth could not be certain that procurements were open and fair or that SDE obtained the best possible value.

Standard: SDE’s Policy Governing the Procurement of Commodities and/or Services ( Section .06 of SDE’s Policy Governing the Procurement of Commodities and/or Services; Section .07(2) of SDE’s Policy Governing the Procurement of Commodities and/or Services; Section .05(11) of SDE’s Policy Governing the Procurement of Commodities and/or Services )

2 recommendations
  • SDE’s Procurement Department should complete all SDE purchases and complete and maintain required procurement-file records, including evidence of bids or Competitive Procurement Exception Explanation Forms.
  • SDE should communicate its procurement policy to all staff members and ensure that all employees who initiate purchases receive training on procurement compliance.
Agency response & Auditor reply
Agency: "Corrective action includes having hired a new seasoned Procurement Director who brings extensive experience in CommBuys, large-scale procurements, and internal control compliance."
Auditor: "Based on its response, SDE is taking measures to complete and maintain required procurement-file records, but it should also ensure that staff members are aware of its procurement policy and that all employees who initiate purchases receive training on procurement compliance."
SDE’s internal control plan was outdated and incomplete.
internal controlsrecordkeeping/documentation

Why it matters: Management could not measure, prioritize, and manage risks to achieving SDE’s mission.

Standard: OSC’s Internal Control Guide and COSO enterprise risk management framework ( OSC’s June 2015 Internal Control Guide )

2 recommendations
  • SDE should request training from OSC on how to properly complete an ICP.
  • SDE should develop and implement a policy requiring that its ICP be updated annually based on a current department-wide risk assessment and address all components of ERM.
Agency response & Auditor reply
Agency: "SDE’s intention is to compile a thorough and robust ICP that encompasses input from all disparate business areas within the department, to identify and prioritize risk within the organization, not just from a fiscal perspective, but to include all operational exposures."
Auditor: "Based on its response, SDE is taking measures to ensure that it properly completes an ICP, but it should also develop and implement a policy requiring that the ICP be updated annually, in addition to submitting the Internal Control Questionnaire annually."
SDE did not immediately report lost inmate funds.
cash handlingreporting timelinessinternal controls

Why it matters: OSA could not review the matter, determine the circumstances or internal control weakness, or make recommendations to reduce future losses.

Standard: Section F of Chapter 647 of the Acts of 1989 ( Section F of Chapter 647 of the Acts of 1989 )

2 recommendations
  • SDE should establish a policy detailing a process for filing a timely report with OSA for all shortages or thefts of funds or property.
  • SDE should ensure that all personnel are properly trained and aware of the Chapter 647 reporting requirement for all shortages or thefts of funds or property.
Agency response & Auditor reply
Agency: "While SDE completed a well-documented Internal Affairs investigation into this referenced loss, SDE did indeed neglect to report this isolated incident."
SDE did not conduct and reconcile an annual fixed-asset inventory.
asset/inventory controlrecordkeeping/documentationinternal controls

Why it matters: SDE could not ensure that assets were safeguarded against loss, theft, and misuse.

Standard: SDE’s internal control plan and OSC Fixed Assets—Accounting and Management Policy ( Asset Management section of SDE’s ICP; OSC Fixed Assets—Accounting and Management Policy )

3 recommendations
  • SDE’s management should ensure that its inventory staff is trained on fixed-asset policies and procedures.
  • SDE should conduct an annual physical inventory of all assets and complete reconciliations of the annual physical inventory results to its asset records.
  • SDE’s Fiscal Department should maintain a complete record of all SDE assets on file.
Agency response & Auditor reply
Agency: "Since this audit, SDE has updated and created an all-inclusive and whole-department inventory of assets."
Auditor: "Based on its response, SDE is taking measures to maintain a complete record of all its assets on file and conduct an annual physical inventory, but it should also ensure that its inventory staff is trained on fixed-asset policies and procedures."
SDE did not adequately segregate duties over its funds.
cash handlinginternal controls

Why it matters: SDE could not be certain funds were protected from theft, loss, or misuse.

Standard: Section 10.04 of OSC’s June 2015 Internal Control Guide ( Section 10.04 of OSC’s June 2015 Internal Control Guide )

2 recommendations
  • SDE should implement policies and procedures for the processing of its fund accounts.
  • SDE should segregate duties for authorizing transactions, recording transactions to the general ledger, and reconciling transactions for its funds or, because of limited personnel, implement closer supervision or more frequent reviews.
Agency response & Auditor reply
Agency: "That said, the individual responsible for reconciling Civil Process, Police Detail, and Inmate Canteen, will now share this responsibility with a newly hired Budget Analyst and a soon to be hired Assistant Budget Director."
Auditor: "Based on its response, SDE is taking measures to segregate duties for authorizing, recording, and reconciling transactions."
SDE processed fund expenditures without documented approvals.
cash handlinginternal controlsrecordkeeping/documentation

Why it matters: There was a higher-than-acceptable risk that funds could be misappropriated or improperly spent without detection.

Standard: SDE’s internal control plan ( SDE’s ICP )

1 recommendation
  • SDE should ensure that all approvals of expenditures are documented.agency: already implemented
Agency response & Auditor reply
Agency: "Fund expenditure authorizations are now subject to a regulated and stricter PDF workflow with digital signatures."
SDE did not consistently charge police detail administration fees.
cash handlinginternal controls

Why it matters: The Police Detail Fund operated at a loss and could require subsidies from appropriated funds.

Standard: SDE’s Police Details Unit Coordinator Procedures and Government Finance Officers Association fee-setting best practice ( SDE’s Police Details Unit Coordinator Procedures; Government Finance Officers Association, “Establishing Government Charges and Fees” )

1 recommendation
  • SDE should develop policies addressing all business functions of PDF operations, including the collection of an administration fee from all hiring entities to ensure that it charges them enough to support PDF operations.
Agency response & Auditor reply
Agency: "With this critical feedback from OSA, the police detail operation will undergo a transformation that includes: reconciliation responsibilities being shifted to SDE Finance and definitive guidelines regarding uniform collection of administrative fees to make this operation self-sustaining."
SDE paid police details without required supporting documentation.
payroll/timerecordkeeping/documentationinternal controls

Why it matters: SDE could not be certain that officers were paid correctly for all details worked.

Standard: Section 229.08 of SDE’s Paid Police Details policy ( Section 229.08 of SDE’s Paid Police Details policy )

2 recommendations
  • SDE should ensure that payments for police details are supported by the required documentation.
  • Officers should complete and return the required work detail slips to support hours worked and obtain the signatures of site supervisors to substantiate those hours.
Agency response & Auditor reply
Agency: "SDE will implement a new policy and procedure for detail operation that will require officer’s detail slips to be signed by a supervisor and proper supporting documentation be submitted prior to officer’s detail payments being made."