Sometimes everything goes wrong...
ZacTax Roundup for November 2020
There are a handful of things that will keep a city manager up at night. The safety of our city employees, who from public safety to waste management face risk of death and injury each day. During economically troubled times, such as our present circumstances, the potential necessity of scaling back services or even reducing our workforce can also cause undue stress in the C-Suite.
But there’s one thing that we all fear, because it cuts to the very core of public service by undermining the trust of our community: the dreaded “waste, fraud, and abuse.” When these situations occur, they threaten the foundations of our calling. Not necessarily because the emotional toll of a fraud scandal even remotely compares to the tragedy of an on-duty injury or death; but because unlike the latter, the former should be 100% preventable.
To cover ourselves, we write personnel policies to outline the conduct we expect from our employees. We run background checks on our employees before placing them in positions of fiduciary responsibility. We hire auditors to investigate whether our internal controls are sufficient, and also whether they're being heeded. But despite our best efforts, and in the immortal words of Dr. Ian Malcom, life (uh) finds a way.
Although we didn't start this newletter with the intent to talk about the City of Austin every other month, a recent investigation by the Austin City Auditor is significant enough to turn our attention back to the capital city.
Covering a decade of nefarious activity by an employee of the Library Department, the report outlines in methodical detail how every one of those checks and balances failed to stop the theft of nearly $1.5 million in public funds. The employee, Randall Whited, repeatedly passed criminal background checks despite multiple theft charges in the 1980s and '90s. He had access to as many as 10 city credit cards (some general use, others vendor specific), and frequently acted as the authorizer of his own transactions in violation of city policy.
The report found that over the course of a decade, he purchased 10 times as much toner as would reasonably be expected, much of which was resold to online vendors. On more than one occassion, orders were shipped directly to his house in Kyle, Texas, nearly 20 miles from (and in a different city than) the nearest Austin library. He frequently arrived at work as much as an hour early after being told not to do so, due to inadequate supervision outside of normal work hours. He often volunteered to deliver supplies from branch to branch (in violation of department rules), submitted doctored and/or incomplete receipts, and used third-party payment platforms to conceal the details of his transactions (including video game systems, drones, and virtual reality headsets).
In short, Whited engaged in a systematic effort to defraud not only the Library department, but the citizens of Austin. And despite the system of checks and balances both within the department and across the city apparatus, he managed to get away with it for years.
The ZacTax team often preaches the benefits of lean, flat organizations, where all employees are empowered to make decisions and given the responsibility to act like an adult. But what happens when the employee, and the system at large, lets us down? For this month's Roundup: a mini-case study highlighting potential points of failure and suggesting ways to avoid being on the wrong end of a story like this one.
Why didn’t the background checks work?
The City of Austin is considered a “re-entry friendly employer,” and as such has a policy that only looks back ten years for criminal history. The problem in this instance was Whited had criminal convictions for theft and burglary in the 1980s and ‘90s. Whited passed five separate background checks and was actually given a fiduciary endorsement for purchasing. This endorsement provided him the ability to get city credit cards and make purchasing decisions.
While the City of Austin’s policy is, in theory, to provide a second chance to someone who may have made a mistake, it provided a path for a known thief to gain access to financial resources. The policy is broad, does not take into account specific roles, and although a novel political statement it may be, it is not written to protect the public trust.
If you have ever been through a city audit as a high level executive (ACM, CM) one of the many governmental accounting standards questions asked of each executive is, Do you know of any employee who has committed theft or fraud, or do you have a concern a specific employee could commit theft or fraud? The City of Austin’s policy basically allows executives to bury their fiduciary responsibility in order to provide a second chance.
To be clear, we do not have any issue with providing a second chance. However, placing a known thief in a position with unfettered access to the City’s financial resources is irresponsible. Over the years, Whited filled nearly every departmental purchasing role, making him one of the only employees in the department who knew how the entire system worked. Give those employees a chance, absolutely, but perhaps without a city credit card.
Who’s minding the store?
Another glaring deficiency highlighted in the Auditor’s report was the lack of oversight within the department itself, starting with internal controls over purchasing.
Whited had access to as many as 10 city credit cards, in violation of the city’s purchasing policies. This allowed him to spread expenses across accounts and make it more difficult to track his activities.
Whited was able to act as an “authorizer” for his own expenses, in violation of the city’s purchasing policies. As one of only a few employees with authorizer privileges, and owing to the multiple roles he held within the department during this tenure, he frequently signed off on his own charges.
APL’s Contract Management Supervisor (CMS) was also charged with this responsibility, but appeared reluctant to exercise it. In a response letter, this employee argued that a short video training on how to use the Procard system was provided, but that subsequent requests to be trained on what to look for when approving went unfulfilled (Whited being the party responsible for coordinating training for the department).
The CMS went on to state that transaction approvals were limited to ensuring that items were charged to appropriate budget codes - but not whether the transactions were appropriate or legitimate - and that Whited would frequently submitted supporting documents at the last possible minute, reduceding the ability to review them before approvals were due.
The CMS also claimed that approving transactions was not “contemplated or specified” in the Contract Management Supervisor’s duties. Yet when Whited left, this employee was given even more responsibility for reviewing transactions.
APL’s Financial Manager (FM), who received outstanding performance reviews for internal budget management, claimed in a response letter that it was not her responsibility to maintain copiers nor know how much toner was required to operate them. While perhaps technically true, continual overspending on toner might suggest that the line item budget should be increased. To our knowledge, no such request was made; instead, Whited just kept overspending his accounts.
In addition to the CMS, the FM reviewed the supporting documents provided by Whited which, in many instances, did not have sufficient information and/or were doctored to prevent detection of his misdeeds. The FM stated that there was no way to have known that a receipt was doctored, and perhaps Whited was extremely adept at forging documents (although the report stated that some of his submissions appeared to have been drafted in a Word processor). The response also failed to address approval of the receipts which either lacked sufficient information (redacted line item charges and/or shipping locations) or showed a shipping destination in Kyle, Texas.
The Assistant Director’s (AD) response to the Auditor’s finding that the department lacked sufficient internal controls was that Whited had read and signed off on the city’s purchasing policies, as if the fact that Whited knew what he was doing was wrong absolved the rest of the department from guarding against it happening. Additionally, the AD states in a response letter that it was expected that the FM would provide notification of any significant budget issues or overspending (which apparently did not happen).
Taken in their totality, the APL staff responses amount to little more than an exercise in bureaucratic finger-pointing. Given the scale of Whited’s misdeeds, it’s difficult to understand how three layers of oversight within the APL managed to find blame with the others while $1.5 million walked out the door.
What’s up, Budget Folks?
In reading the initial news articles and prior to reviewing the actual City Auditor’s report, our first question was, How did Whited spend all that money and stay in budget? Well, the answer is simple: he didn’t! In fact, he overspent the Austin Public Library supplies account in 2015 by 388%, 2016 by 304%, and 2017 by 414%. Not every City is the same and we have all probably overspent some budget accounts, but we can safely say we’ve never gone 4x or 5x higher than the approved budget (and certainly not without having someone ask what in the heck was going on).
Once you’ve gone through your departmental oversight, your budget department is the next line of defense. The budget problem shows a larger systematic issue within City of Austin. Not only did the financial controls within APL fail, but the fiduciary oversight of the budget office failed as well.
Each department will have at least one budget analyst assigned to it, particularly a city as big as Austin, and that analyst will most likely have a backup or belong to a team of analysts that support and review each others’ work. Multiple sets of eyes no doubt saw the significant overages Whited was racking up over the years.
The report states that he spread his expenses across multiple accounts, and used the existence of grant funding as a partial excuse for overages. But none of these excuses are sufficient to explain the outrageously over-budget line items.
In many cities, budget authority is granted at the division, department, or even the fund level, meaning that as long as the unit doesn’t exceed its authorized budget, how the funds get spent is more or less at the discretion of the unit’s management. For example, salary savings may be repurposed for a new computer when one unexpectedly breaks. Whited abused this flexibility, and the management responses contained within the Auditor’s report make mention of this several times (i.e., as long as the total budget isn’t exceeded, we didn’t look at the individual line items). This flexibility allows departments to manage their affairs without needed explicit budget approval, but it requires diligent oversight from the budget office.
The Auditor’s report holds APL financial staff to account for ignoring Whited’s overspending, but it does not discuss whether the budget office ever raised questions about it. Did anyone even notice? If so, did they meet with the Financial Manager or AD? Did anyone propose a budget increase due to repeated overspending (if so, it doesn’t appear to have been approved)? These are important questions that the Auditor’s report does not ask, and the answers to which potentially place additional blame on the City’s larger budget and financial practices.
There’s another big problem that many budget offices face, however, especially in larger cities: churn. Budget analysis is as stepping-stone job. After you put in your couple of years of unnecessarily long hours, you move on to some other part of the city (or take a management job in a smaller city). The frequent turnover means there’s often a lack of institutional knowledge in the budget office that limits its effectiveness.
We’ve been there, too. As a young budget analyst in my first professional position, our department was tasked with finding millions in mid-year cuts due to a recently-identified fund balance shortfall. My inexperience got the best of me as one of my departments made a very strong case why their overtime budget could not be cut. That the past few years of history wasn’t indicative of this year’s needs, and that they money would need to be spent whether or not the line item was reduced. I reluctantly went with their recommendation, and by the end of the year they had only spent about 30% of their budget. Fortunately, our financial situation was so tight that they didn’t have the option to shift those savings elsewhere, but that isn’t always the case. It also meant that other departments had hundreds of thousands of dollars in potentially unnecessary cuts.
One truism we come back to constantly is that in life there are no solutions, only trade offs. The same is true here. You want to give your departments the flexibility to manage their budgets, but you have to balance that with oversight and course corrections. Spending should be evaluated with each budget, and repeated line-item discrepancies like the ones that occurred in the APL have to be called into question. The budget office has to take this oversight role seriously, and finding ways to reduce the stress and churn of your budget analysts can help a great deal.
And what about the auditors?
The report we’re discussing originated with a March 2019 allegation against Whited. For more than 10 years, he engaged in a systematic operation to defraud the Austin Public Library. That’s more than 10 years worth of annual audits, each of which contains at least some spot checking of internal controls. Austin is a big city, but is it so big that a department with 21 public locations and a variety of programs that include purchases of video game systems, movies and music, and other consumable items doesn’t get reviewed in a 12-year period?
So many basic and fundamental internal controls went by the wayside to allow this event to occur that it does raise concerns about the level of detail going into routine audits. For example, there are almost no circumstances where an employee should be allowed to approve his or her own purchases (and we only leave the door open at all because we can’t contemplate all of the possible circumstances in which a city may find itself). How did Whited manage to get away with doing so for as long as he did?
It’s a good thing that the City Auditor eventually looked into Whited’s actions; but it is strange that it took a hotline call to figure it out. Hindsight is always 20/20, but the sheer volume of failings make it pretty clear that this could have, and should have, been caught earlier.
Wouldn’t a flat organization lead to more examples like this?
We often advocate for lean organizations that feature a flatter hierarchy and empower lower-level employees to make routine decisions. It’s fair to say that the APL did not fall victim to Whited’s actions as a result of a flat organizational structure; but generally speaking, doesn’t that environment lend itself to a greater likelihood for abuse like this?
In our opinion, no. In fact, we believe a lean or flat organization may have generated more accountability. Granted, if you allow a thief to have access to city credit cards because of a bad background check policy, fraud like this could still occur. But one of the most glaring issues arising from the Auditor’s report was the lack of accountability of the folks tasked with approving Whited’s transactions and budget accounts.
Many of the responses by these employees to the Auditor’s report sound eerily reminiscent of our most hated phrase, “That’s not my job”.
You see, a flat organization requires every employee to take responsibility for the successes or failures of the organization. In this case, the APL employees hid behind the complexity and policy-driven nature of the city while still clearly violating policies along the way. The complexity gave them the ability to hide, and any failures would just be blamed on someone else, or the apparatus as a whole.
Amazing things can happen if you flatten the organization, reduce job siloing, limit duplicative policies (while enforcing the ones you do have), and require each individual to become accountable for their work product. In a traditional organization, everyone has a very specific role and often narrowly defined role. In a flat organization, everybody plays a part in pretty much every role. When the buck stops on everyone’s desk, then responsibility is much more difficult to pass on to the next rung.
Flat organizations must not only place more authority in the hands of individual employees, but also create an environment of accountability. From department directors to administrative assistants, each person must provide a high level of service to the citizens and at the same time work to continually improve their department’s processes.
Flat organizations encourage asking questions, gaining understanding, and taking ownership. How many people in your organization go through the motions understanding neither the nuts and bolts of what they’re doing nor the reasons for doing it in the first place?
We once worked with a city whose finance department produced a monthly report on the budget and operational activities of one of the departments. The spreadsheet that generated the report was probably 10-12 years old (judging by the antiquated Excel file format), and was held together by hope and prayer. Extremely brittle, it could not even adapt to mid-year budget amendments (they had to be manually entered). So each month when the top-line numbers didn’t match the sum of all the accounts, we would get a call that the budget was broken. Despite repeated explanations of how to identify and fix the problem, the calls would come each month. For years, the employee responsible for this report had never taken the time to understand the spreadsheet so that errors could be debugged. They had never taken ownership of their work product. No doubt some of you have similar stories of your own that could be told.
Flat organizations also encourage cross-training, which provides opportunities to question the status quo and bring weaknesses to light; fresh eyes can see things that tired eyes can’t.
One of the craziest parts of the Whited fraud is that he continually turned his receipts and documentation in at the last moment in order to cause an environment where the manager would be rushed and unable to provide adequate oversight. And when the manager would request additional information, or for it to be turned in more timely, nothing happened. Whited relied on the fact that he was the only person who bought essential library supplies to avoid discipline for not submitting sufficient or timely documentation. When your job silos create single points of failure, a failure can be catastrophic.
Situations like this often result in a double-down: more policies, more procedures, and a promise that it will never happen again. But Austin didn’t have an insufficient policy regime before this happened. There just wasn't the accountability to enforce it. New rules won’t solve the problem next time, just like the old rules didn’t prevent it the last time. We need more accountable institutions if we want to avoid having a report like this written about our city. Flatter organizations, where decision making is dispersed, responsibilities are shared, and accountability comes from all directions, can provide a much more effective means of preventing these situations from occurring.
And now for something completely different…
Hopefully the members of your community are a bit more civil than the French beekeeper who “dumped a nest of giant Asian hornets outside a town hall” after the city refused to remove it from his property.
From across the interwebs
I didn’t know that broken ice cream machines plagued McDonald’s, but this inventive programmer decided to reverse engineer the fast-food chain’s online ordering system to highlight the problem.
Back to the Austin area for this story, in which the Statesman studied records from Williamson County and found that officers were more likely to engage in pursuits and use force when “Live PD” cameras started documenting their activity.
The Texas Tribune looks at what the state has done to prepare for another wave, and what issues might cause it to spiral out of control.
We gave a talk last week at the UMANT One-Day Conference about designing adaptive cities, and this story from Quanta Magazine fits in nicely with that theme. It highlights a computer scientist who is working to solve Mexico City’s famous traffic problems with self-organizing traffic lights.
More from us
Who tells your story? (blog)
Sales Tax Gameday - October 2020 (ZacCast)
Robin Robin - From AirBNB to Mike Leach (ZacCast)