Stewardship of a $1 billion budgetA UN agency improved governance and transparency across a network of 140 offices worldwide so donors could see how funds are used and programme goals are achieved.
Subhash Gupta, FCMA, CGMA, spent 15 years as CFO of the United Nations Population Fund (UNFPA), an organisation that implements development programmes to support women's rights and maternal health around the world.
Until the conclusion of his most recent assignment in October 2016, Gupta was responsible for global operations support and accountable for $1 billion of resources for the delivery of projects in often high-risk environments and regions with weak governance cultures.
The level of accountability demanded both within, and of, the UN is very high. Its work is primarily funded by aid money, and donor governments and their tax-paying citizens are increasingly demanding detailed evidence of how those funds are being used and the results achieved by the programmes.
To ensure the correct stewardship of these funds, and ultimately that the UNFPA's vital development work, which is driven by the Sustainable Development Goals (SDGs), can continue to be carried out in the field, Gupta put several measures in place to improve governance. He describes the critical success factors:
Capacity building. "The capacity building of national partners has always been the priority of development work carried out by the UNFPA, thereby focusing on technical support, policy, and advocacy with the national governments in the implementation of programmes and projects," Gupta said. One important factor in successfully overseeing global operations spread across 140 field, regional, and country offices was understanding that the capacity of local staff varied from location to location. Gupta, who was based at UN headquarters in New York City, looked at how the organisation could bridge those gaps and build capacity. Appropriate training was provided, and performance contracts were drawn up at the beginning of each year to promote understanding of, and compliance with, policies and procedures. Rewarding those who do the job well and showcasing their work also proved effective.
Process review. Gupta encouraged constant process review, gathering feedback from the operations manager in each location, to identify any impediments there may be to internal controls. Reviews also considered how to ensure that alerts were built into the enterprise resource planning (ERP) system to prevent fraud or wrongdoing.
To ensure high-risk items were properly scrutinised before payment left the organisation, the technology flagged up some high-value transactions for 24-hour review by Gupta and his team.
Adapt technology to meet your needs. The most important measure was a very strong ERP system, Gupta said. Embracing technology has enabled the UN to accomplish greater transparency, and greater assurance in terms of adherence to policies and procedures, since checks and balances, controls, and alerts are built in to the ERP system. Data are generated in real time and made available to multiple stakeholders, whether for audit purposes, disclosure, or review. Rather than waiting months for a hard copy of a financial report, donors can get an instant update on the progress of a project, review the expenditure, and so on.
Whistleblowing procedures. Vendors were screened to identify any bribery or corruption risks. "A whistleblowing system was crucial to ensuring that the vendors that we work with comply with the best of international standards, as per the UN Global Compact," Gupta said.
Any organisation seeking to do business with the UN system is encouraged to sign the Global Compact to adhere to certain standards of integrity, recordkeeping, and transparency. This provides a minimum assurance that it is a credible organisation that has policies and procedures in place against bribery and corruption.
Anyone who suspects wrongdoing on the part of a UN organisation or its partners can report this anonymously through the UN organisation's website. Offices are obliged to investigate any credible reports received.
Adapt policy to local context. In the field of development work, there can be situations where the level of governance exhibited by national partners may not be able to provide the required assurances, Gupta said. As a strong developmental partner, the UNFPA still provided funds for the implementation of projects, but Gupta and his team had to make sure that there were additional checks and balances in place to match the local context in order to ensure that the fiduciary responsibility vested in the organisation was fully met.
"I did not sit in my four walls in New York," said Gupta, who prior to this role was financial controller at the United Nations Relief and Works Agency for Palestine Refugees in the Near East (UNRWA). "I have been to remote corners, from North Korea to Myanmar, Afghanistan, Swaziland, Sudan, to understand what the ground realities are and how we can support them either in the field or frame our own policies in such a way that they can help in taking forward the programme of work with various national governments.
"We came up with a unique model of policy formulation whereby the policies, internal control framework, and the [enterprise resource management] were intertwined. Each policy had a basic framework that could be applied across the board. This means that there is a segregation of duty, for example, for internal controls."
Beyond that basic framework, some aspects would vary depending on the risk identified in that category in the particular country or region, such as the number of approvals needed, the transaction limit, and so on.
"We configured the workflow in the ERP system to allow for an enhanced level of approvals either locally or at a nearby regional, sub-regional office on a variety of financial transactions, such as payments to staff, vendors, and governments for programme implementation. All of these would be processed according to the workflow design for that office, which was based on the level of risk identified," Gupta said.
"Where you can rely on the local governance, you would apply a higher threshold for local procurement: in those countries where the risk is high, you would apply a lower threshold."
Every policy has a process flow and control activities embedded within it. "Where the risk is high, you would ensure that the control activity is carried out without exception, even if the project gets delayed," he said. "In those locations where you have better reliance on the control environment, you could allow a particular control activity not to be performed in order to expedite the process."
Encourage bottom-up enterprise risk management. Traditional corporate top-down enterprise risk management (ERM) models cannot work in the UN, Gupta said. "It is very much field-based, and the risk levels are so diverse that unless you have an understanding of the local situation, you will probably be heading in the wrong direction," he said.
On the risk register, members of staff across the organisation and around the world were able to input their rating of each risk to provide a holistic view. Participants could also flag a policy or control activity which was in need of strengthening, or if the internal control framework for that office needed to be reviewed. Staff also had the opportunity to suggest ways to mitigate those risks.
One of the key issues flagged through this bottom-up ERM model related to the organisation's decentralised recruitment policy. It emerged that some local interests were trying to influence local hiring decisions. In those situations, a different model was needed, and hiring authority was transferred to New York to ensure full transparency in the decision-making process.
On one hand this meant that appointments could not be influenced by the local forces likely at play, and on the other, it safeguarded field staff from such demands. "Governments have the authority to declare international staff persona-non-grata and ask them to leave the country within 24 hours," Gupta said. "You don't want to encounter that situation."
Currency risk and cash flow management. The UNFPA budget is denominated in US dollars, but 60% of receipts consist of other currencies. Thus, the amount, as well as the timing, of these receipts could not be predicted with certainty.
Under the financial regulations, borrowing was not permissible, so ensuring that global programme delivery and operations continued uninterrupted without allowing any shortfall in funds posed a significant challenge. All this required meticulous cash flow forecasting on a regular basis, engaging the various donors and governments, and a sound currency-hedging programme, Gupta said.
Samantha White is a CGMA Magazine senior editor.