Audit pokes holes in Kemri’s Sh100m projects

KEMRI building

Fraudulent payments amounting to Sh100 million were made to a contractor for shadowy ICT projects at Kenya’s leading health research institute, The Standard on Sunday can authoritatively reveal.

An internal audit report by the Kenya Medical Research Institute (Kemri) questions the award and execution of four major ICT projects meant to put the research facility at par with global peers.

The four projects are an enterprise resource planning system, a library information management system, a voice over internet protocol project and a video conferencing system. Upon realisation of the failure of the systems, the institution’s board of directors made a formal request to the Directorate of Criminal Investigations (DCI) on February 29, to investigate the contracts.

“The internal audit department carried out an audit review of enterprise resource planning system and other ICT projects at Kemri and through the final audit report dated November 20, 2015, it was noted that Kemri did not receive value for money after investing a total Sh92,719,294,” reads the letter to the DCI.

The findings necessitated a further independent investigation on the same projects handled by the ICT Authority. The authority’s findings were equally shocking, indicating the projects were set up to fail.

“This report presents the identified issues that touch on project governance, management, system functionality and security issues,” reads a summary of the ICT authority report.

“Overall, some high risk concerns were identified in the areas of missed deliverable dates of the project implementation, delayed project components implementation, system security not having been taken into consideration and a lack of project documentation.”

Key among the projects was the enterprise resource planning which when successfully initiated was supposed to help the institution with financial management, the processing of salaries, procurement, monitoring and evaluation as well as harmonise the internal audit systems.

This would have greatly reduced fraud at the institution. Sources at Kemri point to collusion between high ranking staff and contractors to ensure the ICT projects didn’t take off.

Contacted, Kemri Director Gerald Mkoji could not give details, only saying the matter is being handled by the Ministry of Health.

“We cannot comment on the matter now since we have forwarded the issue to our mother ministry. All comment on the matter should come from them,” he said.

Key observations in the ICT Authority audit report paint a picture of deliberate tampering of the system to make it hard for anyone to transact business.

For instance, the auditors say the financial management platform could not be accessed from the finance and accounts sections. Plus when users clicked on a link meant to get them onto the financial management platform, they were immediately sent to the organisation’s human resource leave application form.

Also, the auditors said minimum training had been done by the contractor before the system was deployed.

Although the system was to be accessed from all other Kemri satellite branches, employees in Kwale, Kilifi, Malindi and even at the Kenyatta National Hospital centres could not access it.

The human resource platform on the contentious IT platform also doesn’t work. As a result the staff registry, just like procurement, continues to be done manually. A payroll link exists on the platform but is inactive.

A student registration platform and fee payment system has been problematic since inception. For instance, in 2014, the registration system failed resulting in the loss of data for the 2014 Institute of Tropical Medicine and Infectious Diseases class.

Key for the research institution is a functioning library system. However, the audit report says there is no library management system in place, only equipment like servers and hard disks.

“This exposed Kemri to risk of liabilities,” Kemri says.

The audit report concludes that there is no existing ERP system and that there is need for Kemri to verify all project bidders and suppliers.

Communication between the institution and the DCI in our possession show that Kemri is currently internally dealing with issues of collusion between high ranking staff and contractors.

“The Kemri board of management initiated a disciplinary process against Linah C Boit in relation to irregularities related to the ERP system and other ICT projects in Kemri... the board decided to terminate the services of Linah C Boit with effect from February 29th,” reads the letter from Kemri to DCI.