Mayor Bloomberg, Speaker Quinn, and Members of the City Council:
I am pleased to transmit the Charter-mandated report on the New York City Comptroller’s audit operations for Fiscal Year 2007. My audit bureaus issued 81 audits and special reports during the fiscal year that resulted in $7.4 million in actual revenues and savings, $5.8 million in potential revenues and savings, and called into question another $23 million associated with claims filed against the City. This annual report contains the significant findings and recommendations of the Comptroller’s audit activities during Fiscal Year 2007 and the follow-up actions the auditees identified in response to our audit recommendations.
The City Charter requires that audits conducted by the Comptroller’s Office be in accordance with generally accepted government auditing standards promulgated by the Comptroller General of the United States. These standards require that government auditing entities undergo an external quality-assurance review every three years. The last such review of the Comptroller’s auditing units was just completed in November 2007. I am pleased to report that the Institute of Internal Auditors concluded that the Comptroller’s Office conforms to generally accepted government auditing standards and awarded it the highest rating given for such reviews.
During Fiscal Years 2002 through 2007, my audit bureaus have achieved great success by examining programs with the greatest potential risk of revenue loss, cost overruns, mismanagement, inefficiency, waste, and abuse. In doing so, they have identified millions of dollars in revenue and savings, and have documented many instances of program inefficiency and mismanagement. The 578 audits and special reports issued during those six years have generated a total of $211 million in actual and potential revenues and savings, and have called into question $93.5 million associated with claims filed against the City.
The audits issued in Fiscal Year 2007 covered a wide range of subjects, including revenue identification and collection, cost savings, program performance, asset management, internal controls, and information technology.
Revenue and Cost Savings
Brief descriptions of audits that generated the most actual and potential revenue and savings follow:
An audit of the license agreement of the Central Park Boathouse, LLC (the Boathouse) disclosed that the Boathouse did not accurately report a total of $2,392,669 in gross receipts to the Department of Parks and Recreation (Parks). As a consequence, since the Boathouse pays the City fees based on a percentage of gross receipts, the auditors determined that the Boathouse owed the City $381,070 in license fees, plus late charges. The license agreement requires that the Boathouse renovate, operate, and maintain the Boathouse restaurant, café, catering facility, outdoor bar, snack bar, boat, and bicycle rentals, a Park Activity and Resource Center, and a shuttle service in Central Park.
An audit of the lease agreement of the Staten Island Minor League Holdings, LLC (SI Yankees) covering the operating period January 1, 2005, through October 31, 2006, found that the SI Yankees failed to pay New York City Economic Development Corporation (EDC) a total of $1,581,154 for reimbursement of electricity use, signage revenue, sinking fund capital contributions, and previous audit assessments levied by the Comptroller’s Office. However, on January 4, 2007, at the conclusion of the auditors’ fieldwork, the SI Yankees signed a lease amendment and agreed to pay the amount of $1,427,899 in full settlement of all outstanding balances owed. Of the settlement amount, EDC accepted $399,185 as satisfaction against all prior audit assessments, and $1,028,714 in satisfaction of the current audit assessment.
An audit of the license agreement of First Tee of Metropolitan New York, Inc., (First Tee) to operate and maintain the Mosholu Golf Course and associated facilities (i.e., driving range, snack bar, pro-shop) in Van Cortlandt Park, the Bronx, found that First Tee improperly calculated the amount of revenue that was lost as a result of disruptions caused by construction of a City water treatment plant. First Tee understated its excess gross receipts and could not substantiate lost revenues; accordingly, it was overpaid $178,801 in reimbursements by the City. Moreover, First Tee admitted that its claims submitted to Parks were not correct. As a consequence, the City may realize from this license agreement an additional $452,053 in potential revenue and interest due for 2007 to 2012.
An audit of the Universal Pre-Kindergarten (UPK) payments to non-public schools authorized by the Regional Operation Center (ROC) in Staten Island determined that Department of Education (DOE) does not have adequate internal controls over UPK payments to non-public schools in Regions 6 and 7. These controls are lacking because DOE has not developed formal fiscal review procedures for the ROCs to follow when monitoring and assessing the UPK programs in the schools. As a result, the auditors determined that a total of $377,621 (12 percent) of the $3.2 million in UPK payments made by DOE in Fiscal Years 2004 and 2005 to the sampled schools represents overpayments and other inappropriate payments that should be recouped.
An audit of the administration of the J-51 Tax Incentive Program by the Department of Housing Preservation and Development (HPD) found deficiencies in the system of internal controls for administering the program. Consequently, HPD improperly approved “certified reasonable costs” for building rehabilitation of $2.8 million,” which could result in the granting of $2.6 million in erroneous tax abatements. Under the J-51 program, HPD approves tax exemption and abatement benefits to owners of residential properties who rehabilitate their buildings and to owners of non-residential buildings who convert their buildings to residential use. HPD is responsible for administering the program, verifying eligibility, determining whether the cost of the work is supported, calculating a certified reasonable cost, and issuing certificates-of-eligibility. The auditors found that HPD improperly certified reasonable costs; improperly awarded certificates-of-eligibility to 25 of 56 sampled properties; and has not ensured that required inspections of J-51 rehabilitation and conversion work were adequately conducted.
An audit of the leasing and rent-collection practices of the Brooklyn Navy Yard Development Corporation (Corporation), a not-for-profit local development corporation, disclosed serious weaknesses in the way the Corporation issues and renews leases and maintains records. In that regard, the Corporation failed to impose the required late fees for 17 of 71 tenants with outstanding rent; did not segregate accounting duties; did not calculate its net operating income in accordance with the lease agreement. In addition, the Corporation did not deposit net operating income for Fiscal Years 2002 and 2003 in a reserve fund for capital improvements, as required. As a consequence, the Corporation owed the City $2,208,351. Also, the Corporation has no written policies or procedures on leasing, no master list of Navy Yard properties, no list of occupied properties, and no list of spaces available for rent. Although the Corporation maintained some underlying documentation, such as leases, applications, and memorandums of understanding, to support occupancy terms, most of the documentation was incomplete, inaccurate, or obsolete.
Service Delivery and Program Performance
Brief descriptions of audits that disclosed the most significant service-delivery and program-performance issues follow:
An audit of Pomonok Neighborhood Center, Inc., (Pomonok) determined that it did not comply with its contract with the City because it did not expend funds in accordance with the provisions of its contract. Pomonok is a not-for-profit organization whose services include after-school programs, senior activities, summer camp, crime victim assistance, domestic violence counseling, and housing assistance. During the audit period, Pomonok received funds through state and City contracts, including one with the New York State Office of Children and Family Services, a grant from the City Housing Authority, and five contracts totaling $597,165 awarded by the City through the Department of Youth and Community Development (DYCD), the Department for the Aging, and the Department of Housing Preservation and Development.
The auditors noted that during Fiscal Year 2004, Pomonok may have made improper payments, totaling $83,037, to four employees—the Youth Program Director, his daughter, his live-in girlfriend, and his girlfriend’s son. Moreover, the auditors discovered that Pomonok made questionable salary payments totaling $95,493 to other employees; made questionable payments totaling $24,469 to its vendors; received $2,250 in questionable payments from DYCD; did not properly authorize checks for City-funded programs; and may not have conducted the required number of Board of Directors meetings.
An audit of the oversight of DOE of the services provided to mainstreamed elementary school special education students found that it is not monitoring, tracking, or documenting the provision of these services in an effective manner. DOE is mandated by the federal Individuals with Disabilities Education Act to ensure that all children with disabilities have available to them a free appropriate public education that emphasizes special education and related services. Documentation maintained by DOE is incomplete, inaccurate, or lacking altogether. Because of these deficient records, DOE could not demonstrate to the auditors the extent to which services were provided, as prescribed by the students’ Individualized Education Programs.
An audit of the controls to minimize the length of time that apartments were held vacant for capital renovation purposes by the New York City Housing Authority (NYCHA) disclosed that controls were not adequate. To facilitate renovations, and for other purposes, NYCHA policy provides for the temporary removal of NYCHA apartments from the rent roll. As of October 13, 2005, there were 3,073 NYCHA units—approximately two percent of all NYCHA-managed apartments—temporarily off the rent roll for capital renovation. NYCHA did not have overall time budgets for completing renovations that addressed the need to minimize the amount of time apartments were kept off the rent roll. A review of vacant apartments at a sample of six developments found that as of October 13, 2005, the 2,107 units that were vacant for capital renovation had been off the rent roll for an average of 40 months. Minimizing the amount of time that apartments were off the rent roll would have resulted in increased revenues from additional NYCHA rental income at a time that NYCHA is in dire fiscal duress.
An audit of the efficiency of Parks in addressing complaints related to tree removals determined that there were internal control deficiencies in the review of service requests and subsequent inspection reports and work orders. Parks does not ensure that all service requests are recorded in its Tree Manager database, thereby increasing the risk that hazardous tree-related conditions that may result in accidents could be overlooked. Moreover, a review of five randomly selected claims filed against the City that were settled in Fiscal Year 2006 revealed that Central Forestry personnel failed to dispatch work crews to remedy hazardous conditions involved in those claims, although Central Forestry had performed prior inspections noting the conditions.
An audit of controls over the licensing and oversight of carriage-horses, drivers, carriages, stables, and compliance with applicable rules and regulations of the City of New York determined that the Department of Health and Mental Hygiene (DOHMH) and the Department of Consumer Affairs (DCA) have adequate controls over these functions. However, although the Administrative Code statute relevant to the industry includes a requirement for an Advisory Board to have been established, DOHMH failed to establish the Board. As a result, regulations promoting the health, safety, and well-being of the carriage-horses remain broad and general in scope. The auditors also expressed concern regarding both agencies’ efforts in monitoring and overseeing the carriage-horse industry. Both DOHMH and DCA rely on the American Society for the Prevention of Cruelty to Animals (ASPCA) to perform inspections of the horses, drivers, and carriages in the field, but the ASPCA performs these duties without a formal agreement.
An audit of the Fire Alarm Inspection Unit (Alarm Unit) of the New York City Fire Department (FDNY) found that the unit does not adequately ensure that requests for inspections of fire alarm systems and the results of inspections are properly recorded and reported, and that the inspections are performed in a timely manner to ensure that safety-related issues are identified and resolved. The Alarm Unit has not developed formal procedures to follow when recording requests for inspections, tracking these requests, conducting inspections, and following up on inspections. Also, the record-keeping practices of the Alarm Unit are inadequate, the Alarm Unit did not meet its informal target for auditing self-certified inspections, and the inspectors of the Alarm Unit are not adequately supervised. (An audit conducted by this office more than 10 years ago identified some of the same findings.)
An audit of the compliance of Samaritan Village (Samaritan) with its Department of Correction (DOC) contract to operate the Rikers Island Discharge Enhancement (RIDE) program disclosed that Samaritan did not consistently comply with all provisions of the contract. Through RIDE, inmates are referred to aftercare programs that provide family, employment, housing, and substance abuse treatment services. Of the 116 claims reviewed, 46 (40%) did not contain the client’s signature or the milestone-completion date. In addition, Samaritan billed DOC twice for 31 deliverables relating to 19 clients who were reincarcerated during Fiscal Year 2006, resulting in an overpayment of $10,675. The auditors also concluded that DOC’s monitoring of Samaritan’s performance needs to be improved.
Asset Management and Internal Controls
Brief descriptions of audits of a number of agencies or public entities that identified significant deficiencies in internal controls and asset management follow:
An audit of the use and assignment of contractor-provided vehicles by the Department of Design and Construction (DDC) found that controls over these vehicles were inadequate. In Fiscal Year 2006, contractors provided DDC a total of 107 vehicles, which cost approximately $1.4 million, an average of $1,100 per vehicle per month. The auditors noted that six of the 154 DDC drivers reviewed drove contractor-provided vehicles while having suspended drivers licenses or privileges. Also, six of the eight contractor-provided vehicles assigned to the Technical Support Division were used primarily for commuting rather than work-related purposes, with from 67 percent to 98 percent of the vehicle days devoted exclusively to commuting.
An audit of the administration of the Billing System Account and Miscellaneous Expense Account (MEA) by the Department of Homeless Services (DHS) determined DHS needs to improve its controls over the administration of these accounts. The payment process leading up to withdrawals from these accounts exhibited several weaknesses, including: a lack of segregation of duties in the Billing unit; a lack of reconciliation of the electronic transfer of funds from the Billing System account to the payments authorized by the Billing Unit; improper processing of payments to be recouped, leading to overpayments of $10,289 that were not recouped; inadequate controls over the processing of payments to a non-contractual provider, resulting in an overpayment of $63,316; poor controls over disbursements made from the MEA account; and a failure to determine which entities require the issuance of 1099-MISC forms for income tax reporting purposes.
An audit of the internal controls over the processing of violations and collection of fines by DCA determined that DCA did not maintain adequate internal controls over these functions and over its accounts receivable. DCA did not have formal written policies and procedures to comprehensively address and establish standards for all aspects of the adjudication and collection of fines. The lack of strong controls led to operational inefficiencies and procedural weaknesses in the performance of adjudication and collections functions. As of July 29, 2006, the weaknesses in controls contributed to fines totaling $28.3 million remaining unpaid of the total $68.5 million assessed and reflected in the DCA computer system for the period January 1, 2000, through July 29, 2006.
A compilation report of audits of franchise, concession, and lease agreements granted to private organizations by the City determined that these agreements were not adequately monitored by City agencies. Between January 1, 2002, and June 30, 2006, the Comptroller’s Office completed 41 audits of entities with City franchise, concession, and lease agreements. These audits resulted in the assessment of $23,804,840 million in additional revenue due the City. The City has collected $16,627,231 in revenue as a result of the audit findings, and has the potential to realize an additional $7,177,609 in outstanding revenue. The compilation report concluded that it is apparent that the agencies do not adequately monitor the parties granted these agreements, as required by the City Charter. Moreover, the results of the majority of the audits raise a question about the attitude of the oversight agencies charged with monitoring the activities of the entities granted these agreements. It appears that as long as these agreements provide revenue to the City, the oversight agencies provide either lax monitoring or no monitoring at all.
Information Technology
All City agencies rely on information technology to help perform the tasks necessary to maintain mission-critical operations. Over the past decade, the City has spent a significant amount of taxpayer dollars on information technology. In light of these developments, I have continued to dedicate a portion of the bureaus’ resources to audits of system-development projects. Many of these audits identified computer systems that were developed with excessive cost overruns, missed deadlines, or that simply did not meet agency needs. Brief descriptions of some of these audits follow:
An audit of the Capital Asset Management System (CAMS) developed by the Department of Citywide Administrative Services (DCAS) could not conclude that CAMS as a finished product meets the overall goals as stated in the system justification, or whether it meets the initial business and system requirements as specified by DCAS. DCAS contracted with Aramark Facility Services, Inc., (Aramark) to provide CAMS, a capital planning and management software system. As part of the contract, DCAS agreed that Aramark could use Vanderweil Facility Advisors, Inc., (VFA) as its subcontractor. VFA was to provide a detailed and comprehensive facility and infrastructure condition assessment of the 53 public buildings under the custodianship of DCAS, resulting in a database comprising all data collected during this assessment, and a fully operational capital planning and management software system.
Although the auditors noted that the system was operational, they also noted that DCAS has not formally accepted the system as being completed. Further, DCAS did not provide supporting documentation to substantiate the accuracy of the data in CAMS, thus leaving unanswered the potential exposure of DCAS to inaccurate information. VFA currently operates CAMS at the AT&T Internet Data Center in Boston, Massachusetts. However, VFA’s disaster-recovery plan is not specific, and documentation of a comprehensive test for disaster recovery was not provided. Moreover, security assessments have not been performed. Also, DCAS representatives did not review the access privileges of individuals employed by VFA who had access to CAMS. Nor did DCAS review VFA operational procedures and controls to ensure they were in accord with acceptable City standards.
An audit of the Police Department’s (NYPD) data center and computer security disclosed that there is adequate physical and computer system security in the data center and that computer operations, as well as contingency plans, have been tested in compliance with applicable Federal Information Processing Standards and City guidelines. However, the auditors noted four control weaknesses that should be addressed: some inactive user accounts have not been disabled or deleted; the uninterruptible power supply lasts only 12 minutes, which may not be a sufficient amount of time for the backup generators to be turned on in the event of a disaster; backup tapes, while stored off-site, are not properly secured in a restricted-access area of the premises; and the Department of Investigation has not reviewed or approved the Internet plan, as required.
I entered office determined to be an activist Comptroller by aggressively using the powers of my office to find new, creative ways to save the taxpayer money and to put our resources to work for all New Yorkers. For the remainder of my tenure as Comptroller, I will continue to deliver on my commitment to maximize revenue while reducing costs and improving the quality of City programs and services.
Very truly yours,
William C. Thompson, Jr.
Please note:
Some files on this website require
Adobe Reader.
Some parts of this website are better viewed with Adobe Flash Player.
