150 likes | 311 Views
USAID FORWARD Objective 1/Use of Country Systems. “LESSONS LEARNED” ICGFM June, 2012. PAST EXPERIENCE WITH G2G FUNDING. Introduction to Risk and Risk Management. There are various standards, references and frameworks for risk and the risk management process.
E N D
USAID FORWARDObjective 1/Use of Country Systems “LESSONS LEARNED” ICGFM June, 2012
Introduction to Risk andRisk Management • There are various standards, references and frameworks for risk and the risk management process. • These are some of the organizations that have established and published standards: • Australian and New Zealand Standard in Risk Management (AS/NZ 4360) • UK Institute for Risk Management • International Organization for Standardization Principles and Risk Management Standard (ISO 31000) • National Institute of Standards and Technology • Project Management Institute • Software Engineering Institute
Definition of Fiduciary Risk • The risk that funds will: • Not be controlled properly • Not be used for intended purposes • Produce inefficient or uneconomic programmatic results
What Does the PFMRAF Assess? Reputational Risks • Program Management Operational Risks • Shared Risk Financial Risks (Accountability) • Budgeting • Civil Service Training • Accounting • Procurement • Reporting • Audit • Donor image • Human Resources • Civil Service Laws • Internal Controls • Cash Management • Contracting Governance Risks • Media Freedom Democratic Risks (Accountability) • Oversight Quality • Institutional Capacity • CSO Vibrancy • Political Will • PFM Reform • Capacity Development Agenda • Public and CSO participation NOTE: This is illustrative and not a comprehensive account of all risks included in the PFMRAF.
Risk Management Process Plan Risk Management Identify Risks Analyze Risks Plan Risk Responses Monitor and Control Risks • Analyze Plans and Assumptions • Develop Risk Register • Qualitative and Quantitative Analysis • Update Register • Strategies • Contingencies • Update Register • Track Risks • Implement Responses • Update Register • Request Changes • Evaluate Effectiveness • Develop risk management policy and plan Continuous Communication and Collaboration • This process is a basic risk management process and very similar to the Project Management Institute’s process • Regardless of the industry, organization, or standards used, there are common themes for the risk management process • USAID applies this process and themes in its risk management process
OIG on IPR • “The OIG is fine with taking calculated risks.” • “No organization can eliminate risk.” • “The concept of risk management is fundamental to the concept of • internal control.” • “The concept of risk management” . . . Is fundamental to what • auditors do. . . “where auditors provide reasonable assurance, • but not absolute assurance. . . “ • “Risk management is thoroughly integrated into everything that USAID • does and into the work that the IG does. We won’t object to managers • taking thoughtful, calculated risks. Risks should be taken within a • carefully thought out, cost-effective system of internal control.”
Lessons Learned • It is possible to apply state-of-the-art management techniques, such as risk management, in the public sector. • It is not easy. Persistence and dedication are key. • You have to respect the power of the bureaucracy, but not be defeated by it. • Identify your friends and give them the credit for all accomplishments. • Anticipate opposition. Identify, then isolate or defeat your enemies. • Communicate. Communicate. And then Communicate. • This is not a game for sissies.
Lessons Learned • Partner countries welcome our initiative • Communicate the objective to the partner • “Partnership” requires informed commitment on both sides • Non-donor dependent countries may have lower G2G appetite • Harmonization reduces burdens on partners • Other donors welcome us to this space • We are sharing the burden, and cost, of risk management • Mismatch between risk bearing capacity of the United States and that of the partner countries • Imposes a moral and ethical burden on the risk assessment effort to protect the partner with the lower risk bearing capacity
Lessons Learned • An unforeseen, but major, red flag is a failure of the partner country to accept our fiduciary responsibility to our taxpayers • Other USG agencies have resisted when their diligence is less rigorous than ours • Skepticism about ability to implement a rigorous PFMRAF over the long term – MCC experience • Partnership, not patronage. • “Certification” is a flawed approach both from risk management and development viewpoints.
Lessons Learned • Thus far, few countries actually “fail” the PFM aspects • But the sample is questionable – self-selected missions prioritized by the regional bureaus. We may see more PFM “fails” when the process is opened to the entire agency • “Fails” are due to democratic accountability limitations • Whole-of-Mission effort • Democracy, governance, economic growth are linked with transparent and accountable public financial management • Risk management begins at the strategic (CDCS) level and proceeds throughout the project design process • Poor prior planning produces poor products
Evidence-based and data-driven – not just words but deeds • The PFMRAF has feedback loops designed into that are on the critical path to long term success. • We believe in the goal of working ourselves out of a job through sustainable development grounded in country ownership.