Bussiness
Auditors criticise Tusla over Garda vetting of third-party staff
Internal auditors have criticised the child and family agency Tusla over inadequate oversight on whether third-party service providers, which it funds, are complying with Garda vetting rules.
The report found the adequacy and effectiveness of the internal control system in the area reviewed was “unsatisfactory”.
The internal audit said “there should be a centralised approach within Tusla to ensure third-party Garda vetting is accurate and undertaken”.
Tusla management agreed with the recommendation and said it “will explore the possibility of implementing a centralised approach”.
The report maintained the audit aimed to provide assurance on the adequacy and effectiveness of policies, procedures and controls relating to Tusla’s oversight of third-party service providers’ compliance with Garda rules that vetting was completed before a person was appointed, assigned or allowed access to, or contact with, a child attending the service and that each employee, unpaid worker and contractor was vetted.
However, the audit found there was no national unit/coordinator/officer within Tusla that had the overarching authority of monitoring third-party service providers’ compliance with Garda vetting rules.
The internal audit said the responsibility rested with the different areas within Tusla, and procedures established to monitor third-party service providers’ compliance with Garda vetting were not uniform.
“Each department had its own procedures for ensuring service providers’ compliance with Garda vetting rules.”
Auditors pointed to the situation regarding bodies known as Section 56 organisations. There are about 700 such bodies, mostly in the community and voluntary sector, which are funded by Tusla to provide services.
“For instance, the commissioning unit provided support to Section 56s in relation to Garda vetting but did not inspect the service providers’ procedures for Garda vetting.
“The unit only required a self-declaration from the service providers to confirm that they were in compliance with Garda vetting rules,” the internal auditors said.
The report found there was a risk of inconsistent compliance monitoring.
“With different departments having their own procedures for ensuring compliance, there’s a risk that inconsistencies and gaps in these procedures may lead to inadequate monitoring and enforcement of Garda vetting rules.”
It also said there was a risk of a lack of accountability.
“Without a single unit or individual responsible for overseeing Garda vetting compliance, it becomes challenging to hold any specific department accountable for lapses in ensuring that third-party service providers meet the required standards.”
The audit also said there was a risk of reputational damage.
“Any failure in ensuring that service providers comply with Garda vetting rules could lead to legal ramifications for Tusla, alongside significant reputational damage, especially if a non-vetted individual were to cause harm.”