Speech by SMS Chee at the 7th Public Sector Internal Audit Conference 2019

Speech by SMS Chee at the 7th Public Sector Internal Audit Conference 2019



Ms Tan Boon Yen, President of The Institute of Internal Auditors Singapore,

Distinguished Speakers,

Ladies and Gentleman,


  1. Good morning, I am happy to join all of you at the 7th Public Sector Internal Audit Conference. This is a useful platform for public sector internal auditors to learn from fellow practitioners and experts, as the Singapore Public Service transforms itself to better serve Singapore and Singaporeans in a new environment.


  2. Internal Audit is an important corporate function, but its role is often under-appreciated because much of the hard work happens quietly behind the scenes. I would like to express my appreciation to our internal auditors for carrying out your duties without fear or favour, and for supporting the senior management team to ensure that the necessary corporate governance and risk management controls are in-place.


  3. I encourage all of you to remain steadfast in performing your role as guardians of public trust, and discharging your duties with integrity and pride.As custodians, our collective goal is to ensure good governance and efficient use of public resources.


  4. The theme for this year’s conference is “Enhancing Public Trust In The Digital Age”. It is a good opportunity for the internal audit community to come together to discuss how your work will evolve with technology and operational changes.And what are the skillsets and capabilities you need to build, to stay relevant and keep up to date with the latest developments.For example, one important area is the way we handle data to protect confidentiality and privacy, while allowing adequate sharing of anonymised data or when permission is given by the user to enhance service and convenience for the public.


  5. I am pleased to know that the Institute of Internal Auditors Singapore has curated a series of technology-related courses for its members. You can visit IIA Singapore’s website to find out more, and use your SkillsFuture Credit and training grants to pay for these courses.


  6. Our transformation journey may be technology-driven in a digital age, but it must always remain people-focused.We must continue to serve with our hearts, and focus on building trust and strengthening relationships with our fellow Singaporeans.


  7. This morning, I would like to set a challenge for you to go beyond your current role to help your organisation prepare for the future.In particular, how can internal auditors work with the management and staff to proactively review rules and processes within the organisation to improve productivity, support innovation and enhance customer service? There are three topics I would like to discuss:


  1. How to go beyond ensuring that employees follow proper rules and procedures, to designing rules and procedures that can be properly followed?


  2. How do we lower compliance costs by simplifying our rules and procedures, so that our internal and external stakeholders can benefit from cost and time savings?


  3. How to go beyond minimising risks to encouraging calculated risk-taking, experimentation and innovation?


  1. Let me start with how we design and review our rules.There is an old saying from Mr Winston Churchill, “we shape our buildings, thereafter they shape us.”The same is true for our rules – we shape our rules, and thereafter they shape us.The way we design our rules can affect the way we work, how we interact with our colleagues and customers, what sort of behaviours we encourage or discourage, and ultimately what kind of organisational culture we develop over time.


  2. Today, our audit function focuses mainly on whether people comply with established rules and procedures.While this is important, we can only achieve good outcomes if the rules and procedures are set correctly in the first place.If we have rules that are no longer relevant, wouldn’t it be more productive to review and change the rule instead of spending time on ensuring compliance?In setting rules, we do not only ensure they are followed, we must also ensure the rules are followable.


  3. I remember this case which HDB shared.Their previous grass-cutting contract specified that the contractor must trim the grass to no more than 3 cm.During the audit, AGO highlighted there was a non-compliance because HDB did not measure the length of the grass after the contractor had cut it, to ensure that each blade was not longer than 3 cm.HDB clarified that it was humanly impossible to measure the length of each blade of grass.AGO then pointed out that if you cannot measure, then why did you include this requirement in the tender specifications? Which was a valid point.


  4. I am not citing this example to criticise or embarrass HDB.In fact, HDB was very open in sharing with other agencies because they wanted everyone to learn from their experience, and avoid repeating it.The learning point here is that when we set rules or procedures, we must bear in mind the downstream impact when the rule or procedure is implemented on the ground.That is when the rubber hits the road.We need to ask ourselves how we can design the rule or procedure to make compliance simpler, while adhering to the original policy intent.


  5. This is where I think it will be useful for internal auditors, having a good understanding of the organisation’s policy objectives as well as operational and governance needs, to work together with management and line units to regularly review and enhance existing rules and procedures.This is especially critical when the nature of our work is evolving with changes in technology and what customers require.We cannot operate effectively in a digital age with rules and procedures from an analogue era.And we must be open in listening to our customers and hearing their feedback, as they can provide useful suggestions on how the rules and procedures can be improved. I believe auditors can also play this role.


  6. The next topic is how internal auditors can work with management and staff in the organisation to identify rules which can be streamlined to save time, minimise compliance costs for the public, and reduce enforcement costs for the public service.These are important outcomes we want to achieve as part of Public Service Transformation.


  7. Recently, SkillsFuture Singapore announced some fee reductions for training providers which we achieved by reviewing our rules and streamlining our procedures.Likewise, MTI is working with GovTech and Smart Nation Digital Government Office to simplify the licence applications for SMEs, starting with food services companies.So far, we have cut down the number of application forms from 14 to 1, reduced the number of data fields from more than 800 to around 100, slashed licence fees by up to $500, and shortened the processing time by 14 days.All these improvements are achieved by reviewing rules and procedures. Very operational, nuts-and-bolts kind of work but very important. We help our SMEs by making our licensing process simpler, cheaper and faster.


  8. One specific area which I want to highlight is the way we set our licence fees.We must remember that Government is the sole provider of licences, so we must discipline ourselves when we set fees to ensure that these are not more expensive than necessary. Our current framework is based on the principle of cost recovery.In other words, the government agency will charge a fee that is based on the cost it needs to incur to provide the service or regulate the industry.


  9. This approach is generally sound but there is one important caveat – a ratio has both a numerator and denominator.The licence fee is the numerator while the costs incurred by the agency is the denominator.Agencies often explain that they have to raise fees because their costs have increased, so they need to raise their fees in the numerator to maintain the target cost recovery ratio (CRR).While this may be a valid justification, we should remind ourselves that there is another way to achieve the CRR, which is to lower our costs in the denominator.


  10. Compared to raising fees, this is more difficult to achieve as we have to embark on detailed reviews and process re-engineering, changes to rules and procedures, changes to the way we operate.But isn’t this part of improving our productivity in the public sector? We must not take the easy way out by hiding behind CRR to raise fees, without first examining whether there are ways to reduce our costs.


  11. Moving on to the third and final topic, I will now discuss how we can manage risks while encouraging innovation and experimentation.We want to pay careful attention to process control and risk management, but our larger objective is not simply to minimise risk or to have zero failure. Let me say that again, we want to pay careful attention to process control and risk management, these are important, but our larger objective is not simply to minimise risk or have zero failure. As former Head of Civil Service Mr Peter Ho said, we want to aim for “safe fail” and not insist on “fail safe”.


  12. We know innovation and creativity are important for tackling the challenges we face as a nation.As we encourage the private sector to be innovative and creative, the public sector must do the same.Otherwise, our policies may get outdated and our rules could turn into red tape, slowing things down and becoming obstacles that hinder innovation and progress. This is something we need to watch out for. Good rules in the past can become red tape in the present and future if they are no longer relevant. We have to look out for this risk.


  13. I recently watched a documentary entitled “The Creative Brain” narrated by Dr David Eagleman, an American neuroscientist who has been studying creativity and the human brain for more than 20 years. He found that there are 3 important factors that support creativity: (a) exposure to a wide range of new experiences, which help the brain to connect different ideas and concepts; (b) pushing our boundaries, so that we go beyond our comfort zone to test the limits of our imagination and force our brain to learn new skills; and (c) not being afraid to take risks and make some mistakes along the way. If we have zero tolerance for failure, there will be zero chance for innovation to succeed.


  14. We must not end up with a situation where public officers avoid taking initiative or become overly risk-averse because they are afraid of making mistakes. Many of us would remember a saying from the late Dr Goh Keng Swee, “the only way to avoid making mistakes is not to do anything.And that will be the ultimate mistake.”


  15. If an officer is trying out a new idea with good intent and does not comply strictly with the SOP, what do we do? Do we come down on the officer like a ton of bricks?Or do we take the audit finding as a feedback and review our procedures to see if further flexibility can be provided to cater for new situations that were previously not included when the SOP was first drafted? There is no simple answer to this. It is very situational, case-by-case way to look at it. I’m sure that in some instances, we will maintain the rule. But in other instances, we will review and change it.


  16. One area where this can be applied is government procurement. Some of you may be aware that MTI has worked together with PSD and MOF to review our Government procurement rules, to provide more scope for agencies to award contracts to SMEs with good products and services to offer, but have not yet built up a track record. This is a win-win arrangement as it provides more opportunities to SMEs to demonstrate their capabilities, while giving government agencies more suppliers to choose from and to obtain best value for money.


  17. Sometimes we see audit non-compliance arising from staff who made quick decisions on the ground to deal with an urgent situation, without getting prior approval from the designated authority. I’m sure you have come across such cases. It is difficult to draw broad conclusions on such cases, we have to judge each case individually based on the circumstances, intent and outcomes. As a general rule of thumb, I would support an approach where we delegate as much decision-making to officers on the ground as possible, because they are often in a better position to make these judgment calls than someone sitting in Ministry HQ. They understand what the local situation is; they understand what is needed. Can we empower them?


  18. Can we amend the rules and procedures to empower as much as possible officers on the ground to make operational decisions? Rather than requiring them to submit everything to Ministry. And when they do not do it well, they skip one step, it becomes an audit non-compliance. So instead of focusing on the non-compliance and finding ways to further complicate the approval process by adding more rules, which may lead to even more queries in future, should we instead change the process by empowering our frontline officers to make those decisions?


  19. Again, this has to be case-by-case. It cannot be over-generalised. In some instances, I do think you have to go back to Ministry because there are big decisions and you need checks and balances. But there are many instances today in our respective organisations that we can delegate decision-making closer to the ground. But you will need to change the rules before that can be allowed. Because if you simply implement without changing the rule, it is an audit non-compliance and the auditor is correct in pointing out this non-compliance.


  20. If this process can be done with inputs and discussions with the auditor, it is even better because the auditor will be able to advise us. Is this change going to compromise our risk, our controls and our governance? If we can bring the different parties together, work together on this, I think it will lead to a win-win outcome for everyone.


  21. I am sure there are many more examples which you can think of, especially if we pool our ideas together with other colleagues and work as a team to improve our rules and processes.But we can only achieve these positive outcomes if we see our role as proactive influencers and shapers of rules, where we can improve the rules and processes in our organisations based on feedback from colleagues and customers; and not as passive individuals who can only comply blindly with existing rules and processes even if we disagree with them. But do it properly; there is a proper process for this.


  22. To succeed in this quest, the review process must involve everyone in the organisation, from top management to middle management, and from internal audit to frontline operational units. If we can infuse these attributes into our organisational DNA, I believe they will be a powerful combination with our current strengths in the public sector. These traits are important if we want to remain a world-class public service that is future ready and worthy of Singapore.


  23. I would like to conclude my speech by mentioning Ms Joanna Dong, who has done us proud with her splendid performance at Sing! China.Like many Singaporeans, I enjoy Joanna’s singing because she has a good voice and a unique style of infusing jazz with traditional songs.That is her innovation, it is how she differentiates herself from many other singers who also have beautiful voices.


  24. But if a public officer were to do the equivalent of what Joanna did in his organisation, by moving away from well-established rules and SOPs to come up with something new and innovative, how will we as a system respond to this officer?Do we support him and take some calculated risks to test out his innovative idea to assess if it works well; or do we quickly snuff it out because what he did is technically an audit non-compliance which pushes existing boundaries and challenges the status quo?This is the question which I hope all of you could reflect upon during this conference, and later when you are back in your respective organisations.


  25. There are no easy answers. I certainly do not think we should go from one extreme to the other extreme. But if I may suggest three points.


    1. The first is a proactive approach to reviewing our rules and not assuming that all the rules are perfect. Proactively looking at the rules, see whether there are ways to improve.


    2. The second, do not be afraid to try new ideas and push the boundaries. If it fails, we try and find a way to reduce the damage, but you do need to test the boundaries and accept some failures to allow innovation.


    1. Lastly, work together as a team. Not on opposite sides, but to bring audit together with the line functions, together with management, to see how we can improve the procedures and the rules in the organisation together.


    1. See the audit function as a way of providing useful feedback to improving rules and procedures.


    1. See the auditors as a pool of experts, professionals that we can tap on, to understand the need to strike a balance between innovation, experimentation and risk-taking with some control and governance.


    1. See the opportunity to work together, as a way to forge greater trust, stronger relationships and ultimately, better outcomes for Singapore.


  26. Thank you for giving me this opportunity to share my thoughts with you.I wish everyone a fruitful conference ahead.
Contact Us Feedback