In a recent audit report by Auditor-General’s office, light has been shed on significant concerns surrounding the e-Citizen platform, a cornerstone of the Kenyan government’s online services and payment portal.
Foremost among the concerns highlighted in the report is the startling revelation that the government lacks substantial control over the e-Citizen platform.
Despite its pivotal role in processing billions of shillings on a daily basis, the platform heavily relies on its vendor for critical operational functions. This dependency not only raises serious questions regarding accountability but also exposes the system to potential risks such as revenue leakage and security vulnerabilities.
“Collections through the platform average Sh350 million daily, up from Sh50 million in the financial year ended June 2023. More than 19,000 public services are currently available on e-Citizen, out of which 15,440 have been fully on-boarded,” Daily Nation reported.
Auditor-General, Nancy Gathungu has sounded the alarm on the integrity of data processed through the e-Citizen platform. She warns that the existing IT controls may not be sufficient to safeguard the credibility and reliability of the data, prompting calls for a thorough special audit to address these concerns.
Moreover, the report has revealed that manual processes employed by the National Treasury for reconciliation and settlement of payments pose a significant threat to the efficiency and reliability of the e-Citizen system.
These manual procedures are said to not only increase the likelihood of human errors but also contribute to unnecessary delays, rendering the platform increasingly unsustainable in the face of growing reliance on digital services.
“Transparency issues have also come to the fore, with the Treasury’s refusal to disclose the vendor consultancy agreement raising serious questions about accountability and potential mismanagement. Additionally, the absence of an approved IT policy further compounds concerns surrounding transparency and governance.”
Furthermore, the audit report highlights glaring security risks facing the e-Citizen platform, including the absence of an approved Business Continuity Plan and a secondary backup site. Such deficiencies leave the platform susceptible to data loss and service disruptions, posing a grave threat to its seamless operation.
In light of these alarming findings, the audit report has issued a series of urgent recommendations to the government. These include,” gaining full control of the e-Citizen platform, implementing robust IT controls to ensure data integrity, automating reconciliation and settlement processes, disclosing the vendor consultancy agreement, and developing an approved IT policy.”
Additionally, the report underscores the critical need for establishing a comprehensive Business Continuity Plan and a secondary backup site to mitigate security risks and safeguard against potential disruptions.
It is imperative that the government swiftly addresses these pressing concerns to ensure the secure and efficient operation of the e-Citizen platform.
As a vital conduit for public service delivery and revenue collection, the integrity and reliability of e-Citizen are paramount to the effective functioning of Kenya’s digital governance infrastructure.