Last week, the Department of Investigation released its report on CityTime, the payroll-management system that has become the poster child for information-technology contracts gone wrong.
DoI Commissioner Mark Peters has done a great service with this report, which details how the city failed to hold contractors accountable for keeping the CityTime project on time and on budget — in short, for failing to watch the clock in developing the city’s timekeeping system for its employees.
Irony aside, it’s time for the city to end the days of rubber stamping IT-contract bills “approved” without more rigorous oversight, and paying them without knowing exactly what it paid for. That’s why my office recently added a new weapon to the city’s arsenal to combat out-of-control spending and to prevent fraud: Comptroller’s Directive 31.
Directive 31 requires city agencies to institute a series of common-sense reforms on IT contracts, including:
l Requiring time sheets to be submitted within one month of the work being performed, and to include a detailed description of the type of work completed, as well as where the work was done.
l Verifying an individual’s qualifications for the rate at which the contractor is billing the city.
l Having city employees with expertise on the project certify that time sheets are accurate and correspond to contract terms, rather than letting consultants vouch for themselves.
l Ensuring that agreed-upon markups for personnel and material costs are not exceeded.
Perhaps what is most astonishing is that these kinds of controls — all standard operating procedure in the private sector — have never been a formal part of the city’s IT-oversight structure. Imagine any private business owner telling an outside consultant who’s just submitted a bill for millions of dollars, “No timecard? No problem!”
While CityTime is the most egregious example of an IT project gone bad, our office found numerous instances of IT work failing to meet the standards that New Yorkers deserve.
In 2012, the Comptroller’s Office issued an audit finding that Hewlett-Packard had padded time sheets, reaping millions of unearned dollars on a contract related to the E-911 dispatch system.
The audit highlighted how HP and its subcontractors billed the city for work unrelated to the project — even stating on time sheets that workers had spent time killing water bugs in a bathroom and that workers attended meetings when they were clearly taking the day off.
It also found that HP had failed to ensure that its consultants and subcontractors were qualified to perform the duties paid for by the city, and that time sheets were sometimes approved more than two years after the work was done.
As Federal Judge George Daniels stated in sentencing the con artists behind CityTime, the city’s procurement system is “an invitation for not just waste but corruption and fraud for those who would take advantage of a bureaucratic mess,” and that without significant reform, “criminal prosecutions for fraud against the city will continue to be a routine part of the court’s docket.”
While the city must continue to work with state and federal law enforcement to root out bad apples who pick the taxpayer’s pockets, we must also enact fundamental reform of the city’s IT procurement and contract management.
Comptroller’s Directive 31 and the DoI’s report are two significant steps in making this reform a reality. Together, they provide a road map for managing future IT contracts, and for protecting the city from fraud, false claims and abuse.