Why the auditor-general focuses on compliance and why that protects the public

Writes Harold Maloka

The article by Ms Ronette Engela, acting head of the National Treasury’s Government Technical Advisory Centre, titled “Rigid compliance trumps meaningful evaluation in auditing government departments” dated 1 April 2026, makes for an interesting read, but is directed at the wrong institution.

She argues that ‘rigid compliance’ has come to dominate public sector auditing at the expense of meaningful evaluation. This does not fully reflect the legal framework governing how public money must be managed in South Africa.

The Constitution, which is the supreme law of the country, demands that government departments and public institutions spend public money lawfully, responsibly and in the best interest of the citizens they are meant to serve.

Section 188 of the Constitution requires the Auditor-General of South Africa (AGSA) to audit and report on the financial management of national and provincial departments, municipalities and other public institutions to promote accountability.

The AGSA, established through the same supreme law, is an independent institution that operates without fear, favour or prejudice and is accountable to the National Assembly.

Section 20 of its establishing act, the Public Audit Act (PAA), requires the AGSA to provide independent assurance that these institutions manage their finances using sound financial principles, comply with the laws that apply to them and report credible information on the achievement of their financial and performance objectives.

In the public sector, compliance auditing is not an optional extra but a safeguard required by the Constitution through laws such as the PAA, the Public Finance Management Act (PFMA) and the Municipal Finance Management Act (MFMA). These include rules made by other roleplayers, such as the National Treasury. This means that, where legislation governing the use of public funds is not followed, this must be identified and reported. This is not a matter of preference or interpretation, but a function of the law.

Why public money needs stronger oversight

Public institutions spend public funds to deliver services to communities; therefore, accountability in government is broader than in the private sector. It includes transparency and compliance with rules to prevent abuse and protect public resources.

Section 20(2) of the PAA also requires reporting on whether an institution has followed the laws and reported credibly on what it planned to achieve.

The AGSA’s compliance work assesses whether auditees followed the applicable legislation and the rules that apply to their specific type of institution. If the rules are overly complex or unclear, the solution lies with the institutions responsible for setting and reforming the legal framework and not with the AGSA.

Irregular expenditure: a compliance finding, not an automatic finding of corruption

The PFMA provides definitions for irregular, unauthorised, and fruitless and wasteful expenditure. When any of these are identified, the responsible accounting officer must, in terms of the National Treasury’s Compliance and Reporting Framework, assess what happened and ensure that an investigation is done to establish the root causes, identify responsible officials and determine whether there was any loss, misconduct or criminal behaviour.

While it is correct that irregular expenditure does not automatically mean money was stolen or lost, it does mean the rules were not followed. A proper investigation can reveal whether there was financial loss, fraud or corruption and whether consequence management is needed. Many cases appear to drag on because investigations are slow or incomplete, and corrective action is not taken. This reality points to a need for stronger and faster follow-through after audit findings, and for auditees to remain alert to the risk of fraud where the facts support it.

The AGSA’s 2024-25 general report on national and provincial government outcomes provides important context. It shows that South Africa’s accountability challenges are not mainly caused by ‘too much compliance’, but are driven by ongoing non-compliance, together with weak or inconsistent consequences and accountability when rules are broken.

In response, the AGSA’s enforcement powers were strengthened because, year after year, audit findings and recommendations did not lead to action. Many auditees did not comply with consequence management requirements, and investigations into irregular and fruitless and wasteful expenditure were often delayed or not done. The AGSA’s enforcement powers, material irregularities (MIs), exist because of these challenges.

A matter qualifies as an MI only when it meets three strict conditions. First, there must be an irregularity or a reasonable suspicion of one, such as non-compliance with legislation, fraud, theft or a breach of fiduciary duty. Second, that irregularity must be identified in the course of an audit conducted by the auditor-general. Third, and most importantly, the irregularity must have resulted in – or be likely to result in – material financial loss, the misuse or loss of a material public resource, or substantial harm to a public sector institution or the public. This elevates a matter beyond technical non-compliance and makes it material.

How the audit process works (in practice)

Audits are conducted in line with applicable laws and international auditing standards. The requirements by which all auditees must abide are not set by the AGSA, but are established by legislation, regulations and institution-specific policies that give effect to those requirements. Differences in interpretation are dealt with through structured engagement with the owners of the rules, like the National Treasury or the Department of Planning, Monitoring and Evaluation. While this may take time, it helps ensure that the process is fair, consistent and transparent.

In addition, auditors cannot test every transaction. Therefore, audits use a risk-based approach at the start of each audit cycle, the scope of which is set to focus on the areas that pose the greatest risk to public funds and financial management. This keeps audits targeted and relevant.

The PAA also requires the AGSA to annually audit the performance report of auditees and report on their performance to provide users with some assurance that the reported information is a true reflection of the auditee’s performance against its set objectives. It is the role of the executive and oversight, like portfolio committees in the provincial legislatures and Parliament, to evaluate or conclude on auditees’ performance.

Dealing with differences during the audit process 

Significant findings are discussed with management or those charged with governance so that issues can be clarified and resolved early. Auditors consider management’s explanations and any additional evidence provided. If matters remain unresolved, the auditee can escalate the matter through the AGSA’s formal dispute resolution process established in terms of section 13(1)(c) of the PAA and outlined in the Audit Dispute Resolution Policy. Audit disputes are decided by senior executives who are independent of both the audit team and the auditee, ensuring an objective and impartial process.

The process is further overseen by a dedicated technical audit support function, which operates independently of audit engagements to ensure that established policies and procedures are consistently applied.

In conclusion, the AGSA audits to protect the public funds and not to create obstacles to service delivery. Where institutions achieve clean audits, it shows that strong governance and compliance are possible, and that accountability and service delivery can improve as a result.

Compliance in government auditing is not ‘box-ticking’ for its own sake. It is how the law ensures that public money is spent properly. If we want fewer audits that repeat the same findings, the answer is not weaker rules – it is faster investigations, real consequences where wrongdoing is found and simpler, clearer systems that still protect public funds.

Maloka is the Business Unit Leader: Communication at the Auditor-General of South Africa (AGSA)