Last week, Sassa presented its audit action plan for the 2023/2024 financial year in response to findings and recommendations from the Auditor-General of South Africa (AGSA).
Despite efforts to digitise and modernise its systems, Sassa continues to face challenges in data synchronisation and the timely reporting of deaths.
Why Grants Were Paid to the Deceased
According to Sassa Chief Financial Officer Tsakeriwa Chauke, payment files are generated at the end of each month to ensure beneficiaries receive their grants at the beginning of the next month. However, if a beneficiary dies during this window, the system may still disburse the payment.
As a result, thousands of deceased individuals received grants last year.
Brenton Van Vrede, Executive Manager for Grants Administration, noted that many families receiving these funds are financially vulnerable and therefore unable to repay the money.
He proposed an aggressive life certification system to prevent such errors, though he acknowledged it would be resource-intensive and burdensome for Sassa’s 19 million beneficiaries.
Digitisation Programme Underway
To address these issues, Sassa has launched a digitisation initiative aimed at improving audit readiness and ensuring accurate record-keeping.
Van Vrede said the agency is scanning all physical records to create electronic versions, with the aim of completing the process by the start of the new financial year.
One of the key problems identified by the AGSA is the lack of alignment between Sassa’s two systems: the Beneficiary Records Management (BRM) system and the Social Grant Payment System (SOCPEN). Not all grant recipients were reflected in BRM, exposing gaps in data integrity.
Chauke confirmed that internal audits revealed further discrepancies, and a population analysis will be conducted to reconcile both databases.
“Whatever exceptions we find, we will resolve,” he stated.
Issues with Manual Registers
The AGSA also flagged concerns about Sassa’s continued use of manual registers in local offices. These registers are used to log information when digital systems are down or unavailable.
However, auditors found that some individuals listed in these registers were not reflected in Sassa’s internal systems, raising doubts about whether all beneficiary interactions are properly logged.
Sassa is now phasing out manual processes, except in cases where digital tools are inaccessible.
Data Security Measures
The vulnerability of beneficiary data was highlighted as another major concern.
Acting Chief Information Officer Jabulani Makondo said Sassa has adopted several technologies to prevent data loss and protect sensitive information. These include firewalls, antivirus software, encryption protocols, and offsite data backups.
Regular backups are performed weekly and monthly to ensure data resilience and security.
These data loss prevention (DLP) measures are essential in protecting the personal and financial data of millions of South Africans, Sassa emphasised.
