Manual data entry caused hundreds of handgun serial number discrepancies in a Maryland database used by police in investigations, according to a legislative audit released Monday, which also revealed several concerns about the agency’s financial practices.
An auditing team’s review of 52,000 entries from 2017 in the Maryland Automated Firearms Services System found that 392 serial numbers were different from those originally provided during licensing.
The number has gone down since a previous audit, but Maryland State Police – which reviews all handgun permits in the state – needs an automated system to check more quickly for discrepancies, auditors concluded.
Maryland State Police Superintendent William M. Pallozzi, in a letter responding to the audit findings, said the police agency had corrected the 392 errors identified by auditors in early September and was working to cleanup other information in the database as well. The agency is also undertaking more quality control reviews of handgun application information on a more timely basis.
The auditing team, led by Legislative Auditor Gregory A. Hook, found that the agency, which has a written policy to review 3 percent of applications received each month, had been behind schedule in conducting reviews by up to 20 months.
The State Police department is working to update its technology to remove manual data entry, which is expected to decrease discrepancies and allow automated comparisons of data in approved applications.
The findings related to handgun permits were among 11 concerns outlined by Hook in a 25-page audit report that was transmitted to lawmakers last week.
Other findings include concerns about accounting practices, sole-source contracting, a lack of inventory and oversight for state property, and information technology. The review covers Jan. 1, 2015 to May 20, 2018.
Pallozzi did not dispute the audit’s findings and, in a response letter, detailed how the agency would address each concern.
In a letter to lawmakers, Hook said the corrective actions proposed by state police in response to the audit findings “are sufficient to address all audit issues.”
From 2016 to 2018, the Department of State Police recorded multiple transactions to a special reserve fund to eliminate an unexplained $2.5 million deficit dating back to at least June 30, 2015.
During a previous review, auditors flagged a number of issues related to the agency’s special funds, including co-mingling of fund balances and incorrect and inconsistent accounting. In response to that audit, State Police conducted a comprehensive review of its special funds and made other changes to increase accountability and transparency. However, after the review, the agency was left with an unexplained $2.5 million deficit at the end of the 2015 fiscal year.
To eliminate the deficit, State Police transferred funds from other accounts without documentation that they were related to the deficit and recorded unexplained revenues to eliminate the deficits. The agency is working with the Department of Budget and Management to properly record the fund balances.
The agency also couldn’t account for a $821,000 balance in a clearing account, which was ultimately reverted to the state’s general fund.
Additionally, State Police may have missed out on revenues by failing to update annual rates to recover indirect costs the agency can charge other governments or private entities for providing services like security at special events, special patrols or commercial vehicle enforcement.
The department did not revise its indirect cost rates for fiscal years 2016, 2017 and 2018 and submit them to the U.S. Department of Justice for approval on time.
As a result, the agency used a rate approved in 2015 during the 2018 fiscal year, while an updated rate for 2018 could have yielded an additional $2.3 million in revenue, auditors concluded. The agency has since hired a contractor to prepare and submit the rates on time. The department is also looking to see whether a total of $2.7 million in unbilled costs can be recovered from past agreements.
Helicopter and fuel costs
Auditors expressed concern that Maryland State Police’s Aviation Command did not comply with state regulations for $12.1 million in contracts for helicopter maintenance services and aviation fuel.
The agency awarded 261 contracts totaling $7.7 million to three vendors for helicopter maintenance. While most of the contracts were below a $100,000 reporting threshold, at least five of the contracts should have been submitted to the Department of Budget and Management and Board of Public Works for approval but were not. Additionally, 227 of the 261 contracts – worth $6 million – were awarded as sole-source contracts that did not always include a required explanation explaining why the contract was not competitively bid.
Auditors also found that State Police bought $4.4 million in aviation fuel from vendors at seven helicopter bases – often regional airports – without competitive bidding or written agreements. State Police also could not ensure that it had not paid excise taxes on fuel, which the state is exempted from paying.
The state police agency has since entered into a master service contract for repairs and is negotiating fuel services contracts at each of the helicopter bases.
Supervisors will begin reviewing red-flagged transactions from the Statewide Fuel Management System. Auditors reviewed 126,000 error flags from fiscal year 2018 related to 1,689 State Police vehicle operators. The system identified 641 instances when the number of gallons dispensed to a user exceeded the maximum tank capacity of the vehicle the employee was marked as driving. One employee received 18 red flags of this sort. Because Maryland State Police hadn’t reviewed the reports, the agency could not explain the red flags. Auditors, however, noted that red flags don’t necessarily represent improper fuel usage and could be caused if the statewide system does not reflect the employee’s currently assigned work vehicle.
State Police is currently undertaking a review of the fuel reports.
Auditors also concluded that agency computers were not updated properly to avoid viruses or other malware and that personally identifiable information was stored without adequate safeguards, including 78,090 unique Social Security numbers.
The agency has encrypted the personally identifiable information, installed a software maintenance program and is investing in other IT upgrades, according to Pallozzi’s response.