Analysis of Regulatory Law Regarding Governance and Internal Control Systems in Public Service Agency in Relation to the Implementation of a Fraud Control System

DOI: 10.21532/apfjournal.v6i1.201 ABTRACT This study aims to analyze governance policies and internal control systems in Public Service Agency (hereinafter referred to in Indonesia as Badan Layanan Umum / BLU) by looking at aspects of fraud control systems. The flexibility and authority granted to the BLU has given flexibility in financial management and service performance. However, the potential for fraud is very likely to occur in the operation of the BLU business. Therefore, the question in this study is whether the BLU governance policies have considered aspects of the fraud control system. After conducting research on governance policies and internal control systems, it was found that there were internal control pillars that had not been regulated in the BLU’s governance and internal control policies.


INTRODUCTION
Public Service Agency (hereinafter referred to in Indonesia as Badan Layanan Umum/ BLU) was established under Law Number 1 of 2004 with the aim of providing services to the public in the form of procurement of goods and or services that are sold without prioritizing for profit and conducting its activities based on the principles of efficiency and productivity.
In Government Regulation Number 23 of 2005 concerning BLU Financial Management Article 2, it is stated that BLU aims to improve services to the community in order to advance public welfare and educate the nation by providing flexibility in financial management based on economic and productivity principles, and the implementation of sound business practices. Government Regulation Number 23 of 2005, Article 1 point 2 states that the BLU financial management pattern (Indonesia: PPK-BLU) is the flexibility to implement sound business practices to improve services to the community in order to advance public welfare and educate the nation's life.
According to Agus Dinarjito in the essay "Melihat Sisi Lain Badan Layanan Umum" ("Seeing the Other Side of Public Service Agency"), BLU as a government agency is given the authority to carry out the main tasks and functions by the government with flexibility such as business enterprise entities. Therefore, BLU can be said to be half the government, half of the company and its employees also come from the government and the private sector. This is also reinforced in the explanation of Government Regulation No 23 of 2005 which states that BLU can apply flexible financial management patterns by prioritizing productivity, efficiency and effectiveness. This BLU pattern has developed widely in various countries in the form of an agency and is organized by government agencies and managed like business practices so that service delivery to the community becomes more efficient and effective.
With the BLU financial management pattern, flexibility is provided in the budget execution, including revenue and expenditure management, cash management, and goods/services procurement. In addition, it can also employ professionals (non-civil servant) and provide compensation to employees based on their contribution. However, BLU is also strictly regulated, especially in its planning, budgeting, accountability. In simple terms, the flow of BLU's financial formation and management is as shown in the following figure 1.
The principle of productivity and the application of healthy business practices, according to Harun et.al With the philosophy of flexibility, the Public Service Agency is expected to be Source: Data Processing able to carry out best business practices and avoid potential fraud. This study aims to analyze the regulations regarding BLU's governance and internal control system in an effort to implement control over fraud. This research is expected to be useful for policy makers regarding BLU governance, especially in relation to the need for fraud control policies in BLU governance and internal control system.

LITERATURE REVIEW AND HYPO-THESIS
According to Politt and Tabot (2004), agency as a public institution has greater autonomy than the main work unit of a ministry. This great autonomy can include aspects of finance, personnel, organizational structure and a combination of these. Furthermore, Politt and Tabot provide criteria for an organization that adopts agency, as follows: • Its status of the institution is stipulated in a regulation, at the public and national level • There is a separation of functions from the main ministry • Having a more flexible autonomy than the ministry • Not completely independent from the ministry • Even though it is still related to the ministry, it has more authority to regulate the budget and expenditure in order to achieve organizational goals • Not profit oriented Jacobsson and Sundström, quoted from the OECD (2005), outlines several objectives of agency, such as increasing efficiency, strengthening and reaffirming the meaning of responsibility and accountability, encouraging more professional administration, and adding public services closer to the community.
The implementation of agency ideas is interpreted in different contexts in each country. Allen Shick (2002), in 'Agencies in Search Principles', explains that there are 2 (two) cores of implementing New Public Management (NPM). First, the principle of 'let the managers manage'. The essence of this principle is to provide adequate space for managers in government agencies to plan, use and manage resources. The second principle is 'make manager manage'. The two principles in the NPM support each other and cannot be separated. The first principle provides broad discretion for managers to be able to work flexibly and accountably.
However, this discretionary right must be accounted for. The discretionary right, in the Government Administration Law Number 30 of 2014, can have legal consequences if it is carried out arbitrarily. In the perspective of the Corruption Eradication Law, the abuse of authority that results in state losses includes criminal acts of corruption (fraud). Therefore, there is a need for fraud control in the implementation of BLU business that adopts agency theory.
According to Siviana February et.al, in a book with a title "Pencegahan Fraud di Lembaga Keuangan Mikro Syariah" ("Fraud Prevention in Islamic Microfinance Institutions"), the function of a fraud control system includes detection, prevention, reporting and handling of fraud.

Detection
Good control and fraud signals are two things that can be seen in detection. Fraud detection can be carried out by implementing an effective accounting system and recognizing the form / variations of various anomalies that occur from standard practice.

Prevention
Prevention of fraud is the responsibility of officials and employees. This responsibility must be included in various supporting documents, such as the integrity pact, code of conduct, and a statement of commitment to implementing a fraud control system. The availability of employees / staff who have good knowledge of the dangers of fraud and are ready to disclose corrupt behavior is the most effective tool for disclose fraud. It is important for an institution to have a code of conduct to encourage staff to report all incidents of suspicious fraudulent behavior, and the possibility of significant waste of public power.

Reporting
Various facilities for complaints / reporting of fraud and protection programs for whistleblowers need to be developed by companies or agencies, including means of submitting fraud complaints, protection of fraud reporters from adverse actions to the recipient of the report, protection of information received and the identity of the reporter, and follow-up on complaints or reporting fraud

Handling
Handling is carried out in the form of an investigation when fraud has been identified. Investigations are carried out by investigating allegations of fraud carried out in accordance with the principle of universal justice.
With the delegation of authority to the BLU as an implementation of agency and new public management, it provides flexibility to the BLU in managing its finances which are also state finances. In financial management, regulations regarding BLU require governance and an internal control system. However, the flexibility provided requires control, especially over fraud control.

METHODS
In this research, the method used is normative legal research. Normative legal research sees law from the point of view of law itself as a value system, conceptual system, and a positive legal system (Nurul Qomar et.al, 2017). This study uses a statutes approach, by examining laws and regulations related to legal issues that are being handled (Marzuki, 2005). Normative legal research is qualitative in nature with the output of recommendations on the need for development and formation of law (Nurul Qomat et.al, 2017).
The analysis is carried out by collecting laws, government regulations, and ministerial/institutional regulations. In addition, literature studies are also carried out on reference books, journals and literature. The analysis is carried out in the form of a comparison table between regulations regarding governance and internal control systems in Public Service Agency (BLU) with the anti-fraud strategy stipulated in OJK Regulation Number 39/ POJK.03 / 2019. OJK Regulation No. 39/ POJK.03/2019 is used as a basis for comparison because this regulation is an extension of the Bank Indonesia Circular Letter Number 13/28/DPNP dated December 9, 2011 concerning the Implementation of Anti-Fraud Strategies for Commercial Banks. The internal control system stated in the OJK Regulation has been implemented in real terms in the banking world as a best practice business. Although there are differences in characteristics because BLUs are not profit oriented, in terms of implementation, there are similarities in their characteristics, namely services to the community.
The results of the analysis will describe the anti-fraud strategy that already exists and does not exist in the BLU governance and internal control systems. * risk identification; and * risk analysis. • Carrying out control activities in the form of actions taken in a control process over BLU activities at each level and unit in the BLU organizational structure through: * review of BLU performance; * control over the recruitment and development of human resources; * control over the management of information systems; * physical control over assets; * determination and review of performance indicators and measures; * separation of functions; * authorization of transactions; * accurate and timely recording of transactions and events; * restriction of access to resources and their recording; * accountability for resources and records; and * good documentation of the Internal Control System and transactions. • Organizing information and communication systems in the process of presenting information on operational activities, finance, and compliance with laws and regulations, through: * provision and use of various forms and means of communication; and * development, management, and continuous updating of information systems • Conducting control monitoring through an assessment process of the quality of the Internal Control System at each level and unit in the BLU organizational structure including the Internal Control function, so that it can be optimally implemented.

RESULT AND DISCUSSION
Meanwhile, based on the Financial Services Authority Regulation Number 39 / POJK.03 / 2019 concerning the Implementation of Anti-Fraud Strategies for Commercial Banks, the fraud control system is implemented using a tool which is an elaboration of 4 (four) interrelated pillars as follows: • Prevention contains steps to reduce the potential risk of fraud, which at least includes: Anti-Fraud Awareness, Identification of Vulnerabilities, and Know-Your-Employees Policy. • Detection contains steps to identify and find fraud in the Bank's business activities, which at least include: Complaint Handling Policies and Mechanisms (Whistleblowing), Surprised Audit, and Supervision System. • Investigation, reporting, and sanctions contain steps for investigations, reporting systems, and imposition of sanctions on incidents of fraud.
• Monitoring, evaluation, and follow-up contain steps to monitor and evaluate as well as follow up on fraud. In addition, in order for the implementation of the anti-fraud strategy to run effectively, at least it needs to be supported by strengthening aspects of risk management that focus on fraud control. The aspects of strengthening risk management consist of: • Active supervision of the Board of Directors and the Board of Commissioners on fraud • Policies and Procedures • Organizational structure that supports the effectiveness of implementing antifraud strategies and accountability • Control and Monitoring.
Based on the BLU governance and internal control system, if an analysis is carried out by looking at the pillars of the fraud control system, the results obtained are as follows (Appendix).

CONCLUSION
Based on the description above, it can be concluded that the BLU governance policies and the internal control system have not fully regulated aspects of the fraud control system. The pillars of the fraud control system that are already available in the BLU governance policy and internal control system include: 1) Know-Your-Employees Policy is in the form of: a) effective recruitment systems and procedures, b) selection system equipped with the right qualifications.2) Surprised Audit, 3) Supervision System. The pillars of the fraud control system that are not yet included in the BLU governance policy and the internal control system include: 1) Anti-Fraud Awareness. In the BLU administrative requirements, there is a statement of the willingness to improve service performance, finance, and benefits to the community. Therefore, antifraud awareness can be included as one of the BLU administrative requirements. 2) Know-Your-Employee Policy in terms of monitoring employee character, integrity, relationships, attitudes and behavior, and lifestyle. 3) Complaint Handling Policies and Mechanisms (Whistleblowing). 4) Investigation, Reporting System, Imposition of Sanctions, and 5) Monitoring, Evaluation, and Follow Up.

Pillars of Prevention BLU Governance and Internal Control System
Information Fraud Anti-Fraud Awareness. Through good leadership and supported by a high awareness of anti-fraud, it is hoped that the concern of all elements regarding the importance of fraud control will grow.
There is no BLU leadership policy to support antifraud awareness In the BLU administrative requirements, there is a statement of commitment to improve service performance, finance, and benefits to the community. This statement of commitment can also be added in the form of a BLU leadership commitment to express support for antifraud.
Vulnerability identification is a process for identifying, analyzing, and assessing the potential risk of fraud that can be done periodically or in the event of an indication of fraud.
One of the obligations of BLU leaders to implement an Internal Control System is to carry out risk assessments through risk identification and risk analysis.
Risk assessment in the Government Internal Control System (SPIP) includes an assessment of the potential risk of fraud, so that the pillar of vulnerability identification already exists in the BLU's internal control system.
The Know-Your-Employee Policy at least includes: an effective recruitment system and procedure that can provide a complete and accurate picture of a candidate's track record; a selection system that is equipped with the right qualifications by considering risks, and is determined objectively and transparently. The system must cover both promotions and transfers, including placements in positions that have a high risk of fraud; and Know-Your-employee policies include the introduction and monitoring of employee character, integrity, relationships, attitudes and behavior, and lifestyle.
The appointment and dismissal of BLU management officers and employees at least includes the following: the appointment of a BLU managing official takes into account the results of the assessment on the basis of qualifications, competence and performance in the form of a fit and proper test by the Minister / Head of the Institution; the appointment of BLU financial officers is carried out after obtaining approval from the Minister of Finance; Recruitment systems and procedures and a selection system equipped with the right qualifications already exist in the BLU governance and BLU internal control system Meanwhile, the introduction and monitoring of the character, integrity, relationships, attitudes and behavior, and lifestyle of employees have not been regulated in BLU governance and the BLU internal control system.