THE way a Gwent council set up procedures to spy on staff suspected of wrongdoing appears "not to have been appropriately controlled and formalised," a critical report concludes.
There is also "little evidence of oversight" of Caerphilly council's development of its employment surveillance activities, states the report of a review carried out for the Wales Audit Office by PricewaterhouseCoopers (PWC).
The report comes more than a year after concerns were raised about the council's surveillance processes.
Blackwood man Kevin Shaw, who did not work for the council, was subjected to three days of surveillance in 2010, with wife Kim, who was on sick leave from her teaching job.
“I’ve been awaiting this report. They can’t appease me. I wasn’t even working for the council. What were they hoping to achieve?" he said.
“I’ve always maintained that sometimes an apology is not enough, and in this case, it is certainly not enough. With this report they’ve highlighted a complete disregard to the law from the council.
“I’d like accountability for the officers of Caerphilly county borough council for the mismanagement of public funds. It’s sinister what they did. I’m still taking legal advice.”
Due to changes in the law, the council's legal and human resources services began to design a new process states the report, "which included a requirement to complete an application for surveillance to be undertaken from January 2012.
"However, as at July 2013, there were still no written procedures covering the process to be followed to initiate, consider and authorise employee surveillance."
PWC also confirmed that, "historically there was no formal documentation in place to evidence consideration of an impact assessment when employee surveillance was being proposed."
Such documentation now exists, but the review identifies an instance of employee surveillance set up and approved before the new processes were introduced, in which the council was "unable to provide any documentary evidence that clearly showed such an impact assessment had been undertaken."
There were still no formal written policies and processes setting out what is required in relation to considering the appropriateness of employee surveillance by last February, when the report is dated.
An independent review into the procurement of the main contractor used by the council to carry out employee surveillance services, Blackwood-based Conquest Surveillance Services, is till to report.
But PWC notes that internal auditors' findings "indicate that proper procurement processes were not followed in relation to letting this contract, which we understand has cost the council £209,000 over a six-year period, with over £150,000 having been spent in the three years to the end of 2013.
"This latter element of spend means that EU (European Union) procurement rules should have been followed to let this contract."
The council has already accepted that the letting of the contract did not comply with its own standing orders for procuring services, and the PWC report states: "It will be important for the council to understand root cause of the failure to comply... and to put in place actions to prevent a reoccurrence."
The council has not carried out employee surveillance since April 2013. A spokesman said it "has been awaiting these findings prior to engaging with the trade unions to update relevant policies and procedures."
"Similarly, a formal procurement process will be undertaken," she said.
"We are committed to good corporate governance, and the report's findings primarily reflect internal investigations on the issue that were concluded last year."