The Compensation Fund has been rocked by claims that the entity’s financial loss has ballooned to a staggering R71 million in the past two financial years, from R10 million in the 2022-23 financial year, due to alleged fraudulent activities.
According to senior internal sources, the amount is what has been identified and that there are still fraudulent activities yet to be detected, so the financial losses could be much worse.
Claims of deliberate looting
“The system has been intentionally designed to enable looting of the fund. The fund uses a system which is not encrypted and there are no proper controls in place,” an official said.
“There were payments amounting to R279 million made to medical service providers without supporting documents.”
The official claims fund bosses intend to collapse the fund deliberately to loot it. The fund, which sits in the labour department, provides insurance to employees for injuries, diseases or death sustained at work.
It also protects employees by paying for medical costs and lost income, while shielding employers from direct financial liability for workplace accidents.
The revelation comes against the backdrop of the auditor-general issuing a disclaimer audit opinion against the fund, warning that persistent financial mismanagement, weak controls and mounting fraud risks continue to undermine the entity responsible for compensating injured workers across South Africa.
Auditor-general warns of governance failures
According to the fund’s 2024-25 management report, the entity received the same adverse outcome as the previous financial year because management failed to adequately implement corrective measures recommended by auditors over several years.
The report paints a dreary picture of governance failures, unreliable financial records, illegal payments, cyber security weaknesses and constant Public Finance Management Act breaches.
Auditors found material discrepancies between the fund’s financial statements, trial balances and supporting documents, while in many cases, supporting evidence was either missing or submitted too late for verification.
Auditor-General Tsakani Maluleke warned the fund’s deteriorating control environment directly affected injured workers, who depended on the institution for compensation, rehabilitation and medical support.
According to the report, the “inadequate control environment leads to inaccurate calculations of compensation benefits and delays in the processing of claims submitted by workers”.
Fraudulent payments continue to rise
The report also pointed to growing losses linked to fraudulent bank account changes and intercepted payments.
The entity reported losses of R41.4 million in the 2024-25 financial year due to payments diverted into fraudulent accounts, up from R30.1 million the previous year and R10 million in 2022-23.
“The fund has incurred material losses due to payments made into fraudulent bank accounts. The intercepted payments were meant for legitimate claims by medical service providers, vendors and beneficiaries; however, the payments were intercepted, and the legitimate banking details were fraudulently changed,” the report revealed.
Auditors also performed procedures to confirm if payments were made to the intended beneficiaries and that the recipients were entitled to the payments made.
According to the report, management was unable to provide supporting documents for total payments of R14 622 826.33.
The auditors were therefore unable to confirm that valid payments were made to eligible beneficiaries.
“For the total payments of R10 348 249.65 we were not provided with evidence [WAC.33 and bank confirmation letters] to confirm that the bank accounts paid by the fund were the authorised bank accounts of the beneficiaries,” the report stated.
Cyber security flaws and failed projects exposed
Auditors warned that weak user access controls in the entity’s SAP and CompEasy systems exposed the fund to cyberattacks and unauthorised transactions.
Internal network testing identified 220 vulnerabilities, including 52 classified as critical and 73 as high risk.
In one of the most striking findings, the report reveals that the fund had already spent more than R60 million on software licences for a biometric identity management system that is still not operational.
The delayed R148 million project was meant to strengthen access controls and reduce fraud risks.
The report also flagged concerns over poor revenue collection, including failures to pursue long outstanding debtors, weaknesses in employer assessments and the continued granting of Section 85 reductions without proper verification.
The fund’s spokesperson, Hloni Mpaka, had not replied to questions by the time of publishing.
