Election Commissioner Luie Tito F. Guia receiving explanation from Sead Alihodzic about incremental and comprehensive approaches towards institutionalization of electoral risk management during a break .[Photo: Adhy Aman/International IDEA]
Continuing International IDEA’s Electoral Risk Management (ERM) Tour of Asia, we visited the Commission on Elections (Comelec) of the Philippines in Manila for the fifth one-day workshop on 24 May 2017. As with the previous stops of the Tour, we did not know what to expect other than the usual liveliness of the Philippine atmosphere. We felt very much welcomed at Comelec and the active participation of the attendees was rewarding indeed. Comelec is a mature institution having been established in 1920 with more than 5,000 staff members throughout the country.
During the first half of the workshop, we presented the contents of International IDEA’s Policy Paper No. 14 entitled “Risk Management in Elections” published in November 2016 and a discussion followed. From the discussion, it emerged that the Comelec has a formal risk management process in place, but only specifically relating to the use of machines in the voting and counting process; popularly known as the “Automated Election System” (AES). This simply means that ballots marked by voters are scanned through a PCOS (Precinct Count Optical Scanning) Machine. Votes are therefore tallied by the machine and transmitted ‘over the air’ to a central server. The AES was first introduced in the 2009 General Elections. Treated as a project, it initially involved a private technology company, which supplied the PCOS machines along with the necessary software for operating them. As such, a risk management procedure was apparently built into it.
The details of it was revealed in the latter half of the day when participants were asked to take stock of existing processes within Comelec that are designed - or have the potential - to identify risks; measure and analyze risks; report risks; and allow decision- and action-making for preventing and mitigating risks. These are part of the so-called the Risk Management Cycle. In this discussion, the shape and form of the ERM system linked to AES became apparent.
Firstly, to identify risks, past and present activities are recorded, including inputs from the media and civil society. These are also compared to past problems encountered in order to focus towards early detection of potential risks.
Secondly, data is collected and analyzed to verify the identified potential risks. Inputs obtained from the various assessments and evaluations conducted are fed into the analyses, too. Potential risks are now classified into definite risks if the analyses so indicate.
Thirdly, those identified as risks are therefore reported upwards. The procedure would depend on three things: the person who is reporting; gravity of the risk; and the urgency of the response. There is a number of ways for reporting AES risks, i.e. through evaluation forms; implementation of the risk management plan; through regular Management Committee meetings; and periodic Steering Committee meetings that include the technology providers.
And fourthly, decisions on the response to the reported risks are then made by the Commission En Banc (all commissioners present in accordance to the quorum). Like any organization, there are also decisions that are delegated to staff.
This is an illustration of the ERM system formally put in place specifically for the implementation of the AES. However, the system is not standardized for the whole of Comelec. As such, Comelec’s ERM system is formal, but partial. We therefore recommend for Comelec to take steps into fully institutionalizing ERM as the basis is already present and running. As elaborated in the Policy Paper, Comelec has two approaches to choose from: incremental and comprehensive as the table below shows.
The existing ERM system for AES means that Comelec does not have to institutionalize ERM from scratch like many EMBs do. This is a significant advantage. International IDEA hopes to be able to guide EMBs who are willing to institutionalize ERM. We have some tools already available for this, but more operational guidance needs to be developed.