ENVIRONMENTAL AND SOCIAL SYSTEMS ASSESSMENT (ESSA) FOR THE PUBLIC FINANCIAL MANAGEMENT AND PROCUREMENT SYSTEMS FOR SERVICE DELIVERY (P180722) PREPARED BY THE WORLD BANK JANUARY 18th, 2024 Acronyms CAG Controller and Auditor General CPF Country Partnership Framework D-Fund Development Fund DLI Disbursement Linked Indicator DLR Disbursement Linked Result DPO Development Policy Operation e-GA Electronic Government Authority, Mainland e-GAZ Electronic Government Authority, Zanzibar e-GP Electronic Government Procurement ESSA Environmental and Social Systems Assessment FYDP III Five-Year Development Plan III GDP Gross Domestic Product IAG Internal Auditor General ICT Information Communication Technology IPF Investment Project Financing IVA Independent Verification Agent JSC Joint Steering Committee KRA Key Results Area KRSO Key Results in Specific Objectives LGAs Local Government Authorities M&E Monitoring and Evaluation MDAs Ministries, Departments and Agencies MoF Ministry of Finance NAOT National Audit Office of Tanzania PAP Program Action Plan PBB Performance Based Budgeting PCN Program Concept Note PDO Program Development Objective PEFA Public Expenditure and Financial Accountability PES Procuring Entities PFA Public Finance Act PFM Public Financial Management PFMRP Public Financial Management Reform Programme PforR Program for Results PIM Public Investment Management PMG Paymaster Master General POC Parliamentary Oversight Committee i|Page PPA Public Procurement Act PPRA Public Procurement Regulatory Authority SCD Systematic Country Diagnostic SOE State Owned Enterprise SORT Systematic Operations Risk Rating Tool TANePS Tanzanian National e-Procurement System TCRA Tanzania Communications Regulatory Authority TRA Tanzania Revenue Authority URT United Republic of Tanzania ii | P a g e Table of contents Acronyms ......................................................................................................................................... i Table of contents ............................................................................................................................ iii List of Figures ................................................................................................................................ iv List of Tables ................................................................................................................................. iv EXECUTIVE SUMMARY ............................................................................................................ v 1. INTRODUCTION AND BACKGROUND ......................................................................... 1 1.1. Program description and objective ....................................................................................... 3 1.2. Country Context ................................................................................................................... 3 1.3. Sectoral and Institutional Context of the Program ............................................................... 5 1.4. Program Objectives and Result Indicators ........................................................................... 6 1.5. PforR Program Scope ........................................................................................................... 7 1.6. Proposed Disbursement-Linked Indicator ............................................................................ 9 1.7. PFMRP Oversight and Implementing Arrangement .......................................................... 10 1.8. Program Geographic Area and PFMRP Implementing Structure ..................................... 11 2. ESSA SCOPE AND METHODOLOGY FOR PFMRP .................................................... 11 2.1. ESSA Scope ....................................................................................................................... 12 2.2. ESSA Approach and Methods ............................................................................................ 12 2.3. Systems Analysis Approach ............................................................................................... 13 3. THE ENVIRONMENTAL AND SOCIAL POLICY, LEGAL AND INSTITUTIONAL FRAMEWORK RELEVANT TO THE PFMRP ......................................................................... 13 4. ESSA FINDINGS AND POTENTIAL ENVIRONMENTAL AND SOCIAL EFFECTS OF THE PROGRAM .................................................................................................................... 29 4.1. Potential Environmental and Social Economic Benefits .................................................... 29 4.2 Potential Environmental and Social Risks and Impacts ..................................................... 30 4.3 Good International Industry Practice (GIIP) of E-waste .................................................... 40 4.4 E –waste Management Situation in the Tanzania Mainland .............................................. 41 4.5 E –Waste Management Situation in Zanzibar .................................................................... 43 4.6 Data Protection and Cyber Security Procedure within PFMRP Institutions ...................... 44 4.7 Exclusion Criteria ............................................................................................................... 48 5 OPERATIONAL PERFORMANCE AND INSTITUTIONAL CAPACITY ASSESSMENT ............................................................................................................................. 48 5.1 Integrated Risk Assessment................................................................................................ 55 6 RECOMMENDED MEASURES TO IMPROVE SYSTEM PERFORMANCE.............. 57 7 STAKEHOLDERS CONSULTATIONS........................................................................... 61 REFERENCES ............................................................................................................................. 65 APPENDICES .............................................................................................................................. 67 iii | P a g e Appendix 1: Business Process Flow for the Treasury Register Office System for Disposal of Public Assets, Zanzibar ...................................................................................................... 67 Appendix 2: E-Government (e-GA) Responsibilities in Assisting other Government Institutions .......................................................................................................................... 72 Appendix 3: PFMRP Implementing Institutions Readiness to Fight Against Cybersecurity Threats and Data Protection Capacity, Zanzibar ................................................................ 77 Appendix 4: PFMRP implementing institutions readiness to fight against cybersecurity threats and data protection capacity, Tanzania Mainland .............................................................. 79 Appendix 6: List of people consulted and held discussion during capacity assessment........... 86 Appendix 7: Consultation with private sector, academicians, people with Disabilities and development partners in Dodoma....................................................................................... 88 Appendix 8: Consultation with private sector, academicians, people with Disabilities and development partners in Dodoma....................................................................................... 89 List of Figures Figure 2.1 Theory of Change ....................................................................................................... 7 Figure 2.2: PFMRP Oversight and Implementing Structure ................................................. 11 List of Tables Table 4.1: Types of ICT and Infrastructure to be procured and disposed following PFMRP Implementation in Tanzania Mainland ......................................................................................... 31 Table 4.2: Types of ICT and Infrastructure to be procured and disposed following PFMRP Implementation in Zanzibar .......................................................................................................... 34 Table 4.3: Toxic Substances in E-waste and Associated Health Implications ............................. 38 Table 4.4: Roles of Institutions/Agencies on E-Waste Management, Tanzania Mainland .......... 42 iv | P a g e EXECUTIVE SUMMARY Public Financial Management and Procurement Systems For Service Delivery (PFMRP) is a Program designed to strengthen accountability, transparency and institutional capacity in public resource management. It is a five-year project (from 2023 –2027) intended to improve public financial management, including domestic revenue management and external resource mobilization, public procurement, and public investment management systems in selected entities. Specifically, PFMRP has been prepared to help in the implementation of the recently launched “Public Financial Management (PFM) Reform Program (PFMRP) Phase VI Strategic Plan (2022-27)” whose objective is to consolidate, deepen, and sustain public financial management reforms with a view of ensuring improved delivery of public services. The project will be implemented by the United Republic of Tanzania, Ministry of Finance (MoF) and the Revolutionary Government of Zanzibar, President`s Office - Finance and Planning. To guide the preparation and implementation of PforR operation, the WB Environmental and Social (E&S) Team has prepared an Environmental and Social Systems Assessment (ESSA). The ESSA targets to examine Tanzania’s existing environmental and social (E&S) management system’s legal, regulatory, and institutional framework; propose measures to strengthen the system; and integrate these measures into the overall Programme. On the capacity of implementing institutions, ESSA focused on their operational structures, capacity to protect data and fighting against cybersecurity threats, ability to manage electronic waste (e-waste) and or Waste from Electric and Electronic Equipment (WEEEs), experience in implementing projects funded by the World Bank, availability of unit/department/team for the E&S and the staffing capacity, and availability of operational tools (assessment & monitoring equipment, documentation & records management, transport, among others. The following is an anecdote summary of the ESSA findings: Potential Environmental and Social Economic Benefits are as follow: Social benefits: The proposed interventions will set up vigorous systems that will strengthen financial management and procurement systems in Tanzania. It also targets to fully integrate and harmonize the financial management system, promote, and advance e-procurement, and asset management which will enhance transparency and improve efficiency for the entire cycle of PFM. These benefits will be achieved by implementing different activities including improving of domestic revenue mobilization and debt management; strengthening public procurement management; and improving management of public expenditures, financial reporting, and accountability. v|Page Environmental Benefits: The specific examples of environmental benefits of the Programme include: • The Program will support MoF, PO-FP and other PFMRP implementing agencies in capacity-building interventions, including how to integrate environmental and social issues in their operation. This will enhance and create awareness of officials to understand E&S issues. • It will increase the awareness and ability of the implementing institutions on sustainable e-waste management. • Promotion and advancement of green procurement will help the country in many ways. For instance, the implementing agencies will be encouraged to procure ICT equipment and products which are recyclable (e.g., eco-label for computers), re-usable, energy- serving, long-life products (long functionality); products with lowest possible radiation and emission of noise and pollutants; products which are reparable and whose spare parts are deliverable; products with duplex function; and The implementing agencies will be encouraged to procure products from producers or suppliers who are liable under contract to take back the old machines and dispose them in an environmentally sound way. This will be central to implementation of e-waste regulations which encourage Extended Producer Responsibility (EPR). MoF, PO-FP to discuss with the NEMC and agree on the best way of putting this into practice. Potential Environmental and Social Risks and Impacts: the potential social risks associated with this Program are related to \ both data protection and cyber-security. This might arise due to integration and harmonization of financial management systems and e-Procurement which could compromise security of institutional data and information from invention and infringement leading to damage of institution image and reputation. Possibility of exclusion and discrimination of vulnerable individuals and groups from project benefits: The project benefits, especially those related to capacity building of officials in areas of financial, procurement and asset management may not target all the staffs within the implementing institutions. With advice from the World Bank, the implementing institutions will devise mechanisms for ensuring equitable treatment of any vulnerable groups and particularly accrue project benefits. Further, spread of Sexually Transmitted Diseases (STDs) and potentially increase of Gender based Violence (GBV) and Sexual Exploitation and Abuse (SEA). GBV, and SEA are likely to happen because the Programme activities necessitate enhancement of technical and technological capacity of staff to achieve effective execution of PFM. Such capacity building will increase engagement and interactions among the staffs of the participating institutions and external experts which might expose them to GBV and SEA risks. vi | P a g e Environmental and Health Risks and Impacts associated with Electronic Waste: The environmental risks of this Program are those related to electronic waste generation (e-waste). For effective implemenation of PFMRP, participating institutions will procure a lot of electronics. Likewise susbstantial amount of ICT equipment are likely to be disposed, leading to an increase of e-waste problems. ESSA has found that the implementing agencies are aspiring/planning to procure substantial amount of ICT equipment and subsequently will replace and or dispose of some existing ICT equipment which might have environmental and health risks if not managed well. For instance: ▪ Most of electronic equipment contain hazardous chemicals and materials such as Lead (Pb), Cadmium (Cd), Beryllium (Be), and Brominated Flame Retardants. Inadequacies/limitations in recycling and disposal of electrical and electronic waste can cause health and environmental pollution problems. ▪ E-waste handling and disposal also expose people to non-dioxin-like polychlorinated biphenyls (PCB), polycyclic aromatic hydrocarbons (PAH), polychlorinated dibenzo-p- dioxins (PCDD), polychlorinated dibenzofurans (PCDF) and dioxin-like polychlorinated biphenyls (DL-PCB). Most of these compounds are endocrine disrupters that are neuro- and immune-toxic. E-waste-related toxic elements can enter living organisms through air (e.g. open burning), soil (e.g. disposal), water via ingestion (e.g. containation of food chains due to improper disposal and primitive recycling processes), inhalation, and dermal absorption (e.g. dust and direct exposure of workers who work in primitive recycling areas and their families). ▪ E-waste is resistant to biodegradation with strong tendency to bio-accumulate in agricultural lands and be available for uptake by grazing livestock. Elevated levels of e- waste pollutants in water, air, soil, dust and human matrices (blood, urine, breast milk) indicate that the e-waste workers are not the only who are prone to exposure to e-waste since the the general public and future generations are at risk too. The consequences of improper management of the e-waste leads to landfills, release of toxic chemicals, degradation of earth’s surface and, most importantly, health problems. Exclusion criteria will be included in this ESSA to avoid significant impacts. Capacity of Implementing Institution to Integrate Environmental and Social Issues Related to the PFMRP Project: Generally, institutions under MoF (mainland Tanzania) are relatively well prepared in terms of data protection and fighting against cyber security threats compared to those in Zanzibar. Out of 8 institutions which were assessed in Zanzibar, only eGAZ and OCAGZ had some capacity for data protection and fighting against Cyber Security threats while the rest had limited capacity. On the mainland, all institutions at least have Cyber Security Policy and ICT Departments. Their ICT departments have personnel with expertise in database, network, application management and risk and compliance to facilitate data Protection. In vii | P a g e addition, almost all the implementing institutions in Tanzania mainland have a considerable experience in implementing donor funded projects and in working with multilateral organizations though they have inadequate experience in implementing World Bank-Funded Projects. On the contrary, most of the implementing institutions in Zanzibar have inadequate experience in implementing projects, particularly World Bank Funded Projects. To address such risks, the participating institutions will have to take necessary measures to enhance safety and protection of individuals and institutions’ data against leakage and cybersecurity threats. The project will also need to assess the extent to which data protection and security is already implemented by participating institutions, devising and or updating existing ICT Security Policies, undertaking vigorous capacity building for IT personnel and other staff on data protection and cybersecurity as well as carrying out Cybersecurity Audit. Cybersecurity Audit is important in determining whether participating institutions have proper cybersecurity mechanisms and complies with relevant regulations and good international practices. Legal Framework, Regulatory Authority, Organizational Capacity and Performance: In general, PFMRP’s ESSA has found that the national regulatory framework for E&S management in Tanzania is consistent with the Bank PforR Policy and the Directive regarding the principles and critical elements. They provide a reasonable basis for addressing environmental, health, safety, and social issues likely to arise in the proposed Programme. In addition, Procedures, technical guidelines exist for E&S due diligence concerning the potential E&S risks and impacts of the Programme and risks to the Programme’s achieving its results. For instance, eGA, and eGAZ have been entrusted to coordinate, capacitate and overseeing public institutions in data protection and cybersecurity issues. This is done under the e-Government Strategy of 2019, “e- Government Standards and Guidelines, eGovernment Act No. 10 of 2019, Government Cyber Security Strategy 2022, and Cyber Crime Act of 2015 which all guide data project issues. Health issues will be guided by the National HIV/AIDS Policy 2001, the HIV and AIDS (Prevention and Control) Act No. 28 of 2008, and the Penal Code (revised 2002). In addition, Tanzania mainland has a well-established institutional arrangement to deal with e- waste which will also apply for Zanzibar for this project. In particular, the Environmental Management Act (EMA) of 2004; the Zanzibar Environmental Management Act No. 3 of 2015; the Environmental Management (Hazardous Waste Control and Management) Regulations (2021); The electronic and Postal Communication (Electronic Communication Equipment Standards and E-waste Management) Regulations, 2020; The Public Procurement and Disposal of Public Assets Act (2016), Zanzibar; Public Assets Management Guideline Revised Edition (2019); The Environmental Management (Control and Management of Electrical and Electronic Equipment Waste) Regulations, 2021 and The Environmental Management (Fees and Charges) Regulations (2021) will be instrumental in guiding procurement and disposal of e-waste. The implementing institutions will be guided by NEMC to comply with these regulations. Therefore, the only challenge that may arise can be related to the noncompliance with E&S requirements as per the WB’s core principles which govern PfoR Programs as well as country’s laws and viii | P a g e regulations due to inadequate human resources and inadequate budget for some of the implementing institutions. All the implementing institutions under MoF and PO-FP have no dedicated Units or staff to oversee E&S issues which are likely to compromise PFMRP meeting its E&S requirements. To address shortcomings, this ESSA has made several recommendations at program level to strengthen system performance for Environmental and Social Management as detailed in table below ix | P a g e Measures to Strengthen System Performance for Environmental and Social Management S/N Target Objective Action Item (s) Progress indicators Responsible Time Frame Outputs Screen all ineligible Procurement and or 1. Avoid use or Procured ICT equipment MoF, PO-FP Throughout Sustainable/Gree importation of ICT equipment that procurement of to be free from lead, & all the project cycle n procurement contain lead, mercury, cadmium, equipment containing mercury, cadmium, implementin hexavalent chromium, polybrominated Hazardous materials. hexavalent chromium, g institutions. biphenyls or polybrominated diphenyl polybrominated ether shall be exclude by applying agreed biphenyls or screening criteria. polybrominated diphenyl. Instruments: • PAP action in the legal agreement. • Included in the verification of DLR. All the implementing institutions to be Training program in MoF, PO-FP Within six Increased capacitated on issues of Green place. & all the months to awareness on Procurement and basics of sustainable implementin one year of sustainable/green Over 80% of procurement as include in Public g institutions. Project procurement implementing PFMRP Procurement Act No 10 of 2023. effectiveness among PFMRP institutions’ staff get . implementing Instrument: Training plan on green capacitated on Green institutions. procurement. Procurement issues. Aplication of Extended Producer 2. Ensure effective Agreement between MoF, PO-FP Throughout Enhanced Responsibility (EPR) under the e-waste implementation of the PFMRP implementing & all the project cycle effective regulations shall be used through Tanzanian environmental institution and suppliers implementin management of procurement, requiring the suppliers and / and social management and / or producers to g institutions e-waste. or producers to handle the generated e- system for the PforR handle the generated e- waste at the end of product life as Program (e-waste in waste at the end of applicable. particular). product life as applicable. Seek advice from NEMC and PPRA during procurement of ICT and i|Page S/N Target Objective Action Item (s) Progress indicators Responsible Time Frame Outputs subsequent disposal of e-waste. Instrument: Include PAP actions in legal agreement. E&S specialists in place MoF & PO- Within three Enhanced Hire and or second E&S specialists and and get integrated to the FP months of capacity of integrate him/her to the PIUs at the MoF PIUs at the MoF and Project monitoring, and PO-FP respectively. PO-FP respectively. effectiveness supervision, and . enforcement of E&S management enhanced. MoF, PO-FP and the rest of the Training program in Within One Staff’s implementing institutions to conduct MoF & PO- place & increased and Two knowledge, training of its staff to improve level of FP awareness staff years of attitude, and knowledge, attitude, and practice towards awareness on e-waste Programme practice towards e-waste management. management issues. effectiveness e-waste . management All implementing institutions should get enhanced. familiarized with basics of the Environmental Management (Control and Management of Electrical and Electronic Equipment Waste) Regulations, 2021). PO-FP and its agencies should consider to applying the Environmental Management (Control and Management of Electrical and Electronic Equipment Waste) Regulations, 2021) to guide issues of E-waste. MoF and PO-FP to work closely with 3. Ensure effective data MoF and PO-FP to MoF, PO-FP Throughout Enhanced data ii | P a g e S/N Target Objective Action Item (s) Progress indicators Responsible Time Frame Outputs protection, control, and eGA and eGAZ to enhance their capacity initiate a formal & all the project cycle protection, fight against in data protection and fighting against agreement with eGA implementin control, and fight cybersecurity threats. cyber-threats. and eGAZ to assist them g institutions. against in data protection and cybersecurity All implementing institutions (Tanzania fighting against cyber- threats. mainland and Zanzibar) to get connected threats. to the secure Government network. Instrument: Formal agreement between eGA and MoF and PO-FP on data management issues get signed. In collaboration with eGA and eGAZ all Cybersecurity Audit MoF, PO-FP Within six Enhanced data the implementing agencies to undertake Report. & all the months to protection, Cybersecurity Audit to determine implementin one year of control, and fight whether implementing institutions have Training plan in place g institutions Project against proper cybersecurity mechanisms and with subsequent training effectiveness cybersecurity complies with relevant regulations. of staff in participating institutions on data . threats. Plan for routine capacity building in data protection and protection and cybersecurity. cybersecurity issues. In consultation with eGA and eGAZ all Cybersecurity Policy in All Within One Enhanced data implementing agencies to have functional Place. institution and two protection, and strong Cyber Security Policies that which has years of control, and fight capture all necessary strategies including not Project against antiviruses choice, use of strong developed effectiveness cybersecurity passwords, multi-factor authentications, Cybersecurit threats. access control, choice of operating y Policy. system and a workable business continuity plan for both infrastructure and people (e.g., working area recovery, iii | P a g e S/N Target Objective Action Item (s) Progress indicators Responsible Time Frame Outputs disaster recovery site, HR policy- personnel retention and succession plan). All the implementing institutions who Risk and Compliance All ICT Within One Enhanced data have no Risk and Compliance Expert in Expert to be in place. Departments year of protection, their ICT structure to consider hiring one. without that Project control, and fight capacity. effectiveness against cybersecurity threats. 4. Strengthen procedures to With advice from World Bank, MoF & Vulnerable groups MoF, PO-FP Throughout Enhanced promote equitable PO-FP will devise mechanism which willwithin implementing & all the project cycle equitable allocation of benefits to ensure equitable treatment of any institutions accrue implementin allocation of all individuals within the g institutions project benefits project benefits related vulnerable individuals and particularly to implementing agencies. to all social accrue project benefits. to PFMRP capacity groups within building as well as ICT implementing Instrument: Report indicating how vulnerable groups are accommodated in equipment with required institutions. assistive devises where the Program. possible. iv | P a g e 1. INTRODUCTION AND BACKGROUND The United Republic of Tanzania is envisaged to prepare and implement Public Financial Management and Procurement Systems for Service Delivery Project (PFMRP) with funding from the World Bank. The project is designed to strengthen accountability, transparency and institutional capacity in public resource management. This will be achieved through improving public financial management, including domestic revenue management and external resource mobilization, public procurement and public investment management systems and processes in select entities, to enable improved public service delivery. The project will be implemented by the United Republic of Tanzania, Ministry of Finance (MoF) and the Revolutionary Government of Zanzibar, President`s Office - Finance and Planning. Tanzania has recently launched the “Public Financial Management (PFM) Reform Program (PFMRP) Phase VI Strategic Plan (2022-27)” with objective to consolidate, deepen, and sustain PFM reforms with a view to enable improved delivery of public services. PFMRP targets to assist implementation of PFMRP strategic plan and its objectives. The proposed program is aligned with the World Bank’s Country Partnership Framework (CPF) for Tanzania for fiscal years (FY) 2018 - 22. CPF, currently being updated, aims to support Tanzania’s efforts towards reinforcing pathways to foster inclusive and sustainable job-creating growth and poverty reduction and recognizes that “Institutional Transformation to Better Deliver Services and Promote Private Sector Growth” is a key development challenge to GoT. The proposed program is consistent with CPF which seeks to “Modernize and Improve the efficiency of public institutions” through (i) Strengthening public accountability and financial efficiency in delivering services, (ii) improving efficiency and competitiveness in public investments, (iii)better leveraging ICT to modernize the public sector. The program also aims to address constraints outlined in the draft 2023 Systematic Country Diagnostic (SCD) update for Tanzania including the capability of public institutions to deliver better services and public investment. As a general requirement to guide preparation and implementation of the Program for Results (PforR) operation, the World Bank prepares an Environmental and Social Management Systems Assessment (ESSA). An ESSA targets to examine Tanzania’s existing environmental and social (E&S) management systems that is the legal, regulatory, and institutional framework; proposes measures to strengthen the system; and integrates these measures into the overall Program. In order to effectively manage Program risks and promote sustainable development, prepared ESSA has to be consistent with the six “Core Principles” as outlined in the World Bank’s Policy on Program-for-Results Financing Paragraph Eight (8). Specifically, the ESSA is designed to determine the consistency of the country existing systems with the proposed PforR operation along three dimensions: (1) systems as defined in the legal and regulatory framework of the country; (2) capacity of the Program implementing institutions to effectively apply the E&S management systems associated with the Program’s E&S effects as well as (3) the proposed set 1|Page of actions in the Program Action Plan that addresses the major gaps in the system as identified in the ESSA report. The six Core Principles of environmental and social management and assessment include: a) Core Principle 1: General Principle of Environmental and Social Assessment. Environmental and social management procedures and processes are designed to (a) promote environmental and social sustainability in the program design; (b) avoid, minimize, or mitigate against adverse impacts; and (c) promote informed decision- making on a program’s environmental and social effects. b) Core Principle 2: Natural Habitats and Physical Cultural Resources. Environmental and social management procedures and processes are designed to avoid, minimize, and mitigate adverse impacts on natural habitats and physical cultural resources resulting from the program. c) Core Principle 3: Public and Worker Safety. Environmental and social management procedures and processes are designed to protect public and worker safety against the potential risks associated with (a) construction and/or operations of facilities or other operational practices developed or promoted under the program; (b) exposure to toxic chemicals, hazardous wastes, and otherwise dangerous materials; and (c) reconstruction or rehabilitation of infrastructure located in areas prone to natural hazards. d) Core Principle 4: Land Acquisition. Land acquisition and loss of access to natural resources are managed in a way that avoids or minimizes displacement, and the affected people are assisted in improving, or at least restoring their livelihoods and living standards Land Acquisition. e) Core Principle 5: Indigenous Peoples and Vulnerable Groups. Due consideration is given to cultural appropriateness of, and equitable access to, program benefits giving special attention to rights and interests of Indigenous Peoples and to the needs or concerns of vulnerable groups; and f) Core Principle 6: Social conflict. Avoid exacerbating social conflict, especially in fragile states, post-conflict areas, or areas that are subject to territorial disputes. Therefore, the ESSA is intended to ensure that programs supported by PforR financing are implemented in a manner that maximizes potential E&S benefits and avoids, minimizes, or mitigates all adverse E&S impacts and risks. It reviews the relevant legal and regulatory framework and guidelines and identifies strengths in the system as well as inconsistencies with the six core principles of the Bank Policy on Program-for-Results Financing. The ESSA 2|Page describes the potential E&S effects associated with PFMRP activities. It also assesses institutional role and responsibility related to PFMRP implementation and describes the current capacity to carry out those roles and responsibilities. More specifically, ESSA presents the government’s regulatory and administrative framework and the capacity of the relevant implementing agencies1, including local government authorities to integrate E&S in its operation. It also makes consideration of relevant previous experience in the sector, against the E&S effects that are likely to be associated with the Program. The assessment involved data collection, literature review and extensive consultation with implementing agencies as well as other stakeholders. Therefore, this ESSA presents the baseline data used to inform the analysis of the existing systems vis-à-vis the six Core Principles for E&S management in the Bank Policy on Program-for-Results Financing. Based on the findings of the analysis, the ESSA presents a set of actions to strengthen the existing system proposed for inclusion in the Program Action Plan. These actions are intended to contribute to the Program’s anticipated results to enhance institutional performance. 1.1. Program description and objective This chapter describes the scope of the proposed PFMRP PforR operation, its strategic and institutional context. 1.2. Country Context The United Republic of Tanzania is a union between Tanganyika and the islands of Zanzibar. In 2020, the country’s population was estimated at 57.6 million. The country has a young population with a median age of 18 years. Its population growth rate is about 3.0% per annum, hence it is among the countries with the fastest growing populations globally. Such a high population growth rate is due to a high total fertility rate coupled with a reduction in child mortality. The country’s Human Capital Index for Tanzania in 2020 was estimated to be 0.39 (similar to 2017 and 2018). This is similar to that of Burundi, but just below that of Malawi (0.41) and Zambia (0.40), and much below the that of Kenya (0.55). Due to the high population growth, the absolute number of poor people increased from 12.3 million in 2011 to about 14.0 million in 2018 and is estimated to have further increased to 15.2 million in 2020. A large proportion of the nations’ population remains vulnerable and at the risk of falling back into poverty. 1 For Tanzania Mainland: MoF, Ministry of Natural Resources and Tourism (MNRT), Presidents’ Office Regional Administration and Local Government (PO – RALG), the National Audit Office of Tanzania (NAOT), Office of Treasury Registrar (OTR), Tanzania Revenue Authority (TRA), Public Procurement Regulatory Authority (PRA), and Parliamentary Budget Office (PBO). For Zanzibar implementing agencies include President’s Office-Finance and Planning (PO-FP), Office of the Controller and Auditor General-Zanzibar (OCAGZ), Office of Internal Auditor General (OIAG), Zanzibar Public Procurement and Disposal of Public Assets Authority (ZPPDA), House of Representatives (HoR), Zanzibar Revenue Authority (ZRA), Zanzibar Planning Commission (ZPC), E-Government (eGAZ) and the Zanzibar Institute of Accountants, Auditors and Tax Consultants (ZIAAT).” 3|Page Tanzania has experienced stable socio-economic development for many decades now founded on strong macro fundamentals. This contributed to quick stabilization from the COVID-19 pandemic., Although economic recovery has been relatively modest due to strong headwinds created by the ongoing war in Ukraine, tightening global financial conditions, and global economic slow-down. Recent WB reports indicate that, Tanzania’s real GDP growth rate rose to 5.2 percent in the first nine months of 2022, up from 4.8 percent in the same period in 2021, despite persisting domestic challenges, and deteriorating external conditions. The services sector accounted for half of GDP growth, led by trade, transportation, and financial services. The WB projects that, Tanzania’s GDP growth rate will amount to 5.1 percent in 2023 and reach 6 percent by 2025, close to its long-run potential. While net foreign direct investment (FDI) inflows into Tanzania have been going downward over the past few years, there are signs of partial recovery of investment activity. Policymakers are increasingly focusing on attracting private investment, and increased budgetary predictability and greater expenditure efficiency will be crucial to foster a conducive business climate (Tanzania Economic Updates: Issue 19, 2023). At about 17 percent of GDP, the total public spending in Tanzania is below the average for Sub- Saharan Africa (18 percent), low-income countries (21 percent), and lower-middle-income countries (28 percent). Public spending is also lower than in regional per countries such as Uganda (21.4 percent), Kenya (24.7 percent), and Rwanda (32.9 percent). While public spending is low across all expenditure categories, the gap is largest for social spending. For example, while public spending on education and healthcare in Tanzania averages 3.3 percent and 1.2 percent of GDP, respectively, the averages for lower-middle-income countries are 4.4 percent and 2.3 percent. Low levels of public spending reflect weak domestic revenue mobilization and the government’s commitment to maintaining fiscal and debt sustainability (Tanzania Economic Updates: Issue 19, 2023). Tanzania remains vulnerable to the impacts of climate change and is prone to the risks caused by extreme weather conditions such as increased seasonal variation in rainfall and temperature as well as frequent and prolonged droughts and floods. Droughts are frequent in Tanzania and have devastating impacts on the economy, agricultural output, food security, and hydro-power generation, undermining the efforts to alleviate poverty and food insecurity. Similarly, flooding is natural hazard that takes place regularly as a result of heavy rainfalls and rise in the sea level. About a quarter of Tanzania’s population live along the coast and is susceptible to the impact of rise in the sea level. With the variation in temperature and precipitation, vector-borne diseases, including malaria, have expanded into highland regions that were historically unaffected. Rapid urbanization can also exacerbate the effects of climate change in densely populated areas. 4|Page 1.3. Sectoral and Institutional Context of the Program As pointed out from the very outset, the Public Financial Management and Procurement Systems for Service Delivery Project aims to addresses significant PFM issues in both the Mainland and Zanzibar and would have a profound multi-sectoral impact through improved efficiency of public expenditures and value for money. It thus addresses the most pressing challenges related to the Public Financial Management and Procurement Systems. Tanzania’s most urgent reform priorities include measures to improve efficiency and effectiveness of expenditure programs and boost tax-revenue mobilization. Tanzania’s National Development Vision 2025 and Five-Year Development Plan III (FYDP III) both reference the need for reliable PFM systems. Furthermore, the Zanzibar Development Vision 2050 identifies effective public financial management as a priority with a focus on domestic revenue mobilization. Public financing of development priorities in Tanzania continues to be constrained by weak domestic revenue mobilization and inefficiency in the management of public finances. Historically, the Government recognizes the importance of effective PFM arrangements as a contributor to achieving the goals set out in national development plans. In the 1990’s, a series of public financial reform programs were launched, starting with PFMRP phase I in 1998. There have subsequently been a further four phases of reform culminating in PFMRP phase V whose implementation ended in May 2022. These reforms sought to improve shortcomings in key PFM areas including: the management of public resources, budget planning and preparation, financial reporting and accountability, public procurement management and external audit and oversight functions. Past PFM reforms have led to significant achievements in the sector. Most notably, the rollout of electronic revenue collection systems has contributed to an increase in non-tax revenue collection by 350% over the past five years. Other notable reforms include the adoption of a treasury single account, the roll out of expenditure management systems, the introduction of electronic procurement systems, the development and rollout of the central budget management information system and strengthened parliamentary oversight functions. Despite the impressive gains accrued, there are weaknesses in the core aspects of PFM such as budget credibility, cash management, and commitment control, which threaten to undermine the value of the improvements achieved. Indeed, the lack of a reliable, credible annual budget, a weak control environment and deficiency in terms of transparency in the financial reporting of public institutions remain the biggest threat to the PFM system in mainland Tanzania according to the most recent Public Expenditure and Financial Accountability reports (PEFA 2022). The limited relationship between, and relevance of the budget appropriation, compared to the actual outruns is a significant challenge. For instance, the 2022 PEFA report for Mainland Tanzania shows that when comparing budget outturns for the fiscal years 2018/19, 2019/20, and 2020/21, the outturns against budget allocations were 79%, 84% and 114% respectively. In 5|Page Zanzibar, the most recent PEFA diagnostic (2018) also indicated a significant need to improve fiscal discipline. High levels of expenditure arrears and weaknesses in the monitoring of arrears have been persistent problems in Tanzania. Although there is evidence that procedures to control new arrears and clear past arrears have improved, the stock of payment arrears continues to hover at around 10 - 11% of total expenditure. Furthermore, despite the improving trend in relation to the preparation of financial accounts, several public statutory corporations still fail to prepare and publish their audited financial statements timely after the close of the fiscal year (PEFA 2022). Improving the transparency of Government reporting and accounting has been a recurring theme in the PFMRP phases for both Mainland and Zanzibar. Both delay in procurement completion, and capacity constraints in procurement management have been identified as major challenges for timely delivery of public services and implementation of development operations in Tanzania. About 70% of the annual budget of Tanzania, or US$13 billion, is spent through public procurement. Therefore, any improvement in the public procurement system is likely to result in significant economic benefits to the country in addition to improvement of efficiency in service delivery and enhancement of transparency. In efforts to continue resolving the PFM issues identified in Government and External reports/assessments including the PEFA 2022 diagnostic, the Government of Tanzania has recently developed and launched PFMRP VI which covers the period 2022/23 – 2026/27. PFMRP VI seeks to strengthen PFM in the Mainland, Zanzibar, and Local Government Authorities (LGAs) through a focus on five pillars namely: • Strengthening domestic revenue management and external resources mobilization. • Establishing a comprehensive budget management system. • Ensuring financial management system are fully integrated and harmonized. • Strengthening procurement and asset management; and • Strengthening audit and oversight functions – all with a view to promote efficient service delivery. 1.4. Program Objectives and Result Indicators The operation will enhance the capacity of the Mainland and Zanzibar to mobilize and manage public resources at the national level. The Program Development Objective (PDO) encompasses objectives regarding strengthened institutional capacity, efficiency, transparency, and accountability in public resource management. These objectives will be achieved through outcomes that aim for the achievement of the following targets: (i) Expansion in the taxpayer base (ii) Increase in procurement efficiency and transparency (iii) Average procurement cycle time reduced (iii) Resources are allocated, recorded, and reported, efficiently, accurately, and transparently (iv) Enhanced oversight capacity. The Program will incentivize the achievement of 6|Page a series of outputs that will pave the way for the achievement of these outcome targets. These outputs are highlighted in the Theory of Change diagram below. They include the rollout and modernization and integration of systems and institutional arrangements, that are expected to have a systemic impact on the capacity, efficiency, accountability, and transparency in impactful areas of public resource management. The theory of Change in Figure 2. 1 outlines the alignment of actions against the results. Figure 1.1 Theory of Change Key Challenges Activities Outputs Outputs Outcomes Outcomes KRA 1: Enhanced Revenue Management Short Term Medium Term Long term PDO Inefficiencies in a ) Support ta xpayer engagement programs. a ) Increased Ta xpayer engagement tax b) Provi de capacity building programs for TRA a nd compliance a dministration i mpede Sta ff. b) Enha nced knowledge and skills c) Support for enhancement and integration of of ta x offi cials a ) Expa nsion i n Tax base i mprovements i n ta x s ys tems. c) Strea mlined and integrated tax revenue col l ection a nd tax d) Support the establishment of a National VAT a dministration systems Lottery. d) Na tional VAT Lottery established pa yer compliance KRA 2: Strengthened Public Procurement Management a ) Public procurement i s done more Inefficiency a nd a ) Modernize e-procurement system covering a ) e-procurement sys tem modernized effi ciently a nd tra nsparently wi th l a ck of the entire cycl e of procurement and contract a nd i ts use expanded i ncreased va lue for money tra ns parency i n ma nagement and publish procurement data. b) Procurement cycl e time reduced ma naging public b) Ca pa city development and strategic c) Publ i cation of procurement data procurement communication program to enhance a doption i ncreased res ults in delays of e-GP a nd enhance procurement d) Green/sustainable procurement a nd cost overruns performance. fea tures adopted c) Introduce green/sustainable procurement e) More contracts a re awarded to the To s trengthen fea tures and capacity development program for women-owned SMEs. i ns titutional Improvements i n ca pa city, s ervi ce delivery KRA 3: Strengthened Financial Management effi ciency, tra ns parency Inefficiencies in a ) Budget processes / Fi nancial a nd fi nancial Reporting aligned with international a ccountability i n ma nagement a ) Support for the strengthening of budget s tandards. public resource a nd i nadequate s ys tems, documentation and guidelines. a ) Resources are a llocated, recorded ma nagement. tra ns parency b) Gender reponsive budget guidelines a nd reported, more efficiently, b) Bui ld ca pacity development programs for a ccura tely a nd tra nsparently es tablished. Wea knesses i n fi nancial management staff. PIM l i mit b) Enha nced knowledge and skills of s uccessful c) Support for i mplementation of PIM Fi nancial Ma nagement s taff. del ivery of Opera tional manual. development d) Investment Projects appraised in line projects wi th PIM Operational Manua and are KRA 4: Enhanced Accountability cl i mate informed. a ) External Audit Institutions Ina dequate i mprove compliance with respect to ca pa city i n Ins titutional Ca pacity Building a ) Support Institutional Capacity Development external a udit Fra mework (ICBF) AFROISAI- E of External Audit Institutions. a ) Improved a udit effectiveness ha s impeded s ta ndards and guidelines. developments b) Provi de capacity building for in b) Pa rl iamentarians tra ined on pa rl iamentarians for external audit report a ccountability external a udit report analysis. a na lysis. 1.5. PforR Program Scope The operation supports the PFMRP VI, and builds on the results achieved under the previous five phases of PFMRP by further strengthening public resource management, in the following areas that represent priorities for the development agenda of the URT (i) Expansion of the taxpayer base through greater efficiency in tax administration and incentivization of taxpayer compliance including innovative reforms such as the implementation of a National VAT Lottery and taxpayer awareness campaigns (ii) Modernization of e-procurement (iii) Strengthened Financial Management including improvements in the transparency of budget processes (iv) Improved accountability through enhanced external audit capacity and parliamentary oversight. The Program also addresses areas for development recognized in PEFA diagnostics including the 7|Page 2022 PEFA report for the mainland and the 2018 PEFA for Zanzibar. The Program also places emphasis on the implementation of climate-smart PIM management policy reforms that are covered by the current DPO series. In addition, transparency, climate issues, stakeholder and citizen engagement are embedded into the Program design. The specified project’s objectives and components are pursued under four (4) Result Areas as detailed below: Result Area 1: Supports core aspects of the government’s revenue mobilization agenda. Tanzania has made some progress in expanding tax collection, with the tax-to-GDP ratio increasing from 10 percent in 2004/05 to 11.8 percent in 2022/23, however there is much more to be done. Tanzania scores unsatisfactorily on the Tax Administration Diagnostic Assessment Tool (TADAT) compared to regional comparators2, with the weakest areas including ‘On-time Filing of Declarations’, ‘Accountability and transparency’ and ‘Efficient Revenue Management’. Such weaknesses distort tax policy and encourage informality which hinders expanded tax collection. This RA centers on reforms regarding enhancing the efficiency and accountability of the collection systems for tax. The associated DLI is “Expansion of the Taxpayer Base”. There are two parts to the DLI which are linked which seek an increase in both “Active businesses registered to pay tax” and “Taxpayers file VAT returns and make payments on time”. Both areas of focus are critical to increasing the taxpayer base and enhancing public resource management. The Program will support enabling reforms, including enhancement of the VAT e-filing system, the implementation of a National VAT lottery to incentivize Vat payment, Taxpayers awareness campaigns such as the Door-to-Door Campaign “Kampeni ya Mlango kwa Mlango”, effective implementation of the Block Management system and improvements in the inter-linkages between Tanzania Revenue Authority (TRA) ICT systems with those of other Government entities. Result Area 2: Support efforts to strengthen Public Procurement Management. The associated DLIs are – (i) increase of procurement efficiency and transparency by reduction of the procurement cycle time and publishing procurement data following the Open Contracting Data Standard (OCDS); and (ii) increased use of sustainable procurement features and increase of registered active local tenderers in NeST. The DLIs will cover specific activities to enhance the e-GP systems of the Mainland and Zanzibar to make the systems fully-fledged covering all procurement methods and all steps of each procurement method, contract management, and payment functionalities. The Program will also support – (i) interoperability of the NeST system with the MUSE and other financial management systems, (ii) development of procurement audit module of the NeST powered by Artificial Intelligence and Machine Learning features; (iii) update of the procurement capacity development curriculum; (iv) implementation of a comprehensive procurement capacity development program; (iv) strategic communication and change management program for country-wide roll-out of the e-GP systems; (v) development and adoption of the sustainable supply chain management policy covering the economic, 2 WB analysis TADAT 2018 8|Page environmental and social aspects of procurement; (vi) implementation of a special program to increase participation and awarded contract to Special Groups, particularly to the Women-owned SMEs; and (vii) implementation of the key policy recommendations of the ongoing Assessment of the Tanzania Public Procurement System following the MAPS methodology. Result Area 3: will support efforts to Strengthen Financial Management through support for a number of activities including strengthened budgeting processes, improved financial reporting, enhanced PIM, the introduction of gender responsive budgeting (Mainland) and improved asset management (Zanzibar). The associated DLIs are: (i) “Enhanced effectiveness of budget documentation for improved accountability” and (ii) “Increase in percentage of CAPEX going to appraised public investment projects” The latter has two DLSIs pertaining to Mainland and Zanzibar respectively. Result Area 4: supports efforts to “Enhance Accountability” through support for activities which strengthen capacity in the areas of external audit and parliamentary oversight. The associated DLI pertains to “Improved audit effectiveness and accountability”. This DLI comprises two DLSIs which focus on attainment of Institutional Capacity Building Framework (ICBF) AFROSAI-E standards and guidelines in Mainland and Zanzibar respectively. ICBF aims to identify areas of improvement in SAIs and how these can be achieved with an institutional perspective (capacity building); enable SAI benchmarking with other SAIs among the African Organization of Supreme Audit Institutions – English speaking (AFROSAI-E) members for common vocabulary and thinking (strategic and others); and serve as a basis for planning, development of manuals and guidelines, workshops, and monitoring and evaluation at the AFROSAI-E Secretariat. Technical coverage of ICBF comprises five domains: 1. Independence and Legal Framework 2. Organization and Management 3. Human Resources 4. Audit Standards and Methodology 5. Communication and Stakeholder Management. This RA builds on the success achieved under PFMRP V. The DLI promotes an improvement in Audit Quality through the National Audit Office of Tanzania (NAOT) and Office of Controller and Auditor General Zanzibar (OCAGZ) progressing to a higher level of attainment with respect to ICBF AFROSAI - E standards and guidelines. Current AFROSAI levels were obtained through support of previous phases of PFMRP. 1.6. Proposed Disbursement-Linked Indicator The Results Teams will submit evidence of achievement of their respective DLIs and DLSIs to PFMRP Secretariat annually. The validation of the results will be based on the verification protocol to be outlined in the POM. The PFMRP Secretariat will compile and submit evidence for the achievement of the results to the IVA annually. IVA will submit the verification report to PFMRP Secretariat which will present the IVA report to the PFM Joint Steering Committee for review and endorsement. 9|Page The endorsed report will be submitted by MOF to the World Bank for review and subsequent disbursement of funds. An arrangement for advancing funds against the expected achievement of DLIs and DLSIs will be made. The Program Expenditure Framework will be monitored to ensure continued adequacy of the government program financing. The PFMRP Secretariat has demonstrated its capacity for procurement, and financial management in its management of the previous five stages of PFMRP. Generally, the progress towards the achievement of the PDO will be measured through the following indicators: • PDO Indicator 1: Number of active businesses registered to pay tax increased. • PDO Indicator 2: Average Procurement cycle time (from invitation to award) for national competitive procurement in NeST reduced. • PDO Indicator 3: Enhanced budget documentation. • PDO Indicator 4: ICBF requirements of AFROSAI-E standards and guidelines achieved. 1.7. PFMRP Oversight and Implementing Arrangement The MOF is the lead implementing agency responsible for the execution of the Program. The other implementing MDAS are, in the mainland: TRA, Public Procurement Regulatory Authority (PPRA), NAOT; and in Zanzibar; the President’s Office Finance and Planning (POFP), OCAGZ, Zanzibar Public Procurement and Disposal of Public Assets Authority (ZPPDA). The Program will be implemented using the institutional arrangements currently in place for PFMRP VI. The institutional mandates, roles, and responsibilities for the management of PFMRP VI have been clearly defined. The PFMRP VI program is to be governed by a Joint Steering Committee (JSC) composed of representatives of the URT and the Revolutionary Government of Zanzibar. The JSC will be Chaired by the Permanent Secretary MOF and provide the regular strategic direction to guide the implementation of the Program to ensure results are delivered. The Good Governance and Reforms Division is mandated to advise the Chief Secretary on the coordination and leadership of reforms in URT and will advise the program in relation to other core reform programs. A representative will also be a member of the JSC. The implementing structure is shown in Figure 2.2. A Program Manager currently provides the high-level link between implementing agencies across Government of Tanzania and the Revolutionary Government of Zanzibar (RGOZ). The Program Manager is responsible for ensuring that planned activities are delivered on time, to the required quality, within budgeted resources and achieves the results specified. 10 | P a g e A PFMRP Secretariat has been established within the Ministry of Finance and reports to the Program Manager. The Secretariat`s role is to support the Program Manager in the coordination of PFMRP VI implementation. Their role is to enable efficient and effective implementation and review of PFMRP VI as detailed in an Operational Manual. The Secretariat includes a Coordinator for Zanzibar. A Program Coordinator reports to the Program Manager and is supported by an M&E Advisor, Procurement Advisor and Financial Management Advisor. Figure 1.2: PFMRP Oversight and Implementing Structure 1.8. Program Geographic Area and PFMRP Implementing Structure PFMRP will be implemented in both Tanzania mainland and Zanzibar. In Tanzania mainland, the principal implementers include the Ministry of Finance (MoF) and its agencies, the Ministry of Natural Resources and Tourism (MNRT), and Presidents’ Office Regional Administration and Local Government. For Zanzibar, implementers will be the President’s Office-Finance and Planning (PO-FP). The Permanent Secretary Treasury (PST) is the Chairperson of all the programme steering committee meetings. Heads of Department/ Institution are members of the steering committee, and the Director for Planning in the Ministry of Finance is the meetings’ Secretary. The Program Steering Committee is the decision-making committee for program implementation. 2. ESSA SCOPE AND METHODOLOGY FOR PFMRP This chapter presents the scope and methodology for the Public Financial Management and Procurement Systems for Service Delivery ESSA. 11 | P a g e 2.1. ESSA Scope The PFMRP Project’s ESSA focused on (i) identifying the potential E&S impacts/risks applicable to the project interventions; (ii) reviewing the country's policy and legal frameworks related to the management of E&S impacts of Program interventions; (iii) assess the capacities of the implementing institutions for the E&S impact management within the Program system; (iv) assessing the consistency of the client's systems with the six core principles and attributes defined by the Bank's Policy PfoR Financing3, including assessment of monitoring and evaluation systems for E&S issues; and (v) describing actions to fill the gaps as an input into the Program Action Plan to strengthen the project's performance concerning the core principles of the PforR instrument. 2.2. ESSA Approach and Methods In order to assess the existing systems and analyze how they are applied, the process of preparing the ESSA has drawn on a wide range of data. Inputs analyzed in this ESSA include the following: 1) Desk Review of Policies, Legal Framework and Program Documents: The review examined the set of national policy and legal requirements related to E&S management as well as public finance management and procurement systems in Tanzania. 2) Institutional Analysis: An in-depth institutional analysis was carried out to identify the roles, responsibilities, and structures of the relevant institutions responsible for implementing activities under PFMRP. 3) Interviews and Consultation with Implementing and Regulatory Authorities: Interviews were held with staff from 14 implementing agencies in Dodoma, Dar es Salaam and Zanzibar to ascertain their capacity to integrate E&S agenda in their operations. For Tanzania mainland, these institutions included PPRA, NAOT, Po – RALG, MNRT, Parliamentary Budget Office and TRA. Institutions which were covered in Zanzibar are Office of Controller and Auditor General Zanzibar; House of Representatives; Office of Treasury Registrar; Planning Commission; Public Procurement Authority; E-Government, Zanzibar (EGAZ); Zanzibar Institute of Accountants, Auditors and Tax Consultants (ZIAAT); and the Office of Internal Auditor General in Zanzibar (OIAG). The WB E&S Team met and convened discussion with over 60 officials from implementing institutions (Appendix 5). 4) Mult-stakeholders Consultation Meetings. The overall objective was to solicit stakeholders’ views on the PFMRP project. In particular, the consultations aimed to seek stakeholders’ contributions on how PFMRP can be implemented without adversely affecting the 3 The World Bank’s Operational Policy Directives as revised in 2022 - Program-for-Results Financing. 12 | P a g e environment and people; their perception on the project; E&S issues relevant to the program; potential threats/risks or challenges associated with the program; steps to be taken to address those threats/challenges; the role that stakeholders can play during execution of the program; stakeholders’ specific needs to be considered during project designs or in the implementation process; and steps to be taken by the project implementers to enhance the grievance handling process. 2.3. Systems Analysis Approach The system analysis in the ESSA was conducted using the Strengths-Weaknesses- Opportunities-and- Threats (SWOT) approach. The analysis focused on the strengths, gaps, potential actions, and risks associated with the systems that are currently in use in the Financial and Procurement subsector to address the E&S effects commensurate with the nature, scale, and scope of Program operations. This was structured to examine the arrangements for managing the environmental and social effects (i.e., benefits, impacts and risks) of the Program. In addition, the analysis examined the efficacy and efficiency of institutional capacity to implement the system as demonstrated by performance thus far. It examined the questions on whether the current system: (i) performs effectively in identifying and addressing E&S risks; (ii) mitigates adverse impacts; and (iii) provides transparency and accountability. The overarching objectives are to ensure that the risks and impacts of the PFMRP Program are identified and mitigated, and to strengthen the system and build its capacity to deliver the Program in a sustainable manner. This ESSA also proposes measures to strengthen the system. 3. THE ENVIRONMENTAL AND SOCIAL POLICY, LEGAL AND INSTITUTIONAL FRAMEWORK RELEVANT TO THE PFMRP A. Tanzania Mainland National Environmental Policy (2021): The National Environmental Policy (NEP) provides the framework for incorporating and mainstreaming environmental and social considerations into the decision-making processes in Tanzania. The original NEP was issued in 1997 and led to notable achievements in environmental management, including the enactment of the main implementing legislation in 2004, the Environmental Management Act (EMA). However, the Government has realized that, despite the positive results of implementing the 1997 policy, there were still significant limitations that constrained the implementation of the policy. These included: inadequate coordination among sectors in managing the environment; low public awareness and knowledge on environmental management; inadequate land use planning at various administrative levels; inadequate enforcement and compliance of legislation related to environmental management; inadequate alternative sources of energy and dependence on charcoal and firewood as the main source of energy; increased encroachment of water sources; limited capacity in terms of human and financial resources, infrastructure, technology, and tools; and inadequate environmental research, data and information on environmental issues. 13 | P a g e Furthermore, emerging environmental issues that were not explicitly addressed in the 1997 policy have become an evident. These are: Electrical and Electronic Equipment Wastes (e- wastes); Climate Change; invasive species; genetically modified organisms; management of oil and gas; and sound management of chemicals. For these reasons, NEP has been revised. The specific objectives of NEP (2021) are: • To strengthen coordination of environmental management in sectors at all levels. • To enhance environmentally sound management of land resources for socio- economic development. • To promote environmental management of water sources. • To strengthen conservation of wildlife habitats and biodiversity. • To enhance conservation of forest ecosystems for sustainable provision of environmental goods and services. • To manage pollution to sustain safe and healthy environment. • To strengthen the national capacity for addressing the impact of climate change. • To enhance conservation of aquatic systems. • To ensure safety in the application of modern biotechnology. • To promote gender considerations in environmental management. • To promote good governance in environmental management at all levels; and • To ensure predictable, accessible, adequate, and sustainable financial resources for environmental management. It is worth noting that, although the PFMRP project will not have significant physical activities that have potential adverse effects on people and the environment, procurement of ICT equipment is likely to generate e-wastes. While the generated e-wastes might not need any major environmental assessment, their disposal must be seriously considered and dealt with in compliance with the relevant national regulations. The Environmental Management Act (EMA), 2004: The EMA continues to be the principal implementing law for NEP, and the Ministry Responsible for Environment continues to play the role of carrying out the overall coordination of policy implementation. NEP defines responsibilities of other relevant actors including line ministries, Minister of Finance, NEMC, regional and local governments, development partners, and NGOs. This framework law, which effectively supersedes all other legislation (except for the Constitution), defines management instruments, establishes roles and responsibilities for key government agencies, and requires application of specific planning, assessment, and management methods and tools, according to the nature, scale, and location of potential impacts. Environmental Impact Assessment (EIA) became a legal requirement in Tanzania in 2004 under the Environmental Management Act 14 | P a g e (EMA). These instruments, which include the EIA,4 Environmental Audit,5 and Strategic Environmental Assessment (SEA), are currently operationalized depending on project context.6 The EMA (Section 83) requires that EIAs be done by qualified, experienced experts, adhering to the code of conduct contained in the Environmental Management (Registration and Practice of Environmental Experts) Regulations (2021). The EMA is currently under review to address emerging issues including streamlining responsibilities, institutional coordination, streamlining the ESIA process and the mandate and functions of NEMC. Sections 133-139 of the Environmental Management Act, 2004 prescribes the requirements to control import, export, transit, internal movement, and disposal of hazardous waste (including e- waste). Specifically, the Act emphasizes on prior informed consent procedures, local regulatory procedures (in-country permits), duty of local governments in hazardous waste management, duty of the generator of hazardous waste, and multi-sectoral collaboration in disposal of hazardous wastes. The Environmental Management (Control and Management of Electrical and Electronic Equipment Waste) Regulations, 2021: The main and primary objective of the Regulations is to promote proper management of e-waste to protect human health, and environment while ensuring sustainable development. The regulations apply to all categories of electrical and electronic equipment wastes with respect to generation, collection, storage, transportation, importation, exportation, distribution, selling, purchasing, recycling, refurbishing, assembling, dismantling and disposal of electrical and electronic equipment waste or components, and their movement into and outside Mainland Tanzania. In the Tanzania context, Electrical and electronic equipment waste include waste originating from equipment listed in the First Schedule to the Regulations (appended pg. 45 of the Regulation-see appendix 1). The regulation directs that: “Manufacturers or importers of electrical and electronic equipment listed in the First Schedule to these Regulations (i.e., Control and Management of Electrical and Electronic Equipment Waste Regulations of 2021) shall ensure that electrical and electronic equipment does not contain lead, mercury, cadmium, hexavalent chromium, polybrominated biphenyls or polybrominated diphenyl ethers”. Subject to sub-regulation (1), the Minister may exempt certain electrical and electronic equipment containing hazardous substances to be produced or imported in the country. The Regulations include provisions and directives on administration and institutional arrangement on e-waste (Part IV), control and management of e-waste (Part V), in-country 4 EMA (2004, Sections 81-98). 5 EMA (2004, Section 101). 6 Requirements for Strategic Environmental Assessment (SEA), in the identification, description, and assessment of potential positive and negative impacts and an analysis of alternatives, and proposed practical measures to avoid, mitigate or remedy negative impacts of bills, regulations, policies, strategies programs, and plans, are set forth in the EMA (Section 104). 15 | P a g e movements of e-wastes including requirements and conditions for the application of permit to collect, store and transport e-waste within the country (Part VI). Part VII provides requirements and conditions with regard to the Transboundary movement of e-waste which includes: - Application requirements and conditions for export and import and on-transit permits of e-waste; Notification to the Commissioner of Customs and the Exports Controller; Validity of permits for transboundary movement of e-waste; and Illegal traffic of e-waste. Part VIII guides on Extended Producer Responsibility (EPR) concept where it elaborates responsibilities of the generator of e-waste, product manufacturers and authorized dealers and consumers. The Regulations direct that the Minister, in the execution of the power vested upon him/her by these Regulations in managing e-waste, shall be assisted in discharging his/her duties under these Regulations by the Director of Environment, the Council (NEMC), Regional Environmental Management Expert, local government, the Environmental Inspectors. Procurement with subsequent installation of new electronic equipment might cause disposal of old or used electronic equipment leading to exacerbation of e-waste problems, thus the program implementation shall observe this law. Environmental Management (Hazardous Waste Control and Management) Regulations (2021): The Regulations control all categories of hazardous waste and address generation, storage, transportation, treatment and disposal of hazardous wastes and their movement into and out of Mainland Tanzania. They require hazardous wastes management to be guided by principles of environment and sustainable development namely: the precautionary principle; polluter pays principle; and the producer extended responsibility. The Regulations place responsibility to the generator of hazardous wastes for the sound management and disposal of such wastes and shall be liable for damage to the environment and injury to human health arising thereby. The regulations further recognize management and control of pesticides, radioactive and industrial and consumer chemical waste to be regulated under respective legislation. The Division of Environment issued in 2013 the Guidelines for Management of Hazardous Waste. The e-wastes which are expected to be generated while implementing this project are considered as hazardous and their disposal will have to adhere to these regulations. The Electronic and Postal Communication (Electronic Communication Equipment Standards and E-waste Management) Regulations, 2020: This Act covers: Electronic communications equipment imported or manufactured for use in the United Republic of Tanzania. The procured equipment must be for connection to any electronic communications network for the purpose of receiving or transmitting electronic communication signals. Part IV (Section 13-27) Provides roles and responsibilities of various actors including importers. Section 7 (1) (a) requires manufacturers and importers of electronic communication equipment to pay an eco-levy fee in respect of handling the end-of-life of the electronic. Sections 8 and 9 provides the requirement for technical evaluation and functionality test while Section 17(1) (b) requires manufacturers and importers to ensure the collection of e-waste resulting from the end of life of a product complies with the principle of EPR. This Act is relevant for Financial Management and Procurement 16 | P a g e Systems for Service Delivery because some implementing argencis will import and subsequently install electronic communications equipment to improve public finance and procurement management. The Environmental Management (Fees and Charges) Regulations, 2021: The regulations prescribe the fees for application for a permit to the collect, store and transport e-waste within the country. Fees for export, import and on-transit movement of e-waste is also provided in these Regulations. The Environmental Impact Assessment and Audit Regulations of 2005 and its amendments of 2018: The Environmental Impact Assessment and Audit Regulations No. 349 of 2005 were made pursuant to Section 82 (1) and 230 (h) and (q) of the Environmental Management Act Cap 191 of 2004 and its amendment in 2018. The regulations provide the procedures and requirements for undertaking ESIA for various types of development projects that have significant environmental impacts. In addition, the Regulations provide a list of projects that qualify for Environmental Assessment procedures in Tanzania. Regulation 46(1) classifies projects into two types: (i) Type A Projects requiring a mandatory ESIA; and (ii) Type B projects requiring a Preliminary Environmental Assessment (PEA). The First Schedule lists typical examples of Type A and B projects. The Regulation was amended in 2018 by The Environmental Management (Environmental Impact Assessment and Audit) (Amendment) Regulations, 2018, in which and project categorization was changed to “A” category for Mandatory Projects, “B1” category for Borderline Projects, “B2” category for Non-Mandatory, and “Special Category. ESIA is mandatory for Category “A” projects and may or may not be required for Category B1 depending on NEMC’s findings when it reviews the Project Brief and Scoping Report that include a proposed ESMP. Processing times for EIA Certificate applications are shortened in the amendment. The amendment also allows the Minister to issue a Provisional Environmental Clearance on advice from NEMC for industrial or agro-processing projects and the projects determined by the Minister to be in the national or public interest. The recipient of a Provisional Environmental Clearance is obliged to submit the project ESIA within four months and to comply with other conditions that may be in that clearance. Public Assets Management Guideline Revised Edition (2019): This guideline provides directives on how to manage assets in Central, Local Government Authorities, parastatal organizations as well as the donors’ funded and public – Private Partnership (PPP) projects. To ensure effective management of public assets, the guideline is updated from time to time. The guideline establishes a unified and consistent set of procedures for managing public assets during the course of service delivery. The guideline: (i) indicates responsible actors involved in managing public assets and their responsibilities; (ii) establish accountability and transparency when managing public assets; (iii) set controls and comprehensible instructions on public asset management; and (iv) harmonizes local assets management practices with the agreed international standards. 17 | P a g e In addition, the guideline has provisions for disposal of government assets to be done in accordance with Public Finance Act (PFA), Public Procurement Act (PPA) and any other legislations and guidelines. Methods of disposal shall be by Tender, Auction or any other method stipulated in a particular legislation approved by Paymaster General (PMG). The actual disposal process shall depend on the nature of the assets. For instance, disposal of hazardous assets shall be conducted in accordance with legislations and regulations that govern environmental conservation, for this case EMA (2004). After disposal is completed, the Accounting Officer shall update the assets register them accordingly. This guideline is relevant for this project since some the PFMRP benefiting institutions will replace and or dispose ICT equipment upon procuring new ones. B. Zanzibar Zanzibar Environmental Policy, 2013: The overall objective of Zanzibar Environmental Policy (ZEP, 2013) is to pave the way for the protection, conservation, restoration, and management of Zanzibar’s environmental resources, in order not to impair the capacity to sustain development and maintain the rich environmental endowment for the present and future generations. The Policy focuses on the following Objectives: (i) Ensuring the maintenance of basic ecological processes upon which all productivity and regeneration, on land and in the sea, depend; (ii) Promoting the sustainable and rational use of renewable and non-renewable natural resources; (iii); Preserving the terrestrial and marine biological diversity, cultural richness and natural beauty of Zanzibar’s lands; (iv) Ensuring that the quality of life of the people of Zanzibar, present and future, is not harmed by destruction, degradation or pollution of their environment and natural resources utilization; (v); Strengthening both institutional mechanisms for protecting the environment and the capabilities of the institution involved in the environmental management; and (vi) Incorporating and biding to the international obligations in Multilateral Environmental Agreements to which the United Republic of Tanzania (URT) is a Party. The policy considers the evolving international scenario in environmental Conventions and Protocols. Zanzibar is a part of the United Republic of Tanzania, but its environmental problems are reminiscent of those faced by other islands and Island States, hence, the necessity of Zanzibar to engage in regional and international stakeholders and networks, participate in and promote relevant Conventions, Protocols and Agreements. With regard to solid waste, the Zanzibar Environmental Policy (2013) as well as Zanzibar Sates of Environment (2021) points out that currently, there is insufficient data on the number of wastes generated in Zanzibar (Unguja and Pemba). Over 60% of solid waste generated (organic, inorganic, e-waste etc.) in Zanzibar are not properly collected and therefore accumulated in various areas. This is despite the fact that the policy commits that, the Government in collaboration with the private sector and other stakeholders will improve waste management practices at all levels. The implementation strategies have been outlined as follows: 18 | P a g e • Promote proper and appropriate infrastructure services required for waste management (handling, reduction, collection, disposal recycling, reuses and treatment). • Promote proper and appropriate environmental sanitation facilities. • Promote public private partnership and community involvement and participation in waste management. Promote public awareness on proper waste management practices. • Promote environmental standards and guidelines for waste management. • Promote cleaner production techniques to reduce waste at sources; Promote polluter pay principles. In 2018, the Revolutionary Government of Zanzibar passed its Solid Waste Management Strategy. The strategy focuses on areas with corresponding objectives are detailed below: Strategic Focus Area 1: Establishment of cost effective and sustainable SWM infrastructures and practices in the Zanzibar islands. The strategic area 1 aims to achieve eight objectives including: a) To develop, implement and enforce a comprehensive National SWM Act, guidelines & regulations. b) To establish effective National/Regional, Inter Municipal-District SWM cooperation structures. c) To establish engineered/sanitary Landfills in Unguja and Pemba Islands. d) To establish effective and sustainable SWM collection /transport facilities and equipment in Urban and Tourist areas on Unguja and Pemba Islands, and to increase collection coverage in rural areas, when feasible. e) To achieve full O&M cost recovery of municipal/district SWM system operations. f) To ensure Hazardous Wastes and Health Care Risk Wastes are handled and disposed of in accordance with international safety standards. g) To develop/implement tailored SWM Public Awareness & Communication programmes Objective; and h) To stimulate NGO/CBO’s and Private Sector involvement in SWM to the maximum possible extent. Strategic Focus Area 2: Development and implementation of feasible waste minimization / treatment technologies: The strategic area two is designed to meet the following key objectives: a) To promote, investigate, and facilitate feasible recycling options for ‘dry’ wastes. b) Promote and implement feasible treatment options for ‘wet’/organic wastes. c) To develop and implement Recycling and Composting PAC programmes; and d) To stimulate/facilitate NGO/CBO’s and PS involvement in waste minimization / treatment to maximum possible extent. The weakness/limitation of this strategy is that it does not cover e-waste issues directly and adequately. The Zanzibar Environmental Management Act No. 3 of 2015: This Act is the principal legislation governing management of coastal and marine resources in Zanzibar. It has provisions for establishment of protected area system in Zanzibar, control and management of specific 19 | P a g e environmental threats and biological diversity as well as provisions for general environmental obligations, administration, planning including ESIA. Under this Act, the Zanzibar Environmental Management Authority (ZEMA) is mandated to undertake enforcement, compliance, review, and monitoring of environmental and social impact assessment. The ZEMA has also a role of providing general supervision and coordinating over all matters relating to the environment in Zanzibar. The Act also vests power to the Authority to determine whether the proposed project should be subjected to an ESIA, approves consultants to undertake the ESIA study, invites public comments by way of public hearing and has the statutory authority to review ESIA and issue ESIA certificate or refuse to do so. The Environmental Management Act obliges developers to conduct an ESIA prior to the commencement of the project to determine whether the project may/or is likely to have a significant impact on the environment. Section 56 makes ESIA mandatory to all projects that fall under the ESIA mandatory list (Schedule 2). The proposed construction of regional statistic offices in Zanzibar and the management of e-waste are among those included in the mandatory list of projects requiring ESIA. Hazardous Substances: Zanzibar has no reliable data regarding importation of hazardous substances. This is despite that the country imports substantial number of hazardous substances for various socio-economic activities. Increasing accumulation of toxic chemicals in Islands raise environmental concerns of contamination of soils and subsequent pollution of both surface and ground water aquifers and finally jeopardize public health and environment. The situation is complicated because in Zanzibar there are no clear guidelines and measures for the management of hazardous substances to protect the environment. In 2020 Zanzibar made an attempt to enact regulations to regulate, control and manage hazardous waste but it was not approved by the House of Representatives. Zanzibar Environmental Assessment Regulations (2019). It provides the procedure to be followed towards EIA certifications or permit for the projects that have been subjected to EIA. The regulations provide for compliance & enforcement and also has provision for environmental audit and monitoring. However, the Regulations do not contain any clause directly related to electronic waste management. The Public Procurement and Disposal of Public Assets Act (2016), Zanzibar: This is a principal legislation that govern public procurement and public asset management issues in Zanzibar. This Act establishes a Public Procurement and Disposal of Public Assets Authority which is autonomous body of the government responsible to oversee procurement and disposal of public asset. Its core functions include instituting procurement or disposal audits of the execution of an awarded bid; undertaking audit after the completion of the contract in respect of procurement or disposal, as may be required; set standards for the public procurement and disposal systems in Zanzibar; monitoring compliance with procurement and disposal regulations among others. Part Iv provides for basic procurement for procurement and disposal principles; Part V provides public procurement and disposal rule, while part Vi provides for methods of procurement and disposal of public assets. The disposal process can be initiated by Treasury Registrar Office through sending a request letter to several government institutions and 20 | P a g e departments inquiring about the availability of equipment or property that has to be disposed of. In some cases, the Office of the Treasury Registrar may receive a request from government institutions and departments inquiring about the availability of items/equipment or property that has to be disposed. Zanzibar’s business process for Treasury Registrar Office system that guides disposal of public assets is detailed in Annex 1. This Act is relevant for PFMRP as it might involve disposal of ICT equipment following procurement and installation of new equipment. Tanzania Mainland This section presents information on institution and legal requirements for data protection and protection of workers against further spread of diseases including HIV/AIDs and Covid-19. eGovernment Act No. 10 of 2019: part VI of the Act from section 27 to section 35 provides for e-Government services under the act. Also, part VII of the Act from section 36 to section 46 provides for the e-Government Security. In terms of data security, the part VII of the act provides for e-Government security in which section 36 to section 46 provides for security. The section among others provides for establishment of e-Government Security Operations Centers, ICT security governance and management, Security of ICT assets, ICT security incident management and ICT security compliance and audit. Part VIII of the Act provides for data security in which section 47. 48 and 49 provides for electronic data management, data sharing and exchange and data standards respectively. In order to facilitate the operationalization of the 2019 Act, the e- Government General Regulations, 2020 were formulated in which part VI provides for electronic data management, collection or creation, maintenance, data storage, disposal, sharing and exchange and the principles of electronic data sharing and exchange. The Government Cyber Security Strategy 2022. It lays out a collective plan to defend against cyber-attacks and make government MDAs more secure. It is envisaged that the Government ICT service platforms, data, and key infrastructures will be better protected from present and future security threat through the measures put in place according to this Strategy. It takes a more proactive stance to address threats, broadens the scope of protection and seeks to develop deeper collaboration and coordination with institutional stakeholders. Therefore, the Government Cyber Security Strategy 2022 has been developed with five objectives: a) To undertake research and develop cyber security technologies. b) To enhance government ICT infrastructure and e-Services Protection c) To strengthen cyber-security and resilience of ICT systems d) To improve cyber-security skills, knowledge, and awareness; and e) To enhance management of cyber security risks and incidents. Cyber Crime Act of 2015: To enhance cyber-security related issues Tanzania enacted the Cyber Crime Act in 2015 which serves as principal legislation in governing cybercrime related matters in the country. The law has provisions on offenses and penalties (Part II), jurisdiction process (Part III), search and seizure (Part IV), and liability of service providers among others (Part V). 21 | P a g e Other relevant legislations in Tanzania are: Electronic and Postal Communications Act, No. 3 of 2010 [CAP 306 R.E 2002; Penal Code [CAP 16], the Tanzania Electronic Transactions Act of 2015. Some international regulations providing for data protection and cyber-security and that may be relevant to this project include the General Data Protection Regulation (GDPR); and the Payment Card industry, Data Security Standards (PCI DSS). The National HIV/AIDS Policy 2001: The policy is intended to raise the level of HIV/AIDS as a significant development crisis that affects all sectors, including financial. Significant sections of the policy include Chapter 4 deals with the rights of people living with HIV/AIDS, and Chapter 5 deals with the prevention of HIV/AIDS. It recognizes HIV/AIDS as an impediment to development in all sectors, regarding social and economic development, with severe and direct implications on social services and welfare. The mitigation of HIV/AIDS within the project period has been developed, taking cognizance of this policy. The policy is also essential for implementing this PforR program because it might escalate further spread of HIV/Ads. Program activities will necessitate enhancement of technical and technological capacity of staff to achieve effective execution of PFM. Such capacity building will increase engagement and interactions among staff of participating institutions and external experts which might expose them to GBV and SEA risks. Preparing the proposed activities under the PFMRP PforR program will ensure that the HIV/AIDS policy is adhered to in the provision of services by MoF and PO-FP. The HIV and AIDS (Prevention and Control) Act No. 28 of 2008: The Act generally require that adequate information on the acquisition, transmission, prevention and post-infection of HIV/AIDS is provided to the public, including workers at workplaces. It is required by this Act that every employer (here, the MoF & POFP-Zanzibar), in consultation with MJNUAT, to establish and coordinate a workplace program on HIV/AIDS. The program must include, among other things, the provision of gender-responsive HIV/AIDS education and protection gear, including condoms, which meet Tanzanian standards as certified by TBS. As a consideration of the right to privacy, the Act prohibits compulsory HIV testing for any person as a condition necessary to obtain its requirements, including a job. It further requires total confidentiality of results of HIV tests of any person against their own will except for exceptional cases involving children, disabled persons, spouses or sexual partners or court. Alongside measures to combat the spread of HIV/AIDS the threat of Covid 19 should also be given priority as it is the new entrant in the global pandemic burden. Facilities for hand washing at every entrance of a building should be installed and preventive approaches include wearing face masks and mass sensitization and inoculation. The Penal Code (revised 2002): The Penal Code (revised 2002) has criminalized various GBV offences through the 1998 Miscellaneous Amendments also known as the Sexual Offences Special Provisions Act (SOSPA). The SOSPA was legislation intended to amend several written laws, making special provisions in those laws concerning sexual and other offences to further safeguard the personal integrity, dignity, liberty and security of women and children. The 22 | P a g e legislation introduced and widened the offences to include trafficking in persons, sexual harassment as well as prohibiting FGM. The SOSPA introduced stiff penalties for sexual offences: the imposition of a minimum sentence of 30 years, imprisonment and compensation to a survivor of violence and life imprisonment if the survivor is a child is less than 10 years; Gang rape is punishable with life imprisonment; gross indecency with a punishment of imprisonment of not less than 10 years; sexual exploitation of children with a punishment from 5 to 20-year imprisonment; grave sexual abuse with a punishment of imprisonment between 15 to 30 years and in cases where the survivor is less than 15 years, imprisonment from 20 to 30 years. a) Ministry of Finance and the President’s Office-Finance and Planning Environmental and Social Responsibilities The Ministry of Finance (MoF) and the President’s Office-Finance and Planning (PO-FP) will provide oversight and coordination of PFMRP implementation. The Permanent Secretary Treasury (PST) is the Chairperson of all the program steering committee meetings and its members will be Head of Departments/ Institutions. The Director for Planning in the Ministry of Finance (MoF) is the meetings’ Secretary. Head of implementing agencies will be overall in- charge of the project in their institutions. The day-to-day preparation/coordination/implementation/reporting of the Project activities will be coordinated by the Project Coordination Unit (PCU) which will be led by (Project Coordinator, Monitoring and Evaluation Specialist, Project Accountant and Procurement Specialist). Each Division/Unit as a beneficiary of project will have a focal person/budget officer who will be a champion in implementing project activities in their Division/Units. The MoF and PO-FP will be responsible to ensure the project meets its environmental and social requirements. In respect to management of e-waste and ensuring data protection, the two ministries will ensure each benefiting institution have required capacity to meet project’s E& S requirements. For instance, to ensure data protection, MoF and PO-FP will ensure the ICT departments of the benefiting institutions comprises of individuals with expertise in database, network, application management as well as risk and compliance. In addition, ICT personnel will be capacitating and get the required professional certifications in their areas of expertise. Procurement and disposal of electronic equipment shall be done in accordance with the Environmental Management (Control and Management of Electrical and Electronic Equipment Waste) Regulations, 2021. In addition, the implementing institutions will be required to embrace sustainable procurement such as green procurement as currently stipulated in the Public Procurement Act (PPA) No 10 of 2023. Currently, none of the implementing institutions have a department or unit that deals with environmental and social issues. To fill this gap, the MoF, PO-FP shall hire E&S specialists and 23 | P a g e get integrated to the PIUs at the MoF and PO-FP, respectively. They will work on a full-time basis to ensure close supervision, monitoring, and reporting of E&S issues. b) Office of the Vice President – Director of Environment (VPOE) The Vice President’ Office has the overall mandate to oversee environmental issues in Tanzania. The EMA Cap.191 Section 13 give powers to the Minister for Environment to issue guidelines and regulations relating to the environment, including the articulation of policy guidelines for its promotion, protection and sustainable management, and designate duties to relevant entities. The Division of Environment (DoE) within the Vice President’s Office is led by the Director for Environment. The EMA, Cap. 191 Section 14 directs the Director for the Environment to coordinate and report on environmental related aspects and activities in the country. Consequently, the Division is responsible for overseeing and coordinating the implementation of the environmental policy, the Environmental Management Act and EIA Guidelines; approving, signing, and issuing Environmental Certificates; advising the government on all environmental matters; enforcing and ensuring compliance with national environmental quality standards; and providing policy direction and leadership on all environmental matters. As already stated from the very outset, e-waste is one of the environmental risks associated with PFMRP operations. According to the existing institutional arrangement on e-waste management in Tanzania mainland, VPO through the Division of Environment (DoE) is responsible in issuance of permits and policy making related to importation and exportation of e-waste. According to the Environmental Management (Control and Management of Electrical and Electronic Equipment Waste) Regulations (2021), functions of the Minister responsible for the Environment are provided in Section 8. While functions of the Director of Environment (in the VPO) are provided in Section 9 and the functions of NEMC appear in Section 10 and specifically powers of the Environmental Inspectors (within NEMC) are on Section 11. Another key player is the LGAs whose functions are prescribed in Section 12. c) The National Environment Management Council (NEMC) NEMC is a corporate body established under EMA (2004) Section 161. It has mandates for enforcement, compliance, review and monitoring of EIAs, including the facilitation of public participation in environmental decision making. NEMC has five key divisions, each related with a relevant aspect of environmental management (Compliance and Enforcement; Environmental Impact Assessment; Environmental Information, Communication and Outreach; Environmental Planning and Research). To ensure compliance, the project must be issued an environmental license or permit, which confirms that all necessary E&S due diligence requirements have been fulfilled. NEMC also provides periodic oversight, monitoring the national portfolio of activities to ensure that no adverse cumulative effects are caused. NEMC further provides oversight and technical assistance at the district level when required. In general, NEMC performs three critically important roles: (i) To oversee the Environmental and Social Impact Assessment (ESIA) process; (ii) To train 24 | P a g e district officials to carry out environmental and social due diligence monitoring; and (iii) To monitor the implementation of environmental and social safeguards. To ensure effective monitoring of the implementation of E&S safeguards, the country is divided into zones, to streamline the operations to cover all administrative Regions. There are nine (9) Zonal Offices, namely: (i) Northern Zone - Arusha, Kilimanjaro and Manyara regions; (ii) Lake Victoria Zone - Mwanza, Mara, Shinyanga, Geita and Simiyu; (iii) Central Zone - Dodoma, Singida and Tabora; (iv) Western Zone - Kigoma, Kagera and Rukwa; (v) Southern Highlands Zone - Mbeya, Iringa, Njombe and Songwe; (vi) Southern Zone - Ruvuma, Mtwara and Lindi; (vii) Eastern Zone (North) - Tanga, Bagamoyo, Chalinze; (viii) Eastern Zone (South) - Kigamboni, Temeke and Ilala; and (ix) Morogoro and Rufiji Special Zone. PFMRP will benefit from this decentralization of NEMC’s power. With regard to e-waste management, NEMC is responsible for enforcement of the EMA (2004) and its regulations, for this case: The Environmental Management (Control and Management of Electrical and Electronic Equipment Waste) Regulations, 2021). Specifically, NEMC is required to coordinate permits related to generation, collection, storage, transportation, importation, exportation, distribution, selling, purchasing, recycling, refurbishing, assembling, dismantling and disposal of electrical and electronic equipment waste or components, and their movement into and outside Mainland Tanzania. Currently, Zanzibar has no proper institutional arrangement for e-waste management, therefore PFMRP implementing institutions in Zanzibar will seek assistance from NEMC in all issues related to procurement of ICT equipment and disposal of e-waste. The PO –FP will coordinate and facilitate collaboration between PFMRP implementing institution, ZEMA and NEMC on e- waste issues. d) e Government Regulatory Authority (e-GA) and Data Protection The government of United of Tanzania published its National Information and Communications Technology (ICT) Policy in 2003 which emphasizes on adoption of e-Government7. The government hopes that by using e-Government will increase and improve the quality of its services in public sector (Dewa, 2014); and provide citizens with a more efficient means of interacting with government service providers through increasing information flow both internally and externally. The government also adopted the e-Government strategy in 2013 which was revised in 2022, with the goal of improving government efficiency and providing better services to citizens. Since then, the e-government has been implemented in four stages which are: digital presence, interaction, transaction, and transformational (URT, 2013). For the government to meet its e-Government vision and successful implementation of e- Government Strategy, “e-Government Standards and Guidelines” and e-Government Authority 7 The digitalization of the government is known as electronic government and abbreviated as “e-government” which is broadly defined as governments’ use of information and communication technologies (ICTs) paired with organizational reform to improve government structures and operations (Fang, 2002). 25 | P a g e (e-GA) were established in 2019. The e-Government Standards and guidelines aimed at assisting the delivery of more consistent and cohesive services to citizen and support the more-cost effective delivery of ICT services by Government. On the other hand, the e-Government Authority (e-GA) is a public institution established in 2019 under the e-Government Act, No. 10 of 2019 to coordinate, oversee and promote e-Government initiatives and enforce e-Government related policies, laws, regulations, standards, and guidelines in public institutions. It is a succeeding institution to e-Government Agency that existed from 2012. The main roles of the Authority include: - (i) To implement, maintain and manage shared ICT infrastructure (e.g. The Government Communication Network (GovNet) which is a secured and affordable shared network communication across the Government to facilitate communication; and the Government Data Centres for Hosting Government systems etc. ); (ii) To develop and support shared ICT systems (Examples of such systems that have been implemented include:- the Government Electronic Payment Gateway (GePG) - a centralized system, connected to all available electronic revenue collection channels for the process of facilitating electronic money transactions for collections of Government revenue from the public; Mobile Government (mGov) platform – a system designed for Government institutions to provide services to Citizens by means of mobile channels through mobile apps, SMS and USSD; National e-Procurement System of Tanzania (NeST) - an electronic system that facilitates public procurement process (e- registration, e-tendering, e-contract, e-payment, e-catalogue and e-auction); Others are Human Capital Management Information System (HCMIS) , Government Mailing System (GMS), electronic office (e-Office), Tanzania electronic Single Window Systems System (TeSWS), Enterprise Resource Management Suite (ERMS) and many others; (iii) To develop mechanisms for enforcement of ICT Security standards and guidelines, provision of support on ICT security operations and implementation of Government-wide cyber-security strategies; and (iv) To enforce Compliance to the e-Government Act, Regulations, Standards and Guidelines for Public institutions. Like e-GA in mainland, in Zanzibar, eGovernment of Zanzibar (eGAZ) spearhead electronic government in the isles. It has been mandated with the following responsibilities: Developing and administering the implementation of ICT policies, rules and guidelines in the public services; Regulate development and application of ICT in the public services; giving effect to the policy directives and other decisions made by the Government in relation to ICT in the public service; Establish frameworks to facilitate and co-ordinate accessibility of e-Government services; advising relevant authority and any public institution on the appropriate utilization of ICT in the administration and public services delivery; establish, managing and maintaining shared and central e-Government systems and services; establish and maintaining the open data system for public use; harmonizing and coordinating e-Government interventions, developments and systems in the public service; establish and maintaining registers of e-Government systems and services; establish and maintain records of ICT experts, recommend benefits, and coordinate 26 | P a g e their allocation in the public service; supervising e-Government projects performed by public institutions; establishing monitoring and evaluation system for assessing performance of the e- Government; and certifying the compliance of information systems with the requirements for interoperability, safety and security. Exercise powers under the convention and treaties adopted by the Government on matters relating to e-Government; Conduct research and development activities on matters pertaining to e-Government; and perform any other function that may be necessary for the better carrying out of its objectives under this Act. In discharging its duties eGAZ faces number of challenges including Inadequate of ICT professional and equipment; poor awareness and understanding of electronic payments system; inadequate budget for long- and short-time training for e-GAZ Staff; a lack of Government Data center; a lack of institute travel car for providing awareness to the citizen living on remote area; and working space. e-Government Authority (e-GA) Support to other Government Institutions The e-Government Authority (e-GA) provides various services to the public institutions to enable them implement and use ICT systems in an efficient, effective, and secure manner. With regards to ensuring security of ICT systems in the Government, the Authority provides several services including: a) Setting standards and guidelines for e-Government that embed security consideration in the implementation and use of ICT systems. b) Providing security training to ICT staff in the public institutions. c) Providing secure Infrastructure for hosting ICT systems in the Government Data Centers; and also providing secure and affordable shared network communication infrastructure across the Government to facilitate communication as well as data exchange. d) Performing Security testing of ICT systems implemented by public institutions before their deployment into production. e) Performing continuous online surveillance of the public institutions cyber space though routine assessments and monitoring. f) Research through various sources and share emerging cyber security threats to public institutions for proactive preparedness and prevention of cyber related risks. The Authority is a constituent member of the Tanzania Computer Emergency Response Team (TZCERT) which also assists with international coordination with regards to cyber security management; and g) Rescue public institutions by working with them in recovering from any cyber incidents/attacks. Discussion with eGA officials (see details of discussion on appendix 5) revealed that these specified services are available to all public institutions, and they can be accessed through normal procedures in the Government Communication such as writing a letter or sending an 27 | P a g e email. Further, there are ICT officers who are Security Champions known as Single Point of Contact (SPOC) in each public institution. The role of the SPOC is to facilitate close coordination of cyber security management between the Authority and public institutions. For PFMRP implementing institutions to enhance data protection and fight against cybercrime they will need to intensify their cooperation with eGA and eGAZ. Challenges that the e-Government Authority Faces Despite its success in implementing electronic government, the e-GA faces a number of challenges (see the detailed challenges in appendix 1), the following are the main challenges related to data protection and cybersecurity: ▪ Increase of cyber-attacks on government systems. ▪ Not all institutions are connected to the secure Government network. Inadequate consolidation of institutions into one network where specific data protection and security rules can be applied to ensure security of data makes it a challenge to protect all institutions. ▪ There is still inadequate capacity (technical skills and technologies) such as security monitoring tools for cybersecurity management in some public institutions. ▪ The awareness on cybersecurity issues is not adequate for all users of the ICT systems in the institutions making some of the institutions vulnerable to some common cyber-attacks such as through social engineering. ▪ Limited awareness of existing e-Government security laws, regulations as well as standards and guidelines among public servants and law enforcers. ▪ A lack of some essential security standards and guidelines that need to be developed and implemented. ▪ Inadequate cybersecurity tools to support combating cyber security events. ▪ Insufficient customer support systems (Helpdesks) for handling Government cyber security-related complaints. ▪ Lack of adequate skills and mechanisms for detecting, managing, and responding to cyber incidents. high level of computer illiteracy, including cybersecurity-related issues in the society, and reliance on external experts and technology solutions in the area of Cyber security ▪ Different pace in establishing and adopting e-Government initiatives among public institutions and inadequate skills in public institutions to cope with emerging technologies. ▪ Insufficient customer support systems (Helpdesks) for handling e-Government related complaints; and ▪ Inadequate Government Data-center Resources including computing servers, storage facilities and WAN bandwidth are among the critical issues, which need immediate Government’s attention. 28 | P a g e The PFMRP implementing institutions will be required to seek assistance from eGA in cases they face tone of the challenges. This is important to strengthen their capacity to protect data and fighting against cybersecurity challenge. 4. ESSA FINDINGS AND POTENTIAL ENVIRONMENTAL AND SOCIAL EFFECTS OF THE PROGRAM This chapter presents findings on potential environmental and social effects of the by focusing on the nature of activities planned to be implemented under the proposed PFMRP program. 4.1. Potential Environmental and Social Economic Benefits Social benefits: The proposed interventions The Program will have mostly positive benefits as explained below. Social benefits: The proposed interventions will set up vigorous systems that will strengthen financial management and procurement systems in Tanzania. It also targets to fully integrate and harmonize financial management systems, promote, and advance e-procurement, and asset management which will enhance transparency and improve efficiencies for the entire cycle of PFM. These benefits will be achieved through implementing different activities including Improving of domestic revenue mobilization and debt management; strengthening public procumbent management; and improving management of public expenditures, financial reporting, and accountability. Environmental Benefits: The Specific examples of environmental benefits of the Program include: • Through the PAP actions the program will support, MoF, PO-FP and their implementing agencies in capacity-building interventions, including environmental risk management. • It will increase awareness and capacity of the implementing institutions on sustainable e- waste management. • Promotion and advancement of green procurement will benefit the country in many ways. For instance, implementing agencies will be encouraged to procure ICT equipment and products which are recyclable (e.g., eco-label for computers), re-usable, energy serving, long-lasting (long functionality); products with lowest possible radiation and emission of noise and pollutants; products which are reparable and whose spare parts are deliverable; products with duplex function; and • The implementing agencies will be encouraged to procure products from the producer or supplier who are liable under the contract to take back the old machines and dispose them in an environmentally sound way. This will be central to the implementation of e-waste regulations which encourage Extended Producer Responsibility (EPR). 29 | P a g e 4.2 Potential Environmental and Social Risks and Impacts Social Risks and Impacts: Potential social risks associated with this Program are related to possible misuse of shared data and digital security concerns both in relation to data protection and cyber-security. Social risks might arise due to integration and harmonization of financial management systems and e-Procurement which could compromise security of personal and institutional information due to invasion and infringement. This can lead to social tension and misunderstanding among the participating institutions and individuals. To address such risks, the participating institutions will require to take necessary measures to enhance safety and protection of individuals and institutions’ data against leakage and cybersecurity threats. The project will also need to assess the extent to which data protection and security is already implemented by the participating institutions; devising and or updating the existing ICT Security Policies; undertaking vigorous capacity building for IT personnel and other staff on data protection and cybersecurity as well as carrying out Cybersecurity Audit. Cybersecurity Audit is important for determining whether participating institutions have proper cybersecurity mechanisms and complies with relevant regulations and good international practices. Possibility of exclusion and discrimination of vulnerable individuals and groups from project benefits: The project benefits especially those related to capacity building of officials in areas of financial, procurement and asset management may not target all staff within the implementing institutions. With advice from the World Bank, the implementing institutions will devise a mechanism which will ensure equitable treatment of any vulnerable groups and particularly accrue project benefits. Further, spread of Sexually Transmitted Diseases (STDs) and potentially increase of Gender based Violence (GBV) and Sexual Exploitation and Abuse (SEA). GBV, and SEA are likely to happen because the Program activities will necessitate enhancement of technical and technological capacity of staff to achieve effective execution of PFM. Such capacity building will increase engagement and interactions among the staffs of the participating institutions and external experts which might expose them to GBV and SEA risks. Environmental and Health Risks and Impacts associated with Electronic Waste The environmental risks of this Program are those related to electronic waste generation (e- waste). For effective implemenation of PFMRP, participating institutions will procure a lot of electronics. Likewise susbstantial amount of ICT equipment are likely to be disposed, leading to an increase in e-waste problems. ESSA has found that nearly all the implementing agencies are aspiring to procure substantial amount of ICT equipments and subsequently will replace and or dispose of some existict equipment (Table 4.1 & 4.2). 30 | P a g e Grievance handling process. ESSA consultations aimed to seek stakeholders’ views on how PFMRP planned activities can be implemented without causing any grievances among the communities and other stakeholders. These were also complemented by the assessment of implementing agencies for their capacity and systems in place to effectively handle any grievancies that may arise throughout programme implementation. Below summarises the findings. - Stakeholders confirmed that planned program activities will unlikely trigger any grievances due to minimal interaction with communities and other stakeholders. - Assessment confirmed that existing multiple grievance reporting and resolving channels and systems that are well-functioning and have the capacity to handle any grievances that may arise. These GRM systems include e-mrejesho (https://emrejesho.gov.go.tz/) and SEMA na RAIS MWINYI (https://snrmwinyi.co.tz/app/home). These are both electronic based systems whereby any person can log in and submit grievance, make a follow up on resolution status, share comments on a particular government service delivery performance etc. These systems are easily accessible through the google play store any other electronic devices and can be accessed by both internal and external stakeholders. Further to the above, any person with a phone can raise grievance by dialling these codes, *152*00# which provides different complain and grievance submission options. - The existing Government authority that is responsible for resolving complaints and appeals arising from public procurement processes (Public Procurement Appeals Authority-PPAA) Despite the fact that planned program activities are unlikely to trigger any grievances, the assessment concludes that, government has effective GRM systems which can handle any grievance and complains associated to PFMRP. Table 4.1: Types of ICT and Infrastructure to be procured and disposed following PFMRP Implementation in Tanzania Mainland S/N Institution ICT Equipment and Infrastructure ICT Equipment and Infrastructure to to be Procured be Replaced and or disposed 1. PPRA ▪ Data Storage (3); High end ▪ Computer and laptop: High end synergy and Servers (9) modern computer and laptop with ▪ Network infrastructure (Routers: high specification 6, SAN Switches: 6, DC ▪ High end Synergy and Servers: 31 | P a g e S/N Institution ICT Equipment and Infrastructure ICT Equipment and Infrastructure to to be Procured be Replaced and or disposed Switches: 6, Firewalls: 6) High end servers for primary and ▪ Licensed and security monitoring standby as per NeST infrastructure software (4); Back up appliance architecture (3) ▪ Network infrastructure: Modern ▪ Energy backup solution and router, SAN switch and other security equipment (3) security equipment for primary, ▪ Computer and laptop: standby, and back up. (Computers: 150 and Laptops: 80 ▪ Storage: High end modern storage – the number includes help desk with high capacity for long time data centre). handling and load balancing. ▪ Projector 15 & Storage media (5). ▪ Licensed and security monitoring software: Third party licensed software and real-time monitoring for security and performance software. ▪ Energy back-up solution and security equipment: Well-structured back-up plan for standby plan and firewalls solution 2. NAOT ▪ Homegrown Audit Management ▪ Computers – 600 Systems ▪ Projector – 25 ▪ Computers – 450 ▪ Printers – 30 ▪ Multifunctional photocopier – 30 ▪ Multifunctional photocopier – 25 ▪ Paper shredder – 30; Biometric ▪ Screens for Video conference Attendance Terminal – 30 facilities – 5 ▪ Data recovery tools- 2 ▪ Servers – 6 ▪ Screens for Video conference ▪ Routers-16 facilities – 5 ▪ Switches -16 ▪ PA system for conference the room 2 ▪ Servers – 6; Routers-13 & Switches -13. 3. PO– RALG ▪ Desktops (25); Laptops (15); ▪ POS devices (7000) servers (02) ▪ Routers (210) ▪ virtualization software (02), ▪ LAN switches (216). ▪ Security Management Software (01; Server management Tool (01) ▪ storage (SAN) (02) 32 | P a g e S/N Institution ICT Equipment and Infrastructure ICT Equipment and Infrastructure to to be Procured be Replaced and or disposed ▪ POS devices, (7000) ▪ LAN switches (216) ▪ Routers, (210); SAN switches (02) & Firewall devices (01) 4. MNRT ▪ Storage equipment to increase NIL storage capacity for MNRT Datacentre and Disaster Recovery Site for Arusha and Dar es Salaam centre. ▪ Specifications: 2 sets SANS Storage (1.3GB X 24). 5. Parliamentary ▪ Microsoft Surface or Samsung ▪ Computers – 116 Budget Tablet (600 for Members of ▪ Media Com DVB – 3 Office Parliament and support staff) and ▪ Printer -13 iPad pro for research of systems ▪ Telephone handset and switches – 24 platform compatibilities, ▪ AC4life – 18 ▪ IP PBX and its related accessories to strengthen voice communication with Government agencies. ▪ Cisco switches (15) and LAN cabling for strengthening IP network in accounts and procurement unit offices. ▪ Computers (20), Laptops (50), ▪ Printers (20), ▪ Electronic boards for presentations (4) ▪ Mobile devices such as Ms Surface, Tablet and IPad. ▪ 10 Conference systems to committee’s room. ▪ Network, communication devices and New structural cabling to the accounts and procurement unit offices to strengthen the network. 6. TRA TRA is not planning to procure any None. ICT equipment under this project. It is planning to: ▪ Automate Block Management Systems through Mapping of Taxpayers using GIS. ▪ To undertake a study on behavioral experiments for 33 | P a g e S/N Institution ICT Equipment and Infrastructure ICT Equipment and Infrastructure to to be Procured be Replaced and or disposed taxpayers; and ▪ Train staff on automation of the Block Management Systems. Table 4.2: Types of ICT and Infrastructure to be procured and disposed following PFMRP Implementation in Zanzibar S/N Institution ICT Equipment and Infrastructure ICT Equipment/ to be Procured Infrastructure to be Replaced and or disposed 1. Office of Controller and Auditor ▪ Laptops ▪ Laptops (80) General Zanzibar 250PCS; Desktops 100PCS; Servers ▪ Desktop 5PCS; Firewalls (4PCS) Computer (20) ▪ Digital Conference Systems ▪ Printers (7) (5PCS) ▪ Surveillance System (2 Sets) ▪ Photocopy (3) - NVR (4PCS) - Alarm Systems (5Sets) ▪ CCT Camera - CCTV Cameras (150PCS) (50) - 10 PCS -POE Switch ▪ NVRs (5) - HDD – Surveillance 120*3TB ▪ Projectors (4) - UTP Cable (CAT6) 20Rolls ▪ 4PCS -Power Backup Systems ▪ Server (3) ▪ Printers (15PCS) ▪ Photocopy (10PCS) ▪ Tablets (20PCS) ▪ Smart Projectors (20PCS) ▪ Scanners (3PCC) ▪ Paper Shredders (10 PCS) ▪ Television (10PCS) ▪ Access Control Systems (20PCS) ▪ Access Points (Unifi) -30PCS ▪ Fibber Cable-1 Roll ▪ Patch Panel for Fibber 10PCS ▪ Patch Panel for UTP Cable 12PCS ▪ IP Phones 50PCS ▪ 21. IP – (PBX) 3PCS ▪ Cabinet 42U -3PCS ▪ Cabinet 17U -6 PCS Procurement of Software 34 | P a g e S/N Institution ICT Equipment and Infrastructure ICT Equipment/ to be Procured Infrastructure to be Replaced and or disposed Resources: CAATs: - ▪ ACL with Licenses 20LS, ▪ Teammate Web version 20LS, ▪ Licenses for RDS Servers 20LS, ▪ Office 365 -Licenses for Office 2021 400LS, ▪ Anti-Virus Programs 400PCS ▪ Licenses for Power BI Desktop ▪ Vmware Spheres 8 Release 5PCS. ▪ Database for Pension System 2. House of Representatives ▪ Servers, Desktop computers 6 Nil ▪ Laptops 4, Projector 2 ▪ Projector screen 2, Printers 2 3. Office of Treasury Registrar ▪ Laptop Computers, Nil ▪ One Server, ▪ One server rack and backup battery for servers to implement this project. 4. Planning Commission ▪ Laptop Computers (3), One Nil Server ▪ One server rack and backup battery for servers to implement this project. 5. Public Procurement Authority ▪ Servers, Desktop computers & Servers, Desktop laptops computers 6. E-Government, Zanzibar (EGAZ) ▪ Dell PowerEdge R750 Servers Nil (Server for Systems and Infrastructure Monitoring) - 2 ▪ Manage Engine (OpManager) – Infrastructure Monitoring Software – 1 ▪ SolarWinds Server and Application Monitor ▪ FortiGate-401E Hardware Plus 5 35 | P a g e S/N Institution ICT Equipment and Infrastructure ICT Equipment/ to be Procured Infrastructure to be Replaced and or disposed years FortiCare Premium and FortiGuard Unified Threat Protection (UTP) - 2 ▪ Cisco Catalyst 9500 Series high performance 24-port 25G switch -2 ▪ HP Z8 G5 Workstation Desktop PC (for System Vulnerabilities Assessment) - 4 ▪ HP Envy 17inch Touchscreen Laptop - 6 ▪ Monitoring Screen 52'' - 4 ▪ Nessus vulnerability scanners (Vulnerability Assessment software) ▪ Cisco 4300 Series router 7. Zanzibar Institute of Accountants, ▪ Laptops (25) Nil Auditors and Tax Consultants ▪ Desktop computers (25) (ZIAAT). ▪ server 1 ▪ iPad (11) ▪ Projectors (7) 8. Office of Internal Auditor General Laptops (250), Desktop Computers Desktop computers in Zanzibar (OIAG) (50), Server (1), Digital Camera (5), 5, 18 inches. Printers (250) & Heavy-Duty Photocopy Machines (2), Anticipated environmental and Health risk and Impacts: Most of the electronic equipment contains hazardous chemicals and materials such as Lead (Pb), Cadmium (Cd), Beryllium (Be), and Brominated Flame Retardants. Inadequacies/limitations in recycling and disposal of electrical and electronic waste can cause health and environmental problems (Table 5.3). E-waste handling and disposal also exposes people to non-dioxin-like polychlorinated biphenyls (PCB), polycyclic aromatic hydrocarbons (PAH), polychlorinated dibenzo-p-dioxins (PCDD), polychlorinated dibenzofurans (PCDF) and dioxin-like polychlorinated biphenyls (DL-PCB). Most of these compounds are endocrine disrupters that are neuro-and immune-toxicE-waste- related toxic elements can enter living organisms through air (e.g. open burning), soil (e.g. disposal), water via ingestion (e.g. contamination of food chains due to improper disposal and primitive recycling processes), inhalation, and dermal absorption (e.g. dust and direct exposure of workers who labor in primitive recycling areas and their families). E-waste is resistant to biodegradation with strong tendency to bio-accumulate in agricultural lands and be available for uptake by grazing livestock. Elevated levels of e-waste pollutants in 36 | P a g e water, air, soil, dust and human matrices (blood, urine, breast milk) indicate that workers are not the only ones who are at risk of being exposed to e-waste, but the general public and future generations. The consequences of improper management of e-waste might lead to landfills, releasing of toxic chemicals, impacting earth’s surface and most importantly human health. Exclusion criteria will be included in this ESSA to avoid significant impacts. 37 | P a g e Table 4.3: Toxic Substances in E-waste and Associated Health Implications Substance Occurrence in E-waste Health Related Impacts Halogenated Compounds PCB (polychlorinated biphenyls) Condensers, Transformers Toxic effects of PCBs include immune suspension, liver damage, cancer promotion, nervous damage, reproductive damage (both male and female) and behavioral change. TBBA (tetrabromo-bisphenol-A) Fire retardants for plastics (thermoplastic Suspected of hormonal interference (damage to growth and PBB (polybrominated biphenyls) components, cable insulation) sexual development) and reproductive harm. BFRs are used to PBDE (polybrominated diphenyl TBBA is presently the most widely used flame make materials more flame-resistant. Exposure studies reveal ethers) retardant in printed circuit boards BFRs in breast milk, and blood of electronic workers, among others. PVC (polyvinyl chloride) Cable insulation Most used plastic, found in everyday electronic. When burned it produces large quantities of hydrogen chloride gas, which combines with water to form hydrochloric acid (HC). Inhaling HCL can cause respiratory problems. Production and installation of PVC creates diamonds. Heavy Metals and other Metals Arsenic Small quantities in the form of gallium Long-term exposure may cause lung, cancer, nerve damage and arsenide within light emitting diodes various diseases. Barium Getters in cathode ray tubes (CRTs) Exposure may lead to brain swelling, muscles weakness, damage to heart, liver, and spleen, or increase blood pressure. Beryllium Power supply boxes which contain silicon- Exposure can cause lung cancer and chronic Beryllium dieses. controlled rectifiers and x-ray lenses Symptoms of chronic Beryllium dieses include breathing difficulties, coughing, chest pain and general weakness. Cadmium Rechargeable computer batteries, fluorescent Long term exposure to Cadmium can cause kidney damage, and layer (CRT screens), printer inks and toners, damage to bone (jaw) density photocopying-machines (printer drums) Chromium VI Data tapes, floppy-disks Lead CRT screens, batteries, printed wiring boards, Exposure to Lead can cause brain damage, nervous systems television sets, PC monitors, light bulbs, lamps damage, blood disorders, kidney damage, and damage to fetal development. Children are specifically vulnerable. Mercury Fluorescent lamps that provide backlighting in Exposure through ingestion or inhalation can cause central LCDs, in some alkaline batteries and mercury nervous system damage and kidney damage. 38 | P a g e Substance Occurrence in E-waste Health Related Impacts wetted switches Selenium Older photocopying-machines (photo drums) Exposure to high concentrations causes selenosis, which can cause hair loss, nail brittleness, and neurological abnormalities (e.g., numbness and other odd sensations in the extremities). 39 | P a g e 4.3 Good International Industry Practice (GIIP) of E-waste According to Sustainable Recycling Industries 2021, the best e-Waste management practices involve operationalization of key concepts including the Extended Producer Responsibility (EPR), Producer Responsibility Organization (PRO), E-waste Regulations and E-waste Management. These are considered as pillars of good international practices in relation to e- waste management as detailed below: Extended Producer Responsibility (EPR): This is the main feature of e-Waste management system worldwide. The producer of the electronic equipment has the responsibility of managing such equipment after its end of life, thus the producer is responsible for the products once the consumer discards them. The EPR principal aims to shift part of the waste management responsibilities (administrative, financial and/or physical) from governments or municipalities (taxpayers) to the agency that produce and sell the products that are destined to become waste. The EPR concept also motivates the producers to reduce consumption of virgin materials, undertake product design changes to reduce waste generation and ensure closure of material loops to promote resource efficiency and sustainable development. Although producers ensure the financing of systems in EPR-based systems, consumers might eventually pay the end-of-life costs due to an increase of the product price. Producer Responsibility Organization (PRO)/ Compliance Scheme: Producers can implement EPR either individually or collectively, in which case through a Producer Responsibility Organization (PRO) or compliance scheme. APRO takes on the responsibility of the operational aspects such as collection, transportation, environmentally sound recycling, and disposal of end- of- life products, on the behalf of the producers to meet the EPR obligations. While a PRO is founded by producers collectively, a compliance scheme is similar, except that is a service provider to producers. The main services provided by PRO are: Manage the financing of the system; organize and supervise collection and recycling activities; maintain integrity of the system through standards and audits; conduct awareness raising programs; manages corresponding data; and provide reporting and compliance on behalf of its members. Economic Instruments: enabling the financing of a system is often a fee that may be designated as “environmental fee”, “eco-fee”, “eco-levy”, “advance recycling fee” etc. depending on the regulation. The Organization for Economic Co-operation and Development (OECD) provides a useful criterion for evaluating economic instruments including environmental effectiveness, economic efficiency, administration and compliance costs, revenues, wider economic benefits, soft effects, and dynamic effects. Informal Sector: The guidance principles for the Sustainable Management of Secondary Metals (ISO IWA: 19, 2017) categorized informal actors as those in economic substance activities or unofficial economic activities. The former includes recyclers who subsist thanks to their 40 | P a g e recycling activities, while the latter category includes those who have profitable or even lucrative businesses that deliberately evade compliance with pertinent regulations. Down Stream Value Chain: The e-waste value chain is basically the post-consumer e-waste management value chain and consists of stakeholders such as dealers, /retailers, collectors, dismantler, refurbishes, and recycler/ material recovery operations for the metals and plastics mainly. Product Scope and Characterization: The type of products included under national legal frameworks for e-waste and EPR based regulation may be specific, only certain products, it is also important to clearly identify and define waste from the non-waste. E-waste management value Chain: One of the characters that differentiate E-waste from other waste streams is that it involves a range of players that are active after the first dismantling phase the three broad stages in the e-waste value chain are: (i) Waste generation; (ii) Waste collection and aggregation; and (iii) Treatment, recovery, and disposal. Key Stakeholders, Roles, and Responsibilities in an e-waste management System: The e-waste management value chain consists of a range of actors responsible for the functioning of different stages of the system. While many current e-waste regulations are built around the EPR concept and thus focus more on the responsibilities of producers, other stakeholders such as governments, municipalities, consumers, retailers, treatment partners, etc. also have important roles to play in a successful system. These stakeholders may play slightly different roles at different capacities based on countries based on country-specific cultural, societal, economic, and further conditions. Stakeholders’ collaboration is central as it facilitates in bringing awareness and knowledge transfer, stakeholder interaction and funding to tackle the overall e- waste issues. 4.4 E –waste Management Situation in the Tanzania Mainland The ESSA has found that Tanzania mainland has established institutional arrangement to govern e–Waste Management. E- Waste is considered as an important public issue of concern8. The matter becomes even more serious because large segment of Tanzanian population is gaining access to technology which generate e-waste9. There are policies and several legislations and regulations that regulate e-waste management in the country which include: The National Environmental Policy (2021); The Environmental Management Act (2004); the Environmental Management (Control and Management of Electrical and Electronic Equipment Waste) Regulations (2021); The Electronic and Postal Communication (Electronic Communication Equipment Standards and E-waste Management) Regulations, (2020); the Environmental 8 NBS and United Nation University, vie–SCYCLE (2019): National E –Waste Statistics Report, NBS Dodoma, United University Bonn, Vie –SCYCLE, Germany. 9 World Bank. 2019. Tanzania: Country Environmental Analysis – Environmental Trends and Threats, and Pathways to Improved Sustainability. 2019. Washington, DC: World Bank. 41 | P a g e Management (Hazardous Waste Control and Management) Regulations (2021) and the Environmental Management (Fees and Charges) Regulations (2021). The specified laws and regulations have provisions and directives on control and management of electrical and electronic equipment waste, covering the whole value chain. Such provisions regulate generation, collection, storage, transportation, importation, exportation, distribution, selling, purchasing, recycling, refurbishing, assembling, dismantling and disposal of electrical and electronic equipment waste or components, and their movement into and outside Mainland Tanzania. In discharging those duties, several institutions including the Division of Environment (DoE) in the Vice President’s Office, the National Environment Management Council (NEMC), Tanzanian Revenue Authority (Customs), Tanzania Communication Regulatory Authority (TCRA), the Ministry of Trade and Industries, and Local Government Authorities collaborate. Each institution performs different functions depending on its mandates. Table 4.4 clarifies roles and functions of each institution. Table 4.4: Roles of Institutions/Agencies on E-Waste Management, Tanzania Mainland S/N Institution Key Functions on E-Waste Governance 1. Vice President’s Office Insurance of permits and policy making. Division of Environment (DoE) 2. NEMC • Enforcement of the EMA (2004) and its regulation. • Receive applications and process them for permit issuance. • Compliance monitoring. 3. TRA (Customs) • Supervising imports and exports • Ensuring all laws and regulations are observed before release of permits. 4. TCRA • Overseeing the implementation of electronic and postal communications (Electronic Communications Equipment Standards and E-Waste Management) Regulation 2020. 5. Ministry of Trade & • Export control of e-waste Industries • Issues of prohibition of export to some items depending on the needs and capability of local industries. • Issuance of industrial licenses. 6. Local Government • Issuance of business license Authorities • Establishment of waste management facilities (Collection/transfer centres, dumpsites, landfills), registration of waste handlers within their jurisdictions. 42 | P a g e Currently, there is about 40 e-waste dealers. According to the National E-waste Statistics Report (NEWSR) 2019, the amount of the e-waste generated in the period from year 1998-2017 countrywide was 35,755,000 tons. On the other hand, by June 2023 there was 49 in-country e- waste permit holders dealing with collection, transportation, storage, and dismantling of e-waste. Furthermore, in the year 2022 -2023, there were five exporting companies with about 16 export consignments of approximately 140,700 kg. Generally, the institution arrangement that governs e–Waste Management in Tanzania mainland conforms to the international industry practice requirements. It tasks different stakeholders from national level to the lower levels within e-Waste value chain with a clear role and responsibilities to play. Despite the existence of established institutional arrangement to government e–Waste Management, generally, data and information on e-waste is still scanty (World Bank, 2019). Overall, there is still lack of important dimension of e-waste information especially on e-waste collection rate, recycling, and importation and exportation. Information on e-waste collection rate, recycling is the key in understanding and planning e-waste management practice. Such situation makes it difficult to fully understand e-waste situation in the country. The major challenge that limits effective management of e-waste are inadequate Awareness of e- waste value and threats is still low among stakeholders; Data sensitivity policies hindering e- waste management (data security in ICT equipment); Low number of e-waste dealers compared to the e-waste load’; and Inadequate infrastructures for e-waste management (sorting to disposal). In addition, there is a need to strengthen enforcement and monitoring of the regulations pertaining to e-waste management. 4.5 E –Waste Management Situation in Zanzibar Unlike in Tanzania mainland, Zanzibar has no established institutional arrangement to govern e– Waste. ZEMA officials confirmed that Zanzibar had no regulations that control and or govern electrical and electronic equipment wastes nor a regulation for management of hazardous wastes. This situation has hindered proper management of e- wastes. In explaining how ZEMA manage e-wastes in isle, ZEMA officials had this to say: “Generally, e- waste in Zanzibar is not well regulated. In 2011, ZEMA made an attempt to prepare e- waste management regulations, but it was not approved by the House of Representatives. The regulation faced challenges and resentment from businesspeople. They perceived it negatively and considered it to limit electronic businesses especially secondhand goods. Although the Zanzibar has Environmental Management Act No. 3 of 2015 which is a principal legislation that guide environmental matters in the country, the law does not sufficiently cover e- waste. To some extent it has some provisions on 43 | P a g e hazardous materials but there is nothing specific on e-Waste. Zanzibar relies on Tanzania mainland (NEMC) and Basel Convention regulation on transboundary of e- Wastes to a large extent. However, this has not been so effective due to large importation of electronic equipment in Zanzibar and general lack of domestic regulation on e-waste. We receive approximately 900 metric tons of electronic annually. There are approved waste collectors in Zanzibar who collect all types of wastes including electronic wastes. How those wastes are segregated and the manner in which residuals are handled is not clear. Most of e-waste dealers export e-waste to Norway and Sweden” (FGD, ZEMA, 27th October 2023). Capacity of Implementing Agencies to Manage E-waste: Generally, all the implementing agencies in the mainland Tanzania and Zanzibar have no capacity to manage e-waste. Their organizational structures have no departments or units that deal with environmental issues. In addition, many of the staff members who were met during consultation had inadequate knowledge on environmental and health risks associated with ICT equipment on health and environment. 4.6 Data Protection and Cyber Security Procedure within PFMRP Institutions To ensure effective data protection and cyber-security it is technically recommended to observe CIA Triad10. The CIA Triad model identifies confidentiality, integrity, and availability as key elements for information security. Consequently, the Program implementing agencies will have to ensure they have functional and strong Cybersecurity Policies that capture all necessary strategies including antiviruses choice, use of strong passwords, multi-factor authentications, access control, choice of operating system, cyber-security audits, and a workable business continuity plan for both infrastructure and people (e.g., working area recovery, disaster recovery site, HR policy-personnel retention and succession plan). Likewise, the agencies will have to ensure selection and conformity to international standards of data protection and cyber-security, and they will have to develop manuals and procedures for the same. In addition, the best practice for data protection and cybersecurity in large organizations requires existence of the qualified technical personnel in the following key areas: network, database, application and risk and compliance. Each of this units will have a head and functional team with clear responsibilities in ensuring cyber defense and cyber response. Consequently, to assess institutions’ capacities for data protection and readiness to fight against cybersecurity threat, three criteria including: (a) Existence of Personnel with expertise in database, network, application management and risk and compliance to facilitate data Protection; (b) Availability of Cyber-Security Policy that conform to international standards; and (c) 10 Fenrich, K. (2008). Securing your control system: the" CIA triad" is a widely used benchmark for evaluating information system security effectiveness. Power Engineering, 112(2), 44-49. 44 | P a g e Whether the agency conducts routine capacity-building for its IT personnel and other categories of their personnel on data protection and cybersecurity were employed. ESSA has found mixed results in terms of capacities of institutions to protect data and fight against cybersecurity threats. Zanzibar PFMRP Implementing Institutions: with exception of eGAZ and the Office of Controller and Auditor General Zanzibar (OCAGZ), which demonstrated capacity for data protection and fighting against Cyber Security threats, the rest of the institutions have limited capacity. ZPPDA, OIAG, ZHoR, ZPC and ZIAAT have ICT Units/Departments and or staffs, but they have no Cyber Security Policies, and they do not conduct routine capacity-building for their IT personnel and other categories of their personnel on data protection and cybersecurity. In addition, they have a general lack of experts with specialization in database, network, application management and risk and compliance (See details in annex 3). Mainland Tanzania: All visited the PFMRP implementing institutions in mainland Tanzania have Cyber Security Policies and ICT Departments. Also, their ICT departments have personnel with expertise in database, network, application management and risk and compliance to facilitate data Protection (See details in annex 4) except for the MNRT who have no Risk and Compliance expert. The ESSA has further found that the National Audit of Tanzania (NAOT), Tanzania Revenue Authority (TRA) and the Parliamentary Budget Office (PBO) are relatively advanced in cyber security and data protection when compared to other PFMRP implementing institutions. The main challenge in all institutions is that, due to limited budget and human resources, capacity-building on data protection and cybersecurity mainly targets the IT personnel, leaving aside other categories of personnel. Also, some institutions are forced to use outdated and unsupported ICT equipment due to budget constraints thus compromising data protection. Generally, all institutions agreed that there is need to intensify security awareness training to users of information systems and undertaking capacity building for the technical staff to ensure data protection. Experience of the PFMRP Implementing Agencies in Implementing Projects and working with World Bank-Financed Projects Mainland Tanzania: ESSA has found that almost all the implementing institutions in Tanzania have a considerable experience in implementing donor-funded projects and in working with multilateral organizations. However, they have inadequate experience in implementing World Bank Funded Projects as detailed below: PO – RALG: Recently implemented Public Financial Reform Program Phase V (PFMRP V). The overall goal of the project was to strengthen transparency, accountability, efficiency, and fiscal discipline in managing public resources. PO RALG budget for five years of the Program 45 | P a g e was 28 billion and it supported 26 Regional Secretariats and 184 Local Government Authorities on financial reform activities. Parliamentary Budget Office (PBO): The PBO has implemented Legislative Support Project II under the UNDP sponsorship to strengthen accountability, transparency, and institutional capacity in resources management. The project costs for the period of five years amounts to USD 7.0 million. The project focused on increasing the capacities of Parliamentary committees to scrutinise Bills, oversee government, and engage citizens. It also targeted strengthening the capacity of members of parliament to oversee the government budget, including monitoring of SDGs implementation. Overall, the project successfully built the capacity of the National Assembly (NA) members to scrutinize legislation and monitor government performance. Also, with respect to effective bill scrutiny, the project also facilitated sectoral committees to conduct effective bill scrutiny in line with the developed guidelines. Despite this experience, PBO has no experience in implementing World Bank-Financed Projects. Public Procurement Regulatory Authority (PPRA): It has outstanding experiences in implementing projects. For instance, PPRA through the Government has strengthened its accountability, transparency, and institutional capacity to the tune of TZS 7.107 billion in the Financial Year 2022/23. The outcomes of this project include: development of NeST including the Business re-engineering process and development of three modules (i.e. e-registration, e- tendering and contract vetting); training of over 800 Procuring Entities on the use of NeST; Undertook compliance and value for money audit to 180 Procuring Entities; participation in review and subsequent enactment of the Public Procurement Act, Cap 410 which is intended to strengthen accountability and transparency with MoF. Nonetheless, PPRA has never implemented any World Bank-financed project. National Audit Office of Tanzaniaa (NAOT): NAOT has a wider experience in implementing projects. Recently it has implemented: (i) Institutional Support Project for Good Governance (ISPGG III) under African Development Bank financing (2016-2021). The approved Budget was USD 1,578,846. The project focused on capacity building and the acquisition of working tools to improve accountability and integrity in the management of public resources. The major outcome was an improvement in the Proportion of Unqualified Opinion and Improvement in Public Expenditure and Financial Accountability (PEFA); and (ii) NAOT has also recently implemented the Good Financial Governance Phase II (GFG II) Programme (May 2016-January 2024). The project is funded by the German Federal Ministry for Economic Cooperation and Development (BMZ), Swiss Development Cooperation (SDC), and the European Union (EU). The approved budget was EUR 1,021,000 Euro. The program focused on capacity building through training and the development of manuals, guidelines, and strategies to enhance external audit. The major outcomes included improved capacity in comprehensive auditing, financial auditing of BoT and TRA, as well as a performance audit. 46 | P a g e Other project is (iii) Building Sustainable Anti-Corruption Action in Tanzania (BSAAT). The project commenced on August 09, 2018 - March 31, 2025. The program is funded by the United Kingdom Department for International Development (DFID) and the European Union (EU). focuses on enhancing capacity in risk-based audits, fraud detection, special and forensic audits, and stakeholder engagement with law enforcement agencies. The approved budget was TZS 2,766,557,546. The major outcomes of the Programme were enhanced capacity to conduct risk- based audits which led to the identification of suspicions of fraud in audited entities; enhanced capacity to conduct special and forensic audits and appropriate communication with various authorities for appropriate action; improved relations between NAOT and law enforcement organs; improved competency, knowledge, and skills on projects management. Ministry of Natural Resources and Tourisms (MNRT): The ministry has experience in project implementation and in implementing donor funded projects. It has recently implemented the Resilient Natural Resources Management for Tourism and Growth Project (REGROW). The project is funded by the World Bank with budget envelop of Tzs 345,000,000,000 billion (Equivalent to USD 150 million?). The project’s objectives include protection and conservation of wildlife and wetland resources strengthened, and development and promotion of sustainable tourism. TRA: Has worked with the WB in issues related to technical assistances in areas of implementation of enhancement of Taxpayer Compliance through the adoption of behavioural science approach. The technical assistance started in 2022/23 fiscal year and is ongoing. C. Zanzibar: Overall, ESSA has found that majority of the implementing institutions in Zanzibar have inadequate experience in implementing projects, particularly World Bank-funded projects. Only three institutions out of eight have implemented projects. Particularly, the Office of Treasury Registrar, House of Representatives, the Zanzibar Institute of Accountants, Auditors and Tax Consultants (ZIAAT) and Zanzibar Planning Commission (ZPC) have demonstrated low experience in implementing donor-funded projects and in working with multilateral organizations. On the other hand, E-Government (eGAZ), Office of Controller and Auditor General Zanzibar, and Public Procurement Authority have some experience in implementing donor funded included WB projects as detailed below: E-Government (eGAZ): The e-GAZ has implemented several projects including Government Budget and Expenditure (BAMAS), Human Resources & Payroll System (HRMS), Zanzibar Job Portal (ZANAJIRA), and One Stop Centre System (OSC). These projects were funded by the World Bank Office of Controller and Auditor General Zanzibar: The OCAGZ has participated in the implementation of Institutional Support Project for Good Governance phase three (ISPGG III); and PFMRP. The ISPGG-I targeted strengthening procurement capacity; enhancement of interal 47 | P a g e and external audit capacity; (iii) modernisation of business registration and licensing regime; (iv) streghtning anti-corruption measures and capacity; (vi) and development of implementation capacity of the PPP framework. E-Government (eGAZ): The e-GAZ has implemented several projects including Government Budget and Expenditure (BAMAS), Human Resource & Payroll System (HRMS), Zanzibar Job Portal (ZANAJIRA), and One Stop Centre System (OSC). Public Procurement Authority: Participated in implementation of PFMRP and ISPGIII. Office of Internal Auditor General in Zanzibar (OIAG). The OIAG has no experience in implementing projects it has been recently established in 2022/2023. Given these findings, the WB E&S Team will work closely with MoF, PO –PF and other implementing institution to ensure that implementing institutions understand Project’s E&S requirements to ensure that they integrate E&S issues in their operation. 4.7 Exclusion Criteria In managing Programs implemented under PfoR financing arrangement under the World Bank, the exclusion principle is applied to Program activities that are ineligible for PforR financing (i.e., activities that are judged to be likely to have significant adverse impacts that are sensitive, diverse, or unprecedented on environment and/or affected people). Therefore, the Program shall exclude projects that are likely to involve: a) Procurement of ICT equipment from the producer or supplier who are not liable under contract to take back the old machines and dispose them in an environmentally sound manner. This is an important for encouraging Extended Producer Responsibility (EPR). Exclusion to apply only for larger quantity procurements. b) Procurement or importation of electrical and electronic equipment contain lead, mercury, cadmium, hexavalent chromium, polybrominated biphenyls or polybrominated diphenyl ethers. c) Procurement of ICT equipment with high potential to contribute to air, water, or soil contamination leading to significant adverse impacts on the health or safety of individuals, communities, or ecosystems will not be supported by the program. d) Noncompliance with Green Procurement requirements. 5 OPERATIONAL PERFORMANCE AND INSTITUTIONAL CAPACITY ASSESSMENT Introduction This section summarizes the extent to which the Tanzanian Environmental and Social Systems is consistent with the World Bank safeguards principles for PforR financing. The assessment is 48 | P a g e based on the screening of environmental and social (E&S) effects (benefits, impacts and risks) of the Program and the consultations and discussions with stakeholders. It also reviews the implementing agencies' capacities, and gaps between Bank’s policy requirements and the country systems. Several Actions to strengthen the existing system are integrated in the form of the Program Action Plan (PAP). The ESSA concludes that, in general, the national regulatory framework for E&S in Tanzania is consistent with the Bank PforR Policy and Directive regarding principles and critical elements. The legal framework provides a basis for addressing environmental, health, safety, and social issues likely to arise in the proposed Program. In addition, procedures, technical guidelines exist for E&S due diligence concerning the potential E&S risks and impacts of the proposed program. For instance, in the United Republic of Tanzania, eGA, eGAZ have been entrusted to coordinate, capacitate and overseeing public institutions in data protection and cybersecurity issues. This is done under the e-Government Strategy of 2019, “e-Government Standards and Guidelines, eGovernment Act No. 10 of 2019, Government Cyber Security Strategy 2022, the Electronic and Postal Communications Act, 2010 and Cyber Crime Act of 2015 which all guide data project issues. In terms of strategy, there is a Tanzania Cybersecurity Strategy 2018 as well as the Government Cybersecurity Strategy 2022 with their implementation plans. Furthermore, there is Computer Emergency Response Teams11. Health issues will be guided by the National HIV/AIDS Policy 2001, the HIV and AIDS (Prevention and Control) Act No. 28 of 2008, and the Penal Code (revised 2002). In addition, Tanzania mainland has well established institutional arrangement to deal with e- waste which will also apply for Zanzibar for this project. In particular, the Environmental Management Act (EMA) of 2004; the Zanzibar Environmental Management Act No. 3 of 2015; the Environmental Management (Hazardous Waste Control and Management) Regulations (2021); The Electronic and Postal Communication (Electronic Communication Equipment Standards and E-waste Management) Regulations, 2020; The Public Procurement and Disposal of Public Assets Act (2016), Zanzibar; Public Assets Management Guideline Revised Edition (2019); and The Environmental Management (Fees and Charges) Regulations, 2021 will be instrumental in guiding procurement and disposal of e-waste. Therefore, the only challenge that may arise can be related to the lack of compliance for E&S requirements as per the WB core principles which govern PfoR Programs and country’s laws and regulations due to inadequate human resources and inadequate budget for some of the implementing institutions. 11 An established Tanzania Computer Emergency Response Team (TZ-CERT) under TCRA that coordinates cyber security management in the country. It has constituents (for sector) s, with the Government been coordinated under e-Government Security Operations Centre (eGSOC) managed by e-Government Authority. 49 | P a g e All the implementing institutions under MoF and PO-FP have no dedicated Units or staff to oversee E&S issues. To address shortcomings, this ESSA has made several recommendations at program level to strengthen system performance for Environmental and Social Management. The contents of this analysis reflect the capacity of the E&S systems applicable to the Program in its present form – i.e., national regulatory bodies (NEMC & e-Government), capability of the implementing institutions, and other relevant national policies, legislations, or regulations, all of which have been described in the preceding sections of this ESSA. The main findings are presented using the SWOT (Strengths-Weaknesses-Opportunities-Threats) approach, which is adopted and applied to the PforR context in the following way: • Strengths of the system, or where it functions effectively and efficiently and is consistent with the Bank Policy • Inconsistencies and gaps (“weaknesses”) between the principles espoused in the Bank policy and Directives and the countries/implementing institutions’ environmental and social systems and capacity constraints. • Actions (“opportunities”) are required to strengthen the existing system within the implementing institutions to address social and environmental issues. • Threats (Risks) that are likely to affect program implementation and performance. Table 6.1, Summarizes the country’s environmental and social system and institutional capacity assessment based on the WB PforR core principles. 50 | P a g e Table 5.1 Environmental and Social System and Institutional Capacity Assessment Core Principle 1: General Principle of Environmental and Social Management Bank Policy for Program for Results Financing: Environmental and social management procedures and processes are designed to (a) promote environmental and social sustainability in Program design; (b) avoid, minimize, or mitigate against adverse impacts; and (c) promote informed decision-making relating to a program’s environmental and social effects. Bank Directive for Program for Results Financing: Program procedures will: • Operate within an adequate legal and regulatory framework to guide environmental and social impact assessments at the program level. • Incorporate recognized elements of environmental and social assessment good practice, including (a) early screening of potential effects; (b) consideration of strategic, technical, and site alternatives (including the “no action” alternative); (c) detailed assessment of potential induced, cumulative, and trans-boundary impacts; (d) identification of measures to mitigate adverse environmental or social impacts that cannot be otherwise avoided or minimized; (e) clear articulation of institutional responsibilities and resources to support the implementation of plans; and (f) responsiveness and accountability through stakeholder consultation, timely dissemination of program information, and responsive grievance redress measures. The Core Principal No. 1 is Applicable The project will strengthen financial management and procurement systems in Tanzania through: Improving of domestic revenue mobilization and debt management; Strengthening public procumbent management; and Improving management of public expenditures, financial reporting, and accountability. Summary Findings There is an adequate national regulatory framework in Tanzania, and a procedure exists for environmental and social due diligence concerning the potential impacts of the Program. The Environmental Impacts Assessment (EIA) process outlines the required screening procedure for E&S impacts and calls for risk mitigation plans before project implementation. Overall, the PFMRP project will not have significant physical activities that have potential adverse effects on people and environment, procurement of ICT equipment is likely to generate e-waste. Indeed, although the generated e-waste might not need any major environmental assessment, their disposal must be taken seriously and be dealt with the available national regulations. System Strengths: Mainland Tanzania has Gaps established institution arrangement to manage Weak implementation: e-Waste. • Although NEMC has -qualified staff at the headquarters and zonal offices, insufficient • The EMA, the Environmental Assessment staffing and funding limit the agency’s and Audit Regulations, and the procedures capacity to supervise all ongoing projects established by NEMC provide the basis for scattered over a large geographical area. achieving the objectives defined for this core principle. One of NEMC’s duties is to • Although Zanzibar has the Environmental promote environmental sustainability in Management Act No. 3 of 2015, it has no Tanzania. NEMC has strengthened its specific regulations nor established e-Waste capacity by posting additional personnel in institutional arrangement that guide issues of 51 | P a g e its nine zonal offices. It has refined its risk e-Waste and hazardous waste. categories, screening procedures, and ESIA/ESMP preparation processes in a • All the implementing institutions have no 2018 revision to the Environmental dedicated units and staff to oversee E&S Assessment and Audit regulations. issues which can contribute to inadequate management of E&S issues. • The Environmental Management Act (EMA), 2004; The Environmental Management (Control and Management of Electrical and Electronic Equipment Waste) Regulations, 2021; Environmental Management (Hazardous Waste Control and Management) Regulations (2021); The Environmental Management (Fees and Charges) Regulations, 2021 has directives and a provision to govern e-Waste. Actions and Opportunities • MoF & PO-FP to improve their capacity to integrate environmental and social issues in their operation. This can be done through procuring E&S Expert or by seeking assistance from the environmental and social experts from within the government system to assist in implementing the project activities. • All the implementing agencies to maintain close collaboration with e-Government on data protection and cybersecurity. Core Principle 2: Natural Habitats and Physical Cultural Resources Bank Policy for Program for Results Financing: Program E&S management systems are designed to avoid, minimize, or mitigate adverse impacts on natural habitats and physical cultural resources resulting from the Program. Program activities that involve the significant conversion or degradation of critical natural habitats or critical physical cultural heritage are not eligible for PforR financing. Bank Directive for Program for Results Financing: As relevant, the program to be supported: • Includes appropriate measures for early identification and screening of potentially important biodiversity and cultural resource areas. • Supports and promotes the conservation, maintenance, and rehabilitation of natural habitats; avoids the significant conversion or degradation of critical natural habitats; and if avoiding the significant conversion of natural habitats is not technically feasible, measures to mitigate or offset impacts or program activities are necessary. • Considers potential adverse effects on physical, cultural property and as warranted, provides adequate measures to avoid, minimize, or mitigate such impacts. Core Principle No 2 is Not Applicable Summary Findings: The Program investments would not involve activities that convert critical natural habitats. All interventions are related to: Improving of domestic revenue mobilization and debt 52 | P a g e management; Strengthening public procumbent management; and Improving management of public expenditures, financial reporting and accountability and will be implemented mainly in urban areas. As such, the ESSA did not consider the Program with regard to Core Principle 2 as this Core principle and key elements do not apply to the Program. Core Principle 3: Public and Worker Safety Bank Policy for Program for Results Financing: Program E&S management systems are designed to protect public and worker safety against the potential risks associated with (a) the construction and/or operation of facilities or other operational practices under the Program; (b) exposure to toxic chemicals, hazardous wastes, and otherwise dangerous materials under the Program; and (c) reconstruction or rehabilitation of infrastructure located in areas prone to natural hazards. Bank Directive for Program for Results Financing: • Promotes community, individual, and worker safety through the safe design, construction, operation, and maintenance of physical infrastructure or in carrying out activities that may be dependent on such infrastructure with safety measures, inspections, or remedial works incorporated as needed. • Promotes the use of the recognized good practice in the production, management, storage, transport, and disposal of hazardous materials generated through program construction or operations; promotes the use of integrated pest management practices to manage or reduce pests or disease vectors; and provides training for workers involved in the production, procurement, storage, transport, use, and disposal of hazardous chemicals following the international guidelines and conventions. • Includes measures to avoid, minimize, or mitigate community, individual, and worker risks when program activities are located within areas prone to natural hazards such as floods, hurricanes, earthquakes, or other severe weather or climate events. The Core Principal No. 3 is Applicable The Program activities will necessitate enhancement of technical and technological capacity of staff to achieve effective execution of PFMR. Such capacity building will increase engagement and interactions among staffs of the participating institutions and external experts, which might expose them to Sexually Transmitted Diseases (STDs), HIV/AID, further spread of COVID-19 and potentially increase of Gender based Violence (GBV) and Sexual Exploitation and Abuse (SEA). Strengths Gaps ▪ There are national HIV/AIDS Policy (2001) • All PFMRP implementing agencies’ structure does not have an Environmental and HIV and AIDS (Prevention and and Social Expert nor a section dedicated Control) Act No. 28 (2008) that govern on to overseeing environmental and social HIV/AID issues. issues. ▪ The Government of Tanzania (mainland), through its Ministry of Health (MoH), has developed guidelines on how to limit the further spread of Coronavirus, e.g. (i) Guideline on How to Manage the Spread of Covid 19 through Intervention of Control of 53 | P a g e Public Gathering without Affecting Economic Activities, Second Edition, July 2021. The guideline can be customized to suit capacity building activities to be undertaken under PFMRP. • During the implementation of the PforR program, especially the capacity building programs all PFMRP implementing agencies will be required to create awareness on issues of HIV/AIDS, gender discrimination and GB, and SEA Actions and Opportunities Risks The absence of an Environmental and Social • All the implementing institutions to Expert in ensure that MOH COVID-19 Guidelines PFMRP implementing agencies’ structures can are followed during capacity building compromise the operationalization of the training. suggested measures. Core Principle 4: Land Acquisition Bank Policy for Program for Results Financing: Program E&S systems manage land acquisition and loss of access to natural resources in a way that avoids or minimizes displacement and assists affected people in improving, or at the minimum restoring, their livelihoods and living standards. Bank Directive for Program for Results Financing: As relevant, the program to be supported, it has to: • Avoid or minimize land acquisition and related adverse impacts. • Identify and address economic and social impacts caused by land acquisition or loss of access to natural resources, including those affecting people who may lack full legal rights to assets or resources they use or occupy. • Provide compensation sufficient to purchase replacement assets of equivalent value and to meet any necessary transitional expenses paid before taking of land or restricting access. • Implement supplemental livelihood improvement or restoration measures if the taking of land causes loss of income-generating opportunity (e.g., loss of crop production or employment); and • Restore or replace public infrastructure and community services that may be adversely affected. Core Principle 4: Land Acquisition is not Applicable. The proposed activities will not involve acquisition of land from private individuals or public institutions. As such, the ESSA did not consider the Program with regards to Core Principle 4 as this Core principle and key element do not apply to the Program Core Principle 5: Indigenous Peoples and Vulnerable Groups Bank Policy for Program for Results Financing: Program E&S systems give due consideration to the cultural appropriateness of, and equitable access to, Program benefits, giving special attention to the rights and interests of Indigenous Peoples/Sub-Saharan African Historically Underserved Traditional Local Communities, and to the needs or concerns of vulnerable groups. 54 | P a g e Bank Directive for Program for Results Financing: • Undertakes free, prior, and informed consultations if Indigenous Peoples are potentially affected (positively or negatively) to determine whether there is broad community support for the program. • Ensures that Indigenous Peoples can participate in devising opportunities to benefit from the exploitation of customary resources or indigenous knowledge, the latter (indigenous knowledge) to include the consent of the Indigenous Peoples. • Pays attention to groups vulnerable to hardship or disadvantage, including as relevant the poor, the disabled, women and children, the elderly, or marginalized ethnic groups. Special measures are taken to promote equitable access to program benefits. The Core Principle 5 is Not Applicable Assessment summary: The proposed project is a brown project and will not involve land take nor limiting Indigenous Peoples and Vulnerable Groups to access their resource. As such, the ESSA did not consider the Program with regards to Core Principle 5 as this Core principle and key element do not apply to the Program. Core Principle 6: Social Conflict Bank Policy for Program for Results Financing: Program E&S systems avoid exacerbating social conflict, especially in fragile states, post-conflict areas, or areas subject to territorial disputes. Bank Directive for Program for Results Financing: Considers conflict risks, including distributional equity and cultural sensitivities. The Core Principle 6 on Social Conflict is Not Applicable Tanzania is not a fragile and failed state. The Program will not entail social conflict in fragile states, post-conflict areas or areas subject to territorial disputes, nor will the Program cause social conflict or impact distributional equity or associated cultural sensitivities. As such, the ESSA did not consider the Program with regards to Core Principle 6 as this Core principle and key element does not apply to the Program 5.1 Integrated Risk Assessment The overall Environmental and Social risks of the Program is considered Moderate. The potential risks that could result from the PforR Program activities are expected to have a moderate probability of adverse effects to the environment, human health, and safety. Such risks are expected to be site specific/ localized, predictable, and mitigatable through adherence to the existing national laws, regulations, and standards. There will not be any material threat to the natural habitats and biodiversity, ecosystem, and natural resources such as fisheries and forests, Equally, the program will not cause any land acquisition, exacerbate social conflict, and or infringed on the rights of indigenous peoples and vulnerable groups. The environmental risks of this Program are those related to electronic waste generation (e- waste) while social risks are those related to possible misuse of shared data and digital security concerns both in relation to data protection and cyber-security. In addition, there is possibility of exclusion and discrimination of vulnerable individuals and groups from project benefits; and potential of Further, spread of Sexually Transmitted Diseases (STDs) and potentially increase of 55 | P a g e Gender based Violence (GBV) and Sexual Exploitation and Abuse (SEA). The latter are likely to happen because the Program activities will necessitate enhancement of technical and technological capacity of staff to achieve effective execution of PFM. Such capacity building will increase engagement and interaction among the staff members of the participating institutions and external experts which might expose them to GBV and SEA risks. To address the potential E&S risks and impacts, the Program has devised appropriate measures for enhancing the Program Action Plan developed under PFMRP Financing. Table 5.2 summarizes the risks discussed above, and the proposed measures to mitigate those risks. Table 5.2: Risk Assessment and Management Risk Description Risk Management Risk of procuring electronic equipment that Procurement and or importation on of ICT contain lead, mercury, cadmium, hexavalent equipment that contain lead, mercury, cadmium, chromium, polybrominated biphenyls or hexavalent chromium, polybrominated biphenyls or polybrominated diphenyl ethers. polybrominated diphenyl ether shall be excluded. Risk of procuring and importation in country All the implementing institutions will be of ICT equipment that are contrary to capacitated on issues of Green Procurement and sustainable procurement. basics of sustainable procurement as included in the Public Procurement Act No. 10 of 2023. Risk related to handling of e-waste to be Application of Extended Producer Responsibility generated by the project. (EPR) under the e-waste regulations shall be used through procurement, requiring the suppliers and / or producers to handle the generated e-waste at the end of product life as applicable. MOF to discuss with NEMC and PPRA and agreed on the best way of putting this into practice. Observing the Environmental Management (Control and Management of Electrical and Electronic Equipment Waste) Regulations, 2021. The Regulation applies to all categories of electrical and electronic equipment wastes with respect to generation, collection, storage, transportation, importation, exportation, distribution, selling, purchasing, recycling, refurbishing, assembling, dismantling and disposal of electrical and electronic equipment waste or components, and their movement into and outside Mainland Tanzania. Sensitization on HIV/AIDS causes and prevention. Spread of Sexually Transmitted Diseases and To further protect workers and local population 56 | P a g e Further Spread of COVID-19 against COVID-19, contractors will be required to mainstream Ministry of Health’s COVID-19 Management Protocol in all capacity building training. Assess the extent to which data protection and Risks related to possible misuse of shared security is already implemented by the participating data and digital security concerns both in institutions; devising and or updating existing ICT relation to data protection and cyber-security Security Policies; undertaking vigorous capacity that might arise due to integration and building for IT personnel and other staff on data harmonization of financial management protection and cybersecurity as well as carrying out systems and e-Procurement leading to social Cybersecurity Audit tension and misunderstanding among stakeholders. Possibility of exclusion and discrimination With advice from World Bank, the implementing of vulnerable individuals and group from institutions will devise mechanisms which will project benefits. The project benefits ensure equitable treatment of any vulnerable especially those related to capacity building individuals and particularly to accrue project of officials in the areas of financial, procurement and asset management may not benefits. target all staff within the implementing institutions. 6 RECOMMENDED MEASURES TO IMPROVE SYSTEM PERFORMANCE As indicated in the analysis above, Tanzania’s environmental and social management systems are adequate to address the environmental, health, safety, and social risks associated with the Public Financial Management and Procurement Systems for Service Delivery. There are also opportunities to further strengthen E&S management capacity and enhance performance at the Program level. Zanzibar in particular will highly benefit from mainland on their established institutional arrangement to govern e-waste, data security and fighting against cybersecurity threats which will reduce E&S risks and impacts. This ESSA therefore recommends the following key measures to be taken to improve E&S due diligence in the Program (Table 6.1). 57 | P a g e Table 6.1: Measures to Strengthen System Performance for Environmental and Social Management Target Objective Measures to be taken Timeframe Responsible Instrument MoF, PO-FP & PAP action in the Screen all ineligible Procurement and or importation Throughout project all the legal agreement. of ICT equipment that contain lead, mercury, implementation phase. implementing cadmium, hexavalent chromium, polybrominated institutions. Included in the biphenyls or polybrominated diphenyl ether shall be verification of Avoid use or excluded by applying agreed screening criteria. Within six months to DLR. procurement of one year of Project equipment containing effectiveness hazardous substances. All the implementing institutions to be capacitated on issues of Green Procurement and basics of Training plan on sustainable procurement as include in Public green procurement Procurement Act No 10 of 2023. to be in place. Aplication of Extended Producer Responsibility (EPR) under the e-waste regulations shall be used through procurement, requiring the suppliers and / or Within 6 months of MoF, PO-FP & PAP actions in the Program effectiveness all the legal agreement. producers to handle the generated e-waste at the end Ensure effective implementing implementation of the of product life as applicable. MoF, PO-FP to discuss institutions Tanzanian with NEMC and PPRA and agreed the best way of environmental and putting this in practice. social management system for the PforR Strengthening the capacity for monitoring, Program (e-waste in supervision, and enforcement of E&S management Training plan on e- particular). measures by involving NEMC and PPRA during waste to be in procurement of ICT and subsequent disposal of e- place. waste. The MoF, PO-FP shall hire E&S specialists on a full- 58 | P a g e time basis to ensure close supervision, monitoring, and reporting of program supported subprojects. The E&S specialist will be integrated to the PIUs at the MoF and PO-FP respectively. Although there is a Government Vendor who deals with the e-waste, it is important for the MoF, PO-FP and the rest of implementing institutions to conduct training of its staff to improve level of knowledge, attitude, and practice towards e-waste management. All institutions should get familiarized with the Environmental Management (Control and Management of Electrical and Electronic Equipment Waste) Regulations, 2021). The PO-FP and its agencies should consider to applying the Environmental Management (Control and Management of Electrical and Electronic Equipment Waste) Regulations, 2021) to guide issues of E- waste. Within six of project Formal agreement MoF and PO-FP have formal agreement with eGA effectiveness. between eGA and and eGAZ to assist them in data protection and MoF and PO-FP fighting against cyber threats. MoF, PO-FP & on data Ensure effective data all implementing management protection, control, and institutions. issues get signed. fight against In collaboration with eGA and eGAZ all cybersecurity threats. implementing agencies to undertake Cybersecurity Audit to determine whether the implementing institutions have proper cyber-security mechanisms and complies with relevant regulations. 59 | P a g e In consultation with eGA and eGAZ all implementing agencies to have functional and strong Cyber Security Policies that capture all necessary strategies including antiviruses choice, use of strong passwords, multi-factor authentications, access control, choice of operating system and a workable business continuity plan for both infrastructure and people (e.g., working area recovery, disaster recovery site, HR policy-personnel retention and succession plan). Agencies to ensure selection and conformity to international standards of data protection and cyber- security; as well as develop manuals and procedures Training Plan for for the same. routine capacity building in data All the implementing institutions who have no Risk protection and and Compliance Expert in their ITC structure to cyber security to consider hiring one. be in place. Plan for routine capacity building in data protection and cyber-security. Strengthen procedures With advice from World Bank, the MoF & PO-FP Within 6 months of to promote equitable will devise mechanism which will ensure equitable PFMRP effectiveness allocation of benefits to treatment of any vulnerable individuals and MoF, PO-FP & all individuals within Mechanism in particularly to accrue project benefits. all the the implementing Place implementing agencies. institutions 60 | P a g e 7 STAKEHOLDERS CONSULTATIONS To meet Program-for-Results policy and guidance and subsequent aligning with World Bank’s access to information policy, the ESSA process included extensive stakeholder consultations and disclosure of the ESSA report. Between 13th and 16th December 2023, the World Bank E&S team conducted series of stakeholders’ consultations covering Tanzania mainland (Dodoma and Dar es salaam) and Zanzibar. A total of 83 stakeholders representing program implementation agencies (i.e. Public Procurement Regulatory Authority, National Audit Office of Tanzania, Office of Treasury Registrar for Tanzania mainland, President’s Office Regional Administration and Local Government, Parliamentary Budget Office, Ministry of Natural Resources and Tourism, Tanzania Revenue Authority, Office of Controller and Auditor General Zanzibar, House of Representatives, Office of Treasury Registrar, Zanzibar Planning Commission, Zanzibar Public Procurement Authority, E-Government Zanzibar, Zanzibar Revenue Authority, Zanzibar Institute of Accountants, Auditors and Tax Consultants, and Zanzibar Office of Internal Auditor General) were presented with ESSA findings (see Annex 7, 8&9). Bank E&S Team also had consultations with other stakeholders who will not implement the program but are the custodian of policies and regulations relevant for PFMRP. These stakeholders included e-GA, e-GAZ, NEMC, ZEMA, environmental officers from local government authorities, Tanzania Environmental Experts Association, academicians and CSOs representing people with disabilities. Throughout consultation preparations, the World Bank team worked closely with the PIU coordinators who provided help in the process of reaching out and invite participants. Issues related to language barrier were also considered during consultations. Thus, both English and Kiswahili languages which are formal language in Tanzania were used throughout consultations to allow participants to follow discussions and making engagement more useful and interactive. The ESSA consultations aimed to seek stakeholders’ contributions on how PFMRP can be implemented without adversely affecting the environment and people. Similarly, consultations sought inputs, feedback, and/or confirmation from stakeholders on the factual basis and assumptions used to prepare the ESSA report (ESSA’s approach and methodology, program objectives, theory of change, program scope); whether findings are consistency with the national policies, laws and regulations in place; and whether stakeholders are in agreement with ESSA’s findings as well as the suggested measures to strengthen systems performance for E&S management. Stakeholders were also offered an opportunity to suggest alternative management measures. Page | 61 Overall Findings and Key Observations: Generally, the participants voiced their strong support in implementing the proposed program to strengthen accountability, transparency and institutional capacity in public resource management while improving E&S management in the finance and procurement sub sectors. Similarly, stakeholder agreed with ESSA’s findings and largely accorded with the proposed Program Action Plan (PAP) that sets up measures to address the key environmental and social gaps in national E&S systems as well as implementing institutions. There were many recommendations on how the program can be improved, but below are the key ones: • Program sustainability: Across all stakeholder consulted areas, they insisted that, sustainability aspects should be thought for, and becomes an integral part of program design with clear performance monitoring indicators. • Program M&E to involve Community Based Organization (CBOs) that works with vulnerable groups to assess the extent to which their needs are considered in the program: This is important to enhance transparency and accountability during program implementation. • Stakeholder consultation to be continuous throughout the program cycle: this came strongly from many stakeholders, that, there should be a mechanism where program beneficiaries are consulted. • Emphasis on inclusivity: Participants further emphasized that the Program should be more inclusive by integrating issues related to people with different disabilities. During consultation client was further advised on the significance of having in place E&S specialists within the PIU to work as a full-time staff throughout the project cycle, one in Zanzibar and one in Tanzania mainland. Their roles will include to oversee all implementation of E&S risks and impacts mitigation activities specifically cyber security and electronic waste management. Summary of consultations are indicated in the below, presented separately per location (i.e., Dodoma, Dar es salaam and Zanzibar) (Table 7.1). Page | 62 Table 7.1: Mult stakeholders Views, Comments, Concerns and Suggestion November 13th to 16th, 2023 S/N Question/Comment Response/ Remarks Question/Comment Response/ Remarks DODOMA, IMPLEMENTING AGENCIES 1 Extended Producer Responsibility (EPR) and its application Agree. Application of EPR concept in procurement is not well practiced by in managing e-waste seems to be complicated to many many government agencies. government staff in the MoF and other implementing It was emphasized that PFMRP is PfoR, its implementation will be done agencies. This is despite the fact that Environmental by using existing government laws and regulations. To this end Management (Control and Management of Electrical and implementing institutions are required to work closely with NEMC and Electronic Equipment Waste) Regulations, 2021 provides PPRA who are the custodian of the law that advance and promote EPR and provisions and directs in support of this approach. This discuss on the best way to put this into practice. This also warrant the need requires more understanding among agencies. to enhance awareness of government staff on EPR issues among PFMRP implementing agencies. 3 Participants asked the possibility of devising mechanisms While bulk procurement can be an option that government can pursue, it is for alternatives to EPR e.g., declaring that only bulky required to be applied with caution. For example, in some cases an procurement should be subjected to EPR (agreed value institution just needs to procure just single system to strengthen level) and leaving the non-bulky procurement under the accountability, transparency and institutional capacity in public resource responsibility of the individual implementing institutions. management. EPR is positioned to address e-waste challenge associated with ICT equipment regardless their number throughout the entire value gain. 4 Participants shared their concern and worries on the Agree, this will be taken care in the final document. possibility of some sensitive reports information/data which might be vulnerable to the public, especially after being disclosed and thus affecting institutional credibility. 5 Participants shared their concern that, although EMA, 2004 To address this an ESSA has devised mechanism in forms of PAP that will instructs all ministries to have a well-established E&S ensure effective implementation of the Tanzanian environmental and social department. The current practice is that it is not being done management systems for the PforR Program (e-waste in particular). Since by some institutions and they envisaged this becoming an the program will last for 4 years, E&S specialists can be seconded from obstacle for PFMRP implementation. other ministries / government agencies to support the program. Alternatively, PIUs should consider hiring a competent E&S from the market to oversee E&S issues. Page | 63 DAR ES SALAAM, MEETING WITH NGOS, CSOs AND ACADEMIC INSTITUTIONS 1 Procurement component of this program has to consider Agree: This Program has considered vulnerable groups including people disabilities needs and requirements, ensure, public with disability. information that is prepared for the website purpose are accessible by people with disabilities. 2 The concept of green procurement as it was presented is Agree: All implementing agencies to liaise with PPRA on issues of good but have not been practiced in almost government sustainable procurement. Further to this, there will be a need for PPRA to agencies. Therefore, lack of experience my delay support other government agencies in terms of understanding sustainable achievement of this action. procurement concept and how to be operationalized it. 3 As per program objectives, i.e., integrating systems, is it This is possible but will require PIU and MOF to work with e-GA and e- possible to have like centralized System for the GAZ and discuss on how to enhance centralized data access option. implementing institutions to access data? ZANZIBAR 1 There need for inclusion and transparency should be Noted: It will be communicated to the PIUs. acknowledged. Also, the role and significance of translators. 2 It was emphasized that, the implementing agencies should Agree. This is important in filling existing gaps related to inadequate sign formal agreements with NEMC and ZEMA for smooth capacities among implementing agencies especially on e-waste undertaking of the project especially in e-waste management. management 3 There is a need for the program to integrate sustainability Noted. However, this is a policy issue requiring involvement of key aspects especially on e-waste management. For example, stakeholders across all sectors in Zanzibar including house of currently Zanzibar is in the process of updating its representatives. environmental policy and law. It is a high time that it considers e-waste management issues as issue of public concern. Page | 64 REFERENCES In addition to the laws, policies, and regulations cited in this report, the ESSA has drawn from a range of sources including Government documents, technical reports, evaluations, and project documents. This annex lists some of key sources that were consulted in the preparation of the PFMRP ESSA. Bank Guidance: Program-for-Results Financing Environmental and Social Systems Assessment. World Bank, 2020. Cucchiella, F.; D’Adamo, I.; Koh, S.C.L.; Rosa, P. (2015). Recycling of Waste from Electric and Electronic Equipment (WEEEs): An Economic Assessment of Present and Future E-Waste Streams. Renewable and Sustainable Energy Reviews. Elsevier 51:263-272. Document Number eGA/EXT/ISA/001, Dodoma, e-Government Agency. Fenrich, K. (2008). Securing Your Control System: the" CIA triad" is a widely used benchmark for evaluating information system security effectiveness. Power Engineering, 112(2), 44-49. NBS and United Nation University, vie–SCYCLE (2019): National E –Waste Statistics Report, NBS Dodoma, United University Bonn, Vie –SCYCLE, Germany. Public Financial Management (PFM) Reform Program (PFMRP) Phase VI Strategic Plan (2022-27), Dodoma, Ministry of Finance. Sausi, John M, Mtebe, Joel S and Mbelwa, J (2021). Evaluating user satisfaction with the e-payment gateway system in Tanzania, South African Journal of Information Management Tanzania Economic Update: Enhancing Fiscal Efficiency and Effectiveness for a More Inclusive. The World Bank’s Operational Policy Directives as revised in 2022 - Program-for- Results Financing. URT (2017). e-Government Security Architecture – Standards and Technical Guidelines URT (2019). e-Government Act (No. 10) 2019), Dodoma, Government Printers. URT (2021). e-Government Authority Strategic Plan (2021-2026), Dodoma, e- Government Authority. URT (2022). Government Cyber Security Strategy 2022, Dodoma, Government Printers. URT (2022). Government Mailing System (GMS) User Manual, Dodoma, e-Government Authority. URT (2022). Tanzania e-Government Strategy 2022, Dodoma Government Printers. URT (2022): Tanzania e-Government Strategy 2022: Digital Government Services, Anywhere and time, Dodoma, President’s Office, Public Service Management and Good Governance. Page | 65 World Bank. 2019. Tanzania: Country Environmental Analysis – Environmental Trends and Threats, and Pathways to Improved Sustainability. 2019. Washington, DC: World Bank. Zanzibar Environmental Policy (2013): Zanzibar, the First Vice President’s Office, Department of Environment. Zanzibar State of Environment Report (2021), Zanzibar, First Vice President’s Office. Page | 66 APPENDICES Appendix 1: Business Process Flow for the Treasury Register Office System for Disposal of Public Assets, Zanzibar 1. The office of the Treasury registrar sends a request letter to several government institutions and departments inquiring about the availability of items/equipment or property that has to be disposed-off. 2. If there are any disposable items/equipment or properties, the Government Treasury register's office arranges for their physical inspection and valuation. 3. The treasury register's office then prepares a report and submits it to the General Secretary of the Ministry of Finance. 4. The General Secretary signs off on the report and instructs the Treasury register's office to submit it to the Chief Government Property Evaluator. 5. The Treasury register's office organizes for the sale through auction, transfer/reallocation, or donation of the equipment or properties after receiving clearance from the Chief Government Property Evaluator. 6. During the auction, the client with the highest bid (based on the Chief Government Property Evaluator's estimate) is chosen. 7. 25% of the auctioned products' payment should be made promptly, with the remaining amount (75%) due within a week. 8. Upon final payment, the purchaser must complete the purchase agreement form and is provided a payment receipt. 9. The customer is also given an ownership latter from ZRA. 10. The Treasury register's Office writes a handover letter for the client, and a copy is forwarded to the Government Institution/Department or Unit from whence the equipment/item originated. Page | 67 SYSTEM REQUIREMENTS FOR DISPOSAL OF PUBLIC ASSETS, ZANZIBAR Re Process Triggers Requirement (The system Source Record type q should.) No. 1. Requesting information Non usable Allow automatic sending request Treasury List and regarding the disposable items/equipment need letters to the Registrar’s descriptions of items/equipment from to be disposed-off. Ministries/Departments/Instituti office equipment Government ons to submit a list and Ministries/Institutions/departme descriptions of the equipment nts. that need to be disposed-off. 2. Adding information regarding Items/equipment need Uploading and editing of Disposal Text and the disposable items/equipment to be disposed-off. information of the equipment Management images (e.g., from Government from all Ministries/institutions System jpeg, tiff, and Ministry/Institution/departments. which need to be disposed-off. gif) of the disposable equipment/item s. 3. Visualization of information User Allow registered Disposal Text and Institutions/Departmen Institutions/Departments to Management images (e.g., ts need information. visualize and select, send request System jpeg, tiff, and of disposable equipment/items to gif) of the the Treasury Register’s office if disposable needed. equipment/item s. 4. Approval Disposable equipment Allow the General Secretary to Disposable Text and information needs to be visualize/check and Management images (e.g., approved. approve/disapprove by signing System jpeg, tiff, and off on the list of the disposable gif) of the equipment or items. disposable equipment/item s. Page | 68 5. Approval The disposal Allow the Chief Government Ministry of Text and amount/values should Property Evaluator to Finance images (e.g., be approved by the approve/disapprove the jpeg, tiff, and Chief Government valuation of the disposable gif) of the Property Evaluator. equipment by to visualize/check disposable and approve/disapprove by equipment/item signing off on the list of the s. equipment. 6. Disposal by auction or transfer/ Treasury Registrar Allow the Treasury Registrar Treasury Text through a reallocation or donation. Office should make Office to either call up an Registrar Selection list. decision. Auction or transfer or donation Office of the approve disposables. 7. Enrollment of customers. Customers need to Allow the Customers to register Disposable Text and image purchase the on the online system. Management (Names, Disposables through an System username, online auction. password, email, mobile phone, age, bank name, bank account, address, photo). 8. Selection of a Customer for a Price should be not less Allow a customer with the Disposable Text and particular equipment. than the one estimated highest price to be selected for a Management figures/ by the Chief particular item/equipment. System numerical. Government Property evaluator. 9. Filling a purchase form Purchase agreement Allow the Customer to fill out a Disposable Text form is filled out. purchase agreement form for the Management item(s) that he/she was selected System as a customer with the highest price. Making Payment 10. Customer required to Allow the Customer to receive a Disposable Text and make payment. control number and upload a Management numerical. Page | 69 payment receipt. System Property handing-over 11. A hand over letter Produce a handover letter for the Disposable Text and should be issued to Customer for the completed Management numerical. Customer after full purchase. System. payment. Issue of the payment Receipt. 12. A payment receipt Produce a handover letter for the Disposable Text and should be issued to Customer for the completed Management numerical. Customer after purchase. System. completing full payment. Report generation 13. Annual/ quarterly and Generate an annual, quarterly, Disposable Text and monthly disposal and monthly report on the total Management numerical. report on the total amount collected through System. revenue/amount Auctions. collected through auctions. Report generation 14. Annual/ quarterly and Generate an annual, quarterly, Disposable Text and monthly disposal and monthly report on Management numerical. report on Customers Customers who have procured System. who have procured the the disposable equipment and disposable equipment the amounts they paid over a and the amounts they specified period of time. paid over a specified period of time. Report generation 15. Annual/ quarterly and Generate an annual, quarterly, Disposable Text and monthly disposal and monthly report on Management numerical. report on Government Government System. Institutions/Departmen Institutions/Departments/ Units ts/ Units which have which have submitted disposal submitted disposal equipment to the Treasury equipment to the Registrar Office over a period of Treasury Registrar time. Office over a period of Page | 70 time Report generation 16. Annual/ quarterly and Generate an annual, quarterly, Disposable Text and monthly report on and monthly report on Management numerical. Government Government System. Institutions/Departmen Institutions/Departments/ Units ts/ Units which have which have received disposed received disposed equipment from the Treasury equipment from the Registrar Office over a period of Treasury Registrar time. Office. Page | 71 Appendix 2: E-Government (e-GA) Responsibilities in Assisting other Government Institutions The e-GA shared government-wide operations support systems include: A. Public Service Management and Good Governance ▪ Human Capital Management ▪ Information System Government ICT Service Portal ▪ e-Mikutano ▪ e-Mrejesho ▪ e-Office System, ▪ Enterprise Resource Service ▪ Management Suite Government Mailing System ▪ Trusted Digital Repository ▪ Recruitment Portal ▪ Ethics Management Information ▪ System Government official travelling permit, ▪ Corruption complaints ▪ Government Performance Reporting ▪ Dashboard Incident Reporting System ▪ Parliamentary Online System (POLIS). B. REGIONAL ADMINISTRATION AND LOCAL GOVERNMENT ▪ School Information Management System Government of Tanzania Health ▪ Operations Management Information System (GOTHOMIS) ▪ Local Government Revenue ▪ Collection Information System (LGRCIS) ▪ Online Teachers Application Systems ▪ Facility Financial Accounting and Reporting System ▪ District Road Maintenance System ▪ Planning and Reporting System (PlanRep) C. Health, Education and Social Services ▪ Online Work Permit System, ▪ Workers’ compensation self-service, ▪ NHIF Service Portal, ▪ Central Admission System, ▪ Public Service Social Security Fund system ▪ Loan Management System (LMS). Page | 72 D. Financial Services ▪ Central Budget Management System (CBMS) ▪ Government Asset Management Information Systems (GAMIS) ▪ Mfumo wa Ulipaji Serikalini (MUSE) ▪ Donor Fund Management Information System (D-FUNDS MIS) ▪ Treasury Registrar Management Information system ▪ Tanzania Customs Integrated Systems (TANCIS) ▪ Integrated Tax Administration System (ITAX) ▪ Revenue Gateway System ▪ Central Motor Vehicle Registration System ▪ Tanzania Electronic Single Window System ▪ Machinga Registration System ▪ Online TIN Service (OTS) ▪ National Payments System (NPS) ▪ Tanzania National e-Procurement System (TANePS) ▪ Salary Slip Portal ▪ E. Industry, Trade, and Investment Services ▪ Online Registration System (ORS), ▪ EPZA Electronic One Stop Solution (eOSS) ▪ Business Licensing Portal. F. Land and Tourism Services ▪ Integrated Land Management Information System, ▪ Government Real Estate Management System, ▪ MNRT Portal and Safari Portal. G. Works and Transport and Communications Services: Road Toll System, Road Accident Information System (RAIS), Shipping Business Information System, Tanzania Electronic Single Window System (TeSWs), Airport Management Information System (AMIS), Traffic Information Data Base System, Motor Vehicle Maintenance Management Information System (MVMMIS). National Addressing and Postcode System (NAPS), Train e-ticketing and Cargo Management System, Meteorological Aviation Information System (MAIS), Marine Meteorological Information System (MMIS), SUMATRA Road license Information System (SURLIS), Aeronautical Message Handling System (AMHS), Special Load Permit System H. Agriculture, Livestock and Fisheries Farmers Registration System, Agricultural Trade Management Information System, Extension Services and Marketing, National Agricultural Management Information System, Agriculture Page | 73 Products Licensing and Plant Health Management Information System, Fisheries Management System, Tanzania National Livestock Identification and Traceability System (TANLITS), Water Point Mapping System for Rural Water Supply Services and MAJI Information System. I. Information, Culture, Arts and Sports Services Wananchi Portal, Gaming Licensing, Inspection and Compliance Application System. J. Home Affairs, Foreign Affairs and Legal Services e-Immigration, National Identification system, Traffic offence verification system, Lost Property Report system (Property loss registration) and Birth Registration System Fourth Generation (BRS4G). K. Minerals, Energy and Water Services Mining Cadastral Portal, Geological and Mineral Information System, National Energy management information system, LUKU Vendors UP- Country, Water Point Mapping System for Rural Water Supply Services and MAJI Information System. e-Government Successes in Tanzania ▪ In terms of e-Government infrastructure: - the development of the Government e- Payment Gateway (GePG) that facilitates revenue collection. ▪ the deployment of the Government Network (GovNet) that allows public institutions to communicate securely. ▪ the implementation of Government Datacenters that provide a conducive hosting environment for hosting Government systems. ▪ In terms of e-Services: - over 500 websites and portals have been implemented with e- security consideration to support e-Government services initiatives; presence of a variety of e-services and mobile services that are offered by different public institutions through different secured channels; and the securely Government Portal as a one stop service center for Government services and information. ▪ the availability of the ICT Broadband backbone in the country that supports the implementation of secure Government infrastructure and ▪ the presence of the National Datacenter which has dedicated 25% of its capacity for securely hosting and protecting e-Government e-services. E-Services opportunities include the existence of security consciousness among young and technically savvy users representing a ready market for e-services. ▪ The e-Government Research, Innovation and Development Centre (e-GovRIDC), under e Government Authority, has been established to oversee the management and monitoring of research and innovations in the area of e-Government including e-security. ▪ 660 Public institutions’ sites connected to Government Network (GovNet) Page | 74 ▪ e-Government Security Operations Center capacitated. ▪ development of e-Government Capability Maturity Framework ▪ there are e-Government Policies, Strategies, Standards and Guidelines for Public Institutions to use in shaping their e-Government initiatives. ▪ there are well established e-Government structures with an average number of human resources to facilitate e-Government implementation. ▪ Significant leverage of e-Government infrastructure, as evidenced by the development of the Government e-Payment Gateway (GePG) that facilitates revenue collection. ▪ the deployment of Government Network (GovNet) that allows public institutions to communicate securely. ▪ the implementation of Government Datacenters that provide conducive hosting environment for hosting Government systems. ▪ the existence of server rooms and high-speed Local Area Networks in most Government institutions that facilitate accessibility of systems within the institutions. ▪ In terms of e-Services, over 500 websites and portals have been implemented to support e-Government services initiatives. ▪ Government Mobile Platform (mGov) has been enhanced for delivery of e-services through mobile channels (USSD, SMS, Apps). ▪ Creation of an e-Government Apps store for downloading e-Services related applications. ▪ presence of a variety of e-services and mobile services that are offered by different public institutions through different channels; and ▪ the Government Portal as a one stop service center for Government services and information. Challenges that e-Government Authority Faces The following are main challenges that face e-GA during discharging their mandates. ▪ Limited awareness of existing e-Government security laws, regulations as well as standards and guidelines among public servants and law enforcers. ▪ A lack of some essential security standards and guidelines that need to be developed and implemented. ▪ Insufficient computing and storage capacity at the Government Datacenter to support storage securely and access to Government applications. ▪ Inadequate cyber security tools to support combating cyber security events. ▪ Insufficient customer support systems (Helpdesks) for handling Government cyber security-related complaints. ▪ Lack of adequate skills and mechanisms for detecting, managing, and responding to cyber incidents. high level of computer illiteracy, including cyber security-related issues in the society, and reliance on external experts and technology solutions in the area of Cyber security Page | 75 ▪ Different pace in establishing and adopting e-Government initiatives among public institutions. ▪ Inadequate skills in public institutions to cope with emerging technologies. ▪ Limited coverage of the National ICT infrastructure backbone in the Local Government Authorities to facilitate e-Government Services ▪ High costs of hosting e-Government services in the National Datacenter. ▪ The Government Internet bandwidth of 2.1 GB/s is inadequate to support the growing number of Government applications and clients. ▪ Insufficient computing and storage capacity at the Government Datacenter. ▪ Limited research and innovation on e-Government; and fragmented delivery channels. ▪ Insufficient customer support systems (Helpdesks) for handling e-Government related complaints. ▪ Limited automation of internal core business processes in some institutions. ▪ low utilization of existing eservices by the general public. ▪ Un-integrated service provisioning approach that requires same person to be registered more than once for one service. ▪ E-services not designed to cater for people with disabilities/special needs; and absence of bilingual local content in e-Government services. ▪ Limited Bandwidth and Coverage of GovNet Infrastructure Rural areas in Tanzania provide challenging environment for implementing e-Government infrastructures for data and internet-based services. To this end, more than two-thirds of the funding going toward the World Bank-supported Digital Tanzania Project (DTP) is targeted at enhancing broadband connectivity to at least 200 government institutions, including schools and hospitals. ▪ The high cost of implementation and lack of customer base due to the low income and highly scattered population. These challenges have resulted in inadequate eGovernment infrastructure in terms of wide area coverage, bandwidth, last mile, and local distribution required for the delivery of e-Service in rural areas limiting the accessibility of core public services such as GePG which reinforces socio-economic exclusion rather than unlock socio-economic opportunities to help to address urban rural digital divide. ▪ Inadequate Government Data-center Resources including computing servers, storage facilities and WAN bandwidth are among the critical issues, which need immediate Government’s attention. ▪ Data-center outage caused by Power failure, Server downtime or inadequate data storage. By allowing hosting of Government services in departmental server rooms, some computer resources are wasted. Public Institutions still tend to limit the total utilization of computing resources on any given machine to about 60% and 80% and the rest goes to waste. The same applies to the suboptimal and inefficient use of expensive storage systems. ▪ Increase of cyber-attacks on Government Systems. Page | 76 Appendix 3: PFMRP Implementing Institutions Readiness to Fight Against Cybersecurity Threats and Data Protection Capacity, Zanzibar PFMRP Implementation Agency Assessment Criteria: a) Existence of Personnel with expertise in database, network, application management and risk and compliance to facilitate data Protection. b) Availability of Cyber-Security Policy that conform to international standards. c) Whether the agency conduct routine capacity-building for its IT personnel and other categories of their personnel on data protection and cybersecurity. S/N Implementation Agency Assessment results 1. Office of Controller and ▪ There is an ICT Policy which just covers to some extent on Auditor General Zanzibar Cyber Security, will need to review, and update the same to reflect the International Standards. ▪ OCAGZ partially conforms to the international standards on cyber security by providing annual cyber security training to all its staffs, and installation of anti-viruses on all computers and desktops etc. ▪ The ICT Unit has one person who is dedicated for IT Support to OCAGZ staffs. ▪ The Cyber security trainings that are conducted at OCAGZ once per year are done under the IS Audit Department. ▪ The capacity building to IS Auditors are not sufficiently provided as compared to the demand and the pace of the Technology changes on the Globe. 2. Office of Internal Auditor ▪ Currently, there is no cyber security policy at OIAG. General in Zanzibar (OIAG) ▪ To fight against cybersecurity, we follow back up system also we hire space to store electronic system at ZICTIA. ▪ We do not undertake routine capacity building for IT and other categories of personnel on data protection and cyber security. ▪ Currently, the office has only one ICT officer with expertise in information system management and no technical expertise in database, network, as well as risk and compliance. Page | 77 S/N Implementation Agency Assessment results 3. Zanzibar Public Procurement and Disposal The agency has no Cyber Security Policy. of Public Assets Authority The ZPPDA has ICT Department and personnel in (ZPPDA) Networking and System personnel. The agency has no personnel in Risk Compliance nor Cyber Security personnel. 4. Office of Treasury The agency currently has Database Administrator. Registrar, Zanzibar (ZHoR) However, it has no Cyber Security Policy and does not conduct routine capacity-building for their IT personnel and other categories of their personnel on data protection and cybersecurity. 5. House of Representatives The house of representative has no Cyber Security Policy and does not conduct routine capacity-building for IT personnel. Currently, ZHoR has ICT Unit with expertise in database, network, and application management. The House has no expertise in Risk and Compliance. All staff has no professional certifications. 6. E-Government (eGAZ) ▪ Cyber security policy: The eGAZ has developed guidelines that are used in security assessment and system audit in government institutions. Plans are underway to complete development of Cyber Security Policy in this fiscal year. ▪ Totally, the current Cyber Security Guidelines used by the Zanzibar e-Government Agency conforms to international standards on cyber security. ▪ The Agency’s Organization Structure consists of Technical Unit with required staff in field of database, network though they have no professional certifications in their field. ▪ The agency has 3 employees certified in Cyber Security and ICT Project Management. 7. Zanzibar Planning ▪ Currently, ZPC have ICT unit with general ICT professional Commission (ZPC) (ICT officer). 8. Zanzibar Institute of ▪ Currently ZIAAT has no no cyber security policy. Accountants, Auditors and ▪ We have not made any assessment made to verify the Tax Consultants (ZIAAT). conformity to international standards on cyber security. ▪ ZIAAT has no expertise in database, network, application management as well as risk and compliance. Page | 78 Appendix 4: PFMRP implementing institutions readiness to fight against cybersecurity threats and data protection capacity, Tanzania Mainland PFMRP Implementation Agency Assessment Criteria: ▪ Existence of Personnel with expertise in database, network, application management and risk and compliance to facilitate data Protection. ▪ Availability of Cyber-Security Policy that conform to international standards. ▪ Whether the agency conduct routine capacity-building for its IT personnel and other categories of their personnel on data protection and cybersecurity. S/N Organization Assessment results 1 PO – RALG ▪ ICT Security Policy is in place. ▪ PO-RALG and its affiliated institutions (LGAs and Regional Secretariats) adhere and conform to e-Government Authority standards and guidelines including those on cyber-security. ▪ Has a department of ICT with personnel who have relevant qualification, among of them have professional certifications in Database /System Administrator (02), Network Administrator (03), Programmer/Developers (13), System Analyst (07), Security Analyst (03), Web & Multimedia (03), and GIS Specialist (01). ▪ PO –RALG conduct capacity building to IT personnel regularly depending on the availability of funds. However, training does not include other staff. Challenges: ▪ Insufficient fund to undertake capacity building of staff on data protection and cybersecurity. ▪ The use of outdated and unsupported ICT equipment and ▪ Lack of adequate capacity building on Cyber security 2 Parliamentary ▪ ICT Security Policy is in place and conforms to the e- Budget Office Government Authority Security Architecture standards and (PBO) technical guidelines and standards. It also covers cyber- security issues. ▪ The ICT policy is consistent to the security frameworks and industry standards such as ISO 27001 and ISO 27002, NIST 800 and ITIL. ▪ Due to Rapid technological change, it requires continuous capacity building on Cybersecurity. ▪ The PBO has ICT Department with the required technical personnel in database, network, application management as well as risk and compliance. The POB also have experts with professional certifications in their areas of Cyberoam, Allot, Cisco and Red hat. Page | 79 ▪ However, more emphasis should be done on the area of capacity building to acquire more certifications to existing experts. ▪ Proper training of staff in Networking, Security, Linux, and data base must be done regularly. ▪ National Assembly through its budget allocation do conduct routine capacity-building for our IT personnel and other categories of our personnel on data protection and cybersecurity. 3 National Audit ▪ The Office has an ICT Policy which also addresses Office of cybersecurity issues. Tanzaniaa ▪ The Office addresses cyber-security issues in line with the (NAOT) e-Government Act, 2019 and The Electronic and Postal Communication Act Cap.306. R. E 2022 which addressed national and international standards on cyber-security. ▪ NAOT is in the process of seeking certification under ISO 9001:2015 (Quality Management System). ▪ NAOT has ICT Unit responsible for ICT operations and Technical Support Services. The Unit is responsible for all audit matters pertaining to standards, quality, procedures, processes, documentation, and reporting including Information System Audit. Also, the Office has a Risk Management and Compliance Unit which is responsible for risk assessment and management within the Office. ▪ All these three Units are staffed with a number of competent, qualified, and professional staff in the database, network, application management, risk, and compliance. ▪ NAOT staff received capacity building through a combination of training provided by AFROSAI-E and internal office arrangements through technical training institutions including the ICT Commission, TCRA, and e- GA. The last training was undertaken in June 2023 and the duration of training was 20 days. Aspects of data protection and cybersecurity that were covered are: ▪ Vulnerability Assessment, Penetration Testing, information gathering for attacks, password attacks, wireless security. ▪ Cyber Threats Detection- Network-wide protection mechanism, security information event management system (installation and hands-on Lab) and Log analysis, incident Response, and Handling, utilizing Threat Intelligence, and implementing Security Best Practices. ▪ NAOT require to continue intensifying ssecurity awareness Page | 80 training to users of information systems and undertaking capacity building to technical staff. 4 Public ▪ PPRA has Cyber Security policy that conform to Procurement international standard. The policy aligns with the National Regulatory Cybercrimes Acts 2015 as the baseline. Authority (PPRA) ▪ The PPRA have the Division of Information System which have technical Personnel with expertise in: Systems/Applications Development (12), Database Management (3), Business Analysis (6), Systems and Network Management (5) as well as Risk and Compliance (4). ▪ Generally, technical personnel need capacity training that will enable them to get certification in their areas of expertise. 5 MNRT ▪ MNRT has a CYBER SECURITY POLICY stipulated within MNRT ICT POLICY document. Though there is demand of creating a separate document the that will provide details of Cyber Security Policy Implementation. ▪ MNRT has ICT Unit with technical staffs in database and network, nevertheless there is no risk and compliance personnel the ICT unit relies on risk experts from Internal Audit Unit. ▪ Thus, it is necessary for PFMRP project to include MNRT in ensuring risk and compliance are developed within MNRT ICT unit. ▪ Currently MNRT does not conduct routine data protection and cybersecurity programs due to budgets constraints and human resource capacity. 6 TRA ▪ The TRA organisation structure comprises the full-fledged departments of ICT(ICTD) and Risk and Compliance (RCD). These departments are staffed with skilled, experienced, and qualified staff. ▪ It has an ICT Security Policy which was developed in 2019 and currently is under review. It lays the cyber-security foundation within TRA. It is widely followed and has helped to strengthen the security situation of systems, infrastructure, and peoples within TRA. However, there is a need to review and update it with current cyber security issue. ▪ A new policy will be enacted in 2024. Also, other related policies including ICT security policy will be reviewed to align with the new ICT Policy. ▪ The current policy addresses several issues including accessible use of ICT resources and services, unacceptable use, personal security, social media, backup, archiving and Page | 81 recovery, network security, data security, security monitoring, and handling of security incidents, among others. ▪ The TRA also conduct routine capacity building for its IT personnel and other categories of staff depending on availability of funds. The last training was conducted in 2023 where two staff attended a training covering: Risk management related to application, network, and risk monitoring. ▪ Page | 82 Appendix 5: Consultation with e-Government S/N Question Responses 1 You have been entrusted by The e-Government Authority (e-GA) is a public institution established in 2019 under the e- the government to Government Act, No. 10 of 2019 to coordinate, oversee and promote e-Government initiatives and spearhead e-government in enforce e-Government related policies, laws, regulations, standards, and guidelines in public Tanzania’. What are your institutions. main roles and responsibilities? 2 Which aspects do you think There have been significant achievements in supporting the growth of e-government in Tanzania. have been positive with Some of notable progress made include: regards to support public The e-Government implementation is now legally recognized by the law through e-Government institutions in Tanzania to Act, No. 10 of 2019 and has a well-established Governance structure from National to attain e-government? Institutional level; that is National e-Government Steering Committee level to individual public institutions ICT Steering Committee. There are established standards and guidelines that provide for mechanism of smooth and coordinated implementation of ICT systems in the Government. This enables optimal resource utilization while minimizing duplication of efforts and ensuring the ICT initiatives are implemented harmoniously. e-Government has grown (e-services have increased), there are multi-channel for accessing public service through mobile and web. The use of ICT to manage and control Government operations including planning and finance management has significantly increased leading to more efficiency and transparency. For example, there are ICT systems for planning (e.g PlanREP,), for revenue collection (e.g GePG, TAUSI etc.) and expenditure management (e.g., ERMS, MUSE, NeST, GIMIS etc). The interconnection between systems in different government departments has increased enabling data exchange that facilitate efficient public services delivery. The Government enterprise service Bus (GovESB)has been implemented and it facilitates data exchange between public institutions’ ICT systems. Page | 83 Through various mechanisms implemented, the cyberspace has relatively been safe as there has not been any major cyber incident with significant impact on Government operations. The public institutions have access to secure infrastructure for both hosting their systems and data (Data Centres) as well as communication infrastructure through Government Network (GovNET) which has been expanded reaching about 400 institutions so far. 3 How would you Like any other country in the word, the cyber security risks exist in Tanzania. However, the describe/explain Government has put in place various initiatives to manage cyber security including: - cybersecurity situation in Legislation: There are several laws including Cyber Crime Act 2015, Electronic transaction Act Tanzania? 2015, Personal Data Protection Act 2022, The Electronic and Postal Communications Act, 2010 and the e-Government Act 2019. Along with different regulations under these laws, the cyber security has a legal framework to support it. Strategies: There is a Tanzania Cybersecurity Strategy 2018 as well as the Government Cybersecurity Strategy 2022 with their implementation plans. Computer Emergency Response Teams: There is an established Tanzania Computer Emergency Response Team (TZ-CERT) under TCRA that coordinates cyber security management in the country. It has constituents (for sector) with the Government been coordinated under e- Government Security Operations Centre (eGSOC) managed by e-Government Authority. 4 “In 2019 the government The e-Government Standards and Guidelines generally, describe what to do when implementing established “e-Government ICT systems in the Government. The whole life cycle of ICT initiatives is guided. The security Standards and Guidelines” aspect has also been clearly guided on what needs to be done to ensure systems are secure and e-Government (security architecture), ensuring security requirements are included in the system requirements, Authority (e-GA) to meet operations procedures in the course of using the systems etc. its e-Government vision’. Would you please describe The e-Government Standards and Guidelines has had several benefits including the fact that they what e-Government have made it possible for ICT systems implemented in the Government to be inter-operable. This Standards and Guidelines makes it possible for different public institutions to exchange and share date through their ICT entails? How is it related to systems contributing to increased efficiency in public service delivery. data protection? Further, abiding to the standards and guidelines contributes to resources optimization thorough What are success and use of shared resources (shared systems and infrastructure) as well as avoiding duplication of challenges in implementing efforts. There however remain some challenges in adoption of the e-Government Standards and e-Government Standards Guidelines contributed mainly to low knowledge and awareness. Further, some legacy systems Page | 84 and Guidelines? that were implemented prior to promulgation of the standards and guidelines may not be fully compliant although they are providing public services. A graduate process to impart knowledge and build awareness is ongoing together with a systematic plan for upgrading the legacy systems. 5 Which issues do you think In ensuring cyber security threat management, several issues need considerations including: need deeper consideration Ensuring effective Data Management Policies are implemented. especially with regards data Capacity building for cybersecurity personnel and users; and protection and fighting Ensuring availability of effective techniques and tools for monitoring, protection, detection, and against cyber security recovery from cyber incidents proactively. threat in Tanzania? 6 As we are currently The e-Government Authority (e-GA) stands to play a significant role to assist PFMRP preparing PFMRP what implementing institutions to ensure security of their ICT systems through different ways role e-GA can play to assist including: implementing institutions Expanding the secure shared infrastructures to facilitate secure hosting environment (Data centers) to ensure data security? for the ICT systems used by the institutions as well as expanding the Government Network (GovNET) to reach all service delivery points where public services are accesses by the people. Facilitating security management operations for ensuring security of ICT systems and infrastructures used by the institutions through the implementation of security protection, monitoring and detection tools for proactive cyber security response (Acquisition of security tools). Capacity building for cybersecurity personnel to equip them with requisite skills to effectively management the security of ICT systems used by the public institutions. Facilitating Cyber security awareness program for ICT systems users in the public institutions to ensure secure use of the systems. Page | 85 Appendix 6: List of people consulted and held discussion during capacity assessment S/N NAME INSTITUTION POSITION ZANZIBAR PO –PF AND OTHER IMPLEMENTATION AGENCIES 1. Fatima Masrur Said E-GAZ Director ICT 2. Jokha Ali Iddi E-GAZ Administrative Officer 3. Khamis M. Ali E-GAZ DHRP 4. Saumu Daniel Yusuph E-GAZ Planning Officer 5. Haji M. Ali E-GAZ Senior Economist Officer 6. Shemsa Abdulla Mbarouk E-GAZ Head Of Economic, Intelligent Unit 7. Othman J. Othman Executive Director 8. Siddick J. Khamis 9. Sale Haji Ali Senior Planning Officer/ Assistant Coordinator of The Project 10. Said Ali Omar Head Of Ict Unit 11. Adam Maulid Simai House Of Representative Economist 12. Abdallah Ali Shauri House Of Representative Director Planning 13. Asma Ali Kassim House Of Representative Head Of Planning 14. Asha Faruku OIAG ICT Officer 15. Fred Kasambala OIAG Kaimu Mkurugenzi Uthibiti 16. Ahmed Mmanga OIAG Procurement Officer 17. Fatma Khamis OIAG Internal Auditor General 18. Khamis M. Khamis OIAG Ag. Director Human Resource, Oiag 19. Musa Shauri Kombo OIAG Planning Officer 20. Arafa A. Hassan OIAG Administrator 21. Sima Juma Office Of Treasury ICT Officer Registrar 22. Othman Hassa Juma Office Of Treasury Registrar 23. Dr. Salum A. Said ZRA Director 24. Said K.H Said ZRA 25. Robert L. Mweiro OCAGZ Director Isa 26. Bakari A. Bakil ZEMA Environmental Officer 27. Makame Haji Khamis ZEMA Monitoring And Operation 28. Khadija Mohid Seif ZEMA EIA, Section TANZANIA MAINLAND MOF AND OTHER IMPLEMENTATION AGENCIES 29. Sylvester Shayo E-GA Compliance And Security Office Page | 86 S/N NAME INSTITUTION POSITION 30. Abdallah Samizi E-GA Infrastructure And Operation 31. Benedict Ndomba E-GA Director General 32. Alex Ministry Of Finance 33. Eliakim C. Maswi CEO PPRA 34. Suzana S. Chaula Director Of Corporate PPRA Services 35. Fanuel S. Yengayenga Acting. Director ICT PPRA 36. Amini Mkoronzo Acting. HEMU PPRA 37. Radhia Tambwe Finance PO-LARG 38. Alex Morris Procurement Officer PO-LARG 39. Hamimu Maloa ICT PO-LARG 40. Abdurahaman Hatibu Economist PO-LARG 41. Salome Kapanga PIU MNRT 42. Shabani Mbamula ICTO MNRT 43. Pendo Sumaida ICTO MNRT 44. Clifford Mnzali Procurement MNRT 45. Michael Kadebe Director - Budget Parliament Of Tanzania 46. Mary Lasway Assistant Director– ADP Parliament Of Tanzania 47. Emmanuel Rhobi Bunge - NCD Parliament Of Tanzania 48. Lilian Mraba DICT Parliament Of Tanzania 49. Angelus Turuka PIU Parliament Of Tanzania 50. Nkwaya Azaria Accounts Parliament Of Tanzania 51. Selemani Mwamba Director / PIU NAOT 52. Justine Kavishe Director Procurement NAOT 53. Alcard Mumwi Director ICT NAOT 54. EMMANUEL LAZARO Economist NAOT 55. Yosepha Tanamu Deputy Director Of TRA Corporate Planning 56. Salim Kessy Merw TRA 57. Massaga J. Fimbo Ag. Manager Research & TRA Innovation 58. Joseph Nyasiro Ag. Manager Ict Security TRA 59. Yahya Kailembo Ag. Manager Planning & TRA Budget 60. Simon Kingu PTMO TRA 61. Rose Mwera SPSO TRA 62. Arapha M. Mkongo PHRA Page | 87 Appendix 7: Consultation with private sector, academicians, people with Disabilities and development partners in Dodoma NAME INSTITUTION DESIGNATION Emanuel P. Lazaro NAOT Economist Stella A. Mwenisongole NAOT Senior Supplies Officer Deonisia Max K PD - MOF P. Statistician Catherine Mlimbila MOF ADFISM/IIS Sarah A. Machumu PO-RALG SFMO Elisaraweki Macha MOF PFMO Rosemary Mfinanga MNRT SSO Humphrey E. Kisanga PPAA Head ICT Mohamed A. Makame PPAA Head ADM Alcard Mumwi NAOT DIG Kenneth Nindie IAG - MOF AG. AIAG/TA Mohamedi. O. Mdoka MOF - GAMD GAMO George Kanyama MOF - GAMD PGAMO Shaaban Mbalamula MNRT AG. HICT Rose Mfinanga MNRT Procurement Officer Mahamudu M. Hamza MOF - IAGD FOR AISG - LGA Fredrick Mapunda MOF - ACGEN ACCT Joseph Mhoa PO - RALG Procurement Officer Daniel Masolwa NBS Director For Economic Statistic Alexander Songoro WB Social Dvt Specialist Ignace A. Mchallo WB Environmental Consultant Maryirene Singili WB Team Assistant Angelus Turuka PARLIAMENT Principal FMO Emil Mathew WB Social Development Specialist Theresia E. Henjewele MOF - PD Assistant Director Denis Mihayo MOF Principal Economist Sebastian Kanchenche MOF Planning Officer Omari Waziri MOF ICTO Anande Mbise MOF ICTO Page | 88 Appendix 8: Consultation with private sector, academicians, people with Disabilities and development partners in Dodoma Dar Es Salaam NAME INSTITUTION DESIGNATION 1. Dr. Elbert A. Mbukwa UDSM Lecturer 2. Novath Rukwago SHIVYAWATA Legal Officer 3. Seif M. Malinda UDSM ICT 4. Salmin M. Singano UDSM ICT 5. Fred M. Kwezi TEEA Member 6. Hamisi S. Msangi TEEA Member 7. Naomi Lucas OTR Senior Officer 8. Lily Kavishe OTR Assistant Director 9. Sawa Sinde OTR Accountant 10. Jacqueline Gumbo OTR SHRO 11. Cledius Kamugisha OTR ECO 12. Abdalla Lyangu OTR Ass. Director 13. Innocent J. Umbulla OTR Head M&E 14. Mohamed A. Nyasama OTR Director Of Planning 15. Gloria E. Lyimo UDSM Lecturer 16. Saumu Jumanne DUCE Lecturer 17. Saul S. Kagomba DUCE Disaster Risk Management 18. Jonas Lubago SHIVYAWATA Secretary General 19. Alexander Songoro WB Social Development Consultant 20. Ignace A. Mchallo WB Environmental Consultant 21. Emil Karuranga WB Social Development Specialist 22. Paul Welton WB Lead Financial Specialist Page | 89 23. Diana Mwaipopo WB Program Assistant 24. Severin E. Mallya SHIVYAWATA Officer 25. Enock. Tumbo Dar Es Salaam City Environmental Officer, Dsm City Council Council 26. Shabani J. Ndolosi SHIVYAWATA Officer Page | 90 APPENDIX 9: Consultation with private sector, academicians, people with Disabilities and development partners in Zanzibar Name INSTITUTION DESIGNATION 1. Mohammed B. Denge ZEMA Procurement Officer 2. Saleh B. Khamis MINISTRY OF Accountant FINANCE 3. Ali O. Makame SHIJUWAZA Vice Chair 4. Kheir M. Simai SHIJUWAZA Member 5. Hassan K. Juma ANGOZA Director 6. Alice M. Mushi MIF Programs 7. Khalfan A. Said PO-FP Project Coordinator 8. Ali N. Ali PO-FP ICT 9. Abdilla H. Amour ACCOUNTANT ICT GENERAL OFFICE 10. Vuai A. Hassan DOF Forester 11. Husna S. Ali ZEMA Environmental Officer 12. Lailat M. Haji ZEMA Environmental Officer 13. Omar M. Omar ZPPDA Officer 14. Omar M. Kassim ZPPDA ICT 15. Ahmed M. Makame OIAG Procurement 16. Khatib M. Khatib SOUTH D. Planning Officer COUNCIL 17. Asha F. Juma OIAG ICT Page | 91 18. Abdalla A. Shauri HOR DIRECTOR OF PLANNING 19. Alexander Songoro WB Social Dvt Specialist 20. Ignace A. Mchallo WB Environmental Consultant 21. Mohamed F. Ali HOR Coordinator 22. Diana M. Mwaipopo WB Program Assistant 23. Emil K. Mathew WB Social Devt Specialist 24. Said Kh. Said ZRA Manager 25. Hamadi A. Hamadi MUNICIPAL A Revenue Officer 26. Miza S. Khamis FORESTRY Chief Officer 27. Masoud K. Shaaban OCAGZ B.F. PMU 28. Rukaiya K. Othman EGAZ System Analyst Page | 92