I have been reading with curiosity comments from some people who argue that the problem with the NSS ghost names scandal was/is not about the digital platform or the so-called metric app. For such persons, those to be blamed for the scandal should be the NSS/NSA staff who were using the platform.

Surprisingly, those who make such arguments include the current Director General of the National Service Authority (NSA), Felix Gyamfi.

Before I go on to the substantive points, it is important to point out that the current Director General was a staff member (in fact, a District Director) of the NSS/NSA until his appointment this year. So he was within the NSS/NSA when the scheme was populated with thousands of ghost names, costing the nation hundreds of millions of cedis. He wasn't appointed from outside.

Now to the substantive response to those who say the ghost names digital platform is not the problem, but the NSS people who were using it. HERE ARE SOME FACTS FOR YOU

1. The NSS/NSA contracted Inpath Technologies Ghana Ltd to develop what it called the Central Service Management Portal (CSMP) to be used for the following: submission of list of graduates by schools; online national service enrollment; automated PIN code and NSS number generation; automated identity verification of service personnel; online retrieval of posting information and letters of service personnel; monitoring and verification of personnel presence at work to justify payment; and more.
2. The Service Provider was not to, and did not, build the CSMP platform and hand it over to the NSS/NSA.
3. The Service Provider was and remains the builder, operator, maintainer and custodian of the CSMP digital platform
4. Thus, the Service Provider was, at all times, responsible for how the platform functioned and operated. No one could or was allowed to make any functional changes to the platform except the Service Provider
5. The Service Provider was at all times the one controlling the full back-end access to the platform. No one could get access to the back-end of the platform without authorisation by the Service Provider.
6. The Service provider was the only entity that could block any person(s) from the DG to the cleaner at NSS/NSA from having access to the platform.
7. As part of the Contract, the Service Provider was required to ensure that the platform has robust web security features to prevent it from what the contract refers to as "malicious intrusions." I suppose the inclusion of thousands of ghost names will be a malicious intrusion.
8. The Contract stated that if at any point the Service Provider becomes aware of a breach of the security of the platform, it shall notify NSS of the breach indicating when the breach occurred, the nature of the breach and what steps it has taken to remedy the security breach and any future breach.
9. So, when the Service Provider became aware of the ghost names breach year after year, what steps did they take to remedy the situation? If the situation was remedied, why did the ghost names continue for several years on the same platform?
10. If not the Service Provider, who granted the necessary full back-end access rights to modify the functionality of the platform to make it possible for NSS staff to enrol fake personnel without a Ghana Card? Who granted the back-end access that allowed people to use just ordinary paper and company ID cards in place of the Ghana Card to enrol non-existent people as service personnel? Who granted the back-end access to allow for the 80 and 90-year-olds to be enrolled for national service? Who granted the access for the fake index numbers to be inputted on the platform?
11. Was and is the platform so porous that anything at all was/is allowed to be put in by those who had/have access to input any data at all? If so, is that the platform the current DG, Felix Gyamfi, is defending as robust?
12. Even if the platform was/is so porous that it allows for any fraudulent activities to be carried out, what was the service provider's obligation as the operator of the platform in terms of ensuring the integrity of the platform? What did the service provider do to prevent the fraud from continuing? When the service provider realised the ghost names, what did they do?

I hope that the relevant authorities will take the right step to terminate the ghost-name-infested NSA digital platform, save the nation from another major scandal.