Audit of the Plymouth County District Attorney’s Office Overview of Audited Entity

The Plymouth County District Attorney’s Office (PCDA) was established under Sections 12 and 13 of Chapter 12 of the Massachusetts General Laws, which provide for the administration of criminal law and the defense of civil actions brought against the Commonwealth in accordance with Chapter 258 of the General Laws.

PCDA is one of 11 district attorneys’ offices in the Commonwealth and represents the Commonwealth in the prosecution of criminal offenses that occur within its jurisdiction. PCDA serves the 27 cities and towns within Plymouth County.

According to its internal control plan,

The mission of [PCDA] is to protect the citizens of our community with the efficient and fair prosecution of criminal acts that occur in the cities and towns of Plymouth County. Along with the prosecution of crime, we strive to provide critical services to the victims of those crimes, and work to reduce criminal activity through intervention and prevention programs.

PCDA’s main administrative office is at 166 Main Street in Brockton. As of December 31, 2020, PCDA had 117 employees, including the District Attorney.

To prevent individuals from profiting from illegal drug activity, Section 47 of Chapter 94C of the General Laws authorizes law enforcement to seize assets, such as any profits of drug distribution or any property that is used, or was intended to be used, for illegal drug activity. Some examples of assets that may be subject to forfeiture are money, cell phones, computers, motor vehicles, and real property.¹

The local or state police department that performed the seizure brings the seized assets to PCDA, where they are held in a safety deposit box at a local bank until a judge determines whether these assets should be forfeited to the Commonwealth. If the assets are ultimately deemed forfeited by a court order, then these assets are divided equally between PCDA and the police department that performed the seizure and then moved to and held in forfeiture trust fund accounts. If more than one police department was involved in the seizure, then the police departments split a 50% share equitably.

According to Section 47(d) of Chapter 94C of the General Laws, PCDA may expend money from the forfeiture trust fund for the following purposes:

To defray the costs of protracted investigations, to provide additional technical equipment or expertise, to provide matching funds to obtain federal grants, or such other law enforcement purposes as the district attorney . . . deems appropriate. The district attorney . . . may expend up to ten percent of the monies and proceeds for drug rehabilitation, drug education and other anti‑drug or neighborhood crime watch programs which further law enforcement purposes.

PCDA’s forfeited asset revenue was $569,911 during the audit period. PCDA’s forfeiture trust fund expenditures totaled $287,763 during the audit period. Forfeited asset revenue remains in PCDA’s forfeiture trust fund account with the Office of the State Treasurer and Receiver General until expended, as required by Section 47(d) of Chapter 94C of the General Laws.

The Executive Office of Technology Services and Security (EOTSS) has established policies and procedures that apply to all Commonwealth agencies within the executive branch. EOTSS recommends, but does not require, non-executive branch agencies to follow these policies and procedures. Section 6.2 of EOTSS’s Information Security Risk Management Standard IS.010 states,

The objective of the Commonwealth information security training is to educate users on their responsibility to help protect the confidentiality, availability and integrity of the Commonwealth’s information assets. Commonwealth Offices and Agencies must ensure that all personnel are trained on all relevant rules and regulations for cybersecurity.

To ensure that employees are clear on their responsibilities, all employees in executive branch agencies with access to a Commonwealth-provided email address are required to complete a cybersecurity awareness course every year. All newly hired employees must complete an initial cybersecurity awareness training course within 30 days after their orientation.