Currently showing reports relevant to all Senate estimates committees. Filter by committee using the links to the right.

Type: Performance statements audit
Report number: 25 of 2024-25
Portfolios: Across entities
Entities: Across entities
Date tabled:
Audit Summary : show

Executive summary

1. Performance information is important for public sector accountability and transparency as it shows how taxpayers’ money has been spent and what this spending has achieved. The development and use of performance information is integral to an entity’s strategic planning, budgeting, monitoring and evaluation processes.

2. Annual performance statements are expected to present a clear, balanced and meaningful account of how well an entity has performed against the expectations it set out in its corporate plan. They are an important way of showing the Parliament and the public how effectively Commonwealth entities have used public resources to achieve desired outcomes.

The needs of the Parliament

3. Section 5 of the Public Governance, Performance and Accountability Act 2013 (PGPA Act) sets out the objects of the Act, which include requiring Commonwealth entities to provide meaningful performance information to the Parliament and the public. The Replacement Explanatory Memorandum to the PGPA Bill 2013 stated that ‘The Parliament needs performance information that shows it how Commonwealth entities are performing.’1 The PGPA Act and the Public Governance, Performance and Accountability Rule 2014 (PGPA Rule) outline requirements for the quality of performance information, and for performance monitoring, evaluation and reporting.

4. The Parliament’s Joint Committee of Public Accounts and Audit (JCPAA) has a particular focus on improving the reporting of performance by entities. In September 2023, the JCPAA tabled its Report 499, Inquiry into the Annual Performance Statements 2021–22, stating:

As the old saying goes, ‘what is measured matters’, and how agencies assess and report on their performance impacts quite directly on what they value and do for the public. Performance reporting is also a key requirement of government entities to provide transparency and accountability to Parliament and the public.2

5. Without effective performance reporting, there is a risk that trust and confidence in government could be lost (see paragraphs 1.3 to 1.6).

Entities need meaningful performance information

6. Having access to performance information enables entities to understand what is working and what needs improvement, to make evidence-based decisions and promote better use of public resources. Meaningful performance information and reporting is essential to good management and the effective stewardship of public resources.

7. It is in the public interest for an entity to provide appropriate and meaningful information on the actual results it achieved and the impact of the programs and services it has delivered. Ultimately, performance information helps a Commonwealth entity to demonstrate accountability and transparency for its performance and achievements against its purposes and intended results (see paragraphs 1.7 to 1.13).

The 2023–24 performance statements audit program

8. In 2023–24, the ANAO conducted audits of annual performance statements of 14 Commonwealth entities. This is an increase from 10 entities audited in 2022–23.

9. Commonwealth entities continue to improve their strategic planning and performance reporting. There was general improvement across each of the five categories the ANAO considers when assessing the performance reporting maturity of entities: leadership and culture; governance; reporting and records; data and systems; and capability.

10. The ANAO’s performance statements audit program demonstrates that mandatory annual performance statements audits encourage entities to invest in the processes, systems and capability needed to develop, monitor and report high quality performance information (see paragraphs 1.18 to 1.27).

Audit conclusions and additional matters

11. Overall, the results from the 2023–24 performance statements audits are mixed. Nine of the 14 auditees received an auditor’s report with an unmodified conclusion.3 Five received a modified audit conclusion identifying material areas where users could not rely on the performance statements, but the effect was not pervasive to the performance statements as a whole.

12. The two broad reasons behind the modified audit conclusions were:

  • completeness of performance information — the performance statements were not complete and did not present a full, balanced and accurate picture of the entity’s performance as important information had been omitted; and
  • insufficient evidence — the ANAO was unable to obtain enough appropriate evidence to form a reasonable basis for the audit conclusion on the entity’s performance statements.

13. Where appropriate, an auditor’s report may separately include an Emphasis of Matter paragraph. An Emphasis of Matter paragraph draws a reader’s attention to a matter in the performance statements that, in the auditor’s judgement, is important for readers to consider when interpreting the performance statements. Eight of the 14 auditees received an auditor’s report containing an Emphasis of Matter paragraph. An Emphasis of Matter paragraph does not modify the auditor’s conclusion (see Appendix 1).

Audit findings

14. A total of 66 findings were reported to entities at the end of the final phase of the 2023–24 performance statements audits. These comprised 23 significant, 23 moderate and 20 minor findings.

15. The significant and moderate findings fall under five themes:

  • Accuracy and reliability — entities could not provide appropriate evidence that the reported information is reliable, accurate and free from bias.
  • Usefulness — performance measures were not relevant, clear, reliable or aligned to the entity’s purposes or key activities. Consequently, they may not present meaningful insights into the entity’s performance or form a basis to support entity decision making.
  • Preparation — entity preparation processes and practices for performance statements were not effective, including timeliness, record keeping and availability of supporting documentation.
  • Completeness — performance statements did not present a full, balanced and accurate picture of the entity’s performance, including all relevant data and contextual information.
  • Data — inadequate assurance over the completeness, integrity and accuracy of data, reflecting a lack of controls over how data is managed across the data lifecycle, from data collection through to reporting.

16. These themes are generated from the ANAO’s analysis of the 2023–24 audit findings, and no theme is necessarily more significant than another (see paragraphs 2.12 to 2.17).

Measuring and assessing performance

17. The PGPA Rule requires entities to specify targets for each performance measure where it is reasonably practicable to set a target.4 Clear, measurable targets make it easier to track progress towards expected results and provide a benchmark for measuring and assessing performance.

18. Overall, the 14 entities audited in 2023–24 reported against 385 performance targets in their annual performance statements. Entities reported that 237 targets were achieved/met5, 24 were substantially achieved/met, 24 were partially achieved/met and 82 were not achieved/met.6 Eighteen performance targets had no definitive result.7

19. Assessing entity performance involves more than simply reporting how many performance targets were achieved. An entity’s performance analysis and narrative is important to properly inform stakeholder conclusions about the entity’s performance (see paragraphs 2.37 to 2.44).

Connection to broader government policy initiatives

20. Performance statements audits touch many government policies and frameworks designed to enhance government efficiency, effectiveness and impact, and strengthen accountability and transparency. This is consistent with the drive to improve coherence across the Commonwealth Government’s legislative and policy frameworks that led to the PGPA Act being established.8 The relationship between performance statements audits and existing government policies and frameworks is illustrated in Figure S.1.

Figure S.1. Relationship of performance statements audits to government policies and frameworks

Figure S.1: Relationship of performance statements audits to government policies and frameworks

Source: ANAO analysis.

The future direction of annual performance statements audits

21. Public expectations and attitudes about public services are changing.9 Citizens not only want to be informed, but also to have a say between elections about choices affecting their community10 and be involved in the decision-making process, characterised by, among other things, citizen-centric and place-based approaches that involve citizens and communities in policy design and implementation.11 There is increasing pressure on Commonwealth entities from the Parliament and citizens demanding more responsible and accountable spending of public revenues and improved transparency in the reporting of results and outcomes.

22. A specific challenge for the ANAO is to ensure that performance statements audits influence entities to embrace performance reporting and shift away from a compliance approach with a focus on complying with minimum reporting requirements or meeting the minimum standard they think will satisfy the auditor.12 A compliance approach misses the opportunity to use performance information to learn from experience and improve the delivery of government policies, programs and services.

23. Performance statements audits reflect that for many entities there is not a clear link between internal business plans and the entity’s corporate plan. There can be a misalignment between the information used for day-to-day management and governance of an entity and performance information presented in annual performance statements. Periodic monitoring of performance measures is also not an embedded practice in all Commonwealth entities. These observations indicate that some entities are reporting measures in their performance statements that may not represent the highest value metrics for running the business or for measuring and assessing the entity’s performance (see paragraphs 4.32 to 4.35).

Developments in the ANAO’s audit approach

24. Working with audited entities, the ANAO has progressively sought to strengthen sector understanding of the Commonwealth Performance Framework. This includes a focus on helping entities to apply general principles and guidance to their own circumstances and how entities can make incremental improvements to their performance reporting over time. For example:

  • in 2021–22, the ANAO gave prominence to ensuring entities understood and complied with the technical requirements of the PGPA Act and the PGPA Rule;
  • in 2022–23, there was an increased focus on supporting entities to establish materiality policies that help determine which performance information is significant enough to be reported in performance statements and to develop entity-wide performance frameworks; and
  • in 2023–24, there was an increased focus on assessing the completeness of entity purposes, key activities and performance measures and whether the performance statements present fairly the performance of the entity (see paragraphs 4.36 to 4.38).

Appropriate and meaningful

25. For annual performance statements to achieve the objects of the PGPA Act, they must present performance information that is appropriate (accountable, reliable and aligned with an entity’s purposes and key activities) and meaningful (providing useful insights and analysis of results). They also need to be accessible (readily available and understandable).

26. For the 2024–25 audit program and beyond, the ANAO will continue to encourage Commonwealth entities to not only focus on technical matters (like selecting measures of output, efficiency and effectiveness and presenting numbers and data), but on how to best tell their performance story. This could include analysis and narrative in annual performance statements that explains the ‘why’ and ‘how’ behind the reported results and providing future plans and initiatives aligned to meeting expectations set out in the corporate plan.13

27. It is difficult to demonstrate effective stewardship of public resources without good performance information and reporting. Appropriate and meaningful performance information can show that the entity is thinking beyond the short-term. It can show that the entity is committed to long-term responsible use and management of public resources and effectively achieving results to create long lasting impacts for citizens (see paragraphs 4.39 to 4.45).

Linking financial and performance information

28. The ‘Independent Review into the operation of the PGPA Act’14 noted that there would be merit in better linking performance and financial results, so that there is a clear line of sight between an entity’s strategies and performance and its financial results.15

29. Improving links between financial and non-financial performance information is necessary for measuring and assessing public sector productivity. As a minimum, entities need to understand both the efficiency and effectiveness of how taxpayers’ funds are used if they are to deliver sustainable, value-for-money programs and services. There is currently limited reporting by entities of efficiency (inputs over outputs) and even less reporting of both efficiency and effectiveness for individual key activities.

30. Where entities can demonstrate that more is produced to the same or better quality using fewer resources, this reflects improved productivity.

31. The ANAO will seek to work with the Department of Finance and entities to identify opportunities for annual performance statements to better link information on entity strategies and performance to their financial results (see paragraphs 4.46 to 4.51).

Cross entity measures and reporting

32. ANAO audits are yet to see the systemic development of cross-sector performance measures as indicators where it has been recognised that organisational performance is partly reliant on the actions of other agencies. Although there are some emerging better practices16, the ANAO’s findings reveal that integrated reporting on cross-cutting initiatives and linked programs could provide Parliament, government and the public with a clearer, more unified view of performance on key government priorities such as:

  • Closing the Gap;
  • women’s safety;
  • housing;
  • whole-of-government national security initiatives; and
  • cybersecurity.

33. Noting the interdependence, common objectives and shared responsibility across multiple government programs, there is an opportunity for Commonwealth entities to make appropriate reference to the remit and reporting of outcomes by other entities in annual performance statements. This may enable the Parliament, the government and the public to understand how the work of the reporting entity complements the work done by other parts of government.17

34. As the performance statements audit program continues to broaden in coverage, there will be opportunities for the ANAO to consider the merit of a common approach to measuring performance across entities with broadly similar functions, such as providing policy advice, processing claims or undertaking compliance and regulatory functions. A common basis for assessing these functions may enable the Parliament, the government and the public to compare entities’ results and consider which approaches are working more effectively and why (see paragraphs 4.52 to 4.56).

Type: Performance audit
Report number: 24 of 2024-25
Portfolios: Attorney-General's
Entities: Australian Human Rights Commission
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. The Australian Human Rights Commission (AHRC or the Commission) was established in December 1986 by the Australian Human Rights Commission Act 1986 (AHRC Act). The AHRC is a corporate Commonwealth entity under the Public Governance, Performance and Accountability Act 2013.

2. The Commission’s key goal related to complaint handling set out in its Corporate Plan is ‘improving enjoyment of human rights by all, supporting access to justice and remedies for people and communities whose rights are breached.’1

3. AHRC’s Investigation and Conciliation service (ICS) is responsible for delivery of complaint investigation and conciliation. ICS also operates two information services (the National Information Service and Respect@Work National Information Service) to provide information about AHRC’s complaint handling function and respond to enquiries from the general public.

Rationale for undertaking the audit

4. AHRC is Australia’s national human rights institution. The handling of complaints is central to its purpose, which is to ensure that Australians have access to effective, independent complaints handling and public inquiry processes on human rights and discrimination matters, and benefit from human rights education, advocacy, monitoring and compliance activities. The AHRC has reported that, in 2023–24, it received 2,708 complaints. This performance audit was conducted to provide independent assurance to the Parliament that AHRC’s handling of complaints is efficient and effective.

Audit objective and criteria

5. The objective of this audit was to assess the efficiency and effectiveness of AHRC’s handling of complaints.

6. To form a conclusion against the audit objective, the following high-level criteria were adopted:

  • Are AHRC’s complaint handling arrangements designed in a way to support the effective management of complaints?
  • Is AHRC’s handling of complaints efficient?
  • Is AHRC’s handling of complaints effective?

Conclusion

7. The AHRC’s handling of complaints is partly efficient and partly effective.

8. The AHRC has designed its complaint handling arrangements to support effective management of complaints with two exceptions. The two key shortcomings relate to it not having conducted a recent procurement for, or having a contract in place for, an information technology system to assist with the management of complaints, and not having developed a formal approach to obtaining assurance over the handling of individual complaints.

9. The timeliness of complaints handling has been declining, with the Commission not meeting its performance indicator (consistent with its enabling legislation) to finalise 85 per cent of complaints within 12 months in 2023–24. A significant backlog has developed and, although the backlog has stabilised, it remains high. Resource efficiency improved over the four years up to and including 2021–22, a trend that did not continue in 2022–23 and 2023–24.

10. A lower proportion of complaints are being conciliated by the Commission, with the Commission not meeting its related performance indicator for the last three years. A greater proportion of complaints are being terminated or discontinued. Data on complainant and respondent satisfaction with the AHRC’s complaint handling is not reliable.

Supporting findings

Complaint handling arrangements

11. Complaints mechanisms and processes are clear and accessible. (See paragraphs 2.2 to 2.13)

12. Suitable systems and processes are, in most respects, in place for complaints handling. From a random sample of 137 complaints examined by the ANAO, no systemic deviations from legislation or existing procedural guidance were identified. The main shortcomings relate to the AHRC not having appropriate contractual arrangements in place for its electronic complaints management system and the absence of a formalised quality assurance process. Since 2021, multiple reviews initiated at the request of the Australian Government to achieve savings have recommended changes to the complaints management system to improve operational efficiency. The recommended changes have not been made. (See paragraphs 2.14 to 2.52)

Complaint handling efficiency

13. AHRC has implemented systems and processes to capture input and output data which can be used to calculate basic measures of efficiency. There are issues with the reliability of complaints data that adversely affects the Commission’s management of complaints handling and its performance reporting. (See paragraphs 3.2 to 3.15)

14. Complaints handling by AHRC is not timely.

  • A significant backlog in complaints developed between the first quarter of 2019–20 and quarter 3 2021–22. With fewer complaints received in 2023–24 and some additional resources, the backlog has stabilised. It remains around double what it was prior to 2019–20.
  • The proportion of complaints being finalised within 12 months (one of AHRC’s performance measures, consistent with the Commission’s enabling legislation) has been declining, with AHRC not achieving its target for 2023–24. Further, this performance measure is not focused on measuring performance from the perspective of parties to the complaint.
  • Complaints identified as a priority by the AHRC are typically finalised more quickly than those not prioritised. Notwithstanding this, the duration of both standard and priority complaints has increased.
  • Complaint handling delays are primarily a result of delays in an accepted complaint being allocated to a case officer (rather than delays in the first stage, between complaint receipt and acceptance, or in the final stage, progressing the complaint to finalisation). The increasing time taken to allocate matters to case officers has coincided with a decrease in the number of complaints conciliated and increase in the number of discontinued complaints. (See paragraphs 3.16 to 3.41)

15. AHRC has not established a target and does not measure the resource efficiency of its Investigation and Conciliation service. The efficiency of the Investigation and Conciliation service, measured both in terms of the direct cost per finalised complaint and ratio of complaints finalised per staff member, improved over the four years up to and including 2021–22. That trend did not continue in 2022–23 and 2023–24 as a result of fewer complaints being finalised and, for 2023–24, some additional resources being provided to stabilise the backlog in complaints.

16. AHRC has not prioritised resourcing ICS in line with demand for its complaints handling services. AHRC has not developed an activity-based costing model to demonstrate the effect of the demand driven complaints workload or inform its internal allocation of resources despite an earlier recommendation from consultants in August 2021. (See paragraphs 3.42 to 3.60)

Complaint handling effectiveness

17. It has become less likely for complaints to be conciliated and more likely for complaints to be discontinued, terminated or declined by the AHRC.

  • An increasing number of complaints have been assessed as suitable for conciliation and an increasing number of conciliations have been held over the last seven financial years (reflecting the higher complaint numbers overall). The proportion of complaints recorded as resolved through conciliation has decreased from 46 per cent of complaints in 2017-18 to 33 per cent in 2023-24. The Commission did not meet its target of conciliating 40 per cent of complaints in 2021-22, 2022-23 or 2023-24, notwithstanding the additional resources provided through the October 2022 Budget.
  • The proportion of complaints terminated, declined or discontinued has grown, increasing from 40 per cent of complaints finalised in 2017–18 to 58 per cent of complaints finalised in 2023–24. (See paragraphs 4.4 to 4.34)

18. The AHRC is not obtaining reliable data on the extent to which complainants and respondents are satisfied with its complaint handling process.

  • Parties’ measured level of satisfaction with Commission’s complaint handling processes has been decreasing over time. Overall satisfaction decreased from 91 per cent in 2017–18 to 85 per cent in 2023–24.
  • Respondents and their representatives report higher levels of overall satisfaction than complainants do with AHRC complaint handling processes. Respondents also report higher levels of agreement that Commission processes are timely and fair.
  • The results of the surveys reported by the Commission are not demonstrably reliable and unbiased. Of note is that 61 per cent of participants were not sent the satisfaction survey over the seven years examined. Satisfaction surveys were most often sent to participants with conciliated (53 per cent of complainants and 51 per cent of respondents) and terminated or declined outcomes (53 per cent of complainants and 52 per cent of respondents). Complainants who withdraw their complaints or complainants whose complaints are discontinued by the AHRC were less likely to be surveyed. (See paragraphs 4.35 to 4.51)

Recommendations

Recommendation no. 1

Paragraph 2.50

The Australian Human Rights Commission strengthen its handling of complaints by:

  1. testing the market for an electronic complaints management system;
  2. establishing fit-for-purpose contractual arrangements for an electronic complaints management system; and
  3. establishing a formal process for quality assurance over the handling of individual complaints.

Australian Human Rights Commission response: Agreed.

Recommendation no. 2

Paragraph 3.10

The Australian Human Rights Commission improve the reliability and verifiability of its reported performance information by:

  1. documenting its methodology and data sources it uses to produce performance information;
  2. updating its guidance and practices to address data integrity, with a particular focus on updating guidance on deferrals and secondary matters; and
  3. establish processes to ensure quality assurance on reported performance information is undertaken and documented.

Australian Human Rights Commission response: Agreed.

Recommendation no. 3

Paragraph 3.26

The Australian Human Rights Commission improve its performance measures to include an explicit focus on the time it takes from the lodgement of the complaint until its finalisation.

Australian Human Rights Commission response: Agreed.

Recommendation no. 4

Paragraph 3.59

The Australian Human Rights Commission improve its management of complaint handling efficiency by developing an internal budget strategy that supports the delivery of its targets outlined in its Portfolio Budget Statement and Corporate Plan.

Australian Human Rights Commission response: Agreed in principle.

Recommendation no. 5

Paragraph 4.41

The Australian Human Rights Commission improve its approach to measuring complainant and respondent satisfaction with its complaint handling effectiveness by developing a methodology that obtains sufficient levels of reliable, representative feedback.

Australian Human Rights Commission response: Agreed.

Summary of entity response

19. The proposed audit report was provided to AHRC. The AHRC’s summary response is reproduced below. The full response from the AHRC is at Appendix 1. Improvements observed by the ANAO during the course of this audit are listed at Appendix 2.

Providing people and organisations across Australia with a free, accessible and effective dispute resolution process for discrimination and human rights complaints is one of the Australian Human Rights Commission’s key statutory functions. It is also a core component of the Commission’s vision of an Australian society in which people’s human rights are respected, promoted and protected.

The Commission welcomes the ANAO’s report and agrees or agrees in principle with its five recommendations to improve our complaint handling function.

The Commission acknowledges that currently our complaint handling function is not timely. The COVID-19 pandemic generated an unprecedented rise in complaints. Complaint numbers have remained around 30% higher than pre-pandemic levels. This continues to adversely impact timeframes. Reducing these timeframes by ensuring the Commission’s complaint function is appropriately resourced is a key priority.

Implementing the recommendations will also strengthen the Commission’s collection and analysis of complaint performance information and public reporting.

The Commission acknowledges the professionalism, integrity and empathy of our staff who deliver our information and complaint handling services. They have supported thousands of Australians over the 7-year audit period to access justice on discrimination and the human rights issues affecting them.

Key messages from this audit for all Australian Government entities

20. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Policy/program design

Key learning reference
  • Accountable authorities should align the allocation of resources with the priorities and targets set for the organisation in corporate planning documentation.
Group title

Procurement

Key learning reference
  • When key management systems are sourced under contract, the contract should be current. Periodic market testing is important for entities to meet their obligations under the Commonwealth Procurement Rules, including demonstrating value for money and the principle of open and effective competition.
Group title

Performance and impact measurement

Key learning reference
  • When assessing client satisfaction, it is important that the methodology employed provides results that are representative and reliable.
Type: Performance audit
Report number: 23 of 2024-25
Portfolios: Climate Change, Energy, the Environment and Water
Entities: Department of Climate Change, Energy, the Environment and Water
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. The Murray–Darling Basin (the Basin) is a system of interconnected rivers and lakes in the south-east of Australia with significant environmental, cultural and economic value.

2. The Murray–Darling Basin Plan (the Basin Plan) was developed in 2012 in response to a significant period of drought in the Basin in the early 2000s (the Millennium Drought), which resulted in a recognition across the governments that a plan was needed to manage the Basin’s water resources carefully and protect the Basin for future generations. The Basin Plan sets limits on the amount of water that can be taken from the Basin for consumptive purposes by communities, farmers and businesses, while maintaining environmental sustainability, known as the Sustainable Diversion Limits (SDLs).

3. The establishment of the SDLs was accompanied by a water recovery target to ‘bridge the gap’ between the SDLs and how much water was taken from the Basin before the introduction of the Basin Plan. At the time the Basin Plan was agreed in 2012, the ‘Bridging the Gap’ target was set at 2,750 gigalitres. This was amended in 2018 to 2,075 gigalitres. As at 31 December 2022, the Murray–Darling Basin Authority (MDBA) estimated that a gap of 49.2 gigalitres of water remained in seven catchments to reach the ‘Bridging the Gap’ target.

4. The Department of Climate Change, Energy, the Environment and Water (the department) is the Australian Government entity responsible for recovering water to bridge the gap through: monitoring water recovery programs; funding, implementing and managing water infrastructure projects and efficiency measures; and undertaking purchases of water entitlements.

5. In March 2023, the department commenced an open tender process to purchase water entitlements to recover 44.3 gigalitres of water against the remaining gap of 49.2 gigalitres. The 4.9 gigalitres of surface water located in the ACT that also needed to be recovered to achieve the Bridging the Gap target was not included in the procurement process as water rights in the ACT are held and owned by a government entity. Separate arrangements were established with the ACT Government to bridge the gap in the territory.

6. The procurement process was finalised in January 2024. As at 17 January 2025, approximately 21.62 gigalitres of water has been recovered, fully bridging the gap in two of the six target catchments, with a gap of approximately 23.07 gigalitres remaining in the other four catchments.

Rationale for undertaking the audit

7. This audit examined the effectiveness of the department’s strategic procurement of water entitlements to meet the Bridging the Gap target under the Basin Plan. It followed on from Auditor-General Report No. 2 2020–21 Procurement of Strategic Water Entitlements to provide assurance to Parliament over the arrangements in place to support the procurement process, and the conduct of the procurement process to achieve value for money.

8. Water recovery is a topic of parliamentary and public interest. The Joint Committee of Public Accounts and Audit (JCPAA) identified the audit as a priority of the Parliament for 2023–24.

Audit objective and criteria

9. The audit objective was to assess the effectiveness of the department’s strategic procurement of water entitlements to meet the Bridging the Gap target under the Basin Plan.

10. To form a conclusion against the objective, the following high-level criteria were adopted.

  • Did the department establish appropriate arrangements to support strategic water procurement?
  • Did the department conduct an effective procurement process to achieve value for money?

11. The audit focused on the 2023 Bridging the Gap procurement process, including arrangements to support the procurement and whether value for money was achieved. It also examined whether the recommendations from Auditor-General Report No. 2 2020–21 and the JCPAA Report 492 were implemented.

12. The audit did not examine: water recovery initiatives for targets other than the 2,075 GL/y Bridging the Gap target; compliance with water trading rules in the Basin Plan; activities of related bodies such as the MDBA or state water regulatory authorities; or the socioeconomic impacts of water recovery on local communities, except to the extent considered by the department as part of the procurement process.

Conclusion

13. The department’s strategic procurement of water entitlements to meet the Bridging the Gap target under the Murray–Darling Basin Plan was largely effective. While the department conducted an effective procurement process and demonstrated how it assessed value for money in accordance with its value for money framework, it was not able to meet the intended policy objective of fully bridging the gap through the procurement process. The current evaluation framework requires revision to enable an accurate measurement of the program’s impact on intended policy objectives, including in the context of broader evaluation activities planned for the Basin Plan. Further improvements are being made for subsequent tender processes to incorporate lessons learned, increase efficiency, and ensure better management of probity risks.

14. The department has established largely appropriate arrangements to support strategic water procurement. There are appropriate procurement frameworks in place, including a Strategic Water Purchasing Framework developed specifically for the water purchasing program outlining the scope of the program and the investment principles that would underpin water purchasing. The department has established appropriate oversight mechanisms to oversee the program and is managing program and procurement risks. An evaluation framework to monitor, report on and evaluate the strategic water purchasing program has been established. The evaluation framework does not enable an accurate measurement of the program’s impact on intended policy objectives, and requires revision to ensure that outcomes are appropriately defined, including in the context of other evaluation activities planned for the Basin Plan.

15. The department established a value for money framework for the procurement, specifying the key factors that would inform its purchasing decisions. The department documented and demonstrated how it assessed value for money in each of the six SDL resource units in accordance with its value for money framework. The procurement was compliant with the Commonwealth Procurement Rules (CPRs), except in relation to minor errors in reporting contracts on AusTender. Negotiations were undertaken to maximise value for money outcomes, and revised value for money assessments were undertaken where negotiated prices differed from the delegate’s original approved figure. Relevant information and clear recommendations were provided to the delegate to enable them to make an informed procurement decision. The department provided sound advice to the minister on options to bridge the gap in the ACT and in SDL resource units with remaining gaps to bridge.

Supporting findings

Arrangements to support procurement

16. The department has established a procurement framework that aligns with the PGPA Act and the CPRs. This framework includes Accountable Authority Instructions providing guidance on the duties of officials when conducting a procurement, and departmental policies and guidance on key aspects of procurement. The department developed a Strategic Water Purchasing Framework specific to the water purchasing program, outlining the scope of the program and the investment principles that would underpin water purchasing. (See paragraphs 2.3 to 2.14)

17. The department has established appropriate oversight mechanisms for the water purchasing program, with clearly documented roles and responsibilities. The department is managing risks to the program and there is an appropriate level of oversight over program and procurement risks. (See paragraphs 2.15 to 2.52)

18. The department has established an evaluation framework to monitor, report on and evaluate the strategic water purchasing program. The evaluation framework is focussed on short- and medium-term program outputs and does not enable an accurate measurement of the program’s impact on intended policy objectives or link the program to evaluation activities planned for the Basin Plan. Monitoring and reporting arrangements have been established, and process improvements are being made following a lessons learned review of the 2023 Bridging the Gap procurement process. (See paragraphs 2.53 to 2.85)

Procurement process and value for money

19. The procurement process was compliant with the Commonwealth Procurement Rules (CPRs), except in relation to minor errors in reporting contracts on AusTender. The department complied with the requirements relating to procurement planning and approach to market, and the tender evaluation process was conducted in accordance with the tender evaluation plan. Management of conflicts of interest was impacted by deficiencies in the declaration process. Manual tender screening and assessment processes resulted in some process inefficiencies and errors that were later discovered and corrected. (See paragraphs 3.3 to 3.46)

20. The department established a value for money framework for the strategic water purchasing program, specifying the relevant financial and non-financial factors it would consider in assessing value for money. The Tender Evaluation Panel’s value for money assessments were conducted in accordance with the approved value for money framework, and its discussions and recommendations were clearly documented in the tender evaluation reports and briefs to the delegate. Of 57 tenders approved for negotiation, the department negotiated reduced prices for 33 tenders. Revised value for money assessments were undertaken where negotiated prices differed from the delegate’s original approved figure. All tenders that were accepted or counteroffered were those recommended to the delegate as representing value for money. (See paragraphs 3.47 to 3.82)

21. The advice provided to the delegate contained relevant information to enable them to make an informed procurement decision. The department provided sound advice to the minister on options to bridge the gap in the ACT, including on whether the ACT’s proposal would contribute to bridging the gap and achieve value for money, and on strategies to bridge the remaining gap following the conclusion of 2023 Bridging the Gap procurement process. (See paragraphs 3.83 to 3.107)

Recommendations

Recommendation no. 1

Paragraph 2.71

The Department of Climate Change, Energy, the Environment and Water:

  1. review and update the evaluation framework for the strategic water purchasing program to ensure the chosen evaluation approach remains appropriate for the program; and
  2. if relevant, revise the outcomes in the evaluation framework to enable an accurate measurement of the impact of the strategic water purchasing program on intended policy objectives.

Department of Climate Change, Energy, the Environment and Water response: Agreed.

Recommendation no. 2

Paragraph 3.28

The Department of Climate Change, Energy, the Environment and Water update its procurement-related policies and guidance to provide clarity on establishing appropriate probity requirements, including on:

  1. determining who is required to complete probity forms and declarations;
  2. maintaining a complete and accurate record of individuals who have completed the relevant forms; and
  3. clearly documenting any conflicts that were declared and how they are being managed, to ensure the delegate has clear oversight of probity risks.

Department of Climate Change, Energy, the Environment and Water response: Agreed.

Summary of entity response

22. The proposed audit report was provided to the department. The department’s summary response to the audit is provided below and its full response is at Appendix 1.

The Department of Climate Change, Energy, the Environment and Water (the department) welcomes the ANAO’s audit report on the Strategic Water Purchasing – Bridging the Gap 2023 procurement. The department appreciates ANAO’s recognition that administration of the Strategic Water Purchasing program for the 2023 procurement process was largely effective, with appropriate procurement frameworks and oversight mechanisms in place to support an effective procurement process, undertaken in accordance with the value for money framework.

The department agrees with the ANAO’s two recommendations identified in the audit report. Implementation of the recommendations has already commenced. The department is committed to providing meaningful evaluation of the program outcomes and has commenced a review of the evaluation framework. The department has also implemented strengthened arrangements to improve the oversight of conflict-of-interest requirements for its water purchasing programs.

Key messages from this audit for all Australian Government entities

23. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Procurement

Key learning reference
  • Officials planning for a procurement process should first articulate what they are trying to achieve through the procurement, identify challenges and risks that may eventuate such as market conditions and movements, and consider what value for money would look like in this context. This enables value for money considerations to be incorporated into the procurement process from tender design to final delegate decision.
Group title

Performance and impact measurement

Key learning reference
  • Evaluation arrangements should be established prior to the commencement of the program and, where necessary, reviewed and revised as the program is implemented to better align the planned approach with program direction. When developing arrangements for program evaluation, entities should carefully design the outcomes it will be evaluating against to allow for accurate measurement of both the impact of the program and its contribution to broader policy goals.
Type: Financial statement audit
Report number: 22 of 2024-25
Portfolios: Across Entities
Entities: Across Entities
Date tabled:
Audit Summary : show

Executive summary

The Australian National Audit Office (ANAO) publishes an annual audit work program (AAWP) which reflects the audit strategy and deliverables for the forward year. The purpose of the AAWP is to inform the Parliament, the public, and government sector entities of the planned audit coverage for the Australian Government sector by way of financial statements audits, performance audits, performance statements audits and other assurance activities. As set out in the AAWP, the ANAO prepares two reports annually that, drawing on information collected during financial statements audits, provide insights at a point in time of financial statements risks, governance arrangements and internal control frameworks of Commonwealth entities. These reports provide Parliament with an independent examination of the financial accounting and reporting of public sector entities.

These reports explain how entities’ internal control frameworks are critical to executing an efficient and effective audit and underpin an entity’s capacity to transparently discharge its duties and obligations under the Public Governance, Performance and Accountability Act 2013 (PGPA Act). Deficiencies identified during audits that pose either a significant or moderate risk to an entity’s ability to prepare financial statements free from material misstatement are reported.

This report presents the final results of the 2023–24 audits of the Australian Government’s Consolidated Financial Statements (CFS) and 245 Australian Government entities. The Auditor-General Report No. 42 2023–24 Interim Report on Key Financial Controls of Major Entities, focused on the interim results of the audits of 27 of these entities.

Consolidated financial statements

Audit results

1. The CFS presents the whole of government and the General Government Sector financial statements. The 2023–24 CFS were signed by the Minister for Finance on 28 November 2024 and an unmodified auditor’s report was issued on 2 December 2024.

2. There were no significant or moderate audit issues identified in the audit of the CFS in 2023–24 or 2022–23.

Australian Government financial position

3. The Australian Government reported a net operating balance of a surplus of $10.0 billion ($24.9 billion surplus in 2022–23). The Australian Government’s net worth deficiency decreased from $570.3 billion in 2022–23 to $567.5 billion in 2023–24 (see paragraphs 1.8 to 1.26).

Financial audit results and other matters

Quality and timeliness of financial statements preparation

4. The ANAO issued 240 unmodified auditor’s reports as at 9 December 2024. The financial statements were finalised and auditor’s reports issued for 79 per cent (2022–23: 91 per cent) of entities within three months of financial year-end. The decrease in timeliness of auditor’s reports reflects an increase in the number of audit findings and legislative breaches identified by the ANAO, as well as limitations on the available resources within the ANAO in order to undertake additional audit procedures in response to these findings

5. A quality financial statements preparation process will reduce the risk of inaccurate or unreliable reporting. Seventy-one per cent of entities delivered financial statements in line with an agreed timetable (2022–23: 72 per cent). The total number of adjusted and unadjusted audit differences decreased during 2023–24, although 38 per cent of audit differences remained unadjusted. The quantity and value of adjusted and unadjusted audit differences indicate there remains an opportunity for entities to improve quality assurance over financial statements preparation processes (see paragraphs 2.138 to 2.154).

Timeliness of financial reporting

6. Annual reports that are not tabled in a timely manner before budget supplementary estimates hearings decrease the opportunity for the Senate to scrutinise an entity’s performance. Timeliness of tabling of entity annual reports improved. Ninety-three per cent (2022–23: 66 per cent) of entities that are required to table an annual report in Parliament tabled prior to the date that the portfolio’s supplementary budget estimates hearing commenced. Supplementary estimates hearings were held one week later in 2023–24 than in 2022–23. Fifty-seven per cent of entities tabled annual reports one week or more before the hearing (2022–23: 12 per cent). Of the entities required to table an annual report, 4 per cent (2022–23: 6 per cent) had not tabled an annual report as at 9 December 2024 (see paragraphs 2.155 to 2.166).

Official hospitality

7. Eighty-one per cent of entities permit the provision of hospitality and the majority have policies, procedures or guidance in place. Expenditure on the provision of hospitality for the period 2020–21 to 2023–24 was $70.0 million. Official hospitality involves the provision of public resources to persons other than officials of an entity to achieve the entity’s objectives. Entities that provide official hospitality should have policies, and guidance in place which clearly set expectations for officials. There are no mandatory requirements for entities in managing the provision of hospitality, however, the Department of Finance (Finance) does provide some guidance to entities in model accountable authority instructions. Of those entities that permit hospitality 83 per cent have established formal policies, guidelines or processes.

8. Entities with higher levels of exposure to the provision of official hospitality could give further consideration to implementing or enhancing compliance and reporting arrangements. Seventy-four per cent of entities included compliance requirements in their policies, procedures or guidance which support entity’s obtaining assurance over the conduct of official hospitality. Compliance processes included acquittals, formal reporting, attestations from officials and/or periodic internal audits. Thirty-one per cent of entities had established formal reporting on provision of official hospitality within their entities (see paragraphs 2.36 to 2.56).

Artificial intelligence

9. Fifty-six entities used artificial intelligence (AI) in their operations during 2023–24 (2022–23: 27 entities). Most of these entities had adopted AI for research and development activities, IT systems administration and data and reporting.

10. During 2023–24, 64 per cent of entities that used AI had also established internal policies governing the use of AI (2022–23: 44 per cent). Twenty-seven per cent of entities had established internal policies regarding assurance over AI use. An absence of governance frameworks for managing the use of emerging technologies could increase the risk of unintended consequences. In September 2024, the Digital Transformation Agency (DTA) released the Policy for the responsible use of AI in government, which establishes requirements for accountability and transparency on the use of AI within entities (see paragraphs 2.67 to 2.71).

Cloud computing

11. Assurance over effectiveness of cloud computing arrangements (CCA) could be improved. During 2023–24, 89 per cent of entities used CCAs as part of the delivery model for the IT environment, primarily software-as-a-service (SaaS) arrangements. A Service Organisation Controls (SOC) certificate provides assurance over the implementation, design and operating effectiveness of controls included in contracts, including security, privacy, process integrity and availability. Eighty-two per cent of entities did not have in place a formal policy or procedure which would require the formal review and consideration of a SOC certificate.

12. In the absence of a formal process for obtaining and reviewing SOC certificates, there is a risk that deficiencies in controls at a service provider are not identified, mitigated or addressed in a timely manner (see paragraphs 2.57 to 2.66).

Audit committee member rotation

13. Audit committee member rotation considerations could be enhanced. The rotation of audit committee membership is not mandated, though guidance to the sector indicates that rotation of members allows for a flow of new skills and talent through committees, supporting objectivity. Forty-six per cent of entities did not have a policy requirement for audit committee member rotation.

14. Entities could enhance the effectiveness of their audit committees by adopting a formal process for rotation of audit committee membership, which balances the need for continuity and objectivity of membership (see paragraphs 2.16 to 2.21).

Fraud framework requirements

15. The Commonwealth Fraud Control Framework 2017 encourages entities to conduct fraud risk assessments at least every two years and entities responsible for activities with a high fraud risk may assess risk more frequently. All entities had in place a fraud control plan. Ninety-seven per cent of entities had conducted a fraud risk assessment within the last two years. Changes to the framework which occurred on 1 July 2024 requires entities to expand plans to take account of preventing, detecting and dealing with corruption, as well as periodically examining the effectiveness of internal controls (see paragraphs 2.16 to 2.21).

Summary of audit findings

16. Internal controls largely supported the preparation of financial statements free from material misstatement. However, the number of audit findings identified by the ANAO has increased from 2023–24. A total of 214 audit findings and legislative breaches were reported to entities as a result of the 2023–24 financial statements audits. These comprised six significant, 46 moderate, 147 minor audit findings and 15 legislative breaches. The highest number of findings are in the categories of:

  • IT control environment, including security, change management and user access;
  • compliance and quality assurance frameworks, including legal conformance; and
  • accounting and control of non-financial assets.

17. IT controls remain a key issue. Forty-three per cent of all audit findings identified by the ANAO related to the IT control environment, particularly IT security. Weaknesses in controls in this area can expose entities to an increased risk of unauthorised access to systems and data, or data leakage. The number of IT findings identified by the ANAO indicate that there remains room for improvement across the sector to enhance governance processes supporting the design, implementation and operating effectiveness of controls.

18. These audits findings included four significant legislative breaches, one of which was first identified since 2012–13. The majority (53 per cent) of other legislative breaches relate to incorrect payments of remuneration to key management personnel and/or non-compliance with determinations made by the Remuneration Tribunal. Entities could take further steps to enhance governance supporting remuneration to prevent non-compliance or incorrect payments from occurring (see paragraphs 2.72 to 2.137).

Financial sustainability

19. An assessment of an entity’s financial sustainability can provide an indication of financial management issues or signal a risk that the entity will require additional or refocused funding. The ANAO’s analysis concluded that the financial sustainability of the majority of entities was not at risk (see paragraphs 2.167 to 2.196).

Reporting and auditing frameworks

Changes to the Australian public sector reporting framework

20. The development of a climate-related reporting framework and assurance regime in Australia continues to progress. ANAO consultation with Finance to establish an assurance and verification regime for the Commonwealth Climate Disclosure (CCD) reform is ongoing (see paragraphs 3.20 to 3.24).

21. Emerging technologies (including AI) present opportunities for innovation and efficiency in operations by entities. However, rapid developments and associated risks highlight the need for Accountable Authorities to implement effective governance arrangements when adopting these technologies. The ANAO is incorporating consideration of risks relating to the use of emerging technologies, including AI, into audit planning processes to provide Parliament with assurance regarding the use of AI by the Australian Government (see paragraphs 3.25 to 3.33).

22. The ANAO Audit Quality Report 2023–24 was published on 1 November 2024. The report demonstrates the evaluation of the design, implementation and operating effectiveness of the ANAO’s Quality Management Framework and achievement of ANAO quality objectives (see paragraphs 3.34 to 3.39).

23. The ANAO Integrity Report 2023–24 and the ANAO Integrity Framework 202425 were also published on 1 November 2024 to provide transparency of the measures undertaken to maintain a high integrity culture within the ANAO (see paragraphs 3.44 to 3.46).

Cost of this report

24. The cost to the ANAO of producing this report is approximately $445,000.

Type: Performance audit
Report number: 21 of 2024-25
Portfolios: Climate Change, Energy, the Environment and Water
Entities: Bureau of Meteorology
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. The Bureau of Meteorology (the Bureau) is responsible for providing weather, water, climate, and ocean services for Australia. The Bureau’s weather forecasts, warnings, and analyses support decision-making by governments, industry, and the community. Australian sectors that are supported by timely and accurate weather services include emergency management, agriculture, aviation, land and marine transport, energy and resources operations, climate policy, water management, defence and foreign affairs.1

2. The Bureau is established by the Meteorology Act 1955 (Meteorology Act). Since 2002, it is an Executive Agency under the Public Service Act 1999. The Director of Meteorology has the powers and responsibilities of an accountable authority under the Public Governance, Performance and Accountability Act 2013. The Bureau’s accountable authority reports to the minister or ministers responsible for administering the Meteorology Act and the Water Act 2007 (Water Act). Since June 2022, the Director of Meteorology has reported to the Minister for the Environment and Water.

3. The Meteorology Act and the Water Act define the Bureau’s functions and the powers of the Director of Meteorology. Broadly, these are to:

  • take and record meteorological observations and supply information such as forecasts, warnings, and advice on meteorological matters2; and
  • collect, hold, manage, interpret, and disseminate Australia’s water information.3

Rationale for undertaking the audit

4. The Bureau manages more than $1.3 billion in non-financial assets. The Bureau estimates that observing network assets including observing network instruments and other items and systems that support the instruments’ proper functioning make up approximately 28 per cent of the Bureau’s total asset base.

5. Effective management of assets in the observing network is fundamental to the Bureau’s ability to provide services to the community. Meteorological instruments are highly specialised, geographically dispersed, and can require significant levels of investment to purchase, maintain, and repair to effectively support weather and climate forecasting, warnings, and research.

6. The audit was conducted to provide assurance to the Parliament over the Bureau’s management of assets in its observing network.

Audit objective and criteria

7. The objective of the audit was to assess whether the Bureau of Meteorology is effectively managing assets in its observing network.

8. To form a conclusion against the objective, the following high-level criteria were applied.

  • Does the Bureau of Meteorology have effective frameworks and systems governing assets in its observing network?
  • Does the Bureau of Meteorology have appropriate arrangements to manage the lifecycle of assets in its observing network?
  • Does the Bureau of Meteorology effectively monitor, measure, and report on its management of assets in its observing network?

9. This audit focused on the Bureau’s assets in its observing network including operational maintenance practices and records, and relevant plans, policies, and frameworks for managing assets that take observations. The ANAO reviewed the Bureau’s activities from 2018 to October 2024.

10. This audit did not assess:

  • the accuracy or security of the measurements taken by the Bureau’s observing network meteorological instruments;
  • the quality or accuracy of the Bureau’s forecasting in the delivery of general and extreme weather services, including the ‘downstream’ processing of data and the models used to develop and inform forecasting;
  • the quality or accuracy of the Bureau’s maintenance of the climate record;
  • supporting infrastructure systems and items, such as air-conditioners, fencing, and small buildings;
  • the procurement of observing network assets where the procurement represented expenditure other than operational maintenance; or
  • the Bureau’s provision of services to the Department of Defence and related stakeholders for civil defence exercises and operations.

Conclusion

11. The Bureau is partly effective in managing assets in its observing network. The Bureau has been implementing an asset management framework and supporting elements since 2020 however the asset management framework is not fully implemented. While the Bureau has continued to deliver weather services, key areas for further improvement include reviewing asset management planning documents, establishing medium to long term financial planning arrangements to support long term strategic planning, and establishing and embedding more extensive monitoring and reporting arrangements.

12. The frameworks and systems governing the Bureau’s management of assets in its observing network are partly effective. Not all policies and plans have been completed, reviewed, and embedded as planned. The Bureau has not reviewed or updated the Strategic Asset Management Plan to reflect its current practices and does not have a financial forecast for asset intensive areas to enable long term strategic planning. Roles and responsibilities are clearly identified. The Bureau’s Enterprise Asset Management System is in place and largely being used as planned. Development of asset management processes and training pathways is not complete.

13. The Bureau’s arrangements to manage the lifecycle of assets in its observing network are partly appropriate. The Bureau’s asset management plans include lifecycle management activities and related cost estimates. The Bureau’s budget planning process for 2024–25 did not incorporate the predicted costs presented in the asset management plans. All types of maintenance are recorded in the Bureau’s Enterprise Asset Management System and triaged based on priority. The Bureau’s asset management plans include outcomes to report against, however target and actual performance levels are not complete. The Bureau’s guidance surrounding disposals is not complete. The Bureau’s Fixed Asset Register and Enterprise Asset Management System each record assets and disposals differently and the Bureau does not have guidance to ensure records are aligned.

14. The Bureau’s monitoring, measuring, and reporting on assets in its observing network is partly effective. Information on observing network asset data availability is being recorded in Bureau systems and reported to established governance bodies. The Bureau is not reporting against the achievement of sustainability funding commitments. Three of the Bureau’s newly developed observing network performance measures report whether risks have eventuated and two report whether risk controls are being implemented. Since November 2020, the Bureau has been reporting against out-of-tolerance risks relating to ‘unviable’ asset capabilities. Monitoring and reporting is not being undertaken to regularly review asset management maturity, as proposed in the Strategic Asset Management Plan.

Supporting findings

Governance and planning

15. The Bureau has developed an Enterprise Asset Management Policy and a Strategic Asset Management Plan. The Bureau has not reviewed or updated the Strategic Asset Management Plan in the required timeframes. The Enterprise Asset Financial Overview has not been implemented, and the Bureau does not have a financial forecast for ongoing and capital funding requirements for asset intensive areas to enable long term strategic planning. (See paragraphs 2.3 to 2.30)

16. The Bureau has established governance bodies that support asset management. The Bureau has established asset management roles identified as needed in the Strategic Asset Management Plan. Responsibility and accountability for asset lifecycle management is defined. Maintenance and operations responsibilities of each observing network sub-network are documented in asset management plans. (See paragraphs 2.31 to 2.45)

17. The Bureau’s procedures and systems to support the management of assets are incomplete. The Bureau’s Enterprise Asset Management System is in place and largely being used as originally planned. The Bureau does not have a plan to develop all asset management processes identified as necessary in 2022. Development is not complete for training and competency frameworks for three sub-networks and two asset classes. (See paragraphs 2.46 to 2.84)

Asset lifecycle

18. The Bureau’s asset management plans include a section on lifecycle strategies, which describes the types of activities to be undertaken within each sub-network across the lifecycle, and a five- or ten-year investment profile that includes cost estimates and key activities. The Bureau’s budget planning process for 2024–25 did not incorporate the predicted costs presented in the asset management plans. Planning for renewal and disposal is not complete for all asset management plans. (See paragraphs 3.3 to 3.37)

19. All types of maintenance are structured through work orders in the Bureau’s Enterprise Asset Management System. Maintenance tasks are assigned priorities and triaged in accordance with these. For each sub-network, between 52 per cent and 79 per cent of target preventative maintenance work orders were achieved in 2023–24. The outcomes to measure performance throughout the 11 sub-networks are not complete. (See paragraphs 3.38 to 3.69)

20. The Bureau has established policies and procedural guidance that acknowledge the necessity of disposal. This guidance is not complete as there is no guidance to support operational decision-making about when disposal is appropriate. The Bureau’s Fixed Asset Register and Enterprise Asset Management System each record assets and disposals differently. The Bureau does not have a process or guidance to ensure records are aligned between the two systems. (See paragraphs 3.70 to 3.83)

Monitoring and reporting

21. The Bureau’s performance measurement strategy measures the output of the observing network through information on observing network asset data availability. This supports reporting on the achievement of corporate outcomes identified in the Bureau Strategy 2022–2027 and Data and Digital Group Plan. The Bureau is not reporting against the achievement of sustainability funding commitments. Without a strategy for investment in asset maintenance and monitoring and reporting of the impacts of investment, the Bureau cannot know whether investment is effective. (See paragraphs 4.2 to 4.23)

22. The key performance indicator for observing network assets is data availability which is based on the risk of weather information not being available to stakeholders. Three of the Bureau’s newly developed observing network performance measures report whether risks have eventuated and two provide insight into whether risk controls are available and being implemented. Since November 2020, the Bureau has been reporting against out-of-tolerance risks relating to ‘unviable’ asset capabilities. The addition and completion of treatment plans and controls has not reduced the reported risk level. (See paragraphs 4.24 to 4.58)

23. The Bureau has identified corrective actions to take against assets or the asset management approach when observing network asset performance monitoring targets are not met. Monitoring and reporting is not being undertaken to regularly review asset management maturity, as proposed in the Strategic Asset Management Plan. The Bureau has not addressed the risks identified within internal audit recommendations. (See paragraphs 4.59 to 4.76)

Recommendations

Recommendation no. 1

Paragraph 2.19

The Bureau of Meteorology:

  1. review and update the Enterprise Asset Management Plan and the Strategic Asset Management Plan (SAMP) to reflect the Bureau’s asset management practices and approach; and
  2. measure and report on the progress of the implementation of asset management uplift initiatives outlined in the SAMP and its roadmap.

Bureau of Meteorology response: Agreed.

Recommendation no. 2

Paragraph 2.56

The Bureau of Meteorology develop procedures for asset management lifecycle activities and complete its review of processes.

Bureau of Meteorology response: Agreed.

Recommendation no. 3

Paragraph 2.83

The Bureau of Meteorology finalise training requirements and methods for all maintenance and repair activities across the observing network.

Bureau of Meteorology response: Agreed.

Recommendation no. 4

Paragraph 3.68

The Bureau of Meteorology include management outcomes in asset management planning documentation by:

  1. agreeing on and including all selected targets in relevant documentation;
  2. collecting data on performance;
  3. calculating actual performance levels over time; and
  4. documenting the impact of asset management approaches on desired outcomes.

Bureau of Meteorology response: Agreed.

Summary of entity response

24. The proposed audit report was provided to the Bureau. The Bureau’s summary response is reproduced below. The full response from the Bureau is at Appendix 1. Improvements observed by the ANAO during the course of this audit are listed in Appendix 2.

Thank you for providing the Australian National Audit Office’s report on the Bureau of Meteorology’s Management of Assets in its Observing Network.

The observing network, consisting of almost 15,000 individual assets, distributed across Australia and its territories, is one of the nation’s largest and most complex data gathering endeavours. The meteorological information gathered by the observing assets, 24 hours a day every day of the year, consists of observations of the atmosphere, space weather, terrestrial waterways and oceans.

Together, they form the information base which is vital for the provision of public weather services, the specialist needs of industry and national security, the integrity of the national climate record, and Australia’s contribution to international meteorological data and science.

I recognise the Bureau’s significant reforms and investment in the observing capabilities over the last decade, including improvements to logistics and maintenance practices through automation of manual observations and new observations maintenance hubs, the introduction of consistent asset management and technology competency and training frameworks, and the recent implementation of a new enterprise asset management system.

The Bureau agrees with the ANAO’s recommendations as further contributions to the maturity of its observing network asset management and operations, and commits to relevant actions.

Key messages from this audit for all Australian Government entities

25. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Policy/program design

Key learning reference
  • Frameworks for planning and managing assets should include consideration of all factors which contribute to capability, such as the availability of skilled staff, support systems, and maintenance resourcing for the life of the asset.
  • To appropriately manage physical assets throughout the asset lifecycle, entities should prepare long-term plans that consider whole-of-life costs and strategies, including asset replacement, and that are updated to reflect changes in the operating environment.
Group title

Performance and impact measurement

Key learning reference
  • Strategic physical asset management should include developing, measuring, and monitoring asset performance indicators that are aligned to program objectives.
Type: Major projects report
Report number: 20 of 2024-25
Portfolios: Defence
Entities: Department of Defence
Date tabled:
Audit Summary : show

Due to the complexity of material and the multiple sources of information for the 2023–24 Major Projects Report, we are unable to represent the entire document in HTML. You can download the full report in PDF or view selected sections in HTML below. PDF files for individual Project Data Summary Sheets (PDSS) are also available for download.

Type: Performance audit
Report number: 19 of 2024-25
Portfolios: Health and Aged Care; Services Australia
Entities: Department of Health and Aged Care; Services Australia
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. The Pharmaceutical Benefits Scheme (PBS) is an Australian Government scheme that subsidises the cost of a wide range of medicines for Australian residents and eligible overseas visitors. The PBS is enabled by the National Health Act 1953 (NHA) which regulates the listing, prescribing, pricing, charging and payment of subsidies for the supply of medicines and medicinal preparations as pharmaceutical benefits. The PBS Schedule, made under the National Health (Listing of Pharmaceutical Benefits) Instrument 2024, lists medicines subsidised under the PBS and outlines requirements for the provision of these medicines.

2. The objective of the PBS is to provide Australians with timely, reliable and affordable access to necessary and cost-effective medicines. The Department of Health and Aged Care (Health) is responsible for PBS policy and has a bilateral agreement with Services Australia to deliver PBS-related services and payments.

Rationale for undertaking the audit

3. The PBS is intended to ensure that Australians have timely, reliable and affordable access to medicines. The budgeted expenditure for the PBS for the 2024–25 financial year is $19.5 billion. This performance audit was conducted to provide assurance to Parliament that the PBS is being administered effectively.

Audit objective and criteria

4. The objective of the audit was to assess the effectiveness of the administration of the PBS.

5. To form a conclusion against the audit objective, the following high-level criteria were adopted:

  • Has Health established appropriate governance and oversight arrangements for the PBS?
  • Has Health established appropriate arrangements to manage the cost of the PBS?
  • Have Health and Services Australia established effective arrangements to manage the delivery of PBS services and payments?

Conclusion

6. Health’s and Services Australia’s administration of the PBS is partly effective. While arrangements for managing the cost of the PBS are largely effective, there were deficiencies in arrangements for whole-of-program management and administering the delivery of PBS services and payments.

7. Health’s governance and oversight arrangements for the PBS are partly appropriate. Instruments for delegating statutory powers for administering the PBS have irregularities and anomalies. Health’s PBS Program Management Plan could be improved by including more detail on Health’s management arrangements for the PBS. Health has a largely appropriate bilateral arrangement with Services Australia to oversee its delivery of PBS services and payments. Health’s performance measurement framework for the PBS does not adequately measure and report on program outcomes. Health’s risk management focuses on shared administration risks with Services Australia and has not considered broader strategic risks to the PBS. While mechanisms are in place for stakeholder engagement on the PBS, Health has not conducted an analysis of stakeholder engagement needs or developed an overarching stakeholder engagement plan.

8. Health’s arrangements to manage the cost of the PBS are largely appropriate. Arrangements were in place to assess the cost-effectiveness of individual PBS medicines and manage the cost of listed medicines. Arrangements have been established to manage pharmacy remuneration through successive Community Pharmacy Agreements (CPAs), negotiated with the pharmacy industry, which Health supported through impact analysis for the eighth CPA signed in June 2024. Health has established processes for managing patient out-of-pocket costs and monitoring and forecasting the overall cost of the PBS. Health has not established arrangements to automate patient access to the Safety Net or engaged in horizon scanning analysis to anticipate potential future costs of new and novel medicines.

9. Health and Services Australia’s arrangements to manage the delivery of PBS services and payments are partly effective. Processes and systems for PBS claims processing are not fully effective at ensuring that legislative requirements for PBS claims are met, as Services Australia is not ensuring that PBS suppliers certify claims in accordance with legislative timeframes. While payment integrity is reviewed, it is not subject to performance monitoring or reporting. Payment timeliness is monitored, and targets are regularly met. The results are not included in Services Australia’s Annual Performance Statement. The provision of authority approvals is based on an automated system. There were differences in approval rates between authority applications made online and by phone, and Services Australia’s performance target for reporting on answering authority calls in its Annual Performance Statements does not align with the performance target agreed with Health in bilateral agreements. PBS Safety Net card claims and patient refunds are reliant on manual processes and timeliness performance measures have not been consistently met.

Supporting findings

Governance and oversight

10. Instruments that delegate powers and functions for administering the PBS have irregularities and anomalies. While Health has developed a Program Management Plan for the PBS, it does not adequately cover arrangements for managing PBS costs, stakeholder engagement and whole-of-program performance measurement. Health’s support to independent statutory bodies with responsibilities for the PBS could be improved by developing governance documentation for the Pharmaceutical Benefits Advisory Committee. (See paragraphs 2.3 to 2.24)

11. Health and Services Australia have established a Bilateral Management Arrangement, which includes bilateral agreements and bilateral governance arrangements that relate to the delivery of PBS services and payments.

  • PBS-related program agreements were fit for purpose, with clear objectives and defined roles and responsibilities. All protocols supporting the bilateral arrangement were reviewed and updated between November 2023 and September 2024.
  • While bilateral governance meetings have not occurred at the most senior levels, there has been regular engagement between the two entities at lower levels. Governance committees relevant to the PBS began considering risk, performance reporting, and updates to bilateral agreements in late 2023. (See paragraphs 2.25 to 2.35)

12. Health has one external performance measure for the PBS, which is not outcome focused and does not provide meaningful performance information to the Parliament or the public. Health receives monthly reporting from Services Australia on bilateral performance measures. It has not used this data to oversee Services Australia’s service delivery. Health does not provide any regular performance reporting on the PBS to the minister or its executive committee. (See paragraphs 2.36 to 2.54)

13. Health has not undertaken appropriate risk assessments or developed appropriate risk management plans for the PBS at the divisional or program level. Its risk assessments and plans do not adequately cover key program activities for which Health is responsible. Health’s shared risk management plan with Services Australia covers risks relating to the services and payments Services Australia delivers for the PBS. From late 2023, bilateral governance bodies began discussing operational risks relevant to the PBS. (See paragraphs 2.55 to 2.69)

14. Health’s arrangements for stakeholder engagement for the PBS include the provision of information through websites, invitation of written submissions from stakeholders on specific PBS issues, agreement-making with industry bodies, and hosting regular stakeholder engagement forums. These arrangements have not been informed by a systematic analysis of stakeholder engagement needs or an overarching stakeholder engagement plan or strategy. (See paragraphs 2.70 to 2.83)

Managing the cost of the PBS

15. Arrangements for assessing medicine cost-effectiveness outlined in the Guidelines for preparing submissions to the Pharmaceutical Benefits Advisory Committee have been followed. Health has complied with administrative procedures for listing medicines on the Schedule and agreeing medicine prices with sponsors. Health has negotiated deeds of agreement with medicine sponsors (covering special pricing arrangements and risk-sharing agreements) to minimise the cost of PBS medicines to government. Statutory price reductions are in place to decrease the cost of listed medicines. Medicines are delisted from the Schedule by medicine sponsors with no regular delisting process performed by Health. (See paragraphs 3.3 to 3.53)

16. The Australian Government has negotiated Community Pharmacy Agreements (CPAs) with the pharmacy sector to determine pharmacy remuneration for dispensing PBS medicines since 1990. CPAs offer flexibility to include terms such as the remuneration adjustment mechanism to mitigate unexpected expenditure for the Australian Government. The choice to negotiate a CPA rather than allowing remuneration to be set by an independent tribunal was not supported by adequate impact analysis for the seventh CPA. Health prepared an Impact Analysis for the eighth CPA, signed in June 2024, which supported continuation of pharmacy remuneration setting through a CPA. (See paragraphs 3.54 to 3.74)

17. Health has used monitoring data to model the impact of proposed changes to patient co-payment amounts and Safety Net thresholds on patient out-of-pocket costs. Based on this modelling, Health has provided advice to government on proposals to help patients achieve greater cost-savings through these mechanisms. Health has not established arrangements to automatically determine eligibility for the Safety Net. Health has estimated that 640,000 patients become eligible for the Safety Net each year but do not apply, foregoing $100 million in medicine subsidies. (See paragraphs 3.75 to 3.95)

18. Health has established arrangements for modelling the overall cost of the PBS and the impact of new medicine listings, and it provides advice to the government and Parliament through the annual Budget processes.

  • Health has established a system to model PBS expenditure based on the current legislative requirements, which it uses to model the impact of new and amended medicine listings.
  • Reporting on PBS expenditure is available through an annual report and reporting on Services Australia’s website.
  • Health has not performed horizon scanning analysis to forecast PBS expenditure and identify potential policy changes. (See paragraphs 3.96 to 3.113)

Delivery of services and payments

19. Almost all claims (99.9 per cent) made by PBS suppliers are submitted through Services Australia’s Online Claiming for PBS system, which automatically assesses claims against legislative rules before processing advance payments. Due to an absence of controls to ensure advance payments to PBS suppliers are certified within statutory timeframes, over one-third of approved PBS suppliers have uncertified claims totalling $1.514 billion (as at 30 June 2024). Payment integrity is reviewed but is not subject to performance monitoring or reporting. Payment timeliness is monitored, and targets are regularly reported as met, but it is not included in public reporting. (See paragraphs 4.3 to 4.30)

20. A system to manage authority-required approvals has been established that is consistent with Health and Services Australia’s respective responsibilities under the PBS bilateral agreement. There are differences in approval rates depending on the method used by an applicant to apply for an authority. Reported results for the timeliness of authority approvals against performance measures set out in bilateral arrangements have largely not met targets. Services Australia reports in its Annual Performance Statement on the achievement of a performance measure target of answering authority calls within 15 minutes. This does not align with the target of answering authority calls, on average, in less than 30 seconds. (See paragraphs 4.31 to 4.52)

21. Services Australia has established processes and systems to manage PBS Safety Net and patient refunds. Both systems are reliant on paper-based application forms which are submitted by post and manually processed by Services Australia. The reliance on manual processing means that performance is sensitive to staffing numbers, which has meant timeliness performance measures have not been consistently met. Services Australia’s quality checking process for Safety Net claims does not provide accurate data on the reasons for rejecting Safety Net card applications to inform education or compliance activities. (See paragraphs 4.55 to 4.78)

Recommendations

Recommendation no. 1

Paragraph 2.8

The Department of Health and Aged Care and Services Australia work to review and update relevant delegation instruments to address irregularities and anomalies.

Department of Health and Aged Care response: Agreed.

Services Australia response: Agreed.

Recommendation no. 2

Paragraph 2.46

The Department of Health and Aged Care establish and report against a performance management framework for the Pharmaceutical Benefits Scheme that:

  1. includes an appropriate mix of output, efficiency and effectiveness performance measures for key program activities, including those of third-party delivery partners; and
  2. enables the department’s performance in administering the Pharmaceutical Benefits Scheme purposes to be measured and assessed.

Department of Health and Aged Care response: Agreed.

Recommendation no. 3

Paragraph 2.64

The Department of Health and Aged Care undertake a risk assessment for the Pharmaceutical Benefits Scheme program that covers activities for which the department is responsible.

Department of Health and Aged Care response: Agreed.

Recommendation no. 4

Paragraph 2.82

The Department of Health and Aged Care:

  1. develop a stakeholder plan for the Pharmaceutical Benefits Scheme that identifies all stakeholder groups, consultation objectives and methods of engagement; and
  2. publish a stakeholder strategy that informs stakeholders of Health’s planned approach to engaging with stakeholders on the Pharmaceutical Benefits Scheme, including where written agreements or partnerships may be used.

Department of Health and Aged Care response: Agreed.

Recommendation no. 5

Paragraph 4.19

The Department of Health and Aged Care and Services Australia document and implement a strategy for addressing the backlog of uncertified Pharmaceutical Benefits Scheme claims.

Department of Health and Aged Care response: Agreed.

Services Australia response: Agreed.

Recommendation no. 6

Paragraph 4.29

Services Australia report to the Department of Health and Aged Care on payment accuracy for the Pharmaceutical Benefits Scheme (PBS) in accordance with the PBS Program Agreement, and separately report on the integrity and timeliness of PBS payments in its Annual Performance Statements.

Services Australia response: Agreed.

Recommendation no. 7

Paragraph 4.51

Services Australia align its reporting on the timeliness of issuing authority approvals in its Annual Performance Statement with performance measures and targets agreed in bilateral arrangements.

Services Australia response: Not agreed.

Summary of entity responses

22. The proposed audit report was provided to Health and Services Australia. The entities’ summary responses are provided below, and their full responses are included at Appendix 1. Improvements observed by the ANAO during the course of this audit are listed in Appendix 2.

Department of Health and Aged Care

The Department of Health and Aged Care (the Department) welcomes the findings in the report. The Department notes the overall finding by the ANAO that the Department’s and Services Australia’s administration of the Pharmaceutical Benefits Scheme (PBS) is partly effective. The Department is committed to working towards implementing the recommendations in the report as a priority and is already taking steps to address key findings identified in the audit. The Department has also commenced engagement with its partner agency, Services Australia, to address key recommendations in relation to the delivery of the PBS payment arrangement.

The ANAO found that the department has largely appropriate arrangements to manage the cost of the PBS. The Department welcomes the finding that appropriate arrangements have been established for managing patient out-of-pocket costs for Australians and monitoring the overall cost of the PBS. The Department acknowledges the findings that arrangements have been implemented to assess and manage the cost of listed medicines and to manage pharmacy remuneration through successive Community Pharmacy Agreements, and that the bilateral arrangements with Services Australia to oversee delivery of Pharmaceutical Benefits Scheme services and payments are also largely appropriate.

Services Australia

Services Australia (the Agency) notes the findings of the report that the Agency’s arrangements to manage the delivery of the PBS services and payments are partly effective, having regard to certification of claims, reporting differences at the bilateral level compared to Annual Performance Statements, delegation instruments and PBS Safety Net.

The Agency welcomes the findings of the report and is committed to delivering the payments and services related to the PBS, which subsidises the cost of medicines for Australian residents and eligible overseas visitors. The Agency administers the PBS in accordance with the policy and legislation for which the Department of Health and Aged Care (Health) has responsibility. The Agency continues to work with Health to address the issue of uncertified claims and changes to delegation instruments in addition to expanding the work types to include PBS in its Annual Performance Statements for 2024-25.

The Agency agrees with the finding that the performance targets for answering authority calls is different for bilateral agreement and Annual Performance Statement purposes. Due to the expansive nature of the services it provides, reporting is done on a tiered basis for different purposes. The Agency continues to focus on reducing reliance on the PBS Authorities telephone line and increasing digital PBS authorities.

Key messages from this audit for all Australian Government entities

23. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Administration of long-term programs

Key learning reference
  • Administration of long-term government programs needs to keep pace with changing operational environments and should periodically include a fresh look at emerging risks and opportunities, including where delivery is shared between multiple public sector agencies. Overarching program management plans with clear roles, responsibilities, assessment of risks, governance arrangements, approaches to engaging with stakeholders, and description of funding arrangements can help to deliver business as usual and also provide a frame for strategic review.
  • Stepping back and reviewing program plans, successes, risks and gaps, including using performance information, can help identify opportunities for improvement in the use of public resources and the performance of government policies, programs and services.
Group title

Delegations of authority

Key learning reference
  • Keeping key controls up-to-date is a must. Delegation instruments confer the legal capacity to exercise statutory powers and functions on specified individuals or bodies to support government administration. Entities should establish mechanisms to regularly review delegation instruments to ensure they are complete, accurate and clear.
Type: Performance audit
Report number: 18 of 2024-25
Portfolios: Foreign Affairs and Trade
Entities: Tourism Australia
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. Tourism Australia (TA) was established in 2004 under the Tourism Australia Act 2004 (TA Act). Its corporate plan states that its purpose is to ‘grow demand to enable a competitive and sustainable Australian tourism industry’.1 The accountable authority for TA is the Board of Directors. TA reports having around 220 staff.

2. TA is a corporate Commonwealth entity within the Foreign Affairs and Trade portfolio. It is subject to the Commonwealth Procurement Rules (CPRs) issued by the Minister for Finance under section 105B of the Public Governance, Performance and Accountability Act 2013.

3. According to its audited financial statements, payments to suppliers represented 74 per cent of TA’s total expenses in 2023–24. Of its total budgeted expenses for 2024–25, 73 per cent were attributable to supplier expenses. As at 30 June 2024, TA had reported 55 contracts on AusTender with a start date falling within the last three financial years, valued at $265.6 million (including contract amendments).

Rationale for undertaking the audit

4. Noting that nearly three-quarters of organisational expenses relate to contracting suppliers, this audit provides assurance to the Parliament over the effectiveness of TA’s procurement and contract management activities.

Audit objective and criteria

5. The audit objective was to assess whether TA’s procurement and contract management activities are complying with the CPRs and demonstrating the achievement of value for money.

6. To form a conclusion against the objective, the following high-level criteria were applied:

  • Do the procurement processes demonstrate the achievement of value for money?
  • Are the contracts being managed appropriately to achieve the objectives of the procurement?

Conclusion

7. TA’s procurement and contract management activities are not effective in complying with the CPRs and demonstrating the achievement of value for money.

8. TA’s procurement processes have not demonstrated the achievement of value for money. TA makes insufficient use of open and competitive procurement processes, with 70 per cent of the 33 procurements examined in detail by the ANAO not involving open competition. An appropriate procurement policy framework is not in place and TA’s conduct of procurement activities regularly fails to adhere to requirements under the CPRs such as:

  • including evaluation criteria in request documentation and using those criteria to select the candidate that represents the best value for money;
  • acting ethically including fair treatment of suppliers and through the declaration and management of any conflicts of interest2; and
  • maintaining appropriate records commensurate with the scale, scope and risk of the procurement.

9. TA has not effectively managed contracts to achieve the objectives of the procurement. In relation to the 33 contracts examined in detail by the ANAO:

  • none had a contract management plan, including some high-risk and high-value arrangements;
  • for more than half (55 per cent), TA had not included clear performance requirements in the contract. There were also shortcomings in TA’s monitoring of contractor performance across the sample examined by the ANAO;
  • contract variations are common, with 33 per cent of contracts examined by the ANAO being varied. None of the variations had records created and retained by TA that demonstrated that the variation represented value for money; and
  • invoicing and payments for 64 per cent did not adhere to the contracts and/or requirements under TA’s policies.

10. TA has also not been meeting its AusTender reporting requirements.

Supporting findings

Procurement processes

11. An appropriate procurement policy framework is not in place. The two versions of the Procurement Policy in place for the period covered by this ANAO performance audit do not fully reflect, or address, the principles, prescriptive requirements and mandatory rules set out in the CPRs. (See paragraphs 2.2 to 2.19)

12. Based on TA’s AusTender reporting, the majority (62 per cent) of procurements valued at or above the $400,000 threshold set by the CPRs did not involve open approaches to the market. (See paragraphs 2.23 to 2.39)

13. A competitive procurement approach was evident in the establishment of 55 per cent of the contracts examined by the ANAO. For 36 per cent of the contracts, a non-competitive approach was taken and in nine per cent there were insufficient records maintained to evidence the procurement approach taken by TA. For 10 of the procurements (30 per cent) examined by the ANAO, it was evident from the evaluation records that TA had favoured existing or previous suppliers when evaluating competing offers through panel procurement or when deciding which potential provider(s) should be invited to participate in a limited tender. Favouring existing or previous suppliers in the conduct of procurement processes is inconsistent with the CPRs. (See paragraphs 2.40 to 2.63)

14. Relevant evaluation criteria were included in request documentation for 52 per cent of the contracts examined in detail by the ANAO. For the remaining 48 per cent, either the request documentation did not include any evaluation criteria (12 per cent) or there were no records of the request documentation on file (36 per cent). This situation is not consistent with the CPRs which require evaluation criteria to be included in the request documentation. (See paragraphs 2.67 to 2.69)

15. Just over half of the contracts examined by the ANAO were awarded to the candidate where records demonstrated that it had been assessed by TA to offer the best value for money. For the remaining 48 per cent of contracts where value for money outcomes had not been demonstrated, this was primarily the result of insufficient analysis being presented commensurate with the scale of the procurement, or insufficient documentation being maintained. (See paragraphs 2.72 to 2.83)

16. TA had not conducted procurements to a consistent ethical standard as required under the CPRs. Of note was that:

  • conflict of interest declarations were not completed by all evaluation team members in four per cent of the contracts examined where there was sufficient documentation on file;
  • for eight per cent of the contracts where advisers were appointed to assist with the procurement process, TA’s records did not include a complete list of the individuals involved; and
  • the procurements of external probity advisers were deficient in relation to how those advisers were engaged as well as the limited scope of probity services obtained by TA. (See paragraphs 2.86 to 2.110)

17. TA did not maintain appropriate records commensurate with the scale, scope and risk of the procurement (which is what the CPRs require). Forty-eight per cent of contracts examined by the ANAO were missing one or more important documents. In addition, for those contracts where adequate records were available, more than half of the contracts involved work commencing before a contract was in place. (See paragraphs 2.113 to 2.132)

Contract management

18. TA’s reporting of contracts on AusTender was not compliant with the CPRs. TA accurately reported 19 per cent of the relevant contracts examined in detail by the ANAO within the required timeframe. Key information on contract values and contract start and end dates have been reported inaccurately with contract amendments usually not reported at all. (See paragraphs 3.2 to 3.17)

19. An appropriate contract management framework is not in place. None of the 33 contracts examined by the ANAO had a contract management plan and none had a risk management plan. This included a five-year $311.3 million contract that relates to a key element of TA’s marketing efforts. (See paragraphs 3.18 to 3.32)

20. Less than half (45 per cent) of the contracts examined by the ANAO included clear performance requirements. Methods for monitoring performance were included for 79 per cent of contracts examined, including a number of contracts where performance requirements had not been specified (that is the monitoring arrangements, such as reporting and/or progress meetings, were not against a clear performance requirement). Further, TA has not consistently adhered to the performance framework set out in the contracts and it was common for there to be gaps in the records to evidence the contract management activities undertaken that TA was paying for. (See paragraphs 3.33 to 3.40)

21. For the procurements examined by the ANAO, TA has not consistently managed contracts effectively to deliver against the objectives of the procurements and to achieve value for money.

  • Of the 33 contracts examined by the ANAO, 11 (33 per cent) had records of at least one variation being executed. None of the variations had supporting evidence of records to the delegate documenting the decision-making process and demonstrating that the variation represented value for money. Some variations have significantly increased the value of the contract (by up to 105 per cent) and retrospectively added additional services already delivered and/or paid for. There have also been instances of contracts continuing to operate past their stated completion date without being varied.
  • Invoicing and payments under 21 of the 33 contracts examined by the ANAO did not adhere to the contracts and/or requirements under TA’s policies. This has included instances of full payments being made before final deliverables under the contract are received and payments exceeding the contracted amount. (See paragraphs 3.41 to 3.51)

Recommendations

Recommendation no. 1

Paragraph 2.20

Tourism Australia document a comprehensive procurement policy framework that gives full effect to the principles, prescriptive requirements and mandatory rules set out in the Commonwealth Procurement Rules.

Tourism Australia response: Agreed.

Recommendation no. 2

Paragraph 2.64

Tourism Australia increase the extent to which it employs open, fair, non-discriminatory and competitive procurement processes.

Tourism Australia response: Agreed.

Recommendation no. 3

Paragraph 2.70

Tourism Australia strengthen its procurement controls to ensure that procurement request documentation includes:

  1. the evaluation criteria that will be applied, together with any weightings; and
  2. the way that prices will be considered in assessing the value for money offered by each candidate.

Tourism Australia response: Agreed.

Recommendation no. 4

Paragraph 2.84

Tourism Australia strengthen its procurement practices so that it can demonstrate that contracts are awarded to the candidate that satisfies the conditions for participation, is fully capable of undertaking the contract and will provide the best value for money as assessed against the essential requirements and evaluation criteria specified in the approach to market and request documentation.

Tourism Australia response: Agreed.

Recommendation no. 5

Paragraph 2.111

Tourism Australia engage probity advisers through transparent procurement processes and, where a probity adviser has been appointed, Tourism Australia actively engage and manage the adviser to ensure probity has been maintained during the procurement process.

Tourism Australia response: Agreed.

Recommendation no. 6

Paragraph 2.128

Tourism Australia improve its record keeping processes to ensure that business information and records are accurate, fit for purpose and are appropriately stored within entity systems.

Tourism Australia response: Agreed.

Recommendation no. 7

Paragraph 2.133

Tourism Australia strengthen its procurement controls to better address the risk of work commencing before a contract is in place.

Tourism Australia response: Agreed.

Recommendation no. 8

Paragraph 3.14

Tourism Australia:

  1. place greater emphasis on timely and accurate reporting of its procurement activities; and
  2. implement a monitoring and assurance framework over its compliance with the Commonwealth Procurement Rules including for AusTender reporting.

Tourism Australia response: Agreed.

Recommendation no. 9

Paragraph 3.52

Tourism Australia strengthen its contract management including by:

  1. establishing and maintaining a contract register that contains details of all entity contracts, and implementing a quality assurance process to ensure that the information recorded is complete and accurate, and updated in a timely manner;
  2. documenting risk management and contract management plans for high-risk, high-value contracts;
  3. including clear performance requirements in contracts and applying contracted performance monitoring approaches in the management of contracts; and
  4. introducing effective controls over invoicing and payments under contracts.

Tourism Australia response: Agreed.

Summary of entity response

22. The proposed audit report was provided to TA. The letter of response that was received for inclusion in the audit report is at Appendix 1. TA’s summary response is provided below.

Tourism Australia acknowledges the ANAO’s report and is fully committed to implementing its nine recommendations to improve the agency’s procurement and contract management practices.

Tourism Australia had already begun to make improvements to its procurement and contract management systems ahead of the audit, and the agency is in the process of implementing remedial actions relating to the recommendations. This includes enhancing the agency’s records management framework and processes, implementing a new procurement and contract management system and adding resources to its corporate services teams. Additional training will also be provided to all staff to improve capability to ensure that decisions are compliant, defensible, and clearly demonstrate value for money.

Some of the report’s findings relate to work undertaken during the unprecedented events of the Covid-19 pandemic, when Tourism Australia’s primary focus was on the emergency response to support an industry in crisis. Nevertheless, Tourism Australia accepts the recommendations for improvement to ensure that it can better demonstrate that the agency’s procurement and contract management activities comply with Commonwealth Procurement Rules and achieve value for money.

Key messages from this audit for all Australian Government entities

23. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Competitive processes

Key learning reference
  • Achieving value for money is the core rule of the Commonwealth Procurement Rules. Generally, the more competitive the procurement process, the better placed an entity is to demonstrate that it has achieved value for money. Competition also enables an entity to obtain a better view of the market, can provide the opportunity for candidates to put forward innovative solutions and the competitive tension can encourage respondents to offer better prices, improved terms and/or higher quality proposals.
Group title

Procurement

Key learning reference
  • Poorly conducted procurement processes by Australian Government entities, including those conducted without open and effective competition, can pose reputational risks to providers as well as the Australian Government.
  • When engaging an external probity adviser, it is important that entities conduct the procurement process in an ethical and transparent manner. It is also important that entities do not engage the same probity adviser on an ongoing basis to not threaten the adviser’s independence and objectivity.
  • Sufficient and appropriate records must be maintained at all stages of a procurement. Not maintaining adequate records impacts the entity’s ability to demonstrate that its conduct of a procurement has met the requirements under the Commonwealth Procurement Rules. Record keeping is the responsibility of every public servant and is required by law.
Group title

Contract management

Key learning reference
  • It is important that the most up-to-date version of the contract incorporating any variations and records of relevant decisions, including approvals and authorisations, is formally evidenced in writing and appropriately stored. This provides the basis for making payments and the ongoing management of the contract.
Type: Performance audit
Report number: 17 of 2024-25
Portfolios: Prime Minister and Cabinet
Entities: Aboriginal Hostels Limited; Aboriginal Investment NT; Outback Stores Pty Ltd
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. The National Anti-Corruption Commission’s (NACC’s) 2022/2023 Integrity Outlook states:

Conflicts of interest are also a prevalent source of corruption issues. Many types of corrupt conduct – such as breaches of public trust, abuse of office and misuse of information – originate from conflicts of interest. Such conflicts therefore pose a substantial risk for government agencies, parliamentarians, and public officials. This is why identifying, disclosing and managing potential conflicts of interest is a critical pillar of integrity architectures.1

2. The Public Governance, Performance and Accountability Act 2013 (PGPA Act) requires an official of a corporate Commonwealth entity (CCE) to:

  • not improperly use their position or information obtained through their position to gain or seek to gain a benefit or advantage for themselves or others, or to cause detriment to the entity, Commonwealth or others2; and
  • disclose the details of any material personal interests that relate to the affairs of the entity.3

3. The Public Governance, Performance and Accountability Rule 2014 (PGPA Rule) provides further guidance for CCE officials, including that material personal interests must be disclosed as soon as practicable after becoming aware of them or when there are changes in the interests. The disclosure must include details of the nature and extent of the interest and how the interest relates to the affairs of the entity.4

4. The Corporations Act 2001 (Corporations Act) sets out comparable requirements for Commonwealth companies, including a ‘Director’s duty to notify other directors of [a] material personal interest when [a] conflict arises’, including outlining details of the nature and extent of the interest and how it relates to the affairs of the company. The notice must be given at a directors’ meeting as soon as practicable after the director becomes aware of their interest in the matter and details must be recorded in the minutes of the meeting.5

Rationale for undertaking the audit

5. Public confidence in Commonwealth entities and Commonwealth companies can be damaged when conflicts of interest are not appropriately identified and managed. The public is entitled to have confidence in the integrity of public officials, and to know that officials’ personal interests do not conflict with their public duties.

6. Specialist skills and expertise may be required to provide a suitable composition for Commonwealth boards. The board members that are appointed to boards in respect of their specialist skills or expertise can have inherent interests that exist as a consequence of their specialist experience. For example, they may be involved in industry associations or have duties to other organisations. These interests can conflict with their duties as a board member.

7. The NACC and the Australian Public Service Commission (APSC) have highlighted functions commonly undertaken by Australian Government entities that have a heightened risk of conflicts of interest, including procurement, recruitment and grant activities.6

8. This audit was conducted to provide assurance to the Parliament that the selected entities are ensuring the integrity of their functions by appropriately managing conflicts of interest.

9. The selected entities represent a cross section of Indigenous portfolio agencies in the Prime Minister and Cabinet portfolio, each with a board as its accountable authority under the PGPA Act:

  • Aboriginal Hostels Limited (AHL) is a Commonwealth company which employs staff under the Public Service Act 1999;
  • Aboriginal Investment NT (known prior to August 2024 as the Northern Territory Aboriginal Investment Corporation) is a CCE; and
  • Outback Stores Pty Ltd (Outback Stores) is a Commonwealth company.

Audit objective and criteria

10. The objective of the audit was to assess the effectiveness of the management of conflicts of interest by AHL, Aboriginal Investment NT and Outback Stores.

11. To form a conclusion against the objective, the ANAO adopted the following two high-level audit criteria:

  • Have the entities developed appropriate arrangements to manage conflicts of interest?
  • Are the entities effectively managing conflicts of interest consistent with their own policies?

12. The audit examined the entities’ management of conflicts of interest over the period 1 July 2021 to 30 June 2024, including in the areas of board governance, recruitment, procurement, annual Senior Executive Service declarations (AHL) and grant management (Aboriginal Investment NT).

Conclusion

13. AHL, Aboriginal Investment NT and Outback Stores were partly effective in the management of conflicts of interest. While there were frameworks in place to manage conflicts of interest, there were shortcomings with the implementation of those frameworks. There were deficiencies with the documentation of board consideration of conflicts and documentation of conflicts of interest declarations and management actions for procurement, recruitment and grant activity.

14. AHL, Aboriginal Investment NT and Outback Stores have developed largely appropriate arrangements to manage conflict of interest consistent with legislative requirements of corporate Commonwealth entities (Aboriginal Investment NT) and Commonwealth companies (AHL and Outback Stores). Each entity has assessed conflict of interest risks, developed a conflict of interest policy and implemented arrangements to support the declaration of interests by board members. AHL and Aboriginal Investment NT require activity specific conflict of interest declarations for staff involved in procurement and recruitment. Aboriginal Investment NT and Outback Stores implemented conflict of interest training for their boards and employees in 2024. AHL requires employees to undertake integrity training but has not implemented training for board members. All entities have implemented some form of assurance arrangement. AHL did not address alleged conflict of interest matters that were identified in three complaints, and Outback Stores did not have a complaints system or undertake controls assessment.

15. The entities were partly effective in implementing arrangements for managing conflicts of interest. Board assessments of declarations of interest were not sufficient to record whether the board had determined declarations to be material personal interests. Aboriginal Investment NT’s board did not include declarations of interests in three out of session meetings and a workshop and did not always record the nature and extent of declared conflicts. There were instances of Aboriginal Investment NT Grants Committee members with declared conflicts of interest recommending grant applications for board approval. AHL did not adequately document conflict of interest management for recruitment as required by its policy. Aboriginal Investment NT did not adequately document conflict of interest management for procurement as required by its policy. The Outback Stores board recorded board members’ interests as conflicts of interest without documenting its assessment of the interests. AHL did not monitor training completion rates.

Supporting findings

Arrangements to manage conflicts of interest

16. All entities assessed conflict of interest risks within their enterprise risk management frameworks. Aboriginal Investment NT’s and Outback Stores’ conflict of interest risk assessments occurred between April and June 2024.

  • AHL had a conflict of interest related risk factor and control for recruitment in its enterprise risk register until March 2023. AHL assessed conflict of interest risks relating to ‘leakage’ of hostel accommodation revenue, procurement, and acceptance of gifts and benefits in its fraud risk register. Not all existing controls for conflict of interest were identified in these assessments.
  • From April to June 2024 Aboriginal Investment NT assessed conflict of interest risks relating to procurement, recruitment and grant assessment. These assessments were undertaken after conflict of interest risks had been realised with its first grant round, which ran from May 2023 to February 2024.
  • Outback Stores included an entity-wide conflict of interest risk in its risk register in May 2024 with mitigation strategies including development of a conflict of interest policy, declaration processes, and training and education arrangements. (see paragraphs 2.3 to 2.17)

17. All entities have developed arrangements for declaring, managing and overseeing conflicts of interest, including establishing gifts, benefits and hospitality policies and registers. All entities refreshed conflict of interest-related policies and procedures during 2024.

  • AHL had a conflict of interest policy and specific arrangements for managing conflict of interest for recruitment. AHL’s procurement policy was updated in April 2024 to include a requirement for activity specific conflict of interest declarations.
  • In May 2024 Aboriginal Investment NT implemented a conflict of interest policy and introduced declaration requirements for recruitment. After conflict of interest issues were identified with its first grant round, which ran from May 2023 to February 2024, it updated its policies, guidelines and forms to strengthen declaration and management requirements.
  • Outback Stores implemented a conflict of interest policy in June 2024. Its Board Charter does not fully align with provisions of the Corporations Act relating to declaration of interests. (see paragraphs 2.18 to 2.81)

18. All entities have developed training and education arrangements to promote compliance with conflict of interest requirements. Board members for all entities are provided with induction packs that outline conflict of interest requirements. Aboriginal Investment NT and Outback Stores developed online conflict of interest training for employees and board members in 2024. New and existing AHL employees undertake mandatory APS integrity training. The National Indigenous Australians Agency provides support to Indigenous portfolio agencies in the Prime Minister and Cabinet portfolio. (see paragraphs 2.82 to 2.104)

19. All entities implemented some form of arrangement to obtain assurance over the management of conflicts of interest.

  • AHL undertook internal audits which detected deficiencies in its conflicts of interest arrangements for recruitment and complaints management. AHL has a complaints system, but it did not consider conflict of interest-related aspects of three complaints in accordance with its Conflict of Interest Policy.
  • Aboriginal Investment NT has implemented a complaints system and undertook an internal audit in 2024 which detected deficiencies in its conflicts of interest arrangements for grants assessment.
  • Outback Stores undertook an internal audit in 2024 that assessed compliance with its June 2024 Conflict of Interest Policy. It did not have a complaints system or undertake controls assessment. (see paragraphs 2.105 to 2.127)

Effectiveness of conflict of interest arrangements

20. Each entities’ board had processes for members to declare interests and conflicts of interests. All of the boards were deficient in recording their assessment of board members’ declared interests and whether they were considered to be material personal interests. Deficiencies were also identified with activity-specific processes for declaring and managing conflicts of interest relating to recruitment (all entities), procurement (all entities), SES declarations (AHL), and grant assessment (Aboriginal Investment NT).

  • AHL did not record its assessment of whether a board member’s declared interest as a conflict and no management plan was put in place. AHL complied with the requirement for annual declaration of SES interests, but record keeping was deficient. While conflicts of interest for AHL’s recruitment activities were generally declared consistent with its policy, management of conflicts were not always documented. AHL’s procurement processes were largely consistent with policy requirements.
  • Aboriginal Investment NT had three out of session board meetings and one board workshop where the standard declaration of interests agenda item did not occur. Aboriginal Investment NT did not always document the nature and extent of conflicts of interest declared by board members and grants committee members, and in some instances grants committee members with declared conflicts voted to recommend board approval of grant applications. Aboriginal Investment NT did not follow its procurement policy requirements for activity-specific conflict of interest declarations.
  • Outback Stores recorded board member’s declared interests as ‘conflicts of interest’ without documenting how it related to the affairs of the entity or management plans. It did not have any declared conflicts of interest for procurement and recruitment activity. (see paragraphs 3.3 to 3.50)

21. Aboriginal Investment NT and Outback Stores established monitoring arrangements for their conflict of interest training, which was implemented in 2024, and achieved employee completion rates of over 90 per cent. AHL does not monitor employee completion rates for mandatory integrity training or conflicts of interest components of induction training. (see paragraphs 3.51 to 3.59)

Recommendations

Recommendation no. 1

Paragraph 2.11

Aboriginal Hostels Limited undertake an assessment of drivers behind employee responses to the corrupt behaviour question in the Australian Public Service Employee Census and use this assessment to reassess the entity’s conflict of interest risks.

Aboriginal Hostels Limited response: Agreed.

Recommendation no. 2

Paragraph 2.112

Aboriginal Hostels Limited establish processes to ensure that conflict of interest matters are addressed and documented in complaint management.

Aboriginal Hostels Limited response: Agreed.

Recommendation no. 3

Paragraph 3.17

Aboriginal Hostels Limited establish processes to ensure that employees comply with its recruitment policy requirements to declare, manage and document conflicts of interest.

Aboriginal Hostels Limited response: Agreed.

Recommendation no. 4

Paragraph 3.30

Aboriginal Investment NT establish processes to ensure employees comply with its procurement policy requirements to declare, manage and document conflicts of interest.

Aboriginal Investment NT response: Agreed.

Recommendation no. 5

Paragraph 3.41

Aboriginal Hostels Limited, Aboriginal Investment NT and Outback Stores implement arrangements to record their boards’ assessment of whether a declaration made by a board member is determined to be a material personal interest. Where the interest is determined to be a material personal interest, boards should record the disclosure and consequence in accordance with legislative requirements.

Aboriginal Hostels Limited response: Agreed.

Aboriginal Investment NT response: Agreed.

Outback Stores response: Agreed.

Summary of entity responses

22. The proposed audit report was provided to AHL, Aboriginal Investment NT and Outback Stores. An extract was provided to the National Indigenous Australians Agency (NIAA). The summary responses are reproduced below. The full responses from each entity are at Appendix 1. Improvements observed by the ANAO during the course of this audit are listed in Appendix 2.

Aboriginal Hostels Limited

AHL acknowledges the findings in the report, gratefully accepts its recommendations and will take appropriate action to strengthen areas relating to the implementation of our established frameworks for managing conflicts of interest.

I would like to thank the ANAO audit team for their professional and collaborative approach throughout this process.

Aboriginal Investment NT

We welcome the report and accept its recommendations. As a newly established corporate Commonwealth entity, ensuring trust and confidence in our arrangements through the highest integrity standards is vital. We are committed to ensuring that appropriate control and procedural arrangements are implemented as our organisation continues to grow and mature. We have already undertaken steps to implement the recommendations and have planned for an internal audit to follow up on their implementation. This internal audit has been scheduled in our 2024–25 Strategic Internal Audit Program.

Outback Stores Pty Ltd

Thank you for your correspondence of 28 October 2024 regarding the proposed report under s.19 of the Auditor–General Act 1997 on the management of conflicts of interest.

Outback Stores acknowledges the importance of the audit in providing assurance to the Parliament over the effectiveness of the management of conflicts of interest. Further, the broader public are entitled to have confidence in officials of all Indigenous portfolio bodies in the integrity of these agencies.

Outback Stores accept the key findings, recommendations and opportunities for improvement outlined in the report, with alignment to the sole recommendation complete.

Key messages from this audit for all Australian Government entities

23. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Governance and risk management

Key learning reference
  • As accountable authorities of organisations, boards have a key role to play in setting the tone for dealing with risk and acting with integrity. Identifying and managing conflicts of interests is an area in which the way a board operates can influence the entity it governs. Developing good practice and assuring it can be a positive signal to the entity.
  • Once appropriate frameworks are established, accountable authorities should actively monitor conflict of interest arrangements to ensure that these are being undertaken and remain effective by:
    • regularly assessing conflict of interest risks in the context of entity operations and the Commonwealth Fraud and Corruption Framework;
    • monitoring key metrics including APS Census results, completion of training for conflict of interest and integrity; and completion of SES annual declarations of interest; and
    • undertaking regular communication and assurance activities to ensure conflicts are being declared and managed, and that appropriate records are being maintained.
Group title

Grants and procurement

Key learning reference
  • Where conflict of interest issues arise during a grant assessment, procurement or recruitment activity, it may be appropriate to pause the activity to investigate and address the issues and recommence when the issues have been resolved.
Type: Performance audit
Report number: 16 of 2024-25
Portfolios: Treasury; Climate Change, Energy, the Environment and Water
Entities: Department of the Treasury; Department of Climate Change, Energy, the Environment and Water
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. In September 2022 the Australian Energy Regulator reported that over the course of 2022, the war in Ukraine resulted in price volatility and price hikes for energy on international markets.1 Due to the links between domestic and export markets this affected domestic customers and the wider economy. Simultaneously, domestic factors contributed to wholesale energy price increases.

2. The Department of the Treasury (Treasury) and the Department of Climate Change, Energy, the Environment and Water (DCCEEW) were lead entities in the development of policy options to seek to address energy price increases. On 9 December 2022, the Prime Minister, the Treasurer, and the Minister for Climate Change and Energy announced the Energy Price Relief Plan (the plan) — a package of measures designed to ‘shield Australian families and businesses from the worst impacts of predicted energy price spikes.’

Rationale for undertaking the audit

3. The budget for the package of measures under the Energy Price Relief Plan was estimated between $3 billion and $3.5 billion over five years. The government sought urgent advice on options to seek to address energy price increases.

4. The audit provides assurance to Parliament on whether the Energy Price Relief Plan was effectively designed and the effectiveness of planned frameworks for implementation and evaluation.

Audit objective and criteria

5. The objective of this audit was to assess the effectiveness of the design process for the Energy Price Relief Plan.

6. To form a conclusion against the objective, the following criteria were adopted.

  • Was the development of the plan informed by sound policy advice?
  • Was implementation effectively planned?
  • Are the arrangements to assess the achievement of outcomes of the plan effective?

7. The audit did not assess:

  • the design or implementation of the Capacity Investment Scheme which was also included in the 9 December 2022 announcement;
  • the design of the Australian Domestic Gas Security Mechanism reforms agreed to by government in September 2022; or
  • the implementation of the extension of the energy bill rebates announced in May 2024.

Conclusion

8. The design process for the Energy Price Relief Plan was largely effective. The design process could have been improved with earlier engagement with delivery agencies. The Energy Price Relief Plan would benefit from a plan to assess the achievement of outcomes.

9. The development of the Energy Price Relief Plan was informed by sound policy advice. Roles and responsibilities, relevant guidance and risk management processes were in place to support the development of the Energy Price Relief Plan. Benefits of policy options were assessed and were supported by evidence. During the design process industry stakeholders were consulted on the gas market interventions. Stakeholders within the APS were consulted in the development of policy options, except for: Services Australia; the Department of Infrastructure, Transport, Regional Development, Communications and the Arts (DITRDCA); and the Department of Veterans’ Affairs (DVA). Earlier engagement with APS delivery agencies would have improved the consideration of implementation within the policy advice provided to government. Treasury and DCCEEW did not document risks associated with rapid policy development and risk mitigation strategies. Activities that can assist in reducing risks were undertaken, including seeking expert advice, engaging industry stakeholders, and establishing fit-for-purpose governance and coordination arrangements.

10. Arrangements established to support implementation of the Energy Price Relief Plan were largely effective. Policy advice to government identified risks for all measures. Risks related to the Australian Domestic Gas Security Mechanism reforms were considered when the reforms were initially developed in 2022, however risks specific to bringing forward the commencement of the reforms were not incorporated with other risks included in policy advice. Treasury and DCCEEW monitored risks for three of the five measures — targeted electricity bill rebate, mandatory gas code of conduct, and coal price cap. The department responsible for the implementation of the targeted electricity bill rebate was not identified in policy advice provided to government in December 2022 and was not confirmed by government until August 2023. Treasury had not established a risk assessment and an implementation plan for the targeted electricity bill rebate and the gas price cap. Treasury’s progress reports to government on the targeted electricity bill relief included elements of implementation planning.

11. Arrangements to assess the achievement of outcomes for the Energy Price Relief Plan were largely effective. While activities to assess the achievement of outcomes for individual measures have been planned or undertaken, plans to assess the collective impacts of the five measures under the Energy Price Relief Plan were not established. Monitoring arrangements have been established for four of five measures and implemented — the Australian Domestic Gas Security Mechanism has not been activated. Treasury and DCCEEW have produced reporting on the collective impacts of select measures. DCCEEW has conducted a review of the coal price cap. Planning has commenced for reviews of the targeted electricity bill rebate, mandatory gas code of conduct and Australian Domestic Gas Security Mechanism.

Supporting findings

Development of the plan

12. Roles and responsibilities were defined for the development of policy options. Treasury and DCCEEW have largely relevant guidance on developing policy advice available for staff. The departments did not document risks, and associated mitigation strategies, related to policy development. Activities that may reduce risks were undertaken: Treasury and DCCEEW sought expert advice; the Australian Competition and Consumer Commission (ACCC) engaged with select industry stakeholders; and the Department of the Prime Minister and Cabinet (PM&C) established fit-for-purpose governance and coordination arrangements. (See paragraphs 2.3 to 2.19)

13. During the development of policy advice, APS stakeholders — except for Services Australia, DITRDCA and DVA — were engaged in the design of all measures. Select industry stakeholders were engaged on the gas market interventions prior to policy advice being provided to government. (See paragraphs 2.20 to 2.81)

14. Market modelling and data and advice from relevant government entities was used to support advice to government on policy options. Potential impacts of the proposed policy options included in policy advice were supported by evidence. Treasury and DCCEEW’s impact analysis included an assessment of regulatory burden costs and benefits for three measures — gas price cap, mandatory gas code of conduct and bringing forward the commencement of the Australian Domestic Gas Security Mechanism reforms. While DCCEEW had undertaken a preliminary assessment, an impact analysis was not undertaken for the remaining two measures — targeted electricity bill rebate and coal price cap. (See paragraphs 2.82 to 2.94)

Planning for implementation

15. Advice to government identified risks for four of the five measures. Risks related to the Australian Domestic Gas Security Mechanism reforms were considered as part of an earlier impact assessment process and specific risks related to bringing forward the commencement of the reforms were not highlighted in policy advice. Advice did not document the risk that payments may be made to ineligible recipients under the targeted electricity bill rebate measure. DCCEEW undertook risk assessments for two of the five measures — the mandatory gas code of conduct and the coal price cap. Risks were monitored for three of the four measures led by Treasury and DCCEEW — the targeted electricity bill rebate, mandatory gas code of conduct, and coal price cap. Risk reporting was undertaken by Treasury for the targeted electricity bill rebate and by DCCEEW for the mandatory gas code of conduct. Risks related to the gas price cap and coal price cap measures were not reported. (See paragraphs 3.3 to 3.16)

16. Advice to government included information on implementation of all five measures under the plan. Policy advice on the targeted electricity bill rebate and the coal price cap measures did not identify which department would be responsible for implementation. Implementation plans were established for three measures — mandatory gas code of conduct, coal price cap and bringing forward the commencement of the Australian Domestic Gas Security Mechanism reforms. Implementation planning activities were undertaken for the remaining two measures. For the targeted electricity bill rebate, Treasury had not established an implementation plan. Elements of implementation planning were included within progress reports provided to government. Implementation planning was discussed in governance meetings co-chaired by Treasury and Services Australia. (See paragraphs 3.17 to 3.38)

Monitoring and assessing the achievement of outcomes

17. Subsequent to the announcement of the Energy Price Relief Plan in December 2022, oversight and monitoring frameworks have been established and implemented for four of five measures — the Australian Domestic Gas Security Mechanism has not been activated and therefore monitoring arrangements have not been implemented. Monitoring activities are being undertaken in accordance with the frameworks which have been established. (See paragraphs 4.3 to 4.29)

18. Treasury and DCCEEW outlined the objectives and estimated impacts of the Energy Price Relief Plan. Plans to assess the collective impacts of the five measures under the plan were not established. Entities have developed plans to assess the achievement of outcomes for the individual measures, except for the gas price cap. Treasury and DCCEEW have reported collective impacts of the Energy Price Relief Plan and DCCEEW has conducted a review of the New South Wales coal price cap. Statutory reviews of the mandatory gas code of conduct and the Australian Domestic Gas Security Mechanism reforms are due to be undertaken during 2025. (See paragraphs 4.30 to 4.70)

Recommendations

Recommendation no. 1

Paragraph 3.16

The Department of the Treasury develop risk management guidance for staff where Treasury is the lead agency for a policy, including for managing risks identified in policy advice.

Department of the Treasury response: Agreed.

Summary of entity responses

19. The proposed report was provided to the Department of the Treasury and the Department of Climate Change, Energy, the Environment and Water. Extracts of the proposed report were provided to the ACCC, AER, DVA, Services Australia, DITRDCA, DISR, and PM&C.

20. Treasury, DCCEEW, the AER and DISR provided summary responses and these are below. Full responses from these entities are included at Appendix 1.

Department of the Treasury

Treasury welcomes the report, in particular the reflection that the policy was based on sound advice and that both policy and implementation development were largely effective to achieve the desired policy outcomes. Treasury also welcomes the report’s key messages, especially regarding the need to adapt risk appetite to short timeframes and urgent delivery. This aligns with Treasury’s risk management policy, noting our higher appetite for risk in these circumstances while still balancing potential consequences.

Treasury agrees with the recommendation presented in the report. Treasury accepts the ANAO’s evidence regarding the risk assessments and implementation planning during the development of the Energy Price Relief Plan. Treasury considers the recommendation recognises the ANAO’s findings and Treasury acknowledges it could develop guidance on how the risk management framework should be applied in situations where timeframes are short and delivery is urgent.

Treasury has engaged an external review of the implementation of the first round of the Energy Bill Relief Fund and will leverage findings from this review in drafting further risk management guidance.

Department of Climate Change, Energy, the Environment and Water

The Department of Climate Change, Energy, the Environment and Water (the department) welcomes the ANAO report and the conclusion that the design process for the Energy Price Relief Plan was largely effective, with no recommendations made for the department.

The Government’s Energy Price Relief Plan was a package of measures developed to shield Australian families and businesses from the worst impacts of predicted energy price spikes. This rapid policy development occurred within complex electricity and gas markets and required engagement across multiple agencies and other parties during its development and implementation.

The ANAO’s observations including areas of improvement applicable in the unique setting of rapid policy development are valuable insights that will inform and influence the department’s continual improvement practices in stakeholder engagement and program governance.

Australian Energy Regulator

The AER was provided with extracts from the proposed report.

The AER notes that there are no findings or recommendations relating to the AER.

The AER notes the contents of the report, including the key messages. The key messages reflect the experience and approach of the AER.

Department of Industry, Science and Resources

The Department of Industry, Science, and Resources (the department) acknowledges the Australian National Audit Office’s proposed audit report on the Design of the Energy Price Relief Plan.

The department acknowledges the report’s key findings on policy design, governance and risk management. The department strives to achieve meaningful stakeholder engagement to ensure feedback is accounted for in policy design. In the design and implementation of the Australian Domestic Gas Security Mechanism (ADGSM) reforms, two public consultation processes were conducted – on the design of policy and on the draft guidelines – to inform the development of effective policy that contributes to the delivery of positive outcomes for our stakeholders.

The department is committed to establishing and improving robust governance and risk management practices, and notes these principles are particularly important when designing and implementing policy initiatives in constrained timeframes.

Key messages from this audit for all Australian Government entities

21. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Policy design

Key learning reference
  • Early and meaningful engagement with stakeholders can help ensure the objectives of a program are practical and achievable. The approach to implementation should be reflected in policy design. Delivery agencies should be engaged early during the policy development process.
Group title

Governance and risk management

Key learning reference
  • Short timeframes for development and implementation of policy initiatives may require adopting a risk appetite that differs from one which applies in more normal times. Urgent delivery can reduce the time for consideration of implementation issues and as a result risks to successful implementation may not be identified, mitigated and managed. Taking time to review implementation risks as early as possible in the development of new policy can assist in bringing management of risk into an acceptable tolerance level.
Type: Performance audit
Report number: 15 of 2024-25
Portfolios: Climate Change, Energy, the Environment and Water
Entities: Murray–Darling Basin Authority
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. The Public Service Act 1999 (PS Act) requires that Australian Public Service (APS) employees, agency heads and statutory office holders abide by the APS Code of Conduct.1 The APS Code of Conduct, consistent with duties under the Public Governance, Performance and Accountability Act 2013 (PGPA Act), require officials to declare the receipt of gifts, benefits and hospitality. Collectively, these requirements establish obligations for officials and Commonwealth entities in relation to how they manage the provision and receipt of gifts, benefits and hospitality.

2. Section 27 of the PGPA Act states that an official must not improperly use their position to gain, or seek to gain, a benefit for themselves or another person, or to cause, or seek to cause, detriment to the entity, the Commonwealth, or any other person.2 The National Anti-Corruption Commission Act 2022 also contains provisions against conduct that adversely affects (or could adversely affect) the honest and impartial exercise of any public official’s powers, functions or duties.3

3. The Australian Public Service Commission (APSC) publishes Guidance for Agency Heads – Gifts and Benefits. The principles underpinning this guidance are that:

  • agency heads are meeting public expectations of integrity, accountability, independence, transparency and professionalism in relation to gifts and benefits; and
  • there is consistency in relation to agency heads’ management of gifts and benefits across APS agencies and Commonwealth entities and companies.4

4. The Murray–Darling Basin Authority (MDBA) is a corporate Commonwealth entity established under the Water Act 2007 (the Water Act) and comprises:

  • an eight-member Authority (the Authority) with functions and responsibilities defined under the Water Act and conditions set by the Remuneration Tribunal5; and
  • a statutory agency of staff engaged under the Public Service Act, with an average staffing level of 367 for 2024–25.6

5. The MDBA is responsible for coordinating how water resources are managed in the Murray–Darling Basin.7

Rationale for undertaking the audit

6. Section 27 of the PGPA Act states that an official must not improperly use their position to gain, or seek to gain, a benefit for themselves or another person, or to cause, or seek to cause, detriment to the entity, the Commonwealth, or any other person. Public service entities must meet public expectations of integrity, accountability, independence, transparency, and professionalism. Acceptance of a gift or benefit that relates to an official’s employment can create a real or apparent conflict of interest that should be avoided.8

7. Public confidence in Commonwealth entities and the APS can be damaged when gifts and benefits that create a conflict of interest are accepted or not properly declared. The APSC states in its publication, APS Values and Code of Conduct in practice, that the risk of the appearance of a conflict can damaging to public confidence:

The appearance of a conflict can be just as damaging to public confidence in public administration as a conflict which gives rise to a concern based on objective facts.9

8. This audit was conducted to provide assurance to the Parliament that the MDBA has complied with gifts, benefits and hospitality requirements.

Audit objective and criteria

9. The objective of the audit was to assess whether the MDBA had complied with gifts, benefits and hospitality requirements.

10. To form a conclusion against the objective, the ANAO adopted the following two high-level audit criteria.

  • Did the MDBA have effective arrangements in place to manage gifts, benefits and hospitality?
  • Were the MDBA’s controls and processes for gifts, benefits and hospitality operating effectively in accordance with its policies and procedures?

11. The audit examined the management of gifts, benefits and hospitality within the MDBA over the period 1 July 2021 to 31 March 2024.

Conclusion

12. The MDBA has been partly effective in complying with gifts, benefits and hospitality requirements. While the MDBA has policies and procedures for managing gifts, benefits and hospitality, the implementation of its controls and processes for ensuring compliance with gift, benefit and hospitality requirements have not been effectively operationalised.

13. The MDBA has established largely effective arrangements for managing gifts, benefits and hospitality. The MDBA has not considered conflict of interest risks associated with gifts, benefits and hospitality within its risk management framework. While the MDBA has developed policies and procedures for the acceptance and provision of gifts, benefits and hospitality, there are opportunities to improve the consistency between policies and procedures. Whole of government training on integrity and fraud and corruption is mandatory for MDBA staff. Limited guidance is provided to Authority members. The MDBA maintains an internal register of gifts and benefits accepted by MDBA officials, and has published a register of gifts and benefits received by the Chief Executive.

14. The MDBA’s controls and processes are partly effective in supporting its compliance with gift, benefit and hospitality requirements. Deficiencies were identified with preventative controls relating to reporting on mandatory training completion and the compliance with policy and procedural requirements for the acceptance and provision of gifts, benefits and hospitality. While the MDBA does not have specific detective controls relating to acceptance of gifts, benefits and hospitality, since 2022–23 it has included a question on provision of hospitality in its biannual financial compliance survey. The MDBA has not established processes for managing non-compliance or assurance activities for gifts, benefits and hospitality.

Supporting findings

Arrangements for managing gifts, benefits and hospitality

15. The MDBA has articulated risks and controls related to bribery and corruption in a 2024 fraud and corruption risk assessment. Existing controls related to acceptance or provision of gifts, benefits and hospitality were not referenced in the 2024 assessment. Two integrity-related risks were identified in the MDBA’s November 2021 Enterprise Risk Management Plan. The MDBA developed a revised suite of enterprise risks in August 2023, which no longer includes integrity-related risks. (See paragraphs 2.6 to 2.21)

16. The MDBA has developed policies and procedures for the acceptance of gifts, benefits and hospitality through its Accountable Authority Instructions, Instrument of Delegation, Official Hospitality, Gifts and Benefits Guidelines and Declaration of Interests Policy. There were inconsistencies between these documents in relation to instructions for accepting ‘token gifts, benefits or hospitality’ (valued at $50 or below). In addition, the guidelines do not specify timeframes for obtaining delegate approval and reporting on acceptance of gifts, benefits or hospitality or sanctions associated with failure to comply with the requirements. (See paragraphs 2.22 to 2.37)

17. The MDBA has developed policies and procedures for the provision of gifts, benefits and hospitality through its Accountable Authority Instructions, Instrument of Delegation, Official Hospitality, Gifts and Benefits Guidelines and other policy documents. There were inconsistencies between these documents in relation to the distinction between official hospitality and business catering. (See paragraphs 2.38 to 2.56)

18. The MDBA has a mandatory training package which includes responsibilities and expectations for officials relating to gifts, benefits and hospitality. The relevant modules are whole of government modules on integrity and fraud and corruption. Members of the Authority have not been provided specific guidance on policy and procedural requirements for gifts, benefits and hospitality. ( See paragraphs 2.57 to 2.67)

19. The MDBA has published a register of gifts and benefits received by the Chief Executive. It updated the register in October 2024 to comply with the requirement to annually report gifted airline lounge memberships. In August 2024 the MDBA decided to commence publishing gifts and benefits received by MDBA officials, including Authority members. The MDBA maintains an internal register of gifts, benefits and hospitality accepted by officials from external parties. It expanded the register in August 2024 to cover provision of official hospitality. There were no internal reporting mechanisms in place for the Chief Executive or management committees to have oversight of gifts, benefits and hospitality accepted or provided by MDBA officials. As a result of the inconsistencies in the treatment of official hospitality and business catering events by the MDBA, and the absence of a register, the MDBA has not been well placed to accurately report to Parliament on instances of official hospitality. (See paragraphs 2.68 to 2.80)

Controls and processes for managing gifts, benefits and hospitality

20. The MDBA has implemented preventative controls for the receipt or provision of gifts, benefits and hospitality through its policies and procedures, mandatory staff training, delegations and approval requirements. The MDBA does not provide reporting on the completion of mandatory training to the Chief Executive or relevant governance committees. Requirements set out in policies and procedures prohibiting the acceptance of gifts, benefits and hospitality from contractors were not adhered to. There was inconsistent treatment of business catering and official hospitality events, and instances of non-compliance with controls for official hospitality. (See paragraphs 3.6 to 3.50)

21. The MDBA has not implemented detective controls specifically for the purpose of identifying non-compliance with requirements for the receipt and provision of gifts, benefits and hospitality. The MDBA’s biannual financial compliance survey is a detective control than can support the identification of non-compliance with requirements. Officials responding to the survey identified one instance of non-compliance with business catering or official hospitality guidelines in 2023–24, which was included in summary reporting provided to the Chief Executive. (See paragraphs 3.51 to 3.57)

22. The MDBA has not documented or implemented processes for managing identified instances of non-compliance relating to management of gifts, benefits and hospitality. The ANAO identified instances of non-compliance that had not been identified or reported by the MDBA. (See paragraphs 3.58 to 3.62)

23. The MDBA has not developed an evidence-based assurance framework that considers management of gifts, benefits and hospitality. (See paragraphs 3.63 to 3.68)

Recommendations

Recommendation no. 1

Paragraph 2.19

The Murray–Darling Basin Authority assess the risks associated with provision and acceptance of gifts, benefits and hospitality and identify appropriate controls.

Murray–Darling Basin Authority response: Agreed.

Recommendation no. 2

Paragraph 2.51

The Murray–Darling Basin Authority review and update its policy framework for the acceptance and provision of gifts, benefits and hospitality to ensure:

  1. instructions for accepting and keeping ‘token gifts, benefits and hospitality’ are consistent and appropriate;
  2. instructions for provision of hospitality include clear definitions and distinctions between official hospitality and business catering, and define relevant concepts such as ‘entertainment’ and ‘modest’;
  3. timeframes are specified for obtaining delegate approval and reporting on acceptance and provision of gifts, benefits and hospitality;
  4. consideration of any potential, perceived or actual conflicts created by the acceptance of gifts, benefits or hospitality is documented on declaration forms; and
  5. the framework defines sanctions associated with failure to comply with gifts, benefits and hospitality requirements.

Murray–Darling Basin Authority response: Agreed.

Recommendation no. 3

Paragraph 3.66

The Murray–Darling Basin Authority implement:

  1. regular reporting to the Chief Executive and relevant governance committees on mandatory training completion and acceptance and provision of gifts, benefits and hospitality; and
  2. arrangements to obtain assurance over controls for managing gifts, benefits and hospitality to inform continuous improvement and ensure ongoing effectiveness.

Murray–Darling Basin Authority response: Agreed.

Summary of entity responses

24. The proposed report was provided to the MDBA. Extracts of the proposed report were also provided to Callida Indigenous Consulting, Chartertech, eWater, Hudson, Paxus, Scyne Advisory and Xaana.ai. Summary responses to the report, where provided, are below and the MDBA’s full response is at Appendix 1. Improvements observed by the ANAO during the course of this audit are listed in Appendix 2.

Murray–Darling Basin Authority

The MDBA welcomes the ANAO’s findings and agrees with the three recommendations in the Report. We are pleased that no non-compliance with our legislative obligations (including PGPA Act) were identified.

We are committed to upholding the highest standards of integrity. Currently, we are working to improve consistency in policy requirements and control operating effectiveness over the management of gifts, benefits, and official hospitality.

Our actions in response to the ANAO audit include frequent reporting and increased oversight on our internal gifts, benefits, and hospitality register to identify potential conflicts of interest. We are also embedding processes to ensure compliance with mandatory staff training and internal procedures, and reviewing internal policies for consistent treatment of gifts and benefits.

The MDBA also has progressed significant work in relation to improving its risk management practices over the past 18 months and is currently focused on integrity related risks and appropriate controls, including in relation to gifts, benefits and hospitality.

The MDBA appreciates the ANAO’s approach in conducting the audit, including regular engagement, progress updates, and efforts to understand our agency’s policy and practices.

Chartertech

Chartertech’s Conflict of Interest Policy and Declaration outlines the policy for receiving gifts and benefits. This policy requires declaration of any gifts, benefits or hospitality received valued at over $100, this threshold is applied to the Chartertech Gifting Register, which was referenced in the ANAO response. Chartertech can confirm that there are no records of gifts, benefits or hospitality provided for any MDBA personnel in accordance with this policy.

Key messages from this audit for all Australian Government entities

25. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Governance and risk management

Key learning reference
  • Entities could consider informing their suppliers that integrity and accountability are minimum expectations of all suppliers to the Commonwealth. This includes informing suppliers that it is not appropriate to provide gifts, benefits or hospitality to Australian Government officials. The Commonwealth Supplier Code of Conduct came into effect on 1 July 2024 as part of the Commonwealth Procurement Rules. Entities could use the Code of Conduct to hold suppliers accountable for the way they engage with officials.
Group title

Performance and impact measurement

Key learning reference
  • Monitoring and reporting on integrity-related metrics, such as conflict of interest declarations, gifts and benefits notifications and integrity training completion rates, helps entities to identify and respond to integrity risks.
Type: Performance audit
Report number: 14 of 2024-25
Portfolios: Prime Minister and Cabinet
Entities: Indigenous Business Australia; National Indigenous Australians Agency
Date tabled:
Audit Summary : show

Summary

Background

1. Indigenous Business Australia (IBA) is a corporate Commonwealth entity established under the Aboriginal and Torres Strait Islander Act 2005. IBA’s purpose includes to enhance Aboriginal and Torres Strait Islander self-management and economic self-sufficiency.1 The National Indigenous Australians Agency (NIAA) is a non-corporate Commonwealth entity established as an executive agency in 2019. It is the lead Australian Government agency for Aboriginal and Torres Strait Islander policies and programs. NIAA’s purpose includes advancing a whole-of-government approach to improving the lives of Aboriginal and Torres Strait Islander people.2

2. Parliamentary committee and Auditor-General reports identify risks to the successful delivery of government outcomes and provide recommendations to address them. Where a parliamentary committee has made policy recommendations, the responsible minister is required to prepare and table a government response in the Parliament. The Auditor-General provides independent assurance as to whether the Executive government is operating and accounting for its performance in accordance with the Parliament’s intent. Auditor-General reports, which include audited entities’ responses to recommendations, are tabled in the Parliament. The tabling in the Parliament of an agreed response to parliamentary committee or Auditor-General recommendations is a formal commitment by the government or an entity to implement the recommended actions.

3. Successful implementation of agreed3 recommendations by Australian government entities requires effective governance arrangements to respond to, monitor and implement recommendations, with fit-for-purpose and proportionate implementation planning that sets clear responsibilities and timeframes for delivering the agreed actions.

4. The ANAO undertakes audits of implementation of recommendations made by parliamentary committees and the Auditor-General.4

Rationale for undertaking the audit

5. Parliamentary committee and Auditor-General reports have identified risks to and shortcomings in the successful delivery of outcomes in the Indigenous affairs portfolio. Recommendations have specified actions aimed at addressing those risks and identified opportunities for improving public administration. Implementation of agreed recommendations delivers on a formal commitment to the Parliament and is an important part of realising the full benefit of a parliamentary inquiry or audit. Appropriate and timely implementation of agreed recommendations demonstrates accountability to the Parliament and a commitment to improving public administration.

6. This audit provides assurance to the Parliament about whether recommendations directed to IBA and NIAA are being implemented as agreed.

Audit objective and criteria

7. The audit objective was to examine whether the selected entities have implemented a selection of agreed parliamentary committee and Auditor-General recommendations.

8. To form a conclusion against the objective, the following high-level criteria were adopted.

  • Do IBA and NIAA have fit-for-purpose arrangements to respond to, monitor and implement agreed recommendations?
  • Did IBA and NIAA respond to and implement agreed recommendations effectively?

9. To allow sufficient time for implementation, the ANAO examined implementation of agreed recommendations made between January 2020 and December 2022. The 25 recommendations examined comprised 10 recommendations from three parliamentary committee reports, and 15 recommendations from four Auditor-General reports.

Conclusion

10. As at August 2024, IBA had largely implemented the agreed recommendations examined in this audit, and NIAA had partly implemented the agreed recommendations. Implementation was not supported by robust governance arrangements in either entity, although arrangements matured during the course of the audit.

11. IBA’s arrangements to respond to, implement and monitor agreed parliamentary committee and Auditor-General recommendations are largely fit for purpose. IBA documented practices for managing recommendations in 2024. As at August 2024, these practices were not fully implemented as IBA was not subject to any parliamentary committee recommendations. NIAA’s arrangements to respond to parliamentary committee and Auditor-General recommendations are partly fit for purpose. NIAA documented practices for managing recommendations in 2024. These included new practices for managing parliamentary committee recommendations. As at August 2024, these practices were not fully implemented. The practices have the potential to be fit for purpose.

12. NIAA’s advice to government on how to respond to parliamentary committee recommendations was partly effective. IBA fully implemented three of the four agreed Auditor-General recommendations and largely implemented the remaining one. NIAA fully implemented six of 21 agreed parliamentary committee and Auditor-General recommendations and largely implemented one. Implementation of the remaining 14 NIAA recommendations was either partial (seven) or ongoing as at August 2024 (seven).

Supporting findings

Arrangements for managing agreed recommendations

13. IBA documented practices to respond to, implement, monitor and close agreed parliamentary committee recommendations in April 2024. These practices include implementation planning that covers roles and responsibilities, timeframes and risk. As at August 2024, these practices had not been implemented as IBA had no active parliamentary recommendations. NIAA documented practices to identify and respond to parliamentary committee recommendations in September 2023. NIAA does not monitor compliance with required timeframes for responding to parliamentary committee recommendations, and practices could be improved to promote better timeliness. NIAA documented practices to implement, monitor and close agreed parliamentary committee recommendations in August 2024. This followed commitments made to the Executive Board, Audit and Risk Committee and the Parliament to clarify and improve practices. As at August 2024, NIAA’s practices documented in August 2024 have not been implemented. (See paragraphs 2.4 to 2.39)

14. IBA and NIAA have established practices to respond to, implement, monitor and close agreed Auditor-General recommendations, including reporting to audit and risk committees and providing implementation updates to accountable authorities. IBA’s management practices for Auditor-General recommendations were documented and strengthened to include implementation planning in April 2024. IBA’s practices could be improved to clarify the role of the IBA Board in approving responses to recommendations. NIAA’s practices were documented in August 2024. This included formalising practices for implementation planning established in October 2023, requiring reporting to the Executive Board on implementation and closure, and improving closure practices to support the Audit and Risk Committee to fulfil its assurance function. (See paragraphs 2.40 to 2.63)

Implementation of agreed recommendations

15. IBA was not the subject of parliamentary committee recommendations in the timeframe examined in this audit. NIAA was responsible for coordinating the government response to two parliamentary committee reports examined in this audit. NIAA did not provide draft responses and associated advice in sufficient time to enable government to table responses in the timeframes set by the Parliament. Draft responses prepared by NIAA were consistent with relevant Australian Government guidelines, except that responses to disagreed recommendations did not always clearly state why the recommendation was not accepted. Advice to the Minister for Indigenous Australians (the minister) for recommendations that were accepted did not always include implementation details; risks or sensitivities; or a timeframe. In October 2022, the minister requested more information on outstanding responses to parliamentary committee reports, which was not provided. In April 2024, NIAA recommended to the minister that a ‘standard response’ be made to 39 recommendations in 10 outstanding parliamentary reports dating back to 2010. The response ‘noted’ the recommendations and stated that, given the passage of time, a substantive response was no longer appropriate. This was in line with correspondence from the government, except that NIAA did not advise the minister on whether or why a different response might be warranted. (See paragraphs 3.5 to 3.21)

16. Implementation planning for the examined recommendations was limited in both entities.

  • IBA assigned responsibility and identified implementation actions for all four recommendations. It did not establish timeframes or assign risk ratings.
  • NIAA’s implementation planning for 10 parliamentary committee recommendations was partial or not undertaken. NIAA assigned responsibility for all 11 Auditor-General recommendations examined. Other elements of implementation planning were not consistently undertaken. (See paragraphs 3.22 to 3.26)

17. IBA’s monitoring, assurance and closure of the four recommendations improved over the time period examined by the audit. IBA monitored implementation progress for all Auditor-General recommendations. Reporting on some recommendations to the Audit, Risk and Performance Committee was not timely nor complete until the committee requested evidence of implementation in September 2022. After September 2022, IBA prepared closure reports and effectively closed all recommendations.

18. NIAA did not consistently monitor implementation progress for the parliamentary committee recommendations examined in this audit, or report on progress to an oversight or assurance body. NIAA did not formally close the three (of 10) recommendations it considered implemented. NIAA monitored implementation progress for all 11 Auditor-General recommendations examined in this audit, and reported progress to the Audit and Risk Committee. Reporting on some recommendations was not timely. While closure reports were prepared for all 11 recommendations (which NIAA considered implemented), one closure report had no supporting evidence, senior official approval was inconsistently recorded and evidenced, and 10 closure reports were not shared with the Audit and Risk Committee. The committee noted closure of all 11 recommendations. (See paragraphs 3.27 to 3.42)

19. IBA and NIAA’s implementation of the 25 agreed recommendations examined in this audit, as at August 2024, was as follows.

  • Of four Auditor-General recommendations to IBA, IBA considered all four to have been implemented. The ANAO assessed that three recommendations were fully implemented and one was largely implemented.
  • Of 10 parliamentary committee recommendations relevant to NIAA, NIAA considered two were fully implemented and one was partly implemented. The ANAO assessment agreed with NIAA’s.
  • Of 11 Auditor-General recommendations to NIAA, NIAA considered all 11 to be fully implemented. The ANAO assessed that four recommendations were fully implemented, one was largely implemented, and six were partly implemented.
  • Of the 21 recommendations relevant to NIAA, responses to 11 included commitments that were additional to the recommendation. The ANAO assessed that additional commitments were fully implemented for three; partly implemented for five; and that implementation was still ongoing for three. (See paragraphs 3.43 to 3.54)

Recommendations

20. The Auditor-General did not make any recommendations. Eight opportunities for improvement were identified, relating to:

  • IBA’s practices for responding to parliamentary committee and Auditor-General recommendations;
  • NIAA’s practices for monitoring parliamentary activity, assisting government to responding to parliamentary committee recommendations, and closing Auditor-General recommendations; and
  • the Department of the Prime Minister and Cabinet’s guidance to Australian Government entities on responding to parliamentary committee recommendations.

Summary of entity responses

21. The proposed audit report was provided to IBA and NIAA. An extract of the proposed audit report was provided to the Department of the Prime Minister and Cabinet. Entities’ summary responses are provided below. Entities’ full responses are provided at Appendix 1.

Indigenous Business Australia

Indigenous Business Australia (IBA) wishes to thank the ANAO for their professional and collaborative engagement with IBA throughout this audit.

The performance audit process has been useful for IBA in driving further improvements in internal processes relating to the implementation and management of ANAO and parliamentary committee recommendations and IBA will consider the further opportunities for improvement as part of its continual improvement processes.

National Indigenous Australians Agency

The National Indigenous Australians Agency (NIAA) welcomes the findings of the audit, including that it has established practices to respond to, implement, monitor and close parliamentary committee and Auditor-General recommendations. The NIAA acknowledges the opportunities for improvement identified in the report and has already made significant progress to strengthen processes for managing and implementing parliamentary committee and Auditor-General recommendations.

Department of the Prime Minister and Cabinet

The Department of the Prime Minister and Cabinet (the department) regularly reviews processes to ensure the robust provision of support to parliamentary committees and guidance to entities. This includes providing advice to entities on parliamentary committee reports with substantive recommendations that require responses from the Government. As part of this process, the department ensures entities are aware of the timeframes under Senate resolution 44 for responding to committee reports.

The department’s Tabling Guidelines provide advice on the preparation of government responses, including that all recommendations must be addressed and reasons provided for not accepting a recommendation, and timeframes for responses as set by Parliament.

Key messages from this audit for all Australian Government entities

22. The ANAO undertakes audits of implementation of recommendations made by parliamentary committees and the Auditor-General. In June 2021, the ANAO published Audit Insights: Implementation of Audit Recommendations, which includes observations from these audits for the benefit of all Australian Government entities.

23. Below are further key messages identified in this audit and which may be relevant for the operations of other Australian Government entities.

Group title

Governance and risk management

Key learning reference
  • Supporting government to meet its responsibilities to the Parliament is an important element of public sector integrity.
    • For parliamentary committee recommendations, Australian Government entities can support government by: advising ministers on requirements and better practice for the form and timing of responses to parliamentary committee reports; and monitoring compliance with required timeframes.
    • For parliamentary committee and Auditor-General recommendations, Australian Government entities can support accountability and integrity by: establishing fit-for-purpose and proportionate implementation planning for agreed recommendations; monitoring implementation; and closing recommendations on the basis of robust evidence that the intent of the recommendation has been met.
  • Parliamentary committee and Auditor-General recommendations seek to address risks identified through inquiries and audits. Audit committees are required to provide independent advice and assurance on entities’ systems of risk oversight and management and internal controls. Complete and regular reporting to audit and risk committees, including by providing evidence-based closure packs for completed parliamentary committee and Auditor-General recommendations, gives audit and risk committees visibility over how risks are being managed. This assists audit and risk committees to meet their advice and assurance functions.
Type: Performance audit
Report number: 13 of 2024-25
Portfolios: Infrastructure, Transport, Regional Development, Communications and the Arts; Industry, Science and Resources
Entities: Department of Infrastructure, Transport, Regional Development, Communication and the Arts; Department of Industry, Science and Resources
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. The Growing Regions Program was announced in May 2023 as an open, competitive grants program that provides grants to local government entities and eligible incorporated not-for-profit organisations for capital works projects that aim to deliver community and economic benefits across regional and rural Australia.1 The Australian Government committed $600 million to the program over two rounds with $300 million available in each round.

2. Grants between $500,000 and $15 million were available to eligible applicants to deliver priority community and economic infrastructure projects. The objectives of Round 1 of the program are:

  • constructing or upgrading community infrastructure that fills an identified gap or need for community infrastructure.
  • contributing to achieving a wide range of community socio-economic outcomes; and
  • is strategically aligned with regional priorities.

3. The Department of Infrastructure, Transport, Regional Development, Communications and the Arts (Infrastructure) is responsible for the Growing Regions Program. Infrastructure engaged the Department of Industry, Science and Resources, through the Business Grants Hub, to administer the program.

4. The program used a two-stage application process. Applicants were required to submit an Expression of Interest (EOI) application which would first be assessed by the Business Grants Hub to ensure projects met eligibility, project readiness and program suitability requirements before a multi-party parliamentary panel (the panel) assessed how closely all eligible projects aligned with regional priorities. The panel then recommended to Infrastructure which projects should be invited to submit a full application. EOI applications that were assessed as meeting requirements and approved to proceed were invited to submit a full application in stage two. Infrastructure made the final decision on which applicants would be invited to progress to stage two and submit a full application.

5. Round 1 of the Growing Regions Program opened on 5 July 2023 and received 650 EOI applications seeking a total of $2.7 billion in grant funding, of which 443 applications ($1.81 billion) were found suitable by the panel to progress to stage two.

6. Full applications opened on 27 November 2023 and closed on 15 January 2024. The Business Grants Hub assessed 311 projects for funding worth $1.5 billion. Of these projects, Infrastructure recommended 54 projects for funding up to the value of $300 million. On 16 May 2024 the Minister for Infrastructure, Transport, Regional Development and Local Government announced funding for 40 successful projects to the value of $207 million.2

7. This audit is the second of two reports on the effectiveness of the Growing Regions Program. The first audit, Auditor-General Report No. 31 2023–24 Design of the Growing Regions Program, was presented to the Parliament on 29 May 2024 and examined the effectiveness of Infrastructure’s design and planning for the Round 1 of the Growing Regions Program.

Rationale for undertaking the audit

8. The Growing Regions Program was a new grants program and one of the largest programs administered by Infrastructure. The program also contained a new design feature — a two-stage assessment process with an EOI stage assessed by a multi-party parliamentary panel.

9. Previous ANAO performance audits have identified deficiencies in Infrastructure’s implementation of regional grants programs including program design, providing information to the delegate, and transparency of decision-making.3

10. This audit provides assurance to the Parliament on the implementation and award of funding for Round 1 of the Growing Regions Program and whether Infrastructure implemented lessons learned from previous grants programs.

Audit objective and criteria

11. The objective of the audit was to assess the effectiveness of the implementation and award of funding for Round 1 of the Growing Regions Program.

12. To form a conclusion against the objective, the following high-level audit criteria were applied.

  • Were applications assessed in accordance with the grant opportunity guidelines?
  • Were funding recommendations and decisions made in accordance with the Commonwealth Grants Rules and Guidelines?

Conclusion

13. The implementation and award of funding for Round 1 of the Growing Regions Program was largely effective. Effectiveness was diminished by Infrastructure undertaking an additional assessment process which was not specified in the grant opportunity guidelines.

14. Assessment of applications for the Growing Regions Program was partly in accordance with the grant opportunity guidelines. The Business Grants Hub assessed EOI applications against the grant opportunity guidelines despite eligibility requirements for projects not being clearly defined in the guidelines. After the Business Grants Hub had completed its eligibility assessment, the minister through their office, advised Infrastructure of their preference for all 163 applicants found ineligible to be given the opportunity to correct any administrative errors or omissions with their applications. While the panel scored and ranked applications as required under the grant opportunity guidelines, panel members noted difficulty with the definition of what constituted ‘regional priorities’. Infrastructure did not consider in its development of the panel assessment process, the implications on a project’s average score by having a different number of panel members scoring applications.

15. Full applications were assessed partly in line with the grant opportunity guidelines. In its assessment of full applications, the Business Grants Hub correctly applied the three merit criteria from the grant opportunity guidelines. Infrastructure then completed a further geographical assessment of projects which was not set out in the grant opportunity guidelines. This resulted in Infrastructure removing three projects from the merit list and adding seven. By altering the results of the Business Grants Hub’s merit assessment, Infrastructure recommended projects to the minister which were not assessed as the most meritorious under the grant opportunity guidelines.

16. Infrastructure’s advice to the minister outlined the assessment process and risks relating to the approval of applications for the Growing Regions Program. The advice did not state how value for money was determined following Infrastructure’s additional analysis of the results of the Business Grants Hub’s merit assessment. Based on an initial, high-level assessment from the Australian Government Solicitor, Infrastructure advised that there was no lawful authority for the proposed expenditure under the program and proposed that to address that, funding could be awarded under a Federation Funding Agreement rather than as grants. Funding decisions were appropriately documented by the minister and the minister did not approve any projects that were not recommended by Infrastructure. The announcement of successful projects occurred two months after the original timeframes provided to applicants. As at 16 October 2024, the Growing Regions Program Federation Funding Agreement Schedule had been executed with the Western Australian, South Australian, Queensland, Tasmanian, New South Wales and Victorian governments.

Supporting findings

Assessment of applications

17. The Business Grants Hub assessed EOI applications against the grant opportunity guidelines despite eligibility requirements for projects not being clearly defined in the guidelines. After the Business Grants Hub had completed its eligibility assessment, the minister, through their office, advised Infrastructure of their preference for all 163 ineligible applicants to be given an opportunity to correct any administrative errors or omissions. The Business Grants Hub then completed another eligibility assessment on the 58 applications that had been resubmitted. Conflict of interest declarations were completed by all assessors undertaking the EOI assessment. Panel members received training from the Business Grants Hub and attended probity briefings delivered by an external probity advisor engaged by Infrastructure. (See paragraphs 2.3 to 2.33)

18. The panel scored and ranked applications as required under the grant opportunity guidelines, noting difficulty with the definition of what constituted ‘regional priorities’. Recommendations were made based on average scores and followed the requirements set out in the guidelines. Decisions were documented and probity requirements were followed. All panel members were originally required to score each application except where projects were in their electorate or jurisdiction. To assist in managing the panel’s workload, part-way through the assessment process there was a change in the scoring approach from having panel members score all applications, to a minimum of three scorers per application. Infrastructure did not consider in its design of the assessment process how different numbers of panel members scoring each application would impact on a project’s average score. (See paragraphs 2.34 to 2.66)

19. The Business Grants Hub assessed full applications against the three merit criteria as outlined in the grant opportunity guidelines and awarded each project a final score. The design of the eligibility requirements in the grant opportunity guidelines resulted in projects that potentially did not meet the program’s policy intent progressing through the assessment process. The minister did not fund 14 recommended projects which they identified as not suitable for funding as they would be better suited for funding under a different program. (See paragraphs 2.67 to 2.83)

20. Applications were ranked by the Business Grants Hub based on its assessment against the three criteria set out in the grant opportunity guidelines. The Business Grants Hub reported all highly suitable and suitable projects for funding. Following the Business Grants Hub’s merit assessment, Infrastructure completed further analysis and assessment of projects for geographical spread and socio-economic outcomes. This further assessment was not approved when the program was designed or set out in the grant opportunity guidelines. This resulted in Infrastructure removing three projects from the Business Grants Hub’s full assessment merit list and adding a further seven. (See paragraphs 2.84 to 2.101)

Award of funding

21. An initial high-level assessment by the Australian Government Solicitor obtained by Infrastructure prior to briefing the minister stated that lawful authority for proposed expenditure for the program was not in place. Infrastructure proposed an approach that sought to mitigate this risk. Infrastructure recommended that the minister approve 54 applications up to the limit of the available funding. The recommendation did not state how value for money was determined following an additional analysis of project applications and adjustment of results by Infrastructure. Funding recommendations for Round 1 of the Growing Regions Program did not meet the original timeframes as planned by Infrastructure primarily due to the need to seek legal advice on the lawful authority matter. (See paragraphs 3.1 to 3.22)

22. Reasons for all funding decisions were appropriately documented and informed by written recommendations from Infrastructure. The minister did not award funding to any projects that were not recommended by Infrastructure. All 40 applicants that the minister approved for funding were found to be highly suitable or suitable through the merit assessment process. The minister did not award funding to 14 projects that were recommended by Infrastructure. (See paragraphs 3.23 to 3.33)

Recommendations

Recommendation no. 1

Paragraph 2.82

The Department of Infrastructure, Transport, Regional Development, Communications and the Arts identifies in the program guidelines how to assess ineligible types of projects and expenditure for the Growing Regions Program to ensure that successful projects reflect the program’s policy intent and objectives.

Department of Infrastructure, Transport, Regional Development, Communications and the Arts response: Agreed.

Recommendation no. 2

Paragraph 2.100

The Department of Infrastructure, Transport, Regional Development, Communications and the Arts correctly applies the processes set out in the Growing Regions Program guidelines or updates the guidelines where significant changes to processes are required while the funding opportunity is open for applications.

Department of Infrastructure, Transport, Regional Development, Communications and the Arts response: Agreed.

Summary of entity response

23. The proposed report was provided to the Department of Infrastructure, Transport, Regional Development, Communications and the Arts, and the Department of Industry, Science and Resources. Extracts of the proposed report were provided to the Attorney-General’s Department. The summary responses are provided below and the full responses are at Appendix 1.

Department of Infrastructure, Transport, Regional Development, Communications and the Arts

The department welcomes the overall conclusion that the implementation and award of funding for Round 1 of the Growing Regions Program was largely effective. The department notes there have been some additional challenges in implementing the Growing Regions Program, including as a result of external factors.

While the department has asked the ANAO to consider the factual basis and emphasis given to some of the findings and commentary in the report, the department acknowledges that aspects of the program could have been improved.

The department agrees to both recommendations in the report and notes they are being implemented in the administration of Round 2 of the program.

Department of Industry, Science and Resources

The Department of Industry, Science and Resources acknowledges the Australian National Audit Office’s report on the implementation and award of funding for the Growing Regions Program.

The department notes this audit is the second of two reports on the effectiveness of the Growing Regions Program.

As a provider for Australian Government grants through the Business Grants Hub we will consider the key messages from the audit that are applicable for all Australian Government entities in the co-design and administration of future granting programs.

Attorney-General’s Department

The Attorney-General’s Department (“the department”) notes the extracts of Chapter 1 and Chapter 3 of the proposed ANAO report on the Implementation and award of funding for the Growing Regions Program.

The department has no comments on the audit findings in the extract it has viewed. Responsibility for administering the Growing Regions Program rests with the Department of Infrastructure, Transport, Regional Development, Communications and the Arts.

Key messages from this audit for all Australian Government entities

24. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Program design

Key learning reference
  • To ensure compliance with Australian Government funding requirements, all assessment criteria used to assess applications should be clearly outlined in the program guidelines. Entities should not complete additional assessments that are not set out in the guidelines.
  • When designing programs, entities should establish appropriate funding mechanisms are in place to ensure the program has lawful authority for the expenditure.
Type: Performance audit
Report number: 12 of 2024-25
Portfolios: Cross-entity
Entities: Across entities
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. The National Anti-Corruption Commission’s (NACC’s) 2022/2023 Integrity Outlook states:

Conflicts of interest are also a prevalent source of corruption issues. Many types of corrupt conduct – such as breaches of public trust, abuse of office and misuse of information – originate from conflicts of interest. Such conflicts therefore pose a substantial risk for government agencies, parliamentarians, and public officials. This is why identifying, disclosing and managing potential conflicts of interest is a critical pillar of integrity architectures.1

2. The Public Governance, Performance and Accountability Act 2013 (PGPA Act) sets out general duties of accountable authorities and officials of Australian Government entities.2 The general duties related to conflicts of interest for an official include:

  • not improperly using their position or information obtained through their position to gain or seek to gain a benefit or advantage for themselves or others, or to cause detriment to the entity, Commonwealth or others3; and
  • disclosing the details of any material personal interests that relate to the affairs of the entity.4

3. The Public Governance, Performance and Accountability Rule 2014 (PGPA Rule) provides further detail on requirements for managing conflicts of interest.5 Under the PGPA Act, accountable authorities have a duty to establish and maintain appropriate systems of risk oversight and management and internal control.6 In addition, the PGPA Rule establishes a requirement for the accountable authority to take all reasonable measures to prevent, detect and deal with fraud and corruption relating to the entity.7

4. Boards of corporate Commonwealth entities (CCEs) are the accountable authority unless otherwise prescribed by an Act or the rules. Membership of boards can consist of both executive directors and non-executive directors. CCE boards are responsible for the operations of their entities.

5. The Department of Finance states:

Corporate Commonwealth entities generally have enabling legislation that establishes the scope of their activities and a multi-member accountable authority (such as a board of directors).

6. Specialist skills and expertise may be required to provide a suitable composition for a CCE board. The board members that are appointed to CCE boards in respect of their specialist skills or expertise can have inherent interests that exist as a consequence of their specialist experience. For example, they may be involved in industry associations or have duties to other organisations. These interests can conflict with their duties as a board member of a CCE.

7. The operations of boards for four CCEs were selected for examination as a part of this audit:

  • the Australian Sports Commission (ASC);
  • Food Standards Australia New Zealand (FSANZ);
  • Infrastructure Australia (IA); and
  • the National Portrait Gallery of Australia (NPGA).

Rationale for undertaking the audit

8. According to the Australian Public Service Commissioner, the public is entitled to have confidence in the integrity of public officials, and to know that the personal interests of public officials do not conflict with their public duties.8 Apparent conflicts can be just as damaging to confidence in public administration as real conflicts, so disclosures and effective management of real, apparent and potential conflicts of interest is an important element of the Australian Government’s integrity framework.

9. Section 29 of the PGPA Act provides a duty to disclose material interests. CCE board members may have material personal interests that relate to their role as a member of an accountable authority. Board requirements for specific qualifications, skills and experience pose the risk that domain knowledge and industry familiarity may lead to conflicts of interest.

10. This audit was conducted to provide assurance to the Parliament that the boards of the four CCEs are effectively managing conflicts of interest.

Audit objective and criteria

11. The objective of the audit was to assess the effectiveness of the operations of the boards of four CCEs in managing conflicts of interest.

12. To form a conclusion against the objective, the ANAO examined:

  • Have the boards developed appropriate arrangements to manage board conflicts of interest?
  • Have the boards effectively managed board conflicts of interest consistent with their own policies?

13. The audit examined the operations of the boards of four CCEs in managing conflicts of interest over the period 1 July 2021 to 31 December 2023. The appointment process for board members was not examined as part of this audit.

Conclusion

14. The operations of the boards in managing conflicts of interest were largely effective. Arrangements for managing conflicts of interest were implemented by the boards in accordance with legislative requirements and documented by some of the boards in policies and procedural guidance. The effectiveness in implementing these arrangements were inconsistent across the boards which resulted in deficiencies in declaring and managing conflicts of interest by the boards. This reduced the overall effectiveness of the boards in their management of conflict of interest risks.

15. The boards have developed largely appropriate arrangements for managing conflicts of interest. All boards have implemented arrangements to support the declaration of interests by board members, including following their appointment and during the term of their appointment. The arrangements implemented by the boards were aligned to requirements in the Public Governance, Performance and Accountability Act 2013 (PGPA Act) and Public Governance, Performance and Accountability Rule 2014 (PGPA Rule). The board of the NPGA did not have a conflict of interest policy that included managing conflicts of interest related to its board. The boards of the ASC and FSANZ had not developed conflict of interest management plans for board members holding other roles within the Australian Government. The boards have largely relied on board induction processes to provide training and education in relation to managing conflicts of interest. The boards had implemented varying arrangements to obtain assurance over the management of conflicts of interest relating to board members.

16. The boards were partly effective in implementing arrangements for managing board conflicts of interest consistent with their own policies. There were shortcomings in the operating effectiveness of processes for declaring and managing conflicts of interest across all boards. This included instances where: declarations of interest were not obtained from newly appointed board members in a timely manner; declarations of interests were not implemented as a standing agenda item at board meetings; and boards’ assessments of declarations of interest were not sufficiently documented to record whether the board had determined declarations to be material personal interests.

Supporting findings

Arrangements to manage conflicts of interest

17. The boards had identified and assessed fraud and corruption risks within their risk management frameworks. The board of IA had identified conflict of interest controls for its then board within its operational and fraud risk registers. (See paragraphs 2.3 to 2.14)

18. All boards had arrangements for board members to declare interests following appointment and at board meetings. The arrangements implemented by the boards were aligned to requirements in the PGPA Act and PGPA Rule. The ASC, FSANZ and IA boards had policies and procedural guidance to manage board conflicts of interest. The NPGA board did not have a conflict of interest policy that provided coverage of the board, with the exception of a policy for declaring, managing and overseeing board conflicts of interest related to the acquisition of works. The boards for ASC and FSANZ had not developed management plans for potential conflicts of interest relating to ex-officio board members that held other roles within the Australian Government. (See paragraphs 2.15 to 2.60)

19. The boards largely relied on board induction processes and related resources from the Department of Finance for promoting compliance with conflict of interest requirements. The boards for the ASC and FSANZ had developed guidance specific to managing board conflicts of interest. The FSANZ board provided board members with access to its learning management system, which included training related to conflicts of interest. The IA board had delivered training for board members that included a module on conflicts of interest. None of the boards had documented training plans for board members or arrangements for monitoring training undertaken by board members. The Department of Finance’s resources on managing conflicts of interest are not specific to boards of corporate Commonwealth entities. (See paragraphs 2.61 to 2.84)

20. None of the boards had implemented an assurance strategy or framework that was specific to, or provided coverage of, board conflicts of interest. All boards had developed some form of arrangement to obtain assurance over board conflicts of interest.

  • The ASC board obtained attestations from its board members on compliance with section 29 of the PGPA Act and provided reporting to its audit committee.
  • The FSANZ board maintains a centralised register of interests declared by board members that is published on its website.
  • The IA board undertook an internal audit in 2018–19 that covered board conflicts of interest and conducted Australian Securities and Investments Commission register searches of board members’ interests in 2021 to confirm declarations.
  • The NPGA board had undertaken a specific review of board declarations to update its register of interests for board members. (See paragraphs 2.85 to 2.105)

Effectiveness of conflict of interest arrangements

21. There were instances across all boards where processes for declaring interests were not operating effectively.

  • The ASC, FSANZ and NPGA boards had instances where they held board meetings where declarations of interests were not included in agendas or obtained during board meetings.
  • The ASC and NPGA boards had instances where they did not obtain declarations of interests from newly appointed board members in a timely manner.
  • All boards did not sufficiently document their assessment of declared interests and whether they were considered to be material personal interests. (See paragraphs 3.3 to 3.24)

22. All boards had implemented induction processes for their board members that covered conflict of interest. The ASC’s board induction processes were updated to provide coverage of conflicts of interest for board members commencing from March 2022, but not all current members had received the guidance. The FSANZ, IA and NPGA boards had implemented additional training and education arrangements on conflict of interest obligations for board members. (See paragraphs 3.25 to 3.35)

Recommendations

Recommendation no. 1

Paragraph 2.52

The National Portrait Gallery of Australia update its conflict of interest policy to document requirements and arrangements for declaring, managing and overseeing conflicts of interest relating to the board.

National Portrait Gallery of Australia response: Agreed.

Recommendation no. 2

Paragraph 2.58

The Australian Sports Commission and Food Standards Australia New Zealand assess conflict of interest risks for board members holding other roles within the Australian Government, and develop mitigations that are documented in a management plan.

Australian Sports Commission response: Agreed.

Food Standards Australian New Zealand response: Agreed.

Recommendation no. 3

Paragraph 2.82

The Department of Finance improve training and education arrangements for corporate Commonwealth entities to raise awareness for entities and their board members in understanding how to implement arrangements to meet conflict of interest obligations. This should be undertaken in consultation with portfolio departments.

Department of Finance response: Agreed.

Recommendation no. 4

Paragraph 3.21

The Australian Sports Commission, Food Standards Australia New Zealand, Infrastructure Australia and National Portrait Gallery of Australia implement arrangements to record the board’s assessment of whether a declaration made by a board member is determined to be a material personal interest. Where the interest is determined to be a material personal interest, boards should record the disclosure and consequence in accordance with the Public Governance, Performance and Accountability Rule 2014.

Australian Sports Commission response: Agreed.

Food Standards Australian New Zealand response: Agreed.

Infrastructure Australia response: Agreed.9

National Portrait Gallery of Australia response: Agreed.

Summary of entity responses

23. Extracts of the proposed report were provided to the ASC, the Department of Finance, FSANZ, IA and the NPGA. The summary responses are provided below, and the full responses are included at Appendix 1. Improvements observed by the ANAO during the course of the audit are listed in Appendix 2.

Australian Sports Commission

Thank you for providing the Australian Sports Commission (ASC) with the opportunity to comment on the Australian National Audit Office (ANAO) proposed audit report on Management of Conflicts of Interest by Corporate Commonwealth Entity Boards.

The ASC acknowledges and accepts the key findings, recommendations and the opportunities for improvement presented in the Section 19 Report.

Department of Finance

The Department of Finance agrees the recommendation and findings provided in the report extract.

Food Standards Australia New Zealand

FSANZ acknowledges the importance of this audit to provide assurance to Parliament that the operations of Boards effectively manage conflicts of interest. In this context it is noted FSANZ is one of four entities (out of 74 CCE’s) assessed over the period July 2021 to December 2023.

The Board notes the audit’s findings that our arrangements for managing conflicts of interest align with the relevant legislation and are largely effective. As the independent agency responsible for the development of draft food standards for Australia and New Zealand, trust and confidence of decision-makers and stakeholders is important. The FSANZ Board takes a very conservative approach to managing conflicts of interest and, for transparency, we maintain and manage a register of all interests of Board members, regardless of whether they are classified as a material personal interest or not.

Infrastructure Australia

As the Australian Government’s independent adviser on nationally significant infrastructure investment planning and project prioritisation Infrastructure Australia values accountability, acting with integrity and upholding the highest ethical standards.

We appreciate the work of the ANAO which found that the boards of the four CCEs were largely effective in their management of conflicts of interest.

Infrastructure Australia accepts the recommendation that we strengthen our recording of the assessment and consequences of declared conflicts of interest. We have also commenced work to reflect the ANAO feedback on opportunities for improvement in administrative and management practices to strengthen our governance framework in relation to conflicts of interest.

National Portrait Gallery of Australia

The National Portrait Gallery (NPGA) welcomes the Australian National Audit Office’s (ANAO) report and accepts the recommendations made for the agency.

The report finds that the NPGA has developed largely effective arrangements for managing conflicts of interest for its the Board in accordance with legislative requirements.

The report identifies areas for improvement and makes two recommendations where the NPGA can take steps to strengthen its processes and assurance activities through update of its existing Conflict of Interest policy and processes. The NPGA agrees with, and is already taking steps to implement, these recommendations.

The NPGA also recognises the other areas of improvement identified in the Report, notably the expansion of assurance activities and the implementation of a Board training workplan. This will ensure that the NPGA is operating in alignment with government best practice in conflicts of interest management.

The NPGA thanks the ANAO audit team for their professionalism during the audit process.

Key messages from this audit for all Australian Government entities

24. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Governance and risk management

Key learning reference
  • As accountable authorities of organisations, boards have a key role to play in setting the tone for dealing with risk and acting with integrity. Identifying and managing conflicts of interests is an area in which the way a board operates can influence the entity it governs. Developing good practice and assuring it can be a positive signal to the entity.
  • Public sector board members have of a duty to disclose and manage material personal interests. The composition of boards can include members who are appointed based on their specialist expertise and industry affiliations. This presents risks to corporate Commonwealth entities — the integrity of operations and functions of an entity can be compromised if conflicts of interest are not managed. Corporate Commonwealth entity boards should assess these risks and develop appropriate arrangements to manage conflicts of interest, including policies and procedures that are tailored to entity risks and training that is specific to board members’ roles. Establishing assurance activities over the management of board conflicts of interest can help to help to ensure arrangements are operating effectively.
Type: Performance audit
Report number: 11 of 2024-25
Portfolios: Foreign Affairs and Trade
Entities: Department of Foreign Affairs and Trade
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. The Department of Foreign Affairs and Trade (DFAT) is responsible for issuing passports to Australian citizens in accordance with the Australian Passports Act 2005, with delivery of passport services in Australia and overseas being one of DFAT’s three key outcomes. In July 2006, DFAT established the Australian Passport Office as a separate division to provide passport services. The Australian Passport Office has offices in each Australian capital city and it collaborates with Australian diplomatic missions and consulates to provide passport services to Australians located overseas.

2. DFAT is also the entity responsible for Australia’s international trade agreements. The Commonwealth Procurement Rules (CPRs) incorporate the requirements of Australia’s international trade obligations and government policy on procurement into a set of rules. As a legislative instrument, the CPRs have the force of law.1 Officials from non-corporate Commonwealth entities such as DFAT must comply with the CPRs when performing duties related to procurement. Achieving value for money is the core rule of the CPRs.

Rationale for undertaking the audit

3. The issuing of passports to Australian citizens is an important function of the Department of Foreign Affairs and Trade, undertaken by its Australian Passport Office. Between 1 July 2019 and 31 December 2023, the Australian Passport Office managed 331 contracts totalling $1.58 billion.

4. During the conduct of an earlier audit, Auditor-General Report No. 13 2023–24 Efficiency of the Australian Passport Office, the ANAO observed a number of practices in respect of the conduct of procurement by DFAT through its Australian Passport Office that merited further examination. The Auditor-General decided to commence a separate audit of whether the procurements DFAT conducts through its Australian Passport Office comply with the Commonwealth Procurement Rules and demonstrate the achievement of value for money.

5. The audit provides assurance to the Parliament of the effectiveness of the department’s procurement activities in achieving value for money, and the ethics of the department’s procurement processes, noting that procurement is an area of continuing focus by the Joint Committee of Public Accounts and Audit.2

Audit objective and criteria

6. The objective of the audit was to examine whether the procurements that DFAT conducts through its Australian Passport Office are complying with the Commonwealth Procurement Rules and demonstrating the achievement of value for money.

7. To form a conclusion against this objective, the following high-level criteria were applied.

  • Have open and competitive procurement processes been employed?
  • Has decision-making been accountable and transparent?

8. The audit focussed on procurement activities by the Australian Passport Office relating to contracts and contract variations that had a start date of between 1 July 2019 and 31 December 2023.

Conclusion

9. The procurements that DFAT conducted through its Australian Passport Office did not comply with the Commonwealth Procurement Rules and DFAT’s procurement policies, and did not demonstrate it had achieved value for money.

10. DFAT did not employ open and competitive processes in the conduct of Australian Passport Office procurement. There were no procurements conducted between July 2019 and December 2023 by way of an open approach to the market. Of the 73 procurements examined in detail by the ANAO, 29 per cent involved competition where the department had not identified a preferred supplier prior to inviting quotes.

11. Procurement decision-making was not sufficiently accountable and was not transparent. Procurement practices have fallen short of ethical standards, with DFAT initiating inquiries of the conduct of at least 18 individuals, both employees and contractors, in relation to Australian Passport Office procurement activities examined by the ANAO.

Supporting findings

Open and competitive procurement

12. DFAT did not appropriately plan the procurement activities for its Australian Passport Office. There was no overarching procurement strategy. The department engaged a contractor to develop a multi-year procurement strategy that was never completed. Overall, only 15 per cent of the 62 approaches to market examined by the ANAO met the minimum requirements at planning stage. (See paragraphs 2.3 to 2.20)

13. None of the 243 contracts totalling $476.5 million the APO entered between 1 July 2019 and 31 December 2023 was let via an approach to the open market.

14. DFAT’s AusTender reporting indicates the APO procures by open tender from a panel arrangement 71 per cent of the time. The ANAO examined 53 contracts DFAT had reported this way and identified that for 15 contracts (28 per cent) the APO had deviated from the panel arrangement to the extent that the approach constituted a limited tender. The ANAO also examined 12 contracts valued over the $80,000 threshold reported by DFAT as let by limited tender. The approach taken for six of these contracts (50 per cent) did not demonstrably satisfy the limited tender condition or exemption from open tender that had been reported by DFAT. The department’s approach is inconsistent with the Commonwealth Procurement Rules which, in turn, reflect the requirements of the Australia-United States Free Trade Agreement (DFAT is the Australian Government entity responsible for Australia’s international trade agreements). (See paragraphs 2.22 to 2.50)

15. A competitive approach was used to establish only 29 per cent of the 73 contracts tested by number or 25 per cent by value. This involved the APO inviting more than one supplier to quote in a process that did not have a pre-determined outcome. On 19 occasions the procurement approach was not genuine as the purported competitive process did not, in fact, involve competition. (See paragraphs 2.51 to 2.70)

16. For 14 per cent of contracts tested, evaluation criteria were included in request documentation with those same criteria used to assess submissions. (See paragraphs 2.72 to 2.77)

17. There was not a documented approval to approach the market for 36 per cent of the 73 contracts examined in detail by the ANAO. Advice provided to approvers on the outcomes of approaches to market in most cases did not demonstrate how value for money was considered to have been achieved. Three-quarters of the time the approval was requested by an embedded contractor, often populating a template as an administrative function and sometimes at the direction of the approver telling them what to recommend.

18. One quarter of the time, approval was given within a week of the expected contract start date. A 2022–23 practice of approving commitments on the understanding that the Department of Finance would later agree to additional funding to cover the costs was not sound financial management. (See paragraphs 2.79 to 2.104)

Accountable and transparent decision-making

19. For 71 per cent of the procurements examined by the ANAO, an appropriate contractual arrangement was in place prior to works commencing and after approval had been obtained to enter the arrangement. (See paragraphs 3.3 to 3.13)

20. Sound and timely advice was not provided to inform decisions about whether to vary contracts. In aggregate, the contracts the APO entered between 1 July 2019 and 30 June 2023 doubled in value during that period through contract amendment. The approval records for contract variations did not include advice on how value for money would be achieved and, for a number of high value contracts, approval was sought after costs were incurred. A quarter of the variations tested were entered after the related services had commenced and/or costs incurred. (See paragraphs 3.14 to 3.35)

21. ANAO analysis of AusTender data between 1 July 2019 and 30 June 2023 indicated that DFAT did not meet the Commonwealth Procurement Rules requirement to report contracts and amendments within 42 days of execution at least 22 per cent of the time. The extent of non-compliance increased to 44 per cent when the analysis was based on ANAO examination of the departmental records in a sample of 230 contracts and amendments. The AusTender reporting of 70 APO contracts examined was largely accurate. The reported descriptions of the goods or services procured was usually applicable but was also usually lacking in detail. The reported reasons given for 112 contract amendments examined did not contain sufficient detail to meet the minimum instructions in the AusTender reporting guide 81 per cent of the time. (See paragraphs 3.37 to 3.52)

22. Procurement activities fell short of ethical requirements. In response to ethical findings made by the ANAO in relation to a number of the procurements examined as part of this performance audit, the department advised the ANAO that it considers there are clear indications of misconduct involving a number of current or former DFAT officials and contractors as well as clear cultural issues. The department has commenced, or is considering, investigation (or referral) activity in relation to the conduct of at least 18 individuals in relation to various procurements examined by the ANAO. (See paragraphs 3.53 to 3.83)

23. The department’s central procurement team has not exercised sufficient oversight of the APO’s procurement activities. Departmental risk controls that have been documented have not been complied with by the APO and this non-compliance should have been evident to the central procurement team, and addressed. The department also does not have adequate arrangements in place for the identification and reporting of breaches of finance legislation. (See paragraphs 3.85 to 3.105)

Recommendations

Recommendation no. 1

Paragraph 2.21

The Department of Foreign Affairs and Trade improve its planning of procurement activity for the Australian Passport Office, including but not limited to taking steps to assure itself that procurement planning requirements (internal to the department as well as those required by the Commonwealth Procurement Rules) are being complied with.

Department of Foreign Affairs and Trade response: Agreed.

Recommendation no. 2

Paragraph 2.71

The Department of Foreign Affairs and Trade strengthen its procurement processes for the Australian Passport Office so that there is an emphasis on the use of genuinely open competition in procurement to deliver value for money outcomes consistent with the requirements and intent of the Commonwealth Procurement Rules.

Department of Foreign Affairs and Trade response: Agreed.

Recommendation no. 3

Paragraph 2.78

The Department of Foreign Affairs and Trade include evaluation criteria in request documentation for all procurements undertaken for the Australian Passport Office, and procurement decision-makers ensure those criteria have been applied in the evaluation of which candidate represents the best value for money.

Department of Foreign Affairs and Trade response: Agreed.

Recommendation no. 4

Paragraph 2.106

The Department of Foreign Affairs and Trade to strengthen its procurement policy framework by directly addressing the risk of officials being cultivated or influenced by existing or potential suppliers.

Department of Foreign Affairs and Trade response: Agreed.

Recommendation no. 5

Paragraph 3.36

The Department of Foreign Affairs and Trade strengthen its controls to ensure any contract variations are consistent with the terms of the original approach to market, and that officials do not vary contracts to avoid competition or other obligations and ethical requirements under the Commonwealth Procurement Rules.

Department of Foreign Affairs and Trade response: Agreed.

Recommendation no. 6

Paragraph 3.84

The Department of Foreign Affairs and Trade examine whether procurements not included in the sample examined by the ANAO also include ethical and integrity failures, and subject any such procurements to appropriate investigatory action.

Department of Foreign Affairs and Trade response: Agreed.

Recommendation no. 7

Paragraph 3.94

The Department of Foreign Affairs and Trade strengthen oversight by its central procurement area of the procurement activities of the Australian Passport Office. This should include being represented on the evaluation team for each procurement activity of higher risk or value.

Department of Foreign Affairs and Trade response: Agreed.

Summary of entity responses

24. The proposed report was provided to DFAT. Extracts of the proposed report were also provided to Alluvial Pty Ltd, Brink’s Australia Pty Ltd, Compas Pty Ltd, Community and Public Sector Union, Customer Driven Solutions Pty Ltd, Datacom Systems (AU) Pty Ltd, Deloitte Touche Tohmatsu, Department of Finance, Grosvenor Performance Group Pty Ltd, Hays Specialist Recruitment (Australia) Pty Ltd, Mühlbauer ID Services GmbH, Peoplebank Australia Ltd, Procurement Professionals Pty Ltd, Propel Design Pty Ltd, Randstad Pty Ltd, Serco Citizen Services Pty Ltd, Services Australia, UiPath S.R.L, Verizon Australia Pty Ltd and Yardstick Advisory Pty Ltd. The letters of response that were received for inclusion in the audit report are at Appendix 1. Summary responses, where provided, are included below.

Department of Foreign Affairs and Trade

The department values the ANAO’s independent review of procurement practices at the Australian Passport Office (APO). The audit came at a time when the department was assessing the effectiveness of the current procurement model. As a result of both reviews, the department’s procurement practices will be amended to improve compliance and efficiency. This will include the Finance Division taking more centralised and direct control over procurement activities, and additional resources to implement changes and provide enhanced oversight.

The ANAO audit highlighted the proactive steps the current Executive Director APO took to address procurement and cultural issues when she commenced with the department in early 2023. Work has continued, leading to the creation of a new Procurement, Finance and Assurance Section within APO. Additionally, the Internal Audit Branch has initiated a wide-ranging internal audit of procurement activities across the department.

Following the ANAO audit report and internal reviews, the department will also revise its Compliance and Assurance Framework as it relates to Public Governance, Performance and Accountability Act 2013 obligations. The updated Framework will be purpose-built, adopt a risk-based approach, and include effective assurance mechanisms. The department has initiated activities to address specific areas of concern regarding actions of staff.

Compas Pty Ltd

Compas is concerned that the Proposed Report conveys an imputation that it has engaged in conduct that may not be in accordance with the Commonwealth Procurement Rules.

Such an imputation is incorrect.

The relevant evaluation process was an internal DFAT process over which Compas, rightly, had no visibility. Given this, Compas cannot respond to, nor is it privy to, what processes were taken by DFAT to address the Panel Member’s affiliation to it.

Any deficiencies in the evaluation process cannot be attributed to Compas, and the final report should make this expressly clear in its findings. Any failure to do so could result in a reader being under a misapprehension that Compas had the ability to influence the process, did in fact influence the process improperly and, as a result, gained an improper advantage or benefit.

Should such a misrepresentation occur, this would have an unreasonably adverse effect on Compas’ reputation that it has built over nearly 40 years and have a deleterious effect on our business.

Propel Design Pty Ltd

Propel Design notes the extract provided by the ANAO. Propel Design submitted its tender for the procurement in question in accordance with all requirements under the Digital Marketplace (now BUYICT) and was not aware of any individuals appointed to the evaluation panel. We believe our employee was selected as the preferred contractor based on their skills and experience, as set out in their resumé and our responses to the selection criteria.

Key messages from this audit for all Australian Government entities

25. Below is a summary of key messages that have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Governance

Key learning reference
  • Good governance involves entity leaders developing a culture requiring and supporting actions which are not only in compliance with rule frameworks but also with the intent of those frameworks, including those which set standards for ethical practices.
  • Praising or otherwise rewarding staff for getting contracts in place quickly can influence staff to bypass procurement rules and to direct-source incumbent suppliers. Forward planning and reinforcement of rules and processes can remove or reduce time pressure.
Group title

Procurement

Key learning reference
  • Acting ethically when conducting procurement requires ethical principles to be applied to all actions throughout the entire procurement process and for management action to be taken when ethical issues are identified. It also requires good recordkeeping so that it can be transparently demonstrated that the procurement was conducted ethically.
  • Entities should treat all tenderers, and potential tenderers, in a fair and non-discriminatory manner. This means that entities should undertake genuinely competitive procurements by not identifying a preferred supplier in advance of conducting a procurement process. A practice of inviting market responses when a preferred supplier has already been identified also wastes the other suppliers’ time and resources and reduces trust in the integrity of government procurement.
  • Entities should ensure that their procurement frameworks specifically address how risks of incumbency advantage are managed so that the procurement process is conducted with no bias or favouritism, and to maximise value for money to the Australian Government through competitive selection processes. In addition, the risks of employees and/or contractors having a conflict of interest with potential/actual market respondents, including any incumbent, should be fully considered and addressed.
Type: Performance audit
Report number: 10 of 2024-25
Portfolios: Employment and Workplace Relations
Entities: Australian Skills Quality Authority
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. Fraud against Australian Government entities and corrupt conduct by Australian Government officials are serious matters that can constitute criminal offences. Fraud and corruption undermine the integrity of and public trust in government, including by reducing funds available for government program delivery and causing financial and reputational damage to defrauded entities.1

2. The Australian Government defines fraud as:

Dishonestly obtaining (including attempting to obtain) a gain or benefit, or causing a loss or risk of loss, by deception or other means.2

3. Fraud against the Australian Government can be committed by government officials or contractors (internal fraud) or by parties such as clients of government services, service providers, grant recipients, other members of the public or organised criminal groups (external fraud).3 The Australian Government’s requirements for fraud control apply to both internal and external fraud risks. The 2024 Commonwealth Fraud and Corruption Control Framework states that:

Fraud and corruption are risks that can undermine the objectives of every Australian Government entity in all areas of their business, including delivery of services and programs, policy-making, regulation, taxation, procurement, grants and internal procedures.4

Australian Skills Quality Authority

4. The Australian Skills Quality Authority (ASQA) is the Australian Government agency responsible for the regulation of around 90 per cent of vocational education and training (VET) providers operating in Australia. ASQA’s purpose is ‘to ensure quality VET, so that students, industry, governments and the community can have confidence in the integrity of national qualifications issued by training providers’.5

Rationale for undertaking the audit

5. Fraud against Australian Government entities reduces available funds for public goods and services and causes financial and reputational damage to the Australian Government.6 All Commonwealth entities are required to have fraud control arrangements in place to prevent, detect and respond to fraud. From 1 July 2024, this requirement also extends to corruption.7 This audit is intended to provide assurance to the Parliament regarding the fraud control arrangements in ASQA.

Audit objective and criteria

6. The objective of the audit was to assess the effectiveness of ASQA’s fraud control arrangements as the national regulator of the vocational education and training sector.

7. To form a conclusion against this objective, the following high-level criteria were adopted.

  • Have appropriate arrangements been established to oversee and manage fraud risks?
  • Have appropriate mechanisms been established to prevent fraud and promote a culture of integrity?
  • Have appropriate mechanisms been established to detect and respond to fraud?
  • Has the Australian Skills Quality Authority appropriately prepared for the commencement of the revised Commonwealth Fraud and Corruption Control policy in July 2024?

Conclusion

8. ASQA has established partly effective fraud control arrangements. ASQA’s Fraud Control Plan 2022–2024 and Fraud Control Policy focus on internal fraud risks and do not consider the entity’s regulatory fraud environment. ASQA has undertaken minimal steps to align with the Commonwealth’s revised Fraud and Corruption Control Framework which came into effect on 1 July 2024.

9. ASQA has not established appropriate arrangements to manage fraud risk. Fraud control arrangements are based on a fraud control policy that was developed in 2013 and does not reflect current Commonwealth legislative and policy requirements. ASQA’s Fraud Control Plan 2022–2024 does not consider its regulatory fraud control environment, and there is no process to test regulatory fraud controls systematically and regularly. The Fraud Control Plan 2022–2024 contains an overlap of roles and responsibilities of key officials.

10. ASQA has established largely appropriate mechanisms to prevent fraud and promote integrity across its internal and regulatory environments. This includes channels to promote fraud awareness and integrity internally through training, fraud qualifications and professional development, and engagement including social media and sector alerts. Within its regulatory environment, ASQA has established outreach mechanisms to the VET sector that address fraud awareness. ASQA has not appropriately assessed the effectiveness of these mechanisms.

11. ASQA has recently established detection controls, including a tip-off line and information-sharing relationships with external agencies. ASQA has not assessed the effectiveness of these detection controls. ASQA has established an investigatory process for regulatory fraud but does not measure its outcomes or effectiveness.

12. ASQA has taken minimal steps to align with the revised Commonwealth Fraud and Corruption Policy through the development of an updated draft Fraud and Corruption Control Policy and Plan for 2024–2026. ASQA has not prepared an implementation plan and there is no evaluation plan for the new or revised controls. ASQA’s new Fraud and Corruption Control Policy and Plan 2024–2026 has minimal updates from the Fraud Control Policy and Plan 2022–2024 and does not include regulatory fraud or corruption controls.

Supporting findings

Oversight and management of fraud risks

13. ASQA’s fraud control framework is based on a fraud control policy that was developed in 2013 and does not reflect current Commonwealth legislative and policy requirements, or the changes the entity has undergone in the 10 years since the policy was developed. ASQA’s Fraud Control Plan 2022–2024 does not consider the entity’s regulatory fraud control environment, and associated fraud control activities. ASQA has developed a regulatory model which details ASQA’s regulatory and compliance approach. The regulatory model does not specifically address fraud. ASQA’s fraud control plan includes an overlap of responsibilities between key officials. (See paragraphs 2.2 to 2.23)

14. ASQA’s Fraud Control Plan 2022–2024 identified one external fraud risk. The Plan identified seven internal fraud risks, six of which were reviewed during the period covered by the plan. ASQA undertook risk assessments in 2023 and 2024 within its regulatory environment using its environmental scan tool which identified fraud risk relating to visa fraud. The outcomes of risk assessments were not provided to ASQA’s internal audit function. (See paragraphs 2.24 to 2.39)

15. ASQA’s Fraud Control Plan 2022–2024 addresses internal fraud risks and controls and one external fraud risk relating to false or misleading information. The Plan does not address ASQA’s role as the national regulator for the VET sector and its associated regulatory fraud control environment. The Fraud Control Plan 2022–2024 contains controls commensurate with the identified internal fraud risks. Limited testing of controls occurred once in 2023, and mechanisms to test the internal fraud controls on a regular basis have not been established. (See paragraphs 2.40 to 2.48)

Fraud prevention and integrity culture

16. Internal preventative controls align with the risks identified in the entity’s Fraud Control Plan 2022–2024. Regulatory preventative measures include sector alerts and participation in the Fraud Fusion Taskforce. ASQA has not tested the effectiveness of its internal or regulatory fraud prevention controls (including its controls for managing identity fraud), or its documented procedures for preventing, detecting and responding to fraud. (See paragraphs 3.2 to 3.20)

17. ASQA promotes a fraud awareness culture within the entity through annual mandatory fraud awareness training and utilising internal communication channels, including CEO messages emailed to all staff. As at April 2024, the reported completion rate for ASQA’s mandatory fraud awareness training was 84 per cent. ASQA also undertakes outreach programs through mechanisms such as sector alerts and social media alerts to promote fraud awareness. (See paragraphs 3.21 to 3.27)

18. Officials with fraud control responsibilities at ASQA have opportunities for ongoing professional development through training, such as that provided by the Commonwealth Director of Public Prosecutions. ASQA officials engaged in fraud control activities hold relevant qualifications, including the Certificate IV in Government (Investigation) and Diploma in Government (Investigation). (See paragraphs 3.28 to 3.35)

Fraud detection and response

19. ASQA’s detection controls include mechanisms such as a tip-off line and information sharing arrangements with external agencies which provide an appropriate detection framework. There is no documented or consistent process for monitoring and evaluating the effectiveness of these detective controls. (See paragraphs 4.2 to 4.25)

20. ASQA has established mechanisms to investigate and respond to fraud but does not measure its performance, including the effectiveness and efficiency of its fraud response. There were no consistent documented processes and procedures for the operation of ASQA’s investigation capability. ASQA has referred matters to external agencies as part of their information sharing mechanisms. In early August 2024 there were two instances where ASQA referred fraud matters to the Commonwealth Director of Public Prosecutions. One fraud matter was discussed with the Australian Federal Police in 2023–24. (See paragraphs 4.26 to 4.37)

21. ASQA’s Annual Report 2022–23 includes its Accountable Authority’s certification on fraud control confirming that the CEO was satisfied that ASQA has appropriate prevention, detection, investigation, reporting and data collection procedures and processes in place. This certification in the annual report was not supported by evidence. ASQA has established reporting channels with other Commonwealth entities to report fraud and has provided information to the Australian Institute of Criminology as required, and has not kept records of the information provided. (See paragraphs 4.38 to 4.46)

Preparation for the revised Commonwealth Fraud and Corruption Control Framework

22. ASQA does not have an implementation plan for the revised Commonwealth Fraud and Corruption Control Policy. ASQA has an updated Fraud and Corruption Control Policy and Plan 2024–2026. As at July 2024, this document is still in draft and does not address ASQA’s regulatory fraud control environment. (See paragraphs 5.2 to 5.8)

23. ASQA has not established a plan to evaluate the implementation of new or revised fraud and corruption controls. (See paragraphs 5.9 to 5.10)

Recommendations

Recommendation no. 1

Paragraph 2.15

The Australian Skills Quality Authority ensures roles and responsibilities covered in its fraud control arrangements are current and commensurate with existing governance arrangements.

Australian Skills Quality Authority response: Agreed.

Recommendation no. 2

Paragraph 2.47

The Australian Skills Quality Authority updates its Fraud Control Policy and Plan to cover the full extent of its functions including its regulatory activities, supported by risk assessments that clearly address fraud risk and contain robust mitigation strategies.

Australian Skills Quality Authority response: Agreed in-part.

Recommendation no. 3

Paragraph 4.24

The Australian Skills Quality Authority documents its processes for monitoring and evaluating the effectiveness of its fraud controls across prevention and detection.

Australian Skills Quality Authority response: Agreed.

Summary of entity response

24. The proposed audit report was provided to ASQA. ASQA’s summary response is provided below, and its full response is included at Appendix 1. Improvements observed by the ANAO during the course of this audit are listed in Appendix 2.

ASQA places a high value on review and improvement and welcomes the role that ANAO plays in providing independent insights supporting performance improvement. ASQA is already taking action to improve clarity of roles and responsibilities, and document our processes for monitoring and evaluating the effectiveness of fraud controls across prevention and detection to ensure that our internal controls are fit for purpose to protect the entity from these risks. Giving consideration to the audit findings, ASQA will now finalise our Fraud and Corruption Policy and Plan 2024-2026 under the revised Commonwealth Fraud and Corruption Control Framework, which came into effect during this audit in July 2024.

We note that the Commonwealth Fraud and Corruption Control Framework provides a system of governance and accountability across entities for protecting public resources from fraud and corruption. In its role as the National Regulator of VET ASQA is focused on protecting vulnerable students and taking action against non-genuine providers, and to scrutinise those who are in the business of managing or operating RTOs. This has a broader public purpose to prevent harms including those that might arise from external fraud that are not directed at or directly detrimental to the Commonwealth, but to students, employers or industry. This fact has implications for ASQA’s consideration of Recommendation 2 of this report.

Key messages from this audit for all Australian Government entities

25. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Program design

Key learning reference
  • For regulatory entities, external fraud risks need to be clearly covered in their fraud and corruption control plans and be informed by thorough risk assessments and mitigated by effective controls.
Type: Performance audit
Report number: 9 of 2024-25
Portfolios: Health and Aged Care
Entities: National Health and Medical Research Council
Date tabled:
Audit Summary : show

Summary and recommendations

Background

1. Fraud against Australian Government entities and corrupt conduct by Australian Government officials are serious matters that can constitute criminal offences. Fraud and corruption undermine the integrity of and public trust in government, including by reducing funds available for government program delivery and causing financial and reputational damage to defrauded entities.1

2. The Australian Government defines fraud as:

Dishonestly obtaining (including attempting to obtain) a gain or benefit, or causing a loss or risk of loss, by deception or other means.2

3. Fraud against the Australian Government can be committed by government officials or contractors (internal fraud) or by parties such as clients of government services, service providers, grant recipients, other members of the public or organised criminal groups (external fraud).3 The Australian Government’s requirements for fraud control apply to both internal and external fraud risks. The 2024 Commonwealth Fraud and Corruption Control Framework states that:

Fraud and corruption are risks that can undermine the objectives of every Australian Government entity in all areas of their business, including delivery of services and programs, policy-making, regulation, taxation, procurement, grants and internal procedures.4

4. The audit examines fraud control arrangements in the National Health and Medical Research Council (the NHMRC). The NHMRC administers the Medical Research Endowment Account (MREA) to provide assistance for public health and medical research and training, primarily through grant programs.

5. The NHMRC also manages grants through the Medical Research Future Fund (MRFF) on behalf of the Department of Health and Aged Care (Health) pursuant to a shared services agreement.

Rationale for undertaking the audit

6. Fraud against Australian Government entities reduces available funds for public goods and services and causes financial and reputational damage to the Australian Government.5 All Commonwealth entities are required to have fraud control arrangements in place to prevent, detect and respond to fraud. From 1 July 2024, this requirement also extends to corruption.

Audit objective and criteria

7. The objective of the audit was to assess the effectiveness of the NHMRC’s fraud control arrangements.

8. To form a conclusion against this objective, the following high-level criteria were adopted.

  • Have appropriate arrangements been established to oversee and manage fraud risks?
  • Have appropriate mechanisms been established to prevent fraud, and promote a culture of integrity?
  • Have appropriate mechanisms been established to detect and respond to fraud?
  • Has the NHMRC appropriately prepared for the commencement of the revised Commonwealth Fraud and Corruption Control policy in July 2024?

Conclusion

9. The NHRMC’s fraud control arrangements are partly effective. The NHMRC has appropriate mechanisms in place for internal fraud control, but there are inadequate mechanisms in place to prevent, detect and investigate fraud risks relating to grant recipients.

10. The NHMRC has established partly appropriate arrangements to oversee and manage fraud risks. The NHMRC’s 2023–2025 Fraud and Corruption Control Framework is aligned with the 2017 Commonwealth Fraud Control Framework. The agency has established largely appropriate oversight arrangements for the management of fraud risks. The Audit and Risk Committee did not provide independent advice to the accountable authority on the appropriateness of the system of risk management. The NHMRC’s 2023–2025 Fraud and Corruption Risk Assessment includes risks relating to its core business, the administration of grant funding. The Fraud and Corruption Control Plan is largely appropriate for internal fraud risks. It falls short of appropriately managing external fraud risks relating to the NHMRC’s administration of grant funding. The NHMRC has not identified and assessed all external fraud risks relating to grant funding. The NHMRC’s risk assessment of grant related fraud risks is not based on all relevant information. Most of the controls for grant related fraud risks rely on the cooperation of, or untested assurances from, the grant recipients. The NHMRC has not established mechanisms to review the effectiveness of the controls listed in the 2023–2025 Fraud and Corruption Risk Assessment.

11. The NHMRC has established partly effective mechanisms to prevent fraud and promote a culture of integrity. The NHMRC included preventative controls for all risks identified in its Fraud and Corruption Control Risk Assessment. The controls have not been assessed for their appropriateness or effectiveness. Fraud awareness training and relevant resources are provided to all staff. External stakeholders are made aware of the NHMRC’s processes for managing fraud risks through various publications on its website. The NHMRC’s monitoring of compliance with annual fraud awareness training provides reasonable assurance to the accountable authority of the completion rate. No arrangements have been put in place to ensure that the NHMRC staff who identify, assess and manage fraud risks or investigate suspected fraud have the relevant training or qualifications or undertake ongoing professional development.

12. The NHMRC has established partly appropriate mechanisms to detect and respond to fraud. The NHMRC has not assessed the appropriateness or effectiveness of the detective controls listed for the internal and external fraud risks identified in its 2023–2025 Fraud and Corruption Control Plan. The detective controls relating to the NHMRC’s administration of grants do not provide the NHMRC with assurance on the level of compliance with reporting and investigation obligations placed on grant recipients under the NHMRC’s funding agreements. By not requiring that investigations by grant recipients are undertaken by a qualified investigator, the NHMRC’s procedures are inconsistent with the 2017 Commonwealth Fraud Control Framework. The fraud and misconduct registers maintained by the NHMRC are not consistent with each other and do not contain sufficient information to support informed decision-making and continuous improvement activities. The NHMRC reported one instance of significant non-compliance and advised the minister that it recovered grant funding associated with the one case where fraud was substantiated in 2022–23 and 2023–24.

13. The NHMRC’s preparations for the commencement of the revised Commonwealth Fraud and Corruption Policy on 1 July 2024 have been largely appropriate, with change management activities yet to be delivered. The NHMRC included a definition of corruption and reporting and referral obligations to the National Anti-Corruption Commission in its 2023–2025 Fraud and Corruption Control Framework. No corruption related risks were added to the Fraud and Corruption Control Plan at this time. The NHMRC developed an implementation plan and, as at 1 July 2024, had developed a draft framework and a plan to achieve compliance with the new policy. Over the period 2024 to 2026, the NHMRC plans to review grant fraud risks and test the controls for selected grant fraud risks, including risks with high risk ratings.

Supporting findings

Oversight and management of fraud risks

14. The NHMRC established a Fraud and Corruption Framework that covers key elements of the 2017 Commonwealth Fraud Control Framework. Senior officials were assigned responsibility for fraud control activities and a Fraud and Corruption Control Officer (FCCO) was appointed. The NHRMC’s Executive Board is responsible for, and the Audit and Risk Committee (ARC) provides assurance over, risk management including fraud. Both the Executive Board and the ARC reviewed the NHMRC’s fraud and corruption control policy. The procedures for dealing with alleged grant fraud are incomplete. They do not effectively support the NHMRC to conduct fraud risk assessments based on all available information and data, or to fulfil its obligations for specific grants administered under the shared services agreement with the Department of Health and Aged Care. The ARC did not seek further information on the effectiveness of controls following consideration of the reports of instances of suspected fraud. The ARC’s advice to the Chief Executive Officer (CEO) relied on assertions from management that the agency complies with the Commonwealth Risk Management Policy and the Commonwealth Fraud Control Framework. (See paragraphs 2.2 to 2.15)

15. The NHMRC undertook fraud risk assessments in 2019 and 2023. The 2019 fraud risk assessment was not updated following the launch of a new grants management IT system. The 2023–2025 Fraud and Corruption Risk Assessment included risks related to the NHMRC’s administration of grants which is one of the agency’s core functions. The risk assessment utilises the risk matrix for likelihood and consequence set out in the enterprise risk management framework. The relationship between accepted risk ratings and the NHRMC’s tolerances for specific risk categories is not documented. The NHMRC’s ARC did not consider the 2023–2025 Fraud and Corruption Control Plan in assessing the appropriateness of the 2024–25 internal audit work program. (See paragraphs 2.16 to 2.38)

16. The NHMRC’s 2023–2025 Fraud and Corruption Control Plan included 27 fraud risks, seven of which related to external risks. Responsibility for managing each of the controls was not listed in the 2023–2025 Fraud and Corruption Risk Assessment. Controls for internal risks are more clearly aligned with the identified risks than those listed for external risks in the 2023–2025 Fraud and Corruption Control Plan. The non-mandatory reporting to the NHMRC of all instances of alleged fraud, including where it relates to research misconduct, limits the information that the NHMRC has regard to when conducting risk assessments for external fraud risks. The NHMRC has not established appropriate mechanisms to gain assurance over all grant recipients’ compliance with the terms of funding agreements or MREA grant recipients’ responses to the annual self-assessment compliance survey. Both of these are listed as controls for external risks related to the NHMRC’s administration of grant programs. Except for specific ICT controls, the NHMRC has not established a mechanism to review the effectiveness of controls listed in the 2023–2025 Fraud and Corruption Risk Assessment. (See paragraphs 2.39 to 2.62)

Fraud prevention and integrity culture

17. The NHMRC’s 2023–2025 Fraud and Corruption Control Risk Assessment includes preventative controls for all identified risks. Preventative controls for internal fraud risks directly relate to the cause of the risk. Preventative controls for external fraud risks largely relate to education and guidance materials for grant recipients and expected compliance with the NHMRC funding agreement. The NHMRC has not assessed the appropriateness and effectiveness of its preventative controls for fraud risks. Fraud risks are considered in the development of new grant guideline opportunities. The fraud risks were not reviewed following a change in ICT systems or based on the results of the annual compliance review for grant recipients. There are inconsistencies in the NHMRC’s procedures for staff on preventing, detecting and dealing with fraud. The NHMRC’s strategies to mitigate the risk of fraud are stronger for internal fraud risks than external fraud risks. (See paragraphs 3.2 to 3.24)

18. The NHMRC has fraud related guidance materials on its intranet. Fraud awareness training must be completed by staff upon commencement with the entity and refreshed on an annual basis. As at 30 June 2024, 189 of 244 staff had completed fraud awareness training, representing 77.5 per cent of the NHMRC’s total workforce. One of six senior executive service officers had completed this training. The NHMRC publishes its Research Integrity and Misconduct Policy on its website, which includes a section on fraud and other misconduct. The NHMRC’s website also allows anonymous reports of fraud to be provided. The NHMRC has not evaluated the effectiveness of its fraud awareness training. (See paragraphs 3.25 to 3.35)

19. The NHMRC does not carry out fraud investigations and has no qualified investigators. It does not oversee fraud investigations conducted by grant recipients or gain assurance they have been undertaken by qualified investigators. The NHMRC’s staff who identify, assess and manage fraud risks do not have the relevant fraud control training or qualifications. The NHMRC does not have a plan in place for the professional development of staff involved in fraud and corruption activities. (See paragraphs 3.36 to 3.46)

Fraud detection and response

20. The NHMRC listed detective controls for all but two of the risks identified in the 2023–2025 Fraud and Corruption Control Risk Assessment. Detective controls for internal fraud risks directly relate to the cause of the risk. Detective controls for external fraud risks largely require the cooperation of grant recipients. Except for limited testing of ICT controls, the NHMRC has not assessed the appropriateness and effectiveness of its detective controls for fraud risks. The NHMRC has processes in place to receive anonymous reports of alleged fraud. A 2023–24 audit of grant applications prior to the award of funding identified 11 applications which were ineligible that had not been detected during the NHMRC’s standard application review processes. The fraud risk assessment was not updated following the outcome of this audit. (See paragraphs 4.2 to 4.21)

21. The NHMRC’s 2023–2025 Fraud and Corruption Control Framework contains a flowchart of the steps to be undertaken following notification of a suspected fraud. These processes do not relate to instances of suspected fraud by a grant recipient as they are not investigated by the NHMRC. The funding agreements between the NHMRC and grant recipients do not provide the NHMRC with complete information in relation to suspected frauds. The NHMRC’s fraud registers do not contain sufficient information of the investigation or decision-making process. For the one case between 2022–23 and 2023–24 where an allegation of suspected fraud was substantiated after investigation by the grant recipient, the NHMRC did not report the incident to the Australian Federal Police (AFP). The NHMRC recovered $2.6 million in relation to this fraud case. (See paragraphs 4.22 to 4.37)

22. The NHMRC has complied with its reporting obligations in its annual report and to the Australian Institute of Criminology. For the only substantiated fraud in 2022–23 and 2023–24, the NHMRC briefed the Minister for Health and Aged Care following a press release by the relevant grant recipient. The NHMRC has arrangements in place with Health for the management of suspected fraud and other research misconduct. The NHMRC maintains fraud risk registers as well as misconduct and integrity registers, with a separate register developed for each year. These registers do not include detailed information about the incidents and are not consistent with each other. (See paragraphs 4.38 to 4.53)

Preparation for the revised Commonwealth Fraud and Corruption Control Framework 2024

23. The NHMRC’s 2023–2025 Fraud and Corruption Control Framework reflects the establishment of the National Anti-Corruption Commission in July 2023 and relevant reporting and referral requirements. In February 2024 the NHMRC developed an implementation plan, with key milestones and deadlines, for the commencement of the 2024 Commonwealth Fraud and Corruption Policy. As at July 2024 the NHMRC had prepared a draft updated framework and plan to satisfy the requirements of the 2024 Commonwealth Fraud and Corruption Policy. The NHMRC has not developed a plan to put the revised Policy into action, including the delivery of change management activities. (See paragraphs 5.2 to 5.10)

24. The NHMRC plans to review ten grant fraud risks and to test the controls for four grant fraud risks over the period 2024 to 2026. (See paragraphs 5.11 to 5.15)

Recommendations

Recommendation no. 1

Paragraph 2.34

The National Health and Medical Research Council ensure its fraud risk assessments comply with the NHMRC’s 2023–2026 Risk Management Framework and Policy, including documentation of estimated value of fraud as a result of identified risks occurring, and account for all elements of its risk environment and administrative systems.

National Health and Medical Research Council response: Agreed.

Recommendation no. 2

Paragraph 2.55

The National Health and Medical Research Council implement risk-based mechanisms to gain independent assurance of the effectiveness of grant recipients’ fraud risk controls.

National Health and Medical Research Council response: Agreed.

Recommendation no. 3

Paragraph 2.61

The National Health and Medical Research Council plan and undertake regular assessments and testing of the effectiveness of the controls and mitigating strategies listed in its Fraud and Corruption Control Plan.

National Health and Medical Research Council response: Agreed.

Recommendation no. 4

Paragraph 3.45

The National Health and Medical Research Council ensure that all its officials who identify, assess and manage fraud and corruption risks possess the qualifications and skills required by the Fraud Policy.

National Health and Medical Research Council response: Agreed.

Recommendation no. 5

Paragraph 4.28

The National Health and Medical Research Council:

  1. amend the 2019 Research Integrity and Misconduct Policy to require grant recipients to report all allegations of suspected fraud relating to grants administered by the NHMRC; and
  2. ensure all investigations of suspected fraud relating to grants administered by the NHMRC, including investigations by a grant recipient, are undertaken or overseen by suitably qualified personnel and reports are provided directly to the NHMRC.

National Health and Medical Research Council response: Agreed.

Summary of entity response

25. The proposed audit report was provided to the NHMRC. The NHMRC’s full response is provided below.

The National Health and Medical Research Council (NHMRC) takes its responsibilities in relation to fraud and corruption risk seriously. We welcome the ANAO’s review of the efficacy of our systems and processes to prevent, detect and respond to this risk.

A small statutory authority within the Health and Aged Care portfolio, NHMRC funds the highest quality health and medical research and training, and issues guidelines and advice on the prevention, diagnosis and treatment of disease, the provision of health care and on ethical issues relating to health. NHMRC is committed to continuous improvement across all its endeavours and recognises that ensuring the effective and efficient discharge of our responsibilities is fundamental to maintaining community confidence in the health and medical research that underpins Australia’s health care system.

NHMRC accepts the audit findings, conclusions and recommendation and considers that this audit outcome presents an opportunity to further strengthen our management of fraud and corruption risk. NHMRC agrees with all five audit recommendations and will progress implementation with the guidance of our Executive Board and with quality assurance oversight from our independent Audit and Risk Committee.

Key messages from this audit for all Australian Government entities

26. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.

Group title

Governance and risk management

Key learning reference
  • Entities must ensure that they have sufficient and complete information to identify, assess and monitor all internal and external fraud risks.
  • To support the development of controls and mitigation strategies and an assessment of the effectiveness of controls, fraud risks should be broken down into specific elements relevant to the source of the risk.