Consolidated financial statements

Audit results

1. The CFS presents the whole of government and the General Government Sector financial statements. The 2023–24 CFS were signed by the Minister for Finance on 28 November 2024 and an unmodified auditor’s report was issued on 2 December 2024.

2. There were no significant or moderate audit issues identified in the audit of the CFS in 2023–24 or 2022–23.

Australian Government financial position

3. The Australian Government reported a net operating balance of a surplus of $10.0 billion ($24.9 billion surplus in 2022–23). The Australian Government’s net worth deficiency decreased from $570.3 billion in 2022–23 to $567.5 billion in 2023–24 (see paragraphs 1.8 to 1.26).

Financial audit results and other matters

Quality and timeliness of financial statements preparation

4. The ANAO issued 240 unmodified auditor’s reports as at 9 December 2024. The financial statements were finalised and auditor’s reports issued for 79 per cent (2022–23: 91 per cent) of entities within three months of financial year-end. The decrease in timeliness of auditor’s reports reflects an increase in the number of audit findings and legislative breaches identified by the ANAO, as well as limitations on the available resources within the ANAO in order to undertake additional audit procedures in response to these findings

5. A quality financial statements preparation process will reduce the risk of inaccurate or unreliable reporting. Seventy-one per cent of entities delivered financial statements in line with an agreed timetable (2022–23: 72 per cent). The total number of adjusted and unadjusted audit differences decreased during 2023–24, although 38 per cent of audit differences remained unadjusted. The quantity and value of adjusted and unadjusted audit differences indicate there remains an opportunity for entities to improve quality assurance over financial statements preparation processes (see paragraphs 2.138 to 2.154).

Timeliness of financial reporting

6. Annual reports that are not tabled in a timely manner before budget supplementary estimates hearings decrease the opportunity for the Senate to scrutinise an entity’s performance. Timeliness of tabling of entity annual reports improved. Ninety-three per cent (2022–23: 66 per cent) of entities that are required to table an annual report in Parliament tabled prior to the date that the portfolio’s supplementary budget estimates hearing commenced. Supplementary estimates hearings were held one week later in 2023–24 than in 2022–23. Fifty-seven per cent of entities tabled annual reports one week or more before the hearing (2022–23: 12 per cent). Of the entities required to table an annual report, 4 per cent (2022–23: 6 per cent) had not tabled an annual report as at 9 December 2024 (see paragraphs 2.155 to 2.166).

Official hospitality

7. Eighty-one per cent of entities permit the provision of hospitality and the majority have policies, procedures or guidance in place. Expenditure on the provision of hospitality for the period 2020–21 to 2023–24 was $70.0 million. Official hospitality involves the provision of public resources to persons other than officials of an entity to achieve the entity’s objectives. Entities that provide official hospitality should have policies, and guidance in place which clearly set expectations for officials. There are no mandatory requirements for entities in managing the provision of hospitality, however, the Department of Finance (Finance) does provide some guidance to entities in model accountable authority instructions. Of those entities that permit hospitality 83 per cent have established formal policies, guidelines or processes.

8. Entities with higher levels of exposure to the provision of official hospitality could give further consideration to implementing or enhancing compliance and reporting arrangements. Seventy-four per cent of entities included compliance requirements in their policies, procedures or guidance which support entity’s obtaining assurance over the conduct of official hospitality. Compliance processes included acquittals, formal reporting, attestations from officials and/or periodic internal audits. Thirty-one per cent of entities had established formal reporting on provision of official hospitality within their entities (see paragraphs 2.36 to 2.56).

Artificial intelligence

9. Fifty-six entities used artificial intelligence (AI) in their operations during 2023–24 (2022–23: 27 entities). Most of these entities had adopted AI for research and development activities, IT systems administration and data and reporting.

10. During 2023–24, 64 per cent of entities that used AI had also established internal policies governing the use of AI (2022–23: 44 per cent). Twenty-seven per cent of entities had established internal policies regarding assurance over AI use. An absence of governance frameworks for managing the use of emerging technologies could increase the risk of unintended consequences. In September 2024, the Digital Transformation Agency (DTA) released the Policy for the responsible use of AI in government, which establishes requirements for accountability and transparency on the use of AI within entities (see paragraphs 2.67 to 2.71).

Cloud computing

11. Assurance over effectiveness of cloud computing arrangements (CCA) could be improved. During 2023–24, 89 per cent of entities used CCAs as part of the delivery model for the IT environment, primarily software-as-a-service (SaaS) arrangements. A Service Organisation Controls (SOC) certificate provides assurance over the implementation, design and operating effectiveness of controls included in contracts, including security, privacy, process integrity and availability. Eighty-two per cent of entities did not have in place a formal policy or procedure which would require the formal review and consideration of a SOC certificate.

12. In the absence of a formal process for obtaining and reviewing SOC certificates, there is a risk that deficiencies in controls at a service provider are not identified, mitigated or addressed in a timely manner (see paragraphs 2.57 to 2.66).

Audit committee member rotation

13. Audit committee member rotation considerations could be enhanced. The rotation of audit committee membership is not mandated, though guidance to the sector indicates that rotation of members allows for a flow of new skills and talent through committees, supporting objectivity. Forty-six per cent of entities did not have a policy requirement for audit committee member rotation.

14. Entities could enhance the effectiveness of their audit committees by adopting a formal process for rotation of audit committee membership, which balances the need for continuity and objectivity of membership (see paragraphs 2.16 to 2.21).

Fraud framework requirements

15. The Commonwealth Fraud Control Framework 2017 encourages entities to conduct fraud risk assessments at least every two years and entities responsible for activities with a high fraud risk may assess risk more frequently. All entities had in place a fraud control plan. Ninety-seven per cent of entities had conducted a fraud risk assessment within the last two years. Changes to the framework which occurred on 1 July 2024 requires entities to expand plans to take account of preventing, detecting and dealing with corruption, as well as periodically examining the effectiveness of internal controls (see paragraphs 2.16 to 2.21).

Summary of audit findings

16. Internal controls largely supported the preparation of financial statements free from material misstatement. However, the number of audit findings identified by the ANAO has increased from 2023–24. A total of 214 audit findings and legislative breaches were reported to entities as a result of the 2023–24 financial statements audits. These comprised six significant, 46 moderate, 147 minor audit findings and 15 legislative breaches. The highest number of findings are in the categories of:

• IT control environment, including security, change management and user access;
• compliance and quality assurance frameworks, including legal conformance; and
• accounting and control of non-financial assets.

17. IT controls remain a key issue. Forty-three per cent of all audit findings identified by the ANAO related to the IT control environment, particularly IT security. Weaknesses in controls in this area can expose entities to an increased risk of unauthorised access to systems and data, or data leakage. The number of IT findings identified by the ANAO indicate that there remains room for improvement across the sector to enhance governance processes supporting the design, implementation and operating effectiveness of controls.

18. These audits findings included four significant legislative breaches, one of which was first identified since 2012–13. The majority (53 per cent) of other legislative breaches relate to incorrect payments of remuneration to key management personnel and/or non-compliance with determinations made by the Remuneration Tribunal. Entities could take further steps to enhance governance supporting remuneration to prevent non-compliance or incorrect payments from occurring (see paragraphs 2.72 to 2.137).

Financial sustainability

19. An assessment of an entity’s financial sustainability can provide an indication of financial management issues or signal a risk that the entity will require additional or refocused funding. The ANAO’s analysis concluded that the financial sustainability of the majority of entities was not at risk (see paragraphs 2.167 to 2.196).

Reporting and auditing frameworks

Changes to the Australian public sector reporting framework

20. The development of a climate-related reporting framework and assurance regime in Australia continues to progress. ANAO consultation with Finance to establish an assurance and verification regime for the Commonwealth Climate Disclosure (CCD) reform is ongoing (see paragraphs 3.20 to 3.24).

21. Emerging technologies (including AI) present opportunities for innovation and efficiency in operations by entities. However, rapid developments and associated risks highlight the need for Accountable Authorities to implement effective governance arrangements when adopting these technologies. The ANAO is incorporating consideration of risks relating to the use of emerging technologies, including AI, into audit planning processes to provide Parliament with assurance regarding the use of AI by the Australian Government (see paragraphs 3.25 to 3.33).

22. The ANAO Audit Quality Report 2023–24 was published on 1 November 2024. The report demonstrates the evaluation of the design, implementation and operating effectiveness of the ANAO’s Quality Management Framework and achievement of ANAO quality objectives (see paragraphs 3.34 to 3.39).

23. The ANAO Integrity Report 2023–24 and the ANAO Integrity Framework 2024–25 were also published on 1 November 2024 to provide transparency of the measures undertaken to maintain a high integrity culture within the ANAO (see paragraphs 3.44 to 3.46).

Cost of this report

24. The cost to the ANAO of producing this report is approximately $445,000.

Background

1.1 Government accountability and transparency is supported by the preparation and audit of the Australian Government’s CFS. The CFS and the associated financial analysis provide information to assist users in assessing the financial performance and position of the Australian Government. The CFS is prepared by the Department of Finance (Finance) and issued by the Minister for Finance.

1.2 The CFS presents the consolidated whole of government financial results which includes the results of all Australian Government controlled entities, as well as the GGS financial statements. The 2023–24 CFS is prepared in accordance with section 48 of the Public Governance, Performance and Accountability Act 2013 (PGPA Act) and the requirements of the Australian Accounting Standards, particularly AASB 1049 Whole of Government and General Government Sector Financial Reporting (AASB 1049).

1.3 AASB 1049 requires, with limited exceptions, the principles and rules in the Australian Bureau of Statistics’ Government Finance Statistics (GFS) Manual to be applied in the preparation of the CFS where compliance with the GFS Manual would not conflict with Australian Accounting Standards.

Key areas of financial statements risk

1.4 The ANAO’s 2023–24 audit approach identified four key areas of financial statements risk that had the potential to impact the Australian Government and which were considered Key Audit Matters (KAM).

Table 1.1: Key areas of financial statements risk

Note: For 2023–24, the ‘accuracy and occurrence of personal benefits expense’ and the ‘valuation of collective investment vehicles’ are no longer considered key audit matters compared to the prior year.

Note a: Figures presented in Table 1.1 may differ from the financial statements of individual entities because of eliminations and adjustments at the CFS level or where the entities identified contribute a majority to the balance of the financial statements line item.

Note b: These are the main government entities responsible for administration and reporting of Australian Government superannuation liabilities. Liabilities also include schemes managed by other entities, such as the Australian Postal Corporation.

Source: ANAO 2023–24 audit results, and the CFS for the year ended 30 June 2024.

Audit results

1.5 The 2023–24 CFS was signed by the Minister for Finance on 28 November 2024 and the Auditor-General’s unmodified auditor’s report was issued on 2 December 2024.

1.6 There were no unadjusted audit differences in 2022–23 or 2023–24.

1.7 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits of the CFS. Table 1.2 presents a summary of the total number of unresolved findings at the conclusion of the 2023–24 final audit.

Table 1.2: Unresolved audit findings

Source: ANAO 2023–24 audit results.

Australian Government’s financial outcome

1.8 The following provides analysis of key financial balances for the Australian Government.

Operating result

1.9 The following key financial measures were reported for 2023–24:

• net operating balance was a surplus of $10.0 billion (compared to a surplus of $24.9 billion in 2022–23);
• operating result was a deficit of $20.1 billion (compared to a surplus of $13.2 billion in 2022–23); and
• comprehensive result (change in net worth) was an increase in net worth of $2.8 billion (compared to an increase of $38.4 billion in 2022–23).

1.10 Figure 1.1 presents the changes in the Australian Government’s net operating balance from 1 July 2023 to 30 June 2024.

Figure 1.1: Changes in the Australian Government’s net operating balance from 1 July 2023 to 30 June 2024

Source: ANAO analysis of the 2023–24 CFS.

1.11 Table 1.3 provides commentary on the main contributors to the change in net operating balance of the Australian Government identified in Figure 1.1.

Table 1.3: Explanation of key movements in net operating balance

Source: ANAO analysis of 2023–24 CFS.

Classification of expenses by the functions of Government

1.12 Figure 1.2 provides an analysis of the Australian Government’s expenses by function from 1 July 2019 to 30 June 2024. As a percentage of total expenses, each function has remained stable during this period, except for:

• ‘Other economic affairs’: During 2019–20 and 2020–21 the ‘Other economic affairs’ function included higher expenses related to the JobKeeper and cashflow boost payments which supported businesses and individuals impacted by the effects of the COVID-19 pandemic. The percentage of expenditure returned to pre-pandemic levels by 2022–23;
• ‘Other purposes’: This function consists of the General Revenue Assistance payments to the states and territories for their share in GST. These payments were reduced over the COVID-19 pandemic period as consumption declined and have returned to pre-pandemic levels in 2023–24; and
• ‘General public services’: These expenses have increased in 2022–23 and 2023–24 because the Reserve Bank of Australia (RBA) is paying more interest in its exchange settlement accounts as a result of higher interest rates over the period.

Figure 1.2: Proportion of expenses of Government by function from 2019–20 to 2023–24

Notes: The ‘Other purposes’ function includes public debt transactions, general purpose inter-government transactions, natural disaster relief and grants to and through state and territory governments.
The ‘Other economic affairs’ function represents non-standard payments including storage, tourism promotion, labour market assistance to industry and industrial relations.
‘Other expenses’ includes payments to: agriculture, forestry and fishing; fuel and energy; housing and community amenities; mining, manufacturing and construction; public order and safety; recreation and culture; transport and communications.

Source: ANAO analysis of the CFS from 2019–20 to 2023–24.

Australian Government’s financial position

Net worth

Changes in the Australian Government’s net worth from 1 July 2023 to 30 June 2024

1.13 The Australian Government’s net worth deficiency reduced from $570.3 billion in 2022–23 to $567.5 billion in 2023–24. Figure 1.3 provides an analysis of the movement in net worth from 1 July 2023 to 30 June 2024.

Figure 1.3: Changes in the Australian Government’s net worth from 1 July 2023 to 30 June 2024

Source: ANAO analysis of the 2023–24 CFS.

1.14 Table 1.4 provides commentary on the main contributors to the change in net worth of the Australian Government identified in Figure 1.3.

Table 1.4: Explanation of key movements in net worth

Source: ANAO analysis of 2023–24 CFS.

Changes in the Australian Government’s net worth from 2014–15 to 2023–24

1.15 Figure 1.4 illustrates the total assets, total liabilities and net worth of the Australian Government since 2014–15. During the period:

• Total assets increased from $541.9 billion to $989.0 billion;
• Total liabilities increased from $841.8 billion to $1,556.5 billion; and
• the Net worth position decreased, from a deficiency of $299.8 billion to a deficit of $567.8 billion.

Figure 1.4: Australian Government’s total assets, total liabilities and net worth, from 2014–15 to 2023–24

Source: ANAO analysis of the 2014–15 to 2023–24 CFS.

Government securities

1.16 Government securities are primarily issued to meet the financing needs of the Australian Government and are issued to fund the operations of the Australian Government because over the period from 2014–15 to 2021–22, the Australian Government’s expenses have been greater than the revenue it received. Since 2022–23, revenues have exceeded expenses. Figure 1.5 illustrates the trend of Australian Government revenue and expenses over the period 2014–15 to 2023–24.

Figure 1.5: Australian Government revenue and expense for the period 2014–15 to 2023–24

Source: ANAO analysis of the 2014–15 to 2023–24 CFS.

1.17 The Australian Office of Financial Management (AOFM) is responsible for managing the Australian Government Securities, which totalled $844.2 billion for the GGS at 30 June 2024, comprised of Treasury Bonds, Treasury Indexed Bonds and Treasury Notes. The value of the Australian Government’s Securities is $611.0 billion largely due to the RBA holding a portion of Australian Government Securities on issue. While Figure 1.5 shows that revenue is greater than expenses for 2023–24, additional government securities were issued during the year, including $7.0 billion for the new Green Treasury Bonds.¹

1.18 Figure 1.6 demonstrates the interest paid by AOFM on Government Securities over the five-year period from 2019–20 to 2023–24. During 2023–24 interest repayments flattened as interest rates have remained relatively stable. However, new securities issued during 2023–24 were issued at higher yields than in previous years. At 30 June 2024, the weighted average market yield on Treasury Bonds (the major portion of Australian Government Securities) was 4.18 per cent (2022–23: 4.06 per cent).

Figure 1.6: AOFM Government Securities Interest Paid from 2019–20 to 2023–24

Source: ANAO analysis of AOFM from 2019–20 to 2023–24.

Net debt

1.19 There was a steady growth in net debt as a percentage of Gross Domestic Product (GDP), growing from 9.0 per cent in 2014–15 and peaking in 2020–21 at 23.9 per cent due to the COVID-19 pandemic. Since this time there has been a decrease in the net debt position to 15.8 per cent of GDP in 2023–24.

1.20 Figure 1.7 illustrates the change in the indicators of the net financial position and net interest payments of the Australian Government from 2014–15 to 2023–24 as a percentage of GDP.

Figure 1.7: Australian Government net debt position as per cent of GDP, from 2014–15 to 2023–24

Source: ANAO analysis of 2023–24 commentary on the CFS.

Superannuation liabilities and the Future Fund

1.21 The Australian Government has superannuation liabilities arising from obligations to employees for defined benefit superannuation schemes. Note 9C of the CFS provides information on the nature of these schemes. The total superannuation net liability for these schemes was $308.5 billion as at 30 June 2024 ($313.1 billion as at 30 June 2023). The significant balances of the reported net liability relate to the following schemes that are closed to new members:

• Commonwealth Superannuation Scheme ($66.2 billion);
• Public Sector Superannuation Scheme ($101.7 billion);
• Military Superannuation Benefits Scheme ($101.2 billion); and
• Defence Force Retirement and Death Benefits Scheme ($31.7 billion).

1.22 The primary reason for the decrease in the liability is the increase in the discount rate used in valuing the superannuation liability between 30 June 2022 and 30 June 2024. The long-term nature of the superannuation liability means that small changes to the discount rate can have a large impact on the estimation of the value of the liability.

1.23 The Future Fund was established by the Future Fund Act 2006 to strengthen the Australian Government’s long-term financial position through the acquisition of financial assets and investments to assist in the discharge of the Australian Government’s superannuation liabilities. The Future Fund Board of Guardians is responsible for deciding how to invest the assets of the Future Fund through balancing the risk aspects of each investment mandate to maximise returns.

1.24 Figure 1.8 provides an overview of the balances of the Australian Government superannuation liabilities, the net investment balance of the Future Fund and the target asset level (TAL) from 2014–15 to 2023–24.

Figure 1.8: Total value of Australian Government superannuation liabilities and Future Fund investments, and the target asset level, from 2014–15 to 2023–24

Source: ANAO analysis of 2023–24 CFS and the Target Asset Level Declaration issued by the designated actuary of the Future Fund on 25 June 2021.

1.25 The TAL represents the best estimate of the assets required, together with investment earnings on those assets, which would be sufficient to meet unfunded superannuation benefit payments accrued up to the start of the financial year. The discount rate used to calculate the present value of future payments for TAL purposes represents the expected investment return on Future Fund assets. The Australian Government’s superannuation liability included in Figure 1.8 reflects the present value of future unfunded superannuation benefits payments discounted using the Commonwealth bond rate, in accordance with Australian Accounting Standards.

1.26 Figure 1.8 shows that the 2023–24 estimate of the TAL is $230.5 billion², which is above the current Future Fund investment asset balance of $215.0 billion (2023: $202.9 billion). The Future Fund Act 2006 permits drawdowns when the balance of the Future Fund equals or exceeds the TAL. On 21 November 2024, the Australian Government announced that it would delay drawdowns from the Future Fund until at least 2032–33.³

Commonwealth investments

1.27 In recent years, the ANAO has identified an increase the number and size of investment schemes, investment mechanisms and ad-hoc investments. These investments have included direct equity investments such as Inland Rail Pty Ltd and Marinus Link Pty Ltd, the Capacity Investment Scheme and other direct investments such as Digicel and PSI Quantum Computing Corporation.

1.28 The ANAO has identified that the different vehicles for investments have different governance structures and the transparency of these investments is not consistent across the Commonwealth.

1.29 The Australian Government reports fiscal aggregates including net operating balance and underlying cash. These aggregates exclude cash or accounting movements that are of an investment or financing nature, such as investments made for policy purposes and the fair value losses on these investments.

1.30 Investments made for policy purposes have elements of economic and social benefits in addition to providing commercial returns to the Australian Government. These investments are also referred to as alternative financing arrangements.

1.31 The Parliamentary Budget Office (PBO) has noted that — ‘under successive governments there has been a shift toward delivering more government policies using alternative financing arrangements rather than direct payments’.⁴ The Joint Committee of Public Accounts and Audit (JCPAA) conducted an inquiry into Alternative Financing Mechanisms and released its report in March 2022.⁵

1.32 The JCPAA recommended that the Minister for Finance ‘consider changes to improve transparency for equity investments’ consistent with proposed improvements identified by the PBO to budget documents to assist Parliament in scrutinising investments for policy purposes.

1.33 This would improve transparency on where the government for policy purposes, is investing and seeking a sufficient rate of return on equity compared with those circumstances where the government is not investing to make a sufficient rate of return.

1.34 In response to the JCPAA’s recommendations, the Department of Finance introduced improvements to the transparency and disclosure in budget reporting of balance sheet items initially as part of the 2023–24 Budget. These improvements were made to enhance the understanding of the Australian Government’s financial position by parliamentarians and the public. The Department of Finance has maintained the same disclosure in the 2024–25 Budget.

1.35 The Department of Finance has advised the JCPAA that it will continue to look for opportunities to improve the level of transparency and disclosure contained in the Budget Papers.⁶

1.36 The ANAO has reviewed the recommendation regarding better segregation of the commercial and non-commercial portions (economic and social benefits) of the investments to better reflect the implications on key fiscal aggregates (of underlying cash and net operating balance) in the financial statements. The impact of the equity injections on operations of these entities is not reflected in the net operating balance unless dividends are received from the entities. The ongoing valuations of these entities are reflected in net worth. If the valuation of these entities deteriorates (for example as a result of accumulating losses or the valuation of future cash flows associated with assets procured through equity injections being less than their purchase costs), the deterioration in the position will be reflected in the GGS’ net worth but not impact on the net operating balance even if the deterioration was a predictable result of a non-commercial policy decision.

Note a: Inland Rail Program Business Case 2015, available from https://inlandrail.com.au/wp-content/uploads/2020/07/business-case-2015.pdf [accessed on 23 October 2024].

Definitions used in this chapter

1.37 Table 1.5 provides a glossary of the key fiscal aggregates and other terminology used in this chapter to explain the Australian Government’s net worth and financial performance.

Table 1.5: Definitions of terms used

Source: Australian Bureau of Statistics (2015). Australian System of Government Finance Statistics: Concepts, Sources and Methods; AASB 101 Preparation of Financial Statements, paragraphs 5 and 7; AASB 1049 Whole of Government and General Government Sector Financial Reporting, Appendix A; and Reserve Bank of Australia (2017). Glossary RBA. [Internet], available from https://www.rba.gov.au/glossary/ [accessed 22 October 2024].

Introduction

2.1 The Auditor-General for Australia is required by the Public Governance, Performance and Accountability Act 2013 (PGPA Act) to audit and report on the financial statements of all Commonwealth entities, Commonwealth companies and their subsidiaries.⁷ This chapter summarises the results of the 2023–24 financial statements audits and provides information on certain topics relating to the governance and administration of entities.

Summary of 2023–24 auditor’s reports

Auditor’s reports issued

2.2 A comparison of the number and type of auditor’s reports issued by the Auditor-General and their delegates in 2022–23 and 2023–24 (as at 9 December 2024), including the CFS is summarised at Table 2.1.

Table 2.1: Summary of auditor’s reports issued and outstanding as at 9 December 2024 and 30 November 2023

Note a: Thirteen of the unmodified auditor’s reports included an emphasis of matter.
The auditor’s report for seven entities included an emphasis of matter to draw users’ attention to the basis of preparation of the financial statements or restrictions on the distribution or use of the auditor’s report. These entities are: Australia Post Licensee Advisory Council Limited; Australian Sports Foundation Charitable Trust; Darwin Hotel Partnership; Gagudju Lodge Cooinda Trust; IBA Retail Property Trust; Performance Bond Fund; and Tennant Creek Land Holding Trust.
The auditor’s report for six entities included an emphasis of matter to draw to users’ attention a particular matter in the financial statements. These entities are: Australian Scientific Instruments Pty Ltd; Departments of: Veterans’ Affairs; and Social Services; Natural Heritage Trust of Australia; National Health Funding Body; and Seafarers Safety, Rehabilitation and Compensation Authority. For details of each of the matters included in the auditor’s report, refer to Chapter 4.

Note b: As at 9 December 2024, the 2023–24 financial statements audits had not been finalised for the following entities: IBA Retail Asset Management Pty Ltd; Ikara Wilpena Enterprises Pty Ltd; Ikara Wilpena Holdings Trust; National ICT Australia Ltd; Royal Australian Navy Central Canteens Board; and Win with Navy Ltd.

Note c: As at 30 November 2023, the 2022–23 financial statements audits had not been finalised for the following entities: Bundanon Trust; Royal Australian Navy Central Canteens Board; and Wreck Bay Aboriginal Community Council. These audits were subsequently finalised. The results of these audits were reported in Auditor-General Report No. 42 2023–24 Interim Report on Key Financial Controls of Major Entities.

Note d: The Consolidated Financial Statements is included in the total number of financial statements audits.

Source: 2022–23 and 2023–24 ANAO auditor’s reports.

2.3 A financial statements audit is finalised when the auditor has formed an opinion on the financial statements, and that opinion has been expressed through a written report.

2.4 The ANAO’s 2024–25 Corporate Plan included a performance measure ‘Percentage of mandated financial statements audit reports issued in time to meet entity annual reporting timeframes’, for which the target was set at 85 per cent within three months of the end of the financial year. Figure 2.1 shows that the finalisation of financial statements audits within three months of the reporting date has decreased from 2022–23. Seventy-nine per cent of auditor’s reports were issued within three months of the end of the reporting period compared to 91 per cent in 2022–23.

Figure 2.1: Timeframes for auditor’s report signing from the end of financial year

Source: ANAO analysis.

2.5 The decrease in timeliness of auditor’s reports in 2023–24 is largely due to:

• an increase in the number of audit findings identified by the ANAO during 2023–24. Audit findings are representative of weaknesses in entity internal control supporting the preparation of the financial statements. Where audit findings are identified the ANAO is generally required to perform alternative or additional audit procedures, to gain sufficient and appropriate audit evidence that the financial statements are not materially misstated; and
• the nature of the ANAO’s resourcing base. The ANAO is funded to undertake financial statements audits via an annual appropriation. When audit findings, contentious matters or audit differences are identified, the ANAO must work within its existing resourcing base in order to finalise these engagements and perform the necessary alternative or additional audit procedures. In these circumstances, the ANAO prioritises the completion of material entity audits in support of the preparation of the Australian Government’s Consolidated Financial Statements. During 2023–24 the ANAO delayed the audit of ten entities in order to complete the audits of material entities. These entities were the: Australian Strategic Policy Institute Ltd; Australian Submarine Agency; Australian Transport Safety Bureau; Independent Health and Aged Care Pricing Authority; Independent Parliamentary Expenses Authority; IP Australia; Office of the Director of Public Prosecutions (Cth); Old Parliament House; Parliamentary Workplace Support Service; and Wreck Bay Aboriginal Community Council.

2.6 The ANAO issued 98 per cent of auditor’s reports within two business days of the signing of the financial statements by the accountable authority (2022–23: 99 per cent).

What is the ANAO’s assessment of the effectiveness of entity internal control environments supporting the financial statements?

2.7 The ANAO applies the framework in ASA 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment to consider the impact of elements of an entity’s internal controls supporting the preparation of financial statements. This approach provides a basis for designing and implementing responses to the assessed risk of material misstatement. Figure 2.2 outlines these elements.

Figure 2.2: Elements of entity internal controls

Source: ASA 315 Identifying and assessing the risk of material misstatement through understanding the entity and its environment, paragraphs 4 to 21.

2.8 An effective internal control framework provides a level of assurance that entities are able to prepare financial statements that are free from material misstatement. For the majority of entities in 2023–24 key elements of internal control were operating effectively, providing the ANAO with reasonable assurance that the prepared financial statements were free from material misstatement.

2.9 Except for particular finding/s outlined in Chapter 4⁸, key elements of internal control were operating effectively to provide reasonable assurance that entities are able to prepare financial statements that are free from material misstatement. These particular findings reported to entities represented moderate or significant business or financial management risk to the entity.

2.10 For entities where audit findings were reported, the ANAO was required to undertake additional audit procedures to obtain sufficient and appropriate audit evidence that provided reasonable assurance the entity’s financial statements were not materially misstated.

2.11 Table 2.2 details the assessment of the effectiveness of the elements of internal control at the conclusion of the final audit for the entities included in this report.

Table 2.2: Assessment of the effectiveness of the elements of internal control

Source: ANAO analysis of 2023–24 audit results.

2.12 There were six significant audit findings reported to five entities during 2023–24 which reduced the level of reliance which could be placed on the effective operation of internal control supporting the preparation of the financial statements. The audit findings reported to these entities presented a significant business or financial management risk to each entity. These included issues that could result in a material misstatement of the entity’s financial statements. The five entities are: the Anindilyakwa Land Council; Australian Taxation Office; Department of Defence; Department of Health and Aged Care; and Services Australia.

Control environment

2.13 The PGPA Act sets out the requirements to establish and maintain systems relating to risk and control. Section 16 of the PGPA Act states that:

The accountable authority of a Commonwealth entity must establish and maintain:

(a) an appropriate system of risk oversight and management for the entity; and

(b) an appropriate system of internal control for the entity;

including by implementing measures directed at ensuring officials of the entity comply with finance law.⁹

2.14 An effective control environment is underpinned by a fit-for-purpose governance structure. Indicators of an effective governance structure include whether management has established frameworks and processes that promote positive attitudes, awareness and actions concerning the entity’s internal controls and their importance in the entity. The main elements reviewed included: governance structures relevant to the preparation of the financial statements; audit committee and assurance arrangements; systems of authorisation; and processes for recording financial transactions.

2.15 Clear lines of accountability and reporting are important in establishing a strong internal control environment for the purposes of preparing the financial statements. The involvement of those charged with governance is an important element of these structures. Just as important is ensuring that staff at all levels in an entity understand their own role in the control framework. This can be achieved through the issuance of accountable authority instructions and delegation instruments.

Audit committees

2.16 Audit committees play an important role in providing advice to Accountable Authorities over the appropriateness of an entity’s financial reporting, performance reporting, system of risk oversight and management and system of internal control.

2.17 Finance’s Resource Management Guide (RMG 202) relating to audit committees, describes a committee’s role as supporting good governance of entities.¹⁰ The Public Governance, Performance and Accountability Act 2013 (PGPA Act) and Public Governance, Performance and Accountability Rule 2014 (PGPA Rule) prescribe requirements for establishment, membership and functions of these committees. With the exception of three entities, the ANAO’s analysis confirms that for all entities in this report:

• have established audit committees that meet the minimum requirements for audit committees as outlined in section 17¹¹ or section 28¹² of the PGPA Rule;
• committees consist of a majority of members which were assessed by the entity to be independent;
• all committee chairs were independent members; and
• an audit committee charter, that is consistent with their obligations under subsection 17(2) of the PGPA Rule, is in place.

2.18 The entities that did not meet these minimum requirements were the: Australian Strategic Policy Institute Ltd; National Transport Commission; and Royal Australian Air Force Veterans’ Residences Trust.¹³

2.19 The rotation of audit committee membership is not mandated. Finance’s RMGs indicate that: ‘it is important to rotate the audit committee members to allow for a flow of skills and talent through the committee, enhancing its effectiveness and ensuring its objectivity’.¹⁴ Finance also indicates that: ‘The frequency of rotation of committee members needs to be balanced against the time it takes to develop experience and knowledge of the entity’s operations and to develop productive relationships with the entity’s officials and the other audit committee members’.¹⁵

2.20 Fifty-six per cent of entities had implemented a rotation policy for members of their audit committee. These entities included individual member rotation requirements which specified the maximum period of time in which a member could serve on the committee.

2.21 Figure 2.3 demonstrates the range of the maximum time period for audit committee members for entities with rotation requirements is two to 10 years. The average maximum time period permitted for these entities was five years.

Figure 2.3: Maximum number of years which can be served by audit committee members as per entity audit committee charters

Source: ANAO analysis of entity audit committee charters.

2.22 Figure 2.4 demonstrates that during 2023–24 the range of the total time served by individual members of audit committees was one to 15 years, with an average of three years. Twenty-five per cent of members were appointed to an audit committee during 2023–24.

Figure 2.4: Percentage of the number of years served by entity audit committee members for all entities

Source: ANAO analysis of audit committee member tenure at 30 June 2024.

2.23 The PGPA Act and Rule do not specify the total number of audit committees which an individual can be a member. Finance’s RMGs indicate that:

An audit committee’s effectiveness can be enhanced by having members with experience on other public or private sector audit committees and with networks to other audit committees. However, membership of multiple audit committees needs to be balanced against the ability to understand the issues and operating context of a specific entity.¹⁶

2.24 Of individual audit committee members during 2023–24:

• Sixty-three per cent of individuals were appointed only one audit committee.
• The total range of committees served by individuals was one to 15.
• One per cent, or 11 individuals, served on more than five audit committees.

Fraud risk assessment processes

2.26 Section 16 of the PGPA Act sets out an accountable authority’s responsibilities regarding the establishment of appropriate risk oversight and management in an entity. An understanding of an entity’s process to identify and manage risk is essential to an effective and efficient financial statements audit. A review of this process is completed to assist the ANAO to understand how entities identify and manage fraud risks relating to financial statements and assess the risk of material misstatement to an entity’s financial statements.

Fraud control

2.27 Section 10 of the PGPA Rule details the minimum standards for accountable authorities of Commonwealth entities for managing the risk and incidence of fraud. The accountable authority of an entity must take all reasonable measures to prevent, detect and deal with fraud relating to the entity. This includes conducting fraud risk assessments regularly and when there is a substantial change in the structure, functions or activities of the entity.¹⁷

2.28 The Commonwealth Fraud Control Framework 2017, encourages entities to conduct fraud risk assessments at least every two years and entities responsible for activities with a high fraud risk may assess risk more frequently.¹⁸

2.29 The ANAO analysed the extent to which the guidance and requirements of the Commonwealth Fraud Control Framework 2017 were implemented by entities at 30 June 2024 and identified that:

• all entities have developed and implemented a fraud control plan to prevent and detect fraud¹⁹;
• all entities had undertaken a fraud risk assessment. However, six entities had not conducted a fraud risk assessment within the last two years. These entities are: Attorney-General’s Department; Australian Centre for International Agricultural Research; Australian National Maritime Museum; Australian Radiation Protection and Nuclear Safety Agency; Sydney Harbour Federation Trust; and Wine Australia.

2.30 On 1 July 2024, the Commonwealth Fraud and Corruption Control Framework came into effect.²⁰ In addition to the existing requirements of the 2017 framework, the new framework requires that:

• accountable authorities also take steps to prevent, detect and deal with corrupt conduct, in addition to fraud;
• entities have in place governance structures and processes to oversee and manage risks of fraud and corruption;
• entities have in place officials who are responsible for managing risks of fraud and corruption; and
• entities must periodically review the effectiveness of their fraud and corruption controls.

Information systems and communication

2.31 The information system relevant to the preparation of the financial statements consists of activities and policies, and accounting and supporting records, designed and established to initiate, record and process entity transactions (as well as to capture, process and disclose information about events and conditions other than transactions).

2.32 An entity’s business processes include activities that are designed to record information, including accounting and financial reporting information and to ensure compliance with laws and regulations.

2.33 Ninety-two audit findings have been reported to entities in 2023–24 relating to the IT control environment, accounting for 43 per cent of all audit findings identified by the ANAO. The most common findings identified related to weaknesses in: privileged and other user access; and change management. Further information relating to these findings is available in paragraphs 2.87 to 2.97.

Control activities

2.34 The control activities component of an entities’ system of internal control are primarily direct controls which are designed to prevent, detect or correct misstatements.²¹ Auditors are required to evaluate the design of the controls and determine whether the controls have been implemented. Controls include authorisations and approvals, reconciliations, verifications (such as edit and validation checks or automated calculations), segregation of duties, and physical or logical controls, including those addressing safeguarding of assets.

2.35 Where the ANAO identifies one or more control deficiencies, the ANAO assesses whether, individually or in combination, the deficiencies constitute a significant deficiency and reports these to accountable authorities as audit findings. The ANAO applies professional judgement in determining whether a deficiency represents a significant control deficiency. Information relating to the audit findings identified by the ANAO during the 2023–24 audits is available at paragraphs 2.72 to 2.137.

How are entities managing the provision of hospitality?

2.36 As identified in Finance’s RMG 206 Model Accountable Authority Instructions22, official hospitality generally involves the use of public resources to provide hospitality to persons other than entity officials to facilitate the achievement of one or more Commonwealth objectives. Official hospitality may include the provision of refreshments, entertainment, gifts of property, prizes or other benefits. As official hospitality involves the use of public resources, the costs must be reasonable, appropriate and publicly defensible.

2.37 Accountable Authorities must comply with section 15 of the PGPA Act which requires that the accountable authority governs the entity in a way that promotes the proper use and management of public resources and promotes the achievement of the purposes of the entity. Proper, when used in relation to the use or management of public resources, means efficient, effective, economical and ethical. Section 27 of the PGPA Act states that an official must not improperly use their position to gain, or seek to gain, a benefit to themselves or another person, or to cause, or seek to cause, detriment to the entity, the Commonwealth, or any other person. Outside of the requirements of the PGPA Act, there are no mandatory requirements or policies relating to the provision of official hospitality for which entities must comply.

2.38 While there is no mandatory requirement for entities to establish policies and procedures associated with the provision of official hospitality, these matters are dealt with in RMG 206. RMG 206 provides guidance to entities, which can be adopted by entities, including:

• that officials should not enter into an arrangement to provide official hospitality unless they have been delegated, or authorised to exercise, power to enter into such an arrangement;
• officials should act in accordance with the Commonwealth Procurement Rules when procuring goods or services to provide official hospitality; and
• any decision to spend relevant money on official hospitality must be publicly defensible.

2.39 RMG 206 suggests additional matters for consideration by entities, including:

• the process required to determine whether or not the expenditure on official hospitality is representative of a proper use of public resources;
• definition of activities that would be considered provision of official hospitality, for example, whether it includes business catering;
• record keeping requirements; and
• the process for approving official hospitality, including delegations or whether an official can approve official hospitality for which they can benefit.

2.40 During 2023–24, 81 per cent of entities permitted the provision of official hospitality. The ANAO have analysed the design of entity policies, procedures and guidance relating to the provision of official hospitality for the period 2020–21 to 2023–24. The ANAO’s analysis has been undertaken with reference to the model accountable authority instructions included in RMG 206.

Expenditure on official hospitality

2.41 For the period 2020–21 to 2023–24 entities incurred $70.0 million in expenditure on official hospitality.²³ Table 2.3 demonstrates that the total amount of expenditure on official hospitality has been increasing in the period 2020–21 to 2023–24.

Table 2.3: Total official hospitality expenses by financial year 2020–21 to 2023–24

Source: ANAO analysis.

2.42 The average expenditure on official hospitality during the period 2020–21 to 2023–24 per entity was $601,381. The range of expenditure during the period was nil (for entities that permit expenditure, but did not incur expenditure in the period) to $23.2 million.

2.43 Sixty-five per cent of official hospitality during the period 2020–21 to 2023–24 was incurred by non-corporate entities. Figure 2.5 demonstrates the percentage of expenditure incurred on official hospitality by the type of entity during this period.

Figure 2.5: Percentage of total expenditure on official hospitality by entity type during the period 2020–21 to 2023–24

Source: ANAO analysis.

2.44 During the period 2020–21 to 2023–24, 38 per cent of expenditure was incurred by entities in the Foreign Affairs and Trade portfolio and 24 per cent by entities within the Infrastructure, Transport, Regional Development, Communications and the Arts portfolio. The remaining 48 per cent of expenditure was incurred by entities across 13 portfolios. Figure 2.6 demonstrates the percentage of expenditure incurred on official hospitality by the entities within each portfolio during this period.

Figure 2.6: Percentage of total expenditure on official hospitality by portfolio during the period 2020–21 to 2023–24

Source: ANAO analysis.

2.45 The Department of Foreign Affairs and Trade incurred 33 per cent of all expenditure on official hospitality during the period 2023–24. Eleven entities incurred 2 per cent of more of the total expenditure on official hospitality during the period with the remainder incurred by 135 other entities. Figure 2.7 outlines the composition of the Australian Government’s total expenditure on official hospitality by entity during the period 2020–21 to 2023–24.

Figure 2.7: Percentage of the Australian Government’s total expenditure on official hospitality by entity during the period 2020–21 to 2023–24

Source: ANAO analysis.

Policies, procedures and guidance for official hospitality

2.46 During 2023–24, 83 per cent of entities that permitted the provision of official hospitality had in place a formal and approved policy, procedure or guidance which specified the requirements for conduct, approval and expenditure on official hospitality. Of these policies:

• 61 per cent were updated or reviewed within the period 2022–23 to 2023–24; and
• 39 per cent were updated or review during or before 2021–22.

2.47 Some entities included a cap on expenditure in their policy. A cap on expenditure may indicate an entity’s tolerance for expenditure on official hospitality. Eighty-seven per cent of entities did not include a cap on expenditure in their policy. Of the entities that had established a cap on expenditure in the policy, these caps ranged from:

• $77 to $300 per attendee; or
• $2,500 to $50,000 per event.

Risks, compliance and reporting

2.49 The provision of hospitality could increase the exposure of entities to risks associated with probity and transparency. Official hospitality should only be undertaken where it is representative of proper use of public resources. Sixteen per cent of entities identified specific risks associated with the provision of hospitality in their entity level risk assessment process. These risks mainly related to:

• compliance risks, including in relation to workplace health and safety arrangements for conducting hospitality;
• value for money risks, including whether official hospitality could be considered as a proper use of public resources; and
• fraud, corruption and integrity risks, including in relation to transparency and probity for officials of an entity in engaging with stakeholders at events; in provision of hospitality to stakeholders which an entity may regulate or procure from; and an official approving expenditure which would benefit that official.

2.50 Seventy-four per cent of entities have established specific compliance arrangements in order to confirm that policies, procedures and guidance relating official hospitality are adhered to. Of the entities that had implemented a compliance process, most related to post event or transaction assurance. Table 2.4 includes an overview of the nature of compliance arrangements which have been established by entities.

Table 2.4: Compliance mechanisms established in official hospitality policies

Source: ANAO analysis.

2.51 ‘Other’ compliance mechanisms identified in the table above include:

• pre-approval required via a separate official hospitality form;
• periodic reviews over the hospitality expense general ledger; and
• specific training provided regarding appropriate official hospitality spending to improve compliance with policies and procedures.

2.52 There are no mandatory requirements for regular internal or public facing reporting on the provision of official hospitality by entities. Thirty-five per cent of entities had established formal periodic reporting on provision of official hospitality within their entities.

2.53 Of the entities that prepared regular periodic reports, reporting was predominately provided to the accountable authority, executive management board (or equivalent) or the chief financial officer. Figure 2.8 demonstrates the bodies or officials which receive regular reporting on official hospitality.

Figure 2.8: Recipients of regular reporting on official hospitality

Source: ANAO analysis.

2.54 Of the entities that prepared regular periodic reports, 45 per cent of entities prepared and reviewed reporting on quarterly basis. Figure 2.9 demonstrates the frequency in which entities prepared and reviewed internal reporting on official hospitality.

Figure 2.9: Frequency of reporting on official hospitality

Source: ANAO analysis.

2.56 A list of entities that have implemented official hospitality policies, procedures and guidance; reporting and compliance arrangements and expenditure is available at Appendix 5.

How are entities managing cloud computing arrangements?

Adoption of cloud computing arrangements

2.57 The delivery model for IT environments is changing over time, due to developments in outsourcing and innovation in technology. Cloud computing arrangements (CCAs) are arrangements whereby an entity outsources software, hardware or infrastructure services to a third-party cloud provider. CCAs encompass software-as-a-service (SaaS), infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) and other hosting, file sharing and data storage arrangements.²⁴ In CCAs programs and services that were traditionally hosted on an entity’s network, infrastructure and servers are hosted remotely by a third party service provider. During 2023–24, 89 per cent of entities advised the ANAO that they used one or more CCAs in the management of the IT environment.

2.58 Of the entities with CCA as part of their IT environment, 95 per cent of entities had adopted some form of SaaS arrangement. Figure 2.10 demonstrates the prevalence of the types of CCAs which have been adopted by entities.

Figure 2.10: Types of cloud computing arrangements in place at entities during 2023–24

Source: ANAO analysis.

Assurance over cloud computing arrangements

2.59 While entities may outsource selected IT functions to service providers, entities retain accountability and are responsible for ensuring the outsourced IT functions are appropriately managed in accordance with legislative and policy requirements. The Protective Security Policy Framework (PSPF)²⁵ and the Australian Government Information Security Manual (ISM)²⁶ emphasise the importance of reviewing and assessing third-party service providers to ensure they meet security and operational requirements as part of the procurement process and ongoing contract management. The PSPF and ISM are mandatory for all non-corporate Commonwealth entities. As identified in the Australian Signals Directorate’s Guidelines for Procurement and Outsourcing:

Outsourcing can be a cost-effective option for providing cloud services, as well as potentially delivering a superior service. However, outsourcing can affect an organisation’s security risk profile. Ultimately, an organisation will still need to decide whether a particular outsourced cloud service represents an acceptable security risk and, if appropriate to do so, authorise it for their own use.²⁷

2.60 Guidance on managing security supply chain risks are outlined in PSPF Policy 6: Security governance for contracted goods and service providers (Policy 6). Policy 6 has four requirements.

• Assessing and managing security risks of procurement.
• Establishing protective security terms and conditions in contracts.
• Ongoing management of protective security in contracts.
• Completion or termination of a contract.

2.61 The ISM also contains a number of controls which must be in place in respect to contracted service providers, relating to the protection and access to information.²⁸

2.62 There are a range of contractual and compliance arrangements which can be put in place by entities to meet the requirements of the ISM. CCA service providers commonly make available to their customers a SOC – Type 2 certificate. A SOC certificate provides a certification from a supplier that confirms it has certain controls in place, which is substantiated by an accompanying audit of those controls conducted by an independent auditor.²⁹ The receipt and review of a SOC provides an entity with assurance that specific controls, including those related to data security, user access and change management are operating effectively. A SOC report will provide assurance over the design, implementation and operating effectiveness of relevant controls implemented by the CCA provider related to: security; availability; process integrity; confidentiality; and privacy. In the absence of a SOC, an entity will be reliant on other reviews and processes to obtain assurance over the operating effectiveness of controls at a service provider.

2.63 During 2023–24, 25 per cent of entities advised the ANAO that they had a process in place to obtain a SOC certificate in respect of all CCA services. Most entities did not have a process in place to obtain SOC certificates for all CCA services. Table 2.5 provides an overview of whether an entity has a process in place to obtain a SOC certificate in respect of any services received from a CCA.

Table 2.5: Processes in place to obtain SOC certificates

Source: ANAO analysis.

2.64 Receipt of a regular SOC certificate alone does not provide assurance over the operating effectiveness of controls at the CCA provider. Timely and consistent review of SOC certificates is important to ensure that the impacts of any control deficiencies identified are considered by the entity, and appropriately mitigated or action taken through contractual processes. During 2023–24, 82 per cent of entities did not have in place a formal policy or procedure which would require the formal review and consideration of a SOC certificate. In the absence of a formal process for reviewing SOC certificates, there is a risk that deficiencies in controls at a service provider are not identified, mitigated or addressed in a timely manner.

2.65 Entities should establish a process to formally review and consider the results identified on the SOC, whether there are any deficiencies or gaps in controls identified and determine any additional actions required by the service provider, or entity, to mitigate the risks identified.

How have entities adopted artificial intelligence in their operations?

2.67 Emerging technologies are new technologies or the further development of existing technologies, such as robotic process automation, AI, and machine learning. While emerging technologies present opportunities for entities to innovate their operations and services, the adoption of these technologies could present challenges for entities where there is not a sufficient and early focus on governance and risk.

2.68 Fifty-six entities used AI in their operations during 2023–24 (2022–23: 27 entities).³⁰ Most of these entities had adopted AI for research and development activities, data and reporting and/or IT systems administration. Figure 2.11 summarises the purposes for which entities have used AI during 2023–24.

Figure 2.11: Purposes for the use of artificial intelligence by entities during 2023–24

Source: ANAO analysis.

2.69 During 2023–24, 64 per cent of entities that adopted AI had also established internal policies governing the use of AI (2022–23: 44 per cent). Twenty-seven per cent of entities that adopted AI had established internal policies regarding assurance over AI use. An absence of governance frameworks for managing the use of emerging technologies could increase the risk of unintended consequences.

2.70 In September 2024, the DTA released the Policy for the responsible use of AI in government31. The policy applies to all non-corporate Commonwealth entities, and the DTA has indicated that corporate Commonwealth entities are ‘strongly encouraged’ to apply the policy.³² The policy aims ‘to ensure that government plays a leadership role in embracing AI for the benefit of Australians while ensuring its safe, ethical and responsible use, in line with community expectations’.³³

2.71 Appendix 5 outlines whether entities have adopted AI in their operations and governance.

What audit findings have been identified in the ANAO’s 2023–24 audits?

2.72 Audit findings are raised in response to the identification of a potential business or financial risk posed to an entity. Often these risks arise from deficiencies within an entity’s internal control processes or frameworks. Weaknesses in internal controls increase the possibility that an entity will not prevent or detect a material misstatement in its financial statements in a timely manner. The ANAO rates audit findings according to the potential business or financial management risk posed to the entity. The ANAO’s rating scale is presented in Table 2.6.

Table 2.6: Audit findings rating scale

Source: ANAO reporting policy.

Trends in audit findings

2.73 Figure 2.12 details that 43 per cent of all audit findings unresolved at the conclusion of 2023–24 audits related to the IT control environment.

Figure 2.12: Percentage of audit findings by category at the conclusion of 2023–24 audits

Source: ANAO data.

2.74 Figure 2.13 shows that 48 per cent of all significant and moderate audit findings unresolved at the conclusion of 2023–24 audits were related to the IT control environment. Of the remaining balance, 19 per cent related to compliance and quality assurance frameworks and 17 per cent related to accounting and control of non-financial assets.

Figure 2.13: Percentage of significant and moderate audit findings by category at the conclusion of 2023–24 audits

Note: This figure excludes legislative breaches.

Source: ANAO data.

2.75 A summary of findings identified for the period ended 30 June 2024 by category is presented in Table 2.7.

Table 2.7: Audit findings by category at the conclusion of 2023–24 audits

Source: ANAO analysis.

2.76 Information relating to significant and moderate findings and significant legislative breaches are summarised in this chapter. Further information on each of these findings can be found in Chapter 4 of this report broken down by each entity.

2.77 A summary of all significant, moderate, minor and legislative findings reported at the completion of audits for the period 2020–21 to 2023–24 is presented in Figure 2.14.

Figure 2.14: Trend in aggregate audit findings 2020–21 to 2023–24

Note: This figure excludes legislative breaches.

Source: ANAO data.

2.78 Unresolved audit findings are those findings which have been identified by the ANAO in previous audits which are yet to be resolved. When reporting an audit finding to an entity the ANAO details the implications, risk and recommendations to the entity for resolution. Each audit finding reported is classified by the level of risk that may be posed to the entity, or the entity’s financial statements, if unaddressed. As a result, entities should take action to address unresolved audit findings, and the particular weakness in internal control identified, in a timely manner which is commensurate with the level of risk identified.

2.79 Figure 2.15 provides an analysis of the period in which unresolved audit findings were first identified by ANAO. Of the unresolved findings, 28 per cent were first identified prior to 2023–24.

Figure 2.15: Number of unresolved audit findings by period first identified by the ANAO

Note: This figure excludes legislative breaches.

Source: ANAO data.

2.80 Details of all unresolved, significant and moderate audit findings are included in Chapter 4. There are five unresolved moderate audit findings which were first identified in 2021–22 or in earlier periods which were not resolved at the conclusion of 2023–24 audits:

• Australian Taxation Office — Uneconomic to pursue debt and re-raises.
• Clean Energy Regulator — Privileged and other user access.
• Department of Veterans’ Affairs — Implementation of Process Direct; and Security Governance — Monitoring Implementation of Controls.
• National Disability Insurance Agency — Removal of user access.

Financial statements preparation

2.81 Financial statements are an important means of demonstrating how Commonwealth entities, both at an individual and whole-of-government level, meet their financial management responsibilities. In order to provide relevant and reliable financial information to the users, entities should prepare quality financial statements in a timely manner to support entities in meeting legislative reporting obligations including tabling of annual reports. Effective project management underpins successful financial statements preparation processes. Financial statements preparation is a core process expected to be in a mature state at every entity. Figure 2.16 shows the total number of audit findings identified by the ANAO from 2020–21 to 2023–24 related to financial statements preparation processes.

Figure 2.16: Financial statements preparation audit findings 2020–21 to 2023–24

Source: ANAO data.

2.82 There were no unresolved significant audit findings identified at the conclusion of 2023–24 audits.

2.83 There were two moderate audit findings unresolved at the conclusion of 2023–24 audits. One new moderate audit finding related to the Australian National Maritime Museum was identified during 2023–24. There was one unresolved moderate audit finding relating to the Wreck Bay Aboriginal Community Council which was first identified in 2022–23.

2.84 Three moderate audit findings relating to financial statements preparation at the Bundanon Trust, National Archives of Australia and Royal Australian Mint were resolved during 2023–24.

2.85 There were 13 minor audit findings unresolved at the conclusion of 2023–24 audits. These findings relate to quality review processes and preparation of position papers to support accounting positions, judgements and estimates in the financial statements.

2.86 Of these minor findings:

• eleven findings were identified during 2023–24; and
• two findings were unresolved from 2022–23.

Information Technology control environment

2.87 The information technology (IT) control environment refers to the policies, procedures and controls that maintain the integrity of information and security of data in an entity. This includes:

• IT security, which incorporates user access management, privileged user activity logging and monitoring as well as security configuration settings such as password controls;
• IT change management, which provides a disciplined approach to making changes to the IT environment. It includes controls to prevent unauthorised changes being introduced, and to reduce the likelihood that normal business operations are interrupted with the implementation of authorised changes;
• IT governance, which is concerned with the design, implementation or management of an entity’s IT control environment and may include use of service organisations, policies and procedures, risk management and mitigation and IT operations; and
• disaster recovery, which is concerned with the resumption of the IT environment including systems and data following an interruption to services.

2.88 The IT control environment is the environment in which applications run, and it supports the effective functioning of the application controls that may be relied on in the financial statements audit. Figure 2.17 shows the total number of audit findings identified by the ANAO from 2020–21 to 2023–24 related to the IT control environment.

Figure 2.17: IT control environment audit findings 2020–21 to 2023–24

Source: ANAO data.

2.89 Figure 2.18 provides an overview of the categorisation of audit findings identified for the IT control environment. Sixty-five per cent of IT control environment findings related to IT security in 2023–24.

Figure 2.18: IT control environment findings categorisation for 2023–24 audits

Source: ANAO analysis.

2.90 There were three unresolved significant audit findings identified at the conclusion of 2023–24 audits. These findings were all first identified in 2022–23:

• Australian Taxation Office (the ATO) — Enterprise change management. This finding relates to weaknesses in the ATO’s enterprise change management for key information technology systems supporting the preparation of the financial statements.
• Department of Defence — User access removal. This finding relates to weaknesses identified in relation to the removal of users’ access.
• Services Australia — IT governance. This finding related to weaknesses in IT controls in the implementation of a large-scale IT roll-out for residential aged care and the re-emergence of a large number of individual control issues affecting change and access management and business operations.

2.91 One significant audit finding relating to IT general controls at the National Archives of Australia (first identified in 2022–23) was resolved during 2023–24.

2.92 There were 22 moderate audit findings reported at the conclusion of 2023–24 audits. Twelve new moderate findings were identified during 2023–24.³⁴ Eighty-seven per cent of these audit findings related to IT security, including assignment, management and monitoring of user access. Of these moderate findings:

• twelve were identified during 2023–24;
• six are unresolved from 2022–23;
• two are unresolved from 2021–22; and
• two are unresolved from 2020–21.

2.93 There were 67 minor audit findings unresolved at the conclusion of 2023–24 audits. These weaknesses mainly related to IT governance, IT security and IT change management. Of these minor findings:

• forty-four were identified during 2023–24;
• eighteen are unresolved from 2022–23; and
• five are unresolved from 2021–22.

IT security — user access management

2.95 User access management includes the processes and procedures to ensure that only authorised users are granted access to systems and data, and that access is removed when it is no longer required. At the conclusion of 2023–24 audits, there were 32 unresolved audit findings relating to user access management. These findings included:

• one significant audit finding related to the Department of Defence; and
• six moderate audit findings related to the following entities: Department of Parliamentary Services; National Disability Insurance Agency; NBN Co Limited; and Services Australia.

2.96 Users with administrative privileges, commonly referred to as privileged users, are able to make significant changes to IT systems’ configuration and operation, bypass critical security settings and access sensitive information. To reduce the risks associated with this access, the Information Security Manual³⁵ requires that privileged user access be appropriately restricted and when provided, that the access is logged, regularly reviewed and monitored. At the conclusion of 2023–24 audits, there were 25 unresolved audit findings relating to monitoring of user access, including privileged users. These findings included 12 moderate audit findings. These findings were reported to the following entities: Australian Hearing Services; Clean Energy Regulator; Departments of: Climate Change, Energy, the Environment and Water; Social Services; and Veterans’ Affairs; National Disability Insurance Agency; and Services Australia.

2.97 IT security management continues to remain the most common area of weakness in the IT control environment, with 65 per cent of findings, and 8 per cent of the significant and moderate findings, relating to this area. Focus is required by entities to ensure that the risks of unauthorised changes to systems and data and unauthorised data leakage are being appropriately managed. Further information is available in Case study 3.

Note a: Australian Cyber Security Centre, Annual Cyber Threat Report 2022–23, available from https://www.cyber.gov.au/about-us/reports-and-statistics/asd-cyber-threat-report-july-2022-june-2023 [accessed 19 November 2024].

Note b: Information Security Manual, Guidelines for Personnel Security, available from https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism/cyber-security-guidelines/guidelines-personnel-security [accessed 10 November 2024].

Note c: Auditor-General Report No. 9 2023–24 Audits of the Financial Statements of Australian Government Entities for the Period Ended 30 June 2023.

Note d: Relevant entities include all Commonwealth entities, and their subsidiaries, that manage their own IT network services. Highly classified networks have been excluded from the assessment.

Note e: The significant audit finding was reported to the Department of Defence.

Compliance and quality assurance frameworks

2.98 Entities rely on internal and external systems, parties and information in decision-making processes. The implementation of effective compliance and quality frameworks and processes provides assurance over the completeness and accuracy of the information and is integral to the preparation of financial statements free from material misstatement. Figure 2.19 shows the total number of audit findings identified by the ANAO from 2020–21 to 2023–24 related to compliance and quality assurance frameworks.

Figure 2.19: Compliance and quality assurance framework audit findings 2020–21 to 2023–24

Source: ANAO data.

2.99 Three significant audit findings were unresolved at the conclusion of 2023–24 audits. Three new significant audit findings were identified during 2023–24:

• Anindilyakwa Land Council. This finding relates to progress in addressing previously reported governance findings. This finding related to delays in addressing the recommendations arising from Auditor-General Report No. 29 2022–23 Governance of the Anindilyakwa Land Council, with respect to corporate governance and compliance with the PGPA Act.
• Department of Health and Aged Care. This finding relates to legal conformance, particularly weaknesses in the assessment of risks to conformance with legislation administered by the department.
• Services Australia — Medicare compensation recovery scheme. This finding relates to compliance with legislative requirements for the identification and recovery of debts.

2.100 One significant audit finding first identified during 2022–23 was reduced to a moderate finding. This related to corporate governance deficiencies at the Wreck Bay Aboriginal Community Council.

2.101 Four significant audit findings from 2022–23 in relation to governance of legal and other matters impacting the financial statements at the Departments of: Education; Health and Aged Care; and Social Services, and Services Australia were resolved during 2023–24. Refer to Case study 4 for further information.

2.102 There were seven unresolved moderate audit findings at the conclusion of 2023–24 audits. One of these findings, relating to governance risks at the Bundanon Trust, was unresolved from 2022–23. There were five new moderate audit findings identified during 2023–24. These weaknesses relate to:

• Australian Strategic Policy Institute Ltd — Establishment of the Washington branch office;
• Department of Foreign Affairs and Trade — Governance over compliance with corporate policies;
• Department of Social Services — Disability Employment Services Assurance Program;
• National Disability Insurance Agency — Business assurance over plan approvals; and
• Royal Australian Air Force Veterans’ Residences Trust— Review of general journals.

2.103 One moderate audit finding from 2022–23 in relation to administration of international development assistance payments at the Department of Foreign Affairs and Trade was resolved during 2023–24.

2.104 There were seven minor audit findings unresolved at the conclusion of 2023–24 audits. Common weaknesses in this category relate to:

• fraud control frameworks;
• quality assurance over program activities; and
• governance supporting the preparation of financial statements in respect of legal matters.

2.105 Of these minor findings:

• six were identified during 2023–24; and
• one finding unresolved from 2022–23.

Note: Further information regarding these significant audit findings can be found in the entity contributions for the Departments of: Education; Health and Aged Care; and Social Services, and Services Australia in Chapter 4.

Accounting and control of non-financial assets

2.106 Entities control a diverse range of non-financial assets on behalf of the Australian Government, including land and buildings, specialist military equipment, leasehold improvements, infrastructure, plant and equipment, inventories and computer software. Figure 2.12Figure 2.20 shows the total number of non-financial asset audit findings identified by the ANAO from 2020–21 to 2023–24.

Figure 2.20: Accounting and control of non-financial assets audit findings 2020–21 to 2023–24

Source: ANAO data.

2.107 There were no unresolved significant audit findings identified at the conclusion of 2023–24 audits.

2.108 There were nine unresolved moderate audit findings identified at the conclusion of 2023–24 audits. Six new moderate findings were identified during 2023–24. These audit findings are:

• ASC Pty Ltd — effective management of, and controls over, IT equipment.
• Army and Air Force Canteen Service — valuation of non-financial assets.
• Department of Home Affairs — management of non-financial assets.
• Department of Health and Aged Care — asset management; and inventory management.
• Department of Industry, Science and Resources — management of work in progress.
• Geoscience Australia — accounting for SouthPAN depreciable assets.
• Department of Infrastructure, Transport, Regional Development, Communications and the Arts — management of non-financial assets.
• National Film and Sound Archive of Australia — valuation of non-financial assets.

2.109 Four of the new moderate findings related to the valuation of non-financial assets. The valuation of non-financial assets must be undertaken by entities in accordance with the requirements of AASB 116 Property, Plant and Equipment and AASB 13 Fair Value Measurement.

2.110 Four moderate audit findings were resolved during 2023–24, relating to: weaknesses around the disposal of assets and inventory at the Department of Defence; and management or intangibles and work in progress at the Australian Securities and Investments Commission and the Departments of: Education; and Infrastructure, Transport, Regional Development, Communications and the Arts.

2.111 There were sixteen minor audit findings unresolved at the conclusion of 2023–24 audits. Common weaknesses in this category relate to:

• valuation of non-financial assets;
• assessments for impairment of assets;
• data management and integrity;
• inventory management;
• stocktake procedures; and
• capitalisation.

2.112 Of these minor findings:

• fourteen findings were identified during 2023–24; and
• two findings were unresolved from 2022–23.

Revenue, receivables and cash management

2.113 Revenue and receivables include Parliamentary appropriations; taxation revenue; customs and excise duties; and administered levies. Commonwealth entities also generate revenue from the sale of goods and services and a range of other sources. Cash management involves the collection and receipt of public monies and the management of official bank accounts. Figure 2.21 shows the total number of revenue, receivable and cash management audit findings identified by the ANAO from 2020–21 to 2023–24.

Figure 2.21: Revenue, receivables and cash management audit findings 2020–21 to 2023–24

Source: ANAO data.

2.114 There were no unresolved significant audit findings identified at the conclusion of 2023–24 audits.

2.115 There were four moderate audit findings unresolved at the conclusion of 2023–24 audits One moderate finding first reported to the Australian Taxation Office, relating to uneconomic to purse debt recovery and re-raises, during 2021–22 remains unresolved in 2023–24.

2.116 Three new moderate audit findings were identified during 2023–24:

• Department of Veterans’ Affairs — bank reconciliations, identification of reconciling items.
• National Disability Insurance Agency — management of historical scheme debt.
• Royal Australian Mint — revenue recognition.

2.117 There were 17 minor audit findings unresolved at the conclusion of 2023–24 audits mainly relating to cash management controls. Cash controls are core processes expected to be in a mature state at every entity. Common weaknesses in this category relate to:

• ageing debt collection;
• cash management controls, including timeliness and completeness of bank account reconciliation, access management to online bank accounts and signatories; and
• processes underpinning the estimation of receivable balances within the financial statements including the accuracy and completeness of the data supporting these estimates.

2.118 Of these minor findings:

• fifteen findings were identified during 2023–24;
• one finding unresolved from 2022–23; and
• one finding was unresolved from 2021–22.

Human resource financial processes

2.119 Human resources encompass the management and administration of employee entitlements and payroll functions. Employee benefits represent the most significant departmental expenditure for most entities, and the associated leave and superannuation liabilities are subject to estimates and judgements in inputs.

2.120 Human resource transactions are high volume with both automated and manual processing. As a result, any control weaknesses can result in systematic errors increasing the risk of material misstatement. Figure 2.22 shows the total number of human resources financial processes audit findings identified by the ANAO from 2020–21 to 2023–24.

Figure 2.22: Human resources financial processes audit findings 2020–21 to 2023–24

Source: ANAO data.

2.121 There were no unresolved significant or moderate audit findings identified at the conclusion of 2023–24 audits.

2.122 There were nine minor audit findings unresolved at the conclusion of 2023–24 audits. Common weaknesses in this category relate to:

• management of employee leave entitlements;
• maintenance of payroll records and controls; and
• management on key management personnel remuneration and related parties disclosures (further information is available at paragraphs 2.138 to 2.154).

2.123 All of these minor findings were identified during 2023–24.

Purchases and payables management

2.124 Purchases and payables are payments to, or due to suppliers, including contractor and consultancy expenses, lease payments and general administrative payments. These expenses typically comprise the second most significant departmental expenditure item of entities after employee benefits. Figure 2.23 shows the total number of purchases and payables audit findings identified by the ANAO from 2020–21 to 2023–24.

Figure 2.23: Purchases and payables management audit findings 2020–21 to 2023–24

Source: ANAO data.

2.125 There were no unresolved significant audit findings identified at the conclusion of 2023–24 audits.

2.126 Two new moderate audit findings were identified at the conclusion of 2023–24 audits:

• Army and Air Force Canteen Service — accounting for supplier rebates; and
• Department of the Treasury — estimation process of Disaster Relief Funding arrangements.

2.127 There were eleven minor audit findings unresolved at the conclusion of 2023–24 audits. Common weaknesses in this category relate to:

• processes supporting the authorisation of expenditure, including maintaining proper segregation of duties, records of approval and vendor management; and
• timeliness of credit card acquittals.

2.128 Of these minor findings:

• five findings were raised during 2023–24;
• two finding was unresolved from 2022–23; and
• four findings were unresolved from 2021–22.

Other audit findings

2.129 Other audit findings typically include items relating to the: management and implementation of service level agreements or memoranda of understanding; updating or maintaining of key governance documentation. Figure 2.24 shows the total number of other audit findings identified by the ANAO from 2020–21 to 2023–24.

Figure 2.24: Other audit findings 2020–21 to 2023–24

Source: ANAO data.

2.130 There were no unresolved significant or moderate other audit findings at the conclusion of 2023–24 audits. The three moderate audit findings reported in 2022–23 were resolved during 2023–24, relating to the Bureau of Meteorology, National Blood Authority and the Royal Australian Air Force Veterans’ Residences Trust.

2.131 There were six minor audit findings unresolved at the conclusion of 2023–24 audits. Common weaknesses in this category relate to:

• formalisation or review of corporate documents, internal policies or memorandum of understanding with service providers; and
• review and timeliness of cost recovery implementation statements.

2.132 Of these minor findings:

• three findings were raised during 2023–24;
• two findings were unresolved from 2022–23; and
• one finding was unresolved from 2021–22.

Legislative compliance

2.133 In accordance with ANAO policy, significant legislative breaches are reported to Parliament consistent with the reporting of significant and moderate audit findings. Significant legislative breaches include: instances of significant potential or actual breaches of the Constitution; and instances of significant non-compliance with the entity’s enabling legislation, legislation that the entity is responsible for administering, and the PGPA Act. Figure 2.25 illustrates legislative breaches identified by the ANAO between 2020–21 to 2023–24.

Figure 2.25: Significant legislative breaches 2020–21 to 2023–24^a

Note a: For the purpose of this analysis L2 and L3 categories have been combined as non-significant breaches.

Source: ANAO data.

2.134 Four significant legislative breaches were identified in 2023–24. Three of the breaches were identified during the 2023–24 and one remains unresolved from prior years. The significant legislative breaches identified relate to the following entities:

• Department of Social Services. This breach relates to the practice of income apportionment applied to determine social security entitlements under the Social Security Act 1991 prior to 2020. The Commonwealth Ombudsman published an Online Statement Lessons in Lawfulness in August 2023 highlighting: from at least 2003 to 2020 Services Australia (and its precursor agency the Department of Human Services) was unlawfully apportioning customers’ income across two or more Centrelink instalment periods, which in turn likely affected social security payment rates and may have led to unfair debts against customers.
• Northern Land Council (NLC). This breach relates to the requirement for funds in NLC’s royalty trust account to be distributed to traditional owners within agreed timeframes in accordance with the requirements of the Aboriginal Land Rights (Northern Territory) Act 1976. This breach was first identified in 2012–13.
• Tiwi Land Council (TLC). This breach relates to the requirement for funds in TLC’s royalty trust account to be distributed to traditional owners within agreed timeframes in accordance with the requirements of the Aboriginal Land Rights (Northern Territory) Act 1976.
• Services Australia. This breach relates to instances of non-compliance identified in respect of legislation supporting payments or administration of residential aged care and home care subsidies (Aged Care Act 1997), the private health insurance rebate (Private Health Insurance Act 2007) and child support (Child Support (Assessment) Act 1989) programs.

2.135 The appropriateness of governance of KMP remuneration, and correctness of payments made to KMP, has been a continued focus for the ANAO in 2023–24. As previously reported by the ANAO, in the period 2018–19 to 2023–24, the ANAO has continued to identify legislative breaches relating to KMP remuneration. Non-compliance with Remuneration Tribunal determinations and incorrect payments to KMP was a matter considered by the Joint Committee of Public Accounts and Audit (JCPAA) as part of its inquiry into the 2022–23 Commonwealth financial statements.

2.136 In Report 506 Inquiry into the Commonwealth Financial Statements 2022–23, the JCPAA noted that ‘the frameworks around executive remuneration, such as the Remuneration Tribunal, are long-standing and there should be an expectation across all entities for robust governance and full compliance with the rules’.³⁶ The JCPAA made one recommendation to the Department of Finance in this area:

The Committee recommends that the Department of Finance amends the current guidelines to require that it be notified immediately of any breach of the executive remuneration rules and then engage with the entity in question to discuss remediation steps. The Committee is requesting an anonymised update from the Department of Finance within 12 months of the tabling of this report on the number of reported breaches it has received, the amounts involved, and whether they have been adequately resolved.³⁷

2.137 The legislative breaches identified in respect of remuneration indicate that entities could take further steps to enhance governance supporting remuneration to prevent non-compliance or, incorrect payments from occurring.

Note a: The ANAO identified breaches in the following entities: Australian Institute of Marine Science; Great Barrier Reef Marine Park Authority; National Disability Insurance Agency; Office of the Director of Public Prosecutions (Cth); Old Parliament House; Parliamentary Workplace Support Service; Regional Investment Corporation; and Tiwi Land Council.

Note b: Australian National Audit Office, Insights: Executive Remuneration, ANAO, Canberra, June 2023, available from https://www.anao.gov.au/work/insights/executive-remuneration [accessed 14 November 2024].

What is the quality and timeliness of entity financial statements preparation?

2.138 The primary purpose of financial statements is to provide relevant and reliable information to users about a reporting entity’s financial position. Financial statements preparation is often a complex task, involving compliance with a number of requirements established by Australian Accounting Standards and the Public Governance, Performance and Accountability (Financial Reporting) Rule 2015.

2.139 In order to provide relevant and reliable financial information to the users, entities should prepare quality financial statements in a timely manner to support entities to meet legislative reporting obligations including the tabling of annual reports. The preparation of quality financial statements will be demonstrated by adherence to a well-defined financial statements preparation timetable with minimal adjustments required to financial statements throughout the audit process.

2.140 In concluding an audit, the ANAO reports on the quality of financial statements preparation to entities. The following measures are considered by the ANAO when assessing the quality of the financial statements preparation process:

• number and quantum of adjusted and unadjusted audit differences; and
• timeliness of financial statements preparation.

2.141 At the completion of the 2023–24 financial statements audits, the ANAO reported two moderate and 13 minor audit findings relating to processes supporting financial statements preparation (2022–23: three moderate and nine minor findings). Further analysis of the financial statements preparation process findings identified is available at paragraphs 2.81 to 2.86.

Financial statements preparation

2.142 The ANAO assessed the timeliness of financial statements preparation. Timeliness in preparation was assessed by comparing the date of delivery of the financial statements to previously agreed timeframes. The timeframe was established by entities and agreed with audit teams for the delivery of financial statements.

2.143 Timeliness in financial statements preparation in 2023–24 was consistent compared to 2022–23, with delivery of financial statements:

• in line with the agreed timeframes achieved by 71 per cent of entities (2022–23: 72 per cent);
• a further 10 per cent of entities delivered financial statements within two working days of the agreed timeframe (2022–23: 7 per cent); and
• nineteen per cent of entities delivered financial statements after two working days of the agreed timeframe (2022–23: 21 per cent).

2.144 Finance’s Financial Statements Better Practice Guide indicates that ‘Accounting position papers are an important tool that better practice entities use to document key decisions and to keep stakeholders apprised of updates to accounting policies and processes, plus their impact on the entity’s financial statements’.³⁸ During 2023–24, 64 per cent of entities prepared accounting position papers in support of their financial statements.

Audit differences

2.145 The quality of financial statements preparation is also assessed by considering the number and value of audit differences identified. Throughout the financial statements audit process, audit differences other than those considered trivial are communicated to entities.³⁹ Entities are encouraged to adjust all audit differences communicated by the ANAO except for projected differences.⁴⁰ The total number of individual audit differences identified in 2023–24 decreased compared with 2022–23. A total of 209 individual audit differences were identified in 2023–24⁴¹ (2022–23: 243)⁴² which impacted the revenue, expenses, assets and equity balances reported. The ANAO also identified 202 audit adjustments associated with presentation and disclosure of transactions and balances in the financial statements (2022–23: 199).⁴³

2.146 A key indicator of the quality of entity financial statements is whether audit differences identified are adjusted by entities. Of the 209 audit differences identified by the ANAO during 2023–24, 80 (38 per cent) remained unadjusted by entities (2022–23: 120 (49 per cent)).⁴⁴ Of these unadjusted differences, 40 related to material entities (2022–23: 73).⁴⁵ The unadjusted differences, both in aggregate and individually, did not result in a material misstatement to the financial statements.

2.147 Finance’s Financial Statements Better Practice Guide indicates that ‘better practice entities will promote an environment in which the correction of errors or misstatements is seen as an appropriate course of action, regardless of whether or not they are considered to be material’.⁴⁶

2.148 Table 2.8 shows that the absolute value of unadjusted audit differences compared to prior year has increased for liabilities. There has been a decrease in the absolute value or unadjusted audit differences compared to 2022–23 for revenue, expenses, assets and equity.

Table 2.8: Total value of unadjusted audit differences ($ million)

Note a: 2023–24 figures exclude projected differences.

Note b: 2022–23 audit differences have been restated to include the results of audits signed after Auditor-General Report No. 9 of 2023–24 Audits of the Financial Statements of Australian Government Entities for the Period Ended 30 June 2023 was tabled.

Source: ANAO analysis of entity 2023–24 and 2022–23 closing reports.

2.149 The ANAO also considers the impact of the unadjusted audit differences on the CFS. Of the unadjusted differences identified in the 2023–24 financial statements audits, a total of three adjustments relating to two entities were reported to Finance who prepare the CFS and were subsequently adjusted. These entities were the Departments of: Defence; and the Treasury.

2.150 The absolute value of adjusted audit differences has increased compared to 2022–23 for revenue, expenses and assets. There has been a decrease in the absolute value of adjusted audit differences relating to liabilities and equity. Table 2.9 shows the impacts of adjusted audit differences compared to 2022–23.

Table 2.9: Total value of adjusted audit differences ($ million)

Note a: 2023–24 figures exclude projected differences.

Note b: 2022–23 audit differences have been restated to include the results of audits signed after Auditor-General Report No. 9 of 2023–24 Audits of the Financial Statements of Australian Government Entities for the Period Ended 30 June 2023 was tabled.

Source: ANAO analysis of entity 2023–24 and 2022–23 closing reports.

2.151 The quantity and value of adjusted and unadjusted audit differences indicate that entities are adjusting for audit differences identified by the ANAO more than in previous periods. However, there remains an opportunity for entities to improve quality assurance frameworks over financial statements processes to reduce the number of differences identified as part of the audit process.

Powers of the Auditor-General to obtain information

2.153 The Auditor-General Act 1997 (A-G Act) provides the Auditor-General, and delegated officials, with wide ranging information gathering powers. In practice, information is gathered through cooperation with audited entities. Section 32 of the A-G Act provides the Auditor-General with the ability to direct a person to provide information or documents that the Auditor-General requires, as well as the ability to direct that a person attend a judicial proceeding to give evidence before the Auditor-General, or an authorised official.

2.154 There was one notice issued by the Auditor-General under Section 32 of the A-G Act in the audit of 2023–24 financial statements (2021–22: six). Table 2.10 identifies the Section 32 notices issued by the Auditor-General during financial statements audits in 2023–24.

Table 2.10: Section 32 notices to produce documentation and information issued during the ANAO’s 2023–24 financial statements

Source: ANAO analysis.

How timely was the preparation and tabling entity annual reports?

2.155 Annual reports inform the Parliament, the community and other stakeholders about the performance of entities. The publication of the annual report containing the audited financial statements is a key means to meet accountability and legislative obligations. For 2023–24, there were 190 entities required to present annual reports to the responsible minister under the PGPA Act.⁴⁷

2.156 Annual reports are approved by the entity’s accountable authority before being provided to the minister and tabled in Parliament. RMG 135 Annual reports for non-corporate Commonwealth entities48, and RMG 136 Annual reports for corporate Commonwealth entities49 state that annual reports are to be provided to the relevant minister by the 15th day of the fourth month after the end of the reporting period. RMG 137 Annual report for Commonwealth companies states that Commonwealth company directors must give the annual report to the responsible minister the earlier of 21 days before the next annual general meeting after the end of the reporting period for the company or four months after the end of the reporting period for the company.

2.157 Figure 2.26 shows the time in days between the issue of the auditor’s report to the:

• approval of the annual report by the accountable authority; and
• tabling of the annual report in Parliament.

Figure 2.26: Timeframe for tabling 2023–24 annual reports from issuance of auditor’s report

Source: ANAO analysis of entity annual reports.

2.158 The analysis above shows that accountable authorities approved 54 per cent of annual reports within 10 days of the issue of the auditor’s report (2022–23: 57 per cent), with an overall average of 13 days (2022–23: 10 days). The average days between the accountable authority’s approval of the annual report and tabling in Parliament was 30 days (2022–23: 31 days).

2.159 Twenty-eight per cent of annual reports were tabled within 30 calendar days from the issue of the auditor’s report (2022–23: 31 per cent). The tabling of annual reports in Parliament occurred on average 43 days after the auditor’s report was issued (2022–23: 42 days). There are seven entities (4 per cent) that are required to table an annual report which have not done so as at 9 December 2024 (2021–22: 6 per cent at 30 November 2023).

2.160 Annual reports should be tabled in Parliament to allow sufficient time for review before Senate supplementary budget estimates hearings. The RMGs on annual reports indicate that normally annual reports are tabled on or before 31 October and it is expected annual reports are tabled prior to the October supplementary budget estimates hearings.⁵⁰

2.161 For the private sector, the Governance Institute of Australia (the Institute) has identified timeliness of board papers as a key contributor for directors to prepare for and be effective at board meetings. Particularly:

An important aspect of any board paper policy is to set out the timing of board paper distribution. Board papers should be distributed sufficiently in advance of a meeting to ensure that there is time for the directors to digest the contents of the papers and prepare for the meeting. It is common practice to distribute board papers approximately one week before a meeting.⁵¹

2.162 The Institute also identified that ‘the provision of late papers should be discouraged as directors need sufficient time to read and digest board papers in order to be effective in their role and to meet their obligations’.⁵² Figure 2.27 shows that 57 per cent of entities tabled an annual report with greater than one week before the 2024–25 supplementary budget estimates hearing dates for their portfolio, an increase of 44 per cent compared with 2023–24 supplementary budget estimates (12 per cent).⁵³

Figure 2.27: 2023–24 annual report tabling date in relation to supplementary budget estimates hearing as at 9 December 2024

Note: This graph does not add to 100 per cent as a result of entities that had not tabled an annual report as at 9 December 2024.

Source: ANAO analysis of entity tabled annual reports.

2.163 There has been an increase in timeliness of annual reports being tabled in the Parliament compared with the 2023–24 supplementary budget estimates. Figure 2.27 above shows that:

• 93 per cent of annual reports were tabled before entity’s portfolio hearing date, a decrease of 24 per cent compared with 66 per cent in 2022–23;
• one per cent of entities annual reports were tabled on the date of the entity’s portfolio hearing; and
• five per cent of entities annual reports were or will be tabled after the date of the entity’s portfolio hearing.

2.164 For 2024–25, supplementary budget estimates hearings were held from 4 to 8 November 2024. For 2023–24, these hearings were held from 23 to 27 October 2023.

2.165 There were 14 entities across five portfolios that tabled annual reports after the portfolio’s 2024–25 Budget supplementary estimates hearing or had not tabled as at 9 December 2024. Table 2.11 includes further details about those entities that did not provide 2023–24 annual reports prior to supplementary budget estimates.

Table 2.11: Annual reports tabled after the portfolio’s supplementary budget estimates hearings as at 9 December 2024

Key: ✏: Financial statements not signed as at 9 December 2024.
●: Annual report not tabled as at 9 December 2024.

Note a: This date is the first appearance for the portfolio at the 2024–25 supplementary budget estimates hearing.

Note b: The requirements for the tabling of the annual report for the High Court of Australia are outlined in subsection 47(1) of the High Court of Australia Act 1979. The High Court of Australia must, as soon as practicable after 30 June, prepare and submit to the Minister a report relating to the administration of the affairs of the High Court, under section 17 of the Act, during the year that ended on that 30 June, together with financial statements in respect of that year in such form as the Minister for Finance approves.

Source: ANAO analysis of tabled 2023–24 annual reports.

2.166 Annual reports that are not tabled in a timely manner before supplementary budget estimates hearings decreases the opportunity for the Senate to scrutinise an entity’s performance.

Are entities operating in a financially sustainable manner?

2.167 Section 15 of the PGPA Act requires that the accountable authority of an entity must govern the entity in a way that promotes: the proper use and management of public resources; the achievement of the purposes of the entity; and the financial sustainability of an entity.

2.168 Financial sustainability measures the ability of an entity to manage its financial resources so it can meet present and future spending commitments. This can provide an indication of financial management issues or point to an increased risk that an entity’s resourcing or functions are not sustainable.

2.169 Finance has established a portal for centrally capturing publicly available corporate information for all Commonwealth entities (transparency.gov.au). The portal includes tools that enable users to obtain and compare financial results across all entities through the application of the following financial ratios:

• total liabilities to total assets ratio, which indicates the level of ownership of the entity’s assets but can also be used to gain an understanding of the net equity of the entity;
• financial assets to total liabilities ratio, which indicates the extent to which an entity’s liabilities can be covered by its financial assets;
• current ratio, which indicates whether an entity’s current assets are greater than its current liabilities and whether the entity is likely to be able to pay its short-term liabilities as they fall due; and
• capital turnover ratio, which indicates whether an entity is replacing its assets at a sustainable rate.

2.170 The portal also provides general information about what each of these ratios measures and improvements or deterioration in the ratios indicate.⁵⁴ However, guidance to assist users’ of financial statements in assessing whether the ratios indicate strong or weak financial performance in the context of the government sector has not been developed. There would be benefit in the Australian Government developing performance targets or benchmarks. This would enable an entity to assess its own financial sustainability against agreed parameters over time, and against like entities.

2.171 The analysis in this report is based on reported operating results (surpluses or deficits) of entities after adjusting for unfunded expenses, where relevant, highlighting the full cost of operations.⁵⁵ The ANAO’s analysis of the operating results of all entities identified that:

• 70 per cent of not-for-profit entities reported a deficit in 2023–24 (2022–23: 50 per cent); and
• 30 per cent of for-profit entities reported a deficit in 2023–24 (2022–23: 50 per cent).

2.172 The Budget Process Operational Rules Rule 10 describes the process under which entities are required to follow to budget for any operating loss.⁵⁶ Entities are not able to budget for an operating loss without approval from the Minister for Finance, except for the following circumstances:

• a technical loss (accounting or timing issues);
• a charging entity with a loss less than $10.0 million; and
• entities within the Agriculture, Fisheries and Forestry portfolio which are funded by levy revenue. Entities must report these exempt operating losses to Finance as soon as the loss is apparent, including a declaration that the loss does not impact the entity’s financial sustainability.

2.173 Forty entities for which Rule 10 applies incurred operating losses in 2023–24. Of these entities, the ANAO was advised that 34 had received approval for their operating loss from the Minister for Finance (or delegate).

Financial sustainability of material entities

2.174 Information on the financial performance of each material entity has been included in Chapter 4 of this report. In the absence of guidance specific to the government sector, the ANAO has developed parameters based on generally accepted concepts of financial sustainability and applied these to the operating results and balance sheets of material entities. These parameters are described in Table 2.12 and Table 2.13.

Operating results analysis

2.175 A key measure of an entity’s financial management is its operating result for the year. Although the operating result is not the sole measure of performance of a public sector entity, a history of large deficits or surpluses in a not-for-profit Commonwealth entity could suggest the need for additional or refocused funding, elimination of non-value adding costs, and/or improved financial management.

2.176 Similarly in the case of for-profit entities and those with quasi-commercial operations, there is an expectation that financial management focuses on meeting expected returns.⁵⁷ As a result, any entity in this category averaging a large deficit should be considered more closely.

2.177 The ANAO analysed the operating results of all material entities over a five-year period from 2019–20 to 2023–24. Of the 65 material entities, 41 were not-for-profit and 24 were corporate or commonwealth companies or not-for-profit entities that have quasi-commercial operations or departmental functions operating on a for-profit basis.

2.178 For the purposes of this analysis, material entities are grouped into three operating result categories as part of this analysis, outlined in Table 2.12.

Table 2.12: ANAO parameters for operating result category

Source: ANAO analysis.

2.179 Figure 2.28 illustrates the summary of average operating results for not-for-profit and for profit/quasi-commercial entities and whether they had large or small average deficits or surpluses over the five-year period from 2019–20 to 2023–24.

Figure 2.28: Average operating results analysis

Source: ANAO analysis of material entities’ average operating results.

2.180 The level of large deficits for not-for-profit material entities over a five-year period has remained relatively stable from 2019–20 to 2023–24, however, there has been a decrease in large surpluses. Figure 2.29 illustrates the percentage of not-for-profit material entities with a large average deficit or small average surplus over a five-year period for the period 2019–20 to 2023–24.

Figure 2.29: Average operating results for not-for-profit entities for the period 2019–20 to 2023–24

Source: ANAO analysis of material not-for-profit entities’ average operating result for the period 2019–20 to 2022–23.

2.181 The level of large deficits for for-profit and quasi-commercial material entities over a five-year period has remained stable from 2019–20 to 2023–24, however, there has been a decrease in large surpluses. Figure 2.30 illustrates the percentage of for-profit and quasi-commercial material entities with a large average deficit or small average surplus over a five-year period for the period 2019–20 to 2023–24.

Figure 2.30: Average operating results for for-profit and quasi-commercial entities for the period 2019–20 to 2023–24

Source: ANAO analysis of material for-profit and quasi commercial entities’ average operating result for the period 2019–20 to 2023–24.

2.182 The ANAO has analysed the primary drivers of large average deficits and large average surpluses for material entities.

Large average deficits for for-profit and quasi-commercial entities

2.183 As illustrated in Figure 2.28, 31 per cent of material for-profit and quasi-commercial entities reported average surpluses of more than 1 per cent of total expenses over the five-year period (2022–23: 35 per cent). Eight (2022–23: nine) for-profit/quasi-commercial entities recorded a large average deficit during this five-year period:

• Two entities recorded large average deficits, consistent with the previous financial years due to being in, or having been in, the build phase of large infrastructure projects and/or still in the process of increasing revenue. They were: Australian Naval Infrastructure Pty Ltd; and WSA Co Limited.
• Two entities recorded large average deficits due mainly to reduced income arising from the impacts of the COVID-19 pandemic during the five-year period. These entities were: Airservices Australia; and Voyages Indigenous Tourism Australia Pty Ltd.
• The Australian Rail Track Corporation Ltd’s (ARTC) large average deficit is related to impairment expenses recognised for property, plant and equipment (including rail infrastructure) assets. These expenses are as a result of impairments recognised on the assets being constructed for the Inland Rail network and on rail infrastructure assets in the Interstate and Hunter Valley rail networks. The impairment in the Interstate and Hunter Valley network is a result of decreases in the expected net income on which the fair value is calculated. Impairment for the Inland Rail network reflects that ARTC will only recover a part of the economic benefits which are anticipated to arise from the full cost of construction of Inland Rail.
• The Department of Finance, primarily due to the impact of impairments on investment properties due to weaker valuations arising from changes in market interest rates.
• NBN Co Limited, primarily due to increased depreciation and amortisation expenses resulting from additional investment in NBN network infrastructure, as well as higher financing costs incurred on debts.
• The Reserve Bank of Australia, primarily due to net valuation losses incurred on the fair value measurement of domestic securities acquired as part of the bond purchase program in response to the COVID-19 pandemic during and higher interest costs on exchange settlement liabilities in 2022–23 and 2023–24.

2.184 Two entities moved from the large average deficit category during 2023–24:

• Coal Mining Industry (Long Service Leave Funding) Corporation (the Corporation), previously reported large average deficit was as a result of valuation losses and weaker performance of unlisted equity investments made by the Corporation during 2019–20. Subsequent to 2019–20, returns on unlisted equity investments have been more favourable, reflecting market performance.
• National Intermodal Corporation Limited, previously reported large average deficit was as a result of the costs incurred in the construction and development for the Moorebank Intermodal Terminal, which has moved further towards commencement of normal operations.

Large average deficits in not-for-profit entities

2.185 Ten (2022–23: 10) material not-for-profit entities recorded a large average deficit during the five-year period. Two not-for-profit entities recorded a large average deficit during the period due to factors occurring in current and prior years (2022–23: six):

• The Australian Research Council’s large average deficit due was mainly due to the deficit incurred in 2021–22. The deficit in 2021–22 was due to increased supplier expenses to undertake a review and consultation on the National Competitive Grants Program.
• The Australian Bureau of Statistics has incurred operating losses in all years during the period, due to the increased workload from survey development and roll-out, costs for SaaS development as well as costs incurred in analysing and reporting the information gathered during the national census conducted in 2021.

2.186 Eight not-for-profit entities recorded a large average deficit during the period primarily due to factors that occurred in prior years that impact the five-year average to 2023–24 (2022–23: four):

• The Australian Federal Police recorded deficits from 2018–19 to 2020–21 and in 2022–23 predominantly as a result of: increased operating costs including additional protective equipment and cleaning of facilities in response to the COVID-19 pandemic; operational activity; and increased employee entitlements expenses including additional provisions made for unpaid superannuation entitlements.
• The Australian Prudential Regulatory Authority recorded deficits from 2018–19 to 2020–21 and 2022–23 due mainly to less revenue arising from industry levies and charges than projected.
• The Australian Signals Directorate’s expenditure increased from 2019–20 to 2022–23 as part of the continued expansion of its operations and programs. The entity’s deficits during this period were attributable to additional expenditure on delayed projects that had been funded through appropriations in prior years.
• The Department of Climate Change, Energy, the Environment and Water (DCCEEW). DCCEEW was established in 2022–23. DCCEEW recorded an operating deficit related to higher than anticipated employee costs and shared services costs and delivery of programs funded by prior period appropriations.⁵⁸
• The Department of Parliamentary Services’ large average deficit was due mainly to the operating deficit recorded in 2019–20 from the impact of the COVID-19 pandemic, which impacted: increased cleaning costs; increased information; communications and technology costs; and a reduction in revenue due to rental relief for tenants and a reduction in event hire.
• The Department of the Prime Minister and Cabinet’s large average deficit was due to the impact of grant funding arrangements on the 2021–22 operating result.
• The National Blood Authority’s large average deficit was due to increased information, communications and technology expenses and contractor costs impacting the 2022–23 operating result.
• The National Library of Australia’s large average deficit is due to a deficit in 2020–21 relating to the impairment of heritage and cultural assets due to revised assumptions applied in the valuation process and impact of COVID-19 on asset values.

Large average surpluses in not-for-profit entities

2.187 As illustrated in Figure 2.28, 38 per cent of material not-for-profit entities reported average surpluses of more than 1 per cent of total expenses over the five-year period (2022–23: 51 per cent). The following focuses on the common drivers for these entities’ large average surpluses.

2.188 Eleven (2022–23: 15) material not-for-profit entities have remained in the large average surplus category for 2023–24:

• The Australian Communications and Media Authority, which recorded large operating surpluses since 2021–22, due mainly to the delays in the expenditure on new programs.
• The Australian Nuclear Science and Technology Organisation recorded gains during the period attributable to the remeasurement of the nuclear waste management and decommissioning provisions. These gains were as a result of changes in the underlying discount rate applied in calculating the provisions. As discount rates increase, there is a reduction in the value of the provision which is recorded as a gain.
• The Australian Office of Financial Management received additional funding for the implementation and management of the Australian Business Securitisation Fund and the Structured Finance Support Fund. The associated expenditure has been less than budgeted due to lower investment activity in these funds.
• The Australian Securities and Investments Commission recorded additional revenue during the period, including additional own source revenue received to deliver capital projects on behalf of other Australian Government entities and increased court cost recoveries.
• The Bureau of Meteorology recorded an average large operating surplus due to the impact of the Bureau of Meteorology’s contracts with customers which include the development of non-financial assets and insurance settlements for natural disasters. Expenses for these assets are capitalised and not recorded in the operating result until they are depreciated over their useful lives.
• The Department of Agriculture, Fisheries and Forestry recorded a large average surplus mainly due to: remeasurement gains on the provision for Antarctic restoration in previous periods; the receipt of an additional funding from the Australian Government during 2022–23 to alleviate a tighter financial position; and the impact of increased own source revenue arising from implementation of new fees and revised charges for biosecurity services during 2023–24.
• The Department of Education (prior to 1 July 2022, the Department of Education’s functions also included the Skills and Employment functions, which were subsequently transferred to the Department of Employment and Workplace Relations)⁵⁹ received funding during the period as part of COVID-19 pandemic stimulus packages. These funds were not fully expended in 2020–21. In addition, during 2020–21 the department received supplementation funding for amounts paid in earlier periods. Both of these items contributed to the surplus in that year which has contributed to the average for the period.
• Geoscience Australia recorded a large average operating surplus due to the timing of the receipt of revenue and associated expenses for the Satellite-Based Augmentation System. This project is being delivered over time and involves construction of non-financial assets. Expenses for these assets are capitalised and not recorded in the operating result until they are depreciated over their useful lives.
• The National Capital Authority recorded large average surpluses recorded since 2021–22. These surpluses were due to lower than expected employee expenses and higher income from fees for works approvals.
• The National Health and Medical Research Council recorded a large average operating surplus due to the timing of expenditure on project-related activities resulting from the COVID-19 pandemic and a supplementation of appropriation in 2023–24 for operational costs and implementation of grants management system.
• Services Australia recorded operating surpluses in: 2019–20, 2020–21 and 2021–22 due to additional funding received from the Australian Government to respond to the impacts of the COVID-19 pandemic; and in 2023–24 due to additional funding received from the Australian Government aimed at reducing claims processing backlogs, enhancing access to government services, and improving safety for Centrelink staff and customers.

2.189 Two entities moved into the large average surplus category during 2023–24:

• DCCEEW, due to the large average surplus recorded in 2023–24.⁶⁰ The surplus was due to the timing of expenditure of additional funding provided by the Australian Government for new program measures.
• The National Indigenous Australians Agency, due to the large average surplus recorded in 2023–24 as a result of lower than expected litigation settlement expenses.

Balance sheet analysis

2.190 Consistent with the duties established in the PGPA Act, entities are expected to actively manage their underlying financial position, maintaining asset levels to support their operations and ensuring that sufficient funds will be available to meet liabilities as they fall due.

2.191 The ANAO analysed the balance sheet positions of material Australian Government entities as at 30 June 2024. While it is necessary to have regard to the public sector context, the following two measures are generally accepted indicators of the soundness of entities’ balance sheets and are consistent with the ratios published by Finance⁶¹:

• Liquidity: the extent to which an entity’s liabilities are covered by cash or other financial assets. Where liabilities significantly exceed its financial assets, an entity may need a future injection of cash from government to meet those liabilities; and
• Gearing: the extent to which an entity’s total assets are funded by debt rather than equity. An entity with high gearing may be running down its asset base that could indicate the need for a future capital injection from government.

2.192 Based on the measures developed by Finance, the ANAO has reviewed an entity’s ability to manage its underlying financial position. As no guidance has been issued to assist users in assessing whether the ratios indicate strong or weak financial performance in the context of the government sector, the ANAO has determined the parameters outlined in Table 2.13.

Table 2.13: ANAO parameters for balance sheet categories

Source: ANAO analysis.

2.193 Figure 2.31 illustrates the strength of material entity balance sheets over the period 2019–20 to 2023–24.

Figure 2.31: Balance sheet analysis 2019–20 to 2023–24

Source: ANAO analysis of material entities’ balance sheets.

2.194 Sixty-three per cent of material entities had strong balance sheets in 2023–24 (2022–23: 63 per cent), while 29 per cent had less strong balance sheets (2022–23: 29 per cent).

2.195 Eight per cent of material entities had weak balance sheets in 2023–24 (2022–23: 8 per cent). The entities with weak balance sheets are predominantly those whose operations are dependent on government policy and continued funding by the Parliament. On this basis, and provided that appropriate attention is given to liquidity issues in the future, these entities are not at high risk of experiencing liquidity problems.

2.196 Entities that remained in the weak balance sheet category in 2023–24 are detailed below.

• The Australian Bureau of Statistics, consistent with the prior year, the weak balance sheet is attributable to a lower liquidity ratio, as a result of lower appropriations and funding receivable available to meet liabilities.
• The Australian Taxation Office, consistent with prior years, the weak balance sheet is attributable to the significance the entity’s liabilities, particularly lease liabilities, which impact the ATO’s liquidity ratio. Lease liabilities, representing the obligation for lease payments, are recognised at the commencement of a lease term. The ATO subsequently meet these payments through annual appropriations passed by the Parliament.
• The Department of Social Services, consistent with prior years, the weak balance sheet is attributable to the significance of lease liabilities recorded which impacted DSS’ liquidity ratio. DSS subsequently meet these payments through annual appropriations passed by the Parliament. DSS’ gearing ratio also been impacted by the transfer of DSS’ IT function to Services Australia under previous Machinery of Government changes which reduced the total value of DSS’ non-financial assets. These services are now delivered under a shared service agreement.
• NBN Co Limited’s balance sheet continues to be impacted by debt facilities, including loans and bonds, incurred to fund the construction and operation of the national broadband network.
• Voyages Indigenous Tourism Australia Pty Ltd’s balance sheet continues to be impacted by debt facilities. The entity holds borrowings to finance operations and construction and development of new assets.

Introduction

3.1 The Australian Government’s financial reporting framework is primarily based on standards made independently by the Australian Accounting Standards Board (AASB).

3.2 The AASB bases its accounting standards on the International Financial Reporting Standards (IFRS) issued by the International Accounting Standards Board. As IFRS are designed primarily for use by private sector and for-profit organisations, the AASB amends the IFRS to reflect significant transactions and events unique to the public sector and not-for-profit private sector. In doing so, the AASB considers standards issued by the International Public Sector Accounting Standards Board (IPSASB).

3.3 The Public Governance, Performance and Accountability Act 2013 (PGPA Act) requires Commonwealth entities to apply Australian accounting standards when preparing financial statements. In addition to Australian accounting standards, the Minister for Finance prescribes additional financial reporting requirements for Commonwealth entities via the Public Governance, Performance and Accountability (Financial Reporting) Rule 2015 (FRR).

3.4 The audits of the financial statements of Australian Government entities are conducted in accordance with the ANAO Auditing Standards, which are made by the Auditor-General under section 24 of the Auditor-General Act 1997 (A-G Act). The ANAO Auditing Standards incorporate, by reference, the auditing standards made by the Australian Auditing and Assurance Standards Board (AUASB). The AUASB bases its standards on those made by the International Auditing and Assurance Standards Board (IAASB), an independent standard setting board of the International Federation of Accountants.⁶²

3.5 The financial reporting and auditing frameworks that apply in 2023–24 are discussed further in Appendix 3 and Appendix 4 of this report.

Key developments in public sector reporting and auditing

Consolidated entity disclosure statement requirement for public companies

3.6 On 27 March 2024, as part of the Australian Government reforms in relation to multinational tax integrity and transparency⁶³, legislative changes⁶⁴ were made to amend the Corporations Act to require all public companies⁶⁵ (listed and unlisted) to include a CEDS in financial reports. The CEDS is a separate statement and does not form part of the notes to the financial statements and cannot be combined with the note on controlled entities required by the Australian Accounting Standards (AAS). These new requirements applied from 1 July 2023.⁶⁶

3.7 Paragraph 295(3A)(a) of the Corporations Act provides that if the AAS require the public company to prepare financial statements in relation to a consolidated entity, a CEDS must be prepared that discloses:

• the entity’s name;
• whether the entity is a body corporate, partnership or trust;
• whether the entity was a trustee of a trust within the consolidated entity, a partner in a partnership within the consolidated entity, or a participant in a joint venture within the consolidated entity;
• where the entity was incorporated or formed (if the entity is a body corporate);
• where the entity is a body corporate with share capital, the percentage of the entity’s issued share capital held directly or indirectly by the public company;
• whether the entity was an Australian resident of foreign resident within the meaning of the Income Tax Assessment Act 1997; and
• if the entity is a foreign resident, a list of each foreign jurisdiction in which the entity was a resident for the purposes of the law of the foreign jurisdiction.

3.8 If the AAS do not require the company to prepare consolidated financial statements, paragraph 295(3A)(b) of the Corporations Act provides that the company prepare a statement to that effect.

3.9 As the CEDS forms part of an entity’s annual financial report, it is also subject to the existing audit framework under the Corporations Act. Specifically, section 307 of the Corporations Act requires an auditor to form an opinion on whether the financial report, including the CEDS, complies with the Corporations Act. The objective of the audit work on CEDS is to obtain reasonable assurance that the CEDS is not misstated and the opinion of the directors in the directors’ declaration that the CEDS is true and correct.⁶⁷ The ANAO has updated its methodology and auditor reports accordingly.

Requirement for Commonwealth companies and subsidiary companies

3.10 Subsection 97(1) of the PGPA Act treats all Commonwealth companies as public companies. Therefore, all Commonwealth companies, regardless of company type, must include a CEDS in their financial reports.

3.11 Subsection 89(1) of the PGPA Act provides that subsidiary companies of corporate Commonwealth entities or Commonwealth companies are not Commonwealth companies. However, this does not override the Corporations Act requirement for a subsidiary company that is a public company to prepare a CEDS.

Corporate Climate-related Financial Disclosure

3.12 The Department of the Treasury (Treasury) is leading the Corporate Climate-related Financial Disclosure (CCFD) Australian government policy roll-out for companies reporting under the Corporations Act.

3.13 Legislative changes to the Corporations Act⁶⁸ were made on 17 September 2024 to require certain entities to prepare a sustainability report for a financial year, if they also prepare a financial report for the financial year. The sustainability report must comply with the relevant sustainability standards made by the AASB and consist of:

• the climate statements for the year;
• any notes to the climate statements; and
• the directors’ declaration about the statements and notes.⁶⁹

3.14 CCFD is to be phased in over a period of three years, with reporting entities separated into three groups (Groups 1, 2 and 3⁷⁰), commencing with large entities (Group 1) for the financial year commencing on or after 1 January 2025. Finance has indicated that five Commonwealth companies⁷¹ will be required to commence reporting on or after 1 January 2025.

3.15 Sustainability reports required to be prepared under the Corporations Act will be subject to mandatory audit requirements in accordance with auditing standards that will be made by the AUASB. The audit requirements will be phased in over time, with mandatory audits proposed for full sustainability reports from the financial year commencing 1 July 2030.⁷²

Australian Accounting Standards Board sustainability reporting standards

3.16 Section 336A of the Corporations Act provides for sustainability reports to comply with the relevant sustainability standards made by the AASB. On 8 October 2024, the AASB published AASB S1 General Requirements for Disclosure of Sustainability-related Financial Information (AASB S1) and AASB S2 Climate-related Disclosures (AASB S2).⁷³

3.17 AASB S1 is a voluntary standard addressing sustainability-related financial disclosures in general. It incorporates all IFRS S1 General Requirements for Disclosures of Sustainability-related Financial Information requirements.

3.18 AASB S2 is a mandatory standard for Corporations Act entities that meet the reporting thresholds under section 292A of the Corporations Act (see above). AASB S2 requires climate-related financial disclosures for governance, strategy, risk management, and metrics and targets including information about scenario analysis and Scope 1, Scope 2 and Scope 3⁷⁴ greenhouse gas emissions. It is aligned with IFRS S2 Climate-related Disclosures but is modified slightly to fit the Australian context. Key modifications include:

• inclusion of an Appendix D with selected content from AASB S1 necessary to make AASB S2 function as a standalone standard for all climate-related financial disclosures; and
• as an interim measure⁷⁵, removal of the requirement for industry-based disclosures as well as the requirement for entities to consider the applicability of disclosure topics (and the industry-based metrics associated with the disclosure topics) defined in the Sustainability Accounting Standards Board (SASB) Standards and Industry-based Guidance on Implementing IFRS S2 issued by the International Sustainability Standards Board (ISSB).⁷⁶

3.19 AASB S1 and AASB S2 apply to annual reporting periods beginning on or after 1 January 2025, with earlier application permitted.

Commonwealth Climate Disclosure

3.20 CCD is the Australian government’s policy for Commonwealth entities and certain Commonwealth companies to publicly report, in their annual reports, their exposure to climate risks and opportunities and their actions to manage them. Finance is leading the CCD Program.⁷⁷

Commonwealth Climate Disclosure Pilot

3.21 The CCD Pilot commenced for all departments of state in the 2023–24 financial year. The CCD Pilot represents the first step along the pathway for entities to achieve transparent reporting of climate risk management activities and involves reporting on a limited range of climate risk management activities in their 2023–24 annual reports. The limited disclosure requirements are set out in the CCD Pilot Guidance⁷⁸ and must address the following as a minimum:

• governance structures in place to support climate risk management within departments;
• progress being made towards undertaking their climate risk and opportunity assessment as prescribed by the Climate Risk and Opportunity Management Program (CROMP) led by the Department of Climate Change, Energy, the Environment and Water (DCCEEW)⁷⁹; and
• greenhouse gas emissions profiles and information about APS Net Zero by 2030 emissions reduction target they are contributing towards.

3.22 All Commonwealth entities will be expected to report on a range of additional criteria under the full CCD requirements once finalised. The full CCD requirements will be based on the AASB sustainability reporting standards⁸⁰, with appropriate tailoring for the public sector.

3.23 Disclosures made under the CCD Pilot were not audited as part of the 2023–24 reporting process. The ANAO continues to engage in consultation with Finance to develop the assurance and verification regime for the CCD Program.

Sector readiness for climate disclosures

3.24 A significant capability uplift will be required both for entities as preparers of climate disclosures and auditors providing assurance over climate disclosures. Readiness to audit climate disclosures will be a key focus for the ANAO in 2024–25. The ANAO is considering the Auditor-General’s mandate, internal resourcing requirements, training needed to support staff development, and access to specialist expertise to support the implementation of this activity. The ANAO is also considering the readiness of the sector for preparing these disclosures and how the audit process can be used to drive enhanced disclosure across the Commonwealth.

Emerging technologies

3.25 Emerging technologies are new technologies or the further development of existing technologies, such as robotic process automation, AI, and machine learning. While emerging technologies present opportunities for entities to innovate their operations and services, the adoption of these technologies could present challenges for entities where there is not a sufficient and early focus on governance and risk. Emerging technology is an area of considerable Parliamentary interest, and is an area in which frameworks and policy are under active development.⁸¹ As developments continue to evolve, Accountable Authorities will need to consider the scale and focus of their governance and assurance mechanisms to ensure that risks are appropriately mitigated, particularly in light of the ANAO’s recent findings on existing IT governance frameworks and controls in the sector.

3.26 In recent years, the largest number of audit findings identified in financial statements audits by the ANAO related to weaknesses in IT controls.⁸² During the 2023–24 financial, performance and performance statements audits, the ANAO has continued to identify:

• weaknesses in IT controls, particularly IT general controls associated with new system implementation, user access management and change management; and
• that entity compliance with the Protective Security Policy Framework (PSPF) and Information Security Manual (ISM) could be enhanced. While in recent years entity compliance with PSPF maturity requirements has improved, it remains at lower levels overall.

3.27 The ANAO’s findings in these areas highlight that improvement in the implementation, design and operating effectiveness of IT controls is required across the Commonwealth. The addition of further complexity into entity IT environments through the adoption of emerging technologies, increases the need for effective internal control frameworks. Existing weaknesses in compliance with key aspects of governance, such as record keeping, risk being compounded if complex systems are implemented without sufficient consideration as to how key governance requirements will be addressed. Mature governance frameworks also include consideration of how assurance can be obtained as to the effectiveness of these internal controls, and that practices remain contemporary with relevant policies and regulation.

3.28 Within the Australian Government, the Department of Finance is responsible for public data policy and related matters, and whole of government data and digital policy coordination.⁸³ The Digital Transformation Agency (DTA) provides digital and ICT strategy and policy leadership, investment advice, strategic sourcing and delivery.⁸⁴ The 2024–25 Budget assigned responsibility to the DTA for developing and implementing policies to position the Australian Government as a leading example in the use of AI. The Department of Industry, Science and Resources (DISR), which hosts the National AI Centre, also plays a role in AI policy given its role in technology policy, development and diffusion more broadly. Other Commonwealth entities have also produced AI-related guidance relevant to their roles.⁸⁵

3.29 Auditor-General Report No. 42 2023–24 Interim Report on Key Financial Controls of Major Entities highlighted a number of developments regarding policy and guidance for emerging technology, in addition to recent initiatives including (but not limited to) the following:

• the June 2024 release of the National framework for the assurance of artificial intelligence in government86, which establishes governance, data governance, risk-based approaches, standards and procurement as the cornerstones of AI assurance;
• the August 2024 release of the Australian Government’s Policy for the responsible use of AI in government87, which sets out standards for accountable officials and a requirement to assign accountability relating to AI, and a requirement for entities to publish transparency statements relating to AI use; and
• the September 2024 release of the Voluntary AI Safety Standard88, which specifies ten voluntary AI guardrails and provides guidance on their application.

The two policies described above establish, for the first time, ‘cornerstones’ of assurance for Commonwealth entities to develop frameworks for obtaining their own assurance over the use of AI, and for entities to disclose their use of AI to the Parliament and public. While policy, regulation and best practice relating to emerging technology will continue to evolve, existing policy and regulatory frameworks continue to apply.

3.30 The ANAO has been monitoring policy and regulatory developments and implementation by entities, and entities have reported that they are increasing the adoption of governance and assurance practices relating to emerging technology. For example, in 2023–24, 56 entities advised the ANAO that they had adopted some form of AI, compared to 27 entities in 2022–23. Of the 56 entities adopting AI, 36 (64 per cent) established internal policies specifically governing the use of AI, while 15 (27 per cent) established internal policies regarding assurance over AI use.⁸⁹ In 2022–23, 12 entities had implemented specific AI governance policies. An absence of appropriate frameworks governing the use of emerging technologies could increase the risk of unintended consequences, particularly as the adoption of these technologies continues to increase.

3.31 The ANAO is responding to this increased adoption of emerging technologies, including AI and implementation of associated governance by entities, through targeted audit activity. In early 2024, the ANAO commenced its first performance audit specifically relating to the use of AI (in the Australian Taxation Office), which is expected to table in early 2025. The ANAO is building consideration of risks relating to entities’ use and governance of AI into its annual audit work program planning processes to provide Parliament with assurance regarding the efficient, effective, economical and ethical use of emerging technologies and the establishment of appropriate control frameworks.

Emerging technologies for audit

3.32 The ANAO continues to consider opportunities for emerging technologies to improve the efficiency and effectiveness of audits, with areas such as data analytics being an ongoing focus. The ANAO started development of standardised audit data solutions in 2019–20, with an employee expenses recalculation solution, which supports audit teams in making judgements by automating calculations and other logic. In the 2023–24 audit cycle, solutions spanning four areas of testing were used by around 80 ANAO audit teams, marking the highest level of utilisation to date. This growth reflects the continued adoption of these solutions since their inception, largely driven by the decision to make their use mandatory for financial statements audits where appropriate, and the ANAO’s focus on continuous improvement. The ANAO continues to monitor other technologies to consider potential future opportunities for applying these to audit work, subject to the ANAO’s quality requirements. The ANAO is also contributing to discussions within the audit profession regarding the future of AI in audit, including through bodies such as the International Organization of Supreme Audit Institutions (INTOSAI) and the Australasian Council of Auditors-General (ACAG).

3.33 Adoption of emerging technologies by entities also increases the ANAO’s focus on data and technology as a means of obtaining assurance, due to the critical importance of data and information in key processes. In 2023–24, the ANAO scanned more than 100 terabytes of electronic documents (such as emails, written briefs, decisions, and other material) using eDiscovery tools to identify data of relevance to its audits. The ANAO anticipates eDiscovery capabilities to be of significant importance to its future audit work as record keeping processes continue to be a challenge for entities and entity holdings of electronic records continue to grow.

Quality Management Framework and Reporting

ANAO Quality Management Framework

3.34 The quality of ANAO audit work is reliant on the strength of its independence and quality management processes. The ANAO defines audit quality as the provision of timely, accurate and relevant audits, performed independently in accordance with the requirements of the A-G Act, ANAO auditing standards and methodologies, which are valued by the Parliament. Delivering quality audits results in improved public sector performance through accountability and transparency.

3.35 The ANAO’s Quality Management Framework and Plan 2024–25⁹⁰ articulates the system of quality management that the ANAO has established to support the delivery of high-quality audit work and enables the Auditor-General to have confidence in the opinions and conclusions in the reports prepared for the Parliament.

3.36 The ANAO Quality Management Framework complies with the requirements of the Auditing Standards:

• ASQM 1 – Quality Management for Firms that Perform Audits or Reviews of Financial Reports and Other Financial Information, or Other Assurance or Related Services Engagements;
• ASQM 2 – Engagement Quality Reviews; and
• ASA 220 – Quality Management for an Audit of a Financial Report and Other Historical Information.

Ethical requirements and independence

3.37 Ethical requirements, with a focus on independence, are core to the ANAO Quality Management Framework. The fundamental principles of professional ethics, as set out in APES 110 Code of Ethics for Professional Accountants (including independence standards), are integrity; objectivity; professional competence and due care; confidentiality; and professional behaviour. The ANAO maintains a continued focus on independence through the application of ANAO independence policies that manage threats to independence in the conduct of the ANAO’s work.

Quality management and consultation processes

3.38 In the conduct of their work, ANAO auditors apply a robust methodology to drive consistent quality and compliance with the ANAO Auditing Standards. The ANAO audit methodology incorporates policies regarding direction, supervision and review, consultation on significant technical and ethical issues, engagement quality review of high risk audits and documentation of audit evidence and work performed.

3.39 The ANAO has a Qualifications and Technical Advisory Committee (QTAC), which provides a forum for Engagement Executives to consult on difficult or contentious matters and, where necessary, resolve differences of opinion on audit related matters. In 2023–24, QTAC was consulted on 13 matters relating to financial statements audits.

Consultation — prior period errors

3.40 The number and impact of restatements of financial statements for material errors are generally considered a signal of possible areas of concern in the audit process, as well as the process for preparing financial statements. In assessing the restatements resulting from errors, the ANAO focuses on the magnitude and overall impact on the financial statements. The restatements are assessed for materiality at the individual engagement level.

3.41 The cause of material restatements resulting from a prior period error is assessed by the ANAO to determine whether they are errors that should have been identified in the previous year audit and if so, whether there may be risks to audit quality that need to be addressed. Where prior period errors have been identified, this will form part of the risk assessment process in selecting audit files for the 2024–25 quality assurance review program.

3.42 In 2023–24, there were 40 formal consultations on prior period errors. Of the prior period errors identified, seven were identified by entities and the remaining 33 were identified by the ANAO. The most common areas where errors were identified were in relation to key management personnel remuneration, appropriations and non-financial assets.

ANAO Quality Reporting

3.43 The Audit Quality Report 2023–24 demonstrates the ANAO evaluation of the design, implementation and operating effectiveness of the ANAO Quality Management Framework and the achievement of ANAO quality objectives. The report provides transparency in respect of the processes, policies, and procedures that support each element of the ANAO Quality Management Framework, and reports audit quality indicators measuring ANAO performance against benchmarks. The report also includes the achievement of the quality management strategy and deliverables set out in the ANAO Quality Management Framework and Plan, including the results of internal and external quality assurance reviews.

Integrity

ANAO Integrity Framework and Report

3.44 As an integrity agency, the ANAO regards integrity as a core value of the organisation — critical in sustaining the confidence of Parliament, strengthening public trust in government and delivering quality audit products. Maintaining strong institutional integrity is essential to the operations and reputation of the ANAO.

3.45 The ANAO Integrity Framework provides an overarching structure to the ANAO control system that promotes proactive integrity management. The framework serves to assist in ethical decision making and risk, fraud and misconduct management. The ANAO’s framework is shaped by the legislation, frameworks, policies, assurance and governance mechanisms, as well as the actions taken by our people to embed a pro-integrity culture, consistent with the integrity guidance issued by the Australian Public Service Commission.

3.46 The ANAO recognises that integrity demands not only quality in our products but also in the behaviours of our people. We expect our people to demonstrate integrity through their actions and behaviours in accordance with the ANAO’s five key principles of integrity — independence, honesty, openness, accountability and courage. In the ANAO, integrity means more than simply complying with requirements, it means acting to achieve the intent and spirit of the requirements. The ANAO publishes its Integrity Framework and an annual Integrity Report to provide transparency of the measures we undertake to maintain a high integrity culture within the ANAO.

Note a: CSIRO General Partner Co Pty Ltd is classified by the Department of Finance as a material entity and is consolidated into its parent entity (Commonwealth Scientific and Industrial Research Organisation). The results relating to this entity are included in the section of this chapter relating to the parent entity.

Note b: At 9 December 2024 the financial statements for the following six entities were not yet signed: IBA Retail Asset Management Pty Ltd; Ikara Wilpena Enterprises Pty Ltd; Ikara Wilpena Holdings Trust; National ICT Australia Ltd; Royal Australian Navy Central Canteens Board; and Win with Navy Ltd.

Note c: As identified in Chapter 2, there were three outstanding audits of 2022–23 financial statements not yet finalised by the ANAO at the time of the publication of Auditor-General Report No. 9 2023–24 Audits of the Financial Statements of Australian Government Entities for the Period Ended 30 June 2023. These audits were finalised during 2023–24. The number of audit findings, audit differences and legislative breaches identified in this chapter for 2022–23 includes the impact of these audits.

Entities included within this chapter

4.0.1 This chapter reflects portfolio arrangements as at 30 June 2024. The following information for each portfolio is included in this chapter:

• an overview including:
  • an analysis of income, expenses, assets and liabilities that contributed to the 2023–24 Consolidated Financial Statements (CFS);
  • a summary of the key audit matters and audit findings identified in the portfolio;
  • a table of the number of audit differences reported to entities in the portfolio; and
  • a table of the number of audit findings and legislative breaches reported to entities in the portfolio.
• for each material entity within the portfolio⁹¹:
  • the primary role of the entity;
  • a summary of financial performance that provides a comparison of the 2022–23 and 2023–24 key financial statements items and commentary regarding significant movements;
  • key areas of financial statements risk including those areas identified as key audit matters (KAM);
  • where a performance audit was tabled prior to issuance of the auditor’s report that was relevant to the financial management or administration of the entity, the impact on the financial statements audit;
  • the status of significant and moderate audit findings reported in 2023–24 and previous years for all entities; and
  • a summary of the ANAO’s auditor’s report.

4.0.2 Information is also included for each non-material entity within a portfolio where there has been a significant or moderate audit finding; significant legislative breach identified or emphasis of matter included in the auditor’s report.

4.0.3 Figure 4.0.1 provides each portfolio’s contribution, as a percentage of the Australian Government’s 2023–24 CFS.

Figure 4.0.1: Portfolio’s contribution as a percentage of the Australian Government’s 2023–24 Consolidated Financial Statements

Source: ANAO analysis of 2023–24 CFS.

Financial statements audit approach

4.0.4 The primary purpose of audits of financial statements is to provide relevant and reliable information to users about an entity’s financial performance and position. The ANAO’s financial statements audits provide an independent examination of the financial accounting and reporting of public sector entities. The ANAO’s objective in completing a financial statements audit is to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, thereby enabling the ANAO to express an opinion on whether they are in accordance with relevant legislation.

4.0.5 A central element of the ANAO’s financial statements audit methodology, and the focus of the planning phase of the ANAO audits, is the development of a sound understanding of an entity’s environment and internal controls relevant to assessing the risk of material misstatement in the financial statements. This understanding informs the ANAO’s audit approach, including the reliance that may be placed on entity systems to produce financial statements that are free from material misstatement.

4.0.6 During the planning phase the ANAO undertakes a risk assessment of the overall risk of misstatement in the financial statements which includes consideration of the: operating environment, adoption and use of technology, changes in and complexity of the financial reporting framework and results of previous audits. Whilst this risk assessment may cause the ANAO to focus on certain aspects of the financial statements the ANAO considers at greater risk of misstatement, the ANAO performs audit procedures on all material financial statements line items and disclosures.

4.0.7 In planning an audit, the ANAO also considers internal controls relevant to the preparation and fair presentation of the financial statements in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the entity’s internal controls.

4.0.8 The interim phase of the audit assesses the design and operating effectiveness of selected controls.

4.0.9 In the final audit phase, the ANAO:

• audits the design and operating effectiveness of selected controls for the full year;
• substantively tests material balances and disclosures in the financial statements; and
• finalises its audit opinion on the entity’s financial statements.

4.0.10 In accordance with the ANAO Auditing Standards (refer to para. 3.4), the ANAO accepts a low level of risk that the audit procedures will fail to detect that the financial statements are materially misstated. This low level of risk is accepted because it is too costly to perform an audit that is predicated on no level of risk. Specific audit procedures are performed to ensure that the risk accepted is low. These procedures include:

• obtaining knowledge of the entity and its environment;
• reviewing the operation of internal controls;
• undertaking analytical reviews;
• testing a sample of transactions and account balances and conducting data analytics over entire populations; and
• confirming significant year end balances with third parties.

4.0.11 Where a performance audit was tabled during 2023–24 that was relevant to the financial management or administration of an entity, the impact of those observations on the audit approach will be discussed within the relevant portfolio section. For audits tabled from 1 July 2024 onwards, relevant observations will inform the ANAO’s 2024–25 financial statements audit risk identification process.

Engagement risk

4.0.12 An audit engagement is assessed as being a high, moderate or low risk engagement based upon the overall risk of the engagement to the Auditor-General and the ANAO in accordance with the requirements of the ANAO Audit Manual.⁹² This risk assessment includes consideration of:

• the inherent risk of material misstatement arising from the engagement (that is, the risk that there is a material misstatement in the subject matter before the conduct of the engagement); and
• other professional risks, being any other source of risk to the Auditor-General and the ANAO arising from the conduct of the engagement including, but not limited to, litigious and reputational risks.

4.0.13 Table 4.0.1 provides further information on matters which may be considered by the ANAO when considering the inherent risk of material misstatement or other professional risks arising from the engagement.

Table 4.0.1: Considerations made by the ANAO in determining engagement risk

Source: ANAO Audit Manual, section 107.

4.0.14 Engagement risks are communicated to entities during the planning phase of the audit. Engagement risk is also monitored during the course of the audit. Risk ratings may be subject to change where new developments emerge. Where information-gathering processes reveal evidence of misrepresentation or inadequacies, the risk of an engagement would be rated higher to reflect the risk of expressing an inappropriate conclusion based on a lack of sufficient appropriate audit evidence.

4.0.15 The level of engagement risk identified is a factor in determining the nature, timing and extent of audit procedures to be performed during the audit. In addition, for high risk audits, the ANAO considers the level of resources, including the skills and experience of the engagement team, needed to address the identified risks.

4.0.16 Twelve entities have been assessed as having a high engagement risk rating for 2023–24 (2022–23: 15 entities). Table 4.0.2 shows the engagement risk rating for 2022–23 and 2023–24 for each of these entities.

Table 4.0.2: Entities with a high engagement risk rating for 2022–23 or 2023–24

Note a: Inland Rail Pty Ltd is a subsidiary of the Australian Rail Track Corporation Ltd and became a reporting entity for the purposes of the Corporations Act 2001 during 2023–24.

Source: 2022–23 and 2023–24 ANAO results.

Key Audit Matters

4.0.17 While ASA 701 Communicating Key Audit Matters in the Independent Auditor’s Report (ASA 701) only requires Key Audit Matters (KAM) reporting for listed entities, the Auditor-General considers including KAM to be good practice for financial statements auditing in the public sector and includes KAM in certain audit reports. Communicating KAM helps users of financial statements better understand those matters that, in the auditor’s professional judgement, were of the most significance in the audit of the financial statements.

4.0.18 The ANAO has reported KAM in 2023–24 for the entities included in Auditor-General Report No. 42 of 2023–24 Interim Report on Key Financial Controls of Major Entities (ANAO Report No. 42) and the Consolidated Financial Statements (CFS). In 2023–24, a total of 60 KAM were reported across 27 entities (compared with 58 KAM reported across 27 entities in 2022–23).⁹³ The majority of KAM related to the valuation, allocation and accuracy of assets and liabilities, including:

• advances, loans and other receivables, including accounting for concessional loans and expected credit losses;
• non-financial assets including property, plant and equipment and specialist military equipment, including investment properties;
• investments in listed or unlisted entities, foreign currency and other investment products;
• intangibles, including computer software;
• treasury bonds and notes (Australian Government Securities);
• leases; and
• provisions, including defined benefit superannuation funds, personal benefits and military compensation provisions.

4.0.19 Other KAM included: completeness and accuracy of expenses relating to personal benefits and grants; and completeness and accuracy of revenue relating to taxation, levies, customs duty, royalty and other revenue arising from fees and charges. Further details of the KAM reported to entities are included in the discussion of results of financial statements audits in this chapter.

Audit findings

4.0.20 As explained in Chapter 2 audit findings are raised in response to the identification of a potential business or financial risk posed to an entity. Often these risks arise from deficiencies within an entity’s internal control processes or frameworks. Weaknesses in internal controls increase the possibility that an entity will not prevent or detect a material misstatement in its financial statements in a timely manner. The ANAO rates audit findings according to the potential business or financial management risk posed to the entity. The ANAO reports audit findings identified, including recommendations, to an entity’s accountable authority, copied to the audit committee, during the course of the audit.

4.0.21 In addition to reporting audit findings to the accountable authority, on finalisation of the audit, the Auditor-General, or their delegate, reports all significant audit findings or significant legislative breaches identified to the relevant Minister with portfolio responsibility for the entity.

4.0.22 Table 4.0.3 presents a summary of significant or moderate findings and significant legislative breaches reported as at 30 June 2024 and 30 June 2023 by portfolio and entity, including the number of findings carried forward as unresolved from the previous year. A summary of all audit findings and legislative breaches identified in 2023–24 audits is included in the results for audits in each portfolio.

4.0.23 For new significant and moderate audit findings first identified during the 2023–24 financial statements audits, the findings and associated recommendations were agreed by all entities.

4.0.24 For repeat and unresolved significant and moderate audit findings, the findings and recommendations were agreed by all entities.

Table 4.0.3: Significant and moderate audit findings by portfolio and entity

Note: Legislative breaches are not included in the above table. Four significant legislative breaches were reported in 2023–24. For further details refer to individual entity contributions in this chapter for: Department of Social Services; Northern Land Council; Services Australia; and Tiwi Land Council.

Note a: Significant and moderate audit findings by portfolio and entity.

Note b: Repeat/unresolved findings are categorised as such if unresolved from a prior financial year. Findings transferred to another entity as a result of machinery of government changes which remain unresolved are treated as unresolved findings for the purposes of this table.

Note c: As identified in Chapter 2, there were three outstanding audits of 2022–23 financial statements not yet finalised by the ANAO at the time of the publication of Auditor-General Report No. 9 of 2023–24 Audits of the Financial Statements of Australian Government Entities for the Period Ended 30 June 2023. These audits were finalised during 2023–24. Table 4.0.3 includes the results of these audits.

Source: ANAO audit results and correspondence 2022–23 and 2023–24.

4.1 Agriculture, Fisheries and Forestry portfolio

Portfolio overview

4.1.1 The Agriculture, Fisheries and Forestry portfolio is responsible for advising the government and implementing programs on rural adjustment and drought issues, plant and animal biosecurity and Australia’s agricultural, fisheries, food and forestry industries.

4.1.2 Table 4.1.1 identifies material and other entities specifically mentioned in this chapter.

Table 4.1.1: Agriculture, Fisheries and Forestry portfolio material and other entities discussed in this chapter

✔: auditor's report not modified 
☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.1.3 Figure 4.1.1 shows the Agriculture, Fisheries and Forestry portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.1.1: Agriculture, Fisheries and Forestry portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.1.4 Table 4.1.2 presents a summary of the total number of unresolved findings by entities in the Agriculture, Fisheries and Forestry portfolio at the conclusion of the 2023–24 final audits.

Table 4.1.2: Unresolved audit findings by entity in the Agriculture, Fisheries and Forestry portfolio

Source: ANAO 2023–24 audit results.

4.1.5 Table 4.1.3 presents a summary of the total number of legislative breaches by entities in the Agriculture, Fisheries and Forestry portfolio at the conclusion of 2023–24 final audits.

Table 4.1.3: Legislative breaches identified by entity in the Agriculture, Fisheries and Forestry portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.1.6 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.1.4 provides a summary of those audit differences that relate to entities within the Agriculture, Fisheries and Forestry portfolio.

Table 4.1.4: The number of audit differences for entities in the Agriculture, Fisheries and Forestry portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.

The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Agriculture, Fisheries and Forestry portfolio.

4.1.7 The following section provides a summary of the 2023–24 financial statements audit results for the Department of Agriculture, Fisheries and Forestry and material entities within the portfolio, and findings for other non-material entities in the portfolio.

Department of Agriculture, Fisheries and Forestry

4.1.8 DAFF is responsible for developing and implementing policies and initiatives to promote more sustainable, productive, internationally competitive and profitable Australian agricultural, food and fibre industries; and safeguarding Australia’s animal and plant health status to maintain overseas markets and protect the economy and environment from exotic pests and diseases.

Summary of financial performance

4.1.9 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by DAFF (as outlined in Table 4.1.5 and Table 4.1.6) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.1.5: Key departmental financial statements items

Source: DAFF’s audited financial statements for the year ended 30 June 2024.

4.1.10 The decrease in net cost of services of $133.6 million is mainly due to:

• a reduction in supplier expenses of $90.2 million primarily due to reduced engagement of contractors and consultancy services; and
• an increase in own source revenue of $63.9 million primarily due to implementation of increased cost recovery charges for biosecurity arrangements, which commenced on 1 July 2023.

4.1.11 The decrease in revenue from the government by $67.9 million in 2023–24 is primarily due to the supplementary funding DAFF received in the 2022–23 financial year, which was not continued in 2023–24.

4.1.12 The increase in total assets of $134.4 million is primarily due to increase in trade and other receivables balance. This was driven by the appropriation receivable balance, which reflects unspent appropriations as of 30 June 2024 which DAFF received in 2022–23 to address financial sustainability issues.

Table 4.1.6: Key administered financial statements items

Source: DAFF’s audited financial statements for the year ended 30 June 2024.

4.1.13 Total assets have increased by $212.9 million due mainly to the following factors:

• an increase to the fair value of investments in corporate Commonwealth entities of $141.7 million, reflecting an increase in the underlying net assets of the Grains Research and Development Corporation driven by favourable grains conditions, resulting in higher levies and gross value of production; and
• an increase in loan receivables balance of $71.4 million mainly due to an increase in concessional loans to farm businesses made by the Regional Investment Corporation on behalf of DAFF.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.1.14 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• breadth of legislation for departmental revenue (charges for import and export functions) and self-assessment nature of administered revenue (primary industry levies and charges);
• financial sustainability including tight liquidity position experienced during 2022–23; and
• significance of the judgement and estimation involved in determining the valuation of loans to state and territory governments and farm businesses.

Key areas of financial risk

4.1.15 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of DAFF’s financial statements.

4.1.16 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.1.7 including areas which were considered KAM by the ANAO.

Table 4.1.7: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and DAFF’s audited financial statements for the year ended 30 June 2024.

Risks and findings identified in ANAO performance audits

4.1.17 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. The following performance audit report was tabled during 2023–24 relevant to the financial management or administration of DAFF:

• Auditor-General Report No. 35 of 2023–24 Digital Reform of the Agricultural Export Systems

4.1.18 While the report did not include recommendations regarding risks to DAFF financial administration as it relates to the financial statements, the observations of this report were considered in designing audit procedures.

What are the results of the ANAO’s audit coverage in 2023–24?

4.1.19 Table 4.1.8 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.1.8: Status of audit findings

Note a: The moderate audit finding relating to Removal of user access was identified during the 2022–23 audit. This audit finding was reduced to a minor audit finding during the 2023–24 interim audit as reported in Auditor-General Report No. 42 of 2023–24 Interim Report on Key Financial Controls of Major Entities.

Source: ANAO 2023–24 audit results.

Conclusion

4.1.20 The ANAO issued an unmodified auditor’s report on DAFF’s financial statements on 6 September 2024.

4.2 Attorney-General’s portfolio

Portfolio overview

4.2.1 The Attorney-General’s portfolio is responsible for: legal services; national security and criminal law; integrity and anti-corruption matters; the Commonwealth justice system including courts, tribunals, justice policy and legal assistance; regulation and reform; protecting and promoting human rights; and support for Commonwealth royal commissions.

4.2.2 Table 4.2.1 identifies material and other entities specifically mentioned in this section.

Table 4.2.1: Attorney-General’s portfolio material and other entities discussed in this section

✔: auditor's report not modified

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.2.3 Figure 4.2.1 shows the Attorney-General’s portfolio’s income, expenses, assets and liabilities contribution for the year ended 30 June 2024.

Figure 4.2.1: Attorney-General’s portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.2.4 Table 4.2.2 presents a summary of the total number of unresolved findings by entities in the Attorney-General’s portfolio at the conclusion of the 2023–24 final audits.

Table 4.2.2: Unresolved audit findings by entity in the Attorney-General’s portfolio

Source: ANAO 2023–24 audit results.

4.2.5 Table 4.2.3 presents a summary of the total number of legislative breaches by entities in the Attorney-General’s portfolio at the conclusion of 2023–24 final audits.

Table 4.2.3: Legislative breaches identified by entity in the Attorney-General’s portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.2.6 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.2.4 provides a summary of those audit differences that relate to entities within the Attorney-General’s portfolio.

Table 4.2.4: The number of audit differences for entities in the Attorney-General’s portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.

The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Attorney-General’s portfolio.

4.2.7 The following section provides a summary of the 2023–24 financial statements audit results for the Attorney-General’s Department and material entities within the portfolio, and findings for other non-material entities in the portfolio.

Attorney-General’s Department

4.2.8 AGD supports the Attorney-General through the provision of expert advice and services on a range of law, justice, integrity and national security issues.

Summary of financial performance

4.2.9 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by AGD (as outlined in Table 4.2.5 and Table 4.2.6) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.2.5: Key departmental financial statements items

Source: AGD’s audited financial statements for the year ended 30 June 2024.

4.2.10 The increase in net cost of services of $40.2 million was primarily due to:

• higher employee benefit expenses of $38.1 million from a growth in staffing levels, staff movements between salary increments, and related superannuation expenses;
• higher supplier expenses of $31.0 million as a result of increased expenditure on new functions; and
• partly offset by higher income of $22.7 million as a result of the transfer of the Identity and Biometrics functions transferred from the Department of Home Affairs in August 2023.

4.2.11 The increase in revenue from government of $45.6 million due to additional funding received in April 2024 for new measures, including Digital ID and the Government Response to the Royal Commission into the Robodebt Scheme.

4.2.12 The decrease in total assets of $25.6 million and total liabilities of $52.7 million is predominantly due to adjustments to lease right-of-use assets and liabilities resulting from the remeasurement of four major leases.

Table 4.2.6: Key administered financial statements items

Source: AGD‘s audited financial statements for the year ended 30 June 2024.

4.2.13 The decrease in total expenses of $95.2 million is predominantly due to a decrease in grant and supplier expenses relating to Royal Commission into the Robodebt Scheme and the Royal Commission into Violence, Abuse, Neglect and Exploitation of People with Disability.

4.2.14 The increase in total income of $28.0 million is due to an increase in revenue received under the Proceeds of Crime Act 2002. These funds are used to support crime presentation and law enforcement activities.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.2.15 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• AGD’s broad range of functions require organisational structures and IT systems to support the key activities, including supporting the AGS;
• AGD’s management of agreements and arrangements with other Commonwealth departments relating to service delivery responsibilities; and
• changes arising from the Administrative Arrangement Orders.

Key areas of financial risk

4.2.16 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of AGD’s financial statements.

4.2.17 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.2.7.

Table 4.2.7: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and AGD’s audited financial statements for the year ended 30 June 2024.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.2.18 Table 4.2.8 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.2.8: Status of audit findings

Note a: The moderate audit finding relating to Monitoring of privileged FMIS access was identified during the 2022–23 audit. This audit finding was resolved during the 2023–24 interim audit as reported in Auditor-General Report No. 42 of 2023–24 Interim Report on Key Financial Controls of Major Entities.

Source: ANAO 2023–24 audit results.

Conclusion

4.2.19 The ANAO issued an unmodified auditor’s report on AGD’s financial statements on 23 September 2024.

Australian Federal Police

4.2.20 The AFP is responsible for the provision of police services in relation to laws of the Commonwealth, the provision of policing services to the Australian Capital Territory and external territories, combatting transnational serious organised crime and terrorism, disrupting crime offshore, supporting regional security, and protecting Australian interests and assets.

Summary of financial performance

4.2.21 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by the AFP (as outlined in Table 4.2.9 and Table 4.2.10) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.2.9: Key departmental financial statements items

Source: AFP’s audited financial statements for the year ended 30 June 2024.

4.2.22 The increase in net cost of services of $88.8 million is due mainly to higher employee benefits expenses resulting from increased staffing level and salary increases during the year.

4.2.23 The increase in revenue from government of $215.0 million was primarily due to new programs relating to cyber security and community safety measures and a cash injection to cover the cost of the unpaid superannuation obligations (refer to Table 4.2.11).

4.2.24 The increase in total assets of $61.3 million is due mainly to higher appropriation receivable of $81.4 million, as a result of the additional revenue from government received during 2023–24 not expended at balance date (refer to paragraph 4.2.23).

Table 4.2.10: Key administered financial statements items

Source: AFP’s audited financial statements for the year ended 30 June 2024.

4.2.25 The increase in total expenses of $20.5 million was primarily due to $18.4 million of police equipment gifted through the Enhancing Pacific Engagement program with Papua New Guinea and Samoa.

4.2.26 The decrease in total income of $1.7 million was due to the impact of a fine revenue for one court case in 2022–23 that was not replicated in 2023–24.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.2.27 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the AFP is subject of a high degree of scrutiny and a high degree of operational risk due to the nature of its powers and operations;
• the high level of decentralisation including operations and presences throughout Australia and at overseas posts; and
• the number of significant and complex financial statements line items. These include: a large and disbursed land and buildings portfolio; a diverse portfolio of assets requiring specialist valuation; and a provision for underpayment of superannuation which requires significant judgement to calculate.

Key areas of financial risk

4.2.28 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures.

4.2.29 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.2.11.

Table 4.2.11: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the AFP’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.2.30 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits. There was one minor finding unresolved and seven minor findings resolved during the 2023–24 audit.

Conclusion

4.2.31 The ANAO issued an unmodified auditor’s report on the AFP’s financial statements on 17 September 2024.

High Court of Australia

4.2.32 The Court is responsible for interpreting and applying the law of Australia; deciding on cases of special federal significance, including challenges to the constitutional validity of laws; and hearing appeals, by special leave, from federal, state and territory courts.

Summary of financial performance

4.2.33 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by the Court (as outlined in Table 4.2.12 and Table 4.2.13) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.2.12: Key departmental financial statements items

Source: The Court’s audited financial statements for the year ended 30 June 2024.

4.2.34 The increase in other comprehensive income and total assets was the result of the annual valuation of the Court’s building. The Court revalued land and building assets in accordance with its accounting policy. The increase in fair value reflected the impact of increased construction costs for those assets valued on a replacement cost basis.

Table 4.2.13: Key administered financial statements items

Source: The Court’s audited financial statements for the year ended 30 June 2024.

4.2.35 The Court’s administered income relates to its filing and hearing fees. The increase in administered income of $0.4 million is due to higher volumes of filings and hearings.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.2.36 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as low.

Key areas of financial risk

4.2.37 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the Court’s financial statements.

4.2.38 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.2.14.

Table 4.2.14: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the Court’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.2.39 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits. One legislative breach was identified.

Conclusion

4.2.40 The ANAO issued an unmodified auditor’s report on the Court’s financial statements on 6 September 2024.

4.3 Climate Change, Energy, the Environment and Water portfolio

Portfolio overview

4.3.1 The Climate Change, Energy, the Environment and Water portfolio is responsible for advising the government and implementing programs on: climate change; energy supply efficiency, quality, performance and productivity; the environment, biodiversity; parks and heritage; meteorological services; water resources; and Australia’s interests in the Antarctic and Southern Ocean.

4.3.2 Table 4.3.1 identifies material and other entities specifically mentioned in this section.

Table 4.3.1: Climate Change, Energy, the Environment and Water portfolio material and other entities discussed in this chapter

✔: auditor's report not modified

E: auditor’s report contains an emphasis of matter

◆: new significant or moderate findings and/or significant legislative matters noted

▲: significant or moderate findings and/or significant legislative matters reported previously but not yet resolved

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.3.3 Figure 4.3.1 shows the Climate Change, Energy, the Environment and Water portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.3.1: Climate Change, Energy, the Environment and Water portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.3.4 Table 4.3.2 presents a summary of the total number of unresolved findings by entities in the Climate Change, Energy, the Environment and Water portfolio at the conclusion of the 2023–24 final audits.

Table 4.3.2: Unresolved audit findings by entity in the Climate Change, Energy, the Environment and Water portfolio

Source: ANAO 2023–24 audit results.

4.3.5 Table 4.3.3 presents a summary of the total number of legislative breaches by entities in the Climate Change, Energy, the Environment and Water portfolio at the conclusion of 2023–24 final audits.

Table 4.3.3: Legislative breaches identified by entity in the Climate Change, Energy, the Environment and Water portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.3.6 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.3.4 provides a summary of those audit differences that relate to entities within the Climate Change, Energy, the Environment and Water portfolio.

Table 4.3.4: The number of audit differences for entities in the Climate Change, Energy, the Environment and Water portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.

The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in Climate Change, Energy, the Environment and Water portfolio.

4.3.7 The following section provides a summary of the 2023–24 financial statements audit results for the Department of Climate Change, Energy, the Environment and Water and material entities within the portfolio, and findings for other non-material entities in the portfolio.

Department of Climate Change, Energy, the Environment and Water

4.3.8 DCCEEW is responsible for developing and implementing a national response to climate change and improving Australia’s energy supply, efficiency, quality, performance and productivity; conserving, protecting and sustainably managing Australia’s biodiversity, ecosystems, environment and heritage; advancing Australia’s interests in the Antarctic region; and improving the health of rivers and freshwater ecosystems and water use efficiency.

Summary of financial performance

4.3.9 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by DCCEEW (as outlined in Table 4.3.5 and Table 4.3.6) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.3.5: Key departmental financial statements items

Source: DCCEEW’s audited financial statements for the year ended 30 June 2024.

4.3.10 The increase in net cost of services of $228.8 million from 2022–23 was mainly due to the following partially offsetting factors:

• an increase of $218.0 million in employee costs for the period, reflecting the increase in staffing numbers from 2022–23 and the impact of salary increases as a result of a new enterprise agreement;
• an increase of $27.8 million in depreciation and amortisation expenses reflecting DCCEEW’s increasing balance of non-financial assets;
• a decrease of $25.2 million in supplier expenditure due to efficiency measures; and
• a decrease of $19.8 million in own-source income mostly due to one-off gains realised in 2022–23 that did not occur in 2023–24. These gains related to the impact of changes in economic assumptions on the valuation of Antarctic Restoration liabilities which were more pronounced in the prior period.

4.3.11 The increase in revenue from government of $316.0 million is due to funding provided by the Australian Government for new policy measures, and reflecting a full year of funding following the establishment of the entity in 2022–23.

4.3.12 Total assets increased by $75.0 million due to the following:

• a net increase of $11.5 million in total non-financial assets due to the effect of asset purchases, asset revaluations and depreciation across all asset classes, particularly for new projects in the Australian Antarctic region; and
• an increase of $63.4 million in financial assets due mainly to an increase of $55.8 million in appropriation receivables at 30 June 2024, reflecting increased funding over the period.

4.3.13 Total liabilities decreased by $11.1 million due to the following partially offsetting factors:

• a decrease of $21.5 million in lease liabilities, due to principal lease repayments and reflecting an ongoing rent reduction arrangement due to damage incurred during a storm event at the department’s Canberra offices;
• an increase of $16.9 million in employee leave liabilities, reflecting increased staffing numbers and wage growth; and
• a decrease of $15.8 million in supplier payables, reflecting an overall decrease in supplier expenditure over the period.

Table 4.3.6: Key administered financial statements items

Source: DCCEEW’s audited financial statements for the year ended 30 June 2024.

4.3.14 Total expenses have increased by $373.6 million due mainly to:

• the recognition of a financial guarantee of $209.2 million in relation to the Marinus Link project;
• an increase of $96.2 million in payments to corporate Commonwealth entities, reflecting increased funding provided for those entities;
• an increase of $73.3 million in grant expenses, reflecting a higher number of grant programs in 2023–24; and
• an increase of $13.8 million in impairment expenses, relating to the impairment of water entitlement assets.

4.3.15 Total income has increased by $92.4 million in 2023–24 mainly due to an increase in dividends received from Snowy Hydro Limited, reflecting improved operational performance.

4.3.16 Total assets have increased by $10.0 billion due to the following:

• an increase of $7,783.6 million in cash in special accounts mainly due to amounts credited to the Clean Energy Finance Corporation special account to fund the ‘Rewiring the Nation’ program planned investments;
• an increase of $2,052.2 million in administered investments, due to the initial recognition of the Australian Government’s investment in Marinus Link Pty Ltd; an increase in the valuation of Snowy Hydro Limited; and increases in the net assets of corporate Commonwealth entities within the portfolio; and
• an increase of $111.1 million in water entitlement assets resulting from $123.4 million of purchases made during 2023–24, offset by $14 million in impairment recognised for this asset class.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.3.17 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as high. Key factors contributing to this rating are:

• DCCEEW’s diverse functions, varied locations and its broad strategic direction supporting the Australian Government’s commitment to climate change and energy policy, water markets and protection of the environment;
• judgement and complexity involved in determining the valuation of several significant balances in the financial statements; and
• the implementation of a new Financial Management Information System (FMIS) and Human Resources Information System (HRMIS), consolidating three previous versions of each.

Key areas of financial risk

4.3.18 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of DCCEEW’s financial statements.

4.3.19 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.3.7 including areas which were considered key audit matters (KAM) by the ANAO.

Table 4.3.7: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and DCCEEW’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.3.20 Table 4.3.8 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.3.8: Status of audit findings

Note a: The moderate audit finding relating to SAP FMIS privileged user management was identified during the 2021–22 audit of the former Department of Agriculture, Water and the Environment. This audit finding was resolved during the 2023–24 interim audit as reported in Auditor-General Report No. 42 of 2023–24 Interim Report on Key Financial Controls of Major Entities.

Source: ANAO 2023–24 audit results.

4.3.21 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that DCCEEW’s 2023–24 financial statements were not materially misstated.

Resolved moderate audit finding

SAP FMIS user access provisioning and removal of user access

4.3.22 The provisioning and removal of access to the SAP FMIS relies on a mix of automated and manual controls. The effective operation of these controls would ensure that users only have access to functions and transactions within the FMIS that are appropriate to their role. User accounts should be removed or updated when there is no longer a business requirement for access after this date.

4.3.23 During the 2022–23 interim audit the ANAO identified instances where user access was not removed in a timely manner following a user’s termination and where users had access to functions and roles within the SAP FMIS that were not relevant to their position. The ANAO recommended that DCCEEW develop risk-based monitoring controls to confirm user access and role assignments are appropriate and that user access is removed in a timely manner.

4.3.24 During 2023–24, DCCEEW progressively implemented a new FMIS and a new HRMIS, and migrated SAP users to the newly established TechOne FMIS and Aurion HRMIS. As part of this project, an automated process for removing network access was implemented. Further, with the implementation of the Aurion HRMIS, SAP user access is now matched to user’s permissions of their Aurion profile.

4.3.25 As a result of the actions taken by DCCEEW, the ANAO considers this finding to be resolved.

Unresolved moderate audit finding

TechOne FMIS privileged user activity monitoring

4.3.26 Maintaining and supporting IT systems requires some user accounts, both at the network and the application level, to have extensive access rights (privileged access). Privileged user accounts can be used to circumvent security controls to make direct changes, either to system settings or systems data, or to access files and accounts used by others.

4.3.27 During the 2023–24 interim audit, the ANAO identified weaknesses in the effectiveness of DCCEEW’s monitoring of privileged user activities within the TechOne FMIS. DCCEEW implemented the TechOne FMIS on 1 July 2023. The ANAO identified that audit logs of privileged activity reports had been generated but no evidence of the review of the logs could be provided. This weaknesses in monitoring increases the risk of erroneous or unauthorised changes to IT systems will not be identified and addressed.

4.3.28 The ANAO recommended that DCCEEW update the privileged user access monitoring policy to regularise these reviews, including the requirement to retain evidence to support that the reviews had been appropriately undertaken in accordance with the policy.

4.3.29 At the final phase of the 2023–24 audit, the ANAO confirmed that DCCEEW is developing a suite of reports to address this recommendation.

Conclusion

4.3.30 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken to obtain sufficient and appropriate evidence on the financial statements. DCCEEW has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by the entity as part of the 2024–25 audit.

4.3.31 The ANAO issued an unmodified auditor’s report on the financial statements on 19 September 2024.

Bureau of Meteorology

4.3.32 The Bureau is responsible for providing weather, water, climate and ocean services for Australia.

Summary of financial performance

4.3.33 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by the Bureau (as outlined in Table 4.3.9) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.3.9: Key financial statements items

Source: The Bureau’s audited financial statements for the year ended 30 June 2024.

4.3.34 The increase in revenue from government of $16.8 million was related to funding provided for new policy proposals and projects, including supporting the delivery of the Australian Government’s climate adaptation initiatives and supporting reforms to water markets in the Murray-Darling Basin.

4.3.35 The increase in net cost of services of $45.3 million is due mainly to the following partially offsetting factors:

• higher supplier expenses of $50.3 million growth in costs associated with operating the observation network, increased expenditure on contractors, and costs associated with the implementation of IT transformation projects;
• higher employee expenditure of $34.4 million, related mainly to an increase in salary rates as a result of the renegotiation of the Bureau’s enterprise agreement during 2023–24;
• offset by an increase of $19.3 million in own-source revenue, attributed to the Bureau’s Aviation Weather Service a growth in commercial aviation activity.

4.3.36 The decrease in total assets of $43.7 million is due mainly to the following offsetting factors:

• a decrease of $111.8 million in undrawn appropriations at 30 June 2024, reflecting increased expenditure during 2023–24 (as detailed in paragraph 4.3.35);
• an increase of $90.7 million in plant and equipment and computer software reflecting delivery and purchase of assets in these asset classes. Increases in non-financial assets were also offset by depreciation and amortisation incurred during the period.

4.3.37 The decrease in total comprehensive income of $49.8 million is due to there being no revaluation undertaken for the Bureau’s non-financial assets in 2023–24. In accordance with the Bureau’s accounting policies a comprehensive revaluation of non-financial assets was undertaken in 2022–23.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.3.38 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the nature of the outstanding audit findings identified in the 2022–23 audit;
• the implementation of revised internal controls relevant to accounting for non-financial assets, revenue and lease accounting following the identification of errors in these balances in the 2022–23 financial statements; and
• the nature, scale and geographic location of the Bureau’s operations, including the use of advanced technologies requiring accounting considerations.

Key areas of financial risk

4.3.39 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the Bureau’s financial statements.

4.3.40 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.3.10.

Table 4.3.10: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the Bureau’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.3.41 Table 4.3.11 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.3.11: Status of audit findings

Source: ANAO 2023–24 audit results.

4.3.42 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that the Bureau’s 2023–24 financial statements were not materially misstated.

Resolved moderate audit finding

Record keeping

4.3.43 Section 41 of the Public Governance, Performance and Accountability Act 2013 (PGPA Act) requires that ‘the accountable authority of a Commonwealth entity must cause accounts and records to be kept that properly record and explain the entity’s transactions and financial position’.

4.3.44 During 2022–23 several prior period errors were identified in relation to the measurement of property, plant, equipment and intangibles; leases; and revenue. One of the contributing causes for these errors was gaps in records supporting the recognition and measurement of these balances in prior periods. Additionally, the ANAO identified:

• that the Bureau does not have a policy on the retention of records supporting the financial statements; and
• inconsistent record management practices.

4.3.45 During 2023–24 the Bureau implemented a range of additional preventative and detective internal controls supporting maintenance of appropriate records to support the financial statements. These included: identifying and specifying the extent of records required to support the financial statements; retention and storage requirements; updating financial statements preparation policies and guidance to clarify record keeping arrangements; implementation of additional templates; and work instructions relating to non-financial assets.

4.3.46 The ANAO tested the implementation, design and operating effectiveness of these controls during the 2023–24 audit. As a result of the actions taken by the Bureau in response to this finding, the ANAO considers that it has been resolved.

Conclusion

4.3.47 The ANAO issued an unmodified auditor’s report on the Bureau’s financial statements on 3 September 2024.

Clean Energy Finance Corporation

4.3.48 CEFC is responsible for facilitating increased flows of finance into the clean energy sector and facilitating the achievement of Australia’s greenhouse gas emissions reduction targets.

Summary of financial performance

4.3.49 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by CEFC (as outlined in Table 4.3.12) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.3.12: Key financial statements items

Source: CEFC’s audited financial statements for the year ended 30 June 2024.

4.3.50 The $417.1 million increase in the net cost of services and deficit attributed to the Australian Government is mainly a result of the following partially offsetting factors:

• recognition of a concessional loan charge of $458.0 million as a result of new concessional loans entered into during the financial year, representing a $442.3 million increase on the expense recognised in the prior year;
• a $43.2 million reduction in the value of the expense for impairment losses on financial instruments, as a result of reversals of previous impairment expenses recognised upon recovery of the debt, in addition to an absence of any specific large impairment provisions made in 2023–24;
• an increase of $13.0 million in losses from sale of assets as a result of losses incurred in the sale equity investments classified at Fair Value Through Profit and Loss (FVPTL) and associates and joint ventures during the year;
• a $21.3 million reduction in net fair value gains recognised, comprising largely of a reduction in net fair value gains on equity investments carried at FVTPL driven by a softening in commercial property values; and
• interest and loan fee revenue increased by $28.1 million compared to 2022–23 as a result of the higher value of interest-generation cash and investment balances held, as well as the impact from a modest increase in the cash rate.

4.3.51 The $1.1 billion increase in total assets is primarily due to:

• a $527.5 million increase in cash balances, largely as a result of funding drawn from the CEFC Special Account to meet contractual investment funding obligations that still remained to be funded at 30 June 2024;
• loans and advances increased by $171.1 million due to an increase in the average amount funded through loans and advances balances drawn down on, supported through additional funding received from the special account for various major projects;
• a $195.0 million increase in equities and units in trusts driven by growth in the portfolio as a result of new clean energy equity investments; and
• a $169.2 million increase in equity accounted investments, primarily as a result of $189.2 million in new investments entered into during 2023–24, offset by $23.8 million in distributions from investments.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.3.52 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• continued growth in CEFC’s debt and equity investments coupled with a broader range of investment structures;
• the complexity associated with monitoring of the CEFC’s operations in compliance with its enabling legislation; and
• complex accounting and reporting arrangements, in particular compliance with AASB 9 Financial Instruments.

Key areas of financial risk

4.3.53 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of CEFC’s financial statements.

4.3.54 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.3.13.

Table 4.3.13: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and CEFC’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.3.55 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.3.56 The ANAO issued an unmodified auditor’s report on CEFC’s financial statements on 20 August 2024.

Clean Energy Regulator

4.3.57 CER is responsible for the administration of market-based mechanisms that incentivise reduction in greenhouse gas emissions and the promotion of additional renewable electricity generation. In achieving these objectives, CER is responsible for the administration of the Australian Carbon Credit Unit Scheme and the programs and regulation supporting the Renewable Energy Target.

Summary of financial performance

4.3.58 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by CER (as outlined in Table 4.3.14 and Table 4.3.15) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.3.14: Key departmental financial statements items

Source: CER’s audited financial statements for the year ended 30 June 2024.

4.3.59 The increase in the net cost of services and revenue from government related to additional expenditure on supplier and employee expenses to deliver the ‘Guarantee of Origin’ scheme and further investment in IT platforms.

Table 4.3.15: Key administered financial statements items

Source: CER’s audited financial statements for the year ended 30 June 2024.

4.3.60 The decrease in expenses of $57.9 million and revenue of $43.9 million largely relates to a reduction in fines paid by liable entities to meet their obligations under the Renewable Energy Target⁹⁴ (RET). A liable entity is required to render Renewable Energy Certificates (RECs) to CER to meet their RET obligations, or must pay a shortfall penalty. Where an entity pays a shortfall penalty, a refund can be claimed for up to three years following, if the entity can subsequently render RECs to CER to meet their RET obligations. Given the liquid supply of RECs in the market, CER recognise a provision for refund of fines receipted on the high probability that a refund will be claimed during this period. As a result of the level of renewable energy generated in the market, and supply of RECs, less entities were required to pay the shortfall penalty in 2023–24.

4.3.61 The reduction in assets of $119.5 million is due mainly to the decrease in the balance of cash and cash equivalents held in Small Scale Technology Certificate Clearing House Special Account administered by CER. In 2022–23, there was an increase in small scale technology certificate purchases by market participants⁹⁵ to meet their legislative requirements (deposits in the special account) which were subsequently met through sales of certificates in the market during 2023–24.

4.3.62 The reduction in liabilities of $275.5 million is due mainly to a decrease in the:

• RET shortfall refund provision (refer to paragraph 4.3.60); and
• funds held on behalf of market participants in the Small Scale Technology Certificate Clearing House Special Account (refer to paragraph 4.3.61).

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.3.63 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the size and nature of CER’s operations, particularly related to the administration of the Australian Carbon Credit Unit (ACCU) scheme and the RET, which are complex in nature and are managed in complex IT environments; and
• continuing developments in the Australian Government’s response to climate change, including the impact of the Safeguard Mechanism and other policy and regulatory processes, which are administered by CER.

Key areas of financial risk

4.3.64 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of CER’s financial statements.

4.3.65 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.3.16.

Table 4.3.16: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and CER’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.3.66 Table 4.3.17 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.3.17: Status of audit findings

Source: ANAO 2023–24 audit results.

4.3.67 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that the entity’s 2023–24 financial statements were not materially misstated.

Unresolved moderate audit finding

Privileged and other user access

4.3.68 Maintaining and supporting IT systems requires some user accounts, both at the network and the application level, to have extensive access rights (privileged access). Privileged user accounts can be used to circumvent security controls to make direct changes, either to system settings or systems data, or to access files and accounts used by others.

4.3.69 During the 2021–22 audit, the ANAO identified that there were limited policies, procedures or risk assessments that specified the extent to which activities of privileged users should be monitored across the impacted systems. Further, where CER had a specific policy to undertake monitoring of privileged user and other user access, monitoring had not been performed. The ANAO recommended that CER undertake a review of all privileged user access logs and undertake a risk assessment informing policies and procedures which would regularise these reviews.

4.3.70 During 2023–24, CER undertook further work to address the recommendations made by the ANAO. These actions included updating policies, procedures and risk assessments associated with user access and implementing processes to review user access granted to systems through regular system log reviews. However, the ANAO’s review of the controls indicated weaknesses in design effectiveness. The ANAO identified that the monitoring process did not include all relevant privileged users. As a result, the ANAO does not consider that this finding has been resolved.

Conclusion

4.3.71 The ANAO issued an unmodified auditor’s report on the financial statements on 26 August 2024. Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence to support the auditor’s report. CER has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by the entity as part of the 2024–25 audit.

Snowy Hydro Limited

4.3.72 Snowy Hydro is a government business enterprise responsible for energy generation activities to supply the National Electricity Market as well as operating as a retail energy provider through the Red Energy and Lumo Energy brands.

Summary of financial performance

4.3.73 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by Snowy Hydro (as outlined in Table 4.3.18) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.3.18: Key financial statements items

Source: Snowy Hydro’s audited financial statements for the year ended 30 June 2024.

4.3.74 The increase in total assets of $2.9 billion is primarily due to higher non-financial assets. During the period Snowy Hydro capitalised $2.9 billion of costs mainly related to the Snowy 2.0 and Hunter Power projects.

4.3.75 The increase in total liabilities of $2.6 billion is primarily due to higher debt. During the period, Snowy Hydro drew down $2.2 billion of additional debt facilities to finance the construction of the Snowy 2.0 and Hunter Power projects.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.3.76 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the value of and complexity of delivery of the long-term infrastructure developments relating to the Snowy 2.0 and Hunter Power projects;
• the dynamism and complexity of Snowy Hydro’s operating and regulatory environment and level of competition for customers for the supply of electricity; and
• the complexity of and judgement required in determining the fair value of the energy derivatives portfolio.

Key areas of financial risk

4.3.77 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Snowy Hydro’s financial statements.

4.3.78 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.3.19, including areas which were considered KAM by the ANAO.

Table 4.3.19: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Snowy Hydro’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.3.79 Table 4.3.20 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.3.20: Status of audit findings

Source: ANAO 2023–24 audit results.

4.3.80 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that Snowy Hydro’s 2023–24 financial statements were not materially misstated.

New moderate audit finding

IT general controls for the financial management information system

4.3.81 Snowy Hydro’s financial management information system (FMIS) is provided under a cloud computing arrangement. Snowy Hydro’s service provider is largely responsible under contract for system administration activities, including designing and implementing appropriate IT general controls supporting user access management, including for privileged users, and change management processes. Under the terms of the contract, the service provider is required to provide assurance to Snowy Hydro, via a Service Organisation Control (SOC) report prepared by an independent auditor, that these controls are designed, implemented and operating effectively.

4.3.82 During 2023–24, the service provider provided a qualified SOC report which identified a number of weaknesses in the operating effectiveness of IT general controls for the FMIS, particularly in relation to the timely termination and monitoring of user access, including privileged users. Inadequate security measures for timely removal of user access increases the risk of unauthorised access to sensitive information. Additionally, Snowy Hydro did not have a formalised process to review and respond to the SOC report in a timely manner.

4.3.83 The ANAO recommended that Snowy Hydro establish a formal control for the periodic review of SOC reports from all critical service providers and perform mitigating procedures over any deficiencies noted.

Conclusion

4.3.84 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements by undertaking additional audit procedures. Snowy Hydro has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by the entity as part of the 2024–25 audit.

Comments on non-material entities

Australian Institute of Marine Science

4.3.85 The Australian Institute of Marine Science’s (the Institute) mission is to provide the research and knowledge of Australia’s tropical marine estate required to support growth in its sustainable use, effective environmental management, and protection of its unique ecosystems.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.3.86 Table 4.3.21 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.3.21: Status of audit findings

Note a: The moderate audit finding related to User profiles and access management – expenditure delegations was identified in the 2023–24 interim audit. The finding was reduced to a minor audit finding during the 2023–24 final audit. Refer to paragraphs 4.3.88 to 4.3.91.

Source: ANAO 2023–24 audit results.

4.3.87 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that the Institute’s 2023–24 financial statements were not materially misstated.

Reduced moderate audit finding

User profiles and access management – expenditure delegations

4.3.88 During the 2023–24 interim audit, the ANAO identified that expenditure delegation limits configured in the Institute’s Financial Management Information System (FMIS) did not align with the approved limits contained within the approved financial delegations policy. Delegation limits which are not accurately configured highlight weaknesses in the monitoring and updating of user access to the FMIS and could lead to unauthorised financial transactions being processed.

4.3.89 The ANAO recommended that the Institute updates the expenditure delegation limits in the FMIS to comply with the approved policy; review expenditure processed by employees with inaccurately configured expenditure delegation limits to determine that it was appropriate; and develop a process to provide regular assurance that delegation limits established in the FMIS are in accordance with the approved policy.

4.3.90 At the time of the final phase of the 2023–24 audit, the Institute had:

• updated configuration in the FMIS to match the approved delegation policy; and
• implemented a monitoring control to regularly review reports from the FMIS on delegation limits assigned to users to confirm that they are accurate and comply with the approved policy.

4.3.91 As part of the final audit the ANAO has reviewed and tested the design effectiveness of these processes. As a result of the action taken by the Institute, the ANAO reduced this finding to a minor finding. However, given timing of the implementation of new controls, the ANAO has not been able to observe that the controls are operating effectively and performed regularly as designed. The ANAO will consider the operating effectiveness of the revised controls as part of the 2024–25 audit.

Great Barrier Reef Marine Park Authority

4.3.92 The Great Barrier Reef Marine Park Authority (the Authority) provides world-leading marine park management to protect reef habitats, strengthen reef resilience, and reduce cumulative impacts in a changing climate. The Authority is structed to meet the following outcome: The long-term protection, ecologically sustainable use, understanding and enjoyment of the Great Barrier Reef for all Australians and the international community, through the care and development of the Marine Park.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.3.93 Table 4.3.22 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.3.22: Status of audit findings

Source: ANAO 2023–24 audit results.

4.3.94 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that the Authority’s 2023–24 financial statements were not materially misstated.

Resolved moderate audit finding

Privileged user access to the FMIS

4.3.95 During the 2022–23 audit of IT controls supporting the Authority’s Financial Management Information System (FMIS) the ANAO identified:

• privileged user access was provided to some employees in excess of the required business requirements; and
• there were weaknesses in the design and operating effectiveness of controls supporting privileged access. There were limited policies, procedures or risk assessments that specified the extent to which activities of privileged users should be monitored in the FMIS.

4.3.96 Consistent with the recommendations made by the ANAO the Authority has:

• reviewed privileged access to the FMIS and removed access no longer required;
• updated policies, procedures and risk assessments supporting the assignment and monitoring of privileged user access; and
• implemented a regular process to review privileged user access logs to confirm appropriateness of activities undertaken.

4.3.97 The ANAO has reviewed and tested the design and operating effectiveness of the processes the Authority has implemented. As a result, the ANAO considers that this finding has been resolved.

Natural Heritage Trust of Australia Account

4.3.98 The Natural Heritage Trust (NHT) of Australia Account is a Special Account established under Section 80 of the PGPA Act and the Natural Heritage Trust of Australia Act 1997 (NHT Act). NHT is managed by DCCEEW. Sections 43 and 44 of the NHT Act require the preparation of annual financial statements for NHT and their subsequent audit by the Auditor-General.

4.3.99 The ANAO issued an unmodified auditor’s report on NHT’s financial statements on 18 September 2024. Without modifying the opinion, the auditor’s report included an emphasis of matter paragraph to draw the attention of users of the financial statements to the Overview note to the financial statements which describes NHT’s correction of prior period errors relating to the incorrect recognition of supplier expenses. The auditor’s report was not modified in respect of this matter.

4.3.100 The net impact of the error to each financial statements line item was to reduce total equity for the period ending 30 June 2023 by $32.3 million.

4.4 Defence portfolio

Portfolio overview

4.4.1 The Defence portfolio includes a number of entities that together are responsible for the defence of Australia and its national interests. The principal entities within the portfolio are the Department of Defence, the Department of Veterans’ Affairs, the Australian Signals Directorate, the Australian War Memorial, Defence Housing Australia and the Australian Submarine Agency. The Department of Veterans’ Affairs and the Australian War Memorial are discussed separately.

4.4.2 Table 4.4.1 identifies material and other entities specifically mentioned in this chapter.

Table 4.4.1: Defence portfolio material and other entities discussed in this chapter

✔: auditor's report not modified

E: auditor’s report contains an emphasis of matter

✏: financial statements not signed as at 9 December 2024

◆: new significant or moderate findings and/or significant legislative matters noted

▲: significant or moderate findings and/or significant legislative matters reported previously but not yet resolved

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.4.3 Figure 4.4.1 shows the Defence portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.4.1: Defence portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.4.4 Table 4.4.2 presents a summary of the total number of unresolved findings by entities in the Defence portfolio at the conclusion of the 2023–24 final audits.

Table 4.4.2: Unresolved audit findings by entity in the Defence portfolio

Source: ANAO 2023–24 audit results.

4.4.5 Table 4.4.3 presents a summary of the total number of legislative breaches by entities in the Defence portfolio at the conclusion of 2023–24 final audits.

Table 4.4.3: Legislative breaches identified by entity in the Defence portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.4.6 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.4.4 provides a summary of those audit differences that relate to entities within the Defence portfolio.

Table 4.4.4: The number of audit differences for entities in the Defence portfolio

Key: ✏ Financial statements not signed as at 9 December 2024.

Notes: The above table includes differences first identified during the current audit that were related to a prior period.
The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Defence portfolio.

4.4.7 The following section provides a summary of the 2023–24 financial statements audit results for Defence and material entities within the portfolio, and findings for other non-material entities in the portfolio.

Department of Defence

4.4.8 Defence is responsible for protecting and advancing Australia’s strategic interests through the promotion of security and stability; the provision of military capabilities to defend Australia and its national interests; and the provision of support for the Australian community and civilian authorities as directed by the Australian Government.

Summary of financial performance

4.4.9 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by Defence (as outlined in Table 4.4.5 and Table 4.4.6) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.4.5: Key departmental financial statements items

Source: Defence’s audited financial statements for the year ended 30 June 2024.

4.4.10 The increase in net cost of services of $2.7 billion is primarily due to higher:

• employee benefits expenses of $1.2 billion due to increased staffing during the period;
• supplier expenses of $1.0 billion due to growth in sustainment costs associated with Defence’s specialist military equipment; and
• depreciation expenses of $618.2 million which have increased in line with the growth in Defence’s non-financial asset base.

4.4.11 Revenue from government increased by $3.0 billion primarily due to an increase in appropriation funding to support higher forecast employee and supplier expenses (refer to paragraph 4.4.10).

4.4.12 The increase in total comprehensive income of $1.8 billion reflects a fair value gain on non-financial assets, primarily land, buildings and SME, as a result of a revaluation undertaken in accordance with Defence’s accounting policy. Fair value increments were recorded for these classes due to changes in observable market data and cost indices, such as construction costs, relevant to Defence’s non-financial assets.

4.4.13 The increase in total assets of $9.6 billion is primarily due to:

• higher specialist military equipment of $5.3 billion reflecting purchases of equipment, including development of assets under construction, and the impact of fair value gains on as a result of the revaluation undertaken by Defence during the period (refer to paragraph 4.4.12);
• higher land, buildings and plant and equipment of $2.5 billion reflecting the impact of further investment in Defence’s on-base infrastructure and the impact of fair value gains on as a result of the revaluation undertaken by Defence during the period (refer to paragraph 4.4.12); and
• higher inventory holdings, due to an increase in expenditure on explosive ordnance.

Table 4.4.6: Key administered financial statements items

Source: Defence’s audited financial statements for the year ended 30 June 2024.

4.4.14 Total expenses relate to employee contributions into Defence’s defined benefit superannuation schemes and subsidies linked to the Defence Home Ownership Assistance Scheme. The increase in total expenses of $361.4 million is mainly due to:

• higher net interest costs related to administering Defence’s defined benefit plans and superannuation schemes; and
• growth in the number of members utilising the Defence Home Ownership Assistance Scheme.

4.4.15 The decrease in total other comprehensive income of $3.7 billion reflects the movement in the actuarial valuation of the employee provision related to Defence’s defined benefit superannuation schemes (refer to paragraph 4.4.16). The increase in the long-term government bond rate was smaller in 2023–24 when compared with the prior year. In the prior period, the bond rate increased more substantially leading to a lower overall discounted provision calculated.

4.4.16 The increase in total liabilities of $414.9 million relates primarily to the actuarial valuation of administered employee provisions (defined benefit superannuation). Employee provisions were higher as a result of change in interest rates invalidity demographic assumptions applied in the valuation of the superannuation liability as a result of the triennial Long Term Cost Report review.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.4.17 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as high. Key factors contributing to this rating are:

• the nature, magnitude and complexity of Defence’s operations and strategic environment, including a highly decentralised control environment and the use of multiple IT systems that operate independently of each other;
• the high level of public interest and scrutiny of Defence’s activities; and
• the number and financial significance of complex accounting estimates in the financial statements, including the valuation of specialist military equipment and military defined benefit superannuation liabilities which are subject to higher levels of estimation uncertainty.

Key areas of financial risk

4.4.18 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Defence’s financial statements.

4.4.19 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.4.7 including areas which were considered KAM by the ANAO.

Table 4.4.7: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Defence’s audited financial statements for the year ended 30 June 2024.

Risks and findings identified in ANAO performance audits

4.4.20 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. The following performance audit reports were tabled during 2023–24 relevant to the financial management or administration of Defence:

• Auditor-General Report No. 47 of 2023–24 Defence’s Management of Contracts for the Supply of Munitions – Part 1

4.4.21 This report included observations relevant to the existence and completeness of inventory balances, which is a key area of risk identified in the financial statements audit as outlined in Table 4.4.7. These observations were considered in planning appropriate audit procedures for inventory.

What are the results of the ANAO’s audit coverage in 2023–24?

4.4.22 Table 4.4.8 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.4.8: Status of audit findings

Source: ANAO 2023–24 audit results.

4.4.23 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that Defence’s 2023–24 financial statements were not materially misstated.

Unresolved significant audit finding

Removal of system access for Defence personnel and contractors

4.4.24 During the 2022–23 audit, the ANAO identified:

• 1,451 users whose access to the Defence Network was not disabled in accordance with Information Security Manual (ISM) requirements, which requires entities to remove or suspend access on the same day personnel (including contractors) no longer have a legitimate business requirement for the access. The ANAO also identified that a number of terminated employees continued to receive salary payments, in one case, for more than two months after termination; and
• that Defence does not have effective controls in place for removing access to the financial management information system (FMIS) when personnel or contractors remain within Defence, but their duties change hence they no longer have a legitimate business requirement to access the system.

4.4.25 The absence of effective of controls over the removal or monitoring of user access post termination increases the risk of inappropriate activity occurring in systems that have significant and sensitive data holdings. Inappropriate access can result in data integrity issues, as well as access to sensitive information. There is a significant fraud and reputational risk exposure to Defence as a result of the above system access weaknesses. These risks relate to terminated employees as well as contractors.

4.4.26 During the 2023–24 audit, the ANAO reviewed Defence’s progress against its remediation plan. Defence established a working group and remediation plan to address this finding. Defence placed significant resources and effort into addressing the recommendations raised by the ANAO. Enhanced controls and processes implemented by Defence to respond to the risks identified by the ANAO include:

• implementation of two new systems that automate processes for detecting non-compliance with Defence’s security policy and consequently disabling user access across Defence’s network;
• establishing a standardised management workflow to streamline the process for Defence separations, including additional controls for managing risks associated with backdating of separation dates;
• integrating review of post termination user access into Defence’s existing cyber security investigation processes; and
• embedding contractor debriefing and/or risk management into termination processes.

4.4.27 In relation to removal of user access for terminated personnel and contractors, the ANAO was unable to confirm that the enhanced systems and processes implemented captured the full population of personnel and contractors that had separated from Defence during the period. Defence has not established processes to regularly confirm the completeness and accuracy of data supporting the operation of these enhanced systems and processes.

4.4.28 In relation to controls for removing access from the FMIS for personnel who had changed roles with Defence, Defence has not yet addressed these weaknesses. Defence has advised the ANAO that these weaknesses will be addressed as part of the transition to a new Enterprise Resource Planning system.

Resolved moderate audit finding

Weaknesses around the disposal of assets and inventory

4.4.29 During the 2018–19 audit, Defence was unable to provide appropriate documentation in a timely manner in relation to the disposal of buildings. Between 2019–20 and 2022–23, the ANAO continued to identify examples of asset disposals occurring in the IT system significantly after the physical disposal of the asset. Instances were also identified where there was a planned disposal, but the disposal directive was not signed until after the physical disposal had occurred.

4.4.30 During 2023–24, Defence undertook remediation activities to address the risks posed by this finding, including a comprehensive review of assets on the fixed asset register to verify disposals of assets have been accounted for correctly and in a timely manner.

4.4.31 As a result of the action taken by Defence, the ANAO concluded that the action undertaken to remediate the risks associated to this finding were appropriate. As a result, the ANAO considers that this finding has been resolved.

Conclusion

4.4.32 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements. Defence has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by the entity as part of the 2024–25 audit.

4.4.33 The ANAO issued an unmodified auditor’s report on the financial statements on 3 October 2024.

Australian Signals Directorate

4.4.34 ASD’s purpose is to defend Australia from global threats and advance Australia’s national interest through the provision of foreign signals intelligence, cyber security and offensive cyber operations, as directed by government. The Australian Cyber Security Centre (ACSC) leads the Australian Government’s efforts to improve cyber security and aims to make Australia the most secure place to connect online.

Summary of financial performance

4.4.35 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by ASD (as outlined in Table 4.4.9 and Table 4.4.10) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.4.9: Key departmental financial statements items

Source: ASD’s audited financial statements for the year ended 30 June 2024.

4.4.36 Net cost of services has increased by $517.4 million in 2023–24 due to higher:

• Increased operating expenses due to REDSPICE initiatives including growth in employee benefits expense (of $114.9 million) from increased employee numbers, and additional supplier expenses incurred related to REDSPICE programs (of $233.0 million); and
• higher depreciation and amortisation expenses of $157.9 million reflecting the capitalisation of assets under construction and the recognition of new assets during the period.

4.4.37 Revenue from government has increased by $471.6 million due to increased funding from the Australian Government regarding ongoing investment in ASD’s cyber and intelligence capabilities through the REDSPICE program.

4.4.38 The increase in total assets of $767.0 million relates primarily to higher:

• building and infrastructure, plant and equipment and intangible asset balances reflecting additional acquisitions of these assets as a result of REDSPICE and other programs; and
• trade and other receivables including appropriations receivable.

4.4.39 The increase in total liabilities of $64.1 million was due to increases in supplier payables and employee provisions. These increases are reflective of higher supplier and employee benefits expenses as detailed in paragraph 4.4.36.

Table 4.4.10: Key administered financial statements items

Source: ASD’s audited financial statements for the year ended 30 June 2024.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.4.40 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the significant and ongoing investment in ASD’s cyber and intelligence capabilities through REDSPICE program;
• ASD’s unique and geographically spread business operations, and the compartmentalised and sensitive nature of ASD’s business; and
• shared services arrangements with the Department of Defence (Defence) which supports key financial statements balances.

Key areas of financial risk

4.4.41 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of ASD’s financial statements.

4.4.42 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.4.11.

Table 4.4.11: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and ASD’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.4.43 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.4.44 The ANAO issued an unmodified auditor’s report on ASD’s financial statements on 6 September 2024.

Australian War Memorial

4.4.45 The AWM has responsibility for commemorating, interpreting and understanding the Australian experience of war and its enduring impact through maintaining and developing the national memorial and its collection, and exhibiting historical material, and undertaking commemorative ceremonies and research.

Summary of financial performance

4.4.46 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by the AWM (as outlined in Table 4.4.12) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.4.12: Key financial statements items

Source: AWM’s audited financial statements for the year ended 30 June 2024.

4.4.47 The total comprehensive income of $31.5 million was related to the revaluation of the AWM’s land and building assets, which was undertaken during 2023–24 in accordance with the AWM’s accounting policy. The fair value gain was due to changes in observable market data and inputs, including construction cost indices, which are used to value these classes of assets. In 2022–23, the total comprehensive loss of $116.0 million related to the valuation of heritage and cultural assets.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.4.48 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as low.

Key areas of financial risk

4.4.49 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the AWM’s financial statements.

4.4.50 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.4.13.

Table 4.4.13: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and AWM’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.4.51 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.4.52 The ANAO issued an unmodified auditor’s report on the AWM’s financial statements on 30 August 2024.

Defence Housing Australia

4.4.53 DHA is responsible for providing housing and related services to members of the Australian Defence Force and their families, consistent with Defence’s operational requirements. To meet these requirements, DHA is responsible for constructing, purchasing and leasing houses for Australian Defence Force personnel.

Summary of financial performance

4.4.54 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by DHA (as outlined in Table 4.4.14) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.4.14: Key financial statements items

Note a: The prior period financial statements were restated with respect to: total income, total expenses due to the identification of prior period errors.

Source: DHA’s audited financial statements for the year ended 30 June 2024.

4.4.55 Total income decreased by $9.0 million primarily due to lower sales of inventories. The lower sale of inventories is in line with DHA’s business strategy to reduce direct leasing from the market and ongoing acquisition of investment properties.

4.4.56 Total expenses increased by $57.8 million mainly due to an increase in the maintenance cost of property inventories, an increase in depreciation and amortisation and finance cost, as a result of a larger investment properties portfolio.

4.4.57 The increase in total assets of $223.4 million is due mainly to:

• acquisitions of investment properties throughout the year; and
• changes to the terms of lease right-of-use assets for investment properties due to the economic environment and increased rental charges.

4.4.58 Total liabilities increased by $169.5 million, mainly due to an increase in loans with the Commonwealth. DHA has an unsecured borrowing facility with the Commonwealth, affording DHA the flexibility to borrow and repay loans within the maximum facility limit of $509.6 million.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.4.59 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• nature of DHA’s operations and business activities, which increases the level of management judgement to account for key financial statements balances including the valuation of investment properties and in accounting for lease contracts in accordance with the relevant accounting standards; and
• changes to the financial management information system undertaken during 2023–24.

Key areas of financial risk

4.4.60 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of DHA’s financial statements.

4.4.61 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.4.15.

Table 4.4.15: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and DHA’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.4.62 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits. Two minor findings were identified and one minor finding was resolved.

Conclusion

4.4.63 The ANAO issued an unmodified auditor’s report on DHA’s financial statements on 9 September 2024.

Department of Veterans’ Affairs

4.4.64 DVA is responsible for developing and implementing programs to assist the veteran and ex-service communities. This includes granting pensions, allowances and other benefits, and providing treatment under the Veterans’ Entitlements Act 1986; the administration of benefits and arrangements under the Military Rehabilitation and Compensation Act 2004; determining and managing claims relating to defence service under the Safety, Rehabilitation and Compensation (Defence-related Claims) Act 1988; administering the Defence Service Homes Act 1918, the War Graves Act 1980; and conducting commemorative programs to acknowledge the service and sacrifice of Australian servicemen and women.

Summary of financial performance

4.4.65 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by DVA (as outlined in Table 4.4.16 and Table 4.4.17) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.4.16: Key departmental financial statements items

Source: DVA’s audited financial statements for the year ended 30 June 2024.

4.4.66 The net cost of services was higher by $116.1 million mainly due to:

• a $71.8 million increase in employee benefits as a result of growth in staffing levels to support claims processing; and
• a $31.6 million increase in supplier expenses as a result of higher information and technology related and shared service expenses.

4.4.67 Revenue from government increased by $57.4 million mainly to fund DVA’s increased activity in relation to processing the backlog of veteran support claims.

4.4.68 Total assets decreased by $26.4 million as a result of the impact of planned depreciation and amortisation on DVA’s non-financial assets.

Table 4.4.17: Key administered financial statements items

Source: DVA’s audited financial statements for the year ended 30 June 2024.

4.4.69 The increase in total expenses of $18.2 billion was due to higher:

• Military Compensation Provisions of $16.1 billion as a result of the actuarial assessment of DVA’s future obligations (personal benefits and health care). The provision increased mainly due to the clearance of the initial claims backlog, economic factors such as inflation and wage rate and changes to key assumptions and the actuarial modelling to reflect the recent claim experience; and
• personal benefit and health care expenses of $2.1 billion due mainly to clearance of outstanding veteran support claims backlog and other economic factors detailed above.

4.4.70 The increase in total liabilities of $29.7 billion was mainly due to the actuarial assessment undertaken on the Military Compensation Provision (refer to paragraph 4.4.69).

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.4.71 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the complexities in assessing and managing personal benefit and health care claims for veterans. The legislation which establishes these payments is complex. There was a significant backlog of claims that DVA was required to process in the beginning of the financial year. Additionally, the recommendations made in the interim report of the Royal Commission into Defence and Veterans’ Suicide have resulted in changes to manage the backlog;
• the reliance on external information and shared service arrangements, including IT systems, for making decisions for personal benefits and health care payments; and
• the complexity of, and significance of the judgements required, to determine the valuation of key financial balances including the Military Compensation Provision. The calculation of these estimates relies on the extraction and generation of quality data from multiple systems and the use of actuarial assumptions relating to future events.

Key areas of financial risk

4.4.72 The ANAO completed appropriate audit procedures on all material items. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of DVA’s financial statements.

4.4.73 The ANAO focused audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.4.18, including those areas highlighted by the ANAO as KAM.

Table 4.4.18: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and DHA’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.4.74 Table 4.4.19 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.4.19: Status of audit findings

Note a: One minor audit finding identified during the 2023–24 interim audit relating to Bank reconciliations – identification of reconciling items was increased to a moderate audit finding during the 2023–24 final audit. Refer to paragraphs 4.4.76 to 4.4.77.

Source: ANAO 2023–24 audit results.

4.4.75 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that DVA’s 2023–24 financial statements were not materially misstated.

New moderate audit findings

Bank reconciliations – identification of reconciling items

4.4.76 During the 2023–24 interim audit, the ANAO raised a minor finding on bank reconciliations due to the process not being able to identify reconciling amounts on a timely basis. During the 2023–24 final audit, the weaknesses identified by the ANAO had not been rectified. The ANAO’s review of the 30 June 2024 bank reconciliation performed by DVA identified $714.5 million in unpresented payments and $586.7 million in un-receipted deposits. There were no breakdowns of the individual unpresented payments or deposits available to support the balances. The ANAO’s analysis of these reconciling amounts identified a $64.2 million adjustment required to the balance of cash and cash equivalents reported by DVA at 30 June 2024. This adjustment was due to a timing difference, which would have otherwise been identified by DVA if the weaknesses identified by the ANAO relating to bank reconciliations and reconciling items were addressed by DVA as recommended. As a result, the ANAO has increased this finding to a moderate finding.

4.4.77 The ANAO has recommended that DVA should perform a full analysis of all individual items making up the reconciling balances to correctly identify any actual unpresented payments or un-receipted deposits and that the remediated bank reconciliation process be implemented for 2024–25.

Monitoring of Privileged Activity – Process Direct

4.4.78 Users with administrative privileges, commonly referred to as privileged users, are able to make significant changes to IT systems’ configuration and operation, bypass critical security settings and access sensitive information. To reduce the risks associated with this access, the Information Security Manual requires that privileged user access be appropriately restricted and when provided, that the access is logged, regularly reviewed and monitored.

4.4.79 DVA was not able to demonstrate activities performed to monitor privileged user transactions or activities in the Process Direct claim processing IT system. DVA advised the ANAO that the entity relied on the activities undertaken Services Australia under the Shared Services Agreement which exists between the two entities. While Services Australia produces a report on user activity which covers all IT platforms (including Process Direct) and provides the report to DVA, Services Australia does not undertake any monitoring activities on DVA’s behalf.

4.4.80 The ANAO recommended that DVA implement a process to monitor the activities of privileged users in Process Direct.

Monitoring of Privileged Activity – ISH

4.4.81 Users with administrative privileges, commonly referred to as privileged users, are able to make significant changes to IT systems’ configuration and operation, bypass critical security settings and access sensitive information. To reduce the risks associated with this access, the Information Security Manual requires that privileged user access be appropriately restricted and when provided, that the access is logged, regularly reviewed and monitored.

4.4.82 DVA was not able to demonstrate activities performed to monitor privileged user transactions or activities in the ISH claim processing IT system. DVA advised the ANAO that the entity relied on the activities undertaken Services Australia under the Shared Services Agreement which exists between the two entities. Services Australia produces a user activity report that covers all IT platforms (including ISH) and provides the report to DVA but does not perform monitoring activities on DVA’s behalf.

4.4.83 The ANAO recommended that DVA implement a process to monitor the activities of privileged users in the ISH system.

Unresolved moderate audit findings

Security Governance – Monitoring Implementation of Controls

4.4.84 During the 2021–22 audit, the ANAO noted instances that indicated DVA’s information technology governance and monitoring processes were not fully effective to address identified business risks. The ANAO recommended an effective governance and assurance framework be developed over security governance to ensure controls were implemented and operating effectively.

4.4.85 During 2023–24, DVA advised the ANAO that it is planning to implement an assurance framework that addresses IT governance encompassing DVA’s own and outsourced arrangements. The assurance framework will set out the cadence of reporting on the effectiveness of IT controls to the DVA Security Committee. This assurance framework is expected to be finalised and presented to the DVA Security Committee for endorsement in early 2024–25.

4.4.86 During the 2023–24 audit, the ANAO also identified the following weaknesses in IT governance arrangements:

• DVA relies on Services Australia for managing the ISP, which is used for automatic User Access Provisioning at the network level, and automatically removing user access every 12 months. However, there is an existing finding in the Services Australia audit in relation to change management controls over ISP, which impact on the controls being relied upon by DVA for accurately provisioning and removing access to users, weakening its IT environment. The assurance framework that DVA is currently developing should include a regular assessment of the design, implementation and operating effectiveness of IT controls including those key controls relied on via Services Australia;
• changes made to IT control processes without evidence of the appropriate level of approval; and
• DVA last completed a password risk assessment in January 2020 to assess and accept the risk associated with the FMIS’s inability to implement the minimum password requirements set out in the Information Security Manual (ISM). Considering the time since the last review in January 2020, there is a risk that this risk assessment may no longer be appropriate due to changes in both DVA’s operating environment and the increased sophistication of external cyber threats.

Process Direct Security Risk Management

4.4.87 During the 2020–21 audit, the ANAO identified weaknesses relating to the management of security risks as part of an upgrade to Process Direct implemented in November 2020. The ANAO recommended that DVA address the self-identified security risks when implementing the system.

4.4.88 DVA affirmed that accreditation of Process Direct was finalised in August 2021 and all required security documentation developed. The ANAO’s inspection of the accreditation documents, including the Process Direct System Security Plan, identified that two of the three self-identified risks remained untreated. DVA acknowledged that the untreated risks were accepted when the interim approval to operate was issued.

4.4.89 During 2023–24, DVA has approved an updated Interim Authority to Operate for Process Direct which included a risk assessment and a targeted risk remediation plan. The risk assessment highlighted three unmitigated high risks relating to Process Direct. The ANAO noted that one of these risks was planned to be remediated, however, this remained underway at the conclusion of the final audit.

Conclusion

4.4.90 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements. DVA has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by DVA as part of the 2024–25 audit.

4.4.91 The ANAO issued an unmodified auditor’s report on the financial statements on 11 October 2024. Without modifying the audit opinion, an emphasis of matter has been included in the auditor’s report to draw users’ attention to the accounting policies disclosed in the financial statements that describe the inherent uncertainty associated with a number of the assumptions used in the calculation of the Military Compensation Scheme provisions and to the sensitivity of the valuation of the provision to changes in these assumptions. This is considered to be a key audit matter (refer to Table 4.4.18) due to the complexity and use of judgement associated with the unique compensation arrangements arising under legislation.

Comments on non-material entities

Army and Air Force Canteen Service

4.4.92 The Army and Air Force Canteen Service (AAFCANS) was established to provide goods, facilities and services to members of the Defence community. AAFCANS operates food services and facilities on 27 Army and Air Force bases and joint Australian Defence Force facilities throughout Australia.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.4.93 Table 4.4.20 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.4.20: Status of audit findings

Source: ANAO 2023–24 audit results.

4.4.94 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that AAFCANS’ 2023–24 financial statements were not materially misstated.

New moderate audit findings

Supplier rebates

4.4.95 AAFCANS receives rebates from suppliers based on the volume of purchases made over a specified period. The Australian Accounting Standards require supplier rebates to be recorded as an adjustment to the cost of goods sold.

4.4.96 During the 2023–24 audit, the ANAO identified AAFCANS had been recording supplier rebates as part of its revenue balance. This resulted in a material prior period error in the 2022–23 financial statements. In addition, AAFCANS has been recording its supplier rebates on a cash basis rather than recognising rebates when AAFCANS becomes entitled to the discount.

4.4.97 AAFCANS has corrected its accounting treatment in the 2023–24 financial statements and has disclosed the prior period error in its financial statements in accordance with the Australian Accounting Standards. AAFCANS has advised the ANAO that it will amend its accounting policy for supplier rebates to recognise on a full accruals basis as part of its 2024–25 financial statements process.

Fair value assessment of property, plant and equipment

4.4.98 AAFCANS records its property, plant and equipment using the fair value model in accordance with Australian Accounting Standards. The fair value model requires that property, plant and equipment is carried at fair value at reporting date less any subsequent accumulated depreciation and/or impairment losses and revaluations must occur with sufficient frequency to ensure the carrying amount of property, plant and equipment is not materially different to the fair value at each balance date. AAFCANS engages an expert to perform a valuation on a three to five year rotational basis. AAFCANS management performs its own internal assessment in years where a valuer is not engaged.

4.4.99 During 2023–24, the ANAO observed weaknesses in management’s fair value assessment, including no assessment of the appropriateness of the methodology applied, no assessment against available market data and current economic conditions or consideration of relevant indices, and limited analysis to support that assets were recorded at fair value.

4.4.100 Additionally, the ANAO identified AAFCANS had:

• incorrectly included computer software in the assessment. Under the Australian Accounting Standards, these assets cannot be recorded at fair value; and
• applied a depreciated cost model rather than a current replacement cost approach. Depreciated cost is cost price less depreciation (and is classified as a cost model and not fair value under the accounting standards). The current replacement cost approach assesses the amount that would be required at reporting date to replace the service capacity of an asset.

These weaknesses in management’s assessment increase the risk of a material misstatement in the financial statements.

4.4.101 The ANAO recommends AAFCANS ensure it has processes to identify the requirements of the financial reporting framework, apply an appropriate methodology, and identify and support the reasonableness of key assumptions used in its calculation of fair value of its assets at the reporting date.

Australian Strategic Policy Institute Ltd

4.4.102 The Australian Strategic Policy Institute Ltd (ASPI) is an independent, non-partisan strategic policy research centre established by the Australian Government in 2001. ASPI strives to provide insightful and timely research and analysis to inform government decisions and enhance public understanding of critical strategic and defence issues.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.4.103 Table 4.4.21 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.4.21: Status of audit findings

Source: ANAO 2023–24 audit results.

4.4.104 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that ASPI’s 2023–24 financial statements were not materially misstated.

New moderate audit finding

Governance risk – establishment of the US subsidiary

4.4.105 ASPI received funding from the Department of Defence to establish a branch office in Washington, D.C., United States of America (US). The branch office commenced operations in 2021. Upon establishment, ASPI identified that it was unable to generate other sources of income as the branch office did not have tax deductibility status under US law, impacting its future viability. ASPI obtained legal advice which recommended the branch office become a US incorporated subsidiary. The Board authorised the US subsidiary’s creation in early 2023.

4.4.106 As part of the 2022–23 audit, on 4 September 2023 ASPI provided the ANAO with a written declaration that the US subsidiary had not been established. Subsequently, in January 2024, ASPI informed the ANAO that the US subsidiary had been incorporated on 3 April 2023, and two ASPI officers had been appointed as directors of the subsidiary. The failure to disclose the creation of the US subsidiary and the appointment of ASPI officers as key management personnel of the new entity resulted in a material prior period error in ASPI’s 2022–23 financial statements.

4.4.107 The ANAO reviewed the processes around the establishment of the US subsidiary and identified a number of governance risks which were not addressed. ASPI did not undertake a fulsome risk assessment process and did not properly assess the legal and regulatory risks in both the US and Australia before the Board approved the subsidiary’s creation. Significant legal compliance risks raised in advice prepared by two separate legal firms for ASPI were not addressed until the ANAO inquired as to the status of these matters.

4.4.108 The ANAO recommended ASPI obtain legal advice to determine whether the legal compliance risks would result in a breach of Australian law. The ANAO also recommended ASPI strengthen its governance processes for significant business decisions. This would include assessing the strategic, financial and operational risks, as well as the legal implications to ensure due diligence is undertaken before committing to an operational change.

4.4.109 ASPI has advised the ANAO that significant progress has been made during 2023–24 to enhance governance, increasing transparency and ensuring consistency with both Australian and US laws. ASPI obtained legal advice to address the legal compliance risks which has confirmed the subsidiary’s establishment is consistent with the company constitution and the Constitution of Australia. The subsidiary is expected to commence operations during 2024–25. ASPI has included disclosure of the prior period error affecting the related parties note disclosure in its 2023–24 financial statements.

Royal Australian Air Force Veterans’ Residences Trust

4.4.110 The Royal Australian Air Force Veterans’ Residences Trust (the Trust) was established to provide residences to former members of the Air Force and their families who are in need. The Trust has acquired 75 residences throughout Australia and is self-funded.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.4.111 Table 4.4.22 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.4.22: Status of audit findings

Source: ANAO 2023–24 audit results.

4.4.112 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that the Trust’s 2023–24 financial statements were not materially misstated.

Resolved moderate audit finding

Governance risk

4.4.113 During the 2021–22 audit, the ANAO identified that the Trust had one Audit Committee member who was a Trustee. Under law, Trustees are responsible for managing the affairs of a Trust. In addition, the Trust does not have employees who are undertaking managerial functions. Instead, the Trust employs staff who perform duties that would be described as clerical or administrative in nature. The Public Governance, Performance and Accountability Rule 2014 requires that members of the Audit Committee are independent of management. In addition, the Trust did not have any independent oversight as it had not established an internal audit function.

4.4.114 The Trust has appointed two independent audit committee members effective from 1 July 2024. The former Trustee who was the Chair of the Audit Committee resigned from her position on 20 September 2024. The Audit Committee now has three independent members. In addition, the Trust has also strengthened its internal oversight and monitoring processes in the absence of an internal audit function.

4.5 Education portfolio

Portfolio overview

4.5.1 The Education portfolio’s purpose is to contribute to Australia’s economic prosperity and social wellbeing by creating opportunities and driving better outcomes through access to quality education. The portfolio is comprised of six entities, including the Department of Education. The entities within the portfolio are responsible for policy, program and regulation responsibilities and delivering better outcomes for students, educators and teachers in early learning and care centres, schools and higher education providers. Table 4.5.1 identifies material and other entities specifically mentioned in this chapter.

Table 4.5.1: Education portfolio material and other entities discussed in this chapter

✔: auditor's report not modified

E: auditor’s report contains an emphasis of matter

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

☞: financial year end date other than 30 June 2024

4.5.2 Figure 4.5.1 shows the Education portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.5.1: Education portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.5.3 Table 4.5.2 presents a summary of the total number of unresolved findings by entities in the Education portfolio at the conclusion of the 2023–24 final audits.

Table 4.5.2: Unresolved audit findings by entity in the Education portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.5.4 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.5.3 provides a summary of those audit differences that relate to entities within the Education portfolio.

Table 4.5.3: The number of audit differences for entities in the Education portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.
The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Education portfolio.

4.5.5 The following section provides a summary of the 2023–24 financial statements audit results for the Department of Education and findings for other material entities in the portfolio.

Department of Education

4.5.6 Education is responsible for contributing to Australia’s economic prosperity and social wellbeing by creating opportunities and driving better outcomes through access to quality education.

Summary of financial performance

4.5.7 The following section provides a comparison of the 2023–24 and 2022–23 key departmental and administered financial statements items reported by Education (as outlined in Table 4.5.4 and Table 4.5.5) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.5.4: Key departmental financial statements items

Source: Education’s audited financial statements for the year ended 30 June 2024.

4.5.8 The increase in the net cost of services and revenue from government was as a result of increased funding provided to Education for new policy proposals. As a result, Education engaged additional staff, which contributed increased employee expenditure of $47.5 million during 2023–24.

4.5.9 The increase in total assets of $56.1 million is primarily due to:

• an increase in the value of computer software of $34.9 million. This increase reflects expenditure on IT and software projects during 2023–24. This increase was partially offset by depreciation, write down and disposals of assets of $12.2 million; and
• an increase in trade and other receivables of $32.0 million, mainly due to increases in undrawn appropriations.

4.5.10 The increase in total liabilities of $30.2 million is primarily due to:

• higher supplier payables, which increased by $21.0 million. This was mainly due to timing of invoices for services provided by the Department of; and
• higher employee leave provisions, which increased by $6.5 million, reflecting additional staff engaged, as identified in paragraph 4.5.8.

Table 4.5.5: Key administered financial statements items

Source: Education’s audited financial statements for the year ended 30 June 2024.

4.5.11 The increase in administered expenses of $4.3 billion is primarily due to:

• increase in funding to non-government schools ($1.3 billion) and government schools ($809.9 million); and
• a greater engagement by younger age groups supported by multiple Child Subsidy and additional subsidies provided in Child Care Subsidy (CCS) program resulted in an increase in government’s expenditure by $2.6 billion in CCS program.

4.5.12 The increase in total income of $1.9 billion is primarily due to fair value gains of $1.5 billion on Higher Education Loan Program (HELP)⁹⁶ loans due to movements in the discount rate yield curve applied in the actuarial valuation of outstanding loans, movements in repayments, new loans made and the unwinding of concessional loan discounts.

4.5.13 The increase in total assets of $2.9 billion is primarily due to the increase in value of HELP Loans. HELP loans increased by $2.6 billion due mainly to increases in the total value of loans advanced to students and fair value gains on the actuarial valuation of outstanding loans discussed at paragraph 4.5.12.

4.5.14 The decrease in total liabilities of $320.7 million is primarily due to the valuation of the Higher Education Superannuation Program (HESP) provision. The HESP provision reduced by $321.7 million due to fair value adjustments (mainly an increase in the discount rate applied in the valuation of the provision).

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.5.15 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• administering a range of complex legislation and programs, including significant payments to schools, universities and other education providers. In order to make these payments there is reliance by Education on a complex IT environment;
• a significant audit finding first reported in the 2022–23 audit relating to weaknesses in Education’s financial statements preparation processes with respect to consideration of legal matters; and
• material balances reliant upon estimates reported in the financial statements, with significant judgement involved in the selection of appropriate inputs and assumptions. This includes reliance on third parties to process and provide accurate and complete information these balances.

Key areas of financial risk

4.5.16 The ANAO completed appropriate audit procedures on all material items. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Education’s financial statements.

4.5.17 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.5.6 including areas which were considered KAM by the ANAO.

Table 4.5.6: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Education’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.5.18 Table 4.5.7 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.5.7: Status of audit findings

Note a: The significant audit finding relating to Governance – Legal and other matters was identified during the 2022–23 audit. This audit finding was reduced to a moderate audit finding during the 2023–24 interim audit as reported in Auditor-General Report No. 42 of 2023–24 Interim Report on Key Financial Controls of Major Entities and has been reduced to a minor audit finding at the completion of 2023–24 audit. Refer to paragraphs 4.5.20 to 4.5.24.

Note b: The moderate audit finding relating to Management of intangible asset has been reduced to a minor audit finding at the conclusion of the 2023–24 final audit. Refer to paragraphs 4.5.25 to 4.5.27.

Source: ANAO 2023–24 audit results.

4.5.19 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that Education’s 2023–24 financial statements were not materially misstated.

Reduced moderate audit findings

Governance – legal and other matters

4.5.20 As part of the financial statements audit process, the ANAO requests that Education provide access to all information, such as records and documentation and other matters, of which Education is aware of and that is relevant to the financial statements preparation process.

4.5.21 During the 2022–23 audit, the ANAO became aware of legal matters from a source other than Education that had not been considered in the preparation of the financial statements, nor advised to the ANAO by Education. One of these matters resulted in a late adjustment to the financial statements.

4.5.22 During 2023–24, Education has implemented a new process of the identification and timely communication of significant legal non-compliance. This report is provided on a quarterly basis to senior executives, the Audit Committee and Risk, Security and Governance Committee. Underpinning the significant legal non-compliance reporting is the significant legal non-compliance protocol which establishes clear process and accountabilities for the determination, monitoring and reporting significant legal non-compliance by Education.

4.5.23 Education has also developed and implemented a ‘Statement of Intent’ with Services Australia, which involves the Chief Financial Officers of both agencies providing quarterly advice on legal and other matters which may have impacts on Education’s operations and financial statements.

4.5.24 As a result of the action taken by Education during 2023–24, the ANAO has reduced the finding from moderate to minor. The ANAO will review further action taken by Education in response to this finding as part of the 2024–25 financial statements audit.

Management of Intangible Assets

4.5.25 Education has implemented a number of intangible assets that support its administered programs, with these systems undergoing continuous enhancements and upgrades to support changes in programs.

4.5.26 As part of the 2022–23 audit, the ANAO noted a number of assets under construction which had not been appropriately assessed for impairment or recognising the assets in use as at 30 June 2023 in accordance with Australian Accounting Standards. As a result, Education subsequently reviewed these assets and made material adjustments to the financial statements.

4.5.27 During 2023–24, Education updated its processes and policies to support enhanced management of intangible assets and projects. This has resulted in a more accurate reporting of the balances at the reporting date. However, areas have been identified by the ANAO for which processes adopted could be further strengthened, including formalising the review of assets under construction by the Project Investment Committee to assess their status for financial reporting on an ongoing basis. As a result of the action taken by Education during 2023–24 the ANAO has reduced the finding from moderate to minor.

Resolved moderate audit finding

Timely removal of user access on termination

4.5.28 The Protective Security Policy Framework (PSPF) requires non-corporate Commonwealth entities to control access to systems, networks, and applications. The requirement includes removing system access from employees and contractors without an operational need for access to IT resources.

4.5.29 During the 2021–22 audit, the ANAO identified instances where users had accessed the former Department of Education, Skills and Employment’s systems after completion of their employment or contract. The ANAO noted that there were delays in completion of Exit Advice Notification which triggers a number of actions across Education, including the termination access to ICT networks and systems.

4.5.30 During the 2023–24 audit, Education had implemented additional controls which included (but not limited to) security incident monitoring, exception handling and regular reviews of terminated staff which included contractors. The ANAO reviewed the effectiveness of these controls and based on the audit work undertaken, considers that this finding has been resolved.

Conclusion

4.5.31 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements by undertaking additional audit procedures. Education has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by the Education as part of the 2024–25 audit.

4.5.32 The ANAO issued an unmodified auditor’s report on the financial statements on 6 September 2024.

Australian Research Council

4.5.33 The ARC is responsible for administering the National Competitive Grants Program, assessing the quality, engagement and impact of research, and providing advice and support on research matters.

Summary of financial performance

4.5.34 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by the ARC (as outlined in Table 4.5.8 and Table 4.5.9) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.5.8: Key departmental financial statements items

Source: ARC’s audited financial statements for the year ended 30 June 2024.

4.5.35 The decrease of $5.3 million in total assets is mainly due to lower:

• appropriation receivable of $4.0 million; and
• non-financial assets of $1.1 million due to planned depreciation and amortisation, partially offset by new asset acquisitions.

Table 4.5.9: Key administered financial statements items

Source: ARC’s audited financial statements for the year ended 30 June 2024.

4.5.36 The decrease in the deficit of $7.5 million was largely due to the $4.6 million increase in recovery of prior year unspent grant expenses and $3.8 million reduction in grants expenses.

4.5.37 The decrease in total liabilities of $8.5 million was due to a reduction in grants payable in line with the decrease in grant expenses.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

4.5.38 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as low.

Key areas of financial risk

4.5.39 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of ARC’s financial statements.

4.5.40 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.5.10.

Table 4.5.10: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and ARC’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.5.41 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.5.42 The ANAO issued an unmodified auditor’s report on the ARC’s financial statements on 12 September 2024.

Comments on non-material entities

Australian Scientific Instruments Pty Limited

4.5.43 Australian Scientific Instruments Pty Limited (ASI) was established for the development, manufacture and sale of scientific instruments. ASI is a subsidiary of the Australian National University.

Conclusion

4.5.44 The ANAO issued an unmodified auditor’s report on ASI’s 31 December 2023 financial statements on 19 June 2024.

4.5.45 Without modifying the audit opinion, the auditor’s report included an emphasis of matter paragraph to draw the attention of users to the notes of the financial statements which indicated that the financial statements were prepared on a non-going concern basis. The non-going concern basis of preparation is due to the decision of the directors to cease the operations of ASI on 31 December 2023. As a result, the company is dormant from 1 January 2024.

4.6 Employment and Workplace Relations portfolio

Portfolio overview

4.6.1 The Employment and Workplace Relations portfolio is responsible for: skills, vocational and employment pathways; workplace relations; work health and safety; and rehabilitation and compensation.

4.6.2 Table 4.6.1 identifies material and other entities specifically mentioned in this section.

Table 4.6.1: Employment and Workplace Relations portfolio material and other entities discussed in this section

✔: auditor's report not modified

E: auditor’s report contains an emphasis of matter

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.6.3 Figure 4.6.1 shows the Employment and Workplace Relations portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.6.1: Employment and Workplace Relations portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.6.4 Table 4.6.2 presents a summary of the total number of unresolved findings by entities within the Employment and Workplace Relations portfolio at the conclusion of the 2023–24 final audits.

Table 4.6.2: Unresolved audit findings in the Employment and Workplace Relations portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.6.5 As previously outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2022–23 financial statements audits. Table 4.6.3 provides a summary of those audit differences that relate to entities within the Employment and Workplace Relations portfolio.

Table 4.6.3: The number of audit differences for entities in the Employment and Workplace Relations portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.

The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Employment and Workplace Relations portfolio.

4.6.6 The following section provides a summary of the 2023–24 financial statements audit results for the Department of Employment and Workplace Relations, and findings for other material entities and non-material entities in the portfolio.

Department of Employment and Workplace Relations

4.6.7 DEWR is responsible for ensuring Australians can experience the social wellbeing and economic benefits that training, and employment provide. DEWR is also responsible for workplace relations and work health and safety, rehabilitation and compensation.

Summary of financial performance

4.6.8 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by DEWR (as outlined in Table 4.6.4 and Table 4.6.5) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.6.4: Key departmental financial statements items

Source: DEWR’s audited financial statements for the year ended 30 June 2024.

4.6.9 The increase in the net cost of services of $165.3 million was due to:

• an additional $117.1 million of employee costs as a result of growth in the number of staff and pay increases for staff as a result of the new enterprise agreement;
• higher depreciation and amortisation of $56.6 million, in particular for computer software completed in 2022–23 and depreciated for the first time in 2023–24; and
• higher impairment and write down of non-financial assets of $25.9 million attributed to computer software and infrastructure, plant and equipment identified as no longer used by DEWR due to changes in business requirements.

4.6.10 The increase in revenue from government of $64.9 million mainly reflects the impact of additional funding provided by the Australian Government for new programs, including new voluntary pre-employment services for parents and supporting eligible employer and worker representative organisations to engage with workplace reforms.

4.6.11 The decrease in total assets of $83.7 million is primarily due to lower:

• non–financial assets of $73.6 million, reflecting planned depreciation and amortisation across buildings, leasehold improvements and infrastructure, plant and equipment asset classes; and
• trade and other receivables of $15.6 million, primarily due to a decrease in appropriation receivables for amounts which have been administratively quarantined by the Department of Finance.

Table 4.6.5: Key administered financial statements items

Source: DEWR’s audited financial statements for the year ended 30 June 2024.

4.6.12 The decrease in total expenses of $1.1 billion is primarily due to:

• lower subsidies of $1.8 billion due to the reduction in COVID-19 incentives payments provided through the Australian Government Apprenticeship Program; and
• offset by: higher supplier costs of $112.2 million due to demand for vocational and industry training; and fair value losses that were $389.0 million higher, reflecting the actuarial valuation of outstanding VSL and AASL loans.

4.6.13 The decrease in total income of $287.0 million is mainly due to the results of the valuation of VSL and AASL loans. Key changes in assumptions for 2023–24 compared to 2022–23 included lower indexation rates, reflecting lower inflation; a higher discount rate, which reduces the calculation of fair value; offset by a favourable assessment of lower rates of debts not expected to be repaid (refer to paragraph 4.6.12).

4.6.14 The increase in total assets of $99.4 million is mainly due to higher trade and other receivables balance for VET and AASL loans, with the impact of new loans issued being offset by valuation adjustments (refer to paragraph 4.6.12).

4.6.15 The increase in total liabilities of $102.3 million is due mainly to a higher payable balance related to Comcare for the administration of Commonwealth workers compensation and other claim liabilities. DEWR recognises an expense and payable for funds to settle Comcare’s estimated workers’ and asbestos compensation payments.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.6.16 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing this rating are: administering and regulating a complex legislative framework that underpins various significant payments; and material balances reliant upon estimates reported in the financial statements, with significant judgement involved in the selection of appropriate inputs and assumptions.

Key areas of financial risk

4.6.17 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of DEWR’s financial statements.

4.6.18 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.6.6, including areas which were considered KAM by the ANAO.

Table 4.6.6: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and DEWR’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.6.19 Table 4.3.11 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.6.7: Status of audit findings

Source: ANAO 2023–24 audit results.

Resolved moderate audit finding

Removal of user access

4.6.20 The Protective Security Policy Framework (PSPF) requires non-corporate Commonwealth entities to control access to systems, networks, and applications. The requirement includes removing system access from employees and contractors without an operational need for access to IT resources.

4.6.21 During the 2021–22 audit of the former Department of Education, Skills and Employment the ANAO identified instances where users had accessed the former systems after completion of their employment or contract. The ANAO noted that there were delays in completion of Exit Advice Notification which triggers a number of actions, including the termination of access to ICT networks and systems.

4.6.22 During 2023–24, DEWR implemented additional controls which included (but not limited to) security incident monitoring, exception handling and regular reviews of terminated staff which included contractors. The ANAO reviewed the effectiveness of these controls and based on the audit work undertaken, considers that this finding has been resolved.

Conclusion

4.6.23 The ANAO issued an unmodified auditor’s report on DEWR’s financial statements on 30 September 2024.

Coal Mining Industry (Long Service Leave Funding) Corporation

4.6.24 Coal LSL collects levies from employers to fund long service leave payments made to employees in the Australian black coal mining industry. The levies collected are invested until the employee takes long service leave, at which point the employer makes a payment to the employee and seeks reimbursement from Coal LSL in accordance with legislative arrangements.

Summary of financial performance

4.6.25 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by Coal LSL (as outlined in Table 4.6.8) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.6.8: Key financial statements items

Source: Coal LSL’s audited financial statements for the year ended 30 June 2024.

4.6.26 The net cost of services increased by $111.1 million primarily due to the following:

• an increase in the provision for reimbursements of $126.7 million due to a change in the underlying assumptions in the provision valuation model (refer to paragraph 4.6.28); and
• offset by an increase in revenue from investments, due to investment performance, of $22.1 million.

4.6.27 The increase in total assets of $259.3 million primarily related to:

• higher cash and cash equivalents by $97.8 million as a resulting of additional investments in term deposits; and
• performance of investments during the period, which increased by $156.4 million represented by favourable realised and unrealised gains.

4.6.28 The increase in total liabilities of $242.3 million was due mainly to the higher balance of the provision for reimbursements. This was largely attributable to additional provisions recognised during the period offset by changes in the discount rate, the salary growth rate and an update in the model to a demographic based usage rate which are all used in the estimation process.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.6.29 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors to this rating are:

• level of management judgement and estimation required in the valuation of unlisted investments and the provision for reimbursements, given the volatility and uncertainty in equity markets; and
• organisation and digital transformation strategy being delivered within Coal LSL, including changes to key systems supporting the preparation of the financial statements.

Key areas of financial risk

4.6.30 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Coal LSL’s financial statements.

4.6.31 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.6.9.

Table 4.6.9: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Coal LSL’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.6.32 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.6.33 The ANAO issued an unmodified auditor’s report on Coal LSL’s financial statements on 11 September 2024.

Comcare

4.6.34 Comcare is the Commonwealth work health and safety regulator, a workers’ compensation scheme administrator and an insurer and claims manager. Comcare’s purpose is ’to promote and enable safe and healthy work’.

Summary of financial performance

4.6.35 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by Comcare (as outlined in Table 4.6.10) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.6.10: Key financial statements items

Source: Comcare’s audited financial statements for the year ended 30 June 2024.

4.6.36 The increase in the net cost of services of $66.8 million was mainly due to changes in actuarial and economic assumptions impacting the valuation of workers’ compensation claims provision and common law asbestos-related disease claims provision (refer to paragraph 4.6.39). There was a loss resulting from the movement in workers’ compensation claims provision of $92.3 million in 2023–24 compared to a loss of $31.0 million in 2022–23. There was a lower gain from the movement in common law asbestos-related disease claims provision of $28.3 million in 2023–24 compared to a gain of $52.0 million in 2022–23.

4.6.37 Comcare has arrangements for special appropriations funding for claims to be returned to the Commonwealth when it is surplus to Comcare’s requirements, after third-party recoveries. This is reflected in the movement in the available funding from movement in claims provision.

4.6.38 Total assets increased by $54.2 million primarily due to:

• higher trade and other receivables of $78.1 million, reflecting appropriation receivables that include pre-premium special appropriation, asbestos-related disease special appropriation and part of the net premiums held in the Australian Government Consolidated Revenue Fund; and
• partially offset by lower cash and cash equivalents of $30.4 million.

4.6.39 Total liabilities increased by $59.7 million primarily due to:

• an increase in the workers’ compensation claims provision of $92.2 million due to increased claims administration expenses, higher average claim size, claim frequency and higher inflation expectations; and
• partially offset by a decrease in common law asbestos-related disease claims provision of $33.5 million due to a reduction in expected future claims, driven by updated actuarial assumptions on future claims development.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.6.40 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. The key factor contributing to this rating is the inherent complexity and subjectivity associated with calculating outstanding claims provisions for workers’ compensation and asbestos related disease claims.

Key areas of financial risk

4.6.41 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Comcare’s financial statements.

4.6.42 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.6.11.

Table 4.6.11: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Comcare’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.6.43 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.6.44 The ANAO issued an unmodified auditor’s report on Comcare’s financial statements on 17 September 2024.

Comments on non-material entities

Seafarers Safety, Rehabilitation and Compensation Authority

4.6.45 Seafarers Safety, Rehabilitation and Compensation Authority (Seacare Authority) oversees a national scheme of occupational health and safety and workers’ compensation arrangements for defined seafarers. Seacare Authority administers the Seafarers Safety Net Fund that acts in the place of an employer if a default event occurs, enabling employees to lodge a claim event when there is no employer to lodge against.

Conclusion

4.6.46 The ANAO issued an unmodified auditor’s report on the financial statements on 18 September 2024. Without modifying the audit opinion, the auditor’s report included an emphasis of matter paragraph to draw the attention of users to the notes to the financial statements. The Overview – Insurance coverage and review of the Seacare Scheme note states that Seacare Authority has not been able to negotiate insurance for the Seafarers Safety Net Fund (the Fund) from an authorised insurer beyond 31 March 2022 in accordance with the requirements of section 102(1) of the Seafarers Act 1992 (Seafarers Act).

4.6.47 As stated in the Overview note, along with other matters set forth in the note, if Seacare Authority does not hold insurance for the Fund but the Fund becomes liable to pay compensation under the Seafarers Act, of any quantum:

• Seacare Authority will be required to pay the compensation from the available assets of the Fund; and
• any liability that cannot be met from the available assets of the Fund, Seacare Authority will be responsible for coordinating the settlement of the remaining liability.

4.6.48 The note also states that because Seacare Authority does not have a legal personality separate to the Commonwealth, any liability to pay compensation will ultimately be the Commonwealth’s liability.

4.7 Finance portfolio

Portfolio overview

4.7.1 The Finance portfolio is responsible for a range of finance-related functions, including providing the Australian Government with budget policy advice, superannuation arrangements for government employees, deregulation policy, data and digital policy and services, insurance and risk management services, ministerial and parliamentary services and Australian Government asset management services.

4.7.2 Table 4.7.1 identifies material and other entities specifically mentioned in this section.

Table 4.7.1: Finance portfolio material and other entities discussed in this chapter

✔: auditor's report not modified

◆: new significant or moderate findings and/or significant legislative matters noted

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.7.3 Figure 4.7.1 shows the Finance portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.7.1: Finance portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.7.4 Table 4.7.2 presents a summary of the total number of unresolved findings by entities in the Finance portfolio at the conclusion of the 2023–24 final audits.

Table 4.7.2: Unresolved audit findings by entity in the Finance Portfolio

Source: ANAO 2023–24 audit results.

4.7.5 Table 4.7.3 presents a summary of the total number of legislative breaches by entities in the Finance portfolio at the conclusion of 2023–24 final audits.

Table 4.7.3: Legislative breaches identified by entity in the Finance portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.7.6 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.7.4 provides a summary of those audit differences that relate to entities within the Finance portfolio.

Table 4.7.4: The number of audit differences for entities in the Finance portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.

The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Finance portfolio.

4.7.7 The following section provides a summary of the 2023–24 financial statements audit results for the Department of Finance and material entities within the portfolio, and findings for other non-material entities in the portfolio.

Department of Finance

4.7.8 Finance is responsible for supporting the government’s budget process and oversight of public sector resource management, and for governance and accountability frameworks. In addition, Finance is responsible for the production of the Australian Government’s consolidated financial statements. Finance also provides shared services through the Service Delivery Office.

Summary of financial performance

4.7.9 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by Finance (as outlined in Table 4.7.5 and Table 4.7.6) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.7.5: Key departmental financial statements items

Source: Finance’s audited financial statements for the year ended 30 June 2024.

4.7.10 The increase in the net cost of services of $285.2 million is primarily due to:

• the write-down of non-financial assets of $256.6 million as a result of a downward revaluation during 2023–24, compared to a write-down of $106.1 million in 2022–23. Part of the downward revaluation is reflected in net cost of services and part is reflected in other comprehensive income, due to factors described in paragraph 4.7.18;
• an increase in Comcover insurance claims expenses of $133.1 million. Comcover is the Australian Government’s self-managed general insurance fund and is reported by Finance. The increase is attributable to new large claims, increases in key economic assumptions such as higher inflation forecasts and delays in the settlement of some claims. The increase in claims expenses was partially offset by an increase of $26.8 million in Comcover premium revenues; and
• employee benefits expenses increased by $31.7 million, primarily due to a larger staffing profile following the machinery of government transfer of the digital identity function from the Digital Transformation Agency (DTA) to Finance.

4.7.11 The increase in revenue from government of $43.3 million is primarily due to additional funding related to the transfer of functions from the DTA to Finance.

4.7.12 Total other comprehensive income primarily relates to changes in asset revaluation reserves of land and buildings of $89.2 million as a result of the following factors:

• a decrease of $140.3 million in the valuation of specialised assets such as the Centres of National Resilience and the Post-Entry Quarantine Facility, reflecting a change in valuation technique and shorter useful lives used across components, attributable to better available information and asset management plans; and
• offset by fair value gain for land assets of $51.1 million due to revised market information.

4.7.13 The increase in total assets of $114.3 million reflects the impact of the following significant movements:

• increase of $452.8 million relating to special account cash held within the official public account (OPA), including funding credited to the Coordinated Procurement Contracting Special Account for more efficient and effective vehicle leasing and fleet management arrangements; and
• offset by decreases in the buildings asset class of $271.3 million, reflecting the factors described in paragraph 4.7.18 and a decrease of $137.1 million in right-of-use assets mainly due to a lease modification.

4.7.14 Total liabilities increased by $188.3 million mainly due to:

• higher Comcover insurance claims provision of $274.4 million, reflecting the factors described in paragraph 4.7.10; and
• offset by lower lease liabilities of $127.3 million, reflecting the factors described in paragraph 4.7.13.

Table 4.7.6: Key administered financial statements items

Source: Finance’s audited financial statements for the year ended 30 June 2024.

4.7.15 Total expenses were $524.3 million higher primarily attributable to:

• an increase in the superannuation expense of $314.7 million due to higher interest expenses; and
• higher investment funds distributions incurred by Finance of $89.9 million reflecting market returns on funds invested.

4.7.16 Total income increased by $2.2 billion mainly due to realised and unrealised gains on investment funds, reflecting strong market returns and returns on additional capital invested in the Housing Australia Future Fund, which was established on 1 November 2023.

4.7.17 The increase in total assets of $15.4 billion largely due to:

• an increase of $14.9 billion in investment fund balances, largely as a result of additional investments made by the Australian Government of $12.3 billion (including $10.0 billion upon establishment of the Housing Australia Future Fund) and realised and unrealised fair value gains on these investments as described in paragraph 4.7.16; and
• an increase in investments in entities and companies of $520.7 million, mainly due to increases in the fair valuation of Commonwealth entities and companies and the purchase of a non-controlling interest in a private company, CEA Technologies.

4.7.18 Total liabilities decreased by $4.1 billion primarily due to:

• a reduction in the superannuation provision of $4.9 billion driven by higher discount rates applied to the valuation of the provision; and
• an offsetting increase of $444.9 million in unsettled investment purchases as at 30 June 2024 and $315.4 million Official Public Account overnight cash payable, reflecting an overnight sweep of cash from Commonwealth entity bank accounts.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.7.19 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the complexity of key accounting balances, estimates and judgements that impact the financial statements; and
• the significance of the administered schedule of financial position to the Australian Government financial statements.

Key areas of financial risk

4.7.20 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Finance’s financial statements.

4.7.21 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.7.7, including areas which were considered KAM by the ANAO.

Table 4.7.7: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Finance’s audited financial statements for the year ended 30 June 2024.

Risks and findings identified in ANAO performance audits

4.7.22 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. Auditor-General Report No. 12 of 2023–24 Administration of the Parliamentary Expenses Management System was tabled in January 2024 and is relevant to the financial management or administration of Finance.

4.7.23 This audit found that Finance was partly effective in implementing the Parliamentary Expenses Management System (PEMS), the IT system for parliamentarians, their staff and administering agencies to claim and process office, travel expenses and administer payroll services. As explained in Table 4.7.7, the ANAO identifies the accuracy of employee expenses and valuation of provisions for members of Parliament and their staff as a key area of risk.

What are the results of the ANAO’s audit coverage in 2023–24?

4.7.24 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits. One minor audit finding was identified and one minor audit finding was resolved.

Conclusion

4.7.25 The ANAO issued an unmodified auditor’s report on the entity’s financial statements on 11 September 2024.

ASC Pty Ltd

4.7.26 ASC Pty Ltd (ASC) and its subsidiaries, including ASC AWD Shipbuilder Pty Ltd and ASC OPV Shipbuilder Pty Ltd, support Australia’s naval capabilities. ASC was the builder of Australia’s fleet of Collins class submarines for the Royal Australian Navy and is responsible for the ongoing design enhancements, maintenance and support of the submarines through the In Service Support Contract (ISSC).

4.7.27 ASC is part of the Alliance Based Target Incentive Agreement (ABTIA) that delivered three Air Warfare Destroyers (AWD) for the Royal Australian Navy. The other members of ABTIA include the Commonwealth of Australia represented by the Department of Defence and Raytheon Australia as the mission systems integrator.

4.7.28 ASC OPV Shipbuilder Pty Ltd is contracted to provide resources and support to the Offshore Patrol Vessel (OPV) program prime contractor, Luerssen Australia Pty Ltd, to construct the first two ships in Australia’s new fleet of modern OPVs.

4.7.29 ASC is contracted to the Australian Government to deliver the Sovereign Shipbuilding Talent Pool to retain, grow and develop the shipbuilding workforce impacted by the Attack Class submarine decision⁹⁷.

4.7.30 On 22 March 2024, the government announced ASC Pty Ltd for sustainment of nuclear-powered submarines as well as ASC Pty Ltd and BAE Systems to build Australia’s SSN-AUKUS submarines through incorporated joint venture agreement within Australia.

4.7.31 As part of incorporated joint venture, ASC Pty Ltd and BAE Systems will be accountable and responsible for the delivery of SSN-AUKUS submarines, as well as ensuring safety, security and regulatory compliance throughout the build program.

Summary of financial performance

4.7.32 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by ASC (as outlined in Table 4.7.8) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.7.8: Key financial statements items

Source: ASC’s audited financial statements for the year ended 30 June 2024.

4.7.33 The $66.1 million increase in revenue and other income is primarily due to changes in the scope of some of ASC’s contracts in relation to the Collins Class submarine and related activities.

4.7.34 The $70.1 million increase in expenses and other income relates to a combination of increase in employee, material and sub-contractor expenses due to the changes in scope of contracted work delivered by ASC (refer to paragraph 4.7.33).

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

4.7.35 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are the significant estimation and judgements involved in the revenue recognition of Collins Class submarine projects and OPV projects.

Key areas of financial risk

4.7.36 The ANAO completed appropriate audit procedures on all material items. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of ASC’s financial statements.

4.7.37 The ANAO focused audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.7.9.

Table 4.7.9: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and ASC’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.7.38 Table 4.7.10 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.7.10: Status of audit findings

Source: ANAO 2023–24 audit results.

4.7.39 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that ASC’s 2023–24 financial statements were not materially misstated.

New moderate audit finding

Management, and controls over, IT equipment

4.7.40 ASC recognises its IT assets in an inventory management system which is reconciled to the Financial Management Information System (FMIS) on a regular basis. During the 2023–24 audit, the ANAO identified a number of discrepancies where IT assets were not recorded in the inventory management system, however were recorded in the fixed asset register in ASC’s FMIS (and vice versa). Additionally, the ANAO identified there were a number of fully depreciated assets identified which had reached the end of their planned useful lives, however were recorded in ASC’s fixed asset register. These weaknesses indicate an increased risk that assets could be subject to misappropriation.

4.7.41 The ANAO recommended that ASC implement a process to reconcile or facilitate matching of IT assets between the fixed asset register and inventory management system, revise policies and procedures supporting the management of IT assets and introduce periodic inspection of these assets to confirm existence and condition.

Conclusion

4.7.42 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements by undertaking additional audit procedures. ASC has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by ASC as part of the 2024–25 audit.

4.7.43 The ANAO issued an unmodified auditor’s report on the financial statements on 28 August 2024.

Australian Naval Infrastructure Pty Ltd

4.7.44 ANI is responsible for supporting the Commonwealth’s continuous naval shipbuilding program by being the owner, developer and manager of infrastructure and related facilities.

4.7.45 The infrastructure held by ANI at Osborne in South Australia is used by Luerssen Australia Pty Ltd for the construction of two offshore patrol vessels, BAE Systems Maritime Australia for the Hunter Class Frigate program, and ASC Pty Ltd for maintenance of the Collins Class submarines under contract arrangements with the Commonwealth, represented by the Department of Defence.

4.7.46 ANI is a proprietary company limited by shares registered under the Corporations Act 2001. The Commonwealth represented by the Minister for Finance and the Minister for Defence as Shareholder Ministers, wholly own all of ANI’s share capital.

Summary of financial performance

4.7.47 The following section provides a comparison of the 2023–24 and 2022–23 key financial statements items reported by ANI (as outlined in Table 4.7.11) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.7.11: Key financial statements items

Source: ANI’s audited financial statements for the year ended 30 June 2024.

4.7.48 The increase in total income of $42.7 million relates mainly to the receipt of land by ANI from the Government of South Australia. The land was primarily provided for the construction of Nuclear-Powered Submarine Construction Yard which will be developed by ANI. The land was valued by ANI at $39.9 million and recorded as income from an asset received free of charge.

4.7.49 The increase of $244.0 million in total assets was primarily due to:

• an increase of $122.5 million in the fair value of non-financial assets. During 2023–24 ANI revalued non-financial assets in accordance with its accounting policy. ANI’s valuer recommended an increase in the fair value of non-financial assets as a result in increased costs of construction; and
• assets and work in progress capitalised during the period for construction and acquisitions of $172.6 million, including the recognition of land received from the South Australian Government described at paragraph 4.7.48.

4.7.50 The increase in liabilities of $65.7 million is primarily due to:

• recognition of a lease liability of $11.7 million for a new lease entered into by ANI during 2023–24 was recognised in accordance with the relevant accounting standard; and
• an increase in deferred tax liabilities of $41.8 million, mainly due to the uplift in ANI’s non-financial assets as a result of the revaluation described at 4.7.49.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

4.7.51 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are the significant estimation and judgements involved in the revenue recognition of Collins Class submarine projects and OPV projects.

Key areas of financial risk

4.7.52 The ANAO completed appropriate audit procedures on all material items. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of ANI’s financial statements. The ANAO focused audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.7.12.

Table 4.7.12: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and ANI’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.7.53 There were no significant or moderate audit findings arising from the 2023–24 or 2022–23 financial statements audits.

Conclusion

4.7.54 The ANAO issued an unmodified auditor’s report on ANI’s financial statements on 12 September 2024.

Future Fund Management Agency

4.7.55 The Future Fund Board of Guardians, supported by the Future Fund Management Agency (together the Future Fund), is responsible for investing the assets of the Future Fund under the Future Fund Act 2006, and other investment funds, managed on behalf of the Department of Finance. The investment of the funds is managed under the Disability Care Australia Fund Act 2013; the Medical Research Future Fund Act 2015; the Aboriginal and Torres Strait Islander Land and Sea Future Fund Act 2018; the Future Drought Fund Act 2019; the Disaster Ready Fund Act 2019; and the Housing Australia Future Fund Act 2023 as a means to provide financing sources for substantial future investments in the Australian economy.

Summary of financial performance

4.7.56 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by the Future Fund (as outlined in Table 4.7.13) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.7.13: Key financial statements items

Source: The Future Fund’s audited financial statements for the year ended 30 June 2024.

4.7.57 The increase in the surplus of $7.0 billion was primarily due to improved fair value gains on financial instruments (investments) totalling $15.6 billion, compared to gains of $6.3 billion in 2022–23. The fair value gains were primarily due to higher returns on listed equities and collective investment vehicles.

4.7.58 The increase in total assets of $18.1 billion reflected the increase in the fair value of financial instruments, as well as higher cash and cash equivalents of $8.4 billion.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.7.59 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the valuation of investments made by the Future Fund, due to the size of the private market investment portfolio and the inherent subjectivity and significance of judgements and estimates required where market data is not available to determine the fair value of these investments;
• the relative size of the Future Fund and the other investment funds under management to the Australian Government’s financial position; and
• the extensive use of third parties, particularly reliance on the valuation undertaken by the investment custodian.

Key areas of financial risk

4.7.60 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the Future Fund’s financial statements.

4.7.61 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.7.14, including areas which were considered KAM by the ANAO.

Table 4.7.14: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the Future Fund’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.7.62 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.7.63 The ANAO issued an unmodified auditor’s report on the Future Fund’s financial statements on 25 September 2024.

Comments on non-material entities

Commonwealth Superannuation Corporation

4.7.64 The objective of Commonwealth Superannuation Corporation (CSC) is to provide retirement and insurance benefits for scheme members and beneficiaries, including past, present and future employees of the Australian Government and other eligible employers and members of the Australian Defence Force, through investment and administration of their superannuation funds and schemes.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.7.65 Table 4.7.15 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.7.15: Status of audit findings

Source: ANAO 2023–24 audit results.

4.7.66 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that the entity’s 2023–24 financial statements were not materially misstated.

Resolved moderate audit finding

User Access Review

4.7.67 During the 2022–23 audit, the ANAO performed testing over the design and operating effectiveness of CSC’s user access review process. The ANAO identified the user listings being reviewed were not complete; instances where responses regarding access were not received from business areas; instances of where individuals reviewed their own access; and instances of corrective amendments not being performed. The failure to effectively perform periodic comprehensive reviews of user access increases the risk of users retaining inappropriate access to systems and potentially performing unauthorised transactions.

4.7.68 During 2023–24, CSC enhanced the effectiveness of the user access review process by:

• implementing a control where listings used in the review are checked;
• enhancing existing controls for management to verify that reviews are performed and signed-off for all users included in the review;
• ensuring the review is performed with proper segregation of duties; and
• implementing a control for management to assess the exposure risk for user accounts identified for revocation or amendments in addition to attending to the access amendments.

4.7.69 The ANAO has tested the implementation, design and operating effectiveness of the revised user access review processes. As a result of the actions taken by CSC in response to this finding, the ANAO consider that the finding has been resolved.

4.8 Foreign Affairs and Trade portfolio

Portfolio overview

4.8.1 The Foreign Affairs and Trade Portfolio is responsible for: delivering a global network of embassies and missions and international affairs policy capability to support Australia’s interests and influence abroad. The Portfolio, which is comprised of five entities in addition to the Department of Foreign Affairs and Trade, works in partnership across government to promote a stable and prosperous regional and global environment.

4.8.2 Table 4.8.1 identifies material and other entities specifically mentioned in this chapter.

Table 4.8.1: Foreign Affairs and Trade portfolio material and other entities discussed in this chapter

✔: auditor's report not modified

◆: new significant or moderate findings and/or significant legislative matters noted

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.8.3 Figure 4.8.1 shows the Foreign Affairs and Trade portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.8.1: Foreign Affairs and Trade portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.8.4 Table 4.8.2 presents a summary of the total number of unresolved findings by entities in the Foreign Affairs and Trade portfolio at the conclusion of the 2023–24 final audits.

Table 4.8.2: Unresolved audit findings by entity in the Foreign Affairs and Trade portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.8.5 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.8.3 provides a summary of those audit differences that relate to entities within the Foreign Affairs and Trade portfolio.

Table 4.8.3: The number of audit differences for entities in the Foreign Affairs and Trade portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.
The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in Foreign Affairs and Trade portfolio.

4.8.6 The following section provides a summary of the 2023–24 financial statements audit results for the Department of Foreign Affairs and Trade and material entities within the portfolio, and findings for other non-material entities in the portfolio.

Department of Foreign Affairs and Trade

4.8.7 DFAT is responsible for the administration of Australia’s foreign, trade, international development and international security policies.

Summary of financial performance

4.8.8 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by DFAT (as outlined in Table 4.8.4 and Table 4.8.5) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.8.4: Key departmental financial statements items

Source: DFAT’s audited financial statements for the year ended 30 June 2024.

4.8.9 The net cost of services has increased by $49.3 million largely as a result of higher salary costs from higher average staff levels as well as an increase in salary rates for employees following the negotiation of a new enterprise agreement.

4.8.10 The increase in revenue from government of $104.8 million is primarily due to:

• appropriation funding received to fund new budget measures; and
• a reduction in the quarantined appropriation under the no-win no-loss funding arrangement.

4.8.11 Total other comprehensive income reduced by $136.4 million as a result of the valuation of DFAT’s non-financial assets. DFAT revalued their non-financial assets in accordance with their accounting policy. The reduction in other comprehensive income was mainly due to the impacts of foreign exchange rate fluctuations and market conditions which had a larger impact on the valuation in 2022–23.

4.8.12 Total liabilities reduced by $44.9 million primarily due to principal repayments on lease liabilities made in accordance with lease contracts.

Table 4.8.5: Key administered financial statements items

Source: DFAT’s audited financial statements for the year ended 30 June 2024.

4.8.13 The $268.2 million decrease in total expenses was primarily due to offsetting factors:

• a reduction of $434.3 million in multilateral replenishments. This was mainly due to fewer grant pledges in 2023–24 (one pledge of $27.9 million) compared to 2022–23 (5 pledges totalling $221.5 million); and
• offset by increased expenses in: other grants and contributions of $74.7 million; and for Export Finance Australia (EFA) of $27.4 million as a result of increased activity in and valuation of the financial guarantee on the National Interest Account within EFA.

4.8.14 Total comprehensive income of $533.1 million relates mainly to a revaluation increment on administered investments. The increment was primarily related to the subscriptions held with the Asian Development Bank and International Development Association.

4.8.15 Total assets have increased by $542.9 million largely as a result of the revaluation increment on administered investments (refer to paragraph 4.8.14).

4.8.16 The $351.9 million decrease in total liabilities was mainly due to:

• multilateral subscription payments made during the year leading to a $173.5 million decrease in grants payable; and
• a $129.2 million revaluation decrease in multilateral loans payable.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.8.17 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the complexity of DFAT’s business operations as arises from a highly decentralised control framework;
• the degree of professional judgement and estimation required to determine the fair value of land and buildings recognised in the financial statements; and
• the degree of reliance on third parties for the provision of services associated with the delivery and maintenance of the overseas property portfolio and provision of international development assistance.

Key areas of financial risk

4.8.18 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of DFAT’s financial statements.

4.8.19 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.8.6 including areas which were considered key audit matters (KAM) by the ANAO.

Table 4.8.6: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and DFAT’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.8.20 Table 4.8.7 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.8.7: Status of audit findings

Source: ANAO 2023–24 audit results.

4.8.21 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that DFAT’s 2023–24 financial statements were not materially misstated.

New moderate audit finding

Governance over compliance with corporate policies

4.8.22 DFAT’s operations are highly decentralised, where development and management of corporate policies typically rests with a centralised team, while accountability for the application of the respective corporate policies is dispersed widely across DFAT, including the international post network.

4.8.23 During the 2023–24 audit, the ANAO has identified a number of instances of non-compliance with corporate policies across a range of corporate functions, including procurement, human resources, monitoring of gifts and benefits and administration of international development assistance The breadth, nature and number of instances of non-compliance with corporate policies indicate that there is a systemic breakdown in the control environment within DFAT to effectively monitor compliance with corporate policies and to drive improvements in compliance rates over time.

4.8.24 Consistent or systemic non-compliance with corporate policies could increase the risk of breaches of the Public Governance, Performance and Accountability Act 2013 (PGPA Act). Additionally, non-compliance increased could also indicate an increased exposure to the risk of fraud or undetected errors in financial processes.

4.8.25 The ANAO recommended that DFAT:

• undertake a risk-based evaluation of the appropriateness and effectiveness of DFAT’s governance systems that are in place to drive and monitor compliance with significant corporate policies (with specific focus on the PGPA Act); and
• develop and execute an action plan to strengthen the control environment and accountability mechanisms for driving a culture of compliance across DFAT.

Resolved moderate audit finding

Administration of international development assistance payments

4.8.26 The international development assistance funding is highly decentralised across numerous geographies, covering various industry sectors. Operating across different geographic and legal jurisdictions increases the complexity of the program governance, as different programs and regions present unique challenges and risks, including potentially increased risks of fraud, bribery and corruption.

4.8.27 During the 2022–23 audit, the ANAO identified that there was an inconsistent application of DFAT’s centralised framework for administering international development assistance payments across individual payments, in relation to the degree of validation conducted by DFAT staff over payments for cost reimbursements. The ANAO recommended that DFAT revise its guidelines and implement additional controls to mitigate the identified risks to an acceptable level.

4.8.28 In February 2024, DFAT implemented a strengthened payment validation process, which requires that claims for cost reimbursements are inspected and confirmed as having been goods and services received prior to any payments being approved. The ANAO has tested the implementation, design and operating effectiveness of this control, which confirmed that DFAT has addressed the risks and recommendations identified by the ANAO. As a result of the action taken by DFAT this finding is considered resolved.

Conclusion

4.8.29 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements by undertaking additional audit procedures. DFAT has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by the entity as part of the 2024–25 audit.

4.8.30 The ANAO issued an unmodified auditor’s report on the financial statements on 10 September 2024.

Export Finance Australia

4.8.31 EFA provides financing solutions for Australian exporters and interests, including overseas infrastructure development that delivers benefits to Australia.

4.8.32 The operations of EFA are separated into the Commercial Account and National Interest Account. The Commercial account is the operations of EFA.

4.8.33 The National Interest Account operates on an approval from the Minister for Trade, Tourism and Investment (the minister) enabling EFA to undertake business activities under Part 5 of the Export Finance and Investment Corporation Act 1991, which the minister considers to be in the National Interest. Where the minister directs EFA to undertake a business activity, the credit risk is borne by the Commonwealth. EFA recovers from the Commonwealth the costs of administering business undertaken, including any losses incurred.

Summary of financial performance

4.8.34 The following section provides a comparison of the 2022–23 and 2023–24 key Commercial Account and National Interest Account financial statements items reported by EFA (as outlined in Table 4.8.8 and Table 4.8.9) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.8.8: Key Commercial Account financial statements items

Source: EFA’s audited financial statements for the year ended 30 June 2024.

4.8.35 The decrease in assets and liabilities is due to a reduction in the debts held at year end through the reduction of investment in short term cash deposits held in the prior year.

4.8.36 Other income increased by $12.1 million primarily due to favourable fair value increments on the loans, bonds insurances and guarantees, due largely to favourable adjustments on provisions for loans.

Table 4.8.9: Key National Interest Account financial statements items

Source: EFA’s audited financial statements for the year ended 30 June 2024.

4.8.37 The decrease in other income of $41.0 million is due to the write down of concessional loans committed before year end offset by revaluation gains on the loans and other financial instruments.

4.8.38 The increase in total assets of $303.0 million and total liabilities of $303.0 million reflects the growth in the loans provided by the National Interest Account during 2023–24. These loans are funded through debt issuance and loans received from the Commercial Account.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.8.39 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the range of operations and financing provided by the Commercial Account and National Interest Account;
• size and impact of EFA’s operations on Australia’s trade relationships; and
• significant judgements and estimation required for the valuation of loans and other portfolio holdings managed by EFA.

Key areas of financial risk

4.8.40 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of EFA’s financial statements.

4.8.41 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.8.10.

Table 4.8.10: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and EFA’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.8.42 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.8.43 The ANAO issued an unmodified auditor’s report on EFA’s financial statements on 22 August 2024.

4.9 Health and Aged Care portfolio

Portfolio overview

4.9.1 The Health and Aged Care portfolio works towards achieving better health and wellbeing for all Australians, now and for future generations.

4.9.2 Table 4.9.1 identifies material entities specifically mentioned in this section.

Table 4.9.1: Health and Aged Care portfolio material and other entities discussed in this section

✔: auditor's report not modified

E: auditor’s report contains an emphasis of matter

◆: new significant or moderate findings and/or significant legislative matters noted

▲: significant or moderate findings and/or significant legislative matters reported previously but not yet resolved

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.9.3 Figure 4.9.1 shows the Health and Aged Care portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.9.1: Health and Aged Care portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.9.4 Table 4.9.2 presents a summary of the total number of unresolved findings by entities in the Health and Aged Care portfolio at the conclusion of the 2023–24 final audits.

Table 4.9.2: Unresolved audit findings by entity in Health and Aged Care portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.9.5 As previously outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.9.3 provides a summary of those audit differences that relate to entities within the Health and Aged Care portfolio.

Table 4.9.3: The number of audit differences for entities in the Health and Aged Care portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.
The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Health and Aged Care portfolio.

4.9.6 The following section provides a summary of the 2023–24 financial statements audit results for the Department of Health and Aged Care, and findings for other material entities in the portfolio.

Department of Health and Aged Care

4.9.7 DoHAC is responsible for achieving the Australian Government’s health and ageing policy priorities through evidence-based policy, program administration, research, regulatory activities, and partnerships with other government entities, consumers and stakeholders.

Summary of financial performance

4.9.8 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by DoHAC (as outlined in Table 4.9.4 and Table 4.9.5) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.9.4: Key departmental financial statements items

Source: DoHAC’s audited financial statements for the year ended 30 June 2024.

4.9.9 The $234.7 million increase in DoHAC’s net cost of services largely due to a $140.6 million increase in employee benefits and a $141.9 million increase in contracted services. This reflects continuing growth in employee numbers attributable to further funding received for aged care reform, as well as funding measures for Therapeutic Goods Administration (TGA) public good activities, vaping reform and strengthening Medicare.

4.9.10 The increase in revenue from government of $258.5 million is largely due to the impact of additional funding from the Australian Government for the measures described in paragraph 4.9.9.

Table 4.9.5: Key administered financial statements items

Source: DoHAC’s audited financial statements for the year ended 30 June 2024.

4.9.11 The increase in total expenses of $10.8 billion is largely due to the increase in aged care subsidies and personal benefits expenses. The increase in these items reflects the implementation of aged care reforms and the indexation of subsidies and supplements which have led to higher payments during 2023–24.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.9.12 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as high. Key factors contributing to this rating are:

• the complexity of the environment in which DoHAC operates, with a public health system jointly administered by the Commonwealth and the states and territories;
• the broad range and complex environment in which health and aged care is regulated;
• the diversity and complexity of programs administered by DoHAC; and
• the high number of enterprise level risks that have implications on the financial statements.

Key areas of financial risk

4.9.13 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of DoHAC’s financial statements.

4.9.14 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.9.6, including areas which were considered KAM by the ANAO.

Table 4.9.6: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and DoHAC’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.9.15 Table 4.9.7 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.9.7: Status of audit findings

Note a: The significant audit finding relating to Legal governance and conformance was identified during the 2022–23 audit. This audit finding was reduced to a moderate audit finding during the 2023–24 interim audit as reported in Auditor-General Report No. 42 of 2023–24 Interim Report on Key Financial Controls of Major Entities. During the 2023–24 final audit this finding was resolved. Refer to paragraphs 4.9.32 to 4.9.34.

Note b: The moderate audit finding relating to Commonwealth Home Support Programme – Compliance Program was identified during the 2022–23 audit. This audit finding was resolved during the 2023–24 interim audit as reported in Auditor-General Report No. 42 of 2023–24 Interim Report on Key Financial Controls of Major Entities.

Source: ANAO 2023–24 audit results.

4.9.16 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that DoHAC’s 2023–24 financial statements were not materially misstated.

New significant audit finding

Legal conformance

4.9.17 During the 2023–24 audit, the ANAO reviewed the risk assessments performed by DoHAC over its conformance with legislation that the department is responsible for administering. DoHAC did not have a centralised process to assess whether the risk assessments were consistently undertaken and a number of inconsistencies were identified by the ANAO.

4.9.18 DoHAC had not assessed legislation which resulted in breaches of section 83 of the Constitution of Australia as high risk, despite known legislative compliance issues.

4.9.19 In addition, legislation which had given rise to potential non-compliance identified during 2023–24 had not been assessed as high risk and therefore DoHAC had not undertaken further work to ensure payments to recipients were compliant with legislative requirements.

4.9.20 The ANAO recommended that DoHAC:

• revisit its risk assessments to ensure consistency in the risk assessment process;
• for those programs identified as higher risk for non-compliance with legislative requirements, conduct further work to ensure payments to recipients are compliant;
• establish a centralised process to provide oversight of DoHAC’s legal governance arrangements; and
• implement reporting of legal conformance matters through its Audit and Risk Committee.

New moderate audit findings

Compliance activities over PBS advance payments

4.9.21 Under the National Health Act 1953, approved pharmaceutical suppliers can submit an advance claim for payment for the supply of pharmaceutical benefits. Once paid, the supplier has up to 65 days to certify the claim.

4.9.22 During the 2023–24 final audit, DoHAC identified $1.8 billion in advance payments which should have been recorded as a statutory receivable. The receivable related to payments made to suppliers which had not been certified within 65 days as required by the National Health Act 1953.

4.9.23 The advanced payments related to a period of over a decade. DoHAC has not undertaken any investigative work or analysis to determine reasons why the advance payments have not been certified by the supplier. Advance claims are excluded from DoHAC’s compliance activities as DoHAC does not undertake compliance until claims have been finalised.

4.9.24 The failure to recognise a statutory receivable has resulted in a material misstatement in DoHAC’s prior years’ financial statements (which was corrected in the 2023–24 financial statements). In addition, the absence of appropriate monitoring or oversight over the growing balance of advance payments presents business and legal risks to DoHAC.

4.9.25 The ANAO recommends that DoHAC:

• determine a strategy to address the backlog of advance claims which have not been certified by suppliers. There are legal issues that DoHAC will need to resolve in order to determine the recoverability of the balance; and
• implement monitoring and compliance activity over advance claims to ensure DoHAC’s responsibilities under the National Health Act 1953 are fulfilled.

Inventory management

4.9.26 DoHAC’s financial statements include a material inventory balance relating to the National Medical Stockpile, COVID-19 vaccines and consumables. During the final audit, DoHAC identified two prior period errors affecting the inventory balance (which were corrected in the 2023–24 financial statements). Both errors were not detected by DoHAC’s systems of internal control.

4.9.27 In addition, the ANAO identified weaknesses around DoHAC’s inventory stocktake process and there was a large unresolved variance between inventory data maintained in the Inventory Management System and the Financial Management Information System. The weaknesses in internal control increase the risk of material misstatement in the financial statements.

4.9.28 The ANAO recommends that DoHAC:

• examine its stocktake processes to ensure they are sufficiently robust and capable of detecting potential misstatements in the inventory population;
• investigate and resolve the cause of the variance in the inventory reconciliation; and
• perform a root cause analysis to determine the underlying issues contributing to the prior period errors so weaknesses in the control environment can be remediated to prevent the issues from re-occurring.

Asset management

4.9.29 DoHAC commissioned a review of its internally developed software and identified a material prior period error as costs relating to projects considered to be ‘software as a service’ had been incorrectly capitalised (these prior period errors were corrected in the 2023–24 financial statements). Under the Australian Accounting Standards, these costs should have been expensed. In addition, the ANAO identified weaknesses around DoHAC’s asset impairment and asset valuation processes.

4.9.30 The weaknesses in internal control increase the risk of material misstatement in the financial statements.

4.9.31 The ANAO recommended that DoHAC:

• develop guidance for program areas to be able to correctly apply the capitalisation requirements of the Australian Accounting Standards; and
• strengthen controls around its impairment and valuation processes.

Resolved moderate audit finding

Legal governance

4.9.32 During the 2022–23 audit, the ANAO identified weaknesses in processes to communicate legal matters which are relevant to the preparation of the financial statements. This included information around legal matters affecting processes performed by service providers on behalf of DoHAC. The ANAO made a number of recommendations aimed at strengthening governance processes and ensuring legislative requirements were appropriately assessed and legislative risks were being monitored.

4.9.33 At the conclusion of the 2023–24 interim audit, the audit finding was reduced to a moderate risk finding in recognition of DoHAC’s progress in addressing the weaknesses.

4.9.34 During the 2023–24 final audit, the ANAO confirmed DoHAC has undertaken a risk assessment of its administered programs in relation to compliance with legislative requirements. As a result, this finding has been resolved.

Conclusion

4.9.35 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements by undertaking additional audit procedures. DoHAC has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by the entity as part of the 2024–25 audit.

4.9.36 The ANAO issued an unmodified auditor’s report on the financial statements on 18 October 2024.

National Blood Authority

4.9.37 The NBA is responsible for securing the supply of safe and affordable blood products, including through national supply arrangements and coordination of best practice standards within agreed funding policies under the national blood arrangements.

Summary of financial performance

4.9.38 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by the NBA (as outlined in Table 4.9.8 and Table 4.9.9) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.9.8: Key departmental financial statements items

Note a: The prior period financial statements were restated with respect to employee benefits and supplier expenses due to the identification of prior period errors relating to the classification of expenses between departmental and administered accounts.

Source: The NBA’s audited financial statements for the year ended 30 June 2024.

4.9.39 The increase of $1.0 million in the net cost of services is due mainly to higher employee expenses of $0.6 million due to growth in staff numbers during the period.

4.9.40 The increase in revenue from government of $3.4 million is due to an increase in operational funding provided for under the National Supply Plan and Budget agreed between the Commonwealth and state and territory governments.

Table 4.9.9: Key administered financial statements items

Note a: The prior period financial statements were restated with respect to employee benefits and supplier expenses due to the identification of prior period errors relating to the classification of expenses between departmental and administered accounts.

Source: The NBA’s audited financial statements for the year ended 30 June 2024.

4.9.41 The increases of $123.9 million in total expenses and $115.8 million in total income are due to a rise in the demand for blood products and associated revenue from state and territory governments in accordance with the National Blood Agreement.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.9.42 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as low.

Key areas of financial risk

4.9.43 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the NBA’s financial statements.

4.9.44 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.9.10.

Table 4.9.10: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the NBA’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.9.45 Table 4.9.11 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.9.11: Status of audit findings

Source: ANAO 2023–24 audit results.

4.9.46 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that the NBA’s 2023–24 financial statements were not materially misstated.

Resolved moderate audit finding

Departmental and administered – classification and reporting

4.9.47 Since 2019–20, the NBA had been transferring monies from administered to departmental funds to recover costs for administered programs in relation to the delivery of the National Supply Plan that were borne by departmental funds. The incorrect classification or allocation of funding and expenditure between administered and departmental posed a risk to the integrity of the NBA’s financial statements.

4.9.48 During 2023–24, the NBA enhanced its process for the classification and reporting of funds. The NBA prepared accounting position papers outlining the position adopted for the transfer of funds from administered to departmental. Additionally, the NBA implemented processes to document the internal approval provided for these transfers.

4.9.49 During the 2023–24 final audit, the ANAO reviewed the NBA’s accounting papers and the design and operating effectiveness of the enhanced controls. As a result of the actions taken by the NBA, the ANAO considered that this finding has been resolved.

Conclusion

4.9.50 The ANAO issued an unmodified auditor’s report on the NBA’s financial statements on 10 October 2024.

National Health and Medical Research Council

4.9.51 The NHMRC is the Australian Government’s key entity for managing investment in, and integrity of, health and medical research. The National Health and Medical Research Council is also responsible for developing health advice for the Australian community, health professionals and governments, and for providing advice on ethical practice in health care and in the conduct of health and medical research.

Summary of financial performance

4.9.52 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by (as outlined in Table 4.9.12 and Table 4.9.13) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.9.12: Key departmental financial statements items

Source: NHMRC’s audited financial statements for the year ended 30 June 2024.

4.9.53 Revenue from government increased due to the impacts of additional funding for delivery of programs and projects.

Table 4.9.13: Key administered financial statements items

Source: NHMRC’s audited financial statements for the year ended 30 June 2024.

4.9.54 Total expenses increased by $52.6 million predominantly due to a higher volume of medical research grants recorded in 2023–24. A delay in medical research grant rounds was experienced in 2022–23.

4.9.55 Total assets increased by $40.3 million mainly to due to higher cash and cash equivalents of $36.7 million due to the timing of grant rounds.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.9.56 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as low.

Key areas of financial risk

4.9.57 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the NHMRC’s financial statements.

4.9.58 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.9.14.

Table 4.9.14: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the NHMRC’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.9.59 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.9.60 The ANAO issued an unmodified auditor’s report on the NHMRC’s financial statements on 30 August 2024.

Comments on non-material entities

National Health Funding Body

4.9.61 The National Health Funding Body (NHFB) is responsible for improving transparency in public hospital funding in Australia.

Conclusion

4.9.62 The ANAO issued an unmodified auditor’s report on NHFB’s financial statements on 20 September 2024.

4.9.63 Without modifying the opinion, the auditor’s report included an emphasis of matter paragraph to draw the attention of users of the financial statements to the Overview note of the financial statements which describes NHFB’s correction of a prior period error relating to the incorrect recognition of intangible non-financial assets. The auditor’s report was not modified in respect of this matter. The net impact of the error to each financial statements line item was to reduce total equity for the period ending 30 June 2023 by $0.5 million.

4.10 Home Affairs portfolio

Portfolio overview

4.10.1 The Home Affairs portfolio comprises a range of national security and national resilience functions, these include: managing Australia’s migration program; cyber security policy and protection of critical infrastructure; countering terrorism and foreign interference; emergency management and disaster preparedness, response and recovery; border protection and the facilitation of legitimate trade and travel.

4.10.2 Table 4.10.1 identifies material and other entities specifically mentioned in this chapter.

Table 4.10.1: Home Affairs portfolio material and other entities discussed in this chapter

✔: auditor's report not modified

◆: new significant or moderate findings and/or significant legislative matters noted

4.10.3 Figure 4.10.1 shows the Home Affairs portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.10.1: Home Affairs portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.10.4 Table 4.10.2 presents a summary of the total number of unresolved findings by entities in the Home Affairs portfolio at the conclusion of the 2023–24 final audits.

Table 4.10.2: Unresolved audit findings by entity in the Home Affairs portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.10.5 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.10.3 provides a summary of those audit differences that relate to entities within the Home Affairs portfolio.

Table 4.10.3: The number of audit differences for entities in the Home Affairs portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.
The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Home Affairs portfolio.

4.10.6 The following section provides a summary of the 2023–24 financial statements audit results for the Department of Home Affairs and material entities within the portfolio, and findings for other non-material entities in the portfolio.

Department of Home Affairs

4.10.7 Home Affairs is the lead entity in the portfolio and is responsible for central coordination, strategy and policy in relation to: cyber and critical infrastructure resilience and security; immigration, border security and management; and counter-terrorism. It also deals with the management and delivery of the migration, humanitarian and refugee programs, along with multicultural programs, citizenship and settlement services. Home Affairs includes the Australian Border Force, which is responsible for border, investigatory, compliance, detention (facilities and centres) and enforcement functions, as well as Australia’s customs functions. Considering the portfolio’s focus on national security, maintaining a high-integrity culture, including compliance, is critical.

Summary of financial performance

4.10.8 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by Home Affairs (as outlined in Table 4.10.4 and Table 4.10.5) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.10.4: Key departmental financial statements items

Source: Home Affairs’ audited financial statements for the year ended 30 June 2024.

4.10.9 The increase of $173.4 million in the net cost of services is primarily the result of:

• higher employee expenses of $153.0 million due to higher staffing levels and salary increases in accordance with Home Affairs’ enterprise agreement;
• higher supplier expenses of $21.9 million largely due to increases in IT and communications expenditure and vessel maintenance costs; and
• decreased revenue from contracts with customers of $17.1 million as a result of the transfer of the Document Verification Service function to the Attorney-General’s Department.

4.10.10 The increase in revenue from government of $365.6 million was a result of supplementation and other measures provided for through the 2023–24 Portfolio Additional Estimates Statements.

Table 4.10.5: Key administered financial statements items

Source: Home Affairs’ audited financial statements for the year ended 30 June 2024.

4.10.11 The increase in total expenses of $95.0 million is primarily due to offsetting factors:

• higher in write down and impairment of financial assets of $153.0 million mainly due to the liquidation, administration or cessation of entities with outstanding passenger movement charge and customs duty debts; and
• lower supplier expenses relating to reduced offshore compliance and detention costs of $74.0 million.

4.10.12 The decrease in total income of $2.7 billion is due mainly to a reduction in customs duty revenue of $3.2 billion driven by decreased Excise Equivalent Goods collections from tobacco, alcohol and petroleum.

4.10.13 The increase in other comprehensive income of $119.4 million reflects the movement from asset revaluations undertaken during the period in accordance with Home Affairs’ accounting policy. The increase reflected changes in construction, assumptions for the asset useful lives and other indices which are used to value Home Affairs’ administered non-financial assets.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.10.14 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as high. Key factors contributing to this rating are:

• high value of customs revenue, geographically dispersed operations and level of reliance on IT systems in managing programs and collecting revenue;
• management of a number of high value contracts and payments for service delivery, including detention centres and regional processing centres, and development and construction of IT and other assets; and
• the nature of the operating environment of Home Affairs including management of people and goods across Australia’s borders.

Key areas of financial risk

4.10.15 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Home Affairs’ financial statements.

4.10.16 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.10.6, including areas which were considered KAM by the ANAO.

Table 4.10.6: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Home Affairs’ audited financial statements for the year ended 30 June 2024.

Risks and findings identified in ANAO performance audits

4.10.17 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. The following performance audit report was tabled during 2023–24 relevant to the financial management or administration of Home Affairs:

• Auditor-General Report No. 37 of 2023–24 Administration of the Adult Migrant English Program.

4.10.18 The observations of this report were considered in designing audit procedures to address areas considered to pose a lower risk of material misstatement. The performance audit reported on weaknesses identified around contract management of the Adult Migrant English Program (AMEP). AMEP expenses form part of the balance of Administered supplier expenses. Additional audit procedures were designed and performed to address the risks posed by the identified weaknesses.

What are the results of the ANAO’s audit coverage in 2023–24?

4.10.19 Table 4.10.7 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.10.7: Status of audit findings

Source: ANAO 2023–24 audit results.

4.10.20 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that Home Affairs’ 2023–24 financial statements were not materially misstated.

New moderate audit finding

Management of non-financial assets

4.10.21 Home Affairs’ non-financial assets are geographically dispersed across Australia and overseas and consist of land, buildings, leasehold improvements, vessels and plant and equipment and are core to operational delivery. Home Affairs’ undertook a revaluation of these assets during the period which resulted in significant uplifts in the fair value of both departmental and administered asset values ($162.6 million and $277.7 million respectively). A substantial component of the valuation increments were driven by revised assumptions regarding the useful lives of assets, including assets that had been fully depreciated prior to the time of the valuation.

4.10.22 During the 2023–24 audit, the ANAO requested further analysis which demonstrated that the changes in useful lives of assets recommended by the valuer indicated that assumptions regarding the useful lives of certain assets in prior years may not have been appropriate. Home Affairs conducted an assessment of valuation movements to estimate the misstatement of prior year asset balances and restated 2023–24 opening balances for departmental assets by $75.4 million and administered assets by $129.0 million.

4.10.23 As a result of the revaluation results and analysis, the ANAO identified Home Affairs’ asset register may not be reflective of the operational considerations of the asset custodians. There is an increased risk that this will lead to erroneous information being relied on for the purposes of desktop and risk-based asset valuation and review processes.

4.10.24 The ANAO recommended that Home Affairs:

• should ensure that its asset management policies, processes and review procedures support the capture and retention of asset information which reflect assessments of useful lives and impairment and represents the operational utilisation of the asset or asset-under-construction; and
• process for the conduct of a revaluation should ensure that the outcome of the valuer’s work is assessed against the operational awareness of the asset custodians, particularly with respect to remaining useful lives or changes in circumstances which impact assumptions around future service potential.

4.10.25 The ANAO will focus on the action taken by Home Affairs in response to this finding as part of the 2024–25 audit.

Conclusion

4.10.26 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements. Home Affairs has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by Home Affairs as part of the 2024–25 audit.

4.10.27 The ANAO issued an unmodified auditor’s report on the financial statements on 10 September 2024.

Australian Security Intelligence Organisation

4.10.28 ASIO is responsible for protecting Australia, its people and its interests from threats to security through intelligence collection, assessment and advice to the government.

Summary of financial performance

4.10.29 The following section provides a comparison of the 2022–23 and 2023–24 key departmental financial statements items reported by ASIO (as outlined in Table 4.10.8) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.10.8: Key departmental financial statements items

Source: ASIO’s audited financial statements for the year ended 30 June 2024.

4.10.30 Revenue from government and net cost of services have both increased due to the impacts of additional funding for delivery of programs and projects.

4.10.31 Total assets increased due to delays in planned capital expenditure in prior years resulting in an increase of undrawn appropriations that will be available in the forward estimates.

4.10.32 Total equity increased due to capital funding for new and existing measures approved by government.

4.10.33 Total liabilities increased due mainly to growth in employee provisions as a result of increases in salary rates and staff numbers.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.10.34 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• compartmentalised nature of some aspects of ASIO’s operations and the associated sensitivities in accessing some records and information to support transactions; and
• specific exemptions from financial reporting and governance requirements under the Public Governance, Performance and Accountability Act 2013 for designated operational activities.

Key areas of financial risk

4.10.35 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of ASIO’s financial statements.

4.10.36 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.10.9.

Table 4.10.9: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and ASIO’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.10.37 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits. One minor audit finding was resolved during the final audit.

Conclusion

4.10.38 The ANAO issued an unmodified auditor’s report on ASIO’s financial statements on 13 August 2024.

4.11 Industry, Science and Resources portfolio

Portfolio overview

4.11.1 The Industry, Science and Resources portfolio is responsible for contributing to a productive, resilient, and sustainable economy through science and technology. It does this by encouraging the development of innovative and competitive business, industries and regions, investing in science and technology and supporting the resources sector. The Department of Industry, Science and Resources also operates a Business Grants Hub, with further information available from the Department of Industry, Science and Resources’ website.

4.11.2 In addition to the Department of Industry, Science and Resources, there are six entities within the portfolio (excluding subsidiaries) with responsibilities for: nuclear medicine; geoscience; innovations in science and technology; Australia’s intellectual property rights system; offshore petroleum safety and environmental management; and to provide increased flows of finance into priority areas of the Australian economy.

4.11.3 Table 4.11.1 identifies material entities specifically mentioned in this chapter.

Table 4.11.1: Industry, Science and Resources portfolio material and other entities discussed in this chapter

✔: auditor's report not modified

✏: financial statements not signed as at 9 December 2024

◆: new significant or moderate findings and/or significant legislative matters noted

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.11.4 Figure 4.11.1 shows the Industry, Science and Resources portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.11.1: Industry, Science and Resources portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.11.5 Table 4.11.2 presents a summary of the total number of unresolved findings by entities in the Industry, Science and Resources Portfolio at the conclusion of the 2023–24 final audits.

Table 4.11.2: Unresolved audit findings by entity within the Industry, Science and Resources portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.11.6 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.11.3 provides a summary of those audit differences that relate to entities within the Industry, Science and Resources portfolio.

Table 4.11.3: The number of audit differences for entities in the Industry, Science and Resources portfolio

Key: ✏ Financial statements not signed as at 9 December 2024.

Notes: The above table includes differences first identified during the current audit that were related to a prior period.
The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Industry, Science and Resources portfolio.

4.11.7 The following section provides a summary of the 2023–24 financial statements audit results for the Department of Industry, Science and Resources and material entities within the portfolio, and findings for other non-material entities in the portfolio.

Department of Industry, Science and Resources

4.11.8 Industry is responsible for supporting a productive, resilient, and sustainable economy that is enriched by science and technology. It does this by growing innovative and competitive businesses, industries and regions, and supporting a strong resources sector.

Summary of financial performance

4.11.9 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by Industry (as outlined in Table 4.11.4 and Table 4.11.5) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.11.4: Key departmental financial statements items

Source: Industry’s audited financial statements for the year ended 30 June 2024.

4.11.10 The increase in net cost of services of $73.9 million is primarily due to:

• higher employee benefits expenses of $63.8 million as a result of growth in staffing levels and the commencement of the new enterprise agreement; and
• a reduction in revenue for services of $7.5 million mainly as a result of lower cost recovery from the cessation of provision of corporate support services to the Department of Climate Change, Energy, the Environment and Water (DCCEEW) which are now managed in-house by DCCEEW.

4.11.11 The increase in revenue from government of $50.7 million is primarily driven by the implementation of new measures and increased funding for existing measures. These included activities related to the decommissioning and remediation of the Northern Endeavour; the technology investment taskforce; and various other new measures implemented.

4.11.12 The increase in total assets of $48.6 million is mainly due to:

• higher appropriations receivable of $56.0 million that have not been utilised due to timing difference of cash payments; and
• higher intangible non-financial assets (computer software) of $7.5 million due to asset purchase and acquisitions during the period.

Table 4.11.5: Key administered financial statements items

Source: Industry’s audited financial statements for the year ended 30 June 2024.

4.11.13 The increase in total expenses of $881.1 million is primarily due to an increase of $1.0 billion in rehabilitation activities for the Ranger uranium mine and Northern Endeavour (refer to paragraph 4.11.16).

4.11.14 The decrease in total income of $133.4 million is mainly due to offsetting factors:

• lower royalty revenue of $1.0 billion arising from changes in commodity pricing impacting North West Shelf royalties; and
• higher revenue from security funds adjustment for rehabilitation activities of $877.5 million.

4.11.15 The increase in total assets of $6.7 billion is primarily due to:

• higher cash held in special accounts of $5.0 billion mainly as a result of the commencement of the National Reconstruction Fund on 18 September 2023;
• higher other receivables of $1.0 billion from the estimated security funds adjustment for the rehabilitation activities relating to the Ranger uranium mine; and
• higher administered investments of $671.6 million, reflecting higher net asset positions of corporate Commonwealth entities mainly due to uplifts from revaluations and increased capital appropriations paid to corporate Commonwealth entities.

4.11.16 The increase in total liabilities of $1.2 billion is primarily driven by larger rehabilitation provisions for the Ranger uranium mine and Northern Endeavor due to higher estimated costs for rehabilitation works being completed over a longer timeframe.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.11.17 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are the size and the complexity of Industry’s activities and programs.

Key areas of financial risk

4.11.18 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Industry’s financial statements.

4.11.19 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.11.6, including areas which were considered KAM by the ANAO.

Table 4.11.6: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Industry’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.11.20 Table 4.11.7 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.11.7: Status of audit findings

Source: ANAO 2023–24 audit results.

4.11.21 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that Industry’s 2023–24 financial statements were not materially misstated.

New moderate audit finding

Management of Work in Progress (WIP)

4.11.22 In accordance with AASB 116 Property, Plant and Equipment, Industry capitalises costs if they are capital nature and record them in a WIP account in the general ledger. Where costs on projects do not meet the criteria for capitalisation these are expensed in the year incurred as an operating expense. At the completion of a project, the asset is commissioned and depreciated in line with the asset’s useful life.

4.11.23 During the 2023–24 audit, the ANAO identified:

• transactions, which were operating in nature, were incorrectly capitalised as work in progress. Some, but not all, of these transactions were identified by Industry as part of their regular quality assurance review over the balance of WIP and subsequently adjusted;
• transactions recorded in WIP which did not have appropriate supporting information that clearly supported how the costs were capital in nature or that would assist quality assurance processes in identifying any potential misclassification. This included timesheet related information used in capitalising salary and contract costs for project development. Timesheets reviewed by the ANAO did not include sufficient information on which projects or tasks were delivered supporting the capitalisation of costs; and
• assets, which had been acquired and commenced in use in previous periods, but were still recorded as work in progress and not yet transferred to the depreciating asset register.

4.11.24 The ANAO recommended that Industry undertake a root cause analysis to assist in enhancing processes for capitalisation of work in progress, including considering updating existing guidance and undertaking further risk-based transaction reviews, including the process for allocating costs associated with contractor time.

Other matters

Contract for legal services between King & Wood Mallesons and the Department of Industry, Science and Resources regarding PsiQuantum

4.11.25 On 27 June 2024, the Acting Auditor-General responded to correspondence from Senator Andrew Bragg dated 5 June 2024 requesting that the Auditor-General conduct an audit into the costs of the legal advice arising from a contract between Industry and King & Wood Mallesons (KWM) relating to PsiQuantum.

4.11.26 The Acting Auditor-General advised that ‘payments made by the Commonwealth, including in relation to legal matters, are subject to financial audit by the ANAO. The matters raised in your letter will be examined in the course of the ANAO’s 2023–24 financial statements audit of DISR’.

4.11.27 The ANAO undertook enquiries and performed analysis over transactions relating to KWM contract, with KWM providing legal services across a range of issues for Industry. The ANAO confirmed that the contract referred to by Senator Bragg was for legal services relating to PsiQuantum. The maximum approved value of the contract with KWM in relation to PsiQuantum was $3,615,811. The total value of expenditure was $3,537,813.

Conclusion

4.11.28 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements. Industry has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by Industry as part of the 2024–25 audit.

4.11.29 The ANAO issued an unmodified auditor’s report on the financial statements on 4 September 2024.

Australian Nuclear Science and Technology Organisation

4.11.30 ANSTO is Australia’s national nuclear research and development organisation. ANSTO operates Australia’s only nuclear multi-purpose reactor and the Australian Synchrotron, contributes to radiopharmaceutical production and supply, and conducts research into areas of national priority, including human health, the environment and the nuclear fuel cycle. ANSTO also provides advice to government and other stakeholders on matters relating to nuclear science, technology and engineering.

4.11.31 ANM was a subsidiary of ANSTO. ANM was established to own and operate two facilities at ANSTO’s Lucas Heights campus: the Molybdenum 99 (Mo-99) production facility and the Synroc waste management facility. In accordance with the Australian Government’s decision announced in the Federal Budget for 2023–24 to wind up ANM by 1 July 2024, ANM’s operations, assets and liabilities were transferred to ANSTO on 1 December 2023. ANM was subsequently deregistered on 21 May 2024.

Summary of financial performance

4.11.32 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by ANSTO (as outlined in Table 4.11.8) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.11.8: Key financial statements items

Source: ANSTO’s audited financial statements for the year ended 30 June 2024.

4.11.33 The net cost of services decreased by $55.9 million mainly attributable to an increase in the reversal of previously recorded impairment of $160.1 million relating to non-financial assets previously held by ANM. This was partially offset by:

• decrease in other gains of $39.2 million. In 2022–23, there were other gains of approximately $55.8 million attributable to the remeasurement of decommissioning of provisions due to changes in discount rates applied in the valuation (decrease in provisions), compared to gains of approximately $28.0 million in 2023–24. The impact of changes in economic assumptions applied in the calculation, such as long-term bond and consumer price index rates, were less significant in 2023–24;
• increase in supplier expenses by $33.0 million in 2023–24 mainly due to an increase in contractor expenses and maintenance expenses; and
• increase in depreciation of $31.2 million from December 2023 to June 2024 related to the increase in the value of non-financial assets previously held by ANM.

4.11.34 The decrease in total other comprehensive income is due to the impact of a revaluation of non-financial assets undertaken in 2022–23. The result was to record a fair valuation increment in buildings and plant and equipment of $169.0 million which did not occur in 2023–24. Assets are periodically revalued in accordance with ANSTO’s accounting policy.

4.11.35 The increase in total assets of $277.5 million was primarily due to:

• higher investments by $98.8 million as a result of further investments in term deposits and the revaluation of shares held by ANSTO in Clarity Pharmaceuticals Ltd; and
• higher property, plant and equipment of $183.4 million largely due to the reversal of previously recognised impairment on the non-financial assets transferred to ANSTO from ANM during 2023–24.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.11.36 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• complexity of ANSTO’s nuclear operations with a number of business functions, operations from multiple locations and active commercial operations; and
• complexity of calculations required to estimate the decommissioning and nuclear waste management provisions.

Key areas of financial risk

4.11.37 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the ANSTO’s financial statements.

4.11.38 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.11.9.

Table 4.11.9: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the ANSTO’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.11.39 Table 4.11.10 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.11.10: Status of audit findings

Source: ANAO 2023–24 audit results.

4.11.40 For the finding listed below, the ANAO undertook additional audit procedures to gain reasonable assurance that ANSTO’s 2023–24 financial statements were not materially misstated.

Resolved moderate audit finding

FMIS DEBUG privileged user access and monitoring of audit logs

4.11.41 Privileged user accounts can be used to circumvent security controls to make direct changes, either to system settings or systems data, or to access files and accounts used by others. During the 2022–23 interim audit, the ANAO identified weaknesses in ANSTO’s controls relating to the granting and monitoring of privileged user access to the Financial Management Information System (FMIS) in respect of a DEBUG role (a privileged user role).

4.11.42 During the 2022–23 audit, the ANAO identified that there were users with permanent access to the DEBUG role and there was no regular monitoring of logs of activities of these privileged users. The ANAO recommended that ANSTO remove permanent access to the DEBUG role; develop a policy to provide formalised temporary access to the role as a need arises; and develop a monitoring and logging process.

4.11.43 ANSTO removed all permanent access for users to the DEBUG role in July 2023. Additionally, ANSTO implemented a new control to provide temporary access to the DEBUG role on an as-needed basis. Existing monitoring and logging processes were expanded to cover the DEBUG role. The ANAO tested the implementation, design and operating effectiveness of this control as part of the 2023–24 audit. As a result of the actions taken by ANSTO in response to this finding the ANAO considers that it has been resolved.

Conclusion

4.11.44 The ANAO issued an unmodified auditor’s report on the ANSTO’s financial statements on 12 September 2024.

Commonwealth Scientific and Industrial Research Organisation

4.11.45 The primary functions of CSIRO, as set out in the Science and Industry Research Act 1949, are to carry out scientific research and facilitate the application or utilisation of the results of such research. CSIRO is responsible for delivering innovative scientific and technology solutions to benefit industry, the environment and the community through scientific research and capability development, services and advice.

Summary of financial performance

4.11.46 The following section provides a comparison of the 2022–23 and 2023–24 key departmental financial statements items reported by CSIRO (as outlined in Table 4.11.11) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.11.11: Key departmental financial statements items

Source: CSIRO’s audited financial statements for the year ended 30 June 2024.

4.11.47 The increase in net cost of services of $124.5 million is primarily due to an increase in employee benefits expenses of $100.5 million. This was primarily due to a growth in staff levels, reflective of increased activities and salary rate increases under the new CSIRO Enterprise Agreement.

4.11.48 The increase in total assets of $284.1 million is primarily due to:

• the fair value gain of land and buildings of $187.9 million as a result of a revaluation. For land, this was primarily driven by market increases in purchase price for observable similar parcels of land in New South Wales and Victoria. The fair value increase in buildings is driven by the escalation of non-residential construction costs in 2023–24; and
• additions of buildings, including a new National Collections building in Canberra, and plant and equipment of $201.4 million, offset by depreciation and amortisation of $169.7 million; and
• an increase of $92.2 million in other investments driven primarily by fair value movements in unlisted equity investments.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.11.49 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. The key factor contributing to this rating is the level of estimation and judgement required for the valuation of unlisted equity instruments, investment property and property, plant and equipment. Key factors contributing to this rating are:

• the nature, complexity and diverse range of CSIRO’s operations; and
• complex and judgemental estimation processes supporting the measurement and recognition of unlisted equity investments and valuation of property, plant and equipment and investment properties.

Key areas of financial risk

4.11.50 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of CSIRO’s financial statements.

4.11.51 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.11.12.

Table 4.11.12: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and CSIRO’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.11.52 Table 4.11.13 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.11.13: Status of audit findings

Source: ANAO 2023–24 audit results.

4.11.53 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that CSIRO’s 2023–24 financial statements were not materially misstated.

Resolved moderate audit finding

Privileged user access management

4.11.54 Privileged user accounts can be used to circumvent security controls to make direct changes, either to system settings or systems data, or to access files and accounts used by others.

4.11.55 During the 2022–23 interim audit, the ANAO identified weaknesses in CSIRO’s controls relating to the granting and monitoring of privileged user access to the Financial Management Information System (FMIS) in respect of DEBUG roles. Privileged user accounts can be used to circumvent security controls to make direct changes, either to system settings or systems data, or to access files and accounts used by others

4.11.56 On 1 July 2023, CSIRO removed permanent access to the DEBUG user role. CSIRO also established a process to approve temporary access to the DEBUG role on an as-needed basis. Activities performed by users in the DEBUG role are logged and monitored. The ANAO tested the implementation, design and operating effectiveness of this control as part of the 2023–24 audit. As a result of the actions taken by CISRO in response to this finding the ANAO considers that it has been resolved.

Conclusion

4.11.57 The ANAO issued an unmodified auditor’s report on the financial statements on 2 September 2024.

Geoscience Australia

4.11.58 Geoscience Australia delivers information and advice on Australia’s geology and geography to support faster and smarter decision-making. Geoscience Australia develops applications and solutions in response to Australia’s challenges by bringing together observations, data and knowledge from across geoscience disciplines.

4.11.59 Geoscience Australia is currently delivering the Southern Positioning Augmentation network (SouthPAN). SouthPAN is a Satellite-Based Augmentation System that will deliver international open standard signals for positioning. SouthPAN will support end-user services provided as signals, each with an internet service. Any person who has access to a device that is enabled for this technology (such as a mobile phone) will be able to receive the signals. On 16 September 2022, the Australian Government announced a $1.18 billion contract over 19 years with Lockheed Martin Australia Pty Ltd (Lockheed Martin Australia) to deliver SouthPAN.

Summary of financial performance

4.11.60 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by Geoscience Australia (as outlined in Table 4.11.14 and Table 4.11.15) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.11.14: Key departmental financial statements items

Source: Geoscience Australia’s audited financial statements for the year ended 30 June 2024.

4.11.61 The decrease in the net cost of services of $11.0 million is mainly due to a reduction in supplier expenses of $11.3 million due to lower fieldwork and data acquisition activities for the Exploring for the Future program.

4.11.62 The decrease in revenue from government of $33.1 million is due to the phasing of new program expenditure and a decrease in funding of $12.7 million relating to the impact of foreign exchange supplementation. Exchange rates we more favourable to Geoscience Australia in 2023–24, as a result, supplementation was not provided.

4.11.63 The increase in total assets of $115.1 million is due primarily to:

• additions for the purchase or internally developed assets amounting of $73.4 million (of which $61.4 million represented the carrying value of the service concession assets relating to SouthPAN); and
• higher appropriation receivables of $91.6 million due to the appropriation of funds to Geoscience Australia in relation to milestones for the development of SouthPAN which are now expected to be met in future years.

Table 4.11.15: Key administered financial statements items

Source: Geoscience Australia’s audited financial statements for the year ended 30 June 2024.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.11.64 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are the nature, size and materiality of the contract for SouthPAN, which is classified as a service concession arrangement. Accounting for these arrangements increases the complexity of the financial statements preparation process.

Key areas of financial risk

4.11.65 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Geoscience Australia’s financial statements.

4.11.66 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.11.16.

Table 4.11.16: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Geoscience Australia’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.11.67 Table 4.11.17 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.11.17: Status of audit findings

Source: ANAO 2023–24 audit results.

4.11.68 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that Geoscience Australia’s 2023–24 financial statements were not materially misstated.

New moderate audit finding

Accounting for SouthPAN depreciable assets

4.11.69 During the 2023–24 audit, the ANAO identified that Geoscience Australia:

• did not have a robust life cycle accounting framework for the recognition and measurement of non-financial assets arising from the SouthPAN service concession arrangement. As a result, there were weaknesses identified in the processes established by Geoscience Australia to componentise major portions of assets and determine their useful lives (with reference to the underlying contractual terms). Additionally, the ANAO identified that Geoscience Australia had not undertaken analysis that would support accounting for the fair value of these assets, as otherwise required by the relevant accounting standards; and
• did not have robust contract review process in place for all contracts associated with the SouthPAN program. The ANAO identified a material contract which was not accounted for with the requirements of the relevant accounting standards.

4.11.70 The weaknesses identified above increase the risk that the non-financial assets associated with SouthPAN are not accurately recognised and measured in the financial statements.

4.11.71 The ANAO recommended that Geoscience Australia:

• develop a policy and process for the financial accounting implications of life cycle management of non-financial assets relating to SouthPAN. This policy should include considerations relating identifying and determining asset components, useful lives and fair valuation techniques; and
• enhance existing processes to review of contracts associated with SouthPAN to ensure that the financial reporting implications are determined at the inception of the contract.

Conclusion

4.11.72 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements. Geoscience Australia has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by Geoscience Australia as part of the 2024–25 audit.

4.11.73 The ANAO issued an unmodified auditor’s report on the financial statements on 3 September 2024.

4.12 Infrastructure, Transport, Regional Development, Communications and the Arts portfolio

Portfolio overview

4.12.1 The Infrastructure, Transport, Regional Development, Communications and the Arts portfolio covers a number of policy areas, including safety across the civil aviation, maritime and transport sectors; air navigation services; developing and administering the national capital; road, rail and freight transport systems; communication services; digital technologies; and public access to the arts and culture.

4.12.2 Table 4.12.1 identifies material and other entities specifically mentioned in this chapter.

Table 4.12.1: Infrastructure, Transport, Regional Development, Communications and the Arts portfolio material and other entities discussed in this chapter

✔: auditor's report not modified

✏: financial statements not signed as at 9 December 2024

◆: new significant or moderate findings and/or significant legislative matters noted

▲: significant or moderate findings and/or significant legislative matters reported previously but not yet resolved

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.12.3 Figure 4.12.1 shows the Infrastructure, Transport, Regional Development, Communications and the Arts portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.12.1:  Infrastructure, Transport, Regional Development, Communications and the Arts portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.12.4 Table 4.12.2 presents a summary of the total number of unresolved findings by entities in the Infrastructure, Transport, Regional Development, Communications and the Arts portfolio at the conclusion of the 2023–24 final audits.

Table 4.12.2: Unresolved audit findings by entity in the Infrastructure, Transport, Regional Development, Communications and Arts portfolio

Source: ANAO 2023–24 audit results.

4.12.5 Table 4.12.3 presents a summary of the total number of legislative breaches by entities in the Infrastructure, Transport, Regional Development, Communications and the Arts portfolio at the conclusion of 2023–24 final audits.

Table 4.12.3: Legislative breaches identified by entity in the Infrastructure, Transport, Regional Development, Communications and the Arts portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.12.6 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.12.4 provides a summary of those audit differences that relate to entities within the Infrastructure, Transport, Regional Development, Communications and the Arts portfolio.

Table 4.12.4: The number of audit differences for entities in the Infrastructure, Transport, Regional Development, Communications and the Arts portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.
The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Infrastructure, Transport, Regional Development, Communications and the Arts portfolio.

4.12.7 The following section provides a summary of the 2023–24 financial statements audit results for the Department of Infrastructure, Transport, Regional Development, Communications and the Arts, and material entities within the portfolio, and findings for other non-material entities in the portfolio.

Department of Infrastructure, Transport, Regional Development, Communications and the Arts

4.12.8 Infrastructure is responsible for improving infrastructure across Australia through funding coordination of transport and other infrastructure; providing an efficient, sustainable, competitive and safe transport system for all transport users; strengthening the sustainability, capacity and diversity of regional economies; providing advice on population policy; implementing the national policy on cities; and promoting an innovative and competitive communications sector. Infrastructure also promotes participation in and access to Australia’s arts and culture through developing and supporting cultural expression and supports governance arrangements in the Australian territories.

Summary of financial performance

4.12.9 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by Infrastructure (as outlined in Table 4.12.5 and Table 4.12.6) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.5: Key departmental financial statements items

Source: Infrastructure’s audited financial statements for the year ended 30 June 2024.

4.12.10 The $55.1 million increase in net cost of service is mainly due to higher:

• employee benefits expenses of $34.9 million as a result of additional staffing and the impact of salary rate increases from a new enterprise agreement; and
• supplier expenses of $14.0 million mainly related to higher Information Technology and Communication expenses.

4.12.11 The increase in revenue from government of $32.9 million reflects additional funding provided by the Australian Government largely for the National Approach to Sustainable Urban Development and Support to Territories measures.

4.12.12 The decrease in total assets of $30.7 million is largely due to planned depreciation on non-financial assets, including buildings, plant and equipment and intangibles.

Table 4.12.6: Key administered financial statements items

Source: Infrastructure’s audited financial statements for the year ended 30 June 2024.

4.12.13 The decrease in total expenses of $758.8 million is mainly due to a reduction in grant expenses. Grant expenses were lower mainly as a result of payments to the state and territory governments for Financial Assistance Grants to local government due to the timing of ‘brought forward’ payments. In 2022–23, 100 per cent of the 2023–24 grant was brought forward from 2023–24 into 2022–23. In 2023–24, 85 per cent of the 2024–25 grant was brought forward.

4.12.14 The decrease in the total assets of $2.6 billion was primarily due to:

• lower trade and other receivables of $5.0 billion as a result of the full repayment of the remaining principal on the loan to NBN Co Limited. NBN Co Limited repaid the amount in full during the period, as it sought debt from private markets; and
• higher administered investments of $2.4 billion. The increase in administered investments primarily related to a favourable valuation gain on Australia Post as a result of an increase in the fair value of the net assets of both entities.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.15 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are the: complexity in accounting for some key balances; estimates and judgements that impact the financial statements; the administration of significant outlays on behalf of the Australian Government through grants and subsidies; and the significance of the Administered Balance Sheet to the Australian Government financial statements.

Key areas of financial risk

4.12.16 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Infrastructure’s financial statements.

4.12.17 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.7, including areas which were considered KAM by the ANAO.

Table 4.12.7: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Infrastructure’s audited financial statements for the year ended 30 June 2024.

Risks and findings identified in ANAO performance audits

4.12.18 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. The following performance audit reports were tabled during 2023–24 relevant to the financial management or administration of Infrastructure:

• Auditor-General Report No. 31 of 2023–24 Design of the Growing Regions Program; and
• Auditor-General Report No. 28 of 2023–24 Award of funding under the Mobile Black Spot program.

4.12.19 The observations of these reports were considered in designing audit procedures related to the occurrence of grant expenses, which is a key area of audit focus identified in Table 4.12.7.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.20 Table 4.12.8 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.12.8: Status of audit findings

Note a: The moderate audit finding relating to Departmental internally developed software was identified during the 2022–23 audit. This audit finding was reduced to a minor audit finding during the 2023–24 interim audit as reported in Auditor-General Report No. 42 of 2023–24 Interim Report on Key Financial Controls of Major Entities.

Source: ANAO 2023–24 audit results.

4.12.21 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that Infrastructure’s 2023–24 financial statements were not materially misstated.

New moderate audit finding

Weaknesses in asset management

4.12.22 Infrastructure administers a high volume of non-financial assets, including plant and equipment in the Indian Ocean Territories. During the 2023–24 audit, the ANAO identified weaknesses in Infrastructure’s management of non-financial assets, including:

• absence of adequate controls surrounding the non-financial asset stocktake where a number of exceptions were detected relating to the documentation and conduct of the stocktake;
• inability to identify some assets via physical inspection due to level of information recorded in the asset register;
• identification of a number of projects which were reflected as assets under construction, however on review, the ANAO noted that they had been completed or were in use and should have transferred to the asset register and commenced depreciation;
• impairment analysis had not been undertaken exhaustively for all assets. The ANAO identified assets which had indicators of impairment, however they were not assessed as impaired; and
• a number of assets identified in Infrastructure’s asset register at nil value. This increases the risk that assets may not be valued appropriately, if they are still in use. Additionally, the ANAO also noted that this practice was not in compliance with Infrastructure’s asset accounting policy, which requires that depreciation and useful lives be reviewed at each balance date to ensure that useful life reflects current expectations of service potential.

4.12.23 The weaknesses identified by the ANAO indicate that there is an increased risk that non-financial asset balances in the financial statements are not complete or accurate.

4.12.24 The ANAO recommended Infrastructure review and update their existing Asset Accounting Policy to address the issues noted in paragraph 4.12.22.

Resolved moderate audit finding

Removal of user access

4.12.25 The Protective Security Policy Framework (PSPF) requires non-corporate Commonwealth entities to control access to systems, networks, and applications. The requirement includes removing system access from employees and contractors without an operational need for access to IT resources.

4.12.26 During the 2021–22 audit, the ANAO identified that Infrastructure did not have sufficient controls in place to identify and investigate in a timely manner access by users post cessation of their employment or contract.

4.12.27 Infrastructure has reviewed the adequacy of the current processes for removal of user access and controls have been strengthened to ensure that the access is removed in a timely manner. Infrastructure has also implemented a detective control to identify and investigate any instances of users who have accessed systems after their cessation date.

4.12.28 The ANAO has reviewed and tested the design and operating effectiveness of the processes Infrastructure has implemented. As a result, the ANAO considers that this finding has been resolved.

Conclusion

4.12.29 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements. Infrastructure has advised the ANAO of the action it will take to remediate the moderate audit finding identified. The ANAO will review the action taken by Infrastructure part of the 2024–25 audit.

4.12.30 The ANAO issued an unmodified auditor’s report on the financial statements on 16 September 2024.

Airservices Australia

4.12.31 Airservices is responsible for the provision of air navigation services across Australian and oceanic airspace, and the provision of aviation rescue firefighting services at major Australian airports. Supported by a national network of communications, surveillance and navigation facilities and infrastructure, Airservices is funded through domestic charges levied on its customers and borrowings from debt markets.

Summary of financial performance

4.12.32 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by Airservices (as outlined in Table 4.12.9) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.9: Key financial statements items

Source: Airservices’ audited financial statements for the year ended 30 June 2024.

4.12.33 The increase in total income of $134.9 million was primarily related to higher airways revenue. Airways revenue grew by $144.3 million during 2023–24 as a result of domestic and international travel demand returning to pre-COVID-19 levels. Airways revenue contributed 96 per cent of Airservices’ total income for 2023–24.

4.12.34 The increase in total assets of $82.1 million was predominately related to:

• a $247.2 million increase in infrastructure, plant and equipment for capitalised costs primarily associated with the OneSky project;
• a $54.4 million increase in deferred tax assets, reflecting the operating loss for 2023–24; and
• offset by a $193.4 million decrease in cash and cash equivalents.

4.12.35 The increase in total liabilities of $207.3 million is mainly attributable to higher borrowings of $223.4 million.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.36 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the complex and developing regulatory environment for the aviation industry;
• dependence on numerous, sophisticated and interfaced business systems for financial reporting, including for airways revenue;
• considerable judgement required to account for material financial statements balances including determining the classification of complex project expenditure as expenses or capital; and the valuation of non-financial assets, defined benefit obligations, employee provisions and decontamination provision; and
• extensive planned investment activity in updating infrastructure and systems, with significant expenditure outlaid.

Key areas of financial risk

4.12.37 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Airservices’ financial statements.

4.12.38 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.10.

Table 4.12.10: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Airservices’ audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.39 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits. One new minor audit finding was identified and four minor audit findings were resolved.

Conclusion

4.12.40 The ANAO issued an unmodified auditor’s report on Airservices’ financial statements on 4 October 2024.

Australian Broadcasting Corporation

4.12.41 The ABC is primarily responsible for providing innovative and comprehensive broadcasting and digital media services of a high standard that contribute to a sense of national identity, inform and entertain audiences, and foster the performing arts.

Summary of financial performance

4.12.42 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by the ABC (as outlined in Table 4.12.11) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.11: Key financial statements items

Source: ABC’s audited financial statements for the year ended 30 June 2024.

4.12.43 The decrease in other comprehensive income of $61.1 million is due to a revaluation of the ABC’s non-financial assets not being undertaken during 2023–24. In accordance with the ABC’s accounting policy, the ABC undertakes detailed valuations of property on a cyclical basis every three years and does not undertake such valuations in the intervening years unless there are indicators of material changes in fair values. A revaluation of non-financial assets undertaken in 2022–23 indicated increased asset fair values due to underlying market and replacement cost input changes.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.44 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are the ABC’s public profile and the complexity of the environment the entity operates within; and number of financial statements balances which are subject to professional judgement and estimation uncertainty.

Key areas of financial risk

4.12.45 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the ABC’s financial statements.

4.12.46 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.12.

Table 4.12.12: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and ABC’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.47 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.12.48 The ANAO issued an unmodified auditor’s report on ABC’s financial statements on 28 August 2024.

Australian Communications and Media Authority

4.12.49 ACMA is Australia’s regulator for telecommunications, broadcasting, some online content and radiocommunications. The ACMA’s purpose is to maximise the economic and social benefits of communications infrastructure, services and content for Australia.

Summary of financial performance

4.12.50 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by ACMA (as outlined in Table 4.12.13 and Table 4.12.14) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.13: Key departmental financial statements items

Source: The ACMA’s audited financial statements for the year ended 30 June 2024.

4.12.51 The increase in the net cost of services of $13.8 million primarily relates to ACMA’s increased expenditure for additional budget measures in 2023–24. These measures relate to powers to combat misinformation and disinformation, SMS scams, minimising online gambling harms and for the Office of the eSafety Commissioner.

4.12.52 The increase in revenue from government of $11.6 million reflects funding provided for the new measures described in paragraph 4.12.51.

4.12.53 The increase in total assets of $18.7 million is primarily due to the acquisition and development of non-financial assets, predominantly:

• leasehold improvements of $7.8 million relating to the refurbishment and fit out of ACMA’s Canberra office; and
• development of computer software of $9.6 million.

Table 4.12.14: Key administered financial statements items

Source: ACMA’s audited financial statements for the year ended 30 June 2024.

4.12.54 The increase in total income of $769.2 million is primarily due to:

• revenue recognised from the sale of 3.4/3.7 gigahertz (GHz) spectrum licences, that were recognised as resources received free of charge, of $721.8 million in 2023–24 (there was no sale in 2022–23); and
• an increase in taxation revenue of $39.2 million, including the Regional Broadband Scheme (RBS) charge, broadcasting licence charges, radio communication taxes, telecommunication numbering charges and industry contributions.

4.12.55 The decrease in total assets of $89.5 million is primarily due to lower trade and other receivables of $127.9 million as a result of the reduction in the lease receivable for the 26GHz spectrum auction, partially offset by an increase in taxation receivables of $38.3 million due to higher taxation revenue for the period.

4.12.56 The increase in total liabilities of $2.0 billion primarily relates to the recognition of unearned revenue received relating to the sale of 850/900 megahertz (MHz) spectrum by auction, representing payments received from licence holders prior to the commencement of the licence period. Revenue will be recognised as the licence comes into effect.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.57 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as low.

Key areas of financial risk

4.12.58 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of ACMA’s financial statements.

4.12.59 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.15.

Table 4.12.15: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and ACMA’s audited financial statements for the year ended 30 June 2024.

Risks and findings identified in ANAO performance audits

4.12.60 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. The following performance audit report was tabled during 2023–24 relevant to the financial management or administration of ACMA:

• Auditor-General Report No. 46 of 2023–24 Compliance with Gifts, benefits and Hospitality Requirements in the Australian Communications and Media Authority.

4.12.61 The observations of this report were considered in designing audit procedures to address areas considered to pose a lower risk of material misstatement.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.62 Table 4.3.11 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.12.16: Status of audit findings

Source: ANAO 2023–24 audit results.

4.12.63 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that the ACMA’s 2023–24 financial statements were not materially misstated.

Resolved moderate audit finding

Removal of user access

4.12.64 The Protective Security Policy Framework (PSPF) requires non-corporate Commonwealth entities to control access to systems, networks, and applications. The requirement includes removing system access from employees and contractors without an operational need for access to IT resources.

4.12.65 During 2022–23, the ANAO assessed the design and implementation of ACMA’s termination controls. The ANAO found control weaknesses at the network and application levels, including users that had access to and had accessed their network accounts following their departure date. In addition, ACMA did not have monitoring controls to detect and investigate post termination access to the network and applications. The ANAO recommended that ACMA implement controls to improve the timeliness of the initiation of the termination process, at both the network and application levels and establish monitoring controls.

4.12.66 During 2023–24, ACMA implemented enhanced controls to support timely removal of user access, including automating payroll and user access termination processes. ACMA also implemented a detective control to review any user activities which may occur post termination due to untimely removal of user access.

4.12.67 The ANAO tested the implementation, design and operating effectiveness of the enhanced controls. As a result of these actions taken by ACMA, the ANAO considers that this finding has been resolved.

Conclusion

4.12.68 The ANAO issued an unmodified auditor’s report on ACMA’s financial statements on 23 September 2024.

Australian Postal Corporation

4.12.69 Australia Post is a government business enterprise responsible for supplying postal services to Australia, including the distribution of letters and parcels in Australia and internationally.

Summary of financial performance

4.12.70 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by Australia Post (as outlined in Table 4.12.17) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.17: Key financial statements items

Source: Australia Post’s audited financial statements for the year ended 30 June 2024.

4.12.71 The increase in total revenue of $163.9 million was mainly due to an increase in domestic parcel volumes as a result of continued growth in online shopping and e-commerce.

4.12.72 Australia Post reported a total comprehensive loss of $174.4 million. This was primarily due to:

• an increase of $73.2 million in employee expenses as a result of pay rate rises for award employees and general salary increases for contract employees; and
• an increase of $74.0 million in depreciation and amortisation expenses, due to the capitalisation and subsequent commencement of amortisation of the new Point of Sale system ‘Post+’.

4.12.73 The decrease in other comprehensive income of $25.2 million is the result of remeasurements of the defined benefit superannuation plan liabilities.

4.12.74 The decrease in total assets of $231.7 million is largely attributable to a reduction in superannuation assets. This was as a result of reduction in the fair value of plan assets.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.75 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk has been assessed as moderate. Key factors contributing to the moderate rating are the complexity of Australia Post’s operations, ongoing reform agenda and the number of different revenue streams.

Key areas of financial risk

4.12.76 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Australia Post’s financial statements.

4.12.77 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.18, including areas which were considered KAM by the ANAO.

Table 4.12.18: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Australia Post’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.78 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits. Three new minor audit findings were identified.

Conclusion

4.12.79 The ANAO issued an unmodified auditor’s report on Australia Post’s financial statements on 30 August 2024.

Australian Rail Track Corporation Ltd

4.12.80 ARTC is responsible for the development, maintenance, management and delivery of some of Australia’s major rail networks, including the national interstate rail network, the Hunter Valley coal rail network, and the construction of the Inland Rail network. In May 2017, the Australian Government announced it would invest substantial equity funding into ARTC for the company to deliver the Inland Rail. A commitment of further equity funding to deliver the project was announced by the Australian Government in October 2020. Inland Rail is a 1,700-kilometre rail line that will link Brisbane and Melbourne through regional Australia. On 1 July 2023, ARTC renamed its wholly owned subsidiary to Inland Rail Pty Ltd (IRPL). The purpose was to facilitate clear segregation between the construction of Inland Rail and ARTC operations. Operational separation was achieved on 1 May 2024 with operations for Inland Rail transferring to IRPL following ministerial approval.

Summary of financial performance

4.12.81 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by ARTC (as outlined in Table 4.12.19) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.19: Key financial statements items

Source: ARTC’s audited financial statements for the year ended 30 June 2024.

4.12.82 The total comprehensive loss of $836.9 million in 2023–24 is primarily attributable to the impairment expenses incurred during the period of $930.4 million. Impairment expenses are attributable to both operations and construction. ARTC makes judgements on future net cashflows generated from both operations and construction, in line with Australian Accounting Standards. For construction projects, ARTC has made a judgement that the income likely to be generated from the Inland Rail line on commencement of operations will not offset the significant cost of development of the line and, as a result, records impairment on the costs of assets constructed under the project each year.

4.12.83 The decrease in the total comprehensive loss of $1,056.9 million in 2023–24 is primarily attributable to the:

• reduction of total expenses ($871.5 million). This movement is largely attributable to a lower Inland Rail impairment caused by a decreased spend and amendments to construction profile for the year ($412.6 million). In addition, impairment expense decreased due to lower impairment required for the Interstate rail network as a significant impairment was recognised in the prior period ($337.0 million); and
• increase of total revenue and other income ($163.8 million). This movement is attributable to: an increase in government grant funding recognised of $100.2 million largely associated with Advanced Train Management System project; and an increase of access revenue by $64.3 million, largely due to pricing and volume increases across the network.

4.12.84 The increase in total liabilities of $150.0 million is mainly attributable to due to the bond issuance during 2023–24 of $450.0 million, which was partly offset by repayments of the syndicated debt facility $213.1 million. This bond issuance was undertaken in response to continued funding requirements to invest in the national network and the impending maturity of the previously issued bonds.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.85 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as high. Key factors contributing to this rating are:

• number of key areas of financial statements risk that will be in focus of the audit, that are subject to considerable judgement and significance of the use of estimate processes to determine key financial balances; and
• ongoing scrutiny by Parliament and the public particularly around the governance changes associated with the delivery of the Inland Rail project.

Key areas of financial risk

4.12.86 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of ARTC’s financial statements.

4.12.87 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.20.

Table 4.12.20: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and ARTC’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.88 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits. One new minor audit finding was identified.

Conclusion

4.12.89 The ANAO issued an unmodified auditor’s report on ARTC’s financial statements on 21 August 2024.

National Archives of Australia

4.12.90 National Archives sets information and data management policy and standards for Australian Government entities to meet in creating, retaining, maintaining, securing, preserving, appropriately disposing of, and providing appropriate access to trusted government information and data. National Archives collects records of government decisions and actions.

Summary of financial performance

4.12.91 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by National Archives (as outlined in Table 4.12.21) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.21: Key financial statements items

Source: National Archives’ audited financial statements for the year ended 30 June 2024.

4.12.92 The increase in the net cost of services of $33.9 million is primarily due to:

• higher depreciation and amortisation. The increase of $7.2 million relates to the National Archive’s comprehensive review of asset and work-in-progress balances, as well as increases in value of the collection during the period;
• higher write-down and impairment of assets of $11.6 million relating to digitised heritage and cultural assets adjustments in line with the valuation results; and
• lower gains on intake of records from other agencies. The $10.6 million decrease relates to the nature and type of records transferred.

4.12.93 The increase of $66.1 million in total comprehensive income relates to a favourable increment on the value of non-financial assets, including the archival collection. In accordance with National Archives’ accounting policy, the archival collection was revalued during the period with the increment reflecting changes in observable market rates for archival materials.

4.12.94 The increase of $52.9 million in total assets, was largely due to the increase in fair value of non-financial assets as a result of the revaluation of the archival collection during 2023–24 (refer to paragraph 4.12.93).

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.95 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. The key factor contributing to this rating were the deficiencies in National Archives’ internal controls, particularly in respect to weaknesses identified in previous period relating to IT General Controls and the process supporting the preparation of the financial statements (refer to paragraphs 4.12.98 to 4.12.107).

Key areas of financial risk

4.12.96 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of National Archives’ financial statements.

4.12.97 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.22.

Table 4.12.22: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and National Archives’ audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.98 Table 4.12.23 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.12.23: Status of audit findings

Note a: The significant audit finding relating to Ineffective IT general controls was identified during the 2022–23 audit. This audit finding was reduced to a minor audit finding during the 2023–24 final audit.

Note b: The moderate audit finding relating to Financial statements preparation process was identified during the 2022–23 audit. This audit finding was reduced to a minor audit finding during the 2023–24 final audit.

Source: ANAO 2023–24 audit results.

4.12.99 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that National Archives’ 2023–24 financial statements were not materially misstated.

Reduced significant audit finding

Ineffective IT general controls

4.12.100 During the 2022–23 audit, the ANAO assessed the IT general controls that support the preparation of National Archives’ financial statements. The ANAO assessed that the design and implementation of IT general controls was ineffective. Weaknesses were noted in relation to:

• insufficient oversight and documentation of review of privilege user access and activity logs;
• no formalised or documented periodic review of user access; and
• inconsistent mapping of roles and responsibility configurations, including workflow approvers and inconsistent chart of accounts mapping configurations.

4.12.101 The ANAO recommended National Archives undertake a detailed review of IT general controls to confirm controls are designed, implemented and operating effectively to support the preparation of National Archive’s financial statements. This should include:

• developing and implementing a process to monitor and review privilege user activity;
• formalising a documented periodic user access review; and
• undertaking a review of the mapping of roles and responsibility configuration, including workflow approvers and chart of accounts mapping to confirm it is appropriate.

4.12.102 During 2023–24, National Archives commenced addressing the recommendations made by the ANAO. In addition to addressing the recommendations made by the ANAO, National Archives has sought external specialist assistance to provide assurance over the implement, design and operating effectiveness of IT general controls. At the time of the final audit, National Archives had not yet fully documented all enhanced policies and procedures. National Archives advised the ANAO that these would be finalised during 2024–25.

4.12.103 As a result of the action taken by National Archives during the period, the ANAO has reduced this audit finding to a minor audit finding. Given the recent implementation of the enhanced controls, which continue to mature, the ANAO will further consider the operating effectiveness of these controls in the 2024–25 audit.

Reduced moderate audit finding

Financial statements preparation process

4.12.104 During the 2022–23 audit, the ANAO identified weaknesses in National Archives’ financial statements preparation process. The weaknesses included:

• a deficiency in the timely preparation of workpapers to support the financial statements and associated notes, including the timely preparation and review of key reconciliations during the year;
• a lack of review and approval of year-end adjusting journals by an independent reviewer who had an appropriate understanding of the financial implications of the journal;
• an inability to provide sufficient supporting documentation to validate certain year-end transactions; and
• the identification of a number of adjusted and unadjusted audit differences.

4.12.105 The ANAO recommended National Archives’ develop a robust financial statements close process. This should include:

• detailed timelines for the completion of key tasks and the responsible officer;
• identification of risks associated with the financial statements close process and controls management required to mitigate and manage the risk; and
• a level of management oversight and review to support the preparation of timely and quality financial statements.

4.12.106 During 2023–24, National Archives enhanced their financial statements preparation plan and process to address the recommendations made by the ANAO. There was an overall improvement in the quality of the draft of the financial statements provided for audit and the quality and timeliness of information, including reconciliations, provided for audit.

4.12.107 As a result of the action taken by National Archives during the period, the ANAO has reduced this audit finding to a minor audit finding. Given the recent implementation of the enhanced processes, the ANAO will further consider the operating effectiveness of the financial statements preparation process in the 2024–25 audit.

Conclusion

4.12.108 The ANAO issued an unmodified auditor’s report on the financial statements on 28 August 2024.

National Capital Authority

4.12.109 NCA performs the role of trustee and manager of areas in Canberra and the Australian Capital Territory (ACT) that are designated as National Land for the special purpose of Canberra as Australia’s National Capital. NCA shapes the future of Canberra for all Australians through the National Capital Plan and related planning and development work. NCA also manages much of the National Estate such as Lake Burley Griffin, the National Triangle and Anzac Parade and encourages citizens and visitors to explore Canberra’s unique characteristics and special role as the National Capital.

Summary of financial performance

4.12.110 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by the NCA (as outlined in Table 4.12.24 and Table 4.12.25) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.24: Key departmental financial statements items

Source: NCA’s audited financial statements for the year ended 30 June 2024.

4.12.111 The increase in net cost of services of $2.3 million is mainly due to:

• higher employee benefits expenses resulting from an increase in NCA’s staffing levels ($1.0 million); and
• lower revenue due to one-off insurance recoveries which occurred in 2022–23 relating to claims associated with damage to Regatta Point and the ACT Hospice ($2.3 million).

Table 4.12.25: Key administered financial statements items

Source: NCA’s audited financial statements for the year ended 30 June 2024.

4.12.112 The decrease in other comprehensive income of $108.1 million is due to a lower revaluation increment in 2023–24. The fair value increase in property, plant and equipment and buildings is mainly related to the escalation of non-residential construction costs observed in the market during the period which flattened compared with 2022–23.

4.12.113 The increase in total assets of $63.2 million is primarily due to the fair value gain of land, buildings, property, plant and equipment and heritage assets of $87.8 million as a result of a revaluation (refer to paragraph 4.12.112) offset by depreciation expenses of $33.6 million.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.114 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as low.

Key areas of financial risk

4.12.115 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the NCA’s financial statements.

4.12.116 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.26.

Table 4.12.26: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the NCA’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.117 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.12.118 The ANAO issued an unmodified auditor’s report on the NCA’s financial statements on 11 September 2024.

National Gallery of Australia

4.12.119 The Gallery is responsible for developing and maintaining a national collection of works of art to exhibit or to make available for others to exhibit and making the most advantageous use of the national collection in the national interest.

Summary of financial performance

4.12.120 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by the Gallery (as outlined in Table 4.12.27) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.27: Key financial statements items

Source: The Gallery’s audited financial statements for the year ended 30 June 2024.

4.12.121 The reduction in the net cost of services of $4.9 million is mainly due to:

• higher own-source revenue of $10.2 million mainly related to increased donations; and
• offset by higher employee expenses ($4.3 million), related to increases in salaries as a result of a new enterprise agreement, and higher supplier costs mainly relating to exhibitions ($2.4 million).

4.12.122 Revenue from government increased as a result of the additional base funding of $119.0 million over four years provided by the Australian Government of which revenue of $17.8 million and capital injection of $11.0 million was recognised in 2023–24.

4.12.123 The increase in total assets of $42.9 million mainly relates to higher:

• cash and cash equivalents and investment balances of $28.8 million; and
• non-financial asset balances of $10.7 million due mainly to asset additions during the period, arising from purchases and donations of heritage and cultural assets.

4.12.124 The increase in total liabilities of $6.2 million primarily relates to new lease liabilities for leases entered into by the Gallery for art storage during 2023–24.

4.12.125 The capital injection of $11.0 million and Government appropriation for the Collection Development Acquisition Budget of $17.3 million have contributed to the increase in equity balance.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.126 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to the moderate rating are:

• the heritage and cultural assets (the collection) with complex and judgemental estimation process supporting the measurement and recognition; and
• the specialised and restricted use of the Gallery’s land and buildings which requires additional estimates and judgement to that of a traditional real property valuation.

Key areas of financial risk

4.12.127 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the Gallery’s financial statements.

4.12.128 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.28.

Table 4.12.28: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the Gallery’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.129 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.12.130 The ANAO issued an unmodified auditor’s report on the Gallery’s financial statements on 21 August 2024.

National Intermodal Corporation Limited

4.12.131 National Intermodal was originally established to oversee the development and future operation of the Moorebank Intermodal Precinct in Sydney’s south-west. Once completed, the Moorebank Intermodal Precinct will have an import and export rail terminal with a direct link to Port Botany, and an interstate and regional facility to connect to the national rail freight network. The warehousing at the precinct is being developed and operated by the LOGOS Consortium (comprised of Australian Super, NSW TCorp, LOGOS, AXA and Ivanhoe Cambridge) which has since been acquired by ESR Group. LOGOS and ESR Group operations have been integrated to now operate under the name ESR Australia & NZ (ESR). The interstate terminal will be operated by a joint venture of Qube, ESR and National Intermodal.

4.12.132 In February 2022, National Intermodal’s mandate was expanded to include the planning, delivery and operation of open access intermodal freight precincts in Melbourne and Brisbane in support of the Australian Government’s Inland Rail project with the objective of facilitating the development and operation of a modern and efficient freight network that improves productivity.

Summary of financial performance

4.12.133 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by National Intermodal (as outlined in Table 4.3.9) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.29: Key financial statements items

Source: National Intermodal’s audited financial statements for the year ended 30 June 2024.

4.12.134 Total expenses have increased by $6.9 million. This is mainly due to:

• higher expenditure on projects following the expansion of National Intermodal’s mandate; and
• the impact of accounting for the changes in the provision for land and site costs relating to the Moorebank Intermodal Precinct. National Intermodal recognise a provision in advance of construction being undertaken to reflect National Intermodal’s commitment to deliver upgrades to Moorebank Avenue. The increase in expenses reflects expectations about the inputs for costs to construct.

4.12.135 Total assets have increased by $46.0 million mainly due to:

• the increase in the fair value of National Intermodal’s equity accounted investment in the PLT of $13.8 million. National Intermodal holds a 65.63 per cent unitholding in the Trust which holds the land at the Moorebank Intermodal Precinct owned by the Commonwealth and the LOGOS Consortium via 99-year leases. The fair value of the Trust’s assets has been determined by applying a discounted cash flow valuation methodology undertaken by the Trust which increased due to changes in estimated cash flows and economic assumptions applied in the valuation;
• the acquisition of a 10 per cent share in MITCo, from Qube, at no cost, as part of a resolution of a dispute between Qube and National Intermodal. At 30 June 2024, the value of this equity accounted investment was $15.1 million; and
• an increase in the balance of assets under construction of $6.4 million related to the construction of rail lines undertaken as part of ‘Rail Access Works Stage 2’ at the Moorebank interstate rail terminal and early activities associated with the development of the Beveridge Intermodal Freight Terminal in Victoria.

4.12.136 Total liabilities have decreased by $24.2 million due mainly to a reduction in the provision for land and site costs, particularly those costs related to land remediation activities which were largely completed during 2023–24.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.137 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the expansion of National Intermodal’s mandate to design, build and operate additional intermodal terminals in Victoria and Queensland;
• the complexity of National Intermodal’s operations and finances, particularly the level of estimation and judgement required to determine key balances in the financial statements; and
• the level of public and parliamentary interest and scrutiny over the delivery of infrastructure projects.

Key areas of financial risk

4.12.138 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of National Intermodal’s financial statements.

4.12.139 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.30.

Table 4.12.30: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and National Intermodal’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.140 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.12.141 The ANAO issued an unmodified auditor’s report on the financial statements on 28 August 2024.

National Library of Australia

4.12.142 The NLA is responsible for developing and maintaining a national collection of library material, including a comprehensive collection of material relating to Australia and the Australian people, and for making this material available to the public.

Summary of financial performance

4.12.143 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by NLA (as outlined in Table 4.12.33) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.31: Key financial statements items

Source: NLA’s audited financial statements for the year ended 30 June 2024.

4.12.144 The increase in total other comprehensive income of $54.0 million is due to a revaluation increment of $37.1 million for buildings and $16.9 million for land. The fair value increase in buildings mainly related to the escalation of non-residential construction costs observed in the market during the period. The increase in land is driven primarily by market increases in purchase price for observable similar parcels of land.

4.12.145 The increase in total assets of $91.3 million is primarily due to the:

• fair value gain of buildings and land of $54.0 million as a result of a revaluation (refer to paragraph 4.12.144);
• reversal of previously recorded impairment on heritage and cultural assets of $21.7 million as a result of a revaluation performed during the period. The increase is mainly related to a higher assessed value of rare books and manuscripts offset by a decline in the fair value of the NLA’s general collection; and
• further acquisitions of non-financial assets including fit out, intangible assets and heritage and cultural collection items of $32.2 million.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.146 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as low.

Key areas of financial risk

4.12.147 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the NLA’s financial statements.

4.12.148 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.32.

Table 4.12.32: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the NLA’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.149 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.12.150 The ANAO issued an unmodified auditor’s report on the NLA’s financial statements on 21 August 2024.

NBN Co Limited

4.12.151 The primary objective of NBN Co is to provide wholesale services to internet service providers. NBN Co is a government business enterprise incorporated under the Corporations Act 2001.

Summary of financial performance

4.12.152 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by NBN Co (as outlined in Table 4.12.33) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.33: Key financial statements items

Source: NBN Co’s audited financial statements for the year ended 30 June 2024.

4.12.153 Total income increased by $243.0 million primarily due to:

• higher telecommunications revenue due largely to a shift by customers to higher speed tiers; and
• higher non-telecommunications revenue driven by revenue recognised on co-investment projects reaching completion.

4.12.154 The increase in total expenses of $205.0 million was primarily due to:

• higher depreciation and amortisation costs as a result of changes in useful lives associated with a portion of NBN Co’s non-financial assets ($127.0 million); and
• an increase in net finance costs due to higher debt levels and higher interest rates ($133.0 million).

4.12.155 The increase in total assets of $834.0 million was primarily due to:

• an increase in property, plant and equipment of $1.5 billion as a result of additional capital expenditure and investment in the nbn network; and
• offset by a decrease in derivative financial assets of $519.0 million, due mainly to interest payments received over the period and early termination of interest rate hedges due to changes in NBN Co’s hedging policy.

4.12.156 Total liabilities increased by $1.5 billion mainly due to an increase in borrowings through new debt issuances during the year and upward remeasurement of lease liabilities, as a result of variable lease payments associated with licenses to Telstra’s network infrastructure, offset by full repayment of the government loan during the year.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.157 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as high. Key factors contributing to this rating are:

• the ongoing investment in the build and transition to Fibre to the Premises (FTTP);
• the regulated nature of the industry in which NBN Co operates;
• NBN Co’s financial position. The entity is highly leveraged with exposure to external debt markets; and
• risks to NBN Co arising from technological changes.

Key areas of financial risk

4.12.158 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of NBN Co’s financial statements.

4.12.159 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.34, including areas which were considered KAM by the ANAO.

Table 4.12.34: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and NBN Co’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.160 Table 4.12.35 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.12.35: Status of audit findings

Note a: The minor audit finding related to timely removal of user access was increased to a moderate audit finding during the 2023–24 final audit. Refer to paragraphs 4.12.162 to 4.12.164.

Source: ANAO 2023–24 audit results.

4.12.161 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that NBN Co’s 2023–24 financial statements were not materially misstated.

New moderate audit finding

Timely removal of user access

4.12.162 During the 2022–23 audit, the ANAO identified weaknesses in controls relating to terminated users being removed from NBN Co’s IT networks in a timely manner and reported a minor audit finding. User accounts should be removed upon termination date as they no longer have a legitimate requirement to access NBN Co’s IT networks. While NBN Co had commenced implementation of additional controls in response to this finding, during the 2023–24 audit the ANAO identified users who had accessed the IT network after their termination date. As a result, the ANAO increased the audit finding to moderate. Inadequate security measures for timely removal of access from former personnel increase the risk of unauthorised access to sensitive information.

4.12.163 The ANAO recommended that NBN Co reinforce the importance of line managers reporting terminations in a timely manner and strengthen existing controls to detect and prevent access post termination.

4.12.164 NBN Co agreed with this finding and has commenced addressing the recommendations made by the ANAO through the implementation of additional detective controls.

Conclusion

4.12.165 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements. NBN Co Limited has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by NBN Co as part of the 2024–25 audit.

4.12.166 The ANAO issued an unmodified auditor’s report on the financial statements on 6 August 2024.

WSA Co Limited

4.12.167 WSA was established to construct and operate Western Sydney International (Nancy-Bird Walton) Airport at Badgerys Creek, in south-western Sydney, to the functional specifications determined by the Australian Government. WSA is a government business enterprise wholly owned by the Australian Government, represented by the Minister for Finance and the Minister for Infrastructure, Transport, Regional Development and Local Government as shareholder ministers.

Summary of financial performance

4.12.168 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by WSA (as outlined in Table 4.12.36) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.12.36: Key financial statements items

Source: WSA’s audited financial statements for the year ended 30 June 2024.

4.12.169 Total expenses increased by $79.0 million due mainly to changes in project development expenditure and site preparation costs, reflecting the stage of airport construction. During 2023–24, WSA recognised $133.9 million in project development expenditure on construction of the airport infrastructure and supporting facilities, which was not capitalised, in accordance with the capitalisation policy. There was no project development expenditure in 2022–23. This increase was partly offset by a reduction in site preparation costs to nil, compared to $86.7 million in 2022–23.

4.12.170 The total comprehensive loss reflects the nature of funding available to WSA. WSA has entered into an equity subscription agreement with the Australian Government to fund the development and construction of the airport to meet the Australian Government’s functional specifications. During 2023–24, WSA received $1.2 billion of this funding from the Australian Government. These funds are recorded as share capital and were not recognised in the statement of comprehensive income. The current year increase in total comprehensive loss is largely driven by the factors described in paragraph 4.12.169.

4.12.171 The increase of $1.1 billion in total assets mainly relates to the capitalisation of assets under construction in accordance with WSA’s capitalisation policy. During 2023–24, construction surpassed 80 per cent completion and the major drivers were:

• $957.7 million in asset purchases and work in progress as the major components of the airport construction projects (terminal, airside, landside) continue to progress;
• $84.0 million in capitalised costs for WSA’s commercial projects (Business Precinct Stage One and cargo facilities); and
• $159.0m in costs capitalised for construction of border agency facilities.

4.12.172 The increase of $108.8 million in total liabilities is primarily the result of WSA entering into a syndicated bank debt facility in order to fund the commercial projects for the development of the cargo facility and Business Precinct Stage One.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.12.173 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• significance and scale of the Australian Government’s financial commitment to construct the airport; and
• detailed requirements of the Project Deeds and Equity Subscription Agreement which govern the project delivery process and infrastructure requirements, along with debt financing from 2023–24.

Key areas of financial risk

4.12.174 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of WSA’s financial statements.

4.12.175 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.12.37.

Table 4.12.37: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and WSA’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.12.176 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.12.177 The ANAO issued an unmodified auditor’s report on WSA’s financial statements on 17 September 2024.

Comments on non-material entities

Australian National Maritime Museum

4.12.178 The Australian National Maritime Museum (the Museum) was established under the Australian National Maritime Museum Act 1990 (the Act). The Act outlines the primary functions of the Museum: to exhibit, or to make available for exhibition by others, material included in the national maritime collection or other maritime historical material; to develop, preserve and maintain the national maritime collection; to disseminate information relating to Australian maritime history; and to conduct, arrange for and assist research into matters relating to Australian maritime history.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.12.179 Table 4.12.38 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.12.38: Status of audit findings

Note a: The minor audit finding relating to Governance over financial statements preparation process was identified during the 2021–22 audit. This audit finding was increased to a moderate audit finding during the 2023–24 final audit. Refer to paragraphs 4.12.181 to 4.12.183.

Source: ANAO 2023–24 audit results.

4.12.180 For the finding detailed below, the ANAO undertook additional audit procedures to gain assurance that the Museum’s 2023–24 financial statements were not materially misstated.

New moderate audit finding

Governance over financial statements preparation process

4.12.181 Effective financial statements preparation processes include: implementing quality assurance controls; preparing workpapers that support the financial statements; and preparing accounting position papers to support interpretation of accounting standards. During 2023–24, the Museum’s financial statements were subject to a number of amendments after being submitted for audit, with various errors identified as a result of testing performed by the ANAO. This was indicative of deficiencies in the Museum’s financial statements preparation process.

4.12.182 The ANAO’s assessment is that the framework and governance that underpins the Museum’s financial statements preparation and reporting processes require strengthening to ensure adherence to statutory Public Governance, Performance and Accountability (Financial Reporting) Rule 2015 requirements. The Museum should embark on setting up a robust financial close process that supports monthly financial reporting as well as including additional requirements relating to the year-end financial reporting. Weaknesses in the financial statements preparation process increase the risk that the financial statements prepared by the Museum could be materially misstated.

4.12.183 The ANAO recommended that the Museum:

• develops a financial statements preparation plan to support the preparation of the 2024–25 financial statements, including detailing key preparedness measures, information requirements, key stakeholders, milestones and quality assurance controls; and
• implements new and enhance existing controls and processes to address the underlying factors which contributed to the errors identified by the ANAO in the financial statements in 2023–24, including classification of expenditure and valuation and management of non-financial assets.

Bundanon Trust Limited

4.12.184 Bundanon Trust Limited (the Trust) supports arts practice and engagements with the arts through its residency, education, exhibition, and performance programs. The Trust was incorporated on 22 March 1993 as a public company limited by guarantee to manage artworks, landscape and heritage infrastructure gifted by Arthur and Yvonne Boyd to the Australian Government. The Trust’s mission is to operate the Bundanon properties as a centre for creative arts and education, to support the development of arts practice across all disciplines and to enable public access to the arts and to the landscape.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.12.185 Table 4.12.39 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.12.39: Status of audit findings

Note a: The moderate audit finding relating to Financial statements preparation process was identified during the 2022–23 audit. This audit finding was reduced to a minor audit finding during the 2023–24 audit. Refer to paragraphs 4.12.192 to 4.12.194.

Source: ANAO 2023–24 audit results.

4.12.186 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that Trust’s 2023–24 financial statements were not materially misstated.

Unresolved moderate audit finding

Governance risk

4.12.187 The ANAO’s audit of the Trust’s 2022–23 financial statements examined entity level controls, including corporate governance arrangements. The ANAO identified a number of weaknesses in the design and operating effectiveness of certain internal controls, including:

• the Trust does not have an internal audit function. The ANAO was unable to identify alternative processes providing independent assurance to the Board on the operating effectiveness of the Trust’s system of internal control. The absence of an internal audit function increases the risk of undetected operational inefficiencies and weaknesses in the system of internal control;
• the Audit Committee required under the Public Governance, Performance and Accountability Act 2013 (PGPA Act). The Audit and Risk Committee (the Committee) did not fulfil all key functions required by the Public Governance, Performance and Accountability Rule 2014 (the PGPA Rule) and did not meet all of its obligations as outlined in its Charter. In addition, the ANAO observed that the accountable authority remained a member of the Audit Committee following his appointment as the acting Chair of the Board in April 2022. This is inconsistent with the PGPA Rule; and
• deficiencies in the development and monitoring of the Trust’s enterprise risk register.

4.12.188 During 2023–24, the ANAO observed that the Trust renamed the Finance Committee as ‘the Committee’. Committee members are independent of management and the Committee’s functions are compliant with PGPA Act requirements. At the conclusion of the 2023–24 audit, the Trust had yet to implement the recommendations relating to internal audit or the enterprise risk register.

4.12.189 During the 2023–24 audit, the ANAO identified that the Trust’s authority to conduct fundraising activities under the Charitable Fundraising Act 1991 (NSW) had expired. The Trust immediately contacted Services NSW to apply for a renewal. Generally, renewals can only be backdated three months; however, Services NSW agreed to process the renewal with continuous coverage from the expiration date of 2 December 2023. The failure to identify that the authority to fundraise had lapsed is a significant oversight, as fundraising appeals are central to the Trust’s business and donations are a material component of its financial statements.

4.12.190 The renewed authority provides comfort that a legislative breach has not occurred. However, the fact the lapse occurred is indicative of ongoing governance issues previously raised by the ANAO. As part of its governance arrangements, the Trust needs to have processes capable of ensuring compliance with laws and regulations. Internal processes need to demonstrate how management monitors and ensures compliance. There is a requirement under the PGPA Act for legislative compliance to be overseen by the Committee.

4.12.191 The Trust advised the ANAO that the Committee is continuing to expand its review and oversight functions, including the implementation of a three-year forward program, to ensure the Committee is regularly reviewing and assessing key risk and internal controls as required by obligations under the PGPA Rule and as outlined in the Committee’s Charter.

Reduced moderate audit finding

Financial statements preparation process

4.12.192 During the 2022–23 audit, the ANAO identified a number of deficiencies in the Trust’s financial statements preparation process, including:

• the Trust did not prepare a financial statements preparation plan (including a financial statements timetable);
• the Trust did not provide financial statements to the ANAO that facilitated the completion of the audit to provide material clearance in accordance with the Department of Finance’s timeframes;
• the ANAO identified a material adjustment required to the financial statements that had not been identified by management at the time of financial statements preparation, indicating that quality assurance processes supporting financial reporting were not operating effectively. There was a reliance placed on the ANAO (by the Trust) to identify issues with the financial statements as management did not have sufficiently robust processes in place to detect errors;
• the Trust was slow to respond to audit requests made by the ANAO and did not prepare documentation required to support the year-end financial statements; and
• as a result of the delay to preparing the financial statements the Trust’s Annual Report was not approved until 20 December 2023. Consequently, the Trust did not table its Annual Report in the Parliament in accordance with the requirements of the PGPA Act nor with the Australian Securities and Investment Commission before 31 October 2023, as required by section 315 of the Corporations Act 2001.

4.12.193 These deficiencies affect the quality and consistency of Commonwealth reporting, as well as the accountability and transparency that is expected from Commonwealth companies under the financial reporting framework. The ANAO recommended that the Trust develops and implements a financial statements preparation plan to support the timely preparation of the financial statements in compliance with regulatory requirements and improve communication and responsiveness to the ANAO’s audit requests to facilitate a more efficient audit process.

4.12.194 During 2023–24, the ANAO observed improvements in the financial statements preparation process, including the earlier provision of draft financial statements and supporting documentation as well as improvements in the quality and timeliness of responses to the ANAO’s queries. These improvements resulted in earlier completion of the financial reporting and audit processes. The financial statements were signed on 18 October 2024 enabling the Trust to meet its statutory reporting requirements under the PGPA Act and the Corporations Act 2001. As a result of the improvements made by the Trust, the ANAO has reduced this finding to a minor audit finding.

National Film and Sound Archive of Australia

4.12.195 The National Film and Sound Archive of Australia’s (NFSA) purpose is to collect, preserve and share audiovisual media. The legislative functions of the NFSA are outlined in the National Film and Sound Archive of Australia Act 2008.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.12.196 Table 4.12.40 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.12.40: Status of audit findings

Source: ANAO 2023–24 audit results.

4.12.197 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that NFSA’s 2023–24 financial statements were not materially misstated.

New moderate audit finding

Valuation of non-financial assets

4.12.198 NFSA holds $444.6 million of non-financial assets which are primarily comprised of heritage and cultural assets of $369.1 million and buildings of $50.7 million.

4.12.199 AASB 116 Property, Plant and Equipment requires an entity to assess whether the carrying value of non-financial assets valued at fair value differs materially from fair value at the end of the reporting period, and where a difference is identified to make the necessary adjustments to the financial statements to reflect the fair value.

4.12.200 NFSA obtains a desktop (less detailed) valuation for heritage and cultural assets on an annual basis in years where a full valuation does not take place. However, NFSA does not assess the report to determine whether any movements in fair value are material and should otherwise be reflected in the financial statements. NFSA does not perform a materiality assessment on an annual basis for other classes of non-financial assets. As a result, there is a risk that NFSA’s non-financial assets may not be recorded at their fair value. As a result of this matter a material adjustment was required to be made to NFSA’s 2023–24 financial statements.

4.12.201 The ANAO recommended that NFSA implement policies and procedures to assist in determining whether the carrying value of all non-financial assets differs materiality from fair value at year-end.

Comments on unsigned other entities

Norfolk Island Health and Residential Aged Care Service

4.12.202 The Norfolk Island Health and Residential Aged Care Service (NIHRACS) is a multi-purpose health service operated by the Australian Government on Norfolk Island. Oversight of NIHRACS is the responsibility of the Department of Infrastructure, Transport, Regional Development, Communications and the Arts (Infrastructure).

4.12.203 NIHRACS is deemed to be a Commonwealth controlled entity. NIHRACS is a body corporate with perpetual succession under the Norfolk Island Health and Residential Aged Care Act 1985, a Norfolk Island continued law under section 16A of the Norfolk Island Act 1979 (Cth). The PGPA Act does not apply to NIHRACS and as a result the Auditor-General is not appointed as the auditor under the NIHRACS enabling legislation. The ANAO undertakes the audit as an audit arising from a request by the Secretary of Infrastructure made under section 20 of the Auditor-General Act 1997. Auditor-General Report No. 43 of 2018–19 Design, Implementation and Monitoring of Reforms to Services on Norfolk Island made specific recommendations, in relation to NIHRACS, to undertake legislative reform to apply the PGPA Act to the entity. The ANAO is not aware of any action being undertaken to address this recommendation.

4.12.204 The NIHRACS financial statements audit has not been completed for 2022–23 or 2023–24 due to delays in the finalisation of the financial statements by NIHRACS and the impact of a number of unaddressed audit findings and other matters. The financial statements for 2022–23 were presented to the ANAO for audit in June 2024 but due to a large number of unresolved issues and potential material adjustments to the presented financial statements, no further audit work has been able to be progressed since early July 2024. The 2023–24 financial statements have not yet been presented to the ANAO for audit.

4.12.205 The 2021–22 audit was also subject to delay due to the delayed presentation of the financial statements by NIHRACS to the ANAO. The audit was completed in October 2023. Table 4.12.41 summarises the status of audit findings reported by the ANAO at the conclusion of the 2021–22 audit.

Table 4.12.41: Status of audit findings

Note a: The minor audit finding relating to Inventory management was identified during the 2016–17 audit. This audit finding was increased to a moderate audit finding during the 2021–22 final audit.

Source: ANAO 2021–22 results.

4.12.206 The unresolved significant finding at the conclusion of the 2021–22 audit relates to corporate governance. This finding relates to weaknesses in the design and implementation of corporate governance at NIHRACS. This finding was first identified by the ANAO and reported to NIHRACS’ predecessor entity, the Norfolk Island Hospital Enterprise (NIHE) during the 2016–17 audit.

4.12.207 The three unresolved moderate findings relate to: revenue management (first identified in 2016–17); inventory management (first identified in 2018–19); and the financial statements preparation processes (first identified in 2021–22).

4.12.208 The ANAO provides reports on the outcomes of the audit and audit findings identified to Infrastructure at the conclusion of each audit. In October 2024, the ANAO met with Infrastructure to discuss the number of aged audit findings and significant delays in finalising the financial statements processes for NIHRACS.

4.13 Parliamentary Departments

Portfolio overview

4.13.1 The Parliamentary Departments support the operation of the Parliament of Australia, its committees and members.

4.13.2 Table 4.13.1 identifies material and other entities specifically mentioned in this chapter.

Table 4.13.1: Material entities discussed in this chapter

✔: auditor's report not modified

◆: new significant or moderate findings and/or significant legislative matters noted

4.13.3 Figure 4.13.1 shows the Parliamentary Department’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.13.1: Parliamentary Departments’ income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.13.4 Table 4.13.2 presents a summary of the total number of unresolved findings for the Parliamentary Departments at the conclusion of the 2023–24 final audits.

Table 4.13.2: Unresolved audit findings for Parliamentary Departments

Source: ANAO 2023–24 audit results.

4.13.5 Table 4.13.3 presents a summary of the total number of legislative breaches for Parliamentary Departments at the conclusion of 2023–24 final audits.

Table 4.13.3: Legislative breaches identified for Parliamentary Departments

Source: ANAO 2023–24 audit results.

Audit differences

4.13.6 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.13.4 provides a summary of those audit differences that relate to entities within the Parliamentary Departments.

Table 4.13.4: The number of audit differences for Parliamentary Departments

Notes: The above table includes differences first identified during the current audit that were related to a prior period.
The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in Parliamentary Departments.

4.13.7 The following section provides a summary of the 2023–24 financial statements audit results for the Department of Parliamentary Services, and findings for other non-material entities in the portfolio.

Department of Parliamentary Services

4.13.8 DPS is responsible for supporting the Parliament through the provision of a range of services, including library, research, Hansard, broadcasting, telecommunications, central computing, food and beverages, and building security and maintenance.

Summary of financial performance

4.13.9 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by DPS (as outlined in Table 4.13.5 and Table 4.13.6) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.13.5: Key departmental financial statements items

Source: DPS’ audited financial statements for the year ended 30 June 2024.

4.13.10 The increase in total assets of $17.0 million is due to:

• expenditure on capital projects for IT and the fit out of the leased West Block premises; and
• higher unspent appropriation receivable due to an underspend of appropriations during 2023–24.

Table 4.13.6: Key administered financial statements items

Source: DPS’ audited financial statements for the year ended 30 June 2024.

4.13.11 The increase in total assets of $118.1 million is primarily due to the revaluation undertaken by DPS for the Parliament House building, on the building and heritage and cultural asset classes. A valuation increment of $142.7 million was recorded, reflecting increases in market rates for cost inputs for assets valued using the depreciated replacement cost method.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.13.12 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as low.

Key areas of financial risk

4.13.13 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of DPS’ financial statements.

4.13.14 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.13.7, including areas which were considered KAM by the ANAO.

Table 4.13.7: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and DPS’ audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.13.15 Table 4.13.8 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.13.8: Status of audit findings

Source: ANAO 2023–24 audit results.

4.13.16 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that DPS’ 2023–24 financial statements were not materially misstated.

New moderate audit finding

Removal of user access

4.13.17 The Protective Security Policy Framework (PSPF) helps Australian Government entities to protect their people, information and assets. The PSPF sets out government protective security policy in terms of: security governance; information security; personnel security; and physical security. PSPF Policy 9 Access to information and PSPF Policy 14 Separating personnel outline security measures to control access to Australian Government information and mitigate risks associated with departing personnel. PSPF Policy 9 requires entities to control access to supporting ICT systems and applications and ensure access to sensitive information is only provided to people on a need-to-know basis. PSPF Policy 14 requires personnel’s access to be removed upon separation or transfer from the entity. Inadequate security measures for timely removal of access from former personnel increase the risk of unauthorised access to sensitive information.

4.13.18 During the 2023–24 audit, the ANAO identified that contractor termination dates could not be readily verified due to the absence of forms and documentation for such terminations. The ANAO recommended that DPS develop and implement a policy for off-boarding contractors that includes documentation evidencing dates and network access. DPS agreed with this finding and advised the ANAO that it will review its existing process and will implement procedures for off-boarding contractors which are effective in ensuring contractor terminations are documented.

Conclusion

4.13.19 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements by undertaking additional audit procedures. DPS has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken DPS as part of the 2024–25 audit.

4.13.20 The ANAO issued an unmodified auditor’s report on the financial statements on 25 September 2024.

4.14 Prime Minister and Cabinet portfolio

Portfolio overview

4.14.1 The Prime Minister and Cabinet portfolio is responsible for: providing advice and support to the Prime Minister, the Cabinet, Portfolio Ministers and Assistant Ministers on matters that are at the forefront of public policy and government administration; and providing stewardship of the Australian Public Service (APS). The Department of the Prime Minister and Cabinet (PM&C) is the lead entity in the portfolio. It is responsible for supporting the Prime Minister as the head of the Australian Government and the Cabinet and providing advice on major domestic policy and international and national security matters. Further information is available from PM&C’s website.

4.14.2 In addition to PM&C, there are 19 entities within the portfolio that are responsible for: Australian Government Aboriginal and Torres Strait Islander policy, programs and service delivery; improving results for Aboriginal and Torres Strait Islander people through enhanced Indigenous economic rights to support economic independence; improved access to education, employment, health, wellbeing and other services, as well as the maintenance of cultural identity; coordination and evaluation of Australia’s foreign intelligence activities; Australian Government employment workplace relations policy to position the APS workforce for the future by improving people management and manage capability and professional development across the APS; support to the Governor-General to perform her official duties; and promoting and improving workplace gender equality in Australian workplaces.

4.14.3 Table 4.14.1 identifies material and other entities specifically mentioned in this chapter.

Table 4.14.1: Prime Minister and Cabinet portfolio material and other entities discussed in this chapter

✔: auditor's report not modified

✏: financial statements not signed as at 9 December 2024

◆: new significant or moderate findings and/or significant legislative matters noted

▲: significant or moderate findings and/or significant legislative matters reported previously but not yet resolved

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.14.4 Figure 4.14.1 shows the Prime Minister and Cabinet portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.14.1: Prime Minister and Cabinet portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.14.5 Table 4.14.2 presents a summary of the total number of unresolved findings by entities at the conclusion of the 2023–24 final audits.

Table 4.14.2: Unresolved audit findings by entity in the Prime Minister and Cabinet Portfolio

Source: ANAO 2023–24 audit results.

4.14.6 Table 4.12.3 presents a summary of the total number of legislative breaches by entities in the Prime Minister and Cabinet portfolio at the conclusion of 2023–24 final audits.

Table 4.14.3: Legislative breaches identified by entity in the Prime Minister and Cabinet portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.14.7 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.14.4 provides a summary of those audit differences that relate to entities within the Prime Minister and Cabinet portfolio.

Table 4.14.4: The number of audit differences for entities in the Prime Minister and Cabinet portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.
The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Prime Minister and Cabinet portfolio.

4.14.8 The following section provides a summary of the 2023–24 financial statements audit results for the Department of the Prime Minister and Cabinet and material entities within the portfolio, and findings for other non-material entities in the portfolio.

Department of the Prime Minister and Cabinet

4.14.9 PM&C is responsible for providing advice to the Prime Minister, the Cabinet, portfolio ministers, and assistant ministers to improve the lives of all Australians, including through coordination of government activities, effective policy advice and development, and program delivery.

Summary of financial performance

4.14.10 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by PM&C (as outlined in Table 4.14.5 and Table 4.14.6) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.14.5: Key departmental financial statements items

Source: PM&C’s audited financial statements for the year ended 30 June 2024.

4.14.11 The increase in the net cost of services of $56.9 million is largely due to an increase in employee benefits and a reduction in revenue from contracts with customers. The increase in employee benefits was primarily driven by an increase in staffing related to the establishment of the Net Zero Economy Agency, the ASEAN Summit and COVID response inquiry taskforces. The reduction in revenue from contracts with customers was due to changes in cost recovery treatment for project work invoiced to client agencies as part of shared services arrangements.

4.14.12 The increase in revenue from government of $59.3 million is primarily associated with funding provided for establishment of the Net Zero Economy Agency and the ASEAN Summit taskforce discussed in paragraph 4.14.11.

Table 4.14.6: Key administered financial statements items

Source: PM&C’s audited financial statements for the year ended 30 June 2024.

4.14.13 The reduction in total other comprehensive income of $605.5 million is primarily due to the recognition of the increase in value of the administered investment in the Northern Territory Aboriginal Investment Corporation in 2022–23. The entity was established during 2022–23 and received an initial distribution of cash from the Aboriginals Benefit Account which increased its net assets.

4.14.14 The increase in total assets of $148.2 million is primarily related to increases in the fair value of administered investments in corporate Commonwealth entities, particularly Indigenous Business Australia. The investments in these entities are measured on a net asset basis.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.14.15 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are: accounting for investments in Commonwealth corporate entities and companies; and shared services provided to the National Indigenous Australians Agency and other entities.

Key areas of financial risk

4.14.16 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of PM&C’s financial statements.

4.14.17 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.14.7.

Table 4.14.7: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and PM&C’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.14.18 Table 4.14.8 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.14.8: Status of audit findings

Note: The moderate audit finding relating to post termination user access review was identified during the 2022–23 audit.

Source: ANAO 2023–24 audit results.

4.14.19 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that the entity’s 2023–24 financial statements were not materially misstated.

Resolved moderate audit finding

Removal of user access

4.14.20 The Protective Security Policy Framework (PSFP) helps Australian Government entities to protect their people, information and assets. PSPF Policy 14 requires personnel’s access to be removed upon separation or transfer from the entity. Inadequate security measures for timely removal of access from former personnel increase the risk of unauthorised access to sensitive information.

4.14.21 During the 2022–23 audit, the ANAO identified instances where users had accessed PM&C’s systems after completion of their employment or contract. The ANAO noted that investigation of post-termination access was not always timely.

4.14.22 During 2023–24, PM&C updated policies and procedures associated with user access removal on termination and implemented an amended detective control to identify and investigate any user access which may have occurred post termination.

4.14.23 The ANAO assessed the design, implementation and operational effectiveness of the amended control during the 2023–24 audit. As a result of the actions taken by PM&C to address the recommendations from the ANAO the finding was considered to have been resolved.

Conclusion

4.14.24 The ANAO issued an unmodified auditor’s report on PM&C’s financial statements on 13 September 2024.

Indigenous Business Australia

4.14.25 Under its enabling legislation, the Aboriginal and Torres Strait Islander Act 2005, IBA’s purposes are to assist and enhance Aboriginal and Torres Strait Islander self-management and economic self-sufficiency, and to advance the commercial and economic interests of Aboriginal and Torres Strait Islander peoples by accumulating and using a substantial capital base for their benefit. IBA has 14 actively trading subsidiaries which are audited by the ANAO.

Summary of financial performance

4.14.26 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by IBA (as outlined in Table 4.14.9) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.14.9: Key financial statements items

Source: IBA’s audited financial statements for the year ended 30 June 2024.

4.14.27 The increase in total assets of $121.9 million was mainly due to:

• an increase of housing loan receivables of $97.1 million due to loan advances exceeding loan repayments and a reduction in the write-down and impairment of loans; and
• an increase in other investments of $17.2 million due to valuation increments of the investments, particularly the Indigenous Prosperity Growth Fund, that was partially offset by a reduction in cash held in term deposits.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.14.28 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the level of diversity in the nature of IBA’s commercial business activities, which include home loans, business loans, commercial property and investments in controlled entities, associated and other business undertakings; and
• the impact of market conditions, and significant management judgement required, in the valuation of these activities for financial reporting purposes.

Key areas of financial risk

4.14.29 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of IBA’s financial statements.

4.14.30 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.14.10.

Table 4.14.10: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and IBA’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.14.31 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.14.32 The ANAO issued an unmodified auditor’s report on IBA’s financial statements on 8 October 2024.

National Indigenous Australians Agency

4.14.33 NIAA is responsible for policy oversight in relation to the Indigenous agencies in the Prime Minister and Cabinet portfolio.

Summary of financial performance

4.14.34 The following section provides a comparison of the 2023–24 and 2022–23 key departmental and administered financial statements items reported by NIAA (as outlined in Table 4.14.11 and Table 4.14.12) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.14.11: Key departmental financial statements items

Source: NIAA’s audited financial statements for the year ended 30 June 2024.

4.14.35 The net cost of services decreased by $28.1 million mainly due to offsetting factors of:

• a reduction of $49.8 million in litigation settlement expenses. During 2022–23, NIAA recorded expenses for the Stolen Generations class action of $53.2 million which was subsequently settled; and
• an increase in employee expenses of $27.6 million due to growth in staffing numbers and salary rates (as a result a new enterprise agreement).

Table 4.14.12: Key administered financial statements items

Source: NIAA’s audited financial statements for the year ended 30 June 2024.

4.14.36 On 6 September 2024, the Australian Government agreed to the settlement of a historical class action brought by claimants who alleged their wages were unjustly withheld, inadequate or not paid. The Australian Government agreed to pay up to $202.0 million to eligible claimants. NIAA has recorded an expense and a provision for settlement of litigation in its financial statements.

4.14.37 Total administered expenses decreased by $384.7 million mainly due to offsetting factors of:

• a decrease of $679.0 million in distributions from the Aboriginals Benefit Account. During 2022–23, $687.5 million in distributions were made to the newly established Northern Territory Aboriginal Investment Corporation which were not replicated in 2023–24;
• offset by an increase in expenses of: $66.4 million in a new program called Youpla Support Program which was administered by NIAA in 2023–24; and a $202.0 million in expense relating to settlement of litigation under the wages class action (refer paragraph 4.14.36); and
• total liabilities administered on behalf of Government increased by $193.5 million mainly due to the increase in the provision for settlement of litigation.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Key areas of financial risk

4.14.38 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the NIAA’s financial statements.

4.14.39 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.14.13, including areas which were considered key audit matters (KAM) by the ANAO.

Table 4.14.13: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and NIAA’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.14.40 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits. Two minor findings were resolved during the final audit.

Conclusion

4.14.41 The ANAO issued an unmodified auditor’s report on the NIAA’s financial statements on 18 September 2024.

Voyages Indigenous Tourism Australia Pty Ltd

4.14.42 Voyages is a wholly owned subsidiary of the Indigenous Land and Sea Corporation (ILSC). Voyages owns and operates Ayres Rock Resort (ARR) in the Northern Territory. It also operates Mossman Gorge Centre located in North Queensland. These businesses operate tourism and hospitality training and employment initiatives to benefit indigenous people.

Summary of financial performance

4.14.43 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by Voyages (as outlined in Table 4.14.14) includes commentary regarding significant movements between years contributing to overall performance.

Table 4.14.14: Key financial statements items

Source: Voyages’ audited financial statements for the year ended 30 June 2024.

4.14.44 The increase in total income of $2.4 million was primarily driven by increased number of tourists at ARR and Mossman Gorge Centre where the operations are gradually returning back to pre-COVID-19 levels. Higher tourist numbers also translated into increased sales across revenue streams such as food and beverage, tour sales and retail.

4.14.45 The increase in total expenses of $13.9 million was mainly due to the higher tourist numbers which increased operating costs. As a result, supplier expenses were higher by $5.3 million due to an increase in expenditure for utilities, repairs and maintenance, as well as inflationary factors.

4.14.46 The decrease in total assets of $40.3 million and other comprehensive income of $26.8 million is mainly due to a decrease in ARR’s valuation.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.14.47 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate, primarily due to the complexity of business operations which includes different revenue streams, financing of ARR, tax effect accounting and asset valuations.

Key areas of financial risk

4.14.48 The ANAO completed appropriate audit procedures on all material items. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Voyages’ financial statements.

4.14.49 The ANAO focused audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.14.15.

Table 4.14.15: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Voyages’ audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.14.50 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.14.51 The ANAO issued an unmodified auditor’s report on the financial statements on 13 September 2024.

Comments on non-material entities

Anindilyakwa Land Council

4.14.52 The Anindilyakwa Land Council (ALC) was formed by the Aboriginal Land Rights (Northern Territory) Act 1976 (ALRA). Under subsection 23(1) of the ALRA, ALC undertakes the following activities:

• management of the land to protect traditional owners’ interests;
• protection of sacred sites;
• consultation regarding proposals relating to lands and seas in the Groote Archipelago;
• provision of assistance to traditional owners to engage in commercial activities and economic development;
• supervision and administration of land trusts;
• control of visits by all non-indigenous people through monitoring and permits; and
• protection and preservation of culture, including intellectual property, copyright and reproduction of cultural products to safeguard against illegal or improper use of research, digital images, designs, stories, bio-cultural information, artefacts and art.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.14.53 Table 4.14.16 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.14.16: Status of audit findings

Source: ANAO 2023–24 audit results.

4.14.54 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that the ALC’s 2023–24 financial statements were not materially misstated.

New significant audit finding

ALC’s progress in addressing previously reported governance findings

4.14.55 Auditor-General Report No. 29 2022–23 Governance of the Anindilyakwa Land Council (the performance audit) was tabled on 31 May 2023. The performance audit made 15 recommendations to ALC regarding governance and other matters observed during the audit.

4.14.56 During 2023–24, ALC provided a progress report on the status of those recommendations to the NIAA. The NIAA assessed ALC’s progress in addressing the recommendations and issued a report on 27 August 2023 highlighting that most of the audit recommendations were in progress. The report has been accepted by the Chair of ALC.

4.14.57 At the final phase of the 2023–24 audit, the ANAO noted that ALC had implemented two of the recommendations, with 13 recommendations partially implemented. On 29 August 2024, the Minister for Indigenous Australians (the minister) made a decision to withhold approval for the ALC’s 2024–25 budget. The minister approved an operational budget to cover the period to 1 December 2024. The minister indicated that the full budget will only be considered when ALC has demonstrated to the NIAA that it is sufficiently prioritising and implementing the recommendations made in the performance audit.

4.14.58 The status of the recommendations made by the ANAO, and the minister’s action to withhold funding, have heightened concerns about the ALC’s progress in addressing the governance findings.

4.14.59 In view of the reduced available funding highlighted above, further audit work was required by the ANAO to understand ALC’s ongoing financial feasibility. In preparing the financial statements, ALC is required to certify that at the date of signing there are reasonable grounds to believe that the ALC will be able to pay its debts as and when they fall due.

4.14.60 The ANAO recommended that ALC respond promptly to the NIAA’s report setting out a reasonable timeframe to fully address the outstanding recommendations from the performance audit.

4.14.61 With respect to the assessment of ongoing financial feasibility, the ALC accountable authority provided the ANAO with future cashflow forecasts demonstrating that ALC does have sufficient reserves to continue operating with existing funds for the next 12 months. ALC advised the ANAO that the Council is working to address the NIAA’s concerns by December 2024.

4.14.62 The ANAO concluded that there is sufficient evidence to support the preparation of the 2023–24 financial statements on a going concern basis, and the action taken by ALC to address the performance audit recommendations will be revisited by the ANAO in the 2024–25 audit.

Northern Land Council

4.14.63 The Northern Land Council (NLC) is a corporate Commonwealth entity formed under section 21 of the Aboriginal Land Rights (Northern Territory) Act 1976 (ALRA Act). The NLC is responsible for assisting Aboriginal peoples in the top end of the Northern Territory to acquire and manage their traditional lands and seas.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.14.64 Table 4.14.17 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.14.17: Status of audit findings

Source: ANAO 2023–24 audit results.

4.14.65 For the legislative breach listed below, the ANAO undertook additional audit procedures to gain assurance that the entity’s 2023–24 financial statements were not materially misstated.

Unresolved significant legislative breach

Management of Royalty Trust Account

4.14.66 The ALRA Act establishes the Council’s responsibilities for payments in respect of Aboriginal land, requiring payment of an amount equal to amounts received to, or for the benefit of, the traditional owners of the land, within six months after that amount is received through the Royalty Trust Account. Previous audits have identified non-compliance with this requirement of the ALRA Act.

4.14.67 NLC commenced a royalty reform project in 2016–17 to address the legislative requirements. The project was aimed at reducing incidents of non-compliance with the ALRA Act and reconciling outstanding balances in the royalty trust account to identify the appropriate owners for distribution. The NLC also established a Benefits Distribution Unit and strategies were undertaken to expedite the distribution of payments to traditional owners. The NLC sought to vary the terms with beneficiaries to allow for payments to be accelerated.

4.14.68 During 2022–23, NLC advised the ANAO that it had filed an application for directions and orders concerning the unallocated monies by way of an Originating Motion with the Supreme Court of the Northern Territory on 26 July 2022. On 15 March 2024, the Court determined that the unallocated balance maintained by the NLC could be used for a funeral and ceremonial fund for those traditional owners who are in need of assistance in the cost of funeral and burial services.

4.14.69 In 2023–24, the ANAO tested the royalty trust account management for the period 1 July 2023 to 30 June 2024. Based on the work performed, the ANAO identified additional contracts where the distribution of royalty monies to traditional owners during the period was not made within six months as specified in s35(3) and s35(4) of the ALRA Act.

4.14.70 NLC advised the ANAO that the Council continues to pursue a number of strategies to fulfil its statutory responsibilities to distribute payments received by the NLC in respect of Aboriginal land to, or for the benefit of, the Traditional Owners of the land, within six months after that amount is received.

Tiwi Land Council

4.14.71 The Tiwi Land Council (TLC) was established on 18 August 1978, following representation by the Tiwi people to the Australian Government for recognition of their distinct geographic and cultural identity. TLC was instituted by the Minister for Aboriginal Affairs at a special gathering on Bathurst Island on 7 September 1978. TLC is the only body with authority and capacity to direct and administer the Tiwi Aboriginal Land Trust established under the Aboriginal Land Rights (Northern Territory) Act 1976 (ALRA Act).

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.14.72 Table 4.14.18 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.14.18: Status of audit findings

Source: ANAO 2023–24 audit results.

4.14.73 For the new legislative breach listed below, the ANAO undertook additional audit procedures to gain assurance that TLC’s 2023–24 financial statements were not materially misstated.

New significant legislative breach

Non-compliance with the ALRA Act

4.14.74 The ALRA Act establishes TLC’s responsibilities for payments in respect of Aboriginal land, requiring payment of an amount equal to amounts received to, or for the benefit of, the traditional owners of the land, within six months after that amount is received through the Royalty Trust Account. Previous audits have identified non-compliance with this requirement of the ALRA Act.

4.14.75 During the 2023–24 audit, the ANAO identified that a total of $808,000 of royalties had been held by TLC for more than 6 months. TLC sought advice regarding distribution of the funds to the relevant Aboriginal Corporation who would then pay the funds to the appropriate traditional owners to assist with their township leasing rental payments in accordance with Section 35(4B) and Section 36 of the ALRA Act. These sections of the ALRA Act require that any funds received by TLC from the Aboriginals Benefits Account must be paid to a relevant Aboriginal Corporation within six months of receipt.

4.14.76 The Minister for Indigenous Australians did not approve the payment, as it would have been made to a non-compliant Aboriginal Corporation, and instead requested TLC explore other options to appropriately exercise its statutory functions in relation to the township leasing rental payments.

4.14.77 TLC agreed that it had breached the requirements of the ALRA Act. TLC advised the ANAO that it is of the view that withholding the funds is preferable to releasing them to a non-compliant entity, which could lead to financial loss for the traditional owners. TLC advised the ANAO that it is supporting the establishment of a new compliant entity for the traditional owners of the land so that the funds can be distributed.

Resolved significant legislative breach

Risk management activities

4.14.78 During the 2021–22 audit, the ANAO noted that TLC did not have in place a formal risk management policy nor a formal risk management framework. It was also noted that TLC updated the design of its risk register in 2021–22 but not the substantive contents which were last updated in 2020. There was no evidence of monitoring activities over the implementation of the control activities identified in its risk register. There was also no documented evidence to support that an appropriate system of risk oversight and management is in place for TLC.

4.14.79 The ANAO recommended that: TLC develop a formal risk management policy and framework to ensure compliance with the Public Governance, Performance and Accountability Act 2013; implement a process whereby the risk register is updated regularly to ensure that identified risks are appropriately managed; and develop reporting tools to evidence ongoing monitoring activities over the implementation of the control activities identified in the risk register.

4.14.80 During 2022–23, TLC commenced reviewing findings from a review of TLC’s governance initiated by the NIAA, as well as previous ANAO performance and financial statements audits, in order to enhance risk and governance processes.

4.14.81 During 2023–24, TLC finalised its risk management policy, which was approved by its Chief Executive Officer and Chairperson. The ANAO also noted that an external consultant continues to be engaged by TLC to assist in the continuous improvement of the risk register and the overall risk management framework. As a result, the ANAO considers that this matter has been resolved.

Wreck Bay Aboriginal Community Council

4.14.82 The Wreck Bay Aboriginal Community Council (the Council) was established by the Aboriginal Land Grant (Jervis Bay Territory) Act 1986 (the Act). The Act allowed for the grant of freehold title of 403 hectares of land in the Jervis Bay Territory to the Council. The Council: manages and maintains the land; provides services and programs to the community; and conducts business enterprises for the economic and social benefit of the community.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.14.83 Table 4.14.19 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.14.19: Status of audit findings

Note a: The significant audit finding relating to Deficiencies in corporate governance arrangements was first identified in 2022–23. This audit finding was reduced to a moderate audit finding during the 2023–24 final audit. Refer to paragraphs 4.14.92 to 4.14.97.

Source: ANAO 2023–24 audit results.

4.14.84 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that the Council’s 2023–24 financial statements were not materially misstated.

Unresolved moderate audit finding

Financial statements preparation process

4.14.85 During the 2022–23 audit, the ANAO identified a number of weaknesses in the Council’s financial statements preparation process. These weaknesses included a number of amendments and versions of the financial statements being produced by the Council after the draft financial statements were provided to the ANAO for audit as well as a number of errors in balances and disclosures.

4.14.86 These weaknesses indicated there were deficiencies in the Council’s financial statements preparation process, particularly relating to: the implementation and/or effectiveness of quality controls; the quality of workpapers; and Council’s processes for interpretation of accounting standards or accounting positions. Weaknesses in the financial statements preparation process increase the risk that the financial statements prepared by the Council could include a material misstatement.

4.14.87 The ANAO recommended that the Council:

• develop a financial statements preparation plan to support the preparation of the 2023–24 financial statements, including detailing key preparedness measures, information requirements, key stakeholders, key milestones and quality controls; and
• implement a range of processes to address the underlying factors which contributed to the errors identified by the ANAO in the financial statements in 2022–23, including classification of expenditure and valuation and management of non-financial assets.

4.14.88 Several improvements were noted during the 2023–24 audit, including: changes to the employee benefits provision methodology; implementation of a new monthly process for reviewing expenditure for appropriate treatment; an asset stocktake being completed; and timelier responses to audit requests and queries.

4.14.89 However, additional work is required by the Council to improve the financial statements preparation process including:

• preparing lead schedules with sufficient explanations and detail to support movements from prior years;
• improving internal review of workpapers supporting the financial statements and disclosures before providing these workpapers to the ANAO;
• ensuring the completeness and accuracy of the key management personnel remuneration disclosure;
• implementing annual conflict-of-interest declarations by Board members and senior management and documenting a risk assessment of expected related party transactions;
• improving supporting documentation for the annual stocktake methodology, results, staff performing the stocktake and the delegate’s approval of the results; and
• documenting evidence of segregation of duties in the preparation and approval of manual journals.

4.14.90 The ANAO will review the action taken by the Council to address this finding as part of the 2024–25 audit.

Reduced significant audit finding

Deficiencies in corporate governance arrangements

4.14.91 During the course of the 2022–23 financial statements audit, the ANAO identified a number of deficiencies in the Council’s governance arrangements including relating to procurement, record keeping and approval for expenditure of funds.

4.14.92 The ANAO identified instances where policies and procedures that would support appropriate governance in relation to procurement were not in place or not regularly reviewed, including a procurement policy not being in place and policies relating to the Council’s Community Supporting Program Grants not being subject to regular review and approval as required by each policy.

4.14.93 The ANAO also identified instances of non-compliance with the Council’s policies and procedures. These included:

• the procurement and review over value for money for accounting and consulting services. The incumbent supplier has been in place for 15 years with no review or re-tender for this arrangement being performed by the Council in this time. The Council was unable to provide the ANAO a contract for these services;
• instances where payments appear to have been approved by someone other than the approving delegate;
• documentation was unable to be provided by the Council to the ANAO throughout the course of the audit. This included: selected board and audit committee minutes; invoices or receipts for credit card acquittals; and documentation relating Community Supporting Program Grants such as applications made, evidence of delegate approvals and evidence of the amount approved for the grants. The Council was also unable to provide the ANAO evidence of the decisions taken in relation to the appointment of an acting Chief Financial Officer, nor employment contracts for this role; and
• meetings of the Council’s Audit Committee were not held at least four times during 2022–23 as required by the Audit Committee’s charter.

4.14.94 The weaknesses identified by the ANAO indicated that there was a significant deficiency in the Council’s system of internal control and an absence of effective and robust corporate governance. The ANAO recommended that the Council:

• finalise and implement a procurement policy that specified the requirements for the procurement process, including approach to market, evaluation of quotations and responses and assessment of value for money;
• develop and implement a process to regularly review existing policies, to confirm they remain fit for purpose, and to support that all applicable legislative or regulatory obligations are being addressed;
• promote awareness of the Council’s policies and procedures by conducting regular training for all employees;
• conduct meetings of the Audit Committee at a frequency which complies with the Audit Committee’s charter;
• improve processes for regularly confirming potential or actual conflicts of interest for members of the Board or management; and
• review and improve record keeping practices which would support the retention of documentation of key management decisions and those of the Audit Committee or Board. The Council’s records should reflect all meetings of these bodies.

4.14.95 During 2023–24, the Council developed and finalised several key policies which directly reference legislative requirements, including for procurement, and minutes of Board and Audit Committee meetings were documented appropriately and made readily available to the ANAO. The ANAO considered these actions as improving governance arrangements at the Council and the finding was reduced to a moderate audit finding.

4.14.96 The ANAO will review the action taken by the Council to address the outstanding recommendations from this finding as part of the 2024–25 audit.

4.15 Social Services portfolio

Portfolio overview

4.15.1 The Social Services portfolio is responsible for achieving the Australian Government’s social policy outcomes and delivering social security priorities through policy advice, program administration and research.

4.15.2 Table 4.15.1 identifies material and other entities specifically mentioned in this section.

Table 4.15.1: Social Services portfolio material and other entities discussed in this section

✔: auditor's report not modified

E: auditor’s report contains an emphasis of matter

◆: new significant or moderate findings and/or significant legislative matters noted

▲: significant or moderate findings and/or significant legislative matters reported previously but not yet resolved

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.15.3 Figure 4.15.1 shows the Social Services portfolio’s income, expenses, assets and liabilities contribution for the year ended 30 June 2024.

Figure 4.15.1: Social Services portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.15.4 Table 4.15.2 presents a summary of the total number of unresolved findings by entities in the Social Services portfolio at the conclusion of the 2023–24 final audits.

Table 4.15.2: Unresolved audit findings by entities within the Social Services portfolio

Source: ANAO 2023–24 audit results.

4.15.5 Table 4.15.3 presents a summary of the total number of legislative breaches by entities in the Social Services portfolio at the conclusion of 2023–24 final audits.

Table 4.15.3: Legislative breaches identified by entity in the Social Services portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.15.6 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.15.4 provides a summary of those audit differences that relate to entities within the Social Services portfolio.

Table 4.15.4: The number of audit differences for entities in the Social Services portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.
The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Social Services portfolio.

4.15.7 The following section provides a summary of the 2023–24 financial statements audit results for the Social Services and material entities within the portfolio, and findings for other non-material entities in the portfolio.

Department of Social Services

4.15.8 DSS is responsible for social security, families and communities, disability and carers, and housing. DSS works in partnership with other government and non-government organisations on a range of policies, programs and services focused on improving the wellbeing of people and families in Australia.

Summary of financial performance

4.15.9 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by DSS (as outlined in Table 4.15.5 and Table 4.15.6) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.15.5: Key departmental financial statements items

Source: DSS’ audited financial statements for the year ended 30 June 2024.

4.15.10 The net cost of services increased by $57.3 million mainly due to higher employee benefits expenses as a result of an increase in staff and remuneration levels, and higher supplier expenses payments for the resolution of claims by external service providers.

Table 4.15.6: Key administered financial statements items

Source: DSS’ audited financial statements for the year ended 30 June 2024.

4.15.11 Administered expenses increased by $18.2 billion as a result of higher:

• personal benefits income support payments of $8.6 billion, mainly due to indexation;
• personal benefits working age payments of $2.4 billion, mainly due to indexation and reform measures to extend eligibility for parenting payments and working age recipients; and
• payments to the National Disability Insurance Agency (NDIA) due to an increase in participant plan payments.

4.15.12 Administered income increased by $85.3 million as a result of:

• an increase in interest income of $61.3 million due to an increase in the rate of the general interest charge and lifting of blanket debt pauses;
• an increase in recoveries receivable of $47.1 million mainly due to a higher number of applications being processed for the National Redress Scheme;
• an increase in special accounts revenue consisting of funding contributions payable to the NDIA; and
• partially offset by lower fair value gains related to the valuation of receivables for the Student Financial Supplement Scheme and the Home Equity Access Scheme.

4.15.13 Administered assets and other comprehensive income increased by $1.0 billion due to increases in the net assets of the NDIA and Australian Hearing Services, recorded as administered investments on a net assets basis.

4.15.14 Administered liabilities increased by $979.9 million due to an increase in accrued personal benefits payables (due to higher expenditure, as detailed in paragraph 4.15.12).

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.15.15 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• improving governance and oversight within the portfolio following heightened public scrutiny and interest that DSS has been under as a result of the Royal Commission into the Robodebt Scheme and other reviews;
• the range and complexity of DSS’ operations, including a complex and outsourced IT environment;
• reliance on third parties to provide information that is critical to support payments made for personal benefits and grants; and
• significant judgements and assumptions made in the complex estimation process around the valuation of personal benefit provisions and receivables.

Key areas of financial risk

4.15.16 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of DSS’ financial statements.

4.15.17 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.15.7 including areas which were considered key audit matters (KAM) by the ANAO.

Table 4.15.7: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and DSS’ audited financial statements for the year ended 30 June 2024.

Risks and findings identified in ANAO performance audits

4.15.18 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. Auditor-General Report No. 48 of 2023–24 Transitional Arrangements for the Cashless Debit Card was tabled in June 2024 and included observations relating to transitional arrangements from the Cashless Debit Card program to the Enhanced Income Management program.

4.15.19 The observations of this report were considered in designing audit procedures to address areas considered to pose a lower risk of material misstatement. The observations of this report were relating to robust program monitoring and performance measurement and lack of evaluation plan, which were not considered to have impact on the financial statements approach.

What are the results of the ANAO’s audit coverage in 2023–24?

4.15.20 Table 4.15.8 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.15.8: Status of audit findings

Note a: The minor audit finding relating to DES Assurance Programs was identified during the 2022–23 audit. This audit finding was increased to a moderate audit finding during the 2023–24 final audit. Refer to paragraphs 4.15.27 to 4.15.28.

Note b: The significant audit finding relating to Governance of legal and other matters was first identified in 2022–23. This audit finding was reduced to a moderate audit finding during the 2023–24 interim audit as reported in Auditor-General Report No. 42 of 2023–24 Interim Report on Key Financial Controls of Major Entities. Refer to paragraphs 4.15.39 to 4.15.42.

Source: ANAO 2023–24 audit results.

4.15.21 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that DSS’ 2023–24 financial statements were not materially misstated.

New significant legislative breach

Income Apportionment

4.15.22 During the 2022–23 audit, the ANAO became aware of legal matters being managed by DSS associated with the ‘income apportionment’ matter that was the subject of an own-motion investigation by the Office of the Commonwealth Ombudsman (the Commonwealth Ombudsman).

4.15.23 In August 2023, the Commonwealth Ombudsman released a report on an own motion investigation into Services Australia and DSS’ response to the question of the lawfulness of income apportionment before 7 December 2020.⁹⁸ The report highlighted that:

• from at least 2003 to 2020 Services Australia (and its precursor agency the Department of Human Services) was unlawfully apportioning customers’ income across two or more Centrelink instalment periods, which in turn likely affected social security payment rates and may have led to unfair debts against customers; and
• there is an unresolved and significant difference of opinion between legal providers.

4.15.24 Services Australia and DSS undertook to implement the recommendations made by the Commonwealth Ombudsman. The general instructions developed by DSS to provide guidance on how decision-makers should recalculate potential debts need further development, and both entities are still determining how much of the known and potential debts are affected.

4.15.25 The ANAO recommends that DSS, with the assistance of Services Australia, work to resolve the income apportionment issue as soon as possible.

New moderate audit findings

DES Assurance Programs

4.15.26 During the 2022–23 audit, the ANAO identified that there were significant timing delays in presenting the quarterly assurance reports in respect of the Disability Employment Services (DES) programs for 2022–23. The ANAO raised a minor audit finding in respect of these weaknesses and recommended that DSS improve the timeliness of assurance reports to the internal Committee established for that purpose.

4.15.27 During the 2023–24, the ANAO identified that while DSS’ focus on improvements have been observed, the enhancements have been incremental to date and/or are primarily projected by DSS and yet to be achieved. As a result, this finding has been increased to a moderate finding, reflecting the limited progress in addressing the recommendations made by the ANAO, the importance of the related control and existence of both financial and business risks relating to grants to a vulnerable group.

FMIS user access removal process monitoring

4.15.28 The Protective Security Policy Framework (PSPF) requires non-corporate Commonwealth entities to control access to systems, networks, and applications. The requirement includes removing system access from employees and contractors without an operational need for access to IT resources.

4.15.29 During previous audits, the ANAO has identified weakness in controls relating to user access terminations and instances of users logging into the FMIS after their termination date where DSS could not provide evidence of the actions taken or recorded for the investigation as part of the terminations review process.

4.15.30 DSS advised the ANAO that a new Standard Operating Procedure (SOP) has been established for the management of FMIS user access terminations and monitoring of post-termination access. DSS advised that the new SOP goes beyond the ANAO’s recommendation by designing a new quarterly and monthly reporting component of the SOP which is scheduled to commence during 2024–25. The ANAO identified that the internally generated reports used for this control may not be complete, accurate or fit for purpose.

4.15.31 The ANAO recommends that DSS:

• establish and evidence whether current internally generated reports are complete, accurate and fit for purpose, or develop alternative reports where this can be achieved; and
• fully implement designed controls and adhere to the related SOP, including regular reporting requirements.

Resolved moderate audit finding

User access removal

4.15.32 The PSPF requires non-corporate Commonwealth entities to control access to systems, networks, and applications. The requirement includes removing system access from employees and contractors without an operational need for access to IT resources.

4.15.33 During the 2020–21 audit, the ANAO identified weaknesses in user access termination processes in relation to the Human Resources Management Information System (HRMIS). The ANAO identified a number of instances where users continued to access systems for up to five days following separation from DSS.

4.15.34 During 2023–24, DSS enhanced the termination process and standard operating procedures to mitigate the risks associated with terminated user access. DSS also implemented a process to review any access of post terminated users. As a result of the action taken in relation to implementation and design of the enhanced process, the ANAO considers this finding resolved. However, a new moderate audit finding has been identified by the ANAO, as aspects of the FMIS user access removal process were found to not be operating effectively (refer to paragraphs 4.15.29 to 4.15.32).

Governance of legal and other matters

4.15.35 During the 2022–23 audit, the ANAO made requests for information relating to known or suspected instances of non-compliance with laws and regulations including legal matters, whose effects should be considered in the preparation of DSS’ financial statements. In July 2023, the ANAO became aware of a legal matter being managed by DSS that was the subject of an own-motion investigation by the Commonwealth Ombudsman into the practice of income apportionment for personal benefit payments. DSS had been aware of this legal matter for at least two years prior. This increased the risk that matters that may affect the financial statements are not appropriately considered in the preparation of the financial statements.

4.15.36 During 2023–24, DSS finalised a legal risk management plan; revised legal risk framework reporting; established a new legal services protocol with Services Australia under the Bilateral Management Agreement; and now provides quarterly legal risk register reporting to its Audit and Risk Committee. DSS has also been progressing a review of legal advice provided to DSS, including assessment of what happens to legal advice once received, if the legal advice has not been followed and the reasons why.

4.15.37 At the conclusion of the 2023–24 interim audit, as a result of the actions taken and evidence provided to the ANAO by DSS, the finding was reduced to a moderate finding.

4.15.38 As part of the final phase of the 2023–24 audit, the ANAO noted that DSS has embedded improvements in the legal risk governance. The ANAO also noted that further emerging legal matters have been communicated to the ANAO on a timely basis. As a result of the actions taken by DSS, this finding is considered resolved.

Unresolved moderate audit finding

SAP Privileged User Monitoring

4.15.39 Maintaining and supporting IT systems requires some user accounts, both at the network and the application level, to have extensive access rights (privileged access). Privileged user accounts can be used to circumvent security controls to make direct changes, either to system settings or systems data, or to access files and accounts used by others.

4.15.40 During the interim phase of the 2023–24 audit, the ANAO identified that the monitoring undertaken did not verify that the activities which are being performed by privileged users are appropriate. This is a weakness in the monitoring of privileged user activities within the financial and human resources management information systems. This increases the risk that inappropriate or inaccurate activities undertaken by these privileged users are not identified.

4.15.41 The ANAO recommended that DSS regularly review and annually certify the currency of:

• a comprehensive risk assessment for privileged access;
• risk management strategies for identified risks; and
• results of risk strategy measures; and assessment and appropriate management of any residual risks.

4.15.42 During the 2023–24 final audit, DSS provided an update on actions taken to address the recommendations made by the ANAO. DSS highlighted the planned use of a security review report with actionable recommendations and a risk assessment with a list of proposed risk treatments. DSS plans to implement these enhancements during 2024–25.

Conclusion

4.15.43 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements by undertaking additional audit procedures. DSS has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by DSS as part of the 2024–25 audit.

4.15.44 The ANAO issued an unmodified auditor’s report on the financial statements on 22 October 2024. Without modifying the audit opinion, the auditor’s report included an emphasis of matter which draws attention to DSS’ disclosure in the notes to the financial statements in view of the uncertainties with respect to the timing and amount of future outflows associated with income apportionment.

Australian Hearing Services

4.15.45 AHS is a corporate Commonwealth entity established under the Australian Hearing Services Act 1991. AHS is responsible for the provision of research and hearing services through a network of 187 hearing centres and 288 visiting sites. Services provided include subsidised hearing services to eligible clients under the Australian Government’s Hearing Services Program.

Summary of financial performance

4.15.46 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by AHS (as outlined in Table 4.15.9) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.15.9: Key financial statements items

Source: AHS’ audited financial statements for the year ended 30 June 2024.

4.15.47 The decrease in total revenue of $26.4 million is mainly due to a decrease in services provided to customers at AHS’ hearing centres as a direct result of issues arising from the implementation of AHS’ new Enterprise Resource Planning (ERP) software, implemented on 1 July 2023. These issues impeded normal business operations and the capability to conduct assessments.

4.15.48 The decrease in total expenses of $14.0 million is mainly due to offsetting factors:

• a reduction in goods and services costs of $19.4 million directly related to the decreased volume in customer services (as described in paragraph 4.15.49); and
• higher salary costs of $5.8 million from a 4 per cent increase during the period.

4.15.49 The decrease in assets of $13.8 million is mainly due to a reduction in cash and cash equivalents and investments in order to fund operating expenses and cover current year losses.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.15.50 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as low. Key factors contributing to this rating are:

• weaknesses identified with the implementation of AHS’ customised ERP software, which impacted revenue, debtors balances and inventory and necessitated a substantive audit approach for 2023–24;
• completeness and accuracy of transaction data within the ERP primarily due to the configuration of automated business controls; and
• limited IT general control or application controls could be relied on due to weaknesses arising from the ERP implementation.

Key areas of financial risk

4.15.51 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of AHS’ financial statements.

4.15.52 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.15.10.

Table 4.15.10: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and AHS’ audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.15.53 Table 4.15.11 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.15.11: Status of audit findings

Source: ANAO 2023–24 audit results.

4.15.54 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that AHS’ 2023–24 financial statements were not materially misstated.

New moderate audit findings

Issues identified with the design and implementation of the ERP following the ‘Go Live’ on 1 July 2023

4.15.55 AHS’ new ERP went live on 1 July 2023. A number of challenges were identified when processing transactional data within the ERP, primarily relating to the accurate recognition of revenue (also impacting inventory balances and goods and services expenses). As a result, there were inaccuracies in financial reporting during the year, which were identified by AHS as part of the internal monthly financial reporting process. As a result, AHS was required to book a number of material adjustments to balance sheet accounts covering WIP, debtors and inventory, to completely and accurately record transactions.

4.15.56 AHS commissioned an independent review of the ERP’s implementation and developed an ERP improvement plan to address the identified weaknesses. In response to the identified weaknesses, the ANAO incorporated specific audit testing to address the integrity of the data supporting the financial statements with a focus on WIP, Debtors and Inventory balances at 30 June 2024. AHS has advised the ANAO that it continues to work through addressing the recommendations made in the independent review.

General IT controls — improvements required in the monitoring of user access, system changes and system incidents areas

4.15.57 The independent review of the ERP implementation also identified a number of weaknesses in IT controls relating to user access and change management. As a result of the recent ERP implementation, and the challenges encountered, a full review of IT general controls had not been undertaken by AHS. As a result, AHS did not have assurance that the controls were operating as designed and intended, nor assurance over the risks that these controls would otherwise seek to mitigate.

4.15.58 AHS advised the ANAO that a workplan and enhancements to support the design and operating effectiveness of IT general controls will be implemented in 2024–25.

Conclusion

4.15.59 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken to obtain sufficient and appropriate evidence on the financial statements. AHS has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by AHS as part of the 2024–25 audit. The ANAO issued an unmodified auditor’s report on the financial statements on 15 August 2024.

National Disability Insurance Agency

4.15.60 The NDIA was established under the National Disability Insurance Scheme Act 2013 (NDIS Act). The NDIA has responsibility for delivering the Scheme. The Scheme is designed to: provide individual control and choice in the delivery of reasonable and necessary care and support; to improve the independence, social and economic participation of eligible people with a disability, their families and carers; and provide associated referral services and activities.

Summary of financial performance

4.15.61 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by the NDIA (as outlined in Table 4.15.12) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.15.12: Key financial statements items

Source: NDIA’s audited financial statements for the year ended 30 June 2024.

4.15.62 The decrease in the net cost of services of $400.7 million was due the following factors:

• higher participant plan expenses of $6.7 billion. This reflects the increase in active participants with approved plans from 610,502 as at 30 June 2023 to 661,267 as at 30 June 2024, and higher payments to participants, particularly those without supported independent living supports; and
• offset by an increase in contributions from Commonwealth, State and Territory Governments of $7.3 billion. Funding of participant plan expenses is provided by these jurisdictions in accordance with bilateral agreements.

4.15.63 The increase in revenue from government of $587.0 million relates to additional funding provided by the Australian Government to improve the effectiveness and sustainability of the NDIS, and for increased costs associated with responses to the NDIS Review.

4.15.64 The increase in total assets of $1.4 billion was primarily related to higher cash and cash equivalent balances arising from additional contributions from the Australian Government received toward the end of the period.

4.15.65 The increase in total liabilities of $423.0 million was primarily due to the following factors:

• higher supplier payables of $320.4 million due to changes in payment processes, and an increase in amounts payable to the Department of Health and Aged Care for residential aged care services; and
• an increase in the participant plan provision of $117.6 million, reflecting an increase in active participants with approved plans, and higher average payments to participants.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.15.66 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as high. Key factors contributing to the higher rating are:

• number of changes in key management positions over 2023–24 and 2022–23, particularly those officers charged with governance;
• the high level of scrutiny on the operations of the NDIA by the Parliament and members of the public;
• complexity of decisions made by the NDIA as to the appropriate level of support required for a growing number of participants and the level of maturity of the NDIA’s compliance activities for Scheme access, plan approval and payments since implementation. Administration of the Scheme is supported by a complex and partially outsourced IT environment. NDIA are implementing a new customer relationship management (CRM) system during 2023–24; and
• the significant number of recommendations relating to internal controls and management of fraud risks made by the ANAO in Auditor-General Report No. 43 of 2022–23 Effectiveness of the National Disability Insurance Agency’s management of assistance with daily life support, including the failure to fully implement seven prior ANAO audit recommendations.

Key areas of financial risk

4.15.67 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the NDIA’s financial statements.

4.15.68 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.15.13 including areas which were considered KAM by the ANAO.

Table 4.15.13: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the NDIA’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.15.69 Table 4.15.14 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.15.14: Status of audit findings

Source: ANAO 2023–24 audit results.

4.15.70 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that the NDIA’s 2023–24 financial statements were not materially misstated.

New moderate audit findings

Privileged user access monitoring – SAP CRM

4.15.71 NDIA utilises Services Australia as their infrastructure provider for the SAP CRM IT system. SAP CRM is used for essential business functions such as payment delivery. Maintaining and supporting IT systems requires some user accounts to have extensive access rights (privileged access). Privileged user accounts have the potential to modify system configurations or controls and perform inappropriate or fraudulent activities with a financial impact.

4.15.72 During the 2023–24 audit, the ANAO identified weaknesses in the effectiveness of Services Australia’s logging and monitoring of privileged user activities. The ANAO recommended that the NDIA assess the risk of existing processes, and document and implement processes to address the identified control weakness.

Business assurance over participant plan approvals

4.15.73 The NDIA performs monthly testing over participant plans to measure the quality of decision-making and compliance with NDIA operational guidelines and the relevant provisions of the NDIS Act. Results from the program provide quantitative and qualitative information to inform key stakeholders about non-compliance with legislation and guidance material, trends, risks and opportunities for improvement. The NDIA’s methodology for sample selection includes stratification and items selected based on risk.

4.15.74 During the 2023–24 audit, the ANAO identified that a significant proportion of the samples selected for the compliance activity remained untested, with the proportion of untested items fluctuating on a month-to-month basis. It is unclear whether samples tested remain representative of underlying plan approval populations; and whether the samples tested reflect the stratified and risk-based sample selection. Where compliance programs are not appropriately designed, or where testing is not completed as per the program’s design, there is a risk that the program does not efficiently and effectively control risks that the compliance program was designed to address.

4.15.75 The ANAO has recommended that the NDIA assesses whether the current sample approach remains appropriate to efficiently and effectively address risks that the program was designed to address; determine business rules or principles to determine an appropriate monthly sample size; and determine, document and implement a risk-based approach where the NDIA is unable to test the full sample.

4.15.76 The NDIA has advised the ANAO that it will review and annually document the sampling approach for quality assurance testing. This will cover the minimum number of plans required to be assessed to form valid conclusions, and specific approaches to prioritise or review higher risk plans.

Governance of legal matters and legal advice

4.15.77 During the 2023–24 audit, the ANAO made requests for information relating to known or suspected instances of non-compliance with laws and regulations including legal matters, whose effects should be considered in the preparation of the NDIA’s financial statements.

4.15.78 In 2022–23, the NDIA received legal advice on the operation of the NDIS Act in relation to debt management processes. During 2023–24, the ANAO identified weaknesses in the financial statements preparation processes with respect to the consideration of this legal advice, including the immaturity of systems and processes for determining the financial statements impact of the legal advice, and weaknesses in quality assurance processes over data extracted for related financial statements disclosures.

4.15.79 In the absence of appropriate governance processes to manage, communicate and track responses to legal advice, there is a risk that matters that may affect the financial statements are not appropriately considered in the preparation of the financial statements. The absence of an appropriate control environment over data extraction processes creates a risk that the extractions are not complete and accurate, which could lead to material misstatements in the financial statements.

4.15.80 The ANAO recommended that:

• the NDIA design, document and implement processes to ensure legal and other matters are considered when preparing financial statements and that all matters identified for consideration are communicated to the ANAO;
• design, implement and document a process for the comprehensive review of historical information against the principles outlined in the legal advice; and
• appropriately document quality assurance processes over extraction of information for financial statements disclosures.

Unresolved moderate audit findings

Privileged user activity monitoring – PACE

4.15.81 During the interim phase of the 2022–23 audit, the ANAO found that the NDIA did not have a formal process to review privileged user activity in the PACE system. The ANAO recommended that the NDIA should assess whether the real-time alert system meets the underlying business risks relating to privileged user access and implement a formal process to document the outcomes of alerts raised.

4.15.82 During the 2023–24 interim audit, the NDIA advised the ANAO that they had remediated this weakness by implementing a formal monitoring process over privileged user activity. During testing of the new process, the ANAO identified that the review did not include activity by all privileged users; the appropriateness of each activity performed; and there was no evidence of management oversight of the review.

4.15.83 The NDIA has advised the ANAO it will enhance the process to address these weaknesses.

Removal of user access

4.15.84 During the 2020–21 interim audit, the ANAO’s testing of user access found weaknesses in user access terminations processes. User accounts should be removed upon termination date as they no longer have a legitimate requirement to access the NDIA’s network.

4.15.85 The NDIA moved to a new ICT operating environment and created a new process to address this finding during 2022–23, however there were weaknesses with the reporting used to detect potentially inappropriate activity.

4.15.86 During the 2023–24 interim audit, the NDIA advised the ANAO that they had remediated the weaknesses previously identified with reporting. During the final audit phase, the ANAO identified that this process did not cover SAP CRM activities, and that the NDIA does not have formal change management processes to manage the code used to detect post-termination activity. The absence of change management process limits NDIA’s ability to assure themselves that the code being used has been approved, tested, is fit for purpose, and has not been inappropriately modified.

Conclusion

4.15.87 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements. The NDIA has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by NDIA as part of the 2024–25 audit.

4.15.88 The ANAO issued an unmodified auditor’s report on the financial statements on 4 October 2024.

Services Australia

4.15.89 Services Australia has responsibility for delivering a range of payments and services to support individuals, families and communities, as well as third party service providers and businesses. These include income support payments and services; aged care payments; Medicare payments and services; and child support services. Social and health-related payments and services delivered by Services Australia on behalf of other entities are recognised within each of the individual policy agencies’ financial statements.

Summary of financial performance

4.15.90 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by Services Australia (as outlined in Table 4.15.15 and Table 4.15.16) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.15.15: Key departmental financial statements items

Note a: The prior period comparatives have been restated to correct an error related to accounting for leases. This impacted depreciation and leasehold improvements.

Source: Services Australia’s audited financial statements for the year ended 30 June 2024.

4.15.91 The decrease in net cost of services of $354.9 million was primarily due to lower:

• supplier expenses of $245.8 million, as additional costs were capitalised rather than expensed, as part of development of new IT capabilities;
• depreciation of $35.5 million, due to increased useful lives for leasehold improvement assets; and
• write-downs and impairments, noting that there was a $190.9 million write-off in 2022–23 for the Welfare Payment Infrastructure Transformation Program — Entitlement Calculation Engine.

4.15.92 The increase in revenue from government of $177.7 million was due to additional funding provided by the Australian Government to reduce claims processing backlogs, improve access to government services and improve safety for staff and customers.

4.15.93 The increase to total assets of $128.7 million was primarily due to major plant and equipment asset acquisitions (including storage hardware and system equipment) and a net increase in right-of-use assets driven by planned lease extensions and the signing of new leases for service centre premises.

Table 4.15.16: Key administered financial statements items

Note a: The prior period comparatives have been restated to correct an error related to accounting for other receivables. This impacted the balance of receivables recorded for the Medicare Compensation Recovery Scheme (MCRS).

Source: Services Australia’s audited financial statements for the year ended 30 June 2024.

4.15.94 Total expenses increased by $128.2 million largely as a result of higher child support expenses, where Services Australia acts as an intermediary in the collection and transfer of child support payments between custodial and non-custodial parents.

4.15.95 The increase in total assets of $164.6 million was primarily due to higher:

• administered cash balances of $69.2 million as a result of increased health compensation receipts for the Medicare Compensation Recovery Scheme (MCRS). These receipts fluctuate year on year based on the number and value of cases assessed by Services Australia; and
• receivables for the health compensation and child support of $95.4 million.

4.15.96 The increase in total liabilities of $132.9 million was largely driven by higher child support provisions, reflecting the higher balance of child support receivable (refer to paragraph 4.15.97).

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.15.97 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as high. Key factors contributing to this rating are:

• heightened public scrutiny and interest that Services Australia has been under as a result of the Royal Commission into the Robodebt Scheme and other public reviews;
• the role of Services Australia in delivery of the Australian Government’s social welfare and health benefits; and
• significant IT and administered governance findings reported at the conclusion of the 2023–24 audit.

Key areas of financial risk

4.15.98 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Services Australia’s financial statements.

4.15.99 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.15.17 including areas which were considered KAM by the ANAO.

Table 4.15.17: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Services Australia’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.15.100 Table 4.15.18 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.15.18: Status of audit findings

Note a: Two minor audit findings relating to Medicare Mainframe Passwords and User Access Management were combined and increased to a moderate audit finding during the 2023–24 interim audit as reported in Auditor-General Report No. 42 of 2023–24 Interim Report on Key Financial Controls of Major Entities. Refer to paragraphs 4.15.121 to 4.15.123.

Note b: The minor audit finding relating to Medicare Compensation Recovery was identified during the 2022–23 audit. This audit finding was increased to a significant audit finding during the 2023–24 final audit. Refer to paragraphs 4.15.107 to 4.15.110.

Source: ANAO 2023–24 audit results.

4.15.101 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that Services Australia 2023–24 financial statements were not materially misstated.

New significant legislative breach

Significant legislative matters in Services Australia’s program delivery

4.15.102 Services Australia delivers social welfare and health programs and payments. Understanding of, and compliance with, legislation, is a key component underlying Services Australia’s delivery of these programs. During 2023–24, the ANAO became aware of breaches of legislation with respect to the: child support program; aged care program and private health insurance rebate. These breaches included:

• Services Australia uses pre-issue income⁹⁹, instead of taxable income (which is not available until a notice of assessment is served), in calculating child support assessments and amounts recoverable from or payable to individuals, however pre-issue income is unable to be treated as taxable income under the Child Support (Assessment) Act 1989. Further work is being undertaken by Services Australia, in consultation with affected policy agencies, to address these issues;
• Services Australia is responsible for making payment of residential aged care and home care subsidies. The quarterly review process adopted by Services Australia to validate a care recipient’s maximum subsidy entitlement in arrears was inconsistent with the relevant provisions of the Aged Care Act 1997. Specifically, the application of a subsidy rate across a quarter based on a point-in-time review, instead of the correct rate applicable throughout the quarter, has resulted in overpayments. During 2023–24, Services Australia changed this review process from quarterly to monthly in order to reduce the level of overpayments. The estimated total overpayments of aged care subsidies was $284.9 million at 21 August 2024; and
• Services Australia is responsible for making payments under the Private Health Insurance Act 2007. Payments made without a decision as to the correctness or reasonableness of the claimed amount (i.e. system-based payments), may be inconsistent with the legislation. These payments may be recoverable as debts to the Commonwealth, with the exception of any payments that were not the fault of the insurer.

4.15.103 These issues have highlighted significant legal concerns with Services Australia’s delivery of key programs on behalf of the Commonwealth and policy agencies. There is a risk that section 83 breaches of the Constitution may have occurred due to Services Australia’s processes, which must be disclosed in the financial statements of Services Australia or the relevant policy agency.

Unresolved significant audit findings

Medicare Compensation Recovery Scheme governance

4.15.104 Services Australia is responsible for the administration of the MCRS on behalf of the Department of Health and Aged Care (DoHAC). In accordance with the Health and Other Services (Compensation) Act 1995 (the Act) receipt of a Medicare health benefit or subsidy, and receipt of compensation greater than $5,000, for the same illness, triggers a requirement to repay the health benefit and subsidy to the Commonwealth.

4.15.105 During the 2022–23 audit, the ANAO identified a minor audit finding in relation to Services Australia’s ‘Work-on-Hand Strategy’ as recovery cases were closed without an assessment on whether an amount was owed to the Commonwealth being completed. The ANAO identified a risk that Services Australia’s approach may have been inconsistent with the requirements of the Act and recommended that Services Australia seek advice to support its process.

4.15.106 During the 2023–24 audit, the ANAO undertook further audit procedures on the program. The ANAO identified that over 50 per cent of cases were not assessed by Services Australia within the statutory timeframes, contrary to specific requirements in the Act to process claims within timeframes or to make decisions to not pursue recovery. The Act requires that Services Australia must issue notices prior to statutory time periods expiring and has no discretion to not pursue recovery. The ANAO identified that Services Australia did not take sufficient steps during 2023–24 to address these known issues.

4.15.107 Services Australia’s non-compliance with the Act resulted in:

• non-collection of revenue from ‘advance payments’ that would have otherwise been owed to the Commonwealth. Medicare benefits for treatments for which compensation was received may have been retained; and
• the identification of an error in Services Australia’s prior period financial statements, relating to the recognition and treatment of revenue and receivables associated with the MCRS program.

As a result of the non-compliance and risks identified by the ANAO, the previous finding was increased to a significant audit finding.

4.15.108 The ANAO recommended that Services Australia finalise MCRS assessments within legislated timeframes, report to its Audit and Risk Committee on progress addressing the issues and develop a policy that would require staff to consult with Services Australia’s legal team and affected policy agencies before making decisions with significant potential impacts on program administration.

IT Governance

4.15.109 During the 2022–23 audit, the ANAO examined controls around significant IT systems supporting the preparation of the financial statements. The ANAO identified a significant audit risk in relation to the increasing number of issues in IT governance within Services Australia. In particular, the ANAO identified weaknesses in IT controls in the implementation of the large-scale IT roll-out for residential aged care and the re-emergence of a large number of individual control issues affecting change and access management and business operations. The volume of the findings identified indicates that Services Australia’s IT governance and monitoring processes are not providing appropriate assurance that policy requirements have been implemented and are operating effectively.

4.15.110 This matter is considered to pose a significant financial, business and reputational risk to Services Australia. The ANAO recommended that Services Australia’s IT governance and monitoring processes be reviewed to ensure they are fit for purpose and that identified deficiencies are appropriately reported and responded to.

4.15.111 At the conclusion of the 2023–24 audit, Services Australia advised the ANAO that remedial actions were in progress, but not yet fully implemented.

New moderate audit finding

Medicare Benefits Schedule Business Rule Restriction Lifts

4.15.112 Services Australia’s Medicare Mainframe system (the Mainframe) is used to calculate and pay benefits to a Medicare recipient based on the items specified in the Medicare Benefits Schedule (MBS). The Mainframe has been configured with business rules and restrictions that enable the processing of claims which are automatically approved, rejected or held for manual review based on the specifications in the MBS.

4.15.113 During the 2023–24 audit, the ANAO identified that Services Australia had a process which permits the overriding of the business rules within the Mainframe, referred to as ‘restriction lifts’. Services Australia advised the ANAO that overrides are used when limitations in the Mainframe would cause an otherwise valid item or claim to be rejected. The override process involves a claims processing officer making a request to another team within Services Australia who review the request and, if approved, enable a restriction lift for a specific timeframe.

4.15.114 After additional inquiries with Services Australia, the ANAO noted that:

• there was no requirement for the relevant policy agency (DoHAC or the Department of Veterans’ Affairs) to be informed of or approve these overrides;
• Services Australia’s quality assurance program did not include a check of whether the prescribed process had been adhered to;
• system limitations prevented Services Australia’s Item Fee File system and weekly review of changes in this system from logging all restriction lifts or claims processed during a restriction lift; and
• an override code could be used on any other claims processed while a restriction lift was active.

As a result of these weaknesses, the ANAO identified increased risks that:

• invalid claims may be paid while an override is active;
• restriction lifts may be activated without appropriate approval or detection due to system limitations in logging and monitoring; and
• the relevant policy agency may be unaware of the frequency or impact of overrides.

4.15.115 The ANAO recommended that Services Australia consult with the relevant policy agencies about the restriction lift process to amending existing practices if required and update existing processes or implement new controls to ensure invalid claims cannot be processed during a restriction lift without following the prescribed process.

Resolved significant audit finding

Governance of legal and other matters

4.15.116 During the 2022–23 audit, the ANAO requested information on known or suspected instances of non-compliance with laws and regulations including legal matters, Commonwealth Ombudsman or other Commonwealth reviews and Administrative Appeals Tribunal rulings. Evidence identified by the ANAO did not accord with management representations and additional audit work was required to be undertaken by the ANAO. A number of the matters identified impacted either Services Australia’s (child support) or other agencies’ financial statements including income apportionment (Department of Social Services), Child Care Subsidy (Department of Education), aged care and Medicare issues (Departments of: Health and Aged Care; and Veterans’ Affairs).

4.15.117 Both the number of matters identified and the number of adjustments made to Services Australia’s and other agencies’ financial statements highlighted a significant failure of governance in the assessment and reporting of these matters. This matter was considered to pose a significant financial, business and reputational risk to Services Australia. The ANAO recommended that Services Australia design, implement and document a process to ensure legal or other matters are identified for consideration for their impact on the financial statements, and that all matters identified for consideration are communicated to the ANAO.

4.15.118 At the conclusion of the 2023–24 audit, Services Australia had designed and implemented a comprehensive process which included regular reporting on legal matters and review by the Chief Financial Officer, Audit and Risk Committee and Executive Board. The ANAO considered these actions sufficient and appropriate to mitigate the risks identified. The ANAO’s additional inquiries and procedures over legal matters and contingencies during the 2023–24 audit support this assessment.

Unresolved moderate audit findings

Medicare Mainframe Passwords and User Access Management

4.15.119 During previous audits, the ANAO raised separate audit findings for issues relating to passwords and user access management for the Medicare Mainframe system (the Mainframe) and reported these to Services Australia. These findings included:

• Services Australia did not identify and remove Mainframe users in a timely manner who no longer had a valid business case to have access to the Mainframe;
• access management processes were not being managed in accordance with Services Australia’s User Access for ICT Systems Policy;
• supporting evidence of approvals for access was not retained for all users;
• changes to user accounts were being actioned without appropriate supporting evidence of the required approval; and
• lack of documented processes around how internal and external staff authenticate to the Mainframe.

4.15.120 These weaknesses reduce Services Australia’s ability to rely on the Mainframe’s underlying data, including data that is used to support the financial statements. During the 2023–24 interim audit, the ANAO identified that while Services Australia had implemented an automated process for creating standard users in the Mainframe, a clear and documented process was not in place for non-standard users and the maintenance of existing users. As a result of these weaknesses, these finding were combined and increased to a moderate finding.

4.15.121 At the conclusion of the 2023–24 audit, Services Australia advised the ANAO through an interim closure pack that remedial actions were in progress, but a closure pack that fully addresses the ANAO’s recommendations has not been provided. The ANAO will consider further actions taken by Services Australia in response to this finding as part of the 2024–25 audit.

FMIS and HRMIS Privileged User Management

4.15.122 Maintaining and supporting IT systems requires some user accounts, both at the network and the application level, to have extensive access rights (privileged access). Privileged user accounts can be used to circumvent security controls to make direct changes, either to system settings or systems data, or to access files and accounts used by others. During the 2022–23 audit, the ANAO identified weaknesses in the effectiveness of Services Australia’s monitoring of privileged user activities within the Financial Management Information System (FMIS) and Human Resource Management Information System (HRMIS).

4.15.123 At the conclusion of the 2023–24 audit, Services Australia had submitted a closure pack to advise the ANAO that the implementation of this recommendation had been completed. However, the ANAO determined that the implemented remedial actions had not fully addressed the ANAO’s recommendation. The ANAO will consider further actions taken by Services Australia in response to this finding as part of the 2024–25 audit.

Medicare, Child Support and Health IT Mainframe Privileged User Management

4.15.124 Maintaining and supporting IT systems requires some user accounts, both at the network and the application level, to have extensive access rights (privileged access). Privileged user accounts can be used to circumvent security controls to make direct changes, either to system settings or systems data, or to access files and accounts used by others. During the 2022–23 audit, the ANAO identified weaknesses in the effectiveness of Services Australia’s monitoring of privileged user activities within the Medicare, Child Support and Health IT mainframes.

4.15.125 At the conclusion of the 2023–24 audit, Services Australia had submitted a closure pack to advise the ANAO that the implementation of this recommendation had been completed. However, the ANAO determined that the implemented remedial actions had not fully addressed the ANAO’s recommendation. The ANAO will consider further actions taken by Services Australia in response to this finding as part of the 2024–25 audit.

Centrelink IT Mainframe Privileged User Management

4.15.126 Maintaining and supporting IT systems requires some user accounts, both at the network and the application level, to have extensive access rights (privileged access). Privileged user accounts can be used to circumvent security controls to make direct changes, either to system settings or systems data, or to access files and accounts used by others. During the 2022–23 audit, the ANAO identified weaknesses in the effectiveness of Services Australia’s monitoring of privileged user activities within the Centrelink IT mainframe.

4.15.127 At the conclusion of the 2023–24 audit, Services Australia had submitted a closure pack to advise the ANAO that the implementation of this recommendation had been completed. However, the ANAO determined that the implemented remedial actions had not fully addressed the ANAO’s recommendation. The ANAO will consider further actions taken by Services Australia in response to this finding as part of the 2024–25 audit.

New Residential Aged Care System Access Management

4.15.128 In August 2022, Services Australia implemented a new residential aged care system. Maintaining and supporting IT systems requires some user accounts to have extensive access rights (privileged access). Privileged user accounts can be used to circumvent security controls to make direct changes, either to system settings or systems data, or to access files and accounts used by others.

4.15.129 During the 2022–23 audit, the ANAO identified that there were weaknesses in the design and operating effectiveness of controls supporting privileged and other user access. More broadly, the ANAO has observed a break-down in Services Australia’s re-established security governance control framework, particularly the lack of formal system accreditation or other supporting system security risk assessments that would identify and allow system and project owners to formally analyse, understand and mitigate and/or accept key security governance risks prior to the implementation of the new system. The ANAO recommended that Services Australia strengthen privileged user access and logging and monitoring processes.

4.15.130 At the conclusion of the 2023–24 audit, while Services Australia advised that remedial actions were in progress, evidence for these actions had not been provided to the ANAO.

Resolved moderate audit finding

New Residential Aged Care System Change Management

4.15.131 In August 2022, Services Australia implemented a new residential aged care system. IT change management provides a disciplined approach to making changes to the IT environment. It includes controls to prevent unauthorised changes being made and reduce the likelihood that normal business operations are interrupted with the implementation of authorised changes.

4.15.132 During the 2022–23 audit, the ANAO identified weaknesses in segregation of duties controls associated with key change management processes, with Services Australia developers having access to release and deploy changes directly into the system. The ANAO recommended that Services Australia strengthen change management processes to address the identified control weakness.

4.15.133 At the conclusion of the 2023–24 audit, the ANAO reviewed the implementation, design and operating effectiveness of enhanced change management process developed by Services Australia. Services Australia implemented remedial actions including segregation of duties controls and enhanced logging of security events. As a result of the action taken by Services Australia, the ANAO considers that this finding has been resolved.

Conclusion

4.15.134 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements. Services Australia has advised the ANAO of the actions it will take to remediate the audit findings identified. The ANAO plans to review the actions taken by Services Australia as part of the 2024–25 audit.

4.15.135 The ANAO issued an unmodified auditor’s report on the financial statements on 14 October 2024.

4.16 Treasury portfolio

Portfolio overview

4.16.1 The Treasury Portfolio is responsible for a range of activities aimed at achieving strong sustainable economic growth for the good of Australians.

4.16.2 Table 4.16.1 identifies material and other entities specifically mentioned in this chapter.

Table 4.16.1: Treasury portfolio material and other entities discussed in this chapter

✔: auditor's report not modified

◆: new significant or moderate findings and/or significant legislative matters noted

▲: significant or moderate findings and/or significant legislative matters reported previously but not yet resolved

☐: significant or moderate findings and/or significant legislative matters identified in previous periods, or the 2023–24 interim audit phase, now reduced or resolved

4.16.3 Figure 4.16.1 shows the Treasury’s portfolio’s income, expenses, assets and liabilities for the year ended 30 June 2024.

Figure 4.16.1: Treasury portfolio’s income, expenses, assets and liabilities

Source: ANAO analysis of 2023–24 CFS.

Audit findings

4.16.4 Table 4.16.2 presents a summary of the total number of unresolved findings by entities in the Treasury portfolio at the conclusion of the 2023–24 final audits.

Table 4.16.2: Unresolved audit findings by entity in the Treasury portfolio

Source: ANAO 2023–24 audit results.

Audit differences

4.16.5 As outlined in Chapter 2, analysis of the quality and timeliness of financial statements preparation included a summary of the total number of audit differences reported to entities during the 2023–24 financial statements audits. Table 4.16.3 provides a summary of those audit differences that relate to entities within the Treasury portfolio.

Table 4.16.3: The number of audit differences for entities in the Treasury portfolio

Notes: The above table includes differences first identified during the current audit that were related to a prior period.
The above table excludes projected differences and differences associated with presentation and disclosure.

Source: ANAO analysis of audit differences reported to entities in the Treasury portfolio.

4.16.6 The following section provides a summary of the 2023–24 financial statements audit results for the Department of the Treasury and material entities within the portfolio, and findings for other non-material entities in the portfolio.

Department of the Treasury

4.16.7 Treasury provides policy advice, analysis and the delivery of economic policies and programs, including legislation, administrative payments and regulatory functions, which support the effective management of the Australian economy.

Summary of financial performance

4.16.8 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by the Treasury (as outlined in Table 4.16.4 and Table 4.16.5) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.16.4: Key departmental financial statements items

Source: Treasury’s audited financial statements for the year ended 30 June 2024.

4.16.9 Other comprehensive income increased by $4.2 million as a result of a revaluation of property, plant and equipment in 2023–24. Revaluations are periodically undertaken in accordance with the Treasury’s accounting policy.

Table 4.16.5: Key administered financial statements items

Source: Treasury’s audited financial statements for the year ended 30 June 2024.

4.16.10 The increase in total income of $413.9 million relates mainly to:

• higher interest income of $225.0 million, consistent with the increasing size of international assistance loans provided over the past two years by the Treasury; and
• higher favourable revaluation gains from guarantees provided of $166.4 million, primarily related to the Small and Medium Enterprises Guarantee schemes, which provided support to businesses impacted by the COVID-19 pandemic.

4.16.11 The $1.1 billion increase in comprehensive income is largely due to favourable valuation gains on administered investments, primarily Housing Australian and the Australian Reinsurance Pool Corporation, which increased their net asset position in 2023–24.

4.16.12 The $2.0 billion in increase in total assets is primarily due to:

• higher administered investments of $1.3 billion (as discussed at paragraph 4.16.12); and
• increased loans and receivables of $887.8 million relating to an increase in GST receivable and new loan advances made to Housing Australia and the International Monetary Fund.

4.16.13 The $4.7 billion increase in total liabilities is largely due to the growth in the Disaster Recovery Funding Arrangements (DRFA) provision. The increase is largely due to the revaluation the provisions made for disasters which occurred before 30 June 2023 of $4.0 billion due to updates estimates received for amounts to be paid to the States and Territories.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.16.14 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to the moderate rating are:

• complexities and judgements involved in the valuation of a number of financial assets and provisions (including DRFA provision); and
• significant value of payments made by Treasury under the Federal Financial Relations framework.

Key areas of financial risk

4.16.15 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the Treasury’s financial statements.

4.16.16 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.16.6 including areas which were considered KAM by the ANAO.

Table 4.16.6: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the Treasury’s audited financial statements for the year ended 30 June 2024.

Risks and findings identified in ANAO performance audits

4.16.17 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. Auditor-General Report No. 44 of 2023–24 Compliance with Gifts, Benefits and Hospitality Requirements in the Department of the Treasury was tabled during 2023–24 and is relevant to the financial management or administration of the Treasury. The observations of this report were considered in designing audit procedures to address areas considered to pose a lower risk of material misstatement.

What are the results of the ANAO’s audit coverage in 2023–24?

4.16.18 Table 4.16.7 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.16.7: Status of audit findings

Source: ANAO 2023–24 audit results.

4.16.19 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that the Treasury’s 2023–24 financial statements were not materially misstated.

New moderate audit finding

Estimation process for Disaster Recover Funding Arrangements

4.16.20 The Disaster Recovery Funding Arrangement (DRFA) provision represents the Treasury’s best estimate of future payments expected to be made to States and Territories in respect of financial assistance for declared disaster events. The provision is based on estimates from States and Territories on their assessment of costs incurred, or expected to be incurred for declared disaster (natural) events.

4.16.21 As described in paragraph 4.16.14, during 2023–24 there was a large re-estimation for prior year declared disasters due to delays in estimating eligible costs for significant declared disasters. The complexity and volume of disaster events have caused delays in estimating the appropriate costs and delaying the estimation process. As a result, the ANAO identified a risk that the estimate of the provision may be subject to volatility and have potential to be over or underestimated.

4.16.22 The ANAO recommended the Treasury review the estimation process it has adopted, particularly for extreme disaster events to refine the estimation methodology.

Conclusion

4.16.23 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements by undertaking additional audit procedures. The Treasury has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by the entity as part of the 2024–25 audit.

4.16.24 The ANAO issued an unmodified auditor’s report on the financial statements on 17 September 2024.

Australian Bureau of Statistics

4.16.25 The ABS is Australia’s national statistical agency. It provides independent and trusted official statistics on a range of economic, social, population and environmental matters of importance to governments, industry, and the wider Australian community.

Summary of financial performance

4.16.26 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by the ABS (as outlined in Table 4.16.8) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.16.8: Key financial statements items

Source: ABS’ audited financial statements for the year ended 30 June 2024.

4.16.27 The increase in net cost of services of $45.9 million is mainly due to higher:

• employee benefits expenses of $23.0 million, reflecting an increased average staffing level and the impact of salary growth as a result of the Commonwealth pay offer of 4 per cent; and
• supplier expenses of $17.8 million as a result of increase spending on project related activities, including the Data Acquisition Modernisation project.

4.16.28 The increase in revenue from government of $48.0 million is due to new measures announced in the 2023–24 Budget, including the Big Data, Timely Insights Phase 2 program and the Life Course Data Initiative.

4.16.29 The decrease in total assets of $22.2 million is mainly due to the planned depreciation of building, intangible and leasehold improvement assets.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.16.30 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as low.

Key areas of financial risk

4.16.31 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the ABS’ financial statements.

4.16.32 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.16.9.

Table 4.16.9: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and ABS’ audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.16.33 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.16.34 The ANAO issued an unmodified auditor’s report on the ABS’ financial statements on 6 September 2024.

Australian Office of Financial Management

4.16.35 The AOFM is responsible for managing Australian Government debt and financial assets. It issues Treasury Bonds, Treasury Indexed Bonds and Treasury Notes, manages the government’s cash balances and invests in high quality financial assets under the Australian Business Securitisation Fund and the Structured Finance Support Fund.

Summary of financial performance

4.16.36 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by AOFM (as outlined in Table 4.16.10 and Table 4.16.11) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.16.10: Key departmental financial statements items

Source: AOFM’s audited financial statements for the year ended 30 June 2024.

4.16.37 The increase in revenue from government of $2.7 million and increase in the net cost of services of $1.4 million is due to additional funding provided by the Australian Government for new programs. These new programs included the implementation of a Green Treasury Bond program as part of the Government’s Sustainable Finance Strategy.

Table 4.16.11: Key administered financial statements items

Source: AOFM’s audited financial statements for the year ended 30 June 2024.

4.16.38 The increase in the deficit of $16.8 billion is primarily a result of a loss in re-measurement on Australian Government Securities during 2023–24 compared with a gain in 2022–23. In 2022–23 a gain on the valuation of AGS was realised due to the increase in interest rates through the period. In 2023–24 interest rates have been largely flat or lower. Where interest rate yields on bonds decrease, the valuation of the liability increases, leading to a loss recognised.

4.16.39 Total liabilities increased by $19.1 billion primarily an increase in Australian Government Securities on issue with a face value of $900.9 billion to $920.0 billion.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.16.40 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. The key factor contributing to the moderate rating is complexity of AOFM’s operations, particularly the management of the Australian Government’s debt portfolio, which is a significant financial balance.

Key areas of financial risk

4.16.41 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of AOFM’s financial statements.

4.16.42 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.16.12 including areas which were considered KAM by the ANAO.

Table 4.16.12: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and AOFM’s audited financial statements for the year ended 30 June 2024.

Risks and findings identified in ANAO performance audits

4.16.43 Auditor-General Report No. 18 of 2023–24 Australian Office of Financial Management’s Management of the Australian Government’s Debt included observations relevant to the valuation and disclosure of Australian Government Securities outlined in Table 4.16.12. The observations included in this report were considered in designing audit procedures that address the key areas of financial statements risk detailed above in Table 4.16.12 relating to Australian Government Securities. The impact on the financial statements audit was limited to issuance processes which was identified as largely effective.

What are the results of the ANAO’s audit coverage in 2023–24?

4.16.44 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.16.45 The ANAO issued an unmodified auditor’s report on AOFM’s financial statements on 28 August 2024.

Australian Prudential Regulation Authority

4.16.46 APRA is responsible for the prudential regulation of the Australian financial services industry through the oversight of banks, credit unions, building societies, friendly societies, general insurers, life insurers, private health insurers, reinsurance companies and most of the superannuation industry. APRA is funded largely by the industries that it regulates.

Summary of financial performance

4.16.47 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by APRA (as outlined in Table 4.16.13 and Table 4.16.14) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.16.13: Key departmental financial statements items

Source: APRA’s audited financial statements for the year ended 30 June 2024.

4.16.48 The increase in revenue from government of $20.5 million is a result of the higher net cost of services and over-collection of levies in the prior year. The increase in surplus of $13.8 million is due to a combination of higher revenue and timing of expenses.

Table 4.16.14: Key administered financial statements items

Source: APRA’s audited financial statements for the year ended 30 June 2024.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.16.49 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as low.

Key areas of financial risk

4.16.50 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of APRA’s financial statements.

4.16.51 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.16.15 including areas which were considered key audit matters (KAM) by the ANAO.

Table 4.16.15: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and APRA’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.16.52 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.16.53 The ANAO issued an unmodified auditor’s report on APRA’s financial statements on 13 August 2024.

Australian Reinsurance Pool Corporation

4.16.54 ARPC, established by the Terrorism and Cyclone Insurance Act 2003, is responsible for administering the Terrorism Reinsurance Pool; providing primary insurers with reinsurance for commercial property and associated business interruption losses arising from a declared terrorist incident and the Cyclone Reinsurance Pool; and providing insurers with reinsurance for household, strata and small business property insurance for losses arising from cyclone and cyclone related flooding for declared cyclone events.

Summary of financial performance

4.16.55 The following section provides a comparison of the 2022–23 and 2023–24 key items reported by ARPC (as outlined in Table 4.16.16) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.16.16: Key financial statements items

Source: ARPC’s audited financial statements for the year ended 30 June 2024.

4.16.56 The operations for ARPC have been significantly impacted by the commencement of the Cyclone Reinsurance Pool (the Pool) in 2022–23. During 2023–24, the Pool had its first full year of operation with all insurers now participating. Effects of the operation of the Pool on ARPC’s financial performance and position have included:

• an increase in own source revenue and liabilities associated with unearned premiums. Premium revenue increased by $579.4 million reflecting the operation of the Pool. There was $149.5 million in unearned premiums; and
• an increase in expenses in total liabilities associated with claims under the Pool. Claims expense of $154.9 million, and a claims provision $138.6 million were recognised reflecting expected claims for 2023–24 cyclone events.

4.16.57 The increase in assets of $710.1 million is primarily due to the investment of $900.4 million in surplus funds from operations by ARPC. Retaining surpluses in ARPC reduces the likelihood of calling on a Commonwealth guarantee in the event of a Terrorism Incident or Cyclone Event.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.16.58 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors to this rating are:

• the commencement of the Cyclone Reinsurance Pool during 2022–23 and the significant insurer onboarding which occurred during 2023–24 with participation now mandatory; and
• increasing claims experience expected with cyclone events forecast.

Key areas of financial risk

4.16.59 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of ARPC’s financial statements.

4.16.60 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.16.17.

Table 4.16.17: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and ARPC’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.16.61 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.16.62 The ANAO issued an unmodified auditor’s report on ARPC’s financial statements on 19 September 2024.

Australian Securities and Investments Commission

4.16.63 ASIC is Australia’s integrated corporate, financial services, markets and consumer credit regulator, supporting a fair, strong and efficient financial system for all Australians. ASIC’s core responsibility is to maintain and facilitate the performance of Australia’s financial system and promote confident and informed participation by investors and consumers.

Summary of financial performance

4.16.64 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by ASIC (as outlined in Table 4.16.18 and Table 4.16.19) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.16.18: Key departmental financial statements items

Source: ASIC’s audited financial statements for the year ended 30 June 2024.

4.16.65 The increase in revenue from Government of $87.3 million is due to receiving funding for new measures such as the RegistryConnect Program and the transfer of appropriation revenue to ASIC from the Australian Taxation Office following the transfer of the Registry functions to ASIC.

Table 4.16.19: Key administered financial statements items

Source: ASIC’s audited financial statements for the year ended 30 June 2024.

4.16.66 The increase in total income of $366.2 million is primarily due to:

• one-off levy for the Compensation Scheme of Last Resort (CSLR) of $240.9 million. These levy notices were issued to 10 banking and general/life insurance entities that had the highest total income from the 2021–22 income year. The levies collected are to fund backlog compensation claims from November 2018 to September 2022 to eligible victims of financial misconduct; and
• higher unclaimed money receipts of $139.0 million. Unclaimed money lodgements relates to lost money received under the Banking Act 1959, Life Insurance Act 1995 and Corporations Act 2001. These monies are held by ASIC and can be reclaimed.

4.16.67 The increase in total expenses of $120.8 million and total liabilities of $107.0 million were primarily related to higher payments of claims resulting from higher lodgements of unclaimed money (refer to paragraph 4.16.67).

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.16.68 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• administration of large revenue streams associated with corporate fees and fines, and supervisory cost recovery levies; and
• estimation uncertainty associated with the determination of the provision for future repayment of unclaimed money.

Key areas of financial risk

4.16.69 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of ASIC’s financial statements.

4.16.70 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.16.20.

Table 4.16.20: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and ASIC’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.16.71 Table 4.16.21 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.16.21: Status of audit findings

Source: ANAO 2023–24 audit results.

4.16.72 For the finding listed below, the ANAO undertook additional audit procedures to gain assurance that ASIC’s 2023–24 financial statements were not materially misstated.

Resolved moderate audit finding

Work in progress capitalisation and asset management framework

4.16.73 In 2022–23, ASIC undertook a review of computer software and ASIC’s asset management framework. The review identified a number of control weaknesses and improvements required to the asset management framework, including limited consideration of the required accounting treatment during the planning and build phases of projects, resulting in the incorrect accounting treatment often being applied.

4.16.74 ASIC has implemented revised preventative and detective controls during 2023–24, including: updating and documenting policies, including an asset management framework; developed new tools and templates to assist in identifying capital expenditure and accounting treatments; and embedded regular meetings between finance and project teams to discuss these matters.

4.16.75 The ANAO tested the implementation, design and operating effectiveness of these controls during the 2023–24 audit. As a result of the actions taken by ASIC the ANAO considers this finding has been addressed.

Conclusion

4.16.76 The ANAO issued an unmodified auditor’s report on ASIC’s financial statements on 15 August 2024.

Australian Taxation Office

4.16.77 The ATO is Australia’s principal revenue collection entity and is part of the Treasury portfolio. The ATO’s role is to administer Australia’s tax system, significant aspects of Australia’s superannuation system and business registry services, together with the provision of support to the Tax Practitioners Board and the Australian Charities and Not-for-profits Commission.

Summary of financial performance

4.16.78 The following section provides a comparison of the 2022–23 and 2023–24 key departmental and administered financial statements items reported by the ATO (as outlined in Table 4.16.22 and Table 4.16.23) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.16.22: Key departmental financial statements items

Source: ATO’s audited financial statements for the year ended 30 June 2024.

4.16.79 The increase in net cost of services of $255.3 million was mainly due to a $265.2m increase in employee benefits expenses, largely driven by salary rate increases under the new ATO Enterprise Agreements and higher average staffing driven by additional resources for tax avoidance taskforce measures.

4.16.80 The decrease in total assets of $173.0 million is mainly due to:

• a reduction in appropriation receivable, driven by the timing of payments and increased expenditure; and
• a reduction of buildings and intangibles due to depreciation and amortisation expense which was partially offset by additions for right-of-use property leases and purchased assets.

Table 4.16.23: Key administered financial statements items

Source: ATO’s audited financial statements for the year ended 30 June 2024.

4.16.81 The increase in total revenue of $33.8 billion was mainly due to:

• a $34.1 billion increase in income tax for individuals driven by stronger labour market conditions and growth in PAYG instalments from prior years;
• a $5.6 billion increase in indirect tax revenue which is attributed to higher goods and services and excise duty tax collections compared to the prior year; and
• offsetting these increases, a $12.4 billion decrease in company tax driven by lower net on-assessment collections, particularly for the mining sector.

4.16.82 The increase in total assets of $4.9 billion was largely attributed to:

• an increase in net receivables of $2.8 billion. This reflects a $7.5 billion increase in gross receivables as a result of the increase in tax revenue, offset by $4.7 billion increase in the debt impairment and allowance from credit amendments for disputed cases from the ageing of the debt book and increase in gross receivables; and
• a $2.0 billion increase in accrued revenue, due mainly to an increase in accrued GST revenue from a recovery in economic conditions and consumption and an increase in compliance activities.

4.16.83 The increase in total liabilities of $1.0 billion is mainly due to higher research and development tax incentive provisions from increased sector activity and higher Fuel Tax Credits as a result of increased fuel consumption and the end of the temporary halving policy.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.16.84 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as high. Key factors contributing to the high rating are:

• level of ongoing scrutiny of the ATO’s operations by Parliament and members of the public, given ATO’s role as Australia’s principal revenue collection agency, administering the legislation governing tax and significant aspects of Australia’s superannuation system;
• dependence on sophisticated and interfaced IT systems and business applications for financial reporting, including one significant unresolved audit finding identified in 2022–23 relating to enterprise change management (refer to paragraphs 4.16.92 to 4.16.94); and
• the considerable level of judgement required and significant application of estimation and allocation processes to determine key financial balances.

Key areas of financial risk

4.16.85 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the ATO’s financial statements.

4.16.86 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.16.24 including areas which were considered KAM by the ANAO.

Table 4.16.24: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the ATO’s audited financial statements for the year ended 30 June 2024.

Risks and findings identified in ANAO performance audits

4.16.87 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. The following performance audits were tabled during 2023–24 relevant to the financial management or administration of the ATO:

• Auditor-General Report No. 15 of 2023–24 Australian Tax Office’s Management and Oversight of Fraud Control Arrangements for the Goods and Services Tax.
• Auditor-General Report No. 22 of 2023–24 Management of Taxpayers’ Use of Transfer Pricing for Related Party Debt.

4.16.88 The observations of these reports were considered in designing audit procedures to address the areas of risk identified in Table 4.16.24 related to taxation revenue.

What are the results of the ANAO’s audit coverage in 2023–24?

4.16.89 Table 4.16.25 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.16.25: Status of audit findings

Source: ANAO 2023–24 audit results.

4.16.90 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that the ATO’s 2023–24 financial statements were not materially misstated.

Unresolved significant audit finding

Enterprise change management

4.16.91 During the 2022–23 audit, the ANAO identified weaknesses associated with the ATO’s enterprise change management for key IT systems supporting the preparation of ATO’s financial statements. The ATO’s change management policy and operational procedures did not consistently define the types of changes that required segregation of duties between developers and migrators. As a result, the required segregation of duties were not in operation during 2022–23. The ATO was also unable to demonstrate that its IT service management system contained a complete and accurate list of changes made to the systems assessed by the ANAO as in scope for the financial statements audit. Accordingly, the ATO was unable to demonstrate that these changes were appropriately authorised and managed in all instances. This matter is considered to pose a significant financial, business and reputational risk to the ATO. The ANAO recommended that the ATO improve the change management framework to ensure policy alignment throughout ATO’s business operations, that all changes are recorded in the approved system in line with ATO policy and that changes have effective system-enforced segregation of duties.

4.16.92 During the 2023–24 audit, the ANAO observed that the ATO has implemented a series of changes to policy and procedural documentation as well as enhancements to the change management recording system. However, the ANAO has continued to identify weaknesses in processes and non-compliance with policy for systems such as the Enterprise Data Warehouse, reporting and case management systems, which are relevant to the management and production of data relevant to financial and performance statements and reporting. The ATO’s processes for managing changes to IT applications in the mainframe environment and the financial management information system have improved.

4.16.93 The identified issues pose a risk that unauthorised changes negatively impact the ATO’s business operations. As a result of identified deficiencies the ANAO was required to undertake additional testing to obtain assurance over the reliability of reports generated to support financial statements balances.

Unresolved moderate audit finding

Uneconomical to pursue debt and re-raises

4.16.94 During the 2021–22 audit, the ANAO identified issues in the ATO’s treatment of debts considered to be uneconomical to pursue (‘non-pursued debt’). Excluding non-pursued debts from offsetting was not consistent with Part IIB of the Taxation Administration Act 1953 (Tax Act). Issues identified included:

• the timeframe where the automatic re-raise functionality was switched off that resulted in the ATO not re-raising debts that had previously been identified as uneconomical to pursue where the taxpayer became entitled to a credit; and
• the use of exclusionary criteria that had the effect of preventing a re-raise on a taxpayer’s account for non-pursued debt.

4.16.95 In both of these cases there was a potential effect of a taxpayer being able to receive a full credit despite having a debt owed to the Commonwealth.

4.16.96 At the completion of the 2023–24 audit, the ATO had updated its policies to conform with relevant legislation for debt offsetting and implemented updates to IT systems to remove all selected exclusionary criteria relating to non-pursued debts not currently subject to an approved deferral by the Commissioner of Taxation (Commissioner). One exclusionary criterion remains in place for debts raised prior to 1 January 2017 that has not been removed and is subject to a temporary deferral by the Commissioner.

4.16.97 The 2024–25 Budget included a measure, Changes to debts on hold offsetting, under which the Australian Government will seek to amend the Tax Act to give the Commissioner discretion to not use a taxpayer’s refund to offset existing tax debts, where the Commissioner had put that old tax debt on hold prior to 1 January 2017. This discretion is intended to apply to individuals, small businesses and not-for-profits, and will maintain the Commissioner’s current administrative approach. At the conclusion of the audit, legislation required to give effect to this measure was still in-progress and as a result this finding remains unresolved.

Conclusion

4.16.98 Although the ANAO identified audit findings during the 2023–24 audit, additional audit procedures were undertaken in order to obtain sufficient and appropriate evidence on the financial statements by undertaking additional audit procedures. The ATO has advised the ANAO of the action it will take to remediate the audit findings identified. The ANAO will review the action taken by the entity as part of the 2024–25 audit.

4.16.99 The ANAO issued an unmodified auditor’s report on the ATO’s financial statements on 18 September 2024.

Housing Australia

4.16.100 Housing Australia is responsible for: the establishment and operation of an Affordable Housing Bond Aggregator (AHBA), which provides finance to registered community housing providers by aggregating their lending requirements and issuing bonds to institutional investors and; the establishment and operation of the National Housing Infrastructure Facility (NHIF) to provide loans, grants and investments for social and affordable housing as well as to overcome impediments to the provision of housing that is due to the lack of necessary infrastructure.

4.16.101 Housing Australia also administers the Home Guarantee Scheme (HGS) to support first home buyers and single parents to access the housing market sooner. In 2022–23 the Government announced the Housing Australia Future Fund (HAFF) and the National Housing Accord, to be administered by Housing Australia, to improve housing outcomes for Australians and which will collectively support the delivery of 20,000 new social and 20,000 new affordable homes across Australia over five years.

Summary of financial performance

4.16.102 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by Housing Australia (as outlined in Table 4.16.26) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.16.26: Key financial statements items

Source: Housing Australia’s audited financial statements for the year ended 30 June 2024.

4.16.103 The increase in total income of $735.3 million primarily relates to the receipt of $700.0 million in additional appropriation funding for the NHIF. The NHIF provides loans and grants for Critical Infrastructure and Social and Affordable Housing that would not have otherwise proceeded, or that would only have proceeded at a much later date or with a lesser impact on new social or affordable housing. The additional NHIF funding provides loans and grants towards crisis and transitional accommodation for women and children experiencing domestic violence, and crisis and transitional accommodation for youth. At 30 June 2024, these additional funds had not been expended by Housing Australia.

4.16.104 The increase in total expenses of $63.0 million is primarily related to the management costs associated with growth in the concessional loans and increasing finance costs for debt held by Housing Australia (refer to paragraph 4.16.107).

4.16.105 The increase in assets of $1.7 billion is primarily due to:

• the unexpended cash held of $700.0 million for the NHIF (as discussed at paragraph 4.16.104); and
• the growth in concessional loans held of $717.3 million. The increase in funds provided has also led to an increase in liabilities funded by new loans from the Commonwealth of $230.8 million and new bonds issued of $474.5 million.

4.16.106 The increase in total liabilities of $664.8 million primarily relates to growth in the balance of loans provided by the Australian Government and bonds which are held by Housing Australia to finance loan products.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.16.107 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing this rating are:

• a range of operations undertaken and financing provided by Housing Australia;
• the growth in existing functions including increasing concessional loans provided; and
• continued functions being added to Housing Australia’s remit including the HAFF and the National Housing Accord Facility.

Key areas of financial risk

4.16.108 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of Housing Australia’s financial statements.

4.16.109 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.16.27.

Table 4.16.27: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and Housing Australia’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.16.110 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits.

Conclusion

4.16.111 The ANAO issued an unmodified auditor’s report on Housing Australia’s financial statements on 28 August 2024.

Reserve Bank of Australia

4.16.112 The RBA is responsible for determining and implementing monetary policy that seeks to contribute to the stability of the currency and maintains full employment, works to maintain a strong financial system and efficient payments system and issue the nation’s banknotes. As well as being a policymaking body, the RBA provides selected banking services to a range of Australian Government entities and to a number of overseas central banks and official institutions. The RBA is also responsible for the management of Australia’s gold and foreign exchange reserves.

Summary of financial performance

4.16.113 The following section provides a comparison of the 2022–23 and 2023–24 key financial statements items reported by the RBA (as outlined in Table 4.16.28) and includes commentary regarding significant movements between years contributing to overall performance.

Table 4.16.28: Key financial statements items

Source: RBA’s audited financial statements for the year ended 30 June 2024.

4.16.114 The RBA’s net loss of $4.2 billion was primarily as a result of the impacts of offsetting movements from:

• higher interest rates on deposit liabilities, contributing to the net interest expense of $7.8 billion; and
• a net gain on securities and foreign exchange of $4.1 billion, due mainly to favourable changes in exchange rates.

4.16.115 The decrease in total assets of $184.4 billion was mainly due to the following offsetting movements:

• a decrease of $191.6 billion in Australian dollar investments largely as a result of scheduled maturities of the Term Funding Facility¹⁰⁰ and, to a lesser extent, maturity of a bond acquired as part of the RBA’s policy responses to the COVID-19 pandemic; and
• an increase in the value of foreign currency investments of $5.8 billion.

4.16.116 The decrease in total liabilities of $181.7 billion was primarily due to a decrease in the exchange settlement balances arising from the maturity of the Term Funding Facility.

What were the key areas of audit focus identified by the ANAO for the 2023–24 financial statements?

Engagement risk

4.16.117 Paragraph 4.0.12 describes the factors considered by the ANAO in determining the engagement risk rating and the associated audit response required. The engagement risk for the 2023–24 financial statements has been assessed as moderate. Key factors contributing to this rating are:

• the high level of public interest and accountability for the operations, given the RBA’s role as the central bank of Australia and in conducting monetary policy;
• value, complexity and level of judgement required to manage a significant portfolio of investments and other financial assets and liabilities that support monetary policy outcomes; and
• the reliance by the public and Australian financial institutions on the RBA to manage and provide key banking and settlements infrastructure as well as issuing Australia’s banknotes.

Key areas of financial risk

4.16.118 The ANAO completed appropriate audit procedures on all material financial statements line items and disclosures. The ANAO also assessed the information technology (IT) general and application controls for key systems that support the preparation of the RBA’s financial statements.

4.16.119 The ANAO focused audit effort on those specific areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2023–24 are provided in Table 4.16.29 including areas which were considered KAM by the ANAO.

Table 4.16.29: Key areas of financial statements risk

Source: ANAO 2023–24 audit results, and the RBA’s audited financial statements for the year ended 30 June 2024.

What are the results of the ANAO’s audit coverage in 2023–24?

4.16.120 There were no significant or moderate audit findings arising from the 2022–23 or 2023–24 financial statements audits. Four new minor audit findings were identified and three unresolved minor audit findings were resolved during the 2023–24 audit.

Conclusion

4.16.121 The ANAO issued an unmodified auditor’s report on the RBA’s financial statements on 25 September 2024.

Comments on non-material entities

Royal Australian Mint

4.16.122 As a national institution, the Royal Australian Mint (the Mint) creates public value through meeting the circulating coin and collector coin needs of Australia and selected international markets, maintaining Australia’s National Coin Collection, and providing educational and cultural experiences to local and overseas visitors.

What audit findings were identified in the ANAO’s audit coverage in 2023–24?

4.16.123 Table 4.16.30 summarises the status of audit findings reported by the ANAO in 2022–23 and 2023–24.

Table 4.16.30: Status of audit findings

Note a: The moderate audit finding relating to Subledger reconciliations was identified during the 2022–23 audit. This audit finding was reduced to a minor audit finding during the 2023–24 final audit. Refer to paragraphs 4.16.129 to 4.16.130.

Source: ANAO 2023–24 audit results.

4.16.124 For each of the findings listed below, the ANAO undertook additional audit procedures to gain assurance that the Mint’s 2023–24 financial statements were not materially misstated.

New moderate audit finding

Revenue recognition

4.16.125 During the 2023–24 final audit, the ANAO identified deficiencies in relation to sales of foreign circulating coin, particularly in connection with changes to how the Mint raised invoices for advanced payments. Additionally, the two IT systems that separately record the invoices and delivery docket information are not reconciled by the Mint. As a result, the ANAO identified that a risk that revenue recorded by the Mint could be understated.

4.16.126 The ANAO has recommended that the Mint review the processes for advanced payments and improve reporting functionality to allow for a more granular review of unearned income and gross margins as part of month end reconciliation and financial reporting processes.

Reduced moderate audit finding

Subledger reconciliations

4.16.127 During the 2022–23 audit, the ANAO identified a number of material unexplained and unreconciled differences in a number of subledger reconciliations prepared by management to support the Mint’s financial statements. The ANAO recommended that the Mint strengthen its reconciliation processes, specifically the review of reconciliations by management and reporting of variances.

4.16.128 During the 2023–24 audit, the ANAO noted that remediation activities, including review of over subledger reconciliations performed by the Chief Financial Officer, have improved the quality and accuracy of subledger reconciliations but further improvements are required to demonstrate that the Mint has fully addressed the recommendations in this finding. The Mint advised the ANAO that further controls to strengthen monthly processes and tasks supporting reconciliations will be implemented during 2024–25. As a result of the implementation of additional controls during 2023–24, the ANAO has reduced this audit finding to a minor audit finding.