Introduction

1. Centrelink is the Australian Government's principal service delivery agency for delivering a range of social security payments and benefits to eligible customers on behalf of policy departments. In 2008–09, Centrelink delivered social welfare payments totalling $87 billion to 7 million customers,¹ many of whom are the most vulnerable in our society and heavily dependent on Centrelink payments.

2. While improving the economic and social participation of its customers remains a high priority for Centrelink, the integrity of social security outlays is one of the high-level risks to be managed and a key consideration for policy departments including the Department of Education, Employment and Workplace Relations (DEEWR) and the Department of Families, Housing, Community Services and Indigenous Affairs (FaHCSIA).

Integrity of Outlays

3. In delivering welfare payments and services, Centrelink is responsible for the integrity of Government outlays including the provision of assurance that customer payments are correct and fraud is minimised. In managing the integrity of social security outlays, Centrelink identifies and reports against Centrelink administrative error and payment accuracy. Payment accuracy recognises the obligation of customers to advise of changes in their circumstances that may affect their payment entitlements. While inaccurate payments can be caused by an unintentional omission by the recipient customer, welfare fraud is generally characterised by deliberate omission or provision of incorrect information in order to secure payments or payment amounts for which the recipient is not entitled. The important factor in characterising fraud is the level of ‘intent' reflected in the customer's behavior.

Centrelink's Fraud Control Plan

4. Centrelink's Fraud Control Plan 2008–10 outlines its framework of compliance strategies and activities to prevent, detect and deter payment inaccuracies and fraud. The framework includes:

• prevention—systems and procedures designed to minimise incorrect payment and fraud from occurring, rather than detecting them later;
• detection—systems and procedures designed to discover incorrect payment and fraud when it occurs; and
• deterrence—systems and procedures designed to deal with incorrect payment and respond to potential or actual fraud when it is uncovered.

5. During 2008–09, Centrelink established corporate targets for fraud investigations and prosecution referrals, in order to recover the amount of customer debts and savings required by the policy agencies, under bilateral management arrangements (BMAs).

Bilateral Management Arrangements

6. Until 1 July 2009, Centrelink's revenue was primarily derived from its BMAs or similar with relevant policy departments. The arrangements with DEEWR and FaHCSIA included a suite of Key Performance Indicators (KPIs) and measures in relation to the amount of debts and savings required, mostly through the recovery of customer debts, and a payment correctness target of 95 per cent, to ensure the integrity of social security outlays.

7. Over the past few years, the total amount of customer debt raised by Centrelink as a result of compliance activities has increased from $419 million in 2006–07 to $536 million in 2008–09. During the same period, customer debts identified through fraud investigations, primarily generated from compliance activity, accounted for $127 million and $113.4 million respectively.

8. Since July 2009, Centrelink has received all of its departmental funding through direct appropriation. While policy agencies remain accountable for the oversight of social security payments, Centrelink has an increasing focus on preventative controls to manage the integrity of outlays but necessarily complements this with a range of detective controls designed to identify welfare payments that warrant closer analysis to assess their accuracy. This direction aligns with the Australian Government's new whole-of-government approach to managing social, health and welfare fraud and non-compliance, the core of which is to establish an appropriate balance between fraud prevention and detection strategies, which focuses on prevention at the service delivery interface.²

Centrelink's compliance model

9. Centrelink's approach to defining and understanding the factors that influence the compliance behaviour of its customers is reflected in its compliance model. This model takes a graduated response to customer behaviour, recognising that most customers are willing or trying to comply. Customers at the top of the pyramid are considered to be ‘unwilling' to comply, and this component is considered to constitute payment and serious fraud (see Figure S1).

Figure S.1 Centrelink’s compliance model

Source: ANAO analysis based on Centrelink’s audit entry interview presentation, 23 June 2009.

10. Centrelink's compliance program aims to provide fair and appropriate responses to customer behaviour based on the customer's demonstrated ability and willingness to comply with their payment and reporting requirements. Centrelink's compliance model acknowledges each customer's unique circumstances, varying reasons for complying with their payment obligations and the need for a tailored approach to supporting or correcting customer behaviour respectively.

11. Previous ANAO audit coverage of Centrelink's approach to managing incorrect payments and fraud focused on the agency's prevention and detection strategies.³ The ANAO's focus in this audit was Centrelink's approach to investigating and responding to external fraud, including how Centrelink prioritises, selects and deals with serious cases of non-compliance.

Fraud investigations

12. Under the Commonwealth Fraud Control Guidelines 2002 (the Guidelines), Centrelink is authorised to investigate potential cases of fraud and prepare briefs of evidence for consideration of prosecution action by the Commonwealth Director of Public Prosecutions (the CDPP). In 2008–09, Centrelink conducted 26 084 fraud investigations (compared to 35 885 in 2007–08) which led to $113.4 million in customer debts (compared to $140.2 million in 2007–08). Of the 26 084 fraud related investigations reported in Centrelink's 2008–09 Annual Report, 5082 referrals were made to the CDPP for consideration of prosecution action in relation to fraud, resulting in 2973 convictions (about 11 per cent of the total investigations reported by Centrelink).

13. Centrelink's Business Integrity Division is responsible for investigating fraud on the programs Centrelink delivers including: a Fraud Investigation Network of 11 dedicated Fraud Investigation Teams (FITs) across Australia, supported by an established intelligence capability; a Fraud Investigation Manual (the FIM) of investigation policies, procedures and processes; and systems for case managing fraud investigations, performance monitoring and reporting fraud.

14. The scale of Centrelink's detection activities is necessarily large and its investigators are provided with fraud cases from a number of areas including generic and automatic referrals, to be able to meet performance targets for savings and prosecutions referrals.⁴ The largest proportion of Centrelink's fraud cases are automatically referred debt cases.

Regulatory framework

15. In responding to fraud, Centrelink is governed by the legislation, powers and Directives under which it operates; the Australian Government's regulatory framework for Australian Public Service (APS) agencies managing fraud including the Guidelines; the Australian Government Investigations Standards (the AGIS), and other legislated requirements designed to protect the rights of individuals such as the Freedom of Information Act 1982, the Privacy Act 1988 and the Public Service Act 1988.

Social Security Law

16. The Social Security Law coercive information-gathering powers are used by Centrelink (among other approaches) to collect internal and external evidence about a customer's circumstances. These coercive powers are determined by the provisions of the Social Security (Administration) Act 1999 and are primarily used to collect information to establish an individual's eligibility or correct entitlement.⁵ For the purpose of investigations, these administrative powers can only be used in limited circumstances to collect evidence. Once fraudulent behaviour is suspected, the powers can no longer be used to collect evidence for criminal purposes.⁶ Centrelink has policies and procedural controls in place that are designed to ensure the use of coercive powers by its fraud investigators, is compliant with Social Security legislation.

The Australian Government Investigations Standards

17. In identifying the standards for investigations, the AGIS uses the Heads of Commonwealth Operational Law Enforcement Agencies (HOCOLEA)⁷ agreed principle to differentiate between compliance work and fraud investigations. The AGIS standards are identified as the authority to be applied to all investigations, regardless of the outcome of the investigation (whether administrative, civil or criminal) other than audit and compliance work.

18. The AGIS requires agencies to ‘have written procedures in place to document decision making so the transition from regulatory/compliance functions to criminal investigation is clearly identified'.⁸

19. Accordingly, Centrelink's Fraud Investigation Manual (the FIM) was developed to enable Centrelink to meet the requirements of the AGIS and enhance its ability to provide assurance to Government and Centrelink's policy and partner agencies, that it has the capability to undertake quality fraud investigation activities that accord with the AGIS.⁹ Implementation of mandatory work processes and support tools in the FIM were designed to overcome the risk to Centrelink of inconsistent practices.

Audit objective

20. The objective of the audit was to examine the effectiveness of Centrelink's approach to investigating and responding to external fraud.¹⁰ The ANAO's assessment was based on four key criteria. In particular, the ANAO assessed whether Centrelink:

• had established a management framework, business systems and guidelines, that support the investigation, prosecution and reporting of fraud;
• had implemented appropriate case selection strategies and controls to ensure resources are targeted to the cases of highest priority;
• complied with relevant external and internal requirements when investigating fraud and referring cases for consideration of prosecution; and
• had implemented an effective training program that supports high quality investigations and prosecution referrals.

Audit scope and methodology

21. The scope of the audit included fraud investigations undertaken by Centrelink during 2008–09. The ANAO's methodology involved randomly selecting a sample of cases for review from Centrelink's Fraud Investigation Case Management System (FICMS). FICMS is a purpose built system for case-managing fraud investigations and prosecution referrals and based on Centrelink's advice, was determined to be the appropriate source for sampling fraud investigation cases.

22. Subsequently, Centrelink advised that owing to systems and structural limitations, FICMS contained some cases that were compliance reviews, not fraud investigations, and Centrelink has limited capacity to distinguish between them. Centrelink considered that these limitations had resulted in the inclusion of compliance review cases in the ANAO's sample.

23. While the ANAO's analysis indicated that most of the initial larger random sample¹¹ contained activities associated with fraud investigations, the results of the case reviews in the audit report are based on 113 cases that had satisfied Centrelink's National Case Selection Guidelines for investigation and possible prosecution. These cases were referred to, and investigated by, fraud investigators in Centrelink's FITs.

24. The ANAO reviewed each of the 113 cases against the Australian Government's policies and Centrelink's internal procedures. This legislative framework and internal Centrelink guidance sets out procedures designed to promote effective prosecution of fraud, including the collection of admissible evidence, while ensuring that cases of fraud are treated fairly and equitably. In examining each case, the ANAO focused on:

• critical decision records, including whether the transition from a compliance review to an investigation was identified, and whether significant decisions and changes in the direction of an investigation were identified;
• the presence and use of investigation plans, that provide assurance of an appropriate approach and oversight of fraud investigations and allow for transparency and review at each stage of the investigation, including proposed approaches such as: witness statements; interviews; the handling of evidence; and the use of surveillance, informants and search warrants; and
• the recording of the outcome of fraud investigations and reconciliation of systems and records.

Overall conclusion

25. The scale and complexity of Centrelink's operations are reflected in the $87 billion in social security payments it delivers annually to approximately 7 million customers, many of whom are vulnerable and heavily dependent on Centrelink payments. Within this environment, encouraging customers to comply and keeping non-compliance to a minimum, is a major and ongoing task for Centrelink. The focus of this audit is Centrelink's approach to identifying, investigating and managing potential cases of external fraud.

26. Key developments recently undertaken by Centrelink to improve its fraud control program include: implementation of an on-line Fraud Investigation Manual (the FIM) designed to support high quality fraud investigations that are conducted in accordance with the Australian Government Investigations Standards (the AGIS); use of an intelligence capability to detect fraud; and a restructuring of its Business Integrity Network. In 2008–09, Centrelink met its fraud investigation and prosecution targets but did not achieve the required savings outcomes through the identification of customer debts.

27. Notwithstanding the development of Centrelink's FIM, the results of the ANAO's case reviews indicate that most of these fraud investigations did not comply with the Australian Government's regulated framework for fraud investigations and Centrelink's internal policies and procedures. Typically, these results reflect Centrelink's non-compliance with the requirements of the AGIS and its internal policies and procedures at key points throughout the investigation process, contributing to: deficiencies in case selection and prioritisation practices; and shortcomings in managerial oversight of investigation planning and the necessary deliberation of critical decisions and investigation outcomes. Meeting these key requirements is part of the Government's legislated framework and Centrelink's internal procedural controls that were put in place to promote high quality investigations and prosecution referrals, including the collection of admissible evidence, while ensuring that cases of fraud are treated fairly and equitably. In particular, Centrelink's FIM was developed to provide assurance to Government and Centrelink's policy and partner agencies, that it undertakes quality fraud investigation activities in accordance with the AGIS.

28. Centrelink refers the largest number of briefs to the Commonwealth Director of Public Prosecutions (CDPP) of any agency and these briefs generally relate to customers who are receiving social welfare benefits and whom it is alleged, have intentionally misrepresented their circumstances to Centrelink. Although ultimately it is the responsibility of the CDPP to determine which Centrelink cases are prosecuted based on standards such as fairness, consistency and accountability, under the Prosecution Policy of the Commonwealth, referral of cases to the CDPP is a decision for Centrelink. Cases that are not referred to the CDPP result in administrative remedies and, generally, this is the outcome of the majority of Centrelink cases investigated. Irrespective of the manner in which cases are handled following investigation, the audit highlighted that Centrelink would benefit from placing stronger emphasis on the quality and consistency of its case management practices, and targeting customers most at risk of committing serious fraud.

29. Until recently, Centrelink advised that its approach to targeting customers most at risk of committing serious fraud has been constrained by the agreed performance measures contained in purchaser/provider funding arrangements under which it operated with the Department of Education, Employment and Workplace Relations (DEEWR) and the Department of Families, Housing, Community Services and Indigenous Affairs (FaHCSIA) until 30 June 2009. These arrangements focused on the savings to be achieved, mostly through the recovery of customer debts and include quantitative targets for fraud investigations and prosecution referrals. Understandably, this approach influenced actual case prioritisation, selection and processing as it focused fraud investigations on the less complex cases (in order to achieve the targets), at the expense of progressing the more complex, serious fraud investigations.

30. Over time, Centrelink's ability to detect and investigate serious and complex fraud is being enhanced with the introduction of an intelligence capability. This initiative will better position Centrelink to focus its fraud investigation resources on the high risk areas. A key responsibility of Centrelink's intelligence teams¹² is to support fraud investigation operations by identifying complex and serious fraud and prioritising cases for investigation. For cases to qualify for investigation and consideration of prosecution action, they must undergo assessment and satisfy Centrelink's National Case Selection Guidelines (NCSG). Investigation outcomes can range from an administrative remedy through to referral to the CDPP for consideration of prosecution.

31. While Centrelink's new approach is designed to prioritise and manage serious cases of fraud, it is being overshadowed by the automatic and generic referral of potential fraud cases and the lack of appropriate guidance and oversight of decision-making by fraud investigators throughout the investigative process. The largest proportion of Centrelink's fraud cases are automatically referred debts and these cases also make up the largest proportion of prosecution referrals. The ANAO's reviews of 113 cases identified that while half of Centrelink's fraud investigations had undergone an Intelligence Assessment, the influence of these assessments to progress serious fraud cases to prosecution was negligible. Closer monitoring of decision making by management throughout serious fraud investigations would enable Centrelink's fraud intelligence capability to be more effectively utilised.

32. Overall, compliance with the AGIS and Centrelink's policies and procedures in the FIM, including the required managerial oversight at key points throughout the investigation process, would produce a more consistent and balanced approach to case selection, investigation planning and decision making, and, therefore, improved investigation outcomes. Compliance with these key controls would enhance Centrelink's ability to provide assurance that the investigation process is effective in achieving consistently high quality fraud investigations and prosecution referrals. In conjunction with appropriate training, this approach would improve investigators' skills and encourage a more consistent approach to capturing, recording and documenting critical and other key information and decisions throughout fraud investigations and better align with the AGIS. In particular, appropriate managerial oversight throughout investigations, would provide a greater level of assurance of decision making regarding the use of coercive powers to obtain third party information about customers generally, and more specifically, when an administrative investigation transitions to a criminal investigation.

33. The business systems used by Centrelink to provide ready access to high quality information upon which they can base their decision-making and fraud reporting also require some attention. For example, the data in Centrelink's Fraud Investigation Case Management System (FICMS) does not reconcile with the published fraud investigation performance data extracted from its Integrated Review System (IRS). This affects both an internal understanding of the nature, number and status of compliance reviews and fraud investigations managed by Centrelink and, importantly, the reliability of its external reporting. Centrelink's Business Integrity Division also confirmed that FICMS is unreliable and is not used to measure performance against investigation targets.

34. The ANAO made four recommendations that focus on supporting Centrelink's approach to managing external fraud by: more effectively using its intelligence capability; ensuring compliance with external and internal fraud investigation requirements and Social Security legislation; providing closer oversight of decision making by fraud investigators as well as more targeted and effective training; and improving the integrity and quality of its fraud data.

^{12. The word ‘Intelligence' is capitalised in this report wherever references are made to Intelligence teams and Intelligence staff.}

Key findings

Performance targets

35. During 2008–09, Centrelink had corporate targets in place for investigations (and prosecution referrals) in order to achieve the amount of savings required under the purchaser/provider arrangements that were in place with the responsible portfolio departments. These targets were tied to the dollar savings that would be identified through each fraud investigation and recouped from customers, contributing to the overall required savings amount. Over the past few years, the total amount of Centrelink debt raised as a result of compliance activities has increased from $419 million in 2006–07 to $536 million in 2008–09. During the same period, customer debts identified through fraud investigations, primarily from compliance activity, accounted for $127 million and $113.4 million respectively.

36. In 2009–10, the achievement of Centrelink's fraud-related targets has been tied to individual performance of Centrelink fraud investigators. These measures are primarily quantitative and include: the number of investigations completed (99 per year in 2009–10); the number of prosecutions referred to the CDPP (six per year in 2009–10); and the number of prosecutions accepted by the CDPP (85 per cent in 2009–10). These targets do not distinguish between outcomes by complexity of the fraud, and are not aligned with Centrelink's serious fraud priorities.

37. Centrelink's pursuit of quantitative targets at the officer level, including the selection of less complex cases for investigation, has the potential to compromise the quality of fraud investigations. For example, Centrelink reports on the number, type and age of cases that each investigator has on hand, and these reveal that many serious fraud investigations have been ongoing for up to three years or more. During interviews, stakeholders and Centrelink staff advised that the focus on the existing targets was influencing the case selection towards less complex cases for investigation and prosecution, at the expense of the more complex, serious fraud cases. Centrelink has acknowledged these issues and has since advised that investigation targets are under review.

38. While targets are a feature of a good monitoring and reporting framework, they need to be balanced and measurable. Centrelink's fraud investigation and prosecution targets and performance measures also need to be regularly reviewed to ensure ongoing relevance against Centrelink's intended outcomes. A recent ANAO audit identified the inherent risks, in the capacity of Centrelink's compliance and investigation targets, to measure the performance of compliance review officers and investigators.¹³ In response to this audit, Centrelink agreed to develop a more balanced set of measures that assess the conduct and quality of compliance reviews and investigations. This will assist in the development of a stronger focus by Centrelink on priority setting and balanced targets, relevant to combating complex and serious fraud cases.

Case prioritisation and selection

39. Centrelink has a number of detection procedures and activities to identify possible cases of fraud that require further investigation. These include: compliance reviews or ‘generic referrals' arising from anomalies identified through customer payment reviews; automatic debt referrals that occur for any customer debt that exceeds a predetermined amount [$5000]; and, increasingly, the use of fraud intelligence to detect and prioritise the more serious cases of fraud for investigation. All cases of alleged fraud referred to Centrelink's fraud investigation teams have to satisfy Centrelink's NCSG for investigation and possible prosecution. The exception is serious fraud cases that have been assessed by Centrelink's intelligence area as a high priority and must be investigated.

40. While Centrelink has policies and procedures designed to prioritise and manage serious cases of fraud, this capability is being overshadowed by the automatic and generic referral of potential fraud cases and case selection practices. The ANAO's analysis of 2007–08 fraud data¹⁴ identified that automatically referred customer debt cases were seven times more likely to be detected, investigated and referred to the CDPP than all other cases (including public and internal tip-offs, cash economy and manually referred fraud cases by compliance and other areas within Centrelink).

41. The ANAO's 113 case reviews also revealed that inconsistent case management practices, and the limited managerial guidance and oversight of decision-making in relation to case selection and at key points in the investigative process, are compromising Centrelink's referral strategies and intelligence work. While 50 per cent of cases reviewed had undergone an intelligence assessment, the influence of this analysis to contribute to higher quality outcomes was not evident in Centrelink cases progressed to the CDPP for consideration of prosecution. For example, only five per cent of investigations with an Intelligence Assessment report resulted in a referral to the CDPP, compared to 77 per cent of debt cases and 86 per cent of all other cases investigated.

42. Once cases are referred to the CDPP for assessment, the CDPP has responsibility for determining which Centrelink cases are prosecuted, in accordance with the Prosecution Policy of the Commonwealth. However, the majority of Centrelink fraud investigations are not referred to the CDPP and instead result in an administrative recovery of the identified debt. For example, in 2008–09 less than 20 per cent of Centrelink's fraud investigations resulted in referral to the CDPP, while the remaining 80 per cent received an administrative remedy.

43. While referral of a matter to the CDPP is a decision for Centrelink under the Prosecution Policy of the Commonwealth, in matters involving alleged offences of a serious nature that are not referred for consideration of prosecution, Centrelink is required to consult with the CDPP. The ANAO's case reviews identified cases with significant debts and information on file that indicated an ‘intent' to defraud the Commonwealth, where Centrelink's decision had been not to refer the case to the CDPP. In these cases, there was no record of consultation occurring between Centrelink and the CDPP, at this stage in the process.

Compliance with the Australian Government Investigations Standards and Centrelink's internal requirements

44. All agencies subject to the Commonwealth Fraud Control Guidelines 2002 (the Guidelines), are required to comply with the minimum standards for investigations as set out in the AGIS. Agencies must have in place ‘procedures that are consistent with or exceed' the AGIS, in order to comply. Each agency is also required to comply with the legislation, powers and directives under which it operates; and other legislated requirements designed to protect the rights of individuals such as the Freedom of Information Act 1982, the Privacy Act 1988 and the Public Service Act 1999.

45. To provide assurance that its investigation and prosecution referral work is performed consistently across the Business Integrity Network and to meet the AGIS requirements, Centrelink implemented its FIM in September 2007. Centrelink advised that the FIM is its mandated policy and practices manual which all fraud investigators are expected to follow.¹⁶

46. Under the Social Security (Administration) Act 1999, Centrelink exercises coercive information-gathering powers (among other techniques) to collect internal and external evidence about customers throughout the investigative process. However, for the purpose of investigations, these coercive powers can only be used in limited circumstances to collect evidence and once fraudulent behaviour is ‘suspected', the powers can no longer be used.

47. Overall, most fraud investigations reviewed by the ANAO did not comply with the Australian Government's regulated framework and Centrelink's internal policies and procedures. The important issues to emerge from the results of the ANAO's case reviews were:

• non-compliance with the AGIS and Centrelink's own polices and processes – increasing the risk of serious and complex fraud cases not being referred for consideration of prosecution and potentially affecting the quality of briefs of evidence referred to the CDPP;
• incomplete information recorded in Centrelink's Fraud Investigation Case Management System (FICMS) and investigation files – affecting Centrelink's ability to provide assurance that the investigative approach was appropriate, and to protect the rights of customers through legislated safeguards such as Freedom of Information; and
• the lack of documented critical decisions and evidence of managerial oversight at key control points in the investigative process including information-gathering processes – making it difficult to determine whether Centrelink used its coercive powers inappropriately to collect evidence after fraud was suspected.

48. Table S1 provides a summary of the results of the ANAO's case reviews in relation to Centrelink's compliance with external and internal investigation standards.

Table S.1 Centrelink’s compliance with investigation standards

Source: ANAO Analysis

Oversight of decision-making

49. Centrelink's FIM requires all critical decisions made during an investigation to be approved by a Case Manager and documented on file, to ensure investigation management and decision-making are transparent. However, the ANAO's case reviews identified that Centrelink staff are not consistently complying with this key procedural control in Centrelink's FIM. The absence of documented critical decisions during the investigative process, including when an investigation is terminated, means that Centrelink's single quality control, that is, managerial consideration and approval of decision making at key points throughout the investigative process, is not effective.¹⁸ General guidance from Case Managers, which is necessary to better inform the overall quality of decision-making throughout the investigation and to provide assurance to Centrelink, was also found to be lacking. Increased guidance and managerial oversight at key stages in the case management process would assist Centrelink to more effectively manage the investigative process and achieve consistent, high quality investigation outcomes, including referrals to the CDPP.¹⁹

50. The Guidelines encourage the ‘specialised training of employees involved in fraud control activities'. For those staff directly responsible for preventing, detecting and investigating fraud, the Guidelines require minimum qualifications and competency standards to be met. Centrelink's Business Integrity Division facilitates two Certificate IV and two Diploma Government workshops in investigations each year to ensure employees obtain their mandatory qualifications within 12 months of commencing in their roles, as per the Guidelines. Centrelink provided evidence of qualifications of staff working in fraud control but was unable to confirm the exact number and stated that intelligence staff are not required to meet the training standards.²⁰

51. Administrative coercive powers are widely used (among other methods) by the Business Integrity Network. The ANAO's case reviews identified that these powers are used to collect evidence from third parties during the assessment of fraud allegations by intelligence staff and throughout the entire fraud investigative process. Third party checks include credit companies, banks, employers, other Commonwealth agencies databases, real estate agencies and transport authorities.

52. However, the case reviews revealed that there was insufficient evidence on file to support decision making in relation to third party checks generally, and more specifically, when a written Legal Notice was issued. In all instances where a Critical Decision Record (CDR) was required to approve the decision to send written Legal Notices to third parties, there was no evidence documented on file or electronically. During 2008–09, CDRs were the single (mandated) quality control point in the investigative process that had been implemented by Centrelink. Notwithstanding, many cases had: no documented CDR on file (as required by the AGIS); where a critical decision was recorded, in many instances it was not approved or contained insufficient information to enable an informed decision; and CDR templates were not filled out correctly.

53. These results highlight the need for Centrelink to look beyond the minimum training requirements of the Guidelines, to develop a more specialised training program that better supports staff working in fraud control areas and to meet its particular business risks and related skill requirements. A more planned and strategic approach to training for fraud control staff should be based on risks identified in quality assurance and other activities such as feedback from the Australian Federal Police (AFP) and the CDPP case-related correspondence. During audit fieldwork, Centrelink developed a draft Quality Assurance Program for fraud investigations. Implementation of this program would better enable Centrelink to identify and target the training needs of fraud control staff through issues highlighted in the case reviews and through other assurance activities.

The level of system support and the quality and integrity of fraud data

54. The accuracy of an agency's information provides the basis for monitoring the effectiveness of its fraud control activities and for internal and external reporting purposes. The methods used by Centrelink to monitor, manage and report information are unclear. For example, Centrelink's FICMS was purpose-built for recording and case-managing fraud investigations. However, Centrelink advised that FICMS has limited functionality, the data is not reliable and the system is not used to monitor and report on the performance of its fraud investigation program, except for prosecution-related activity. Instead, Centrelink uses the system that manages its compliance intervention activity, the Integrated Review System (IRS), to report on its fraud investigation performance. There are, however, discrepancies between the data held in each system. These inconsistencies are reflected in the 26 084 fraud investigations reported in Centrelink's Annual Report 2008–09 compared with the 39 106 fraud investigations recorded in FICMS for the same period. Of the 26 084 cases reported, 60 per cent were not recorded in Centrelink's system dedicated to case-managing fraud investigations (FICMS).²¹ At a minimum, the performance information published by Centrelink needs to be reconcilable in both systems to enable Centrelink to be confident that the information it publicly reports is reliable in terms of: the number of actual fraud investigations; the number of cases referred to the CDPP; and the number of cases prosecuted.

55. An independent evaluation of FICMS commissioned by Centrelink in 2006 also found that the system's operational ability was unable to deliver basic investigation and prosecution functions and does not meet the standards in AGIS of a case management system. ²²

Summary of agencies' responses

56. The following comments constitute a summary of each agency's response to the audit. The full responses are at Appendix 1.

Centrelink

57. Centrelink agrees with the recommendations of the audit of its Fraud Investigation Program. These recommendations will assist Centrelink to make further improvements to its framework of compliance strategies and activities to prevent, detect and deter non compliance and fraud.

58. Centrelink is pleased that the ANAO has acknowledged the work already undertaken to address some of the issues raised in the report. These actions will continue in line with the recommendations. Centrelink is committed to delivering cost effective and well managed processes that support good outcomes for customers and ensure the integrity of government outlays.

Australian Federal Police

59. I would like to advise you that the Australian Federal Police has studied the proposed findings as referred under Section 19 and has no additional comments to add to them.

Commonwealth Director of Public Prosecutions

60. The Commonwealth Director of Public Prosecutions provided specific comments of an editorial nature.