The objective of the audit was to assess the effectiveness of DIAC's management of MAL. The scope was confined to DIAC's management and use of the system: it did not examine the work of others with an interest in the system, such as security agencies.
The Movement Alert List (MAL) is a computer database maintained by the Department of Immigration and Citizenship (DIAC) to protect the country from those people who may pose a threat to the Australian community. MAL is used to inform decisions about visa and citizenship grant and admission of non-citizens into the country. Checking takes place at several points, contributing to a ‘layered' approach to border management. In this way, MAL forms an important element in Australia's national security and border protection strategy.
MAL contains two subsidiary databases: the first, the Person Alert List (PAL), contains adverse information about people who are placed on this list for various reasons (‘Alert Reasons'). The second is the Document Alert List (DAL), primarily a list of lost and stolen travel documents. DIAC checks MAL when any non-citizen seeks a visa, seeks to travel to or enter Australia or applies for citizenship. Essentially, MAL is a collection of information about identities and travel documents of interest, primarily, to visa decision-makers.
Travel to and from Australia has continued to grow in recent years and the number of records in MAL has also grown in complexity and size, particularly after 2001. It now has around 680 000 PAL and over two million DAL records. Over half of PAL comprises records of non-citizens of national security concern.
The growth of the number of records in MAL has been encouraged by DIAC so as to maximise the likelihood of identifying a non-citizen of concern travelling, or seeking to travel, to Australia. Under such an approach it is important that the department have in place appropriate arrangements to review the quality of records over time to avoid deterioration in the quality of the database and the matches it generates.
The 2003 Budget funded a proposal to have a task force review MAL (the Wheen Review). Subsequently, DIAC obtained government approval and funding in the 2005 Budget to implement the recommendations of the Review. Among other things, the Review identified risks in MAL's then mode of operation and proposed redevelopment of the system with all MAL checking taking place centrally. This has been the CMAL project, which was being implemented at the time of the audit.
The objective of the audit was to assess the effectiveness of DIAC's management of MAL. The scope was confined to DIAC's management and use of the system: it did not examine the work of others with an interest in the system, such as security agencies.
Successive reviews over more than a decade have judged MAL to be conceptually sound and an increasingly important part of the suite of facilities used by DIAC and related agencies to control entry to Australia. MAL provides important information to DIAC decision-makers to help in deciding visa and citizenship applications and whether a person should be allowed into Australia.
DIAC has managed an extended period of growth in the numbers of records in MAL by adding substantial numbers of National Security records and maintaining light controls on new entries provided by departmental staff. However, the department has been less successful in ensuring the quality of its MAL records.
All the reviews of MAL have stressed the importance of it comprising sound data. However, the completeness, quality and currency of MAL data has proved an enduring problem for DIAC. Despite efforts to improve MAL data, the overall quality of data has been declining in recent years. Contributing to this position has been the challenge faced by the department in implementing an effective accountability regime to assure the quality of records over time.
Further, at an operational processing level, gaps have occurred in the arrangements designed to provide the department with assurance that all elements of MAL are working as intended. Given the centrality of the system to border protection, this aspect of the department's operations needs to be upgraded so that attention is drawn promptly to any substantial element that is not operating properly.
Over the last four years, DIAC has successfully managed the development and implementation of the new version of MAL, CMAL. This addresses certain substantial risks identified by the Wheen Review. The introduction of CMAL has improved management control over DIAC's MAL operations and provides a basis for DIAC to enhance its quality assurance of MAL data and of the operation of the system as a whole.
The ANAO has made five recommendations aimed at improving the effectiveness of DIAC's management of MAL.
Earlier reviews of MAL have identified persistent shortcomings in the management of MAL data: in collecting all the right records, in maintaining data quality and in deleting outdated information. Audit analysis showed that these shortcomings endure. This could lead to:
Regardless of the particular data quality issue, DIAC needs to resolve who is responsible for the integrity of its MAL data. This is both a persistent and strategic issue. Currently, much depends on the soundness of the original data entry by any of several thousand staff. There is no substantial edit-checking at data entry to ensure the quality of the information that is entered.
Records are entered into MAL for any of a variety of ‘Alert Reasons', reflecting the specific interests of DIAC ‘Alert Reason owners' in diverse parts of the department and from external agencies. However, most DIAC Alert Reason owners, though regarded as ‘data owners', have not assumed full responsibility for the data. This is because the data is and can be entered by many officers throughout DIAC and externally, action over which DIAC Alert Reason owners have no control.
DIAC is well aware of the deficiencies in its own MAL data. It has carried out regular reviews with the intention of identifying and, ultimately, correcting such deficiencies. Most often, these actions falter at the point where someone within DIAC has to take responsibility for carrying out corrective action. The issue of data ownership has long been identified but it clearly requires firm management decisions and action to address it.
Several streams of action are needed to deal with both the stock and the flow of data involving clarification of responsibilities, adoption of a strategy to ensure compliance of new entries with DIAC's business rules and an approach to reviewing existing data with a view to cleansing the database.
DIAC has a system in place to control who has access to MAL which, if it continues the active review process that it started in 2007, will allow it to maintain that control. Reviewing all MAL transactions would be resource-intensive but DIAC could address the lack of quality control over data entry by review of a risk-based sample of change/update transactions. These reviews could also be part of a generally improved system of quality control over MAL data entry.
DIAC's policy on the inclusion of Australians on MAL is not currently coherent or complete. It has not fully clarified its reasons for wanting to list Australians on MAL nor, therefore, identified the specific characteristics that would justify considering Australians for listing on PAL. It would benefit from doing so and then confirming that there is a sound legal basis for each reason. It could then revise its PAM3 manual on this matter accordingly.
Although action has been recommended or begun several times to cull inappropriate records of Australian citizens, it has not been completed. Moreover, new such records are being entered.
The failure to cull records is attributed in DIAC's internal review of July 2005 to ‘little priority being given to cleansing' PAL. A related question is the lack of clear responsibility for those records by various areas of DIAC—the question of data ownership. When policy has been clarified, its legal basis verified, and clear accountability has been set, DIAC will be in a position to more effectively cull inappropriate records of Australians on MAL.
DIAC is aware of the importance of privacy of personal information and the relevant requirements of its own legislation and the Privacy Act. It is also aware that MAL very largely comprises personal information, some of which is sensitive. DIAC has not considered the privacy implications of its use of MAL in any substantial way. At one point, the department contemplated but did not proceed with a Privacy Impact Assessment (PIA) for MAL during its CMAL project. It is apparent from the analysis in Chapter 5 that DIAC would be better able to assure itself that it satisfies the Information Privacy Principles if it were to conduct a PIA of its administration of MAL. The department has agreed to do so.
Over the last decade DIAC has gradually extended sophisticated data-matching software to its visa processing and border operations systems. CMAL has enabled DIAC to address the main risks the department was formerly exposed to of not using its best data-matching software in each visa processing system and varying threshold scores. DIAC has recognised the need to continually tune and refine this software.
DIAC now has a strategy encompassing biographic (MAL) and biometric elements, acknowledging that identity management will become a more complex task in future.
The risk of DIAC granting a visa without first conducting a MAL check seems slight. However, DIAC regards performing MAL checks as an essential part of border protection. This suggests that DIAC should seek a remedy for its current inability to require delegates to check MAL. A remedy could take the form of the preparation of a new ministerial direction under s. 499 of the Migration Act. This would bring its current practice and its legal framework into harmony. DIAC has agreed to consider this course of action.
On a number of occasions it has been apparent that DIAC has no information that shows how successful MAL is in helping it to achieve its outcomes. DIAC produces no data of this kind.
In administering a key business system, such as MAL, a balance should be struck between the cost of collecting performance information and the benefits to DIAC and key stakeholders, such as the Parliament, of this information in demonstrating MAL's successes. In this context, sound performance information would include data on DIAC's success in using MAL to (i) prevent people from entering Australia who pose a threat to the community and (ii) prevent such people from getting Australian citizenship. The range of other measures identified in the chapter could also help DIAC gauge the value being added by its use of MAL.
Management information on MAL is limited. It would help DIAC to manage MAL better if it were to measure and report internally on data quality, client service, and overall system reliability.
DIAC has suffered a number of failures in parts of MAL and each of these has remained undetected for an extended period. Although there is no evidence that any of these incidents has resulted in any inappropriate admissions into Australia, the department needs to have a mechanism in place that will draw such incidents to attention promptly in future.
DIAC has successfully introduced the CMAL system, which now operates in all visa processing systems. DIAC has pursued CMAL implementation as its most important priority in MAL operations, following the actual MAL-checking role itself. It has fulfilled the relevant project objectives set out in the CMAL Baseline Project Management Plan. Most important, the CMAL implementation has addressed two major risks by using DIAC's stronger name-matching software in all MAL-matching and having possible matches decided by experts in the Border Operations Centre.
CMAL implementation has taken two years longer than originally envisaged. During the project, DIAC's major Systems-for-People project introduced a new and different IT environment in which to progress, and this alone set the CMAL schedule back by about a year. However, despite the contingencies faced by the CMAL project over this time, DIAC has successfully managed its way through these and delivered its core undertakings.
Certain major tasks remain, such as decommissioning the old version of MAL, HMAL, and switching over wholly to the new system. Full realisation of benefits from the IT project will only be achieved after these changes have been implemented. Moreover, the original project encompassed measures agreed by the Government beyond the core IT redevelopment of MAL and centralising of MAL operations and which have not yet been implemented. These included the development of a reporting strategy and quality assurance process.
DIAC has not pursued its original proposals for measuring and reporting the performance of this project, though it did report progress of the core project through the CIU while required to do so. However, arrangements should be in place to give confidence that the decisions of government are effectively implemented; and when major changes are necessary, that the stakeholders are appropriately informed.
DIAC has advised that it intends to report to government, through the portfolio minister, once the CMAL NPP project wraps up at the end of 2008–09. It has undertaken to present a complete overview of the project in early 2009–10 which will include reporting against its original project objectives, as agreed by government in 2005. This includes each item specifically identified in the approved proposal.
DIAC welcomes the audit of the management of the Movement Alert List, which has made a number of observations and recommendations that will assist the department in the ongoing effective and efficient management of the MAL system.
MAL is a complex system that has been in operation for many years, and has been subject to a number of reviews and refinements. It has served DIAC and Australia extremely well. It is a key component of the layered approach to border management and a critical contributor to national security. The ANAO report notes that successive reviews have judged MAL to be conceptually sound and an increasingly important part of the suite of facilities used to control entry to Australia. DIAC continues to improve the MAL system, and the successful introduction of the new Central MAL (CMAL) system has already addressed some of the matters raised in the audit report.
We note the areas for potential improvement that the report highlights in respect of data management, data quality and system monitoring. The recommendations in these areas are supported. Data quality issues also reflect the risk environment in which MAL has operated—in particular, with high growth in records over an extended period, reflecting heightened concerns about national security, fraud and irregular people movements.
We agree that there is room for greater efficiency in respect of data management and data quality and measures are being put in place to address this. The primary concern remains that MAL brings relevant and useful information to the attention of visa decision makers and key stakeholder agencies.