Reports
Health 2023
What this report is about
Results of the Health portfolio of agencies' financial statement audits for the year ended 30 June 2023.
The audit found
Unmodified audit opinions were issued for all Health portfolio agencies' financial statements.
The number of monetary misstatements increased in 2022–23, driven by key accounting issues, including the first-time recognition of paid parental leave and plant and equipment fair value adjustments.
The key audit issues were
NSW Health identified errors regarding the recognition and calculation of long service leave entitlements for employees with ten or more years of service that had periods of part time service in the first ten years, resulting in prior period restatements.
Comprehensive revaluation of buildings at the Graythwaite Charitable Trust found errors in the previous year's valuation, resulting in prior period restatements.
New parental leave legislation increased employee liabilities for portfolio agencies. The Ministry of Health corrected the consolidated financial statements to record parental leave liabilities for all agencies within the Health portfolio.
A repeat high-risk issue relates to processing time records by administrators that have not been reviewed prior to running the pay cycle.
Thirty per cent of reported issues were repeat issues.
The audit recommended
Portfolio agencies should ensure any changes to employee entitlements are assessed for their potential financial statements impact under the relevant Australian Accounting Standards.
Portfolio agencies should address deficiencies that resulted in qualified reports on:
- the design and operation of shared service controls
- prudential non-compliance at residential aged care facilities.
This report provides Parliament and other users of the Health portfolio of agencies’ financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Health portfolio of agencies (the portfolio) for 2023.
Section highlights
- Unqualified audit opinions were issued for all portfolio agencies required to prepare general purpose financial statements.
- The total number of errors (including corrected and uncorrected) in the financial statements increased compared to the prior year.
- The Ministry of Health retrospectively corrected an $18.9 million adjustment in its financial statements relating to long service leave entitlements for certain employees.
- Graythwaite Charitable Trust retrospectively corrected a $4.2 million adjustment in its financial statements related to prior period valuations.
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.
This chapter outlines observations and insights from our financial statement audits of agencies in the Health portfolio.
Section highlights
- The 2022–23 audits identified one high-risk and 57 moderate risk issues across the portfolio.
- The high-risk matter related to the forced-finalisation of time records.
- The total number of findings increased from 67 to 111 in 2022–23.
- Thirty per cent of the issues were repeat issues. Most repeat issues related to internal control deficiencies or non-compliance with key legislation and/or central agency policies.
- Forced-finalisation of time records, accounting for the new paid parental leave provision and user access review deficiencies were the most commonly reported issues.
- Qualified Assurance Practitioner's reports were issued on:
- the design and operation of controls as documented by HealthShare NSW
- the Ministry's Annual Prudential Compliance Statements in relation to residential aged care facilities.
Appendix one – Misstatements in financial statements submitted for audit
Appendix two – Early close procedures
Appendix three – Timeliness of financial reporting
Appendix four – Financial data
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Education 2023
What this report is about
Results of the Education portfolio of agencies’ financial statements audits for the year ended 30 June 2023.
What we found
Unqualified audit opinions were issued for all Education portfolio agencies.
An ‘other matter’ paragraph was included in the TAFE Commission’s independent auditor’s report as it did not have a delegation or sub-delegation from the Minister for Education and Early Learning to incur expenditure on grants from other portfolio agencies.
What the key issues were
Comprehensive valuations of buildings at the Department of Education (the department) and at the TAFE Commission found that certain assumptions applied in previous years needed to be updated, resulting in prior period restatements.
The department prepaid a building contractor for early works on a project and some of the prepayment is in legal dispute.
The department duplicated a claim for project funding from Restart NSW in 2021.
New parental leave legislation increased employee liabilities for portfolio agencies. The department and the NSW Education Standards Authority (the Authority) updated their financial statements to record parental leave liabilities.
A high risk matter was raised for the Authority to improve the quality and timeliness of information to support their financial statement close process.
What we recommended
Portfolio agencies should ensure any changes to employee entitlements are assessed for their potential financial statements impact under the relevant Australian Accounting Standards.
The department should:
- improve processes to ensure project claims are not duplicated
- assess the risks associated with providing prepayments to contractors.
This report provides Parliament and other users of the Education portfolio of agencies’ financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Education portfolio (the portfolio) for 2023.
Section highlights
- Unqualified audit opinions were issued on all the portfolio agencies 2022–23 financial statements.
- An ‘other matter’ paragraph was included in the independent auditor’s report for the Technical and Further Education Commission (the TAFE Commission) as it did not have a delegation or sub-delegation from the Minister for Education and Early Learning to incur expenditure on grants from other portfolio agencies.
- Comprehensive valuations of buildings in the current year identified that certain assumptions applied in previous years were incorrect. The effects of these corrections are disclosed as prior period errors in the financial statements of the Department of Education (the department) and the TAFE Commission.
- The department made corrections to its financial statements to reflect increases to NSW teachers’ wages announced post balance date. This impacted amounts recorded as liabilities for a range of employee benefits and entitlements totalling $225.4 million, of which $147.9 million is accepted by the Crown and $77.5 million is borne by the department.
- A change to the NSW paid parental leave scheme, effective October 2022, created a new legal obligation that needed to be recognised by impacted government agencies. Of the three affected portfolio agencies, only the department and the NSW Education Standards Authority recognised a liability to account for this change. The aggregated unrecorded liabilities of other agencies in the portfolio totalled $2.4 million. The errors within the individual agencies’ financial statements were not material.
- The total number of errors (including corrected and uncorrected) in the financial statements increased compared to the prior year.
- The NSW Childcare and Economic Opportunity Fund should prepare financial statements unless NSW Treasury releases a Treasurer’s Direction under section 7.8 of the GSF Act that will exempt the SDA from financial reporting requirements.
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the Education portfolio.
Section highlights
- The 2022–23 audits identified one high risk and 20 moderate risk issues across the portfolio. Of these, one was a high risk repeat issue and four were moderate risk repeat issues.
- The total number of findings increased from 29 to 36, which mainly related to deficiencies in financial reporting, information technology, payroll and purchasing controls.
- The high risk matter relates to the lack of quality and timely information to support the financial statement close process at the NSW Education Standards Authority.
Appendix one – Early close procedures
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Health 2022
What the report is about
Result of Health cluster (the cluster) agencies' financial statement audits for the year ended 30 June 2022.
What we found
Unmodified audit opinions were issued for the financial statements for all Health cluster agencies.
The COVID-19 pandemic continued to increase the complexity and number of accounting matters faced by the cluster. The total gross value of corrected misstatements in 2021–22 was $353.3 million, of which $186.7 million related to an increase in the impairment provision for Rapid Antigen Tests (RATs).
A qualified audit opinion was issued on the Annual Prudential Compliance Statement related to five residential aged care facilities. There were 20 instances (19 in 2020–21) of non-compliance with the prudential responsibilities within the Aged Care Act 1997.
What the key issues were
The total number of matters we reported to management across the cluster decreased from 116 in 2020–21 to 67 in 2021–22. Of the 67 issues raised, four were high risk (three in 2020-21) and 37 were moderate risk (57 in 2020–21). Nearly half of all control deficiencies reported in 2021–22 were repeat issues.
Three unresolved high-risk issues were:
-
COVID-19 inventories impairment – we continued to identify issues relating to management’s impairment model which relies on anticipated future consumption patterns. RATs had not been assessed for impairment.
-
Asset capitalisation threshold – management has not reviewed the appropriateness of the asset capitalisation threshold since 2006.
-
Forced-finalisation of HealthRoster time records – we continued to observe unapproved rosters being finalised by system administrators so payroll can be processed on time. 2.6 million time records were processed in this way in 2021–22.
What we recommended
-
COVID-19 inventories impairment – ensure consumption patterns are supported by relevant data and plans.
-
Assets capitalisation threshold – undertake further review of the appropriateness of applying a $10,000 threshold before capitalising expenditure on property, plant and equipment.
-
Forced-finalisation of HealthRoster time records – develop a methodology to quantify the potential monetary value of unapproved rosters being finalised.
This report provides Parliament and other users of Health cluster (the cluster) agencies' financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:
-
financial reporting
-
audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Health cluster (the cluster) for 2022.
Section highlights
|
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the cluster.
Section highlights
|
Appendix one – Misstatements in financial statements submitted for audit
Appendix two – Early close procedures
Appendix three – Timeliness of financial reporting
Appendix four – Financial data
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Education 2022
What the report is about
Result of the Education cluster financial statement audits for the year ended 30 June 2022.
What we found
Unmodified audit opinions were issued for Education cluster agencies.
An 'other matter' paragraph was included in the TAFE Commission's independent auditor's report as it did not have a delegation or sub-delegation from the Minister for Education and Early Learning to incur expenditure from cluster grants.
What the key issues were
Annual fair value assessments of land and buildings showed material differences in their carrying values. As a result, the Department of Education and the TAFE Commission completed desktop revaluations of land and buildings, collectively increasing the value of these assets by $1.2 billion and $4.7 billion respectively.
The Department of Education and the NSW Education Standards Authority accepted changes to their office leasing arrangements managed by Property NSW. These changes resulted in the collective derecognition of $270.6 million of right-of-use assets and $382.9 million in lease liabilities.
What we recommended
A high-risk matter was reported in the management letter for the TAFE Commission highlighting non-compliance with policies and procedures guiding appropriate use of purchasing cards.
We recommended cluster agencies prioritise and address internal control deficiencies.
This report provides Parliament and other users of the Education cluster’s financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Education cluster (the cluster) for 2022.
Section highlights
|
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the Education cluster.
Section highlights
|
The number of findings reported to management has increased, and 31% were repeat issues
Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues were reported to management and those charged with governance of agencies. The Audit Office does this through management letters, which include observations, related implications, recommendations and risk ratings.
In 2021–22, there were 29 findings raised across the cluster (28 in 2020–21). Thirty-one per cent of all issues were repeat issues (50% in 2020–21).
The most common new and repeat issues related to internal control deficiencies in agencies’ information technology general controls, application controls, and procurement and payroll practices.
A delay in implementing audit recommendations increases the risk of intentional and accidental errors in processing information, producing management reports and generating financial statements. This can impair decision-making, affect service delivery and expose agencies to fraud, financial loss and reputational damage. Poor controls may also mean agency staff are less likely to follow internal policies, inadvertently causing the agency not to comply with legislation, regulation and central agency policies.
A high-risk matter was reported at the TAFE Commission highlighting instances of non-compliance with policies and procedures guiding appropriate purchasing card use
As part of our audit of the TAFE Commission, we integrated the use of data analytics into the audit approach. We performed data analytics over aspects of payroll, procurement and accounts payable activities. This helped us to highlight anomalies or risks in those data sets that are relevant to the audit of the TAFE Commission and plan testing procedures to address those risks. Data analytics also assisted us in providing an insight into the internal control environment of the TAFE Commission, highlighting areas where key controls are not in place or are not operating as management intended.
Our analysis over purchasing card data supplied by the TAFE Commission for the period July 2021 to March 2022 found deficiencies in the provisioning, use and cancellation of purchasing cards. This included identified instances of:
- controls effectively bypassed when a purchasing card surrendered by a former employee had been used by another employee
- split payments, circumventing delegation / cardholder limits
- delays in the submission and approval of purchasing card transactions.
The table below describes the common issues identified across the cluster by category and risk rating:
| Risk rating | Issue |
| Information technology | |
|
High: 0 new, 0 repeat 1 Moderate: 5 new, 3 repeat 2 Low: 2 new, 1 repeat 3 |
The financial audits identified areas for agencies to improve information technology processes and controls that support the integrity of financial data used to prepare agencies' financial statements. Of note were deficiencies identified in:
|
| Internal control deficiencies or improvements | |
|
High: 1 new, 0 repeat 1 Moderate: 5 new, 3 repeat 2 Low: 4 new, 1 repeat 3 |
The financial audits identified internal control weaknesses across key business processes relevant to financial reporting. Of note were deficiencies identified in:
|
| Financial reporting | |
|
High: 0 new, 0 repeat 1 Moderate: 1 new, 1 repeat 2 Low: 2 new, 0 repeat 3 |
The financial audits identified:
|
2 Moderate risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
3 Low risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
Recommendation
We recommend cluster agencies prioritise and action recommendations to address the internal control deficiencies outlined above.
COVID-19: response, recovery and impact
What the report is about
This report draws together the financial impact of COVID-19 on the agencies integral to responses across the state government sector of New South Wales.
What we found
Since the COVID-19 pandemic hit NSW in January 2020, and until 30 June 2021, $7.5 billion was spent by state government agencies for health and economic stimulus. The response was largely funded by borrowings.
The key areas of spending since the start of COVID-19 in NSW to 30 June 2021 were:
- direct health response measures – $2.2 billion
- personal protective equipment – $1.4 billion
- small business grants – $795 million
- quarantine costs – $613 million
- increases in employee expenses and cleaning costs across most agencies
- vaccine distribution, including vaccination hubs – $71 million.
The COVID-19 pandemic significantly impacted the financial performance and position of state government agencies.
Decreases in revenue from providing goods and services were offset by increases in appropriations, grants and contributions, for health and economic stimulus funding in response to the pandemic.
Most agencies had expense growth, due to additional operating requirements to manage and respond to the pandemic along with implementing new or expanded stimulus programs and initiatives.
Response measures for COVID-19 have meant the NSW Government is unlikely to meet targets in the Fiscal Responsibility Act 2012 being:
- annual expense growth kept below long-term average revenue growth
- elimination of State’s unfunded superannuation liability by 2030.
Fast facts
- First COVID-19 case in NSW on 25 January 2020
- COVID-19 vaccinations commenced on 21 February 2021
- By 31 December 2021, 25.2 million PCR tests had been performed in NSW and 13.6 million vaccines administered, with 93.6% of the 16 and over population receiving two doses
- During 2020–21, NSW Health employed an extra 4,893 full-time staff and incurred $28 million in overtime mainly in response to COVID-19
- During 2020–21, $1.2 billion was spent on direct health COVID-19 response measures and $532 million was spent on quarantine for incoming international travellers
Section highlights
|
Section highlights
|
Health 2021
This report analyses the results of our audits of the Health cluster agencies for the year ended 30 June 2021.
Our preferred approach is to table the ‘Report on State Finances’ in Parliament before any other cluster report. This is because the 'Report on State Finances' focuses on the audit results and observations relating to the Total State Sector Accounts, in effect a consolidation of all government agencies. This year the 'Report on State Finances' has been delayed due to significant accounting issues being considered in the Total State Sector Accounts and which may impact the Treasury and Transport clusters.
As there are no outstanding matters relating to audits in the Health cluster impacting the Total State Sector Accounts we have decided to break with normal practice and table this cluster report ahead of the ‘Report on State Finances’.
What the report is about
The results of Health cluster (the cluster) agencies' financial statements audits for the year ended 30 June 2021.
What we found
Unmodified audit opinions were issued for the financial statements of all Health cluster agencies.
The COVID-19 pandemic increased the complexity and number of accounting matters faced by the cluster. The total gross value of corrected misstatements in 2020–21 was $250.2 million, of which $226.0 million were pandemic related.
A qualified audit opinion was issued on the Annual Prudential Compliance Statement. The basis of the qualification related to 19 instances (18 in 2018–19) of non-compliance relating to three of the 20 prudential requirements across five aged care facilities.
What the key issues were
The total number of matters we reported to management across the cluster increased from 112 in 2019–20 to 116 in 2020–21. Of the 116 issues raised in 2020–21, three were high risk (one in 2019–20) and 57 were moderate risk (47 in 2019–20). Nearly one half of the issues were repeat issues.
The three new high-risk issues identified were:
Hotel Quarantine (HQ) fees
The absence of a tailored debt recovery strategy, data integrity issues and uncertainties around future HQ arrangements increased risks around the recoverability of HQ fees from travellers.
COVID-19 inventories
Data errors and anomalies in the impairment model and difficulties forecasting key factors impacting the management of Personal Protective Equipment (PPE) increased uncertainty associated with the valuation and impairment of COVID-19 inventories.
COVID-19 vaccines
The Commonwealth did not provide information about the cost of vaccines provided to NSW free of charge, which required the performance of internal valuations to reflect the consumption of vaccines in the financial statements.
What we recommended
Hotel Quarantine (HQ) fees
Develop a tailored assessment methodology to estimate recoverability of HQ fees and work with Revenue NSW to develop a tailored debt recovery strategy.
COVID-19 inventories
Review the current stocktaking and impairment methodology to incorporate validation of data key to the management of COVID-19 related PPE.
COVID-19 vaccines
Work with the Commonwealth to obtain primary price information on COVID-19 vaccines.
Fast facts
The Health cluster, comprising 15 local health districts, five pillars agencies, two specialty health networks and six shared state-wise services agencies, deliver health services to the people of New South Wales.
- 100% unqualified audit opinions were issued on agencies' 30 June 2021 financial statements
- 24 monetary misstatements were reported in 2020–21
- 3 high risk management letter findings were identified
- 47.4% of reported issues were repeat issues
- $23.5b property, plant and equipment as at 30 June 2021
- $26.8b total expenditure incurred in 2020–21
This report provides Parliament and other users of the Health cluster’s financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely. This chapter outlines our audit observations related to the financial reporting of agencies in the Health cluster (the cluster) for 2021.
Section highlights
|
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making. This chapter outlines our observations and insights from our financial statement audits of agencies in the Health cluster.
Section highlights
|
Findings reported to management
The number of findings reported to management has increased, with 47.4 per cent of all issues being repeat issues
Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues were reported to management and those charged with governance of cluster agencies. The Audit Office does this through our management letters, which include observations, implications, recommendations and risk ratings.
In 2020–21, there were 116 findings raised across the cluster (112 in 2019–20). 47.4 per cent of all issues were repeat issues (38.4 per cent in 2019–20).
A delay in implementing audit recommendations increases the risk of intentional and accidental errors in processing information, producing management reports and generating financial statements. This can impair decision-making, affect service delivery and expose agencies to fraud, financial loss and reputational damage. Poor controls may also mean agency staff are less likely to follow internal policies, inadvertently causing the agency not to comply with legislation, regulation and central agency policies.
The table below describes the common issues identified across the cluster by category and risk rating.
| Risk rating | Issue |
| Information technology | |
|
Moderate2 |
We identified the need for agencies to improve information technology processes and controls that support the integrity of financial data used to prepare agencies' financial statements. Of particular concern are issues associated with:
Repeat issues included:
|
|
Low1 |
|
| Internal control deficiencies or improvements | |
|
High3 1 new, 0 repeat |
We identified internal control weaknesses across key business processes, including new issues relating to:
Repeat issues included:
|
|
Moderate2 |
|
|
Low1 |
|
| Financial reporting | |
|
High3 2 new, |
We identified weaknesses with respect to financial reporting in relation to the:
|
|
Moderate2 |
|
|
Low1 |
|
| Governance and oversight | |
| Moderate2 9 new, 5 repeat |
We identified opportunities for agencies to improve governance and oversight processes, including:
Repeat issues include:
|
| Low1 2 new, 2 repeat |
|
| Non-compliance with key legislation and/or central agency policies | |
| Moderate2 1 new, 7 repeat |
We identified the need for agencies to improve compliance with key legislation and central agency policies, with new findings including:
Repeat issues include:
|
| Low1 5 new, 13 repeat |
|
4Extreme risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
3 High risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
2 Moderate risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
1 Low risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
Note: Management letter findings are based either on final management letters issued to agencies, or draft letters where findings have been agreed with management.
Complexities arising from the COVID-19 response
The 2020–21 audit identified three new high-risk findings
COVID-19 has presented the cluster with several new accounting challenges. New and evolving matters arose from changes to operating conditions, which characterised the 2020–21 financial reporting period. Issues with a high degree of estimation uncertainty will require ongoing attention as the strategies employed to deal with the COVID-19 pandemic evolve.
Expected rate of recovery of outstanding Hotel Quarantine invoices
The estimation of the amount likely to be recovered is complicated not only by the uncertainties that exist regarding the assumptions those estimations rely upon, but also the debt collection processes and strategies put into place to manage the accumulated debtors' balance. Debt collection is not administered by the cluster, but rather Revenue NSW. We observed an absence of a methodology to assess the likelihood of recovery. Instead, Sydney Local Health District was relying on Revenue NSW to develop and execute on a collection strategy. Sydney Local Health District was using the same approach to hotel quarantine debts as it did to other Health receivables. As the approach to managing international borders evolves over time, so too will the cluster's need to develop robust estimation models to assess the likely collectability of debtors.
Procurement, management and impairment of COVID-19 inventories
$656.2 million of COVID-19 inventories were procured in 2020–21, with $220.2 million consumed; $558.7 million impaired and a further $217.1 million written off. Estimates of the degree to which inventories are expired, not fit for purpose or are faulty is often based on management judgement at all stages in the procurement cycle.
With respect to the stocktaking methodology applied, the following issues were identified:
- discrepancies noted in the stock bin listing provided for audit
- discrepancies in the recount sheet generated
- inconsistent application of the stocktake methodology
- inconsistent labelling of quarantined stock
- a lack of an approach for validating stock expiry dates, which is a key input to the impairment calculations.
Although management had developed processes and a methodology to count as well as to assess the level of inventory that was not fit for purpose, ongoing attention to the operating environment that emerges post pandemic will be important in assessing the degree to which existing COVID-19 inventories can be integrated into a ‘business as usual’ model going forward. Further refinement of the key elements of the stocktaking methodology will also be required to ensure that key inputs upon which management relies to calculate the year-end inventory impairment provision can be appropriately validated.
Valuation and recognition of COVID-19 vaccines received from the Commonwealth Government
The 2020–21 financial reporting period saw the Commonwealth acquire COVID-19 vaccines and provide these to state jurisdictions to dispense to their communities. The vaccines, although provided free of charge require recognition. However, Health entities were not responsible for acquiring the vaccines and data on the vaccines' cost was not shared by the Commonwealth. Management undertook a valuation using publicly available data to estimate the value to attribute to the vaccine inventory; developed new systems and leveraged existing pharmacy systems to track physical quantities received from the Commonwealth and ultimately distributed to NSW citizens. As the response to the pandemic evolves, larger quantities, and new lines of vaccine stock will be dealt with, and policy settings will need to adapt when patterns of distribution of those vaccines (e.g., timing of third booster shots) emerge. The Ministry of Health will need to ensure that the valuations applied to the prices of inventory distributed and held in stock are as accurate as possible. This can be done through further refinement of the existing valuation methodology, obtaining price information from the Commonwealth and engaging specialist pharmaceutical valuers.
Emerging trends
Recognition of provisions without sufficient support
Several NSW Health entities raised accruals and provisions in 2020–21, which did not have an appropriate basis for recognition. Liabilities can only be recognised where there is a present obligation to make a payment arising from a past event. A number of these errors remain uncorrected in the financial statements of those entities as they are not material, individually or in aggregate to the financial statements as a whole. Increased training and guidance are required to ensure that treatment within the cluster is consistent and reflects events that have occurred and give rise to obligations.
Treatment of Commonwealth funding
In the 2020–21 and 2019–20 financial reporting periods, we observed prior period errors arising from the treatment of Commonwealth funding. These errors related to recognising revenue under funding agreements entered into with the Commonwealth in the incorrect period. The conditions of these funding arrangements, the transactional information requiring validation and the circumstances when revenue should be recognised are not always clear and can be complex. Early and continuous engagement with the Commonwealth is required to ensure that revenue recognition principles are consistently applied across the cluster.
Key repeat issues
Management of excessive annual leave
NSW Treasury guidelines stipulate annual leave balances exceeding 30 days are considered excess annual leave balances. Managing excess annual leave balances has been reported as an issue for the cluster for more than five years, with the average percentage of employees with excessive leave balances over the last five years being 36.1 per cent (35.5 per cent over five years covering 2015–16 to 2019–20).
The operational demands required to manage the COVID-19 pandemic have presented new challenges for the cluster in trying to manage its excessive leave balances. 39.2 per cent of employees now have excess leave balances at 30 June 2021 (35.4 per cent at 30 June 2020).
The state's leave policy C2020-12 Managing Accrued Recreation Leave Balances requires agencies to manage excessive leave balances to 30 days or less to maintain their workforces physical and mental health.
Accurate time recording
Forced-finalisation of time records by system administrators within HealthRoster remains an issue and we continue to observe time records forced-finalised by system administrators so pay runs can be finalised on a timely basis. During 2020–21, a total of two million (2.2 million in 2019–20) time records were force approved, which represents 5.7 per cent of total time records (6.9 per cent in 2019–20).
Existence, completeness and accuracy of key agreements
Delivery of major capital projects
Health Infrastructure (a division of the Health Administration Corporation) is responsible for the delivery of major capital projects with a budgeted spend of more than $10.0 million. Health Infrastructure oversee the planning, design, procurement, and construction phases. Capital works in progress are recognised in the financial statements of the health entity that intends to use those assets upon completion. The health entities recognise both the capital work in progress and the revenue associated with the capital funding from the Ministry for the construction of the assets. Capital funding is currently agreed with health entities as part of the annual Service Agreement. The assumption that the health entities control the assets during their construction is consistent with Health Infrastructure's role as an agent for the health entity and the Ministry's policy directive PD2020-033 'Management and control of Health Administration Corporation owned Real Property'.
We continued to observe a lack of clarity regarding agreements between Health Infrastructure, the Ministry and the cluster agency that will eventually receive the completed asset. This can lead to confusion and uncertainty around the rights and obligations of each party to the transaction.
Cross border patient funding arrangements
When patients require medical care in a jurisdiction where they are not generally domiciled, there are arrangements in place to provide funding to support cross border patient treatments. We have previously observed that agreements between NSW and other jurisdictions have not been finalised, and this continues to be the case. In the case of Victoria, no agreement has been finalised for the past seven years.
We continue to note that the cluster has long outstanding receivables and payables with other states. The absence of formal agreements between the states hampers the settlement of the debts relating to the treatment of cross border patients. The following table shows the status of Cross Border Agreements between NSW and other jurisdictions:
| States | 2014–15 | 2015–16 | 2016–17 | 2017–18 | 2018–19 | 2019–20 | 2020–21 |
| Queensland | Signed | Signed | Signed | Signed | Signed | Not finalised | Not finalised |
| Victoria | Not finalised | Not finalised | Not finalised | Not finalised | Not finalised | Not finalised | Not finalised |
| Australian Capital Territory | Signed | Signed | Signed | Signed | Signed | Signed | Not finalised |
| South Australia | Signed | Signed | Signed | Signed | Signed | Signed | Not finalised |
| Tasmania | Signed | Signed | Signed | Signed | Signed | Signed | Not finalised |
| Northern Territory | Signed | Signed | Signed | Signed | Signed | Signed | Not finalised |
| Western Australia | Signed | Signed | Signed | Signed | Signed | Signed | Not finalised |
Albury Base Hospital
Albury Base hospital is located on the border of NSW and Victoria and services residents of both states. Documentation supporting the extension of the expired Intergovernmental Agreement 2009–2017 between NSW and Victoria in relation to the integration of health services in Wodonga and Albury could not be located.
Appendix one – Misstatements in financial statements submitted for audit
Appendix two – Early close procedures
Appendix three – Timeliness of financial reporting
Appendix four – Financial data
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Education 2021
This report analyses the results of our audits of the Education cluster agencies for the year ended 30 June 2021.
Our preferred approach is to table the ‘Report on State Finances’ in Parliament before any other cluster report. This is because the 'Report on State Finances' focuses on the audit results and observations relating to the Total State Sector Accounts, in effect a consolidation of all government agencies. This year the 'Report on State Finances' has been delayed due to significant accounting issues being considered in the Total State Sector Accounts and which may impact the Treasury and Transport clusters.
As there are no outstanding matters relating to audits in the Education cluster impacting the Total State Sector Accounts we have decided to break with normal practice and table this cluster report ahead of the ‘Report on State Finances’.
What the report is about
The results of the Education cluster (the cluster) agencies' financial statements audits for the year ended 30 June 2021.
What we found
Unmodified audit opinions were issued on the Department of Education (the department), the NSW Education Standards Authority and the NSW Skills Board's financial statements.
An 'other matter' paragraph was included in the Technical and Further Education Commission's (the TAFE Commission) audit opinion drawing attention to legislative non-compliance concerning financial delegations during the reporting year.
The number of misstatements identified in the financial statements of cluster agencies decreased from 14 in 2019–20 to seven.
What the key issues were
The department and the TAFE Commission revalued their land assets this year, recognising collective increases of $863.8 million.
The department and the TAFE Commission are not scheduled to perform comprehensive revaluations of their buildings until 2022–23. Construction costs, which are a key input in their current replacement cost valuation methodologies for buildings, may have increased by an estimated nine per cent since the last comprehensive revaluation in 2017–18 based on broad based indices used by the department and the TAFE Commission. While the estimated index increase indicates the fair value of buildings may exceed the carrying values, the use of such high-level indicators has a degree of estimation uncertainty due to the specialised nature of the assets. Therefore, both agencies did not adjust the values of their buildings.
The number of issues we reported to management decreased. Fifty per cent of issues were repeated from prior years.
Of the 11 newly identified moderate rated issues, seven related to internal control deficiencies, with six identified in procurement and payroll controls.
What we recommended
The department and the TAFE Commission reconsider policy settings governing the frequency of revaluations; and refine and consider the outcomes of interim fair value assessments to ensure asset carrying values reflect fair value at each balance date.
Cluster agencies should prioritise and action recommendations to address internal control deficiencies.
Fast facts
The Education cluster, comprising four agencies, administers and delivers education and training services for NSW students, workers and industry.
- $38.6b property, plant and equipment as at 30 June 2021
- $21.2b total expenditure incurred in 2020–21
- 100% unqualified audit opinions were issued on agencies’ 30 June 2021 financial statements
- 22 moderate risk management letter findings were identified and reported to management
- 7 monetary misstatements were reported in 2020–21
- 50% of reported issues were repeat issues
This report provides Parliament and other users of the Education cluster’s financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Education cluster (the cluster) for 2021.
Section highlights
|
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the Education cluster.
Section highlights
|
Findings reported to management
The number of findings reported to management has decreased. Fifty per cent of all issues were repeat issues
Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues were reported to management and those charged with governance of agencies. The Audit Office does this through management letters, which include observations, related implications, recommendations and risk ratings.
In 2020–21, there were 28 findings raised across the cluster (33 in 2019–20). Fifty per cent of all issues were repeat issues (45 per cent in 2019–20).
The most common repeat issues related to weaknesses in controls over information technology general controls, application controls, and identified deficiencies in procurement and payroll practices.
A delay in implementing audit recommendations increases the risk of intentional and accidental errors in processing information, producing management reports and generating financial statements. This can impair decision-making, affect service delivery and expose agencies to fraud, financial loss and reputational damage. Poor controls may also mean agency staff are less likely to follow internal policies, inadvertently causing the agency not to comply with legislation, regulation and central agency policies.
The table below describes the common issues identified across the cluster by category and risk rating.
| Risk rating | Issue |
| Information technology | |
|
Moderate2 |
The financial audits identified areas for agencies to improve information technology processes and controls that support the integrity of financial data used to prepare agencies' financial statements. Of note were deficiencies identified in:
|
|
Low1 |
|
| Internal control deficiencies or improvements | |
|
Moderate2 |
The financial audits identified internal control weaknesses across key business processes relevant to financial reporting. Of note were deficiencies identified in:
|
|
Low1 |
|
| Financial reporting | |
|
Moderate2 |
The financial audits identified:
|
|
Low1 |
|
3 High risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
2 Moderate risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
1 Low risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
The department continues to address recommendations to improve monitoring of privileged user access
Privileged users have higher levels of access to systems, and in some instances, may include access that can bypass segregation of duty controls. If reviews of access logs are not fully embedded in the control environment, the risk of unauthorised transactions occurring and not being detected in a timely manner is elevated.
In 2019–20 a high-risk issue was reported at the department relating to the inadequate monitoring and follow up of privileged user activity in its enterprise resource planning system – SAP. This year the department has largely addressed our findings by initiating a review of the identified instances of privileged user activity and establishing periodic oversight controls. There remains a need to improve the timeliness and completeness of these newly implemented controls.
Data analytics identified the root cause of internal control deficiencies in procurement and payroll
Our 2020–21 agency management letters identified seven new moderate risk internal control deficiency matters, of which six related to payroll and procurement.
To enhance our financial statement audit of the department we applied data analytics over elements of the department's procurement and payroll control processes. Our procedures, conducted over periods across the financial year, helped identify the following:
- a low level of compliance with procurement practices requiring the creation of purchase orders before invoices are received. The root cause was a lack of understanding by agency staff of the procurement processes
- transactions related to previous years being recorded in the current year. The root cause was a lack of understanding of the three-way matching process and the goods received/not invoiced facilities within SAP
- negative payments in fortnightly pay runs, predominantly representing deductions to recover salary payments made in error. The root cause was the lack of timeliness in notifying payroll for cessation of employment, or for employees undertaking secondments who should have been classified as being on leave without pay.
Recommendation
We recommend cluster agencies prioritise and action recommendations to address the internal control deficiencies outlined above.
Appendix one – Early close procedures
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Health 2020
This report analyses the results of our audits of financial statements of the Health cluster for the year ended 30 June 2020. The table below summarises our key observations.
1. Financial reporting
| Financial reporting |
Unqualified financial audit opinions The financial statements of NSW Health and its 25 controlled entities received unqualified opinions. The number of corrected and uncorrected misstatements increased from the prior year. Misstatements related predominantly to the implementation of new accounting standards, asset revaluations and accounting for new revenue streams to cover the cost of HSW Health’s response to the COVID-19 pandemic. Qualified compliance audit opinion We issued a qualified audit opinion for the Ministry of Health’s Annual Prudential Compliance Statement for aged care facilities operated by NSW Health. We identified 18 instances of material non-compliance with the Fees and Payments Principles 2014 (No. 2) (the Principles) in 2019–20 (30 in 2018–19). |
| Financial performance |
NSW Health received an additional $3.3 billion in funding to cover costs associated with its response to the COVID-19 pandemic. The impacts of the COVID-19 pandemic on the cluster were significant for health entities and included changes to operations, increased revenues, expenditure, assets and liabilities. Cancellation of elective surgery and decreased emergency department presentations meant that despite the pandemic, activity levels at many health entities decreased. Health Pathology and HealthShare were notable exceptions. In the period to the 30 June 2020, NSW Health reported that over 900,000 COVID-19 tests were conducted. Health Pathology conducted over 500,000 of these tests. Health Pathology's surge requirements were enhanced through arrangements with 13 private sector providers. HealthShare purchased $864.2 million of personal protective equipment. Overall, NSW Health recorded an operating surplus of $3.1 billion in 2019–20, an increase of $2.0 billion from 2018–19. As in previous years, the surplus largely resulted from additional revenue received to fund capital projects including the construction of new facilities, upgrades and redevelopments. In 2019–20 additional Commonwealth and State funding for the purchase and stockpiling of personal protective equipment also contributed to the operating surplus. |
| Overtime payments | The Ambulance Service of NSW’s (NSW Ambulance) reduced their overtime payments to $79.7 million in 2019–20 ($83.1 million in 2018–19). Overtime payments in 2019–20 included $6.8 million related to the response to the 2019–20 bushfire season. NSW Ambulance overtime payments represent 16.8 per cent of total overtime payments in the cluster. |
2. Audit observations
| Internal control deficiencies |
We identified more internal control deficiencies in 2019–20. The number of repeat issues from prior years also remains high. NSW Health addressed 18 out of the 25 information system control deficiencies during the year. Several key agreements lacked formal documentation. This included agreements between the Ministry and health entities, between health entities and agencies in other clusters and between the Ministry and health departments in other jurisdictions. |
| Infrastructure delivery | NSW Health had 44 ongoing major capital projects at 30 June 2020 with a total revised budget of $12.3 billion. The revised total budget of $12.3 billion is $2.0 billion more than the original budget. NSW Health revises budgets when it combines project stages. |
This report provides parliament and other users of the Health cluster’s financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
The impacts of the COVID-19 pandemic on the cluster were significant and included changes to the operations of the health entities and increased revenue, expenditure, assets and liabilities.
As a part of this year's audits of health entities, we have considered:
- financial implications of the COVID-19 emergency at both health entity and cluster levels
- changes to agencies' operating models
- agencies' access to technology and the maturity of systems and controls to prevent unauthorised and fraudulent access to data.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
The response to the COVID-19 pandemic primarily impacted the financial reporting of NSW Health through:
- additional revenue from the State government in the form of grants and stimulus payments
- additional revenue from the Commonwealth government under the National Partnership Agreement for COVID-19 to cover part of the cost of responding to the COVID-19 pandemic
- increased expenses, largely due to increased payments to private health operators to maintain their viability during the COVID-19 pandemic and later to assist with public patient elective surgery waitlists and increased cleaning costs
- increased purchases of personal protective equipment.
Chapter one outlines the impacts of NSW Health’s response to the COVID-19 pandemic. This chapter outlines our other audit observations related to the financial reporting of agencies in the Health cluster for 2020.
Section highlights
- Unqualified audit opinions were issued for all health entities’ financial statements, although more misstatements were identified than last year.
- NSW Health recorded an operating surplus of $3.1 billion, an increase of $2.0 billion from 2018–19. This is largely due to additional capital grants for new facilities, upgrades and redevelopments and additional Commonwealth and State funding for the purchase of personal protective equipment.
- NSW Health’s expenses increased by 5.5 per cent in 2019–20 (7.0 per cent in 2018–19) despite the impact of the COVID-19 pandemic. The primary causes for the growth in expenses are increases in:
- employee related expenses due to higher employee numbers, increased overtime and a 2.5 per cent award increase
- payments to private health operators to maintain their viability during the COVID-19 pandemic and later to assist with public patient elective surgery waitlists
- payments to private health operators due to the first full year of operation of the Northern Beaches hospital.
- The Ambulance Service of NSW (NSW Ambulance) continued to report higher overtime payments than other health entities. However, despite the response to the 2019–20 bushfire season, their overtime payments were lower than last year. NSW Ambulance paid $79.7 million in overtime payments in 2019–20 ($83.1 million in 2018–19).
- A qualified audit opinion was issued for the Ministry of Health’s Annual Prudential Compliance Statement for aged care facilities operated by NSW Health. There were 18 instances of material non-compliance with the Fees and Payments Principles 2014 (No. 2) (the Principles) in 2019–20 (30 in 2018–19)
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
The primary impact of the COVID-19 pandemic on the effectiveness of the internal controls of NSW Health and health entities relates to the effectiveness of controls implemented by HealthShare relating to the stocktake of personal protective equipment inventories. Inventory managed by HealthShare increased by 2,746 per cent during 2019–20. HealthShare’s inventory controls did not maintain pace with the sudden, significant increase.
The impacts of NSW Health’s response to the COVID-19 pandemic are outlined in chapter one. This chapter outlines other observations and insights from our financial statement audits of agencies in the Health cluster.
Section highlights
- The number of internal control deficiencies has increased since 2018–19. More than a third of control deficiencies are repeat issues.
- Control deficiencies that relate to managing employees’ leave and employee’s time recording continue to be difficult for entities to resolve, particularly during the ongoing response to the COVID-19 pandemic.
- Several key agreements were undocumented. These included agreements between the Ministry and the health entities, between health entities, and between the Ministry and entities in other clusters and jurisdictions. These related to:
- a loan arrangement between the Ministry and HealthShare for $319 million.
- Northern Sydney Local Health District's use of land and buildings owned by the Graythwaite Charitable Trust
- agreements for the treatment of New South Wales residents while they are interstate, and interstate residents receiving treatment while they are in New South Wales from Queensland, Victoria, South Australia and the ACT for both 2019–20 and 2018–19.
- NSW Health reported that they completed nine major capital projects during 2019–20. As at 30 June 2020 there were 44 ongoing major capital health projects in NSW. The revised capital budget for these projects in total was $2.0 billion more than the original budget of $10.3 billion. NSW Health reported the budget revisions are largely the result of combining project stages.
Appendix one – List of 2020 recommendations
Appendix two – Status of 2019 recommendations
Appendix three – Financial data
Appendix four – Analysis of financial indicators
Appendix five – Analysis of performance against budget
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Auditor-General’s Report to Parliament
Health 2020
11 December 2020
This corrigendum has been prepared to amend the following text within the Auditor-General’s Report to Parliament on Health 2020, dated 10 December 2020.
NSW Health emergency department treatment times
On page five the original text was as follows:
NSW Health also measures the percentage of patients whose clinical care in emergency departments is completed within four hours. The measure is used as an indicator of accessibility to public hospital services.
NSW Health aims to complete clinical care in the emergency department for 81 per cent of patients within four hours. In 2019–20 NSW Health reports it completed clinical care within four hours for 72.1 per cent of patients (a 7.3 per cent decrease from 2018–19).
At Western Sydney Local Health District, 59 per cent of patients were treated within the targeted timeframe. NSW Health attribute this to the profile of patients presenting in emergency departments and additional time taken processing COVID-19 patients to ensure staff safety.
The original text has now been changed to:
NSW Health also measures the percentage of patients with total time in the emergency department of four hours or less for each local health district. The measure is used as an indicator of accessibility to public hospital services.
| Local Health Districts | Target % (2019–20) | Actual % (2019–20) |
| Central Coast | 77.0 | 59.9 |
| Far West | 90.2 | 86.6 |
| Hunter New England | 81.0 | 72.5 |
| Illawarra Shoalhaven | 79.0 | 60.2 |
| Mid North Coast | 82.0 | 76.7 |
| Murrumbidgee | 85.3 | 81.9 |
| Nepean Blue Mountains | 79.0 | 65.5 |
| Northern NSW | 81.0 | 78.2 |
| Northern Sydney | 79.0 | 73.9 |
| South Eastern Sydney | 78.0 | 70.3 |
| South Western Sydney | 78.0 | 61.2 |
| Southern NSW | 85.0 | 83.0 |
| Sydney | 76.0 | 70.9 |
| Sydney Children’s Hospitals Network | 80.0 | 72.1 |
| Western NSW | 85.9 | 81.0 |
| Western Sydney | 78.0 | 59.0 |
| St Vincent's Health Network* | 75.0 | 65.4 |
The above changes will be reflected in the version of the report published on the Audit Office website and should be considered the true and accurate version.
Education 2020
The Auditor-General for New South Wales, Margaret Crawford, released a report today titled Education 2020. This report focuses on key observations and findings from the most recent audits of agencies in the Education cluster.
Unqualified audit opinions were issued for all cluster agencies’ financial statements. However, internal control deficiencies were identified across the cluster agencies, including deficiencies in the management of purchasing cards and 15 internal control issues that were repeated from the previous year.
The 2019–20 natural disasters caused widespread damage in both Northern and Southern NSW. The COVID‑19 pandemic further challenged agencies, requiring social distancing and other infection control measures which disrupted the traditional means of teaching students. Agencies have adjusted their operations to respond to these emergency events.
The TAFE Commission’s revenues 2019–20 were impacted by the pandemic. Lower enrolments and an increase in fee-free short courses offered during the year contributed to the result.
This report analyses the results of our audits of financial statements of entities within the Education cluster for the year ended 30 June 2020. The table below summarises our key observations and recommendations.
1. Financial reporting
| Audit opinions | Unqualified audit opinions were issued for all cluster agencies' 30 June 2020 financial statements audits. |
| New accounting standards |
Agencies implemented three new accounting standards during the year. Our financial statement audits of the Department of Education (the Department) and NSW Education Standards Authority (NESA) identified issues with the leasing information provided by Property NSW (PNSW). Despite the outsourcing arrangement, both the Department and NESA remain ultimately responsible for the completeness and accuracy of this information, which would have benefited from a more thorough quality assurance, validation and review process before they placed reliance upon it. Recommendation: We recommend the Department and NESA:
|
| Changes were made to the financial reporting requirements this year to account for the impact of the pandemic |
Emergency legislation was enacted during the year in response to the COVID-19 pandemic. The legislation revised the statutory reporting deadlines for agencies to submit their financial statements and allowed the Treasurer to continue authorising payments from the consolidated fund until the enactment of the 2020–21 budget. All cluster agencies prepared their financial statements on a going concern basis and submitted their financial statements within the revised statutory deadlines. The State provided $159.0 million in stimulus funding to support the operations of cluster agencies during emergency events. Nearly half of this funding was to support cleaning activities by the Department and the Technical and Further Education Commission (the TAFE Commission) during the COVID-19 pandemic. |
| Quality and timeliness of financial reporting |
The number of monetary misstatements identified in agencies' financial statements decreased to 14 (23 in 2018–19). While the number of corrections made to the financial statements after the submission date increased to eight (two in 2018–19), it is important to note these corrections provide parliament and other users of the financial statements increased confidence in the accuracy and presentation of agencies' performance and financial position. |
| Sustainability of cluster agencies | The TAFE Commission's enrolments declined, and operating margins reduced, both being impacted by the COVID-19 pandemic. |
2. Audit observations
| Internal control deficiencies |
We identified 33 internal control issues, including 15 findings that were repeated from previous years. A high-risk issue was reported at the Department relating to the inadequate monitoring and follow up of privileged user activity in its enterprise resource planning system – SAP. Repeat findings relate to ongoing deficiencies in information technology controls and management policies, practices and procedures. Recommendation: Cluster agencies should:
|
| Agency responses to emergency events |
The Department established a separate bushfire relief directorate and COVID-19 Taskforce to assist and support school communities in response to recent emergencies. Other cluster agencies have established committees or response teams to oversee and address all aspects of the impact of COVID-19. |
| Schools review 2019 | We continue to identify instances of non-compliance in relation to cash management and procurement at schools. |
| Use of purchasing cards at the Department of Education |
Since 2015, the NSW Government has encouraged the use of purchasing cards by public sector agencies. Purchasing cards are efficient to transact low value, high volume procurement of goods and services, but the use must be effectively monitored. Our review of the Department's purchasing cards identified weaknesses in its oversight and monitoring controls, including the issue and cancellation of purchasing cards Opportunities exist for the Department to better monitor card use. Tools such as data analytics are an efficient and effective detective control to identify irregular activity or misuse by cardholders. Recommendation: The Department should:
|
This report provides parliament and other users of the Education cluster’s financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations
- the impact of emergencies and the COVID-19 pandemic.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
The COVID-19 Legislation Amendment (Emergency Measures–Treasurer) Act 2020 amended legislation administered by the Treasurer to implement further emergency measures as a result of the COVID-19 pandemic. These amendments:
- allowed the Treasurer to authorise payments from the consolidated fund until the enactment of the 2020–21 budget – supporting the going concern assessments of cluster agencies
- revised budgetary, financial and annual reporting time frames – impacting the timeliness of financial reporting
- exempted certain statutory bodies and departments from preparing financial statements.
This chapter outlines our audit observations related to the financial reporting of agencies in the Education cluster for 2020, including any financial implications from the recent emergency events.
Section highlightsUnqualified audit opinions were issued on the financial statements of cluster agencies.
All cluster agencies met the revised statutory deadlines for completing early close procedures and submitting their financial statements. Emergency legislation allowing the Treasurer to continue authorising payments from the consolidated fund under the existing Appropriations Act enabled cluster agencies to prepare financial statements on a going concern basis.
|
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our:
- observations and insights from our financial statement audits of agencies in the Education cluster. It also comments on our review of elements of the financial control framework applied by schools in NSW whose financial results form part of the Department of Education's (the Department) financial statements.
- assessment of how well cluster agencies adapted their systems, policies and procedures, and governance arrangements in response to recent emergencies.
Section highlights
|
Appendix one – List of 2020 recommendations
Appendix two – Status of 2019 and 2018 recommendations
Appendix three – Financial data
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Internal controls and governance 2020
The Auditor-General for New South Wales, Margaret Crawford today released her report on the findings and recommendations from the 2019–20 financial audits that relate to internal controls and governance at 40 of the largest agencies in the NSW public sector.
The bushfire and flood emergencies and the COVID‑19 pandemic continue to have a significant impact on the people and public sector of New South Wales. The scale of the government response to these events has been significant. The report focuses on the effectiveness of internal controls and governance processes, including relevant agencies’ response to the emergencies. In particular, the report focuses on:
- financial and information technology controls
- business continuity and disaster recovery planning arrangements
- procurement, including emergency procurement
- delegations that support timely and effective decision-making.
Due to the ongoing impact of COVID‑19 agencies have not yet returned to a business‑as‑usual environment. ‘Agencies will need to assess their response to the recent emergencies and update their business continuity, disaster recovery and other business resilience frameworks to reflect the lessons learnt from these events’ the Auditor-General said.
The report noted that special procurement provisions were put in place to allow agencies to better respond to the COVID-19 pandemic. The Auditor-General recommended agencies update their procurement policies to reflect the current requirements of the NSW Procurement Framework and the emergency procurement requirements.
This report analyses the internal controls and governance of 40 of the largest agencies in the NSW public sector for the year ended 30 June 2020. These 40 agencies constitute an estimated 85 per cent of total expenditure for all NSW public sector agencies.
1. Internal control trends
| New, repeat and high risk findings |
Internal control deficiencies increased by 13 per cent compared to last year. This is predominately due to a seven per cent increase in new internal control deficiencies and 24 per cent increase in repeat internal control deficiencies. There were ten high risk findings compared to four last year. The recent emergencies have consumed agency time and resources and may have contributed to the increase in internal control deficiencies, particularly repeat deficiencies. Agencies should:
|
| Common findings |
A number of findings remain common across multiple agencies over the last four years, including:
|
2. Information technology controls
| IT general controls |
We found deficiencies in information security controls over key financial systems including:
The deficiencies above increase the risk of non-compliance with the NSW Cyber Security Policy, which requires agencies to have processes in place to manage user access, including privileged user access to sensitive information or systems and remove that access once it is not required or employment is terminated. |
3. Business continuity and disaster recovery planning
| Assessing risks to business continuity and Scenario testing |
The response to the recent emergencies and the COVID-19 pandemic has encompassed a wide range of activities, including policy setting, on-going service delivery, safety and availability of staff, availability of IT and other systems and financial management. Agencies were required to activate their business continuity plans in response, and with the continued impact of COVID-19 have not yet returned to a business-as-usual environment. Our audits focused on the preparedness of agency business continuity and disaster recovery planning arrangements prior to the onset of the COVID-19 pandemic. We identified deficiencies in agency business continuity and disaster recovery planning arrangements. Twenty-three per cent of agencies had not conducted a business impact analysis (BIA) to identify critical business functions and determine business continuity priorities. Agencies can also improve the content of their BIA. For example, ten per cent of agencies' BIAs did not include recovery time objectives and six per cent of agencies did not identify key IT systems that support critical business functions. Scenario testing improves the effectiveness with which a live crisis is handled, but 40 per cent of agencies had not conducted a business continuity scenario testing exercise in the period from 1 January 2019 to 31 December 2019. There were also opportunities to improve the effectiveness of scenario testing exercises by:
Agencies have responded to the recent emergencies but addressing deficiencies will ensure agencies have adequate safeguards in their processes to again respond in the future, if required. During 2020–21 we plan to conduct a performance audit on 'Business continuity and disaster recovery planning'. This audit will consider the effectiveness of agency business continuity planning arrangements to maintain business continuity through the recent emergencies and/or COVID-19 pandemic and return to a business-as-usual environment. We also plan to conduct a performance audit on whole-of-government 'Coordination of emergency responses'. |
| Responding to disruptions |
We found agencies' governance functions could have been better informed about responses to disruptive incidents that had activated a business continuity or disaster recovery response between 1 January 2019 to 31 December 2019. For instance: in 89 per cent of instances where a business continuity response was activated, a post-incident review had been performed. In 82 per cent of these instances, the outcomes were reported to a relevant governance or executive management committee in 95 per cent of instances where a disaster recovery response was activated, a post incident review had been performed. In 86 per cent of these instances, the outcomes were reported to a relevant governance committee or executive management committee. Examples of recorded incidents included extensive air quality issues and power outages due to bushfires, system and network outages, and infected and hijacked servers. Agencies should assess their response to the recent emergencies and the COVID-19 pandemic and update business continuity, disaster recovery and other business resilience frameworks to incorporate lessons learned. Agencies should report to those charged with governance on the results and planned actions. |
| Management review and oversight | Eighty-two per cent and 86 per cent of agencies report to their audit and risk committees (ARC) on their business continuity and disaster recovery planning arrangements, respectively. Only 18 per cent and five per cent of ARCs are briefed on the results of respective scenario testing. Briefing ARCs on the results of scenario testing exercises helps inform their decisions about whether sound and effective business continuity and disaster recovery arrangements have been established. |
4. Procurement, including emergency procurement
| Policy framework |
Agency procurement policies did not capture the requirements of several key NSW Procurement Board Directions (the Directions), increasing the risk of non-compliance with the Directions. We noted:
Recommendation: Agencies should review their procurement policies and guidelines to ensure they capture the key requirements of the NSW Government Procurement Policy Framework, including NSW Procurement Board Directions. |
| Managing contracts |
Eighty-eight per cent of agencies maintain a central contract register to record all details of contracts above $150,000, which is a requirement of GIPA legislation. Of the agencies that maintained registers, 13 per cent did not capture all contracts and eight per cent did not include all relevant contract details. Sixteen per cent of agencies did not periodically review their contract register. Timely review increases compliance with GIPA legislation, and enhances the effectiveness with which procurement business units monitor contract end dates, contract extensions and commence new procurement. |
| Training and support |
Ninety-three per cent of agencies provide training to staff involved in procurement processes, and a further 77 per cent of agencies provide this training on an on-going basis. Of the seven per cent of agencies that had not provided training to staff, we noted gaps in aspects of their procurement activity, including:
Training on procurement activities ensures there is effective management of procurement processes to support operational requirements, and compliance with procurement directions. |
| Procurement activities | While agencies had implemented controls for tender activities above $650,000, 43 per cent of unaccredited agencies did not comply with the NSW Procurement Policy Framework because they had not had their procurement endorsed by an accredited agency within the cluster or by NSW Procurement. This endorsement aims to ensure the procurement is properly planned to deliver a value for money outcome before it commences. |
| Emergency procurement |
As at 30 June 2020, agencies within the scope of this report reported conducting 32,239 emergency procurements with a total contract value of $316,908,485. Emergency procurement activities included the purchase of COVID-19 cleaning and hygiene supplies. The government, through NSW Procurement released the 'COVID-19 Emergency procurement procedure', which relaxed procurement requirements to allow agencies to make COVID-19 emergency procurements. Our review against the emergency procurement measures found most agencies complied with requirements. For example:
Complying with the procedure helps to ensure government resources are being efficiently, effectively, economically and in accordance with the law. Recommendation: Agency procurement frameworks should be reviewed and updated so they can respond effectively to emergency situations that may arise in the future. This includes:
|
5. Delegations
| Instruments of delegation |
We found that agencies have established financial and human resources delegations, but some had not revisited their delegation manuals following the legislative and machinery of government changes. For those agencies impacted by machinery of government changes we noted:
Delegations manuals are not always complete; 16 per cent of agencies had no delegation for writing off bad debts and 26 per cent of agencies had no delegation for writing off capital assets. Recommendation: Agencies should ensure their financial and human resources delegation manuals contain regular set review dates and are updated to reflect the Government Sector Finance Act 2018, machinery of government changes and their current organisational structure and roles and responsibilities. |
| Compliance with delegations |
Agencies did not understand or correctly apply the requirements of the Government Sector Finance Act 2018 (GSF Act), resulting in non-compliance with the Act. We found that 18 per cent of agencies spent deemed appropriations without obtaining an authorised delegation from the relevant Minister(s), as required by sections 4.6(1) and 5.5(3) of the GSF Act. Further detail on this issue will be included in our Auditor-General's Reports to Parliament on Central Agencies, Education, Health and Stronger Communities, which will be tabled throughout December 2020. Recommendation: Agencies should review financial and human resources delegations to ensure they capture all key functions of laws and regulations, and clearly specify the relevant power or function being conferred on the officer. |
6. Status of 2019 recommendations
| Progress implementing last year's recommendations |
Recommendations were made last year to improve transparency over reporting on gifts and benefits and improve the visibility management and those charged with governance had over actions taken to address conflicts of interest that may arise. This year, we continue to note:
While we acknowledge the significance of the recent emergencies, which have consumed agency time and resources, we note limited progress has been made implementing these recommendations. Further detail on the status of implementing all recommendations is in Appendix 2. Recommendation: Agencies should re-visit the recommendations made in last year's report on internal controls and governance and action these recommendations. |
Internal controls are processes, policies and procedures that help agencies to:
- operate effectively and efficiently
- produce reliable financial reports
- comply with laws and regulations
- support ethical government.
This chapter outlines the overall trends for agency controls and governance issues, including the number of audit findings, the degree of risk those deficiencies pose to the agency, and a summary of the most common deficiencies we found across agencies. The rest of this report presents this year’s controls and governance findings in more detail.
|
Section highlights We identified ten high risk findings, compared to four last year with two findings repeated from the previous year. There was an overall increase of 13 per cent in the number of internal control deficiencies compared to last year due to a seven per cent increase in new internal control deficiencies, and a 24 per cent increase in repeat internal control deficiencies. The recent emergencies have consumed agency time and resources and may have contributed to the increase in internal control deficiencies, particularly repeat deficiencies. We identified a number of findings that remain common across multiple agencies over the last four years. Some of these findings related to areas that are fundamental to good internal control environments and effective organisational governance. Examples include:
Policies, procedures and internal controls should be properly designed, be appropriate for the current organisational structure and its business activities, and work effectively. |
This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency controls to manage key financial systems.
|
Section highlights Government agencies’ financial reporting is heavily reliant on information technology (IT). We continue to see a high number of deficiencies related to IT general controls, particularly those related to user access administration. These controls are key in adequately protecting IT systems from inappropriate access and misuse. IT is also important to the delivery of agency services. These systems often provide the data to help monitor the efficiency and effectiveness of agency processes and services they deliver. Our financial audits do not review all agency IT systems. For example, IT systems used to support agency service delivery are generally outside the scope of our financial audit. However, agencies should also consider the relevance of our findings to these systems. Agencies need to continue to focus on assessing the risks of inappropriate access and misuse and the implementation of controls to adequately protect their systems, focussing on the processes in place to grant, remove and monitor user access, particularly privileged user access. |
This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency business continuity and disaster recovery planning arrangements.
|
Section highlights We identified deficiencies in agency business continuity and disaster recovery planning arrangements and opportunities for agencies to enhance their business continuity management and disaster recovery planning arrangements. This will better prepare them to respond to a disruption to their critical functions, resulting from an emergency or other serious event. Twenty-three per cent of agencies had not conducted a business impact analysis (BIA) to identify critical business functions and determine business continuity priorities and 40 per cent of agencies had not conducted a business continuity scenario testing exercise in the period from 1 January 2019 to 31 December 2019. Scenario testing improves the effectiveness with which a live crisis is handled. This section focusses on the preparedness of agency business continuity and disaster recovery planning arrangements prior to the onset of the COVID-19 pandemic. While agencies have responded to the recent emergencies, proactively addressing deficiencies will ensure agencies have adequate safeguards in their processes to again respond in the future, if required. During 2020–21 we plan to conduct a performance audit on 'Business continuity and disaster recovery planning'. This audit will consider the effectiveness of agency business continuity planning arrangements to maintain business continuity through the recent emergencies and/or COVID-19 pandemic and return to a business-as-usual environment. We also plan to conduct a performance audit on whole-of-government 'Coordination of emergency responses'. |
This chapter outlines our audit observations, conclusions and recommendations, arising from our review of procurement agency procurement policies and procurement activity.
|
Section highlights We found agencies have procurement policies in place to manage procurement activity, but the content of these policies was not sufficiently detailed to ensure compliance with NSW Procurement Board Directions (the Directions). The Directions aim to ensure procurement activity achieves value for money and meets the principles of probity and fairness. Agencies have generally implemented controls over their procurement process. In relation to emergency procurement activity, agencies reported conducting 32,239 emergency procurements with a total contract value of $316,908,485 up to 30 June 2020. Our review of emergency procurement activity conducted during 2019–20 identified areas where some agencies did not fully comply with the 'COVID-19 Emergency procurement procedure'. We also found not all agencies are maintaining complete and accurate contract registers. This not only increases the risk of non-compliance with GIPA legislation, but also limits the effectiveness of procurement business units to monitor contract end dates, contract extensions and commence new procurement in a timely manner. We noted instances where agencies renewed or extended contracts without going through a competitive tender process during the year. |
This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency compliance with financial and human resources delegations.
Appendix one – List of 2020 recommendations
Appendix two – Status of 2019 recommendations
Appendix three – Cluster agencies
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
