Refine search

Reports

15 February 2024

Published

State Finances 2023

Treasury

Whole of Government

Asset valuation

Compliance

Cyber security

Financial reporting

Infrastructure

Internal controls and governance

Management and administration

Regulation

What this report is about

Results of the audit of the Consolidated State Financial Statements of the New South Wales General Government Sector (GGS) and Total State Sector (TSS) for the year ended 30 June 2023.

Findings

The audit opinion on the 2022–23 Consolidated State Financial Statements was qualified in relation to two issues and included an emphasis of matter.

The first qualification matter is a continuation of the prior year limitation of scope on the audit relating to the Catholic Metropolitan Cemeteries Trust (CMCT), a controlled state entity, who continued to deny access to its management, books and records for the purposes of a financial audit. As a result, the Audit Office was unable to obtain sufficient appropriate audit evidence to support the assets, liabilities, income and expenses relating to CMCT recorded in the TSS and the equity investment recognised in the GGS relating to the net assets of CMCT.

The second qualification matter relates to the limitations on the accuracy and reliability of financial information relating to Statutory Land Managers (SLMs) and Common Trust entities (CTs) controlled by the State and were either exempted from requirements to prepare financial reports, or who were required to submit financial reports and have not done so. The Audit Office was unable to obtain sufficient appropriate audit evidence to determine the impact on the value of non-land assets and liabilities, income and expenses that should be recognised in the 2022–23 Consolidated State Financial Statements and which have not been recorded in the Consolidated State Financial Statements.

The independent audit opinion also includes an emphasis of matter drawing attention to key decisions made by the NSW Government regarding the future of the Transport Asset Holding Entity of New South Wales (TAHE).

Recommendations

The report includes recommendations for NSW Treasury to address several high-risk findings, including:

ensuring accurate and reliable financial information is available to recognise the non-land balances of SLMs and CTs
ensuring the CMCT, SLMs and CTs meet their statutory reporting obligations
conducting a broader review of the financial reporting exemption framework
continued monitoring of TAHE's control over its assets
providing timely guidance to the sector relating to legislative or policy changes that impact financial reporting
developing an accounting policy for the reimbursement of unsuccessful tender bid cost contributions.

Read the PDF report

19 December 2023

Published

Treasury 2023

Treasury

Compliance

Cyber security

Financial reporting

Information technology

Internal controls and governance

Management and administration

Procurement

Regulation

Risk

Service delivery

Shared services and collaboration

What this report is about

Result of the Treasury portfolio of agencies’ financial statement audits for the year ended 30 June 2023.

The results of the audit of the NSW Government’s consolidated Total State Sector Accounts (TSSA), which are prepared by NSW Treasury, will be reported separately in our report on ‘State Finances 2023’.

The audit found

Unqualified audit opinions were issued on all general purpose financial statement audits.

Qualified audit opinions were issued on two of the 24 other engagements prepared by portfolio agencies. These related to payments made from Special Deposit Accounts that did not comply with the relevant legislation.

The number of monetary misstatements identified in our audits increased from 29 in 2021–22 to 39 in 2022–23.

The new parental leave policy impacted agencies across all portfolios. NSW Treasury should perform annual assessments to identify changes in legislation and regulation and provide timely guidance to the sector.

Transport for NSW and Sydney Metro have capitalised over $300 million of tender bid costs paid to unsuccessful tender bidders relating to significant infrastructure projects. Whilst NSW Treasury policy provides clarity on the reimbursement of unsuccessful bidders’ costs, clearer guidance on how to account for these costs in agencies’ financial statements is required.

The key audit issues were

Five high-risk issues were reported in 2022–23. Three were new findings on contract management, accounting treatments for workers compensation renewal premium adjustments and the management and oversight of a Special Deposit Account. Two repeat issues referred to the need to improve quality review processes over financial reporting and the timely approval of administration costs.

Portfolio agencies should prioritise and action recommendations to address internal control deficiencies.

This report provides Parliament and other users of the Treasury portfolio of agencies’ financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

financial reporting
audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Treasury portfolio of agencies (the portfolio) for 2023.

Section highlights

Unqualified audit opinions were issued on all Treasury portfolio agencies’ 2022–23 financial statements.
Two qualified audit opinions were issued on special purpose financial reports, relating to whether payments from the Electricity Retained Interest Corporation – Ausgrid (ERIC-A) Fund and the Electricity Retained Interest Corporation – Endeavour (ERIC-E) Fund, complied with the relevant legislation.
The total number of errors (both corrected and uncorrected) in the financial statements increased from 29 in 2021–22 to 39 in 2022–23.
Reported corrected misstatements increased from 15 in 2021–22 to 25 with a gross value of $7.1 billion in 2022–23. Reported uncorrected misstatements increased from 13 in 2021–22 to 14 in 2022–23, with a gross value of $277.6 million in 2022–23.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Treasury portfolio.

Section highlights

Five high-risk issues were reported in 2022–23. Three were new findings on contract management, accounting treatments for workers compensation renewal premium adjustments and the management and oversight of a Special Deposit Account.
A further 35 moderate risk findings were reported in 2022–23, of which ten were repeat findings.
Some agencies have again spent monies without an authorised delegation.
The quality of information provided for audit purposes needs to improve.

Appendix one – Misstatements in financial statements submitted for audit

Appendix two – Early close procedures

Appendix three – Timeliness of financial reporting

Appendix four – Financial data

Appendix five – Acquittals and other opinions

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

28 November 2023

Published

Education 2023

Education

Whole of Government

Asset valuation

Compliance

Cyber security

Financial reporting

Information technology

Internal controls and governance

Procurement

Project management

Risk

What this report is about

Results of the Education portfolio of agencies’ financial statements audits for the year ended 30 June 2023.

What we found

Unqualified audit opinions were issued for all Education portfolio agencies.

An ‘other matter’ paragraph was included in the TAFE Commission’s independent auditor’s report as it did not have a delegation or sub-delegation from the Minister for Education and Early Learning to incur expenditure on grants from other portfolio agencies.

What the key issues were

Comprehensive valuations of buildings at the Department of Education (the department) and at the TAFE Commission found that certain assumptions applied in previous years needed to be updated, resulting in prior period restatements.

The department prepaid a building contractor for early works on a project and some of the prepayment is in legal dispute.

The department duplicated a claim for project funding from Restart NSW in 2021.

New parental leave legislation increased employee liabilities for portfolio agencies. The department and the NSW Education Standards Authority (the Authority) updated their financial statements to record parental leave liabilities.

A high risk matter was raised for the Authority to improve the quality and timeliness of information to support their financial statement close process.

What we recommended

Portfolio agencies should ensure any changes to employee entitlements are assessed for their potential financial statements impact under the relevant Australian Accounting Standards.

The department should:

improve processes to ensure project claims are not duplicated
assess the risks associated with providing prepayments to contractors.

This report provides Parliament and other users of the Education portfolio of agencies’ financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

financial reporting
audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Education portfolio (the portfolio) for 2023.

Section highlights

Unqualified audit opinions were issued on all the portfolio agencies 2022–23 financial statements.
An ‘other matter’ paragraph was included in the independent auditor’s report for the Technical and Further Education Commission (the TAFE Commission) as it did not have a delegation or sub-delegation from the Minister for Education and Early Learning to incur expenditure on grants from other portfolio agencies.
Comprehensive valuations of buildings in the current year identified that certain assumptions applied in previous years were incorrect. The effects of these corrections are disclosed as prior period errors in the financial statements of the Department of Education (the department) and the TAFE Commission.
The department made corrections to its financial statements to reflect increases to NSW teachers’ wages announced post balance date. This impacted amounts recorded as liabilities for a range of employee benefits and entitlements totalling $225.4 million, of which $147.9 million is accepted by the Crown and $77.5 million is borne by the department.
A change to the NSW paid parental leave scheme, effective October 2022, created a new legal obligation that needed to be recognised by impacted government agencies. Of the three affected portfolio agencies, only the department and the NSW Education Standards Authority recognised a liability to account for this change. The aggregated unrecorded liabilities of other agencies in the portfolio totalled $2.4 million. The errors within the individual agencies’ financial statements were not material.
The total number of errors (including corrected and uncorrected) in the financial statements increased compared to the prior year.
The NSW Childcare and Economic Opportunity Fund should prepare financial statements unless NSW Treasury releases a Treasurer’s Direction under section 7.8 of the GSF Act that will exempt the SDA from financial reporting requirements.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Education portfolio.

Section highlights

The 2022–23 audits identified one high risk and 20 moderate risk issues across the portfolio. Of these, one was a high risk repeat issue and four were moderate risk repeat issues.
The total number of findings increased from 29 to 36, which mainly related to deficiencies in financial reporting, information technology, payroll and purchasing controls.
The high risk matter relates to the lack of quality and timely information to support the financial statement close process at the NSW Education Standards Authority.

Appendix one – Early close procedures

Appendix two – Financial data

31 May 2023

Published

Universities 2022

Universities

Compliance

Cyber security

Financial reporting

Information technology

Internal controls and governance

Service delivery

What this report is about

Results of the financial statement audits of the public universities in NSW for the year ended 31 December 2022.

What we found

Unmodified audit opinions were issued for all ten universities.

Nine universities reported net deficits in 2022, and all showed a decline from their 2021 results.

Results were impacted by a decline in investment income and government grants.

Wage remediation provisions across the universities increased by 116% to $110 million at 31 December 2022.

Expenditure increased as universities transitioned back to face-to-face teaching with the lifting of most COVID-19 restrictions.

Revenue from overseas students decreased by 0.5% overall in 2022, although not all universities were impacted equally.

Nearly 42% of fees and charges revenue came from overseas student revenue from three countries of origin (43% in 2021).

What the key issues were

We reported 88 findings to universities on internal control deficiencies (105 in 2021).

Six high risk findings were identified (four in 2021), relating to:

IT control deficiencies in monitoring privileged user access
password configuration
cyber security process improvements
lack of security over access to EFT payment files
the status of a university's work in assessing its liability for underpayment of staff
inadequate review of contracts leading to incorrect accounting treatments.

Two out of 13 entities reported financial losses from cyber incidents in 2022.

Retention policies on personally identifiable information (PII) vary and universities can further reduce their PII exposure risk from cyber attack.

What we recommended

Universities should:

conduct a comprehensive assessment of their employment agreements and historical pay practices to identify potential underpayments
prioritise actions to address repeat findings on internal control deficiencies in a timely manner
review their PII retention policies to ensure PII stored is limited to the entity's needs, held only for the minimum duration it is legally and operationally required, and access is strictly limited.

This report provides Parliament with the results of our financial audits of universities in New South Wales and their controlled entities in 2022, including our analysis, observations and recommendations in the following areas:

financial reporting
internal controls and governance
teaching and research.

Financial reporting is an important element of good governance. Confidence and transparency in university sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of universities in NSW for 2022.

Section highlights

The 2022 financial statements of all ten universities received unmodified audit opinions.
Wage remediation provisions across the NSW universities increased by 116% to $110 million at 31 December 2022.
Nine universities reported net deficits in 2022, and all showed a decline from 2021 results.
Revenue from overseas students decreased by 0.5% in 2022, as overseas student enrolments decreased by 1.2%. Almost 42% of universities' fees and charges revenue in 2022 came from overseas students from three countries (down from 43% in 2021).
Revenue from domestic students decreased by 0.7% in 2022, as domestic student enrolments decreased by 5.3%.
Combined expenditure for universities increased by 6.6% to $11.2 billion in 2022. Most of this was attributed to employee related expenses, which increased by 4.9%.

Appropriate financial controls help to ensure the efficient and effective use of resources and administration of policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of NSW universities.

Our audits do not review all aspects of internal controls and governance every year. The more significant issues and risks are included in this chapter. These, along with the less significant matters, are reported to universities for management to address.

Section highlights

The 2022 audits identified six high risk and 36 moderate risk issues across NSW universities. Sixteen of the moderate risk issues were repeat issues. Many repeat issues related to information technology controls around user access management.
The number of repeat deficiencies has decreased with 41 reported in 2022 compared to 45 in 2021.
Two out of 13 entities reported financial losses from cyber incidents during 2022.
Retention policies on personally identifiable information (PII) vary across entities and opportunities exist for entities to further limit their PII exposure risk from cyber attack.

Universities' primary objectives are teaching and research. They invest most of their resources aiming to achieve quality outcomes in academia and student experience. Universities have committed to achieving certain government targets and compete to advance their reputation and their standing in international and Australian rankings.

This chapter outlines teaching and research outcomes for universities in NSW for 2022.

Section highlights

Seven universities were reported as having full-time employment rates of their domestic undergraduates in 2022 that were greater than the national average.
Enrolments at NSW universities decreased the most in Science related courses in 2022. The largest increase in enrolments was in Health courses.
On average, universities delivered 21% of their courses primarily through online means in 2022, a decrease from 59% in 2021.
Five universities in 2021 were reported as meeting the target enrolment rate for students from low socio-economic status (SES) backgrounds.
Seven universities reported increased enrolments of Aboriginal and Torres Strait Islander students in 2021.

Appendix one – List of 2022 recommendations

Appendix two – Status of 2021 recommendations

Appendix three – Universities' controlled entities

Copyright notice

23 December 2022

Published

Treasury 2022

Treasury

Asset valuation

Compliance

Cyber security

Financial reporting

Information technology

Internal controls and governance

Management and administration

Procurement

Regulation

Risk

Service delivery

Shared services and collaboration

What the report is about

Results of the Treasury cluster agencies' financial statement audits for the year ended 30 June 2022.

The results of the audit of the NSW Government's consolidated Total State Sector Accounts (TSSA), which is prepared by NSW Treasury, are reported separately in our report on 'State Finances 2022'.

What we found

Unmodified audit opinions were issued on all 30 June 2022 general purpose financial statement audits.

Qualified audit opinions were issued on three of the 25 other engagements prepared by cluster agencies. These related to payments made from Special Deposit Accounts (SDA) that did not comply with the relevant legislation.

What the key issues were

Commercial agreements were signed between TAHE, the operators and Transport for NSW in June 2022, which reflected an expected rate of return of 2.5% on contributed equity. However, it remains critical that the government continue to provide sufficient funding to the operators so they can pay for access and use TAHE assets. These findings are reported in our report on 'State Finances 2022'.

Eight high-risk issues were raised in 2021–22, of which five relate to NSW Treasury.

A number of previously reported audit findings and recommendations with respect to icare continue to be ongoing issues. This includes the Workers Compensation Nominal Insurer continuing to hold less assets than the estimated present value of its future payment obligations, when measured in accordance with the accounting framework.

What we recommended

Our report on 'State Finances 2022' made several recommendations to improve NSW Treasury's processes.

In this report, we recommended icare should ensure:

it has sufficient controls in place over claim payments, including an effective quality assurance program, to minimise claim payment errors
that documentation to support PIAWE calculations is appropriately maintained, and that the minimum documentation requirements are set out in a policy.

This report provides Parliament and other users of the Treasury cluster’s financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

financial reporting
audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Treasury cluster (the cluster) for 2022.

Section highlights

Unqualified audit opinions were issued on the general purpose financial statements of all cluster agencies.
A qualified opinion was issued on the NSW Government's consolidated Total State Sector Accounts (TSSA), which are prepared by NSW Treasury. This is reported separately in our 'State Finances 2022' NSW Auditor-General's Report to Parliament.
Three qualified audit opinions were issued on special purpose financial reports, relating to whether payments from the funds complied with the relevant legislation.
Reported corrected misstatements increased from seven in 2020–21 to ten in 2021–22 with a gross value of $808.6 million. Reported uncorrected misstatements decreased from 17 in 2020–21 to 11 in 2021–22 with a gross value of $85.7 million.
Nine of 15 cluster agencies either did not submit or did not complete certain mandatory early close procedures on time.
NSW Treasury corrected a $39.7 million prior period error retrospectively in the financial statements as it overstated its accrual at 30 June 2021 relating to hotel quarantine costs.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Treasury cluster.

Section highlights

Eight high-risk issues were identified in 2021–22, an increase from four high-risk and one extreme risk in 2020–21. A further 31 moderate risk findings were reported in 2021–22, of which 12 were repeat findings.
Inconsistencies in the Government Sector Finance Act 2018 (GSF Act) and Government Sector Audit Act 1983 (GSA Act) relating to key statutory timeframes have been addressed.
Further to last year's reporting, some agencies have again spent moneys without an authorised delegation.
There was a lack of quality review of submissions for audit by NSW Treasury.
The Nominal Insurer's net assets decreased from a $2.5 billion surplus at 30 June 2018, to a $1.2 billion deficiency at 30 June 2022.
The Nominal Insurer's return-to-work rates stabilised, but remain below the performance levels prior to the COVID-19 pandemic.
The Nominal Insurer paid $29.5 million in 2021–22 to remediate historical underpayment of compensation benefits to workers (Pre-Injury Average Weekly Earnings (PIAWE) payments), and a further $8.5 million was payable at 30 June 2022.
During its review of historical PIAWE errors, icare found that indexation may have been incorrectly applied, or failed to have been applied when determining injured worker entitlements within the Nominal Insurer between 2012 and 2019. Based on calculations provided by icare, the Audit Office reported an uncorrected judgemental misstatement of $28.5 million (understatement).

Appendix one – Misstatements in financial statements submitted for audit

Appendix two – Early close procedures

Appendix three – Timeliness of financial reporting

Appendix four – Financial data

Appendix five – Acquittals and other opinions

Copyright notice

22 December 2022

Published

State Finances 2022

Treasury

Whole of Government

Asset valuation

Compliance

Cyber security

Financial reporting

Infrastructure

Internal controls and governance

Management and administration

Regulation

Risk

What the report is about

Results of the 2021–22 consolidated General Government Sector (GGS) and Total State Sector (TSS) financial statements audits.

What we found

The Independent Auditor’s Report on the 2021–22 GGS and TSS financial statements was modified with a limitation of scope and also contained an emphasis of matter.

The opinion in the TSS Independent Auditor’s Report was modified with a limitation of scope on certain balances consolidated in the TSS financial statements because the Catholic Metropolitan Cemeteries Trust (CMCT) denied access to its management, books and records for the purpose of conducting a financial audit.

The Independent Auditor’s Report also includes an emphasis of matter drawing attention to the significant uncertainties associated with the GGS’s equity investment in Transport Asset Holding Entity (TAHE). The significant uncertainty relates to key assumptions and estimates used to forecast a 2.5% return from GGS investments into TAHE that supports the accounting treatment as an equity injection, including:

funding to support the Rail Operators to pay TAHE’s contracted and forecast access and licence fees up until 2045–46. The Rail Operators are dependent on funding from the GGS to pay access and licence fees. Forecast modelling notes a requirement of a further $10.2 billion in budget funding to pay TAHE to the end of the ten-year contract period in 2030–31, in addition to the $5.5 billion allocated in the forward estimates and up to $50.8 billion for the period 2032 to 2046
a significant portion of the projected returns are earnt outside of the ten-year contract period and there is a risk that TAHE may not be able to recontract fees at levels consistent with current projections.

What we recommended

The report includes a number of recommendations including:

continued monitoring that TAHE controls the reported assets ensuring the CMCT, Category 2 Statutory Land Managers (SLM) and Commons Trusts meet their statutory reporting obligations
ensuring accounting and audit position papers are sufficiently consulted with key stakeholders and are concluded on a timely basis
ensuring agencies support the timely conclusion of audits by bringing to the auditors' attention key Cabinet records and identifying references relating to accounting issues impacting the financial statements
for Special Deposit Accounts (SDA) responsible managers should ensure amounts appropriated under any Act or law for payment into the account are appropriately recorded, ensuring payments from SDAs are allowable and made in accordance with Treasurer's delegations and standing authorisation.

Image

Margaret Crawford, Auditor-General for New South Wales

Pursuant to section 52A of the Government Sector Audit Act 1983 I am pleased to present my Auditor-General’s Report on State Finances 2022.

Once again this year has presented considerable challenges for the state sector and my Office as we collectively grapple with uncertainties related to COVID-19 and the disruption of emergency events impacting New South Wales. In addition, there were many recommendations arising from last year’s audit to be addressed.

While there is more to do to ensure good financial stewardship of the State, resolution of matters was helped by constructive engagement with the NSW Treasury at the most senior levels. Personally I wish to thank the Treasurer and Secretary for their commitment to instilling integrity in financial management systems and processes. The support Treasury provided for recent amendments to the Government Sector Audit Act 1983 to provide ‘follow the dollar’ powers and other changes recommended by the Public Accounts Committee quadrennial review of my Office is also acknowledged.

Finally I want to thank the teams that contributed to this year’s audit of the Total State Accounts for their diligence, professionalism and commitment. I am very proud of your work.

Margaret Crawford

Auditor-General for New South Wales

The Independent Auditor's Report was qualified and also included an emphasis of matter

The audit opinion on the State's 2021–22 financial statements was modified. The delayed signing of the NSW Total State Sector Accounts (TSSA) by NSW Treasury was in order to resolve significant accounting issues that were material to the TSSA. The key areas requiring significant audit effort included reviewing the State's accounting for TCorp Investment Management (IM) Funds and responding to the risks related to the Catholic Metropolitan Cemeteries Trust (CMCT) denying access to its management and books and records, which is detailed in this Report.

NSW Treasury aimed to sign the TSSA by 19 October 2022. This was delayed by nearly six weeks and the TSSA audit opinion was subsequently signed on the statutory deadline imposed on the Treasurer for tabling of the TSSA in the Legislative Assembly of 30 November 2022.

The Independent Auditor’s Report was modified due to a limitation of scope on the balances consolidated in the TSSA relating to the CMCT

The opinion in the Independent Auditor’s Report was modified with a limitation of scope due to the inability to access management, books and records of a controlled entity, the CMCT.

This year, NSW Treasury, after reconsidering all facts and the perspectives of the CMCT, reconfirmed that the CMCT is a controlled entity of the State for financial reporting purposes. This means CMCT is a GSF agency under the provisions of the Government Sector Finance Act 2018 (GSF Act). As such NSW Treasury is required by Australian Accounting Standards to consolidate the CMCT into the Total State Sector Accounts (TSSA). The value of assets and liabilities of CMCT consolidated into the TSSA is $310.3 million and $15.1 million, respectively, and the loss of CMCT consolidated into the TSSA for the year is $2.4 million.

To date, CMCT has not met its statutory obligations to prepare financial statements under the GSF Act and give them to the Auditor-General. CMCT has not submitted its financial statements to the Auditor-General for audit as required despite repeated requests and has not provided access to its books and records for the purposes of a financial audit. The Secretary of the Department of Planning and Environment wrote to CMCT to request it work with, and offer full assistance to, the Auditor-General in the exercise of her duties.

NSW Treasury has met with and considered CMCT's perspectives. NSW Treasury’s position remains that CMCT is a controlled entity of the State for financial reporting purposes. Consequently, CMCT has not met its statutory obligations as a controlled entity to submit its financial statements for audit and provide access to its books and records. Therefore, the Audit Office was unable to obtain sufficient appropriate audit evidence about the carrying amount of assets and liabilities consolidated into the Total State Sector Accounts as at 30 June 2022 and of the amount of income and expenses for the year then ended. Accordingly a modified audit opinion was issued on the NSW Government's 2021–22 consolidated financial statements.

Section 3 of this report titled 'Limitation of Scope relating to CMCT' discusses this matter in further detail.

An emphasis of matter drawing attention to uncertainty relating to the General Government Sector's investment in the Transport Asset Holding Entity (TAHE) remains

The Independent Auditor’s Report also includes an emphasis of matter, drawing attention to the significant uncertainties associated with the General Government Sector's (GGS) equity investment in TAHE. The significant uncertainty relates to key assumptions used to forecast returns from investments into TAHE in order to support the recognition of the government's funding of TAHE as an equity injection.

At the time of signing the Independent Auditor's Report, there was significant uncertainty with regards to assumptions and estimates used to forecast a return from the GGS investment into TAHE, which supports the recognition of an equity injection. There is significant uncertainty relating to:

the 2022–23 Budget committed $5.5 billion to fund TAHE's key customers, Sydney Trains and NSW Trains (the operators), to support their payment of access and licence fees agreed on 23 June 2022. However, this funding only extends out to the end of the forward estimates period in 2025–26, which falls short of the ten-year contractual periods to 2030–31 and the projected period to 2045–46 to achieve a 2.5% return from the government's equity investment. The government will need to fund the operators an additional $10.2 billion in Budget funding so that they can meet their contractual obligations to TAHE from 2026–27 to 2030–31, and a further projected funding of $50.8 billion from 2031 to 2046. This additional funding is not within the government's published Budget figures, leading to uncertainty on whether the government-funded operators can pay access and licence fees beyond the forward estimates period of 2025–26
a significant portion of the projected returns are earnt outside the ten-year contract period (terminating 30 June 2031) and there is a risk that TAHE will not be able to recontract for access and licence fees at a level that is consistent with current projections. There is also a risk that funding for TAHE's key customers will not be sufficient to fund payment of access and licence fees at a level that is consistent with current projections.

The 'State Finances 2021' report made recommendations regarding the significant accounting issues relating to TAHE. The State's response to these recommendations are detailed in Section 4 of this report titled ‘Investment in the Transport Asset Holding Entity’. Other significant matters related to the TSSA audit are covered in Section 8 titled ‘Key audit findings’.

Other financial reporting matters

All government agencies were granted an extra week to submit financial statements for audit

A one-week extension provided agencies across the sector with additional time to resolve key accounting issues and submit financial statements for audit by 1 August 2022.

Further extensions were approved for the following seven agencies (ten in 2020–21):

State Insurance Regulatory Authority (3 August 2022)
Dams Safety NSW (8 August 2022)
Jenolan Caves Reserve Trust (8 August 2022)
Transport for NSW (8 August 2022)
Department of Enterprise, Investment and Trade (22 August 2022)
Transport Asset Holding Entity (22 August 2022)
Department of Transport (26 August 2022).

Additional extensions provided agencies with more time to complete:

asset valuations
valuations of actuarially assessed liabilities.

An initial draft of the TSSA was provided to audit on 15 September 2022. This version was incomplete and excluded the impact of consolidating the State's TCorp IM funds under the correct Australian Accounting Standards. An additional three versions of the draft TSSA were provided to audit progressively to update the TCorp IM fund consolidated balances. The final complete version of the TSSA was submitted on 27 October 2022 which included all adjustments relating to the TCorp IM fund consolidation. Refer to section 8.1 for more details on the material restatements relating to the consolidation of the TCorp IM funds.

In 2021–22, agency financial statements presented for audit contained 20 errors exceeding $20 million (24 in 2020–21). The total value of these errors was $973 million, a decrease from the previous year ($6.6 billion in 2020–21).

The graph below shows the number of reported errors exceeding $20 million over the past five years in agencies’ financial statements presented for audit.

The errors resulted from:

incorrect application of Australian Accounting Standards and NSW Treasury policies
incorrect judgements and assumptions when valuing non-current physical assets and liabilities.

NSW Treasury concluded CMCT is a controlled entity of the State

In response to our recommendation in the ‘State Finances 2021’ report, NSW Treasury reconfirmed that the Catholic Metropolitan Cemeteries Trust (CMCT) is a controlled entity of the State. The Audit Office accepted the position of NSW Treasury.

The reaffirmation of this position means CMCT is a GSF agency under the provisions of the Government Sector Finance Act 2018 (GSF Act). Section 7.6 of the GSF Act places an obligation on CMCT to prepare financial statements and give them to the Auditor-General. Further, section 34 of the Government Sector Audit Act 1983 (the GSA Act) requires the Auditor-General to furnish an audit report on these financial statements.

To date, CMCT has not met its statutory obligations to prepare financial statements under the GSF Act and give them to the Auditor-General. CMCT has not submitted their financial statements to the Auditor-General for audit despite repeated requests and has not provided access to its books and records for the purposes of a financial audit. There was extensive correspondence between the Audit Office of NSW, CMCT, NSW Treasury and the Department of Planning and Environment in 2022 regarding this matter.

Recommendation

NSW Treasury and the Department of Planning and Environment should ensure the Catholic Metropolitan Cemeteries Trust meets its statutory reporting obligations.

In addition, on 10 December 2021, the then Minister for Water, Property and Housing wrote to the Auditor-General requesting a financial and performance audit be performed pursuant to section 27B(3)(c) of the GSA Act. The audit would cover the financial affairs of CMCT, including whether funds have been used for the proper purpose. The Audit Office of New South Wales has written to CMCT on a number of occasions to request the provision of documentation and access to management in order to conduct the performance audit. CMCT has not provided the Audit Office of New South Wales access to its management, books and records for the purpose of the required performance audit.

The TSSA audit opinion included a limitation of scope

The opinion in the TSSA Independent Auditor’s Report was modified with a limitation of scope due to an inability to access management and the books and records of CMCT. This limitation was appropriately disclosed in Note 1 'Statement of Significant Accounting Policies' of the TSSA. The Statement of Compliance signed by the Secretary of Treasury and the Treasurer on 29 November 2022 was also updated to acknowledge the disclosure in Note 1 regarding CMCT.

The Audit Office was unable to obtain sufficient appropriate audit evidence about the carrying amount of assets and liabilities consolidated into the Total State Sector Accounts as at 30 June 2022 and of the amount of income and expenses for the year then ended. Accordingly a modified audit opinion was issued on the NSW Government's 2021–22 consolidated financial statements.

The process of information sharing by NSW Treasury continues to require improvement

In last year’s ‘State Finances 2021’ report an extreme risk management letter finding was reported for NSW Treasury to ensure it significantly improve its processes so that all relevant information is identified and shared with the Audit Office to support material transactions and balances of the State.

A number of events reconfirmed that NSW Treasury needs to continue improving its process with respect to information sharing with the Audit Office. Notably, NSW Treasury’s finance team had not demonstrated that all available information (on their systems) was considered by them when assessing the State’s control over CMCT.

Critical information relating to CMCT was in the possession of NSW Treasury since late October 2021 but not considered when reconfirming their accounting position on the State's control of CMCT this year. A further reconfirmation of the State's control over CMCT was needed by NSW Treasury to ensure this information was considered in their accounting assessment.

The above demonstrates that more effective consultation is required by NSW Treasury with key stakeholders to ensure all information relevant to forming an accounting position relating to the TSSA is captured. This will ensure new information is not identified late in the audit process and NSW Treasury considers all information when concluding on the accounting position of the State.

Recommendation

NSW Treasury should ensure when drafting position papers and concluding on accounting issues impacting the State, these are provided to audit on a timely basis and reflect a complete and accurate understanding of the key public sector issues being considered.

Last year's report highlighted that NSW Government actions avoided a qualified opinion in 2020–21 relating to the General Government Sector's $2.4 billion cash contribution to Transport Asset Holding Entity (TAHE). These actions included the NSW Government agreeing to provide additional future funding to TAHE's key government customers Sydney Trains and NSW Trains (the operators) to support increases in access and licence fees to be paid to TAHE.

The additional funding by the government was necessary to demonstrate that a reasonable expectation of a sufficient rate of return would be earned on its equity invested in TAHE. Last year, there was no government policy on what the minimum return should be on investments in other public sector entities, so the long-term inflation rate was used as a benchmark. A recommendation was made in last year's State Finances report that NSW Treasury establish a policy on the minimum expected return from its investments.

On 6 September 2022, NSW Treasury finalised its policy relating to the government’s returns on equity investments. The application of this policy is limited to State Owned Corporations and similar to the Commonwealth framework for commercial businesses, which requires the expected return be at least equal to the long-term inflation rate.

The government's commitment to additional funding was conveyed last year through revised shareholder expectations being published in the 2021–22 'NSW Budget-Half yearly Review' on 16 December 2021, increasing the expected returns on equity from 1.5% to the expected long-term inflation rate of 2.5%. On 18 December 2021, Transport for NSW (TfNSW) and the operators entered into a Heads of Agreement (HoA). This formed the basis of negotiations to revise the pricing within the existing ten-year contracts and deliver upon the shareholders’ expected return of 2.5% on contributed equity to be earned over the estimated weighted average remaining useful lives of TAHE's assets.

Further information on last year's audit of the government’s investment in TAHE can be found in our 'State Finances 2021' report.

Ten-year commercial agreements were signed between TAHE, operators and TfNSW

Last year's State Finances report recommended that NSW Treasury facilitate revised commercial agreements to reflect the access and licence fees detailed in the HoA. As these agreements were not executed by 30 June 2021, last year's audit opinion of the Total State Sector Accounts (TSSA) included an Emphasis of Matter drawing attention to the uncertainty that existed at balance date as these agreements were not finalised.

On 23 June 2022, commercial agreements were signed between TAHE, the operators and Transport for NSW through a deed of variation. The revised access and licence fees for the ten-year period 2021–22 to 2030–31 was $16.6 billion, which is $520 million less than the HoA fees of $17.1 billion.

Comparison	FY22 $m	FY23 $m	FY24 $m	FY25 $m	FY26 $m	FY27 $m	FY28 $m	FY29 $m	FY30 $m	FY31 $m	Total $m
Revised commercial agreements	641.1	911.8	1,298.1	1,585	1,807.3	1,921.8	1,992	2,065.4	2,139.1	2,252.8	16,614.4
HoA	679.9	1,081.4	1,236	1,398.9	1,645.8	1,826.1	2,023.3	2,209.4	2,404.5	2,629.2	17,134.6
Difference	(38.8)	(169.6)	62.1	186.1	161.5	95.7	(31.3)	(144)	(265.4)	(376.4)	(520.2)

TAHE's main customers principally rely on government funding to pay access and licence fees

Whilst TAHE has agreed ten-year access and licence fees of $16.6 billion with its two main customers Sydney Trains and NSW Trains, these two operators significantly rely on government funding when making these payments to TAHE. At 30 June 2022, TAHE's expected return of 2.5% is contingent upon the GGS funding the operators to support their payment of access and licence fees that have been agreed with TAHE for the ten-year contracted period and for non-contracted periods from 2031–32 to 2045–46.

The 2022–23 NSW Budget has allocated $5.5 billion to fund the operators, to support their payment of access and licence fees. However, this funding extends to the end of the forward estimates period in 2025–26, which falls short of the ten-year contractual period to 2030–2031 and the projected period to 2045–46 to achieve the 2.5% return.

	2022–26¹ $b	2027–2031² $b	2032–46 $b	Total $b
Access and licence fees³	5.5	10.2	50.8	66.5

¹ Represents the 2022–23 Budget year and three-year forward estimates which includes: FY2024–26.

²Whilst excluded from the 2022–23 NSW Budget, these access and licence fees are included in the ten-year commercial agreement between TAHE, operators and TfNSW.

³Represents cumulative access and licence fees for the period stated.

The government will need to fund the operators an additional $10.2 billion in budget funding to meet their contractual obligations to TAHE from 2026–27 to 2030–2031, and a further projected funding of $50.8 billion from 2032 to 2046. This is needed to ensure the government continues to demonstrate its expected return on investment of 2.5%. This additional funding is not within the government's published 2022–23 NSW Budget figures, leading to uncertainty on whether the government funded operators can pay access and licence fees beyond the forward estimate period of 2025–26.

Significant funding uncertainties remain

While the ten-year access and licence fee agreements were communicated to the NSW Government's Expenditure Review Committee, it is yet to be fully provided for in the government's budget figures. As TAHE's projections are highly dependent on the operators as its key customers, it remains critical that the government continue to provide sufficient funding to the operators so they can pay for access and use of TAHE assets. This means the significant funding uncertainties reported in last year's TSSA audit opinion remain for 2021–22.

The government has estimated $37.9 billion in returns (equivalent to 2.5% on contributed equity) is to be earned from its investment in TAHE over the period from 1 July 2022 to 30 June 2046. As previously reported, TAHE derives most of its revenue from access and licence fee agreements from the operators, who in turn are both funded by grants through TfNSW from the GGS. More than 95% of these returns are estimated to be earned outside of the ten-year contract period (terminating 30 June 2031).

	2022–26¹ $b	2027–2031² $b	2032–46 $b	Total $b
Returns to GGS	1.8	4.7	31.5	37.9

¹ Represents the 2022–23 budget year and three-year forward estimates which includes: 2023–24, 2024–25 and 2025–26.

²Whilst excluded from the 2022–23 NSW Budget, these access and licence fees are included in the ten-year commercial agreement between TAHE, operators and TfNSW.

There remains risk that:

TAHE will not be able to recontract for access and licence fees at a level that is consistent with current projections
future governments' funding to TAHE's key customers will not be sufficient to fund payment of access and licence fees at a level that is consistent with current projections
TAHE will be unable to grow its non-government revenues.

This significant funding uncertainty was also reported in last year's TSSA audit opinion and will remain for 2021–22.

In 2021–22, TAHE and NSW Treasury prepared further modelling to support the Government's intent to earn a 2.5% return inclusive of recovering the holding (revaluation) loss of $20.3 billion on its investment in TAHE

Last year's State Finances report highlighted that NSW Treasury, with TAHE, should prepare robust projections and business plans to support the expected returns forecast beyond FY2031.

This year TAHE engaged an expert to help develop a model demonstrating the government's expected returns from its investment in TAHE. The model mathematically forecasts that returns of 2.5% will be achieved by 2046 and this will include recovery of the revaluation losses of $20.3 billion relating to 2020–21.

The current model includes some key assumptions:

The main source of revenue is the access and licence fees expected from the two public rail operators (Sydney Trains and NSW Trains) contributing to more than 80% of TAHE's projected revenue. The rail operators are largely funded by the government when paying access and licence fees to TAHE.
For the first ten years, the access and licence fees are based on the signed agreements between TAHE and the public rail operators.
Beyond the ten-year contracted period, the model assumes existing contractual terms for access and licence fees will continue unchanged allowing for an annual rise for inflation (2.5% per annum), and increased fees to enable a 7.62% return for renewed assets.
The capital expenditure included in the model is only the amounts approved by the Expenditure Review Committee (ERC) as part of the ten-year forecast. The model beyond ten years includes expected investment in renewed and replacement assets but excludes any forecasts relating to growth capex that is not approved by the ERC, and any related depreciation expenses for growth capex.

While management has developed a 35-year long term financial model to support the returns, we note this will need to be refined over the next few years. Furthermore, these are forecasted figures and we have not seen sufficient evidence of whether this reflects reality (that is, the achievement of dividends representing a return on equity) as it is still very early. Therefore, this will remain a high-risk matter until we have seen sufficient evidence of reality to the forecasted figures.

There is negative net impact on the budget after 2024–25 and this will grow in the future

There are some key points to highlight with this modelling and these are best conveyed with the graph below. This graph shows total cash injections made by the GGS since the government first announced the creation of TAHE as a for-profit entity in the 2015–16 NSW Budget. It also conveys the forecast returns from TAHE to the GGS and the level of funding operators will need from the GGS to pay TAHE's access and licence fees over the 30-year period. These cash flows are key inputs used in the modelling which calculates a 2.5% return from TAHE inclusive of recovering the holding (revaluation) loss of $20.3 billion.

The government continues to respond to the impact of the COVID-19 pandemic on New South Wales through its economic stimulus measures

The COVID-19 pandemic continued to significantly impact the State’s finances, reducing revenue and increasing expenses especially in sectors directly responsible for responding to the COVID-19 pandemic, such as Health. In October 2021, the government announced through the 'COVID-19 Economic Recovery Strategy' an additional $2.8 billion in economic stimulus and response measures following the conclusion of the three-month lockdown due to the Delta COVID-19 outbreak. Measures included:

$739 million in household and social support, including housing support for Aboriginal communities and survivors of domestic violence, and vouchers to thank parents for their efforts to support learning from home
$500 million to consumers and businesses including expansion of the 'Dine & Discover' and 'Stay & Rediscover' voucher programs
$495 million in education support addressing learning gaps for children and helping schools prepare for future learning disruptions
$487 million in combined funding for tourism, events, sports, and recreation throughout New South Wales
$130 million to fund mental health services for individuals whose mental health was impacted by the pandemic.

The 2021–22 financial year included $21.9 billion for pandemic response and economic stimulus measures. Of this, $17.9 billion was spent in 2021–22 while a further $1 billion of the budgeted amount from 2021–22 was carried forward into 2022–23. The graph below shows the total allocation and spend by cluster for 2022 compared to target spend.

There were 14 natural disaster declarations including four severe weather events in 2021–22

Natural disasters such as bushfires, storms, floods, and other adverse weather events can have a significant impact on the State's finances. Costs associated with natural disasters include direct response costs such as clean-up and recovery, temporary accommodation, and as well as financial assistance provided to impacted communities such as recovery and business support grants.

The NSW Government can make a natural disaster declaration allowing eligible individuals and communities from impacted Local Government Areas access to a range of special financial assistance measures.

In 2021–22, there were 14 natural disaster declarations announced comparable to 14 in the previous year. These natural disaster declarations largely related to storms and floods throughout the State. In 2021–22, there was a larger number of 'severe weather' events declared, with four in 2021–22 (nil in 2020–21).

Natural disaster expenses increased 143% to $1.4 billion in 2021–22, up from $569 million last year

Over 2021–22, the budgeted cost for declared natural disasters was $1.9 billion ($725 million in 2020–21). Actual expenditure by the State on disaster response increased by $815 million to $1.4 billion. The graph below shows the total allocation and spend by cluster for 2022 compared to their budget spend.

Deficit of $15.3 billion compared with a budgeted deficit of $8.6 billion

The outcomes of the government’s overall activity and policies are reflected in its net operating balance (budget result). This is the difference between the cost of general government service delivery and the revenue earned to fund these sectors.

The General Government Sector, which comprises 196 entities, generally provides goods and services funded centrally by the State.

In addition to the 196 entities within the General Government Sector, a further 85 government controlled businesses are included within the consolidated Total State Sector financial statements. These businesses generally provide goods and services, such as water, electricity and financial services for which consumers pay for directly, and form part of the PNFC (31) and PFC (54) sectors.

The budget result for the 2021–22 financial year was a deficit of $15.3 billion compared to an original forecast of a budget deficit of $8.6 billion.

Revenues increased $16.1 billion to $106.7 billion

The State’s total revenues increased $16.1 billion to $106.7 billion, an increase of 17.8% compared to the previous year. Total revenue growth in 2020–21 was 5.1%. The State's increase in revenue was mostly from $9.2 billion in grants and subsidies and $4.6 billion in taxation.

Taxation revenue increased by 13.3%

Taxation revenue increased by $4.6 billion, mainly due to the net of:

$4.9 billion higher stamp duties collected from property sales driven by growth in property transaction volumes and prices during 2021–22. This was growth was experienced across residential and commercial property markets
$296 million lower gambling and betting taxes compared to 2020–21. Decrease was primarily attributed to the ongoing effects of COVID-19 restrictions and venue closures within the first half of 2021–22.

Stamp duties of $16.6 billion remains the largest source of taxation revenue, $7.7 billion higher than payroll tax of $8.9 billion, the second-largest source of taxation revenue.

Assets grew by $53 billion to $571 billion

The State’s assets include physical assets such as land, buildings and infrastructure, and financial assets such as cash, and other financial instruments and equity investments. The value of total assets increased by $53.2 billion or 10.3% to $571 billion. The increase was largely due to increases in the carrying value of land, buildings and infrastructure systems.

Valuing the State’s physical assets

State’s physical assets valued at $437 billion

The value of the State’s physical assets increased by $46.8 billion to $437 billion in 2021–22 ($724 million increase in 2020–21). The State’s physical assets include land and buildings ($198 billion), infrastructure systems ($221 billion), and plant and equipment ($18 billion).

The movement in physical asset values between years includes additions, disposals, depreciation and valuation adjustments. Other movements include assets reclassified to held for sale and other opening balance adjustments.

Appendix one – Prescribed entities

Appendix two – Legal opinions

Appendix three – TSS sectors and entities

Copyright notice

6 December 2022

Published

Education 2022

Education

Asset valuation

Compliance

Cyber security

Financial reporting

Information technology

Internal controls and governance

Procurement

Risk

What the report is about

Result of the Education cluster financial statement audits for the year ended 30 June 2022.

What we found

Unmodified audit opinions were issued for Education cluster agencies.

An 'other matter' paragraph was included in the TAFE Commission's independent auditor's report as it did not have a delegation or sub-delegation from the Minister for Education and Early Learning to incur expenditure from cluster grants.

What the key issues were

Annual fair value assessments of land and buildings showed material differences in their carrying values. As a result, the Department of Education and the TAFE Commission completed desktop revaluations of land and buildings, collectively increasing the value of these assets by $1.2 billion and $4.7 billion respectively.

The Department of Education and the NSW Education Standards Authority accepted changes to their office leasing arrangements managed by Property NSW. These changes resulted in the collective derecognition of $270.6 million of right-of-use assets and $382.9 million in lease liabilities.

What we recommended

A high-risk matter was reported in the management letter for the TAFE Commission highlighting non-compliance with policies and procedures guiding appropriate use of purchasing cards.

We recommended cluster agencies prioritise and address internal control deficiencies.

This report provides Parliament and other users of the Education cluster’s financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

financial reporting
audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Education cluster (the cluster) for 2022.

Section highlights

Unqualified audit opinions were issued on the financial statements of cluster agencies.
An 'other matter' paragraph was included in the independent auditor's report for the Technical and Further Education Commission (TAFE Commission) as they did not have a delegation or sub-delegation from the Minister for Education and Early Learning to incur expenditure from cluster grants.
The Department of Education and the TAFE Commission's land and buildings were revalued upwards by a collective $5.9 billion. These uplifts were the result of managerial fair value assessments showing that the carrying values of land and buildings had materially departed from fair value.
Changes to accommodation arrangements managed by Property NSW on behalf of the department and the NSW Education Standards Authority resulted in the collective derecognition of approximately $270.6 million in right-of-use assets and corresponding lease liabilities totalling $382.9 million from the balance sheets of these agencies.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Education cluster.

Section highlights

The 2021–22 audits identified 18 moderate issues across the cluster. Seven moderate risk issues were repeat issues related to general and application information technology controls and control deficiencies in key transactional systems used in preparing financial statements.
Of the 11 newly identified moderate risk issues, five related to information technology controls deficiencies; and five related to internal control deficiencies in key transactional systems used in preparing financial statements.
A high-risk matter was raised at the TAFE Commission relating to identified instances of non-compliance with policies and procedures guiding purchasing card use.

The number of findings reported to management has increased, and 31% were repeat issues

Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues were reported to management and those charged with governance of agencies. The Audit Office does this through management letters, which include observations, related implications, recommendations and risk ratings.

In 2021–22, there were 29 findings raised across the cluster (28 in 2020–21). Thirty-one per cent of all issues were repeat issues (50% in 2020–21).

The most common new and repeat issues related to internal control deficiencies in agencies’ information technology general controls, application controls, and procurement and payroll practices.

A delay in implementing audit recommendations increases the risk of intentional and accidental errors in processing information, producing management reports and generating financial statements. This can impair decision-making, affect service delivery and expose agencies to fraud, financial loss and reputational damage. Poor controls may also mean agency staff are less likely to follow internal policies, inadvertently causing the agency not to comply with legislation, regulation and central agency policies.

A high-risk matter was reported at the TAFE Commission highlighting instances of non-compliance with policies and procedures guiding appropriate purchasing card use

As part of our audit of the TAFE Commission, we integrated the use of data analytics into the audit approach. We performed data analytics over aspects of payroll, procurement and accounts payable activities. This helped us to highlight anomalies or risks in those data sets that are relevant to the audit of the TAFE Commission and plan testing procedures to address those risks. Data analytics also assisted us in providing an insight into the internal control environment of the TAFE Commission, highlighting areas where key controls are not in place or are not operating as management intended.

Our analysis over purchasing card data supplied by the TAFE Commission for the period July 2021 to March 2022 found deficiencies in the provisioning, use and cancellation of purchasing cards. This included identified instances of:

controls effectively bypassed when a purchasing card surrendered by a former employee had been used by another employee
split payments, circumventing delegation / cardholder limits
delays in the submission and approval of purchasing card transactions.

The table below describes the common issues identified across the cluster by category and risk rating:

Risk rating

Issue

Information technology

High: 0 new, 0 repeat ¹

Moderate: 5 new, 3 repeat ²

Low: 2 new, 1 repeat ³

The financial audits identified areas for agencies to improve information technology processes and controls that support the integrity of financial data used to prepare agencies' financial statements. Of note were deficiencies identified in:

agencies' user access administration and change management procedures, notably in the timing and frequency of managerial reviews over the granting and revocation of access to key systems relevant to financial reporting
the level of cyber security maturity
the monitoring of privileged user activities.

Internal control deficiencies or improvements

High: 1 new, 0 repeat ¹

Moderate: 5 new, 3 repeat ²

Low: 4 new, 1 repeat ³

The financial audits identified internal control weaknesses across key business processes relevant to financial reporting. Of note were deficiencies identified in:

the adequacy of monitoring and oversight activities over the use of multiple financial delegation configurations in finance systems for specific users
the timely recording and approval of overtime claims and higher duties allowances
the timely finalisation of policies and procedures
the management of excessive annual leave balances
formalisation of service-provider arrangements between government agencies
non-compliance with policies and procedures to guide secondary employment and pecuniary interest declarations
non-compliance with policies and procedures to guide the appropriate use of purchasing cards.

Financial reporting

High: 0 new, 0 repeat ¹

Moderate: 1 new, 1 repeat ²

Low: 2 new, 0 repeat ³

The financial audits identified:

opportunities for agencies to strengthen their financial preparation processes to facilitate a timelier and more efficient year-end audit
matters in respect of the timely capitalisation of work-in-progress
the need for agencies with non-financial assets subject to fair value to reconsider policy settings governing the frequency of revaluations
refinements in considering the outcomes of interim fair value assessments to ensure asset carrying values reflect fair value at each balance date.

¹ High risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
² Moderate risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
³ Low risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.

Note: Management letter findings are based either on final management letters issued to agencies, or draft letters where findings have been agreed with management.

Recommendation

We recommend cluster agencies prioritise and action recommendations to address the internal control deficiencies outlined above.

Appendix one – Early close procedures

27 June 2022

Published

Universities 2021

Universities

Cyber security

Financial reporting

Internal controls and governance

What the report is about

Results of the financial statement audits of the public universities in NSW for the year ended 31 December 2021.

What we found

Financial reporting

Unmodified audit opinions were issued for all ten universities.

The University of Wollongong reported the retrospective correction of a prior period error relating to a $169 million contract termination liability.

All universities reported positive net results in 2021 (four in 2020) and each showed improvement from 2020. This was mainly due to expenditure decreasing by a combined $644 million (5.8%) from 2020. Universities implemented redundancy programs in response to the COVID-19 pandemic, which resulted in a decrease of nearly 2,300 full-time equivalent staff in 2021.

All universities held an investment in Education Australia Limited, which paid to its shareholders a fully franked dividend comprising cash and shares in IDP Education Limited. This increased the combined investment revenues of the universities by $515 million in 2021. However, it affected each university's net result differently depending on elections made in their historical accounting treatment.

Government grants increased by $442 million from 2020, of which $297 million related to the Commonwealth's 2021 additional Research Support Program funding to the NSW universities which was a COVID-19 support measure to the sector.

Over 43% of universities' course fees revenue comes from three countries (39% in 2020). Students from China now represent over half of all overseas student enrolments. A high level of reliance on student revenue from a single country poses a concentration risk for universities.

Internal controls

We reported 105 findings to universities on internal control deficiencies (110 in 2020).

Four high-risk findings were identified (three in 2020), relating to:

the status of one university's work in assessing its liability for underpayment of staff
IT control deficiencies over privileged user access
control deficiencies that resulted in non-recognition of a liability in one university's prior year's financial statements
a detailed review of payroll compliance for casual staff, which remains outstanding at one university.

There were 45 repeat findings of control deficiencies in 2021 (45 in 2020).

All universities have drafted or implemented a cybersecurity policy and established a governance committee accountable for cybersecurity. However, improvements could be made in:

recording and monitoring of attempted cyber incidents
assessing cyber risks relating to IT vendors
implementation of cybersecurity control measures for key systems.

Four out of 13 entities experienced a significant cyber incident during 2021.

What we recommended

Universities should prioritise actions to address repeat findings on internal control deficiencies, particularly where the issue has been repeated for a number of years.
Universities and controlled entities should prioritise improvements to their cybersecurity and resilience.

Fast facts

There are ten public universities in NSW, with 52 controlled entities in Australia and 22 overseas controlled entities.

$12b total combined adjusted revenue in 2021, an increase of $1.1 billion (10.5%) from 2020
$10.4b total combined expenditure in 2021, a decrease of $644 million (5.8%) from 2020
79,134 overseas student enrolments in 2021, a decrease of 3,138 students (3.8%) from 2020
209,018 domestic student enrolments in 2021, an increase of 1,622 students (0.8%) from 2020
4 high-risk management letter findings were identified (3 in 2020)
43% of reported issues were repeat issues.

This report provides Parliament with the results of our financial audits of universities in New South Wales and their controlled entities in 2021, including our analysis, observations and recommendations in the following areas:

financial reporting
internal controls and governance
teaching and research.

Financial reporting is an important element of governance. Confidence and transparency in university sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations on the financial reporting of universities in NSW for 2021.

Section highlights

The 2021 financial statements of all ten universities received unmodified audit opinions.
All universities reported positive net results in 2021 and all showed improvement from 2020 results.
The change in universities' investments in Education Australia Limited resulted in a combined increase of $515 million in investment revenue. However, it affected each university's net result differently depending on elections made in their historical accounting treatment.
Forty-three per cent of universities' course fees revenue comes from three countries (up from 39% in 2020). Students from China now represent over half of all overseas student enrolments.

Appropriate and robust internal controls help produce reliable financial reports and reduce risks associated with managing finances, compliance and administration of universities.

This chapter outlines the internal controls related observations and insights across universities in NSW for 2021, including overall trends in findings, level of risk and implications.

Our audits do not review all aspects of internal controls and governance every year. The more significant issues and risks are included in this chapter. These along with the less significant matters are reported to universities for management to address.

Section highlights

The total number of internal control findings decreased from 110 in 2020 to 105 in 2021.
Four high-risk findings were identified in 2021 (three in 2020).
The number of repeat deficiencies remained the same with 45 reported in 2021 and 2020.
All entities have drafted or implemented a cybersecurity policy/framework and established a governance committee accountable for cybersecurity.
Four out of 13 entities experienced a significant cyber incident during 2021.

This chapter outlines teaching and research outcomes for universities in NSW for 2021.

Section highlights

Seven universities were reported as having full-time employment rates of their undergraduates in 2021 that were greater than the national average.
Enrolments at universities in NSW decreased the most in Management and Commerce courses. The largest increase in enrolments was in Science courses.
On average, universities delivered 59% of their courses primarily through online means in 2021.
Five universities in 2020 were reported as meeting the target enrolment rate for students from low socio-economic status (SES) backgrounds.

Appendix one – List of 2021 recommendations

Appendix two – Status of 2020 recommendations

Appendix three – Universities' controlled entities

Copyright notice

18 June 2021

Published

Universities 2020 audits

Universities

Cyber security

Financial reporting

Internal controls and governance

What the report is about

Results of the financial statement audits of the public universities in NSW for the year ended 31 December 2020.

What we found

Unqualified audit opinions were issued for all ten universities.

Two universities reported retrospective corrections of prior period errors.

Universities were impacted by the COVID-19 pandemic with student enrolments decreasing in 2020 compared to 2019 by 10,032 (3.3 per cent). Of this decrease 8,310 students were from overseas.

In response to the pandemic, each university provided welfare support, created student hardship funds, provided accommodation and flexibility on payment of course fees. State and Commonwealth governments provided additional support to the sector.

Six universities recorded negative net operating results in 2020 (two in 2019). The combined revenues of the ten universities from fees and charges decreased by $361 million (5.8 per cent).

Despite the impact of the COVID-19 pandemic, which will continue to impact the financial results of universities in 2021, enrolments of overseas students in semester one of 2021 increased at two universities. This growth meant that total overseas student enrolments increased by 7,944 or 5.8 per cent across the sector as a whole. However, eight universities experienced decreases in overseas student enrolments compared to semester one of 2020. All universities have experienced growth in domestic student enrolments.

What the key issues were

There were 110 findings reported to universities in audit management letters.

Three high risk findings were identified. One related to the continued work by the University of New South Wales to assess its liability for underpayment of casual staff entitlements. The other two deficiencies were at Charles Sturt University, relating to financial reporting implications of major contracts, and resolving issues identified by an internal review of its employment contracts to reliably quantify the university’s liability to its employees.

What we recommended

Universities should prioritise actions to address repeat findings. Forty-five findings were repeated from 2019, of which 23 related to information technology.

Fast facts

There are ten public universities in NSW with 51 local controlled entities and 23 overseas controlled entities.

$10.9bn Total combined revenue in 2020, a decrease of $538.5 million (4.7 per cent) from 2019.
106,984 Overseas student enrolments in 2020, a decrease of 8,310 students (7.2 per cent) from 2019.
3 High risk management letter findings were identified.
$11.0bn Total combined expenditure in 2020, a decrease of $147.8 million (0.9 per cent) from 2019.
182,683 Domestic student enrolments in 2020, a decrease of 1,722 students (0.9 per cent) from 2019.
41% Of reported issues were repeat issues.

Further information

Please contact Ian Goodwin, Deputy Auditor-General on 9275 7347 or by email.

This report analyses the results of our audits of the financial statements of the ten universities in NSW for the year ended 31 December 2020. The table below summarises our key observations.

1. Financial reporting

Financial reporting	The 2020 financial statements of all ten universities received unmodified audit opinions. Two universities reported retrospective corrections of prior period errors. The University of Sydney reported errors relating to the underpayment of staff entitlements and the fair value of buildings. Charles Sturt University reported an error relating to how it had calculated right‑of‑use assets and lease liabilities on initial application of the new leasing standard in the previous year.
Impacts of COVID‑19	Student enrolments decreased in 2020 compared to 2019 by 10,032 (3.3 per cent). Of this decrease, 8,310 students were from overseas. The ongoing impact of COVID‑19 in the short‑term, on semester one enrolments for 2021 compared to semester one of 2020, has been mixed: all universities in NSW experienced a growth in their domestic student enrolments eight universities experienced decreases in overseas student enrolments. During 2020, universities provided welfare support to students, created student hardship funds, provided accommodation, and flexibility on payment of course fees. State and Commonwealth governments provided additional support to the sector: those university controlled entities eligible to receive JobKeeper payments received a combined amount under the Commonwealth scheme totalling $47.6 million in 2020 the NSW Government launched a University Loan Guarantee scheme.
Financial results	Six universities recorded negative net operating results in 2020 (two in 2019). While most universities experienced decreased revenue in 2020, only four had reduced their expenses to a level that was less than revenue.
Revenue from operations	Universities' revenue streams were impacted in 2020 by the COVID‑19 pandemic, with fees and charges decreasing by $361 million (5.8 per cent). Government grants as a proportion of total revenue increased for the first time in five years to 34 per cent in 2020. Nearly 40 per cent of universities' total revenue from course fees in 2020 (40.9 per cent in 2019) came from overseas students from three countries: China, India and Nepal (same in 2019). Students from these countries of origin contributed $2.2 billion ($2.4 billion in 2019) in fees. Some universities continue to be dependent on revenues from students from these destinations and their results are more sensitive to fluctuations in demand as a result.
Other revenues	Overall philanthropic contributions to universities increased by 32.2 per cent in 2020 to $222 million ($167.9 million in 2019). The University of Sydney and the University of New South Wales attracted 75.2 per cent of the total philanthropic contributions in 2020 (69.5 per cent in 2019). Total research income for universities was $1.4 billion in 2019¹, with the University of Sydney and the University of New South Wales attracting 66.5 per cent of the total research income of all universities in NSW (65.2 per cent in 2018).
Expenditure	Universities initiated cost saving measures in response to the COVID‑19 pandemic. The cost of redundancy programs increased employee related expenses in 2020 by 4.4 per cent to $6.5 billion ($6.2 billion in 2019). The cost of redundancies offered in 2020 across the universities totalled $293.9 million. Combined other expenses decreased to $2.8 billion in 2020, a reduction of $436 million (13.4 per cent).

2. Internal controls and governance

Internal control findings

One hundred and ten internal control deficiencies were identified in 2020 (108 in 2019). Forty‑five findings were repeated from 2019, of which 23 related to information technology.

Recommendation: Universities should prioritise actions to address repeat findings on internal control deficiencies in a timely manner. Risks associated with unmitigated control deficiencies may increase over time.

Three high risk internal control deficiencies were identified, namely:

The University of New South Wales should continue work to assess its liability for the underpayment of casual staff entitlements. This issue was also reported last year.
Two high risk deficiencies were identified at Charles Sturt University. One related to misunderstanding the requirements of the new accounting standard in relation to recognising grant funding revenue for construction work. The second related to resolving issues identified by an ongoing internal review of its employment contracts to enable a reliable quantification as to the university's liability to its employees.

Gaps in information technology (IT) controls comprised the majority of the remaining deficiencies. Deficiencies included a lack of sufficient privileged user access reviews and monitoring, payment files being held in editable formats and accessible by unauthorised persons, and password settings not aligning with the requirements of information security policies.

Business continuity and disaster recovery planning

All universities have a business continuity policy supported with a business impact analysis.

Except for Macquarie University, all other universities had disaster recovery plans prepared for all of the IT systems that support critical business functions. Macquarie University’s disaster recovery plans were still in progress at 31 December 2020.

Only half of the universities' policies require regular testing of their business continuity plans and six universities' plans do not specify staff must capture, asses and report disruptive incidents.

3. Teaching and research

Graduate employment outcomes	Eight out of ten universities were reported as having full‑time employment rates of their undergraduates in 2020 that were greater than the national average. Six universities were reported as having full‑time employment rates of their postgraduates in 2020 that were greater than the national average.
Student enrolments by field of education	Enrolments at universities in NSW decreased the most in Management and Commerce courses and Engineering and Related Technologies courses. The largest increase in enrolments was in Society and Culture courses.
Achieving diversity outcomes	Five universities in 2019 were reported as meeting the target enrolment rate for students from low socio‑economic status (SES) backgrounds. Seven universities were reported to have increased their enrolments of students from Aboriginal and Torres Strait Islander backgrounds in 2019. The target growth rate for increases in enrolments of Aboriginal and Torres Strait Islander students (to exceed the growth rate of enrolments of non‑indigenous students by at least 50 per cent) was achieved in 2019.

¹ 2020 data, which is compiled by the Australian Department of Education and Training, is not yet available.

This report provides Parliament with the results of our financial audits of universities in NSW and their controlled entities in 2020, including our analysis, observations and recommendations in the following areas:

financial reporting
internal controls and governance
teaching and research.

Financial reporting is an important element of governance. Confidence and transparency in university sector decision making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations on the financial reporting of universities in NSW for 2020.

Financial results

The graph below shows the net results of individual universities for 2020.

Appropriate and robust internal controls help reduce risks associated with managing finances, compliance and administration of universities.

This chapter outlines the internal controls related observations and insights across universities in NSW for 2020, including overall trends in findings, level of risk and implications.

Universities' primary objectives are teaching and research. They invest most of their resources to achieve quality outcomes in academia and student experience. Universities have committed to achieving certain government targets and compete to advance their reputation and their standing in international and Australian rankings.

This chapter outlines teaching and research outcomes for universities in NSW for 2020.

Appendix one – Status of 2019 recommendations

Appendix two – Universities' controlled entities

24 November 2020

Published

Internal controls and governance 2020

Education

Environment

Community Services

Finance

Health

Industry

Justice

Premier and Cabinet

Transport

Treasury

Compliance

Cyber security

Information technology

Internal controls and governance

Management and administration

Procurement

The Auditor-General for New South Wales, Margaret Crawford today released her report on the findings and recommendations from the 2019–20 financial audits that relate to internal controls and governance at 40 of the largest agencies in the NSW public sector.

The bushfire and flood emergencies and the COVID‑19 pandemic continue to have a significant impact on the people and public sector of New South Wales. The scale of the government response to these events has been significant. The report focuses on the effectiveness of internal controls and governance processes, including relevant agencies’ response to the emergencies. In particular, the report focuses on:

financial and information technology controls
business continuity and disaster recovery planning arrangements
procurement, including emergency procurement
delegations that support timely and effective decision-making.

Due to the ongoing impact of COVID‑19 agencies have not yet returned to a business‑as‑usual environment. ‘Agencies will need to assess their response to the recent emergencies and update their business continuity, disaster recovery and other business resilience frameworks to reflect the lessons learnt from these events’ the Auditor-General said.

The report noted that special procurement provisions were put in place to allow agencies to better respond to the COVID-19 pandemic. The Auditor-General recommended agencies update their procurement policies to reflect the current requirements of the NSW Procurement Framework and the emergency procurement requirements.

Read the PDF report

This report analyses the internal controls and governance of 40 of the largest agencies in the NSW public sector for the year ended 30 June 2020. These 40 agencies constitute an estimated 85 per cent of total expenditure for all NSW public sector agencies.

1. Internal control trends

New, repeat and high risk findings

Internal control deficiencies increased by 13 per cent compared to last year. This is predominately due to a seven per cent increase in new internal control deficiencies and 24 per cent increase in repeat internal control deficiencies. There were ten high risk findings compared to four last year.

The recent emergencies have consumed agency time and resources and may have contributed to the increase in internal control deficiencies, particularly repeat deficiencies.

Agencies should:

prioritise addressing high-risk findings
address repeat internal control deficiencies by re-setting action plans and timeframes and monitoring the implementation status of recommendations.

Common findings

A number of findings remain common across multiple agencies over the last four years, including:

out of date or missing policies to guide appropriate decisions
poor record keeping and document retention
incomplete or inaccurate centralised registers or gaps in these registers.

2. Information technology controls

IT general controls

We found deficiencies in information security controls over key financial systems including:

user access administration deficiencies relating to inadequate oversight of the granting, review and removal of user access at 53 per cent of agencies
privileged users were not appropriately monitored at 43 per cent of agencies
deficient password controls that did not align to the agency's own password policies at 25 per cent of agencies.

The deficiencies above increase the risk of non-compliance with the NSW Cyber Security Policy, which requires agencies to have processes in place to manage user access, including privileged user access to sensitive information or systems and remove that access once it is not required or employment is terminated.

3. Business continuity and disaster recovery planning

Assessing risks to business continuity and Scenario testing

The response to the recent emergencies and the COVID-19 pandemic has encompassed a wide range of activities, including policy setting, on-going service delivery, safety and availability of staff, availability of IT and other systems and financial management. Agencies were required to activate their business continuity plans in response, and with the continued impact of COVID-19 have not yet returned to a business-as-usual environment.

Our audits focused on the preparedness of agency business continuity and disaster recovery planning arrangements prior to the onset of the COVID-19 pandemic.

We identified deficiencies in agency business continuity and disaster recovery planning arrangements. Twenty-three per cent of agencies had not conducted a business impact analysis (BIA) to identify critical business functions and determine business continuity priorities. Agencies can also improve the content of their BIA. For example, ten per cent of agencies' BIAs did not include recovery time objectives and six per cent of agencies did not identify key IT systems that support critical business functions. Scenario testing improves the effectiveness with which a live crisis is handled, but 40 per cent of agencies had not conducted a business continuity scenario testing exercise in the period from 1 January 2019 to 31 December 2019. There were also opportunities to improve the effectiveness of scenario testing exercises by:

involving key dependent or inter-dependent third parties who support or deliver critical business functions
testing one or more high impact scenarios identified in their business continuity plan
preparing a formalpost-exercise report documenting the outcome of their scenario testing.

Agencies have responded to the recent emergencies but addressing deficiencies will ensure agencies have adequate safeguards in their processes to again respond in the future, if required.

During 2020–21 we plan to conduct a performance audit on 'Business continuity and disaster recovery planning'. This audit will consider the effectiveness of agency business continuity planning arrangements to maintain business continuity through the recent emergencies and/or COVID-19 pandemic and return to a business-as-usual environment. We also plan to conduct a performance audit on whole-of-government 'Coordination of emergency responses'.

Responding to disruptions

We found agencies' governance functions could have been better informed about responses to disruptive incidents that had activated a business continuity or disaster recovery response between 1 January 2019 to 31 December 2019. For instance:

in 89 per cent of instances where a business continuity response was activated, a post-incident review had been performed. In 82 per cent of these instances, the outcomes were reported to a relevant governance or executive management committee

in 95 per cent of instances where a disaster recovery response was activated, a post incident review had been performed. In 86 per cent of these instances, the outcomes were reported to a relevant governance committee or executive management committee.

Examples of recorded incidents included extensive air quality issues and power outages due to bushfires, system and network outages, and infected and hijacked servers.

Agencies should assess their response to the recent emergencies and the COVID-19 pandemic and update business continuity, disaster recovery and other business resilience frameworks to incorporate lessons learned. Agencies should report to those charged with governance on the results and planned actions.

Management review and oversight

Eighty-two per cent and 86 per cent of agencies report to their audit and risk committees (ARC) on their business continuity and disaster recovery planning arrangements, respectively. Only 18 per cent and five per cent of ARCs are briefed on the results of respective scenario testing. Briefing ARCs on the results of scenario testing exercises helps inform their decisions about whether sound and effective business continuity and disaster recovery arrangements have been established.

4. Procurement, including emergency procurement

Policy framework	Agency procurement policies did not capture the requirements of several key NSW Procurement Board Directions (the Directions), increasing the risk of non-compliance with the Directions. We noted: 67 per cent of agencies did specify that procurement above $650,000 must be open to market unless exempt or procured through an existing Whole of Government Scheme or contract 36 per cent of agencies did specify that procurements above $500,000 payable in foreign currencies must be hedged 69 per cent of agencies' policies did specify that the agency head or cluster CFO must authorise the engagement of consultants where the engagement of the supplier does not comply with the standard commercial framework. Recommendation: Agencies should review their procurement policies and guidelines to ensure they capture the key requirements of the NSW Government Procurement Policy Framework, including NSW Procurement Board Directions.
Managing contracts	Eighty-eight per cent of agencies maintain a central contract register to record all details of contracts above $150,000, which is a requirement of GIPA legislation. Of the agencies that maintained registers, 13 per cent did not capture all contracts and eight per cent did not include all relevant contract details. Sixteen per cent of agencies did not periodically review their contract register. Timely review increases compliance with GIPA legislation, and enhances the effectiveness with which procurement business units monitor contract end dates, contract extensions and commence new procurement.
Training and support	Ninety-three per cent of agencies provide training to staff involved in procurement processes, and a further 77 per cent of agencies provide this training on an on-going basis. Of the seven per cent of agencies that had not provided training to staff, we noted gaps in aspects of their procurement activity, including: not conducting value for money assessments prior to renewing or extending the contract with their existing supplier not obtaining approval from a delegated authority to commence the procurement process procurement documentation not specifying certain key details such as the conditions for participation including any financial guarantees and dates for the delivery of goods or supply of services. Training on procurement activities ensures there is effective management of procurement processes to support operational requirements, and compliance with procurement directions.
Procurement activities	While agencies had implemented controls for tender activities above $650,000, 43 per cent of unaccredited agencies did not comply with the NSW Procurement Policy Framework because they had not had their procurement endorsed by an accredited agency within the cluster or by NSW Procurement. This endorsement aims to ensure the procurement is properly planned to deliver a value for money outcome before it commences.
Emergency procurement	As at 30 June 2020, agencies within the scope of this report reported conducting 32,239 emergency procurements with a total contract value of $316,908,485. Emergency procurement activities included the purchase of COVID-19 cleaning and hygiene supplies. The government, through NSW Procurement released the 'COVID-19 Emergency procurement procedure', which relaxed procurement requirements to allow agencies to make COVID-19 emergency procurements. Our review against the emergency procurement measures found most agencies complied with requirements. For example: 95 per cent of agencies documented an assessment of the need for the emergency procurement for the good and/or service 86 per cent of agencies obtained authorisation of the emergency procurement by the agency head or the nominated employee under Public Works and Procurement Regulation 2019 76 per cent of agencies reported the emergency procurement to the NSW Procurement Board. Complying with the procedure helps to ensure government resources are being efficiently, effectively, economically and in accordance with the law. Recommendation: Agency procurement frameworks should be reviewed and updated so they can respond effectively to emergency situations that may arise in the future. This includes: updating procurement policies and guidelines to define an emergency situation, specify who can approve emergency procurement and capture other key requirements using standard templates and documentation to prompt users to capture key requirements, such as needs analysis, supplier selection criteria, price assessment criteria, licence and insurance checks having processes for reporting on emergency procurements to those charged with governance and NSW Procurement.

5. Delegations

Instruments of delegation

We found that agencies have established financial and human resources delegations, but some had not revisited their delegation manuals following the legislative and machinery of government changes. For those agencies impacted by machinery of government changes we noted:

16 per cent of agencies had not updated their financial delegations to reflect the changes
16 per cent of agencies did not update their human resources delegations to reflect the changes.

Delegations manuals are not always complete; 16 per cent of agencies had no delegation for writing off bad debts and 26 per cent of agencies had no delegation for writing off capital assets.

Recommendation: Agencies should ensure their financial and human resources delegation manuals contain regular set review dates and are updated to reflect the Government Sector Finance Act 2018, machinery of government changes and their current organisational structure and roles and responsibilities.

Compliance with delegations

Agencies did not understand or correctly apply the requirements of the Government Sector Finance Act 2018 (GSF Act), resulting in non-compliance with the Act. We found that 18 per cent of agencies spent deemed appropriations without obtaining an authorised delegation from the relevant Minister(s), as required by sections 4.6(1) and 5.5(3) of the GSF Act.

Further detail on this issue will be included in our Auditor-General's Reports to Parliament on Central Agencies, Education, Health and Stronger Communities, which will be tabled throughout December 2020.

Recommendation: Agencies should review financial and human resources delegations to ensure they capture all key functions of laws and regulations, and clearly specify the relevant power or function being conferred on the officer.

6. Status of 2019 recommendations

Progress implementing last year's recommendations

Recommendations were made last year to improve transparency over reporting on gifts and benefits and improve the visibility management and those charged with governance had over actions taken to address conflicts of interest that may arise. This year, we continue to note:

38 per cent of agencies have not updated their gifts and benefits register to include all the key fields required under the minimum standards set by the Public Service Commission
56 per cent of agencies have not provided training to staff and 63 per cent of agencies have not implemented an annual attestation process for senior management
97 per cent of agencies have not published their gifts and benefits register on their website and 41 per cent of agencies are not reporting on trends in the gifts and benefits register to those charged with governance.

While we acknowledge the significance of the recent emergencies, which have consumed agency time and resources, we note limited progress has been made implementing these recommendations. Further detail on the status of implementing all recommendations is in Appendix 2.

Recommendation: Agencies should re-visit the recommendations made in last year's report on internal controls and governance and action these recommendations.

Internal controls are processes, policies and procedures that help agencies to:

operate effectively and efficiently
produce reliable financial reports
comply with laws and regulations
support ethical government.

This chapter outlines the overall trends for agency controls and governance issues, including the number of audit findings, the degree of risk those deficiencies pose to the agency, and a summary of the most common deficiencies we found across agencies. The rest of this report presents this year’s controls and governance findings in more detail.

Section highlights

We identified ten high risk findings, compared to four last year with two findings repeated from the previous year. There was an overall increase of 13 per cent in the number of internal control deficiencies compared to last year due to a seven per cent increase in new internal control deficiencies, and a 24 per cent increase in repeat internal control deficiencies. The recent emergencies have consumed agency time and resources and may have contributed to the increase in internal control deficiencies, particularly repeat deficiencies.

We identified a number of findings that remain common across multiple agencies over the last four years. Some of these findings related to areas that are fundamental to good internal control environments and effective organisational governance. Examples include:

out of date or missing policies to guide appropriate decisions
poor record keeping and document retention
incomplete or inaccurate centralised registers, or gaps in these registers.

Policies, procedures and internal controls should be properly designed, be appropriate for the current organisational structure and its business activities, and work effectively.

This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency controls to manage key financial systems.

Section highlights

Government agencies’ financial reporting is heavily reliant on information technology (IT). We continue to see a high number of deficiencies related to IT general controls, particularly those related to user access administration. These controls are key in adequately protecting IT systems from inappropriate access and misuse.

IT is also important to the delivery of agency services. These systems often provide the data to help monitor the efficiency and effectiveness of agency processes and services they deliver. Our financial audits do not review all agency IT systems. For example, IT systems used to support agency service delivery are generally outside the scope of our financial audit. However, agencies should also consider the relevance of our findings to these systems.

Agencies need to continue to focus on assessing the risks of inappropriate access and misuse and the implementation of controls to adequately protect their systems, focussing on the processes in place to grant, remove and monitor user access, particularly privileged user access.

This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency business continuity and disaster recovery planning arrangements.

Section highlights

We identified deficiencies in agency business continuity and disaster recovery planning arrangements and opportunities for agencies to enhance their business continuity management and disaster recovery planning arrangements. This will better prepare them to respond to a disruption to their critical functions, resulting from an emergency or other serious event. Twenty-three per cent of agencies had not conducted a business impact analysis (BIA) to identify critical business functions and determine business continuity priorities and 40 per cent of agencies had not conducted a business continuity scenario testing exercise in the period from 1 January 2019 to 31 December 2019. Scenario testing improves the effectiveness with which a live crisis is handled.

This section focusses on the preparedness of agency business continuity and disaster recovery planning arrangements prior to the onset of the COVID-19 pandemic. While agencies have responded to the recent emergencies, proactively addressing deficiencies will ensure agencies have adequate safeguards in their processes to again respond in the future, if required.

This chapter outlines our audit observations, conclusions and recommendations, arising from our review of procurement agency procurement policies and procurement activity.

Section highlights

We found agencies have procurement policies in place to manage procurement activity, but the content of these policies was not sufficiently detailed to ensure compliance with NSW Procurement Board Directions (the Directions). The Directions aim to ensure procurement activity achieves value for money and meets the principles of probity and fairness.

Agencies have generally implemented controls over their procurement process. In relation to emergency procurement activity, agencies reported conducting 32,239 emergency procurements with a total contract value of $316,908,485 up to 30 June 2020. Our review of emergency procurement activity conducted during 2019–20 identified areas where some agencies did not fully comply with the 'COVID-19 Emergency procurement procedure'.

We also found not all agencies are maintaining complete and accurate contract registers. This not only increases the risk of non-compliance with GIPA legislation, but also limits the effectiveness of procurement business units to monitor contract end dates, contract extensions and commence new procurement in a timely manner. We noted instances where agencies renewed or extended contracts without going through a competitive tender process during the year.

This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency compliance with financial and human resources delegations.

Section highlights

We found that agencies are not always regularly reviewing and updating their financial and human resources delegations when there are changes to legislation or other organisational changes within the agency or from machinery of government changes. For example, agencies did not understand or correctly apply the requirements of the GSF Act, resulting in non-compliance with the Act. We found that 18 per cent of agencies spent deemed appropriations without obtaining an authorised delegation from the relevant Minister(s), as required by sections 4.6(1) and 5.5(3) of the GSF Act.

In order for agencies to operate efficiently, make necessary expenditure and human resource decisions quickly and lawfully, particularly in emergency situations, it is important that delegations are kept up to date, provide clear authority to decision makers and are widely communicated.

Appendix one – List of 2020 recommendations

Appendix two – Status of 2019 recommendations

Appendix three – Cluster agencies

Copyright notice

Audit progress

Sector

Year

Report type

Topic

Reports

What this report is about

Findings

Recommendations

What this report is about

The audit found

The key audit issues were

Section highlights

Section highlights

What this report is about

What we found

What the key issues were

What we recommended

Section highlights

Section highlights

What this report is about

What we found

What the key issues were

What we recommended

Section highlights

Section highlights

Section highlights

Copyright notice

What the report is about

What we found

What the key issues were

What we recommended

Section highlights

Section highlights

Copyright notice

What the report is about

What we found

What we recommended

The Independent Auditor's Report was qualified and also included an emphasis of matter

The Independent Auditor’s Report was modified due to a limitation of scope on the balances consolidated in the TSSA relating to the CMCT

An emphasis of matter drawing attention to uncertainty relating to the General Government Sector's investment in the Transport Asset Holding Entity (TAHE) remains

Other financial reporting matters

All government agencies were granted an extra week to submit financial statements for audit

NSW Treasury concluded CMCT is a controlled entity of the State

Recommendation

The TSSA audit opinion included a limitation of scope

The process of information sharing by NSW Treasury continues to require improvement

Recommendation

Ten-year commercial agreements were signed between TAHE, operators and TfNSW

TAHE's main customers principally rely on government funding to pay access and licence fees

Significant funding uncertainties remain

In 2021–22, TAHE and NSW Treasury prepared further modelling to support the Government's intent to earn a 2.5% return inclusive of recovering the holding (revaluation) loss of $20.3 billion on its investment in TAHE

There is negative net impact on the budget after 2024–25 and this will grow in the future

The government continues to respond to the impact of the COVID-19 pandemic on New South Wales through its economic stimulus measures

There were 14 natural disaster declarations including four severe weather events in 2021–22

Natural disaster expenses increased 143% to $1.4 billion in 2021–22, up from $569 million last year

Deficit of $15.3 billion compared with a budgeted deficit of $8.6 billion

Revenues increased $16.1 billion to $106.7 billion

Taxation revenue increased by 13.3%

Assets grew by $53 billion to $571 billion

Valuing the State’s physical assets

State’s physical assets valued at $437 billion

What the report is about

What we found

What the key issues were

What we recommended

Section highlights

Section highlights

The number of findings reported to management has increased, and 31% were repeat issues

A high-risk matter was reported at the TAFE Commission highlighting instances of non-compliance with policies and procedures guiding appropriate purchasing card use

Recommendation

What the report is about

What we found

Financial reporting

Internal controls

What we recommended

Fast facts

Section highlights

Section highlights

Section highlights