Main navigation

Appendix one – Misstatements in financial statements submitted for audit

Copyright notice

19 December 2022

Published

Enterprise, Investment and Trade 2022

Finance

Asset valuation

Compliance

Cyber security

Financial reporting

Information technology

Internal controls and governance

Management and administration

Procurement

Regulation

Risk

What the report is about

Result of the Enterprise, Investment and Trade cluster agencies' financial statement audits for the year ended 30 June 2022.

What we found

The Machinery of Government changes within the Enterprise, Investment and Trade cluster resulted in the creation of the Department of Enterprise, Investment and Trade and the transfer of $1.0 billion of net assets into the new department.

Unmodified audit opinions were issued for all completed cluster agencies' 2021–22 financial statements audits. Two audits are ongoing.

An 'Other Matter' paragraph was included in the audit opinion for the Jobs for NSW Fund's 30 June 2021 financial report to reflect the non-compliance with the Jobs for NSW Act 2015 (the Act) and Government Sector Finance Act 2018. The Act requires the board to consist of seven members that include the Secretary of the Treasury, the Secretary of the Department of Premier and Cabinet, and five ministerial appointments. The board has consisted of two secretaries since 24 May 2019 when the independent members resigned. The remaining five members have not been appointed by the ministers as required by section 5(2) of the Act.

Three cluster agencies accepted changes to their office leasing arrangements managed by Property NSW. This has resulted in the collective derecognition of $24.8 million of right-of-use assets and $26.7 million in lease liabilities, and recognition of $1.9 million of other gains.

What the key issues were

The number of issues we reported to management decreased from 108 in 2020–21 to 103 in 2021–22. Thirty per cent of issues were repeated from the prior year.

Six high-risk issues were identified across the cluster related to the quality and timeliness of financial reporting, governance processes and internal controls.

Recommendations were made to address these deficiencies.

This report provides Parliament and other users of the Enterprise, Investment and Trade cluster's financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

financial reporting
audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Enterprise, Investment and Trade cluster (the cluster) for 2022.

Section highlights

Unqualified audit opinions were issued for all completed cluster agencies 2021–22 financial statements audits. The Jobs for NSW Fund and Responsible Gambling Fund audits are ongoing.
An 'Emphasis of Matter' paragraph was included in the Australian Institute of Asian Culture and Visual Arts Limited's 30 June 2022 financial statements to draw attention to management’s disclosures that the entity's financial statements for the year ended 30 June 2022 were prepared on a non-going concern basis following cessation of its operations and resolution by the directors in October 2021 to deregister the entity.
An 'Other Matter' paragraph was included in the Jobs for NSW Fund's 30 June 2021 financial report to reflect the non-compliance with the Jobs for NSW Act 2015 and Government Sector Finance Act 2018.
The Act requires the board to consist of seven members that include the Secretary of the Treasury, the Secretary of the Department of Premier and Cabinet (or their nominees) and five ministerial appointments, one of whom is to be appointed as Chair of the board. The board has consisted of the two secretaries since 24 May 2019 when the independent members resigned. The remaining five members have not been appointed by the ministers as required by section 5(2) of the Act.
An 'Emphasis of Matter' paragraph was included in the Jobs for NSW Fund's 30 June 2021 financial report to draw attention to the financial report being prepared for the purpose of fulfilling the Jobs for NSW Fund's financial reporting responsibilities as requested by the Treasurer's delegate.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Enterprise, Investment and Trade cluster.

Section highlights

In 2021–22, there were 103 findings raised across the cluster, a decrease from 2020–21.
In total, six high-risk findings were identified during 2021–22. Two related to 2021–22 whilst four were related to the audit of Jobs for NSW Fund's 30 June 2021 financial report.
Thirty per cent of all findings during 2021–22 were repeat issues. The most common repeat issues related to information technology controls and accounting for property plant and equipment notably fair value assessment and valuation.

Appendix one – Misstatements in financial statements submitted for audit

Copyright notice

7 December 2022

Published

Health 2022

Health

Whole of Government

Asset valuation

Compliance

Cyber security

Financial reporting

Information technology

Infrastructure

Internal controls and governance

Management and administration

Procurement

Risk

Service delivery

Shared services and collaboration

Workforce and capability

What the report is about

Result of Health cluster (the cluster) agencies' financial statement audits for the year ended 30 June 2022.

What we found

Unmodified audit opinions were issued for the financial statements for all Health cluster agencies.

The COVID-19 pandemic continued to increase the complexity and number of accounting matters faced by the cluster. The total gross value of corrected misstatements in 2021–22 was $353.3 million, of which $186.7 million related to an increase in the impairment provision for Rapid Antigen Tests (RATs).

A qualified audit opinion was issued on the Annual Prudential Compliance Statement related to five residential aged care facilities. There were 20 instances (19 in 2020–21) of non-compliance with the prudential responsibilities within the Aged Care Act 1997.

What the key issues were

The total number of matters we reported to management across the cluster decreased from 116 in 2020–21 to 67 in 2021–22. Of the 67 issues raised, four were high risk (three in 2020-21) and 37 were moderate risk (57 in 2020–21). Nearly half of all control deficiencies reported in 2021–22 were repeat issues.

Three unresolved high-risk issues were:

COVID-19 inventories impairment – we continued to identify issues relating to management’s impairment model which relies on anticipated future consumption patterns. RATs had not been assessed for impairment.
Asset capitalisation threshold – management has not reviewed the appropriateness of the asset capitalisation threshold since 2006.
Forced-finalisation of HealthRoster time records – we continued to observe unapproved rosters being finalised by system administrators so payroll can be processed on time. 2.6 million time records were processed in this way in 2021–22.

What we recommended

COVID-19 inventories impairment – ensure consumption patterns are supported by relevant data and plans.
Assets capitalisation threshold – undertake further review of the appropriateness of applying a $10,000 threshold before capitalising expenditure on property, plant and equipment.
Forced-finalisation of HealthRoster time records – develop a methodology to quantify the potential monetary value of unapproved rosters being finalised.

This report provides Parliament and other users of Health cluster (the cluster) agencies' financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

financial reporting
audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Health cluster (the cluster) for 2022.

Section highlights

Unqualified audit opinions were issued for all cluster agencies required to prepare general purpose financial statements.
The total gross value of corrected monetary misstatements for 2021–22 was $353.3 million, of which, $186.7 million related to an increase in the impairment provision for Rapid Antigen Tests.
A qualified audit opinion was issued on the ministry's Annual Prudential Compliance Statements.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the cluster.

Section highlights

The total number of internal control deficiencies has decreased from 116 in 2020–21 to 67 in 2021–22. Of the 67 issues raised in 2021–22, four were high (2020–21: 3) and 37 were moderate (2020–21: 57); with nearly half of all control deficiencies reported in 2021–22 being repeat issues.
The following four issues were reported in 2021–22 as high risk:
- impairment of COVID-19 inventories
- inadequate review over the appropriateness of asset capitalisation threshold
- forced-finalisation of HealthRoster time records
- COVID-19 vaccination inventories – data quality issue at 31 March 2022.
Management of excessive leave balances and poor quality or lack of documentation supporting key agreements continued to be the key repeat issues observed in the 2021–22 financial reporting period.

Appendix one – Response from agency

Copyright notice

7 December 2022

Published

New South Wales COVID-19 vaccine rollout

Health

Internal controls and governance

Management and administration

Project management

Risk

Service delivery

What the report is about

The Australian Government led and implemented the Australian COVID-19 vaccine rollout, with the support of state and territory governments. As part of the Australian Government's vaccine rollout, NSW Health launched its vaccination program on 22 February 2021, with responsibility for distributing and administering COVID-19 vaccine stock provided by the Australian Government.

This audit examined the period 1 January 2021 to 31 December 2021 and focused on NSW Health's contribution to the Australian Government led vaccine roll out in four Local Health Districts (LHDs), in particular the administration of two doses of vaccine to people aged 16 and over.

What we found

On 16 October 2021, NSW Health, in partnership with the Australian Government's vaccination program, achieved its first objective to fully vaccinate 80% of people in NSW aged 16 and over. Demand for the vaccine reduced in December 2021, and NSW Health did not reach its target of 95% fully vaccinated for people aged 16 and over until June 2022.

Despite challenges such as uncertain supply and changes to clinical advice affecting vaccine eligibility, NSW Health's overall delivery of vaccination services was effective and efficient.

During the audit period, NSW Health implemented effective strategies to allocate vaccines and reduce wastage to optimise the number of vaccines available.

NSW Health implemented its own booking system after it identified that the Australian Government's system would not manage bookings. There were problems with NSW Health's interim vaccine booking system, and NSW Health fully resolved these issues by September 2021.

As at 19 October 2022, vaccination rates for Aboriginal peoples and culturally and linguistically diverse people remained below the 95% target.

What we recommended

By June 2023, NSW Health should conduct a comprehensive review of the COVID-19 vaccine rollout and incorporate lessons learned into pandemic response plans.

The first three cases of COVID-19 in New South Wales were diagnosed in January 2020. By 30 June 2021, 128 people were being treated in hospital and one person was in intensive care. By the end of December 2021, 187,504 total cases and 663 deaths were reported in New South Wales. As at 27 October 2022, NSW Health reported more than three million total cases and 5,430 deaths.

The COVID-19 pandemic continues to have a significant impact on the people and the health sector of New South Wales. The Australian, state, territory, and local governments have directed significant resources towards health responses and economic recovery.

On 13 November 2020, National Cabinet (comprised of the Australian, state, and territory governments) endorsed the Australian COVID-19 Vaccination Policy. Australia's vaccination program was launched on 21 February 2021 with the goal of providing safe and effective vaccines to the people who most needed them as quickly as possible, to support the physical, mental and economic wellbeing of the nation.

The Australian Government led and implemented the Australian vaccine rollout, with the support of state and territory governments. As part of the Australian Government's vaccine rollout, NSW Health launched its vaccination program on 22 February 2021, with responsibility for distributing and administering COVID-19 vaccine stock provided by the Australian Government.

The overall objective of this audit was to assess the effectiveness and efficiency of NSW Health’s contribution to the Australian COVID-19 vaccine rollout. It is important to note that in New South Wales, primary care providers (GPs and pharmacies) and aged care providers administered the majority of vaccines. Primary care providers and aged care providers are the responsibility of the Australian Government.

The audit had a particular focus on whether NSW Health:

set clear vaccination targets underpinned and/or guided by evidence
managed the rollout of the vaccination program effectively and efficiently
managed demand of vaccines effectively and efficiently.

The audit examined the period 1 January 2021 to 31 December 2021 and focused on NSW Health's contribution to the Australian Government led vaccine rollout in four Local Health Districts (LHDs), in particular the administration of two doses of vaccine to people aged 16 and over. We did not audit the subsequent rollout for ages five to 15, or the booster rollout (third and fourth doses) as these activities mostly occurred outside the date of our review.

This audit also did not assess the Australian Government’s allocation of vaccine supplies to New South Wales because we do not audit the Australian Government's activities. On 17 August 2022, the Australian National Audit Office completed a performance audit which assessed the Australian Department of Health and Aged Care's effectiveness in the planning and implementation of Australia's COVID-19 vaccine rollout.

This audit is one of a series of audits that have been completed or are in progress regarding the New South Wales COVID-19 emergency response. This includes the planned performance audit ‘Coordination of the response to COVID-19 (June to November 2021)’, and financial audit assurance activities focusing on Local Health District processes and controls to manage the receipt, distribution and inventory management of vaccine stock. The Audit Office New South Wales '2022–25 Annual Work Program' details the ongoing focus our audits will have on providing assurance on the effectiveness of emergency responses.

Conclusion

By 12 December 2021, NSW Health had administered two doses of vaccines to one third of eligible people in New South Wales aged 16 and over – contributing significantly to the achievement of the NSW Government vaccination target of 80% fully vaccinated before 31 December 2021. Despite challenges such as uncertain supply and changes to clinical advice affecting vaccine eligibility, NSW Health's overall delivery of vaccination services was effective and efficient.

Vaccination levels in some vulnerable populations remain below the 95% double dose target currently in place. Access to quality data to regularly measure vaccination rates in some vulnerable populations remains an ongoing challenge for the NSW and Australian Governments. As a result, NSW Health is unable to fully ensure it has delivered on its shared responsibility with the Australian Government to vaccinate vulnerable people.

NSW Health managed challenges regarding the uncertain supply of vaccines from the Australian Government and filled gaps beyond its agreed responsibilities in the National Partnership on COVID-19 Response. During the Delta outbreak of the pandemic, NSW Health sought to achieve the best possible public health outcome from limited vaccine supply by opening up additional vaccination clinics in highly affected areas and redistributing vaccine supplies from areas with fewer cases to highly affected local government areas in south west Sydney.

During the audit period, NSW Health implemented effective strategies to allocate vaccines and reduce wastage to optimise the number of vaccines available. Our financial audit report, 'Health 2022', includes additional information on vaccine supply stock held by NSW Health.

NSW Health demonstrated agility by using a range of strategies to promote vaccination, including direct engagement with communities to develop culturally appropriate services such as pop-up clinics. NSW Heath recruited prominent community members, such as faith leaders, elders and sportspeople, to promote vaccination within their communities. However, at the date of this report, there are still vulnerable populations with vaccination rates lower than the current 95% double dose vaccination target. There is also a lack of regularly updated data for some cohorts which prevents NSW Health from accurately monitoring vaccination rates in some populations it has identified as vulnerable.

In March 2021, NSW Health identified that the booking system provided by the Australian Government was an online directory of vaccine clinics and would not manage bookings. To overcome this, NSW Health amended an internal-use system to be publicly facing. This solution was not user-friendly for staff or those seeking to make an appointment. Between June to September 2021, NSW Health progressively resolved booking system related issues, by developing and rolling out a new purpose-built booking solution for NSW Health vaccination clinics.

Appendix two – Australian audits on the vaccine rollouts

Appendix three – Committee members

Appendix four – About the audit

Appendix five – Performance auditing

Copyright notice

Parliamentary reference - Report number #369 - released 7 December 2022

30 November 2022

Published

Customer Service 2022

Finance

Asset valuation

Compliance

Cyber security

Financial reporting

Information technology

Internal controls and governance

Management and administration

Procurement

Regulation

Risk

Service delivery

Shared services and collaboration

What the report is about

Result of the Customer Service cluster agencies' financial statement audits for the year ended 30 June 2022.

What we found

Unmodified audit opinions were issued for Customer Service cluster agencies.

What the key issues were

The number and size of Service NSW's administered grant programs have increased significantly in response to emergency events. Improvements are required to address gaps in Service NSW's policies, systems and processes in administering and financial reporting of grant programs.

The Department of Customer Service (the department) reported a retrospective correction of a prior period error of $33.3 million understatement of the land titling database, which is a service concession asset managed by a private operator.

The 2021–22 audits identified five high-risk issues across the cluster:

the department:
- control weaknesses in user access to GovConnect systems
- significant control deficiencies in information technology change management controls
Rental Bond Board:
- legislation amendment required to better support the accounting treatment of rental bonds
- no delegation instrument to government officers authorising them to approve expenditures
Service NSW:
- improvements required in the timeliness and quality of grant administration revenue assessment and controls over the recovery of grant administration costs.

Recommendations were made to address these deficiencies.

This report provides Parliament and other users of the Customer Service cluster's financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

financial reporting
audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Customer Service cluster (the cluster) for 2022.

Section highlights

Unqualified audit opinions were issued on the financial statements of cluster agencies.
Reported corrected misstatements decreased from 33 in 2020–21 to 30 with a gross value of $406 million in 2021–22 ($418.9 million in 2020–21). Reported uncorrected misstatements decreased from 13 in 2020–21 to nine with a gross value of $31.8 million in 2021–22 ($78 million).
Seven of nine cluster agencies did not submit or complete certain mandatory early close procedures on time.
Service NSW's late resolution of the accounting of $256 million revenue from administering COVID-19 and flood grant programs resulted in misstatements and delays in financial reporting and audit.
The Department of Customer Service corrected prior period errors retrospectively related to the valuation of a service concession asset (land titling database) which reduced the prior year comparative for service concession asset by $33.3 million in the financial statements.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Customer Service cluster.

Section highlights

The 2021–22 audits identified five high risks (three in 2020–21) and 36 moderate risk issues (59 in 2020–21) across the cluster. Fifty-three per cent of the issues (42% in 2020–21) were repeat issues. Many repeat issues related to information technology controls around user access management.
While improvement was noted in the number of control deficiencies in GovConnect ASAE 3402 controls assurance reports, internal control qualification and control deviation issues continued to occur in 2021–22. Ineffective controls at service providers increase the risk of fraud, error and security to data.
Cyber security governance and management requires improvement. The department is yet to fully implement Essential 8 Mitigation Strategies and the maturity level for several Essential 8 strategies is at Level Zero in the current maturity model. The department is in the process of completing the roll out of some long outstanding system patches.
Significant gaps were identified in Service NSW's policies, systems and processes in administering and financial reporting of grant programs.

Appendix one – Misstatements in financial statements submitted for audit

Appendix one – Included reports, 2018–2022

Copyright notice

30 June 2022

Published

Audit Insights 2018-2022

Community Services

Education

Environment

Finance

Health

Industry

Justice

Local Government

Premier and Cabinet

Planning

Transport

Treasury

Universities

Whole of Government

Asset valuation

Cross-agency collaboration

Compliance

Cyber security

Financial reporting

Fraud

Information technology

Infrastructure

Internal controls and governance

Management and administration

Procurement

Project management

Regulation

Risk

Service delivery

Shared services and collaboration

Workforce and capability

What the report is about

In this report, we have analysed the key findings and recommendations from our audit reports over the past four years.

This analysis includes financial audits, performance audits, and compliance audits of state and local government entities that were tabled in NSW Parliament between July 2018 and February 2022.

The report is framed by recognition that the past four years have seen significant challenges and emergency events.

The scale of government responses to these events has been wide-ranging, involving emergency response coordination, service delivery, governance and policy.

The report is a resource to support public sector agencies and local government to improve future programs and activities.

What we found

Our analysis of findings and recommendations is structured around six key themes:

Integrity and transparency
Performance and monitoring
Governance and oversight
Cyber security and data
System planning for disruption
Resource management.

The report draws from this analysis to present recommendations for elements of good practice that government agencies should consider in relation to these themes. It also includes relevant examples from recent audit reports.

In this report we particularly call out threats to the integrity of government systems, processes and governance arrangements.

The report highlights the need for balanced advice to government on options and risks, for transparent documentation and reporting of directions and decisions, and for early and open sharing of information with integrity bodies and audit.

A number of the matters highlighted in this report are similar to those described in our previous Insights Report, (Performance Audit Insights: key findings from 2014–2018) specifically in relation to cyber and information security, to performance measurement, reporting and evaluation, and system and workforce planning and capability.

Fast facts

72 audits included in the Audit Insights 2018–2022 analysis
4 years of audits tabled by the Auditor-General for New South Wales
6 key themes for Audit Insights 2018–2022.

picture of Margaret Crawford Auditor-General for New South Wales in black dress with city skyline as background I am pleased to present the Audit Insights 2018–2022 report. This report describes key findings, trends and lessons learned from the last four years of audit. It seeks to inform the New South Wales Parliament of key risks identified and to provide insights and suggestions to the agencies we audit to improve performance across the public sector.

The report is framed by a very clear recognition that governments have been responding to significant events, in number, character and scale, over recent years. Further, it acknowledges that public servants at both state and council levels generally bring their best selves to work and diligently strive to deliver great outcomes for citizens and communities. The role of audit in this context is to provide necessary assurance over government spending, programs and services, and make suggestions for continuous improvement.

However, in this report we particularly call out threats to the integrity of government systems, processes and governance arrangements. We highlight the need for balanced advice to government on options and risks, for transparent documentation and reporting of directions and decisions, and for early and open sharing of information with integrity bodies and audit. Arguably, these considerations are never more important than in an increasingly complex environment and in the face of significant emergency events and they will be key areas of focus in our future audit program.

While we have acknowledged the challenges of the last few years have required rapid responses to address the short-term impacts of emergency events, there is much to be learned to improve future programs. I trust that the insights developed in this report provide a helpful resource to public sector agencies and local government across New South Wales. I would be pleased to receive any feedback you may wish to offer.

Margaret Crawford
Auditor-General for New South Wales

Integrity and transparency	Performance and monitoring	Governance and oversight	Cyber security and data	System planning	Resource management
Insufficient documentation of decisions reduces the ability to identify, or rule out, misconduct or corruption.	Failure to apply lessons learned risks mistakes being repeated and undermines future decisions on the use of public funds.	The control environment should be risk-based and keep pace with changes in the quantum and diversity of agency work.	Building effective cyber resilience requires leadership and committed executive management, along with dedicated resourcing to build improvements in cyber security and culture.	Priorities to meet forecast demand should incorporate regular assessment of need and any emerging risks or trends. Absence of an overarching strategy to guide decision-making results in project-by-project decisions lacking coordination.	Governments must weigh up the cost of reliance on consultants at the expense of internal capability, and actively manage contracts and conflicts of interest.
Government entities should report to the public at both system and project level for transparency and accountability.	Government activities benefit from a clear statement of objectives and associated performance measures to support systematic monitoring and reporting on outcomes and impact.	Management of risk should include mechanisms to escalate risks, and action plans to mitigate risks with effective controls.	In implementing strategies to mitigate cyber risk, agencies must set target cyber maturity levels, and document their acceptance of cyber risks consistent with their risk appetite.	Service planning should establish future service offerings and service levels relative to current capacity, address risks to avoid or mitigate disruption of business and service delivery, and coordinate across other relevant plans and stakeholders.	Negotiations on outsourced services and major transactions must maintain focus on integrity and seeking value for public funds.
Entities must provide balanced advice to decision-makers on the benefits and risks of investments.	Benefits realisation should identify responsibility for benefits management, set baselines and targets for benefits, review during delivery, and evaluate costs and benefits post-delivery.	Active review of policies and procedures in line with current business activities supports more effective risk management.	Governments hold repositories of valuable data and data capabilities that should be leveraged and shared across government and non-government entities to improve strategic planning and forecasting.	Formal structures and systems to facilitate coordination between agencies is critical to more efficient allocation of resources and to facilitate a timely response to unexpected events.	Transformation programs can be improved by resourcing a program management office.
Clear guidelines and transparency of decisions are critical in distributing grant funding.	Quality assurance should underpin key inputs that support performance monitoring and accounting judgements.	Governance arrangements can enable input into key decisions from both government and non-government partners, and those with direct experience of complex issues.			Workforce planning should consider service continuity and ensure that specialist and targeted roles can be resourced and allocated to meet community need.
Governments must ensure timely and complete provision of information to support governance, integrity and audit processes.
Read more	Read more	Read more	Read more	Read more	Read more

This report brings together a summary of key findings arising from NSW Audit Office reports tabled in the New South Wales Parliament between July 2018 and February 2022. This includes analysis of financial audits, performance audits, and compliance audits tabled over this period.

Financial audits provide an independent opinion on the financial statements of NSW Government entities, universities and councils and identify whether they comply with accounting standards, relevant laws, regulations, and government directions.
Performance audits determine whether government entities carry out their activities effectively, are doing so economically and efficiently, and in accordance with relevant laws. The activities examined by a performance audit may include a selected program or service, all or part of an entity, or more than one government entity. Performance audits can consider issues which affect the whole state and/or the local government sectors.
Compliance audits and other assurance reviews are audits that assess whether specific legislation, directions, and regulations have been adhered to.

This report follows our earlier edition titled 'Performance Audit Insights: key findings from 2014–2018'. That report sought to highlight issues and themes emerging from performance audit findings, and to share lessons common across government. In this report, we have analysed the key findings and recommendations from our reports over the past four years. The full list of reports is included in Appendix 1. The analysis included findings and recommendations from 58 performance audits, as well as selected financial and compliance reports tabled between July 2018 and February 2022. The number of recommendations and key findings made across different areas of activity and the top issues are summarised at Exhibit 1.

The past four years have seen unprecedented challenges and several emergency events, and the scale of government responses to these events has been wide-ranging involving emergency response coordination, service delivery, governance and policy. While these emergencies are having a significant impact today, they are also likely to continue to have an impact into the future. There is much to learn from the response to those events that will help the government sector to prepare for and respond to future disruption. The following chapters bring together our recommendations for core elements of good practice across a number of areas of government activity, along with relevant examples from recent audit reports.

This 'Audit Insights 2018–2022' report does not make comparative analysis of trends in public sector performance since our 2018 Insights report, but instead highlights areas where government continues to face challenges, as well as new issues that our audits have identified since our 2018 report. We will continue to use the findings of our Insights analysis to shape our future audit priorities, in line with our purpose to help Parliament hold government accountable for its use of public resources in New South Wales.

Appendix two – About this report

Copyright notice

20 May 2022

Published

COVID-19: response, recovery and impact

Community Services

Education

Health

Justice

Premier and Cabinet

Transport

Treasury

Whole of Government

Cross-agency collaboration

Financial reporting

Management and administration

Service delivery

Shared services and collaboration

What the report is about

This report draws together the financial impact of COVID-19 on the agencies integral to responses across the state government sector of New South Wales.

What we found

Since the COVID-19 pandemic hit NSW in January 2020, and until 30 June 2021, $7.5 billion was spent by state government agencies for health and economic stimulus. The response was largely funded by borrowings.

The key areas of spending since the start of COVID-19 in NSW to 30 June 2021 were:

direct health response measures – $2.2 billion
personal protective equipment – $1.4 billion
small business grants – $795 million
quarantine costs – $613 million
increases in employee expenses and cleaning costs across most agencies
vaccine distribution, including vaccination hubs – $71 million.

The COVID-19 pandemic significantly impacted the financial performance and position of state government agencies.

Decreases in revenue from providing goods and services were offset by increases in appropriations, grants and contributions, for health and economic stimulus funding in response to the pandemic.

Most agencies had expense growth, due to additional operating requirements to manage and respond to the pandemic along with implementing new or expanded stimulus programs and initiatives.

Response measures for COVID-19 have meant the NSW Government is unlikely to meet targets in the Fiscal Responsibility Act 2012 being:

annual expense growth kept below long-term average revenue growth
elimination of State’s unfunded superannuation liability by 2030.

Fast facts

First COVID-19 case in NSW on 25 January 2020
COVID-19 vaccinations commenced on 21 February 2021
By 31 December 2021, 25.2 million PCR tests had been performed in NSW and 13.6 million vaccines administered, with 93.6% of the 16 and over population receiving two doses
During 2020–21, NSW Health employed an extra 4,893 full-time staff and incurred $28 million in overtime mainly in response to COVID-19
During 2020–21, $1.2 billion was spent on direct health COVID-19 response measures and $532 million was spent on quarantine for incoming international travellers

Section highlights

Up to 30 June 2021, $7.5 billion has been spent by state government agencies for health and economic stimulus.
Revenue increased for most agencies as falling revenue from providing goods and services was offset by additional funding from appropriations, grants and contributions.
Expenses increased as most agencies incurred additional costs to manage and respond to the pandemic along with delivering stimulus and support programs.
Borrowings of $7.5 billion over the last two years helped to fund the response to COVID-19.

Section highlights

NSW Government unlikely to meet targets in Fiscal Responsibility Act 2012.

6 May 2022

Published

Transport 2021

Transport

Asset valuation

Compliance

Financial reporting

Information technology

Infrastructure

Internal controls and governance

What the report is about

The results of the Transport cluster agencies’ financial statement audits for the year ended 30 June 2021.

What we found

Unmodified financial statement audit opinions were issued for all Transport cluster agencies. Resolution of issues delayed signing the Transport Asset Holding Entity of NSW (TAHE) until 24 December 2021. Matters relating to TAHE are also reported in the report on State Finances 2021.

Emphasis of Matter - TAHE

An Emphasis of Matter paragraph was included in TAHE's audit opinion to draw attention to uncertainty associated with:

future access and licence fees that are subject to re-signed agreements
an additional $4.1 billion of funding that is outside the forward estimates period
a significant portion of the fair value of TAHE’s non-financial assets is reflected in the terminal value, which is outside the ten-year contract period to 30 June 2031, and the risk that TAHE will not be able to negotiate contract terms to support current projections.

TAHE's transition from RailCorp also changed its valuation of assets to an income approach, resulting in a $20.3 billion decrease to the fair value. The fair value decrease was because the cash flows were not sufficient to support the previous recorded value.

TAHE corrected a misstatement of $1.2 billion relating to the valuation of its assets. This followed significant deliberation on key judgements and assumptions, with TAHE adopting risk assumptions in its valuation that were not in line with comparable benchmarks.

Emphasis of Matter - State Transit Authority of New South Wales

An Emphasis of Matter paragraph was included in the State Transit Authority of NSW's (the Authority) audit opinion to draw attention to the financial statements not prepared on a going concern basis. This was because the NSW Government put the Authority's bus contracts out to competitive tender and accordingly, management assessed the Authority's principal activities are not expected to operate for a full 12 months after 30 June 2021.

The implementation of AASB 1059 ‘Service Concession Arrangements: Grantors’ resulted in a net increase in assets of $23.5 billion across the Transport cluster.

The 2020–21 audits identified six high-risk and 45 moderate risk issues across the cluster. Fourteen of the moderate risk issues were repeat issues, including information technology controls around management of user access for key financial systems and payroll processes.

The high-risk issues, in addition to those related to TAHE and previously reported in the report on State Finances 2021, include:

absence of conflict of declarations related to land acquisition processes at Transport for NSW
no evidence of conflict of interest declarations obtained by TAHE from consultants and contractors regarding involvement in other engagements.

What we recommended

TAHE needs to:

finalise revised commercial agreements to reflect fees detailed in a Heads of Agreement signed on 18 December 2021
prepare robust projections and business plans to support the required rate of return.

NSW Treasury and TAHE should monitor the risk that control of TAHE assets could change in the future.

Transport for NSW needs to significantly improve its processes to ensure all key information is identified and shared with the Audit Office.

Transport agencies should implement a process to ensure conflicts of interest declarations are completed for land acquisitions and applied consistently across the cluster.

Transport agencies should implement a process to capture all contracts and agreements entered to ensure:

agencies are aware of contractual obligations
financial reporting implications are assessed, particularly with respect to leases, revenue and service concession arrangements.

Fast facts

The Transport cluster plans and delivers infrastructure and integrated services across all modes of transport. This includes road, rail, bus, ferry, light rail, cycling and walking. There are 11 agencies in the cluster.

$128b road and maritime system infrastructure assets as at 30 June 2021
100% unqualified audit opinions were issued on agencies 30 June 2021 financial statements
26 monetary misstatements were reported in 2020–21
$24.9b rail systems infrastructure assets as at 30 June 2021
6 high-risk management letter findings were identified
37% of reported issues were repeat issues

This report provides Parliament and other users of the transport cluster (the cluster) agencies’ financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:

financial reporting
audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the cluster for 2021.

Section highlights

Unqualified audit opinions were issued on all Transport agencies' financial statements.
An 'Emphasis of Matter' paragraph was included in the Transport Asset Holding Entity of New South Wales' (TAHE) Independent Auditor's Report to draw attention to significant uncertainty associated with the judgements, estimates and assumptions supporting the valuation of TAHE’s property, plant and equipment (PPE) and intangible assets.
In 2020–21, the former RailCorp transitioned to TAHE, a for-profit state-owned corporation. When TAHE became a for-profit entity, it was required to change its valuation approach. The value of a for-profit entity's assets cannot exceed the cash flows they might realise either through their sale or continued use. This change in the basis of valuation resulted in a decrease of $20.3 billion in the fair value of the assets. The decrease in fair value was because the cash flows, which support measurement under the income approach, were insufficient to support the previous valuation based on the current replacement cost of those assets.
TAHE also corrected a misstatement of $1.2 billion relating to the valuation of its assets after significant deliberation on key judgements and assumptions, with TAHE adopting higher risk assumptions in its valuation when compared to the relevant market benchmarks.
On 18 December 2021, a Heads of Agreement (HoA) was signed between TAHE, Transport for NSW, Sydney Trains and NSW Trains. This HoA reflected TAHE's intention to negotiate higher access and licence fees in order to meet the shareholding ministers' revised expectation of a higher rate of return. This matter resolved the treatment of a significant accounting issue in the State’s consolidated (whole-of-government) financial statements. Refer to the Report on State Finances tabled on 9 February 2022. The expectation of an additional $5.2 billion in fees added to the valuation of TAHE's PPE and intangibles, with a final value of $17.15 billion.
The implementation of AASB 1059 ‘Service Concession Arrangements: Grantors’ resulted in a net increase in assets of $23.5 billion across the cluster. AASB 1059 had a significant impact on Transport for NSW, Sydney Metro, Sydney Ferries and TAHE's 2020–21 financial statements.
TAHE corrected a misstatement of $97.2 million relating to the application of AASB 1059 'Service Concession Arrangements: Grantors' for the Airport Link Company Contract.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the cluster.

Section highlights

The number of findings reported to management increased from 56 in 2019–20 to 73 in 2020–21.
Thirty-seven per cent were repeat findings. Many repeat issues related to information technology controls around user access management and payroll processes. These included deficiencies in the monitoring of privileged user access to key financial systems, review of user access to key financial systems and segregation of duties between preparer and reviewer for new employee hires.
Six new high-risk issues were identified in 2020–21, an increase of three compared to last year.
One high-risk issue related to conflicts of interests not being declared by all officers involved in the land acquisition process at Transport for NSW.
Five high-risk issues arose from the audit of TAHE, with respect to:
- control over TAHE assets and operations
- asset valuations
- access price build up
- detailed business modelling to support returns
- conflict of interest management.
Based on the access and licence agreements signed at 30 June 2021 between TAHE, Sydney Trains and NSW Trains, our review of the expected returns calculated by NSW Treasury did not support the assumption that there was a reasonable expectation that a sufficient rate of return could be achieved from the NSW Government's investment in TAHE.
On 14 December 2021 the shareholding ministers' increased their expectations as to TAHE's target average return from 1.5 per cent to the expected long-term inflation rate of 2.5 per cent.
On 18 December 2021 the revised shareholder expectations were confirmed in a signed Heads of Agreement. The Heads of Agreement will increase access fees paid by rail operators to TAHE by $5.2 billion.
TAHE's access and licence agreements specified fees that were well short of the IPART regulated maximum (ceiling price).
The finalisation of the access and licence agreements with Sydney Trains and NSW Trains resulted in a significant write-down of TAHE's asset value by $20.3 billion. The revaluation loss will need to be recovered as part of the shareholders’ rate of return of 2.5 per cent in order to sustain the whole-of-government accounting treatment of cash contributions recorded as an equity contribution and not a grant expense.
There was a significant adjustment to TAHE’s valuation between the financial statements originally submitted for the audit and the final, signed financial statements due to differences in risk assumptions resulting in a correction of a $1.2 billion misstatement.

Findings reported to management

The number of findings reported to management has increased, and 37 per cent of all issues were repeat issues

Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues were reported to management and those charged with governance of agencies. The Audit Office does this through management letters, which include observations, related implications, recommendations and risk ratings.

In 2020–21, there were 73 findings raised across the cluster (56 in 2019–20) and 37 per cent of all issues were repeat issues (43 per cent in 2019–20).

In view of the recent performance audit ‘Managing Cyber Risks’ and compliance audit ‘Compliance with the NSW Cyber Security Policy’ involving the cluster, it is noted with concern that the most common repeat issues related to weaknesses in controls over information technology user access administration and password management. Moderate risk issues included completeness and accuracy of contract registers, accounting for assets and management of supplier and payroll masterfiles.

A delay in implementing audit recommendations increases the risk of intentional and accidental errors in processing information, producing management reports, and generating financial statements. This can impair decision-making, affect service delivery and expose agencies to fraud, financial loss and reputational damage. Control deficiencies may also mean agency staff are less likely to follow internal policies, inadvertently causing the agency not to comply with legislation, regulation, and central agency policies.

The table below describes the common issues identified across the cluster by category and risk rating.

Risk rating	Issue
Information technology
Moderate: 7 new, 4 repeat**	The financial audits identified opportunities for agencies to improve information technology processes and controls that support the integrity of financial data used to prepare agencies' financial statements. Of particular concern are issues associated with: monitoring of privileged user access user access management password configuration management.
Low: 4 new, 1 repeat***
Internal control deficiencies or improvements
High: 1 new*	The financial audits identified internal control deficiencies across key business processes, including: declarations of conflicts of interest over land acquisitions (see further details below) management of contracts and agreement register accounting for assets management of payroll and supplier masterfiles payroll processes.
Moderate: 15 new, 8 repeat**
Low: 2 new, 5 repeat***
Financial reporting
High: 3 new*	The financial audits identified opportunities for agencies to strengthen financial reporting, including: asset valuations (see further details below) detailed business modelling to support returns (see further details below) access price build-up (see further details below) timely capitalisation of completed assets.
Moderate: 3 new, 1 repeat**
Low: 2 new***
Governance and oversight
High: 1 new*	The financial audits identified opportunities for agencies to improve governance and oversight processes, including: control over TAHE assets and operations governance over Cyber Security.
Moderate: 2 new**
Non-compliance with key legislation and/or central agency policies
High: 1 new*	The financial audits identified the need for agencies to improve its compliance with key legislation and central agency policies, including: conflict of interest (COI) management outdated policies and procedures incomplete probation procedures.
Moderate: 4 new, 1 repeat**
Low: 1 new, 7 repeat***

* High-risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
** Moderate risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
*** Low risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
Note: Management letter findings are based either on final management letters issued to agencies.

2020–21 audits identified six high-risk findings

High-risk findings were reported at the following cluster agencies.

Agency	Description
2020–21 findings
Transport for NSW (new finding)	Declaration of conflicts of interest in the land acquisition process In 2021, we conducted a performance audit over the Acquisition of 4–6 Grand Avenue, Camellia which examined: whether Transport for NSW conducted an effective process to purchase 4–6 Grand Avenue, Camellia whether Transport for NSW has effective processes and procedures to identify and acquire property required to deliver the NSW Government’s major infrastructure projects. The report made several recommendations over Transport for NSW’s internal policies and procedures to guide the land acquisition process. As part of the financial audit, we obtained an understanding of key controls and processes relating to the acquisition of land, relevant to the audit of the financial statements. We found that conflicts of interests were not always declared by all officers involved in the land acquisition process. Furthermore, processes for declaring conflicts of interests are not consistently applied across cluster agencies. Out of a sample of 19 land acquisitions tested, we identified: 14 instances where there was no evidence of declarations of conflicts of interests made by the team members involved in the acquisition process 2 instances where conflicts of interest declarations were completed by key members of the acquisition team only at a project level 1 instance where conflicts of interest declarations were only completed by the property negotiator and the valuer, but not the other members of the acquisition team. Management advised that the land acquisition processes, at the time of the land acquisitions, did not require formal conflicts of interests to be declared as they believe that as per Transport for NSW code of conduct, declaration is only required where the staff member considers that a potential or perceived Conflict of Interest exists. However, Transport for NSW's Procurement Policy requires the documentation of formal declarations from all staff involved in procurement activities to formally disclose any conflicts of interest or state that they do not have a conflict of interest. This matter has been included as a high-risk finding in the management letter as absence of rigorous and consistent management of conflicts of interests, and non-compliance with established policies increases the risk that Transport for NSW may be exposed to reputational damage or financial losses in relation to land acquisitions. Furthermore, this may result in lack of probity or value-for money considerations during the land acquisition process. Further details are elaborated below under 'Land acquisitions'.
Transport Asset Holding Entity of New South Wales (new finding)	Control over TAHE assets and operations The State-Owned Corporations Act 1989 maintains that all decisions relating to the operation of a statutory state-owned corporation (SOC) are to be made by or under the authority of the board. However, under the Transport Administration Act 1988 (TAA), the functions of TAHE may only be exercised under one or more operating licences issued by the portfolio minister. The current Operating Licence confers terms and conditions for TAHE to carry out its functions, and imposes constraints on TAHE, including (but not limited to): railway operations not permitted transport services not permitted TAHE must not carry out maintenance of its assets. Such operating licences are short term in nature, and the TAA allows the transport minister (portfolio minister) to grant one or more operating licences to TAHE and may amend, substitute, or impose, amend or revoke conditions of the operating licence. For the current year, the legal form of the arrangements established in its first year of operation imply TAHE has control over the assets based on the Implementation Deed and the agreements signed with the public operators. However, risks remain as TAHE is in its early stages, and the actual substance of operations will need to be observed and considered. Given the restrictions that can be placed on the entity through the Operating Licence, and the ability to make further changes to the Operating Licence and Statement of Expectations set by the portfolio minister, there is a risk there could be limitations placed on the Board of Directors to operate with sufficient independence in its decision-making with respect to the operations of TAHE. Over time, this may further impact the degree of control required by TAHE to satisfy the recognition criteria over its assets. It may also fundamentally change the presentation of TAHE’s financial statements. Future limitations to the degree of control TAHE, and its Board, can exercise over its functions may impact the degree of control TAHE has over its assets going forward. As part of the 2021–22 audit, we will monitor and assess whether, in substance, these assets continue to be controlled by TAHE and whether, in substance, TAHE can operate as an independent SOC. We require management continue to demonstrate that TAHE continues to maintain control over its assets and has the ability to operate as an independent SOC. Further details are described below under 'Transport Asset Holding Entity'.
Transport Asset Holding Entity of New South Wales (new finding)	Asset valuation The final updated valuation was based on cash flows that were in a signed Heads of Agreement, which stated that it set out the proposed indicative future access and licence fees which will form the basis of the negotiations between TAHE, Transport for NSW, Sydney Trains and NSW Trains, who will work together to review access fees and licence fees payable under the agreements and to make all necessary changes to the Operating Agreements by 1 July 2022. This adds uncertainty in the cash flows. It is crucial that TAHE formalises these updated fees in legally binding signed access and licence agreements with the relevant parties as soon as possible. Refer below for further details on the Heads of Agreement.
Transport Asset Holding Entity of New South Wales (new finding)	Conflict of interest (COI) management For procurement transactions through direct negotiation with single quotes, there was no evidence of COI declarations obtained from the consultants and contractors regarding involvement in other engagements. Contractors and consultants are required to declare actual COI. However, there was no requirement to confirm nil conflict of interest. In addition, there is a risk that perceived COI may not be adequately assessed or managed. TAHE is expected to operate as an independent SOC and would need to ensure any perceived or actual conflict of interest is adequately addressed. Management should implement a process to: ensure conflicts of interest declarations are completed when engaging all consultants and contractors (including involvement with other engagements and confirmation of nil conflicts of interests) ensure probity is undertaken to identify any actual or perceived conflicts of interest. The declarations should consider individuals and relationships that may create, or may be perceived to create, conflicts of interest.
Transport Asset Holding Entity of New South Wales (new finding)	Detailed business modelling to support returns On 18 December 2021, Transport for NSW, TAHE and the operators, Sydney Trains and NSW Trains entered into a Heads of Agreement (HoA). This HoA forms the basis of negotiations to revise the pricing within the existing 10-year contracts and deliver upon the shareholders' expectation of a return of 2.5 per cent per annum of contributed equity, including recovering the revaluation loss incurred in 2020–21. TAHE needs to revise its business plan and include detailed business modelling that supports the shareholding ministers' revised expectations of return (2.5 per cent return on the State’s equity injections and recovery of the write-down of assets over the average useful life of those assets) and align the business plan and Statement of Corporate Intent. This requires more detailed projections, estimates and plans that support how TAHE expects to recover the asset write-down and expected returns to government. The current modelling for ten years needs to be enhanced with modelling over the expected recovery period of approximately 33 years.
Transport Asset Holding Entity of New South Wales (new finding)	Access price build-up Management explained that in determining access and licence fees for the agreements with Sydney Trains and NSW Trains, assets prior to the commencement of equity injections in 2015–16 were excluded from the calculations. Management explained the premise being that these assets were previously funded by government through capital grants. The replacement and refurbishment of these assets is expected to be through government funded maintenance performed through the public rail operators and/or the equity injections from NSW Treasury rather than through access and licence fees.

The number of moderate risk findings increased from prior year

Forty-five moderate risk findings were reported in 2020–21, representing a 73.1 per cent increase from 2019–20. Of these, 14 were repeat findings, and 31 were new issues.

Key moderate risk findings related to:

weaknesses in user access management to key financial systems
management of contracts and agreements register
management of supplier and payroll masterfiles
accounting for assets
control deficiencies at service organisations
segregation of duties relating to the hiring of employees
conflict of interest management
annual leave management
review of internal audit charter
disaster recovery planning.

Transport Asset Holding Entity of New South Wales

Background

The establishment of TAHE was originally announced by the NSW Government in the 2015–16 State Budget. On 1 July 2020, the former Rail Corporation New South Wales (RailCorp), a not-for-profit entity, transitioned to the Transport Asset Holding Entity of New South Wales (TAHE), a for-profit statutory state-owned corporation under the Transport Administration Act 1988. There was no change in the structure of TAHE as a new entity was not created. Ownership remains fully with the government. TAHE, and the former RailCorp, were both classified as Public Non-Financial Corporation (PNFC) entities within the Total State Sector Accounts.

Prior to 1 July 2015, the government paid appropriations to Transport for NSW, a General Government Sector (GGS) agency, to construct transport assets. When completed, these assets were granted to the former RailCorp, a not for-profit entity within the PNFC sector. The grants to the former RailCorp were recorded as an expense in the State’s GGS budget result.

From 1 July 2015, the government announced the creation of TAHE (a dedicated asset manager). Funding for new capital projects was to be provided through equity injections and was no longer recorded as an expense to the GGS budget, even though the business model was yet to be determined. The change, as explained in the 2015–16 State Budget, was due to the expectation that the former RailCorp will transition to TAHE, which was intended, over time to provide a commercial return. That Budget also highlighted how the change, which was largely a change in the basis of accounting, was intended to improve the GGS budget result each year. In total, the GGS has contributed approximately $11.1 billion to TAHE since 2015–16. This includes the equity injections from the GGS to TAHE made in the current year of $2.4 billion.

NSW Treasury initially set a timetable for the stand-up of TAHE of 1 July 2019, which included finalising the business model, operating model and contracts for the use of TAHE's assets. The enactment of the Transport Administration Act 1988 resulted in RailCorp transitioning to TAHE on 1 July 2020, 12 months after its originally planned operational date. Contributions paid to the former RailCorp and subsequently to TAHE by the GGS were treated as equity investments from July 2015 forward. This treatment continued, despite delays in settling the business model. In 2020, the Audit Office raised a high-risk finding due to the significance of the financial reporting impacts and business risks for NSW Treasury and TAHE.

The business model adopted and the flow of funds between transport agencies in the GGS and PNFC sectors is shown in the diagram below. For further details refer to the Report on State Finances 2021.

Appendix one – Misstatements in financial statements submitted for audit