Refine search Expand filter

Reports

Published

Actions for Cyber security insights 2025

Cyber security insights 2025

Communities
Education
Environment
Finance
Health
Industry
Justice
Local Government
Planning
Premier and Cabinet
Transport
Treasury
Universities
Whole of Government
Compliance
Cyber security
Information technology
Internal controls and governance
Risk

About this report

The reliance on information technology in modern government, in addition to the global interconnectivity between computer networks, has dramatically increased the risk of cyber security incidents. Such incidents can harm government service delivery and may include the theft of information, breaches of private information, denial of access to critical technology, or even the hijacking of systems for profit or malicious intent. These outcomes can have adverse impacts on the community and harm trust in government.

This report presents our analysis of the NSW Cyber Security Policy compliance data submitted by State agencies to Cyber Security New South Wales in 2024, along with insights into the cyber security environment drawn from selected reports published between 2018 and 2025. This analysis includes reports from performance audits, compliance audits and financial audits.

The report is a resource for the public sector. It provides insights into the challenges and opportunities for strengthening cyber resilience.

Insights

Key insights from the report’s analysis of Cyber Security policy compliance data include:

  • the need for agencies to focus on the cyber resilience gaps particularly in implementing ‘protect’ domain controls
  • a lack of independent assurance over agency reporting against the Cyber Security Policy
  • limited oversight of third-party providers
  • risk that aggregate reporting reduces visibility into agency compliance levels and cyber risks.

The report’s analysis of selected Auditor-General reports from 2018 and 2025 identifies that while cyber security governance in the NSW public sector has improved through broader adoption of policies and frameworks, there is still a critical need to:

  • address unclear roles
  • adequately identify information assets
  • manage third-party cyber security risk
  • address failures to meet basic protection standards
  • perform phishing simulations more regularly
  • align culture with cyber security environment to ensure controls are fit for purpose. 

The reliance on information technology in modern government, in addition to the global interconnectivity between computer networks, has dramatically increased the risk of cyber security incidents. Such incidents can harm government service delivery and may include the theft of information, breaches of private information, denial of access to critical technology, or even the hijacking of systems for profit or malicious intent. These outcomes can have adverse impacts on the community and harm trust in government.

This chapter presents key insights from analysis of the latest cyber security status reporting to Cyber Security NSW by NSW Government departments and public sector agencies. While equivalent sector analysis is not available for the university and local government sectors, the insights presented here are relevant to those sectors.

Chapter highlights

  • Most agencies do not fully meet the requirements of the NSW Cyber Security Policy (CSP) – in particular the ‘Protect’ domain, for which only 31% of the Mandatory Requirements are met by agencies overall.
  • There is no reporting of control compliance when this is performed by third parties. Agencies and Cyber Security NSW may not be aware of any non-compliance with the CSP by third parties.
  • Planned or in-progress cyber security uplift programs and budget constraints were the most common reasons given for partial or non-compliance with minimum requirements.
  • Aggregated reporting to Cyber Security NSW can mask issues at individual agencies, with 66 reports received across 177 agencies.
  • 27 agencies reported a total of 152 significant, high and extreme residual cyber security risks.
  • There is a lack of independent assurance over agencies’ reported compliance with the CSP.

This chapter focuses on thematic insights from audits of the cyber security environments within NSW state agencies, universities and the local government sectors between 2018 and the present. Key themes were identified and structured according to the Mandatory Requirements categories of ‘Govern and Identify’ ‘Detect, Respond and Recover’ and ‘Protect’, which are commonly used in the cyber security frameworks adopted across NSW Government entities.

Chapter highlights

  • The adoption and use of cyber security policies and frameworks has improved, but not consistently across the sectors.
  • Many entities reported cyber security risks exceeding their risk appetite, but not all have a formal uplift program.
  • While cyber security roles and responsibilities are established, they may not always be clearly defined and effectively communicated.
  • Inadequate asset identification can hinder protection prioritisation and incident response.
  • Third-party cyber risk management is a significant challenge given the prevalence of cases of cyber security incidents involving third parties.
  • Cyber security detection capability is improving but coverage is incomplete.
  • Testing of cyber incident response plans could improve along with the development of more comprehensive playbooks.
  • Many agencies have not met level one Essential Eight cyber protection measures despite these being a focus for many years.
  • Cyber security awareness training has improved but phishing simulations should be more commonly used.
  • Culture and accepted practice can drive non-compliance with protection controls.

Appendix 1 - Included reports 2018–2025

Appendix 2- Timeline of cyber security controls implementation across sectors

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Published

Actions for Local Small Commitments Allocation Program

Local Small Commitments Allocation Program

Premier and Cabinet
Treasury
Finance
Local Government
Compliance
Internal controls and governance
Management and administration
Project management
Regulation
Service delivery

About this report

This audit assessed the compliance of the Local Small Commitments Allocation Program (LSCA Program) with the NSW Grants Administration Guide (the Guide) and the Government Sector Finance Act 2018 (the Act).

The LSCA Program Office (the Program Office) was established in the NSW Premier’s Department in July 2023 to administer the LSCA Program.

Findings

Since its formation in July 2023, the Program Office effectively administered the LSCA Program in compliance with the Guide and the Act. The audit identified two exceptions: 54 assessment panel members’ conflicts were not identified and managed from a total of 644 approved projects, and there were some other minor administrative errors.

NSW Labor oversaw initial aspects of the administration of the LSCA Program. Where aspects of the LSCA Program were not performed by an auditable entity, nor by a non-government entity that received state government funding or other resources to deliver a state purpose, these activities fall outside the scope of the Auditor-General’s mandate.

The Guide could be clearer about how the public sector is to administer grants involving election commitments.

The Program Office’s review of conflicts of interest at the candidate level, was limited to 17 candidates put forward by the Special Minister of State. The Program Office advises it received verbal confirmation that conflicts of interest processes had been implemented by NSW Labor for all electorates, but did not seek documentation supporting NSW Labor’s conflicts of interest assessments.

The summarised merit assessment criteria do not fully reflect the legislative purposes of the funding source for the LSCA Program. As a result, there is a risk that the Minister was not provided with sufficient guidance to reach the state of satisfaction required by legislation.

Recommendations

The report made the following recommendations:

  • the NSW Government should consider updating the Grants Administration Guide to include additional guidance on how the public sector is to address financial accountability, probity, record keeping and administrative obligations when a grants administration process has been initiated as an election commitment
  • the Department should ensure conflicts of interest processes are implemented as intended for all future grant programs.

This chapter focuses on our assessment of the Program Office’s compliance with the requirements of the NSW Grants Administration Guide (the Guide), presented in two sections. The first section sets out the findings from our compliance assessment, presented by the grant activity categories referred to in chapter 3 of the Guide. The second section considers the funding of the Local Small Commitments Allocation Program (LSCA Program).

Appendix 1 – Response from entity

Appendix 2 – Chronology of events

Appendix 3 – About the audit

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #412 - released 26 June 2025

Published

Actions for Regulating mine rehabilitation

Regulating mine rehabilitation

Environment
Finance
Industry
Local Government
Planning
Treasury
Asset valuation
Regional NSW
Compliance
Information technology
Infrastructure
Internal controls and governance
Regulation
Risk
Workforce and capability

About this report

In NSW, mining companies are legally required to rehabilitate disturbed land and water to a safe and stable condition. Mining companies must also provide a security deposit to cover the cost of rehabilitation in case they default on their obligations.

The Department of Primary Industries and Regional Development (the Department) is responsible for overseeing and enforcing these requirements. These functions are delivered by a unit in the Department, known as the NSW Resources Regulator.

This audit assessed the effectiveness of the Department in monitoring compliance with and enforcing mine rehabilitation requirements. This audit focused on the rehabilitation of large mines.

Findings

The Department is not effectively monitoring and reporting on compliance with mining rehabilitation requirements. However, regulatory reforms introduced in July 2021 provide a more robust regulatory framework for mine rehabilitation. These changes, if implemented effectively, should provide the Regulator with a consolidated view of rehabilitation progress for large mines.

Current gaps in the Department’s data framework mean that it does not have a comprehensive and reliable view of rehabilitation progress and enforcement outcomes. This limits the Regulator’s ability to effectively regulate mine rehabilitation. Further, there is no current plan to evaluate the effectiveness of its regulatory program.

While the Regulator collects data on the amount of land under rehabilitation, it does not collect data on the amount of disturbed land available to mining companies for rehabilitation. Without this data, the Regulator is unable to determine whether a mining company has rehabilitated disturbed land as soon as reasonably practicable after the disturbance occurs.

The total value of rehabilitation security deposits held by the Department was around $4 billion in 2023–24. If there is a shortfall in deposits held for one mine, that shortfall cannot be covered by another mining company’s security deposit. A Rehabilitation Cost Estimate tool is used to calculate required security deposits for each mine. The Regulator updates this tool around every four years, but there is no allowance between reviews to account for inflation or changes to industry rates.

Recommendations

The audit makes four recommendations, including to:

  1. implement an evaluation plan to measure regulatory outcomes
  2. address gaps in the data framework
  3. develop and report publicly on key performance indicators and targets
  4. enhance governance and regulation for mine rehabilitation, including by ensuring planning documents consider emerging risks.

Mine rehabilitation requirements

The Mining Act 1992 (Mining Act) and Mining Regulation 2016 (Mining Regulation) provide the regulatory framework for mining in NSW. The Mining Act aims to foster social and economic benefits, while also minimising impacts on the environment.

Under the Mining Act and Mining Regulation, mining companies in NSW are required to:

  • as soon as reasonably practicable, restore land and water disturbed by mining to a safe and stable condition
  • provide a security deposit that covers the full cost of rehabilitation.

The lifecycle of a mine can span several decades. The mining approvals needed and the associated rehabilitation requirements over a mine’s lifecycle are shown in Exhibit 1.

Appendix 1 – Response from entity

Appendix 2 – About the audit

Appendix 3 – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #411 - released 25 June 2025

Published

Actions for Social housing

Social housing

Communities
Management and administration
Service delivery

About this report

Social housing is affordable rental housing provided to households with low incomes. In NSW, there are around 156,000 social housing dwellings. Social housing includes public housing, community housing and Aboriginal housing.

On 1 February 2024, Homes NSW was established as a division of the Department of Communities and Justice (DCJ) with responsibility for managing housing and homelessness services.

This audit assessed whether social housing is effectively and efficiently prioritised to meet the needs of vulnerable households, and whether social housing tenants are effectively supported to establish and sustain their tenancies.

Conclusion

The audit concluded that the process to apply for a social housing property is inefficient and inequitable. The application process requests substantial amounts of evidence to determine whether an applicant is a priority. Some applicants are supported by external agencies to collect this evidence while others cannot access support.

The process to allocate available social housing properties is inefficient and inequitable. In June 2024, DCJ took an average of 33 days to fill a vacant property. Just under a third of offers of housing result from manually selecting an applicant, rather than using the priority ranked list of applicants. DCJ does not centrally monitor manual allocation decisions, which risks inequitable outcomes.

Social housing tenants do not consistently receive effective support to help them establish a successful tenancy or sustain that tenancy when issues arise. DCJ does not have a clearly articulated strategy for supporting tenancies, nor does it monitor or report on the support it coordinates for tenants.

Recommendations

The report made five recommendations:

  1. Simplify the social housing application process.
  2. Review and improve the allocation and offer process.
  3. Regularly monitor and report on the use of manual allocations.
  4. Clearly articulate the role of Homes NSW as a social housing landlord.
  5. Align key data sets between DCJ and community housing providers.

This section assesses whether the process of applying for social housing is efficient, effective and equitable. It considers the collection of information on applicants and the process that applicants follow.

In June 2024 there were 56,332 households approved for social housing and waiting to be housed, including 9,428 households eligible for priority housing. The number of households changes daily as new households apply, some are allocated a property and some are removed from the Housing Register because they are no longer eligible for social housing.

Applicants for social housing are encouraged to apply online on the DCJ website or through the My Housing app. They can also call the Housing Response Centre for assistance or to apply by phone. Some applicants have specific needs such as a property that is close to employment, schools or public transport, or a dwelling that has been modified to accommodate disability.

When applying for social housing, applicants need to choose an area where they would like to be housed (referred to as an allocation zone). There are 246 allocation zones across NSW, which vary in size and also have different expected waiting times for housing. In cities an allocation zone can be a group of suburbs, while in regional areas the zones can be a single town or a group of towns. Applicants can only select one allocation zone when they apply for housing.

One third of calls to the Housing Response Centre are abandoned, meaning that many people face delays in receiving advice and assistance in applying for housing

In 2023–24 over one-third of calls for housing assistance were abandoned. The Housing Response Centre received around 133,000 calls for housing assistance, not including requests for temporary accommodation or private rental products. The average waiting time for answered calls was 19.5 minutes. Since 2021–22 only a small proportion of calls were answered within a target timeframe of three minutes (see Figure 8). Long wait times for a call to be answered discourages applicants from seeking advice about eligibility for housing or getting assistance with their application.

This section assesses whether applications for social housing are being effectively, efficiently and equitably prioritised to meet the needs of vulnerable households.

Both DCJ and community housing providers who process applications for housing use common policies and systems, known as Housing Pathways. Information about applications and applicants is stored in the Housing Operations Management and Extended Services (HOMES) system.

During 2023–24, 18,345 households were added to the NSW Housing Register. This was made up of 9,688 general applicants (53%) and 8,657 priority applicants (47%).

Systems and processes are shared between DCJ and community housing providers, supporting consistent decision-making on approving priority status

DCJ and community housing providers have clear guidance materials and written procedures for staff that promote equity in deciding priority status. DCJ has developed step-by-step process documents for assessing eligibility for social housing, requesting additional evidence and deciding the outcome of an application (Table 3). DCJ systems used for processing housing applications are effectively integrated with each other and with external organisations such as Centrelink.

Table 3: Steps in processing applications

Steps in processing applications

  1. Receive application online or by phone.
  2. Determine if the client needs temporary accommodation because they do not have a safe place to sleep.
  3. Create an ‘advice case’ in HOMES for housing assistance.
  4. Check that identity documents are provided, that client is an Australian citizen or permanent resident, and that client is a NSW resident.
  5. If key documents are missing, request additional evidence to support application.
  6. Conduct an initial assessment of the client’s eligibility for housing.
  7. Transfer applicants with complex or urgent housing needs to district office or community housing provider.
  8. Interview client about their application (if required).
  9. Request additional evidence to support application for priority housing.
  10. Conduct a detailed assessment of the application.
  11. Recommend priority status on the Housing Register and pass to team leader (if applicable).
  12. Approve or decline application and notify client.

Source: Adapted from DCJ policy and procedure documents.

Staff at the Housing Response Centre ask the most important questions first, to determine if a caller is at risk or currently experiencing homelessness. They then run through a series of questions to establish eligibility for housing and whether applicants have all the required documents. If additional information is needed following the initial phone call, staff send an email to request the missing evidence. The HOMES system automatically determines if priority assessment is needed, based on information entered into the system. This reduces the chance of errors during application processing.

The Housing Response Centre is a centralised call centre that provides phone support and processes standard applications for housing assistance. The call centre does not process applications for at-risk clients or for complex clients. These are passed to the relevant DCJ District office or community housing provider for processing, which may include providing support to vulnerable clients in completing the application. In August 2024 the Housing Response Centre processed 71.3% of the applications for housing and change of circumstances forms, while district offices processed 28.7%.

DCJ and the community housing providers we audited follow a similar process to decide whether an applicant is eligible for priority status. Client services officers recommend priority status, and applications are passed to a team leader for approval. This helps ensure consistency in making decisions about priority status.

The number of priority approved applicants has grown in recent years, increasing the evidence burden on applicants and time taken to process applications

In June 2024 there were 56,332 approved applicants on the NSW Housing Register waiting to be housed, including 9,428 households eligible for priority housing. Since June 2019 the number of priority households has more than doubled, from 4,484 households. Figure 10 shows that the increase is most noticeable in regional NSW, rising threefold from 1,265 households in 2019 to 4,235 households in 2024. Over the same time, priority applicants in Sydney increased by around 61%. This has added pressure to the workload of DCJ regional offices and community housing providers operating in regional areas.

This section assesses whether the process to allocate social housing properties is efficient, effective and equitable.

When a property becomes available, the system is designed to allocate it to the highest priority applicant, provided that the property meets their needs. Applicants for housing, including existing tenants requesting transfer to a different property, are categorised based on their level of need. There are over 30 categories of need, grouped into six rank levels. The highest ranked categories are ‘high priority at risk of homelessness’ and ‘high priority natural disaster’, while general households are ranked lowest.

These categories are the main determinant of the algorithm that selects the highest priority household when a property is available. The system then sorts the households in the highest ranked categories based on the number of days since they were added to the NSW Housing Register.

The proportion of properties allocated to households on the general Housing Register has fallen in recent years (see Figure 12).

This section assesses whether social housing tenants receive effective support to establish their tenancies. It considers the identification of support needs when starting a new tenancy.

In 2023–24, there were 8,257 households provided with a social housing dwelling. Of these, 6,278 (76%) were to priority applicants, more likely to have additional needs. Social housing tenants with complex needs are vulnerable to tenancy breakdown, which can have high costs for individuals and society. Working with tenants early to identify their needs, confirm any existing supports in place and check whether existing supports are meeting those needs can help set up tenants for success.

DCJ does not have a structured approach to assess the support needs of new tenants, which means approaches vary across locations

In 2023–24, there were 76% of newly housed applicants from a priority category. These are clients who had experienced homelessness, been affected by domestic and family violence, were elderly, or had medical or disability needs. There is no defined method to assess the background and support needs of new tenants. Approaches vary across locations, which, in turn, affects the referral to support services that may help tenants sustain a tenancy and avoid an exit into homelessness.

Vulnerability assessment tools are an example of a structured approach to objectively determine the support needs of vulnerable clients as they start a new tenancy (Table 7).

Table 7: Vulnerability assessment tools

Vulnerability assessment tools guide decisions about the support needs of vulnerable tenants

The vulnerability assessment tool (VAT) uses key indicators to determine the level of risk and vulnerability associated with an individual tenant or household. It assesses the level, extent and type of support required for people who are likely to be at greater risk of losing their tenancy.

The VAT provides a rating scale for key indicators across 20 domains associated with increased risks of tenancy failure including:

  • financial issues
  • health issues
  • age
  • self-care issues
  • living skills
  • addiction issues
  • previous tenancy issues.

The VAT provides a description against each indicator for three rankings of minor, moderate and major consequences of the issue being experienced by the applicant or tenant. The rankings against each indicator provide direction for the next steps that should be taken to support the tenant experiencing issues.

Source: Adapted from Community Housing Industry Association – Creating Sustainable Tenancies for Tenants with Complex Needs.

After a tenancy has been established, DCJ takes a reactive approach to identifying whether the tenancy is at risk. A recent evaluation noted that DCJ’s current approach is driven by observed breaches in the tenancy, which means that newer tenancies are classified as low risk because there has been less time to observe any breaches. The evaluation recommended that DCJ consider adding criteria known to be associated with tenancy risk (e.g. tenant history of rough sleeping). This would allow for those tenancies to be identified up front as potentially requiring additional supports, prior to risk escalating following an identified tenancy breach.

The Social and Affordable Housing Fund program provides funding for participating community housing providers to take a structured approach to identifying tenant support needs

The Social and Affordable Housing Fund includes contractual requirements for participating community housing providers to take a structured approach to identifying tenant vulnerability and support. There is a specific service stream with separate funding to undertake this function. The Fund covers a relatively small portion of properties managed by community housing providers (there were 3,341 residents in social housing properties under this fund at 31 December 2024).

For Social and Affordable Housing Fund properties, community housing providers are required to conduct a tenant needs assessment for each household member within six weeks of signing a residential tenancy agreement. The tenant needs assessment covers:

  • need for support services
  • whether existing access to support services meets current needs
  • factors that may inform the level of support needed (e.g. employment status, highest level of education, history of homelessness)
  • likelihood of transitioning out of social housing in the short-term and/or long-term.

The results of the tenant needs assessment inform the creation of a tenant support services plan. The DCJ contract with providers specifies that the support plan is to be developed in collaboration with the individual and tailored to the needs and goals of the tenant or household member.

An evaluation examining the Social and Affordable Housing Fund reported positive findings in relation to overall tenant satisfaction and satisfaction with the quality of tailored support coordination. The evaluation did note that a universal approach was being taken to the assessment of tenant needs, rather than a risk-based approach. Better targeting resources to higher-risk groups could allow for more intensive support services where there is greatest risk of a tenancy failure.

Beyond the subset of Social and Affordable Housing Fund properties, community housing providers have a range of approaches to assess the vulnerability and support needs of new tenants. For example, Homes North uses the Best Start Assessment as its structured approach (Table 8).

Table 8: Homes North – Best Start Assessment

Homes North takes a structured approach to identify tenant support needs

The Best Start Assessment is a tool that assists Homes North with the allocation of both properties and resources. Best Start is a targeted needs analysis to identify support for tenants with complex needs. The assessment is not a rating system, but groups tenants based on their support requirements.

The aim of Best Start is to identify the support required by tenants, so that Homes North can lead and provide support and operational services that make a real difference, supported by reporting and data.

Organisationally, Best Start helps Homes North to balance portfolios across teams to allow tenancy staff to spend the time needed with individual tenants. The data collected from the assessment allows Homes North to monitor the different types of support required and offered to tenants, including any gaps in provision.

Homes North provides guidelines to help staff administer the Best Start Assessment. The result of the assessment organises tenants into five groups, that identify the level of support needed:

  • Best Start – the household requires no support, the tenancy is satisfactory and there are no identified complexities involved.
  • Best Start Lite – the household has faced challenges previously, however, there are no current challenges identified.
  • Best Start Maintain – the household is currently facing challenges in one or more areas and is working with Homes North to address those challenges, demonstrating the ability to maintain their tenancy.
  • Best Start Prevent – the household is currently facing two or three challenges and their tenancy is at risk.
  • Best Start Extra – the household is currently facing four or more serious challenges and their tenancy is at immediate risk of breakdown.

Source: Adapted from information provided by Homes North.

Initial visits early in a tenancy can identify issues and support needs but many visits are missed

In the year to June 2024, only 58% of DCJ managed tenancies that commenced within the last 12 months had a successful visit completed within 12 weeks (against a target of 95%). DCJ policy is to visit tenants within the first eight weeks of a new tenancy. Visiting tenants during the first few months of a new tenancy is an important way to check on tenant wellbeing and property care. The first visit can identify any issues that may place the tenancy at risk and trigger referrals to support services.

Staff we interviewed reported that new tenants who have previously been receiving a high degree of support in crisis accommodation may encounter difficulties once they commence a social housing tenancy and their previous high level of support falls away.

The low proportion of new tenants visited within the first 12 weeks means an opportunity is missed for DCJ to identify early warning signs of a tenant not coping well in the new property and to respond by making referrals to support services that may prevent the tenancy from failing. DCJ tenancy staff we spoke with told us that one of the reasons for not meeting visitation targets is that portfolios of tenants are large. Similarly, staff responding to a workload analysis conducted by DCJ in late 2023 reported significant increases in applications, high workloads in managing temporary accommodation and large portfolio sizes as factors contributing to the inability to work proactively with clients to address their needs.

The Community Housing Providers we audited had similar policies to visit new tenants within the first 6–10 weeks. They told us of the importance of these visits in establishing a successful tenancy and making referrals to support services. Two of the three community housing providers regularly include a second staff member for initial visits, who has a focus on identifying support needs and making referrals to relevant services.

As social housing has increasingly been targeted to those in greatest need, the level and complexity of social housing tenant needs has also risen. This has increased expectations on social housing providers to coordinate access to support, as well as increasing the costs of managing this function. If the support needs of tenants are unaddressed, the wellbeing of tenants and that of neighbouring residents may be affected, and ultimately result in tenancy breakdown.

A failed tenancy has significant costs if it results in a household experiencing homelessness. DCJ reported the total cost to the NSW Government of someone experiencing homelessness is seven times more than a person not experiencing homelessness ($23,100 compared to $3,300 each year). For those rough sleeping, the costs can be significantly higher (estimated at $142,800 per person per year). For individuals, experiences of homelessness contribute to premature and preventable death (for example, suicide, violence, substance abuse and chronic ill-health).

Tenants in community housing and Aboriginal Housing Office properties are eligible for Commonwealth Rent Assistance. The full amount of Commonwealth Rent Assistance is passed on to community housing providers and the Aboriginal Housing Office, resulting in extra funds that can be used for tenancy management. The proportion of housing managed by community housing providers varies across the state. For example, community housing providers manage:

  • over 90% of social housing in the Mid-North Coast and Northern Sydney areas
  • less than 25% of social housing in the Western Sydney, South-Western Sydney and South-Eastern Sydney areas.

DCJ does not have a clear or consistent approach to assisting tenants to access support

There are no references in legislation or statewide strategies that outline a requirement for DCJ to coordinate access to support services for tenants. DCJ’s previous social housing strategy (Future Directions for Social Housing) did not detail approaches to sustaining social housing tenancies. The strategy focused on helping clients avoid social housing or transition from social housing into the private rental market.

DCJ’s procedures encourage staff to refer vulnerable clients to appropriate organisations or agencies. Its guidelines identify best practice information specific to:

  • alcohol and other drugs
  • clients with severe mental illness
  • children at risk of significant harm
  • clients with disability
  • hoarding and squalor
  • clients experiencing domestic and family violence
  • Aboriginal and/or Torres Strait Islander clients.

DCJ does not centrally record, monitor or report on referrals for support. This means that tenants’ access to support will vary depending on the capacity and capability of staff in their local office. DCJ districts we visited have local arrangements to track referrals to external services. Arrangements are focused on operational planning and are not aggregated in a way that allows for statewide analysis. DCJ advised that it is exploring options to introduce this functionality into the HOMES system.

DCJ operates one pilot program (Sustaining Tenancies in Social Housing) that takes an early intervention approach to supporting tenants through community outreach and case management by non-government partners. Participants receive up to 12 months wrap-around support, based on assessed need. Access is limited as the program operates in only three metropolitan and three regional locations. In 2023–24, this program delivered tenancy support to 687 tenants (of around 170,000 people living in DCJ managed housing).

The regulatory system sets clear expectations that community housing providers assist tenants to access support services to sustain their tenancy

Community housing providers have clearer expectations that they facilitate access to support for tenants. Different expectations on tenancy sustainment between DCJ and community housing providers may lead to inequitable levels of service and outcomes for tenants. Generally, tenants do not have a choice of housing provider as this is driven by location rather than tenant preference.

As a condition of registration, community housing providers are required to ‘facilitate access to support for social housing applicants and tenants with complex needs’. The NSW Registrar of Community Housing requires community housing providers to report annually on the number of supported tenancies (where a household member has a support plan or other specific assistance to help sustain the tenancy). Providers also submit partnership agreements with support agencies.

In addition to the registration requirements, the nine community housing providers who received properties under the Social Housing Management Transfer program are required to deliver ‘tenant support coordination services’. Participating community housing providers report back to DCJ on tenant support coordination services, but DCJ does not actively monitor the assessment of support needs, access to support or satisfaction with support services.

DCJ also requires the seven community housing providers participating in the Social and Affordable Housing Fund to record details of referrals to support services. DCJ provides specific funding for tenant support coordination services under this program. Community housing providers report on the number of support plans re-assessments and tenant satisfaction with support services. Surveying tenants about their satisfaction helps assess the quality of support.

High workloads in DCJ lead to reactive approaches to coordinating tenancy support that miss opportunities to proactively address emerging issues

Staff in DCJ districts we visited reported that high workloads affect the time they can spend visiting tenants and arranging referrals to support services. The main factor contributing to high workloads is the size of tenancy portfolios. In 2024, around 38% of DCJ tenancy officers had portfolios of more than 350 households, while 31% had portfolios of between 251 and 350 households. Managers have limited capacity to supervise and support their teams with complex cases, due to the high portfolio sizes.

Regular tenancy visits are important to identify emerging issues for tenants and make referrals where necessary. DCJ has a target of visiting 65% of tenants at least once per year. This means a substantial number of tenants are not visited at least annually. At June 2024:

  • around 30% of tenants had not been visited in the past 12 months
  • around 1.5% of tenants had not been visited in the past three years (1,421 households).

When DCJ tenancy officers do not have the capacity to regularly visit tenants, this leads staff to only contact tenants when there is an issue. For example, when a tenant is in arrears and/or there are complaints from neighbours about anti-social behaviour or property upkeep. DCJ has operational policies for staff to refer tenants to support services following a breach of their tenancy agreement. Reactive approaches to referrals to support services are less effective because of limited availability and long wait times to access support.

Community housing providers we audited reported prioritising regular visits to tenants (between one and four times per year depending on needs). This provides greater opportunity to identify issues with the tenancy and make timely referrals to support services.

Tenants have unequal access to the expertise of senior specialist staff, which depends on the location of tenants

The capabilities of staff required to manage a portfolio of tenants has increased as social housing has been progressively targeted to households with greatest needs. Senior specialist staff have more experience in managing and sustaining complex tenancies, including by working in partnership with the broader support service system. Tenant access to senior staff that specialise in assessing support needs and making referrals to support services depends on the location in which they are housed. There are no standard expectations of how this service should be provided and it is not monitored centrally.

DCJ completed a review of Senior Client Service Officer roles in February 2025. There are Aboriginal and non-Aboriginal Senior Client Service Officers roles that can support tenancy staff with referrals to external services. The review found variability in how the role is performed across locations. This stemmed from unclear role expectations, varying workloads, mixed skills and competencies, and inconsistent reporting. The review recommended actions to improve the effectiveness of these roles.

Community housing providers have similar roles and, like in DCJ, there is also variability in approaches between providers (Table 9 outlines one approach).

Table 9: Link Wentworth – Sustainable Tenancies Team

Dedicated team for managing referrals to support services for complex clients

Link Wentworth’s Sustainable Tenancies Team supports social housing tenants, who may be dealing with a range of personal, social, health or financial issues, to maintain their tenancy and improve their wellbeing.

The Sustainable Tenancies Team work in a case coordination role, providing linkages and referrals for tenants who are at risk of eviction or needing health and wellbeing support. Staff in the team have experiences across a range of areas including mental health, domestic violence, drug and alcohol, child protection, hoarding and squalor, disability, and aged care.

Link Wentworth tenancy managers make referrals to the Sustainable Tenancies Team when they identify the need for assistance. The Sustainable Tenancies Team use a Vulnerability Assessment Tool to assess and triage referrals. This allows the team to take a holistic view of the support needs of the tenant and assess the risk to their tenancy.

In 2023–24, the Sustainable Tenancies Team supported 506 tenants or other household members. Of these, 41% were considered high complexity and 39% medium complexity. The most common reasons for referral were mental health (33%), property care (27%) and rent arrears (27%).

Source: Adapted from information provided by Link Wentworth.

Community housing providers have a range of programs that support tenancy sustainment

Alongside targeted referrals to support agencies, community housing providers offer a range of programs and initiatives aimed at delivering positive outcomes for tenants and helping them retain their tenancies. These are done in partnership with service providers, local councils and government agencies. As not-for-profit organisations, community housing providers can access a range of government and philanthropic assistance to fund certain programs. The opportunity for additional funding to address tenant needs is limited by high demand for services and limited availability.

Some examples of programs provided by community housing providers include:

  • social programs to prevent isolation and help build connections with community
  • service coordination programs that assist tenants to access and engage with service providers
  • programs to assist tenants to manage their finances, including programs that help tenants access no-interest or low-cost loans, financial counselling, and budgeting support
  • employment support programs to develop job-readiness skills
  • education scholarships for students to help cover education and training expenses
  • energy efficiency initiatives to support tenants with energy costs.

Home in Place has a Community Participation Unit to coordinate tenant support services across the organisation. The approach intends to balance activities that support tenants individually with more tenant engagement and community development-based activities (Table 10).

Table 10: Home in Place – Community Participation Unit

Dedicated team for community participation activities

Home in Place’s Community Participation Unit delivers a range of support and engagement initiatives that aim to foster greater financial health, social participation and improved wellbeing amongst their tenants.

In 2023–24, Home in Place held 140 events with 2,700 tenants attending. These events included resident forums, barbecues, morning teas and training programs.

Home in Place has established community hubs in the Central Coast and Broken Hill that provide a range of outreach services and a regular program of events to the local community. The hubs offer a central location for external agencies to deliver a range of services. The hubs also house Home in Place’s social enterprises, ‘The Pantry’ and ‘The Shack Shop’, which provide free and low-cost food and groceries, helping to alleviate cost of living pressures.

Home in Place also provides scholarships and mentoring though their Grow a Star program that helps young people from disadvantaged backgrounds overcome the financial or generational obstacles that prevent them from following their academic, sporting or artistic ambitions.

Source: Adapted from information provided by Home in Place.

DCJ also provides a small range of community development programs and additional programs such as education scholarships for social housing residents.

Around 7,000 tenants of DCJ are in arrears, which places their tenancy at risk

Rental arrears are a risk to tenancy failure and indicate that households may be experiencing underlying issues and need greater support. At June 2024, 7.3% of DCJ managed social housing tenancies were in arrears (around 6,990 households). Of these, around 2,370 households were two or more weeks in arrears. The total amount of arrears was around $3,384,000. This is an average of $35 per household across all households or $484 per household for households in arrears. There is significant variation in the proportion of households in arrears and the average arrears across locations (Figure 14). This could be due to a combination of household characteristics and different locational approaches to managing arrears.

Managing arrears accounts for a substantial amount of staff time. A workload analysis of DCJ housing operations staff conducted in late 2023 reported that managing arrears accounted for 18.1% of tenancy staff time. This was more time than undertaking routine client service visits (16.7% of tenancy staff time) or managing complex tenancy issues (14.2% of tenancy staff time). The estimated annual staff costs of managing arrears were around $11.7 million in 2023.

Appendix 1 – Response from entities

Appendix 2 – About the audit

Appendix 3 – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #410 - released 24 June 2025

 

 

Published

Actions for The mental health and wellbeing of NSW police

The mental health and wellbeing of NSW police

Justice
Communities
Financial sustainability
Internal controls and governance
Management and administration
Risk
Service delivery
Workforce and capability

About this report

This report examined whether the NSW Police Force has been efficient and effective in managing and supporting the psychological wellbeing of the police workforce.

Findings

In 2023, the NSW Police Force funded a range of additional wellbeing initiatives to support police. In 2024, a standalone command was established to deliver these initiatives and manage the health and wellbeing of the workforce.

Over the five years from July 2019 to June 2024, the NSW Police Force had increasing numbers of psychological injury claims, escalating compensation costs, and increasing psychological injury medical exits. Since October 2024, there has been a reduction in the number of psychological injury notifications.

The NSW Police Force monitors and reports on psychological injuries to the workforce, but does not monitor, analyse or report on the root causes of these injuries. As a result, the NSW Police Force is not efficiently or effectively preventing future psychological injuries to the police workforce. Work is currently in progress to improve psychological risk reporting.

NSW Police Force wellbeing initiatives provide counselling and support for police after traumatic incidents. The initiatives do not address other psychological risk factors such as fatigue, role overload, or burnout.

Some police commands have higher workload volumes than others, and the NSW Police Force does not have a staffing allocation model to distribute police to locations under the greatest workload pressure.

In the five years from 2020 to 2025, the NSW Police Force invested $34 million on proactive wellbeing services for police, and an additional $60 million on the administrative costs of running the Health Safety and Wellbeing Command.

The cost of compensation for police psychological injuries amounted to approximately $1.75 billion from July 2019 to June 2024.

Recommendations

The NSW Police Force should, by July 2026:

  1. develop and implement a workforce allocation model that matches police numbers to command-level workload demands and changing workload levels
  2. fully implement the health and safety incident notification system and regularly report on the causal factors that lead to psychological incidents and injury claims
  3. investigate and report on the factors that contribute to police role overload and burnout, and adjust policy settings, practices and controls accordingly
  4. implement a strategy, process, and evaluation framework, that links police wellbeing initiatives and resources to evidence-based psychological risk factors.

A significant proportion of police report poor wellbeing in the People Matter Employee Survey, but managers do not have detailed information about workforce-wide stressors and risks

In 2024, 44% of police respondents to the People Matter Employee Survey reported unfavourable levels of wellbeing. The self-reported poor wellbeing of police included a reduced ability to function well in the role, and a lack of resources to manage wellbeing in the course of work duties. Other results from the People Matter Employee Survey show that the majority of police respondents do not believe they have support from managers to assist with wellbeing. While 44% of police reported low wellbeing in 2024, this is an improvement on 2023 levels, when 58% of police reported unfavourable wellbeing via the People Matter Employee Survey.

The People Matter Employee Survey is the only workforce-wide, self-reported source of information about police wellbeing risks. While the People Matter Employee Survey provides some insight into police wellbeing, it does not describe the nature, prevalence, or causes of psychological risk to employees. The NSW Police Force does not have an alternative means by which employees can report their psychological stressors, such as a workforce-wide survey.

The People Matter Employee Survey asks generalised questions about whether stress is manageable for the individual, whether employees are experiencing burnout, and whether employees are satisfied with the workplace practices that aim to manage wellbeing. In 2023 and 2024, more than 50% of police respondents recorded unfavourable responses to these three questions.

In the five years from 2019–2020 to 2023–2024, the NSW Police Force recorded an average of 1,100 psychological injury claims each year. Over this timeframe, the cost of psychological workers compensation claims accounted for 74% of total workers compensation claims costs, with physical injuries accounting for 26% of all costs. The psychological injury numbers recorded each year grew from 790 in 2019-2020 to just over 1,200 in 2023-2024.

In 2020, the NSW Police Force conducted a one-off, point-in-time survey, the ‘Mental Wellbeing Climate Survey’. It asked police about their experience and knowledge of existing wellbeing services. However, this survey did not ask police employees about their workplace stressors, or about their views on the nature or cause of psychological risks and injuries.

The NSW Police Force is in the early stages of meeting its obligation to understand workforce psychosocial risks, but needs to do more to understand risks associated with job demands

The NSW Police Force management reporting on psychological health and safety risks has not been sufficiently detailed to assist decision-makers to identify, address, and potentially mitigate risks to the workforce. Police management reports do not contain meaningful data on the causes of psychological injuries in the workforce.

While psychological injury rates were rising across the NSW police workforce, police management reports have lacked information about psychological injury types, or the causes of these injuries. For example, the most common psychological injury type was listed as ‘other mental stress factors’. The second most common psychological risk factor was described as ‘exposure to workplace or occupational violence’, and the third was ‘work pressure’. While these categories are set by Safe Work Australia, they are not sufficiently detailed for the NSW Police Force to understand its workforce risks.

The ten psychological injury categories are listed in order of their prevalence amongst the NSW police workforce are as follows:

  • other mental stress factors
  • exposure to workplace or occupational violence
  • work pressure
  • work related harassment and/or workplace bullying
  • exposure to a traumatic event
  • suicide or attempted suicide
  • other and multiple mechanisms of incident
  • mental stress related to Novel Coronavirus (COVID-19)
  • being assaulted by a person or persons
  • other harassment.

From 2019 to 2024, the NSW Police Force had limited identifiers about the nature or causes of these ten risk categories, and no indication of the causes of psychological injury claims. This meant that the NSW Police Force lacked evidence on which to base its control measures, or to manage hazards.

Some of the data in health and safety reports is combined, so it is not possible to distinguish between physical or psychological injury types. For example, reports on the 1,307 injured workers who were unfit for work in June 2024, do not show differentiated data between psychological or physical injuries. Managers cannot see the proportion of 403 police who were deployed to other ‘suitable’ duties in June 2024, by those recovering from psychological injuries, compared to those with physical injuries. This means that managers lack evidence to plan rehabilitation services based on the level of requirement for different service types.

Reports show the impacts of injury on police over time, and the workforce attrition rates that are due to injury. While this data indicates overall impacts of police injury on workforce functioning, data does not show psychological and physical medical exits. In addition, reports do not show psychological medical exits by location or command. Specific data on injury type by location, may point to problem areas in different segments or locations of the workforce.

As an employer, the NSW Police Force has obligations to its employees under the Work, Health and Safety Act 2011 (NSW)

The Work, Health and Safety Act 2011 (NSW) (the Act) requires that employers identify health and safety risks and take reasonable steps to minimise both physical and psychosocial risks. Under Section 27(5) of the Act, ‘reasonable steps’ means that employers must ‘ensure … appropriate processes for receiving and considering information regarding incidents, hazards and risks and responding in a timely way to that information’.

NSW Police Force management reports on health and safety incidents show the number of incidents with psychological risk factors present. While these reports allow managers to track psychological injuries over time, information is not sufficiently detailed to indicate the causes of these injuries. Risks are not fully understood at the workforce-wide level, and so resources cannot be targeted to identified problems.

The NSW Police Force is also able to source information about workforce psychological hazards from individual risk reports made by police employees. The majority of these reports describe potential hazards to the physical safety of police, and in rare instances, psychological risks are reported to peer representatives. Reports are escalated to senior managers and provide some corporate insight into psychological health and safety risks.

Safe Work Australia has identified some of the contributing factors to workforce psychological risks. These include high job demands, excessive workloads, exposure to traumatic incidents or content, and long working hours without enough breaks. Excessive job demands become a psychosocial hazard when workload levels are unmanageable for prolonged periods. Other psychological risk factors include jobs with ‘high emotional demands’. The features of ‘high emotional demands’ have strong correlations with police work. They are:

  • exposure to aggression, violence, harassment or bullying
  • supporting people in distress (for example, giving bad news), or
  • displaying false emotions (for example, being friendly to difficult customers).

The NSW Police Force is implementing a new incident notification system that aims to improve incident investigation reporting on psychosocial risks and hazards

At the time of this audit’s publication in June 2025, the NSW Police Force is implementing a new incident notification reporting system. This system will provide a greater level of detail about the types and causes of psychological incidents, hazards and near misses. In addition, the new system has built-in welfare response notifications that are matched to the workplace incident.

In October 2022, amendments were made to NSW Work Health and Safety Regulations. These obligations imposed a higher standard for monitoring workforce psychosocial risks. They now require that employers introduce a range of control measures to mitigate psychosocial risks and hazards and to ‘eliminate psychosocial risks so far as is reasonably practicable’. The control measures are described in Section 55D (2) of the Regulations and include consideration of:

a) the design of work, including job demands and tasks, and

b) the systems of work, including how work is managed, organised and supported.

 

The NSW Police Force’s new incident notification reporting system has potential to improve the level of information about psychosocial risks and hazards, including information that shows the investigation stages and outcomes, and indicates the root causes of incidents and near misses.

At the time of this audit, NSW police employees are able to report their wellbeing concerns to line managers, but a number of frontline police advised that this course of action can be ‘career limiting’. Police employees are also able to speak with peer-appointed, work, health and safety officers. Work health and safety representatives have meetings with local police in their command on a monthly or quarterly basis, depending on the size of the command. During these meetings, work, health and safety officers record staff issues relating to trauma, psychological risks, and other wellbeing matters. The minutes from these meetings are escalated to senior human resource managers.

Frontline police are able to report individual health, safety and wellbeing concerns through an online ‘safe reporting’ portal. This online option is used to report local risks along with colleague misconduct concerns. However, this feedback portal was not well known by police interviewed for this audit. Those police that knew about the portal option, were concerned that feedback would not be anonymous, and could be traced back to individuals.

The NSW Police Force does not utilise information collected from critical incident reports to identify common psychological hazards that may contribute to these events

Police management reports do not include aggregated data about the factors that were evident in the lead up to critical incidents. Individual incident reports may include information about whether fatigue, stress, or excessive haste were evident when the incident occurred. Reporting on these factors in the aggregate, may reveal to managers, some potential risks, and the root causes of critical incidents.

The NSW Police Force correlates some command-level data about police accidents, work, health and safety incidents, but does not report on the factors that contributed to the psychological injury incident. This information should be visible to central managers and decision-makers who have the authority to direct resources to the areas where risks are identified. For example, managers need information to understand whether segments of the workforce are operating under workload pressures. These pressures can be indicated through workplace accidents and incidents.

In the five years from 2019–2020 to 2023–2024, NSW police officers were involved in 171 critical incidents. Critical incidents are incidents that result in deaths or serious injuries to the public and, or police. Critical incidents are those which occur as a result of police vehicle pursuits and collisions, or the discharge of police firearms. Police managers do not receive reports that might indicate common factors in these incidents – factors that may provide insight into workforce wellbeing and optimal functioning.

Police critical incident notification forms include fields for police to record the time in the shift when an incident occurred. However, police managers have not used this information to observe trends and patterns of incident times and risks. It means, for example, that police managers did not know if factors such as fatigue played a part in police critical incidents.

There is potential for the NSW Police Force to do more to understand the stressors on the workforce. Other employers have developed mechanisms to monitor risks. For example, health providers and hospital managers review and analyse clinical incident trend data. They use this information to identify system-level harms that indicate emerging risks to the workforce and the public, and take action at an organisational level.

Safe Work Australia identifies strategies to understand psychosocial pressures on the workforce. These include monitoring and observing workforce mistakes, as potential indicators of areas where job demands are too high. In addition, Safe Work Australia recommends workforce-wide consultation processes, including the use of surveys and tools to seek the views of workers on a wide range of psychosocial risks.

Ultimately, the NSW Police Force lacks systems to understand and report on structural risks to the workforce. This level of information would allow managers to review policies if necessary, and target resources to mitigate these risks.

 

The NSW Police Force does not use a workforce allocation model to distribute its workforce according to workload burden

Workload stress is a significant factor in police wellbeing. The frontline police who were interviewed for this audit, were consistent in the view that unmanageable workload pressures have the greatest impact on their wellbeing. 'Work pressure' is the third most common source of psychological injury cited in police injury notification data. While police managers have information about the police workload pressures across commands, they do not use a workforce allocation model to allocate workforce resources in a way that effectively mitigates this risk. In general, police managers measure workload pressures by assessing the number of calls that local police are unable to attend within the hour across the 57 NSW local area commands.

The NSW Police Force lacks a formula to allocate and distribute its police workforce across commands. The location of police across the State has been largely determined by historical factors, such as the location of an existing workforce. Staffing levels are also determined by political decisions. Some staffing allocations are made via election commitments to place additional police in certain regions, without an analysis of workforce requirements.

The NSW Police Force has been operating with significant workforce shortages since 2023. Workforce vacancy rates differ across commands. Some police area commands and districts are operating with workforce vacancies of more than 30%. Others have lower workforce vacancy rates at 11%. While workforce vacancies are not always a true indicator of workload burden, the data can show commands under changing workforce pressures. The ability of a command to meet its call-out volumes provides a clearer assessment of workload demand. That said, the NSW Police Force has not done any analysis of its authorised workforce strength by command over the past eight years.

Each year, police managers can make minimal changes to the distribution of police across the State. This is almost exclusively through the placement of newly graduated police. The process for placing new probationary constables is determined via annual meetings with Deputy Police Commissioners and region-level commanders. During this process, police workload levels and vacancy rates are assessed, and region-level bids are made for new graduates based on regional needs.

The NSW Police Force does not use a staffing allocation model to distribute its personnel based on an assessment of the workloads of each command. While police managers have access to data that shows the areas experiencing the highest workload across the 57 NSW local area commands, they are limited in their ability to change the workforce levels across the State.

In instances where there are significant increases in crime or call-out rates, the NSW Police Force is able to temporarily deploy additional police as part of a surge capability. These deployments seek to surge police in crime hotspots. However, they are a temporary measure and do not solve entrenched under-resourcing of some commands.

Senior police managers advise that they are limited in their ability to transfer police positions, or to increase the overall workforce headcount to respond to workload demands. While Deputy Commissioners and region-level commanders can monitor police workloads, they lack a staffing allocation model that would allow them to transfer police to commands under the highest levels of workload pressure.

The NSW Police Force does not assess or compare the effects of police taking up a second job to determine whether secondary employment impacts on police fatigue, stress or performance

Over the past five years, around 1,650 NSW Police Force employees were engaged in secondary employment annually. Central managers and policy makers do not receive data or reports that would allow them to monitor and compare levels of secondary employment across commands, and its impacts on police performance.

Police managers do not receive data that correlates secondary employment levels with sick leave data or adverse incident data, for example. While police managers advise that secondary employment is monitored at the local command level, there is no capability to assess impacts centrally, and make policy adjustments if data shows impacts on workforce wellbeing or functioning.

Given that the NSW Police Force has not collected or analysed system-level, psychological risk factor information, managers are unable to inform the design of police wellbeing programs based on evidence of workforce needs.

NSW frontline police work some of the longest shifts in the country and the NSW Police Force has not sufficiently assessed the risks or impacts of this shift cycle on performance and fatigue

Frontline police complete four 12-hour shifts that are condensed into a four-day timeframe, followed by six days off. In general, frontline police complete two day-shifts followed by two night-shifts, that are completed consecutively. Police are required to have a ten-hour break in between shifts, but unplanned overtime and travel to and from the workplace and home, can reduce the time available for rest and recovery.

The NSW Police Force has a 'flexible work arrangements manual' with principles that allow for flexible rostering of shift lengths between six and 12 hours throughout the day and overnight. In practice, however, rostering patterns show that 96% of general duties police undertake shift lengths of 12 hours. Most other police jurisdictions in Australia, with the exception of the Northern Territory, implement shift lengths that vary between eight and ten hours.

The NSW Police Force does not analyse its incident notification reports to assess whether there are any trends in the times when adverse incidents occur. The NSW Police Force is not able to identify correlations between the length of shifts and incidents, or the patterns of shifts and adverse incidents. As a result, police managers do not know whether the current shift arrangements for frontline police are a contributing factor to fatigue and stress. They do not have trend data to show if fatigue is leading to increases in accidents, incidents and performance matters.

The NSW Police Force’s work readiness framework advises that a 'review of workplace incident data' is a method that can be used to identify factors contributing to fatigue. Aggregated data about the ‘time in shift’ when incidents occur, would assist managers to understand whether shift patterns have inherent safety risks.

The NSW Police Force does not have sufficient controls and tools to regulate the number of hours worked by police, and potentially mitigate police fatigue levels

The NSW Police Force currently manages fatigue through a work readiness framework that includes policies, guidelines and tools, that are designed to assist managers and employees to develop and implement work readiness management plans and strategies. Police commanders are not mandated to implement these guidelines and tools, and there is no register of police working hours or work readiness.

The framework does not address the ways in which the fatigue assessment tools will be used and monitored across local commands. The NSW Police Force does not have a process to ensure the implementation of tools and control measures. In addition, the fatigue assessment tools lack clarity or guidance on rest and stop-work directives. Some employers of emergency service workers and first responders are able to proactively monitor fatigue. For example, NSW Ambulance has an automated fatigue management calculator that allows managers to view the hours worked by employees in real time, in order to manage risks.

The NSW Police Force work readiness framework contains guidelines that can be used to mitigate some of the contributing factors to fatigue. Guidelines advise police managers to conduct 'consultation with workers'. However, there is limited evidence that the NSW Police Force has consulted with, or sought feedback from the workforce on fatigue risks. There is no evidence that police employees have been surveyed about the effects of shift hours on the available time for sleep, or on work readiness.

In October 2023, the NSW Police Force developed a risk control ‘ready reckoner’ which includes ‘fatigue’ as a risk factor in police work. This risk control system is still in draft form and has yet to be implemented. The register identifies potential controls that can be used to manage fatigue, but it does not assign owners or business areas as responsible for the controls and risks. The impact of the ready reckoner is not yet known, nor has there been any monitoring of its uptake to date.

SafeWork NSW has identified fatigue as a potential workforce health and safety hazard for employees across all industries. Fatigue has both physical and psychological impacts. According to the regulator, each employer has responsibility to identify and manage fatigue risks to employees. In recent decades, numerous supreme court decisions have found employers liable for breaching their duty of care in failing to take reasonable steps to minimise the risks of fatigue to their workers.

SafeWork NSW recommends that employers develop a fatigue policy in consultation with their employees. The policy should define clear roles and responsibilities for employers that include the management of excessive working hours, workplace assessments of fatigued workers to gauge fitness for work, and procedures for reporting hazards and managing risks.

 

Complaints and legal claims relating to alleged police misconduct are costly to the State

Frontline police are more likely to be recipients of public complaints than other police as they have more interaction with the public during events such as domestic violence incidents, assaults, neighbourhood disputes, mental health incidents, and other crime responses. Specialist police such as detectives and forensic experts have less interaction with the public and therefore receive fewer public complaints.

Frontline police told audit staff that complaints against them have significant impacts on their wellbeing. These negative impacts are compounded by the fact that police are not told about the nature of the complaint against them or the name of the complainant. For many police, this process seems unjust as in some instances, they have no information about what they have done to receive the complaint, and no recourse to defend their case.

Public complaints about police are handled differently across the six police regions. In one region, the region commander has determined that police will not be informed about complaints that are shown to be vexatious and declined. This is to ensure that morale is not affected. In another region, all complaints are reported to police, even if they are declined. Some police argue that declined complaints should not be recorded on their files, as is the current practice. They advise that complaints can have an adverse impact on their promotion eligibility, even when the complaints are vexatious.

Police told us that there was an inadequate level of wellbeing support available for officers who were subject to complaints or investigations. Complaint and investigation policies and procedures make mention of the availability of Employee Assistance Program services, but this is the only external support. According to the policy, local commanders are responsible for monitoring the welfare of complaint recipients and all other people involved. Procedure documents do not include any requirement for commanders to refer police to wellbeing support services.

During the five years from 2019–2020 to 2024–2025, a total of 2,124 legal claims were made against NSW police employees for misconduct matters. The NSW Police Force paid $155.44 million to settle these claims over the five-year period. Despite the significant cost of these claims, the NSW Police Force does not report basic information about these legal matters. The NSW Police Force does not report on the number of claims that were settled via payments to claimants, the number of claims that proceeded to Court, or the claims that were successfully defended in Court.

Since 2019–2020, there have been increases in psychological injury claim numbers and costs across the NSW public sector, for police these costs have risen by almost 50% year on year

Despite increases in mental health services and psychological support for police, the costs of psychological injuries have been increasing year on year. While compensation claims for physical injuries occur at more than twice the rate of psychological injury claims, the costs associated with psychological injury claims are higher than for physical injuries. Compensation costs to psychologically injured police totalled approximately $1.75 billion from 2019–2020 to 2023–2024. The NSW Police Force is not alone in experiencing increases in psychological injuries and costs, higher claim numbers and costs are also evident in other NSW government agencies.

Police compensation costs were covered by two different insurance schemes during the five years from 2019–2020 to 2023–2024. The icare workers compensation insurance scheme covered costs of $927.84 million, and the Police Blue Ribbon Insurance Scheme covered $817.29 million in costs. The Police Blue Ribbon Insurance Scheme was managed by a private insurer.

From 2019–2020 to 2023–2024, NSW police employees made approximately 3,080 compensation claims for physical injuries each year, compared to a yearly average of 1,100 claims for psychological injuries. Over this timeframe, psychological claims accounted for 74% of the total compensation claims costs, with physical injuries accounting for 26% of costs.

Exhibit 6 shows the number of physical and psychological compensation claims numbers each year, and the claim costs for the different injury types by year.

Appendix 1 – Response from entity

Appendix 2 – About the audit

Appendix 3 – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #408 - released 11 June 2025

Published

Actions for Universities 2024

Universities 2024

Universities
Artificial intelligence
Financial sustainability
Compliance
Cyber security
Financial reporting
Information technology
Internal controls and governance
Risk
Service delivery

About this report

Financial audit results of the NSW public universities’ financial statements for the year ended 31 December 2024.

Findings

Unmodified audit opinions were issued for all ten universities.

Six universities reported net deficits in 2024, compared to eight in 2023. Nine universities’ net results improved from 2023.

The main driver of revenue growth in 2024 was a 25.5% increase in fees and charges revenue from overseas students, due to increased enrolments of 18.9%. Revenue from domestic students increased by 12%, however, enrolment numbers remain below 2020 levels.

In 2024, revenue growth of 14.9% exceeded the 9.4% growth rate of expenses. However, universities are still recovering from the shortfalls experienced in 2022 and 2023 following financial disruptions caused by the COVID-19 pandemic.

Half of the universities show indicators of financial risk in the form of liquidity ratios of less than one and having less than three months of cash reserves to fund operating and financing activities.

The number of reported audit findings has decreased from 111 in 2023 to 98 this year. Most control deficiencies related to information technology /cyber security, governance, and payroll.

Universities are not consistently following their own procedures for recording cyber incidents, data breaches and privacy breaches.

Data breaches that required mandatory notification resulted in unauthorised access and disclosure of personal information, and mainly caused by phishing attacks and human error.

Recommendations

Universities should:

  • finalise mitigating actions to address the risk of future wage underpayments and prioritise repayments to affected staff
  • adequately prepare themselves to comply with the climate disclosure requirements under NSW Treasury’s reporting framework
  • clearly document the requirements for business cases and post-completion reviews for capital projects
  • comply with established processes when recording cyber security incidents and data breaches
  • require staff to complete cyber security training regularly, include simulated phishing attacks and provide students with basic cyber security training
  • create a central artificial intelligence (AI) inventory, establish and implement an AI policy and consider the benefits of establishing an AI strategy.

Financial reporting is an important element of good governance. Confidence in, and transparency of, university sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines the 2024 financial reporting audit results of NSW universities.

Chapter highlights

  • The 2024 financial statements of all ten universities received unmodified audit opinions.
  • 1 university-controlled entity received a qualified opinion due to a limitation of scope relating to a lack of supporting evidence for certain balances.
  • Provisions for wage remediation continue across most NSW universities, however, they decreased by 10.5% to $164 million at 31 December 2024.
  • Universities’ self-assessments on climate reporting readiness indicate that they are preparing for upcoming disclosure requirements.

Financial performance is a measure of an organisation’s ability to use its resources to generate revenue and manage expenses while maintaining appropriate levels of net assets and cash flows.

Financial performance also encompasses financial sustainability, which is the ability to meet current and future financial obligations without reducing essential services or borrowing money to fund successive operational deficits. This is achieved by ensuring that over the medium and longer term, revenue is sufficient to cover expenses, cash flow and risks are well managed, long-term financial planning is effective and sources of revenue are diverse.

This chapter presents our observations on the financial performance of universities in 2024.

Governance is the framework of rules, processes and systems that enable organisations to achieve goals and comply with legal requirements. Good governance promotes public confidence in the integrity and effectiveness of universities’ systems and operations. A strong system of internal controls enables universities to operate effectively and efficiently, produce reliable financial reports, comply with laws and regulations, and support ethical and transparent decision-making.

This chapter outlines our findings on internal controls and governance across the ten NSW universities.

Financial audits focus on the key internal controls and governance that support the preparation of financial statements. Breakdowns and weaknesses in internal controls can increase the risk of fraud and error. Our management letters report deficiencies in internal controls, matters of governance interest and unresolved issues to those charged with governance. These letters also include risk ratings, implications, recommendations and management responses.

Chapter highlights

  • The number of reported audit findings has decreased by 12%.
  • Information technology (IT) / cyber security, governance and payroll findings account for 62% of audit findings, and these areas require improvement.
  • 7 universities had deficiencies in controls over user access management for key systems, including controls over privileged user accounts.
  • 6 universities need to improve revenue-processing practices, including processes for recognising revenue in accordance with Australian Accounting Standards (AAS).
  • Key governance, financial or IT policies and procedures were outdated or not in place at six universities.

Universities’ primary objectives are teaching and research. They invest most of their resources to achieve quality outcomes in academia and student experience. Universities have committed to achieving certain government targets and compete to advance their reputation and standing in international and Australian rankings.

This chapter outlines enrolments and teaching outcomes for NSW universities in 2024.

Chapter highlights

  • For the first time, 2024 enrolments exceeded 2019 enrolments; this was mainly driven by an increase in overseas student numbers.
  • Enrolments of students from low socio-economic status (SES) backgrounds remained steady at 15.8% of domestic undergraduate students.
  • The proportion of Aboriginal students as a percentage of domestic students increased to 2.5%, despite a small decrease in the actual number of enrolments.
  • The student-to-academic staff ratio increased for eight universities in 2024.

This chapter focuses on the cyber security incident environment at universities, the reporting of incidents to regulators and how universities have responded to data breaches as a result of cyber security incidents. We also address how universities train their staff to identify and prevent cyber security incidents.

Chapter highlights

  • Recording of cyber security incidents and privacy breaches needs improvement so management understands the root causes of incidents and can better direct corrective action.
  • The data breaches subject to mandatory notification were related to unauthorised access and disclosure, and caused by phishing attacks and human error.
  • Universities’ cyber security training rates are low and the training excludes students.
  • Simulated phishing attacks are not used by three universities for training, despite phishing being the most prevalent cyber attack method.

The Australian Government identifies that artificial intelligence (AI) presents great opportunities for all levels of government to transform service delivery and enhance productivity and wellbeing. However, AI comes with risks that require active management.

This chapter offers an overview of AI adoption in universities and the current policies in place to oversee the use of AI.

While there is no one common definition of AI, the NSW Government’s ‘Artificial Intelligence Ethics Policy’ adopts the following definition:

intelligent technology, programs and the use of advanced computing algorithms that can augment decision-making by identifying meaningful patterns in data. 

The Australian and NSW Governments have established policies and principles for responsible and ethical use of AI. While NSW universities are not bound by these documents, they are considered best practice. This includes:

  • the Australian Government’s ‘Policy for the responsible use of AI in government’, ‘Australia’s AI Ethics Principles’ and ‘National framework for the assurance of artificial intelligence in government’
  • the NSW Government’s ‘Artificial Intelligence Ethics Policy’ and ‘NSW artificial intelligence assessment framework’.

Chapter highlights

  • 4 universities do not have a complete picture of which AI products have been implemented in their respective universities.
  • All universities can improve the information they centrally capture about their AI products by documenting information about purpose, intended use and limitations.
  • While many universities have AI policies, there is a need to more effectively integrate AI into universities’ governance frameworks to address the specific and unique risks posed by AI. This includes evaluating AI’s broader impacts on accountability structures, policies and procedures (such as information technology (IT), procurement, risk management), and monitoring and reporting systems.
  • 8 universities recognise AI’s strategic impact and list it as a strategic risk, but only four have a strategy for the use of AI or have embedded this into an existing strategy. More focus on the strategic use of AI could help maximise benefits from AI and ensure AI aligns with universities’ objectives.

Appendix 1 - Status of 2023 recommendations 

Appendix 2 - Universities' controlled entities

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Published

Actions for Governance of the National Agreement on Closing the Gap in NSW

Governance of the National Agreement on Closing the Gap in NSW

Premier and Cabinet
Whole of Government
Collaboration
Internal controls and governance
Project management
Workforce and capability

About this report

This audit assessed the effectiveness of the governance arrangements for the implementation of the 2020 National Agreement on Closing the Gap (the National Agreement) in NSW.

The stated objective of the National Agreement is to overcome entrenched inequality faced by Aboriginal and Torres Strait Islander people. It is an agreement between all Australian governments.

The implementation of the National Agreement in NSW is led by the Premier’s Department and the NSW Coalition of Aboriginal Peaks (NSW CAPO). NSW CAPO is a group of Aboriginal Community-Controlled Organisations that advocate for the rights and wellbeing of Aboriginal people in NSW.

Findings

The governance arrangements are not operating effectively.

Formal shared governance bodies have been established, but the governance structure does not provide clear accountability for the delivery of National Agreement initiatives or drive the behaviours needed to achieve the National Agreement’s stated outcomes.

The Premier’s Department and NSW CAPO agreed to work together to implement the National Agreement, but they have not formed a genuine partnership.

Recommendations

The report made four recommendations that aim to:

  1. increase the accountability of NSW Government agencies for implementing the Priority Reforms of the National Agreement
  2. ensure the Premier’s Department and NSW CAPO are working in genuine partnership
  3. improve the planning and oversight of the implementation of the National Agreement in NSW
  4. improve the transparency of NSW CAPO’s work conducted under the National Agreement.

Appendix 1 – Response from entities

Appendix 2 – Priority Reforms and socio-economic outcomes in the National Agreement

Appendix 3 – About the audit

Appendix 4 – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #407 released 29 May 2025.

 

Read more about the cover image for this report

Published

Actions for Government advertising 2023-24

Government advertising 2023-24

Health
Finance
Management and administration
Procurement
Project management

About this report

This audit examined whether activities relating to Cancer Institute NSW’s (the Cancer Institute) 2023–24 anti-tobacco and vaping control campaigns were carried out effectively, economically and efficiently, and in compliance with the Government Advertising Act 2011 (the Act), the Government Advertising Regulation 2018 (the Regulation), other laws, and the NSW Government Advertising Guidelines.

Findings

The Cancer Institute’s anti-tobacco and vaping control campaigns complied with the requirements of the Act, the Regulation and largely complied with the Advertising Guidelines.

The vaping control campaign’s evaluation indicates that the campaign was effective in reducing the uptake of vaping among young people in NSW.

The anti-tobacco campaign achieved positive results but did not meet two of its key outcome targets. However, these were set prior to a reduction in the campaign’s budget and so it is not clear whether the campaign was undertaken effectively.

The Cancer Institute ensured that the audiences for both campaigns were targeted through appropriate media channels and with inclusive messaging.

The Cancer Institute conducted a cost-benefit analysis for each campaign and demonstrated that the campaigns likely represented value for money.

Both campaigns were undertaken economically. The Cancer Institute directly negotiated with a provider to develop the creative materials for its vaping control campaign, but took steps to ensure that value for money was still achieved.

Smoking tobacco is the greatest preventable cause of cancer in NSW, causing one in eight cancer cases and one in five cancer deaths. Lung cancer remains a significant cause of death in Australia, with about 81% of lung cancer cases estimated to be caused by smoking. Smoking rates have declined over recent years, and in 2023, 10.8% of NSW adults were daily or occasional smokers. This proportion is significantly higher among Aboriginal people2 (29.7%) and people of lower socioeconomic status (18%).

The Cancer Institute runs annual anti-tobacco campaigns that aim to communicate and personalise the health risks of smoking and increase individuals’ sense of urgency around quitting. The 2023–24 anti-tobacco campaign ran from 2 April 2024 until 30 June 2024. It aimed to influence NSW smokers over the age of 18 that quitting is achievable and to use the available smoking cessation support services to successfully quit smoking.

The anti-tobacco campaign comprised two elements. The ‘16 Cancers’ element highlighted why people should quit smoking. The ‘Beat the Cravings’ element provided information on how to quit and aimed to give people the confidence to reach out to cessation services. The anti-tobacco campaign was delivered through a variety of channels, including television, radio, outdoor advertising, social media and print. It cost approximately $4.1 million.

The anti-tobacco campaign included two additional digital sub-campaigns:

  • ‘New Year, New You’ – which aimed to leverage New Year’s resolutions as an opportunity to quit smoking. The Cancer Institute had run this campaign during the four preceding financial years using the same creative assets. The campaign ran in December 2023 and January 2024.
  • ‘Quitting Smoking in Pregnancy’ – which was designed to motivate and support expectant mothers to quit smoking and reduce harm to both mother and baby. The campaign, which ran from 2 April 2024 until 30 June 2024, had been run in the previous financial year and re-used the same creative assets.

Vaping involves the inhalation of an aerosol vapour by way of an e-cigarette, which delivers nicotine and other chemicals to the lungs. This typically includes hundreds of toxins and chemicals with various health impacts, including those linked to cancer. In NSW, e-cigarette usage among 16–24-year-olds is the highest of any age group and more than twice the rate of the general population (19% in 2022–23 compared to 8.5% in the general population). This represents a seven-fold increase from 2018–19. It also creates the risk of a new generation becoming addicted to nicotine and increasing the uptake of tobacco smoking, thereby further increasing the risk of cancer.

The NSW Government previously delivered vaping control campaigns focused on awareness about the dangers of vaping in 2021–22 (managed by the Ministry of Health) and in 2022–23 (managed by the Cancer Institute). The 2023–24 campaign ran from 14 January 2024 to 22 June 2024. It aimed to effect behavioural change by encouraging young people aged 14–24 to remain vape-free or to quit vaping. The campaign was based on new creative assets ‘Every Vape is a Hit to Your Health’, which aimed to confirm the health harms of vapes, address the social norms around vaping, and upskill young people to reject or quit vaping. The vaping control campaign was delivered through a variety of channels, including social media, online video, audio streaming, outdoor advertising, search engine marketing and influencers. The cost of the 2023–24 vaping control campaign was approximately $2.9 million.

Appendix 1 – Response from entities

Appendix 2 – About the audit

Appendix 3 – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #406 released 27 May 2025.

 

Published

Actions for Emergency relief grants

Emergency relief grants

Industry
Planning
Compliance
Fraud
Internal controls and governance
Management and administration
Risk

About this report

The NSW and Commonwealth governments announced the Special Disaster Assistance (SDA) grant program to support primary production businesses affected by significant flood events in areas of NSW in August and September 2022.

This audit assessed whether the NSW Rural Assistance Authority (RAA) and the NSW Reconstruction Authority (Reconstruction Authority) implemented the SDA - storms and floods AGRN 1030 and AGRN 1034 program in line with the principles and mandatory requirements outlined in the Grants Administration Guide, and in line with the program guidelines.

This audit was conducted following a request from the Special Minister of State that the Auditor-General conduct a recurring performance audit of emergency relief grants under section 27B(3)(c) of the Government Sector Audit Act 1983.

Findings

The RAA and the Reconstruction Authority followed the program guidelines and met most of the requirements of the Grants Administration Guide in administering the program.

However, the RAA did not implement appropriate controls to mitigate the risk of fraud for applicants who received only the upfront payment of $25,000. It did not require evidence of how these funds would be spent, or validate claims of estimated damage, before distributing the payments. The total value of these payments was approximately $40 million.

The RAA conducted an effective process to determine each applicant’s eligibility for the program and implemented appropriate fraud controls for higher-value grants.

The Memorandum of Understanding between the RAA and the Reconstruction Authority has not been updated since 2015. Neither agency conducted a cost-benefit analysis to assess value for money or planned an evaluation of the program. There were also gaps in the way that the RAA managed program risks.

Recommendations

Both audited agencies should:

  • update the Memorandum of Understanding to better define responsibilities for grants administration.

The NSW Rural Assistance Authority should:

  • improve its risk management of grant programs by:
    • defining its risk tolerance
    • ensuring appropriate controls to reduce fraud risks are in place
  • ensure that conflict of interest declarations are collected from all assessment and claims staff
  • update its cost estimate model
  • develop additional performance measures for future grant programs.

The NSW Reconstruction Authority should:

  • complete the cost-benefit analysis and outcome evaluation for the program.

New South Wales experienced multiple rain events between February and November 2022, which resulted in flooding across the state. Owing to the significant impact of this flooding on primary producers, the NSW and Commonwealth governments announced a series of SDA grant programs to support primary production businesses.3

The purpose of the AGRN4 1030 (Southern and Central West NSW Floods from August 2022 onwards) and AGRN 1034 (NSW Flooding from 14 September 2022 onwards) SDA program was to provide a timely and proportionate response to minimise the impact these storm and flood events had on primary producers and allow them to return to normal operations as soon as possible. Applications for the SDA program opened on 18 November 2022 and closed on 30 June 2023.

Under the AGRN 1030 and 1034 SDA program, 28 LGAs were declared disaster-affected in Southern and Central West NSW in August 2022. A further 47 LGAs were declared disaster-affected across NSW in September 2022, including all 28 LGAs affected by the August event, bringing the total to 75 declared LGAs plus the Unincorporated Far West Area.

The agencies’ Memorandum of Understanding does not clearly set out responsibilities for key aspects of grant program development and evaluation

The GAG sets out expectations for how multiple agencies involved in grants administration should define responsibilities, including:

  • agencies should agree between themselves which agency is responsible for applicable mandatory requirements set out in the GAG during the planning and design phase of a grant program
  • mandatory requirements are recommended to be captured in a MoU, particularly if funds are transferred between the agencies for the purpose of delivering the grant.

The MoU between the Reconstruction Authority and the RAA was last updated in 2015 and does not clearly set out responsibilities for some of the mandatory requirements of the GAG.

For example, the MoU does not specify which agency was responsible for the design of the program, including the responsibility for conducting a CBA during its development. A CBA was not conducted during the program’s development. This is discussed in more detail below. The MoU sets out some responsibilities relating to the evaluation of the program but it does not establish responsibility for determining whether the outcomes and benefits of the program were realised. Under the MoU:

  • the RAA is required to submit a Post Disaster Assessment Report which captures data on the number of applications, number of approvals and value of grants paid
  • the Reconstruction Authority is required to operate a compliance function to ensure that expenditure claimed against the DRFA complies with the NSW Disaster Assistance Guidelines and the MoU.

These evaluation mechanisms only relate to financial and probity oversight and do not include responsibilities for key aspects of evaluation, including determining if the program met intended outcomes and the impact of the program relative to its costs.

In addition, the MoU does not outline which agency was responsible for probity in program design, defining the risk tolerance for the program or for the management of program risks. Key risk management activities such as defining program risk tolerance and the ongoing monitoring of program risks were not conducted.

The RAA and the Reconstruction Authority are working together to draft an updated MoU. However, as at April 2025 the MoU had not been finalised.

The Rural Assistance Authority did not clearly define its risk tolerance for this program

The Reconstruction Authority identified key risks and defined its tolerance for strategic risks, such as those relating to the administration of the DRFA. The Reconstruction Authority did not define a risk tolerance that was relevant to this program, but it was not responsible for administering the program and so the RAA was best placed to identify a relevant program risk tolerance.

The RAA did not define its tolerance for key program risks, such as in a risk appetite statement. Although the GAG does not mandate the development of risk appetite statements for grant programs, the lack of a risk appetite statement meant that there was no guidance available for the RAA as the administering agency to inform risk-based decisions, including risks relating to balancing the risk of fraud with speed of assessment.

The program’s Assurance and Probity Plan assessed the program as having a low probity risk, but the RAA did not retain documentation to explain how this risk rating was determined. The RAA advised that the program was assessed as low-risk because:

  • it was open and non-competitive
  • it did not involve any discretionary decision-making or external involvement in decision-making
  • there was no comparative merit-based assessment against other applicants.

The RAA also advised that the program was considered low-risk because the agency had previously administered similar programs and therefore was aware of the inherent program, grantee and governance risks. As there was no risk appetite statement in place, this assessment was made without a formal framework that considered the RAA’s overall approach to risk.

A risk appetite statement may have informed key decision points in the program. For example, the RAA did not require evidence of how funds would be spent before distributing upfront payments. This increased the risk that fraudulent applications would be approved. Defining its risk tolerance for the program may have helped the RAA to manage this risk.

In addition, in October 2023, the RAA implemented a rule which stated that it would not validate proof of payment for reimbursements below $2,500, which it termed the ‘de minimis’ rule. The RAA considered the impact of this change on fraud risk. However, because it did not have a defined risk tolerance to assist with decision-making, the RAA did not have a framework to determine whether these risks were within the tolerance it was willing to accept.

The Department of Regional NSW (DRNSW) had a risk management framework in place at the time of the program; it defined a risk tolerance across all of DRNSW for various types of risk, including for entities like the RAA, which formed part of DRNSW at the time. It stated that the agency had a low-risk appetite for fraud and corruption. Although the RAA’s risk management plan aligns with DRNSW’s approach, there is no evidence that the RAA used DRNSW’s risk appetite statement to guide its decision-making in relation to risk-based decisions.

The Rural Assistance Authority identified risks for the program but it did not adequately monitor these risks

The RAA Risk Management Plan states that the program Steering Committee is responsible for overseeing and monitoring the program risk register throughout the program’s lifecycle. Although the Steering Committee monitored risks prior to the program launch, it did not meet after the program launched and there is no evidence that the program risk register or program risks were reviewed, discussed or monitored beyond this point. This lack of monitoring meant that the RAA did not have a comprehensive view of how changes in the program risk profile may have impacted program delivery. Risks were reported at each of the Steering Committee meetings that occurred before program launch, but these risks remained the same at each meeting even when those risks were no longer relevant. The Steering Committee’s minutes are not clear on whether the risks were discussed in detail or reassessed during these meetings.

The RAA created a risk register for the program, including designing controls for each of the identified risks and identifying actions to further reduce those risks. The program risk register was last updated in October 2022, with no evidence that this document was updated regularly after this date. This is despite changes in the program’s risk profile. For example, the risk register identified a risk related to the program being upgraded from DRFA category C to category D which would result in a more complex application process. This change in category occurred, impacting the program’s overall risk profile. However, there was no evidence that the program’s risk register was revised once the program changed to a category D program.

The RAA designed and implemented mitigating controls to reduce the likelihood or impact of identified risks. For example, to reduce the risk of fraudulent applications, the agency required financial assessments of all applicants to be conducted to ensure their eligibility for the program. The RAA undertook these financial assessments for each applicant. The RAA also included a declaration on the application form to provide a legal avenue to recover fraudulently acquired funds.

The RAA also identified a risk that program delivery would not be timely. To mitigate this risk, the RAA planned to monitor and report on processing and notification times for the program. As discussed below, the RAA regularly reported to the executive on program timelines, though there were long processing times for both assessments and grant claims.

The RAA’s enterprise risk management occurs through the agency-wide Assurance Working Group (AWG). This group is responsible for reviewing key business processes, high-risk areas and key risk controls that inform business improvement processes. The group only discusses broader, enterprise-wide risks relevant to the RAA’s agency-wide objectives, rather than program-specific risks. Although some of the risks that are reviewed by the AWG may be relevant to the management of the RAA’s programs, risks specific to each program are not discussed in the AWG. The AWG did not review or discuss the program’s risk register, demonstrating that it was not responsible for the program-level risks. The AWG monitoring alone was not sufficient to manage risks to the AGRN 1030 and 1034 program, as program-level risks were not monitored specifically.

The Rural Assistance Authority implemented appropriate fraud controls for higher-value grants, but not for applicants who only received the up-front payments

The GAG requires agencies to develop and implement fraud controls that are proportionate to the value and risk of the grant. RAA identified the risk of fraudulent applications being submitted to the program as high, due to the substantial value of the grants. However, the controls in place to mitigate the risk of fraud posed by people only claiming the upfront payment were not appropriate given the value of the grant.

Under the program guidelines, applicants were able to receive the upfront payment of up to $25,000 without providing proof of payment. The program guidelines stated that the payment would be provided on the basis of quotes or estimated costs. The RAA required applicants to provide an estimated value of damage and a description of the impact of the flood event(s). If applicants did not claim any further funding above the $25,000 threshold, they were not required to submit any further documentation to prove that the applicant planned to spend the upfront payment on eligible expenditure in compliance with the guidelines.

In addition to not requiring evidence of how the grant recipient planned to use their upfront payment, the RAA also did not collect proof that the payment had been spent on eligible items to confirm that it complied with the grant guidelines, unless an applicant was making subsequent claims for funding above the upfront payment. As it did not seek to validate the planned or actual use of the upfront payment, the RAA did not put in place appropriate controls to manage the risk of fraud among the upfront payments.

Of the 8,959 approved and disbursed applications to the program, 1,701 claimed $25,000 or less and were therefore only required to submit an estimate of their damage to receive the grant. This made up 19% of applications to the program, with a total value of approximately $40 million. Some of these applicants provided further evidence to support their claim, but this was not required. The provision of up-front grants is discussed further in the next chapter.

The RAA did require paid tax invoices to be provided prior to payment of claims above the upfront $25,000. For payments above this threshold, applicants were required to provide invoices and proof of payment for both the upfront payment and any amount over the $25,000. A payment officer checked this evidence for claims, and this work was verified by a program officer. This served as an appropriate control for the risk of fraudulent applications above the upfront payment threshold.

The RAA advised that it engaged with Service NSW and the RAA’s equivalent agencies in Queensland and Victoria to ensure applicants were not applying for payments under other grant programs that may have resulted in their ineligibility for the SDA program. Applicant details were cross-referenced with a list of applicants from these grant programs as part of the eligibility assessment process.

The RAA identified 32 out of 10,715 applications as potentially fraudulent. The value of these applications was $982,002, with only one of these grants being disbursed. The RAA is in the process of reclaiming the $25,000 payment from this applicant.7 The limitations of the fraud controls in place mean that the RAA is not able to determine if potential fraud rates within the program are higher.

The Rural Assistance Authority obtained internal probity advice for the program

The GAG requires officials to seek probity advice for complex, high-risk or high-value programs to support the design, application, assessment and decision-making phases of the program. The RAA identified this program as having a low probity risk and as such the GAG requirement did not apply. As noted above, the rationale for assessing the program as low-risk was not documented.

The program’s Assurance and Probity Plan outlined its assurance activities, along with the responsibilities for and frequency of these activities. The plan advised that due to the program being assessed as low-risk, an external probity advisor was not required. As such, the RAA sought internal probity advice, which was provided by staff from the governance team.

The Rural Assistance Authority did not effectively identify conflicts of interest

The GAG states that officials should ensure that any real or perceived conflicts of interest are effectively avoided, managed and disclosed. The RAA’s Fraud and Corruption Control Plan documents a series of controls and their owners, and outlines how the agency should identify and control potential fraud and corruption by its staff and third parties. The plan describes a series of controls to manage conflicts of interest, including developing conflict of interest registers for each program and training with common scenarios and guidance from senior staff. The RAA did not ensure that conflicts of interest for those administering and overseeing the program were identified and therefore effectively managed.

The Assurance and Probity Plan outlined a requirement for all Steering Committee members to make an active conflict of interest declaration for the program, including declaring if they did not have a conflict. Five of the 16 members of the Steering Committee did not make any declaration for the program, and four of these five members had not made an annual conflict of interest declaration.

In addition, 63 of the 88 officers involved in the assessment or payments processes for the program did not have a conflict of interest declaration recorded. Most of these officers were temporary staff employed specifically to process applications for the SDA programs. This was because the RAA’s onboarding documentation only required staff to identify if they had a conflict of interest. It did not require staff to assert that they did not have a conflict of interest, which is not in line with good conflict of interest management. All staff, including those engaged temporarily, are required to complete a training module on DRNSW’s code of ethics and conduct during onboarding and to complete it again annually as part of their refresher training.

The Assurance and Probity Plan stated that RAA policies and procedures relating to conflicts of interest are consistent with DRNSW conflict of interest policies. However, DRNSW did not have a specific conflict of interest policy in place when the program was being administered. In place of a specific policy, DRNSW’s Code of Ethics and Conduct contained a brief outline of the process for declaring conflicts of interest. The process outlined did not cover risk mitigation strategies for conflicts, review of disclosures or the process for handling breaches.

The Department of Primary Industries and Regional Development, which RAA is now a part of, implemented a specific conflict of interest policy in November 2024, along with an updated Code of Ethics and Conduct. The new policy requires staff who work in high-risk roles to submit an annual conflict of interest declaration. High-risk roles are defined in the policy to include those involved in administering or advising on grants or approvals. The RAA advised that it has adjusted its procedures to require all RAA staff to complete an annual conflict of interest declaration, in line with this policy.

The Rural Assistance Authority did not actively manage conflicts of interest for the program

The conflict of interest declarations made by RAA assessment and payment officers are held in a register managed by DRNSW. The Fraud and Corruption Control Plan advised that the RAA’s conflicts of interest would be managed by key RAA staff for the SDA programs. Due to DRNSW’s management of the conflict of interest register, the RAA could not readily access declared conflicts of interest without having to make a specific request to DRNSW. This limited the RAA’s oversight of conflicts of interest.

RAA advised that assessment and payment officers were able to see some details of each applicant prior to processing their applications so they could determine if they had a conflict of interest. If they identified that they had a conflict of interest, they would be deemed unable to complete the assessment or approval and another staff member would undertake it. If a staff member wished to apply for a grant under the program, the staff member had to declare the application through DRNSW’s declarations portal. The assessment and approval of this application had to be performed by an independent staff member.

The RAA was reliant on staff identifying conflicts and recusing themselves from processing applications and claims where required. There is no evidence that line managers actively monitored the processing of applications or claims to ensure staff were not processing applications or claims where there was a declared conflict of interest.

In addition, staff were required to recuse themselves from assessment or approval of grants for their relatives. This was an informal process managed by the officer’s line manager, and the RAA advised that these situations were recorded as a file note. The RAA did not monitor these cases at a program level. If it was perceived as a conflict, officers were required to formally submit a conflict of interest declaration for the register.

The program guidelines mostly aligned with Grants Administration Guide requirements

The GAG mandates that grant program guidelines include the following information:

  • the purpose and objectives of the grant
  • selection criteria and assessment process
  • grant value
  • opening and closing dates
  • any support available to grant applicants
  • application outcome date (not relevant for this program)
  • source agency or agencies
  • the decision-maker.

The program guidelines met all of the above requirements. The program’s overall compliance with the mandatory requirements of the GAG is set out in Appendix 2.

The GAG also states that, where relevant, a description of complaint handling and review and/or access to information mechanisms should be included in program guidelines. The guidelines for the program did not include a description of the complaint handling process, despite the RAA having an appeals process for the program. This process was attached to refusal emails sent to applicants, along with a link to lodge an appeal. Although refused applicants were made aware of this process, this was not communicated to all potential grantees in the program guidelines. Publishing this information in the guidelines could have provided a more accessible and transparent system for applicants.

Neither agency conducted a cost-benefit analysis to assess value for money in the program design as required by the Grants Administration Guide

The GAG requires public officials to demonstrate at the planning and design stage of the program how it will deliver value for money by identifying benefits and costs. This CBA provides a valuable tool for decision-makers to understand the expected impact of a program.

Neither the RAA nor the Reconstruction Authority conducted a CBA at the program design stage to assess the grant program’s value for money. As a mandatory requirement of the GAG it was necessary for the agencies to ensure that the CBA for the program was undertaken. Neither agency was assigned responsibility for conducting a CBA in the MoU.

The GAG advises that for time-critical grant opportunities, which likely includes emergency relief grants, it may be possible to assess value for money through a more streamlined rapid CBA. This was not undertaken as an alternative. NSW Treasury’s Disaster Cost Benefit Framework (TPG23-17) also outlines the requirements for disaster-related programs’ CBA. It advises that when responding to a disaster there may be insufficient time to complete a CBA prior to funding.

For grant programs over $50 million, the GAG recommends that the post-program evaluation includes a CBA. In addition, TPG23-17 states that where disaster resilience initiatives valued at over $10 million are not supported by a business case and CBA, it is mandatory to complete an evaluation and ex-post CBA within a reasonable period of time. The Reconstruction Authority plans to conduct an economic evaluation of the program that will include a post-program CBA. A CBA conducted after the program can assist in determining whether the program achieved its intended objectives and provided value for money.

The Rural Assistance Authority’s model for estimating the total cost of the program significantly underestimated the total expenditure

While a CBA was not undertaken, the RAA did estimate the costs of the program before it launched. The RAA had commissioned modelling in 2021 to allow it to estimate the costs of future disaster events. The model used previous disaster events, including flood events, to predict the number of applicants, the number of approved applications, the amount of funding predicted to be approved and the amount of funding predicted to be disbursed to applicants. The RAA model used data from the February to March 2021 and the November 2021 flood events to underpin its assumptions. While these were the two most recent completed flood programs, the 2022 flood events were significantly larger and saw different applicant behaviour than that observed in the previous two events. There is now an opportunity for the RAA to revisit its cost estimate modelling to update the assumptions that are used with data from the 2022 SDA programs.

Using this model, the RAA estimated that the total cost of the program would be $267.6 million; it provided this estimate to the then Resilience NSW to inform the overall program budget. The RAA first advised the then Resilience NSW about this figure on 27 October 2022 and again on 7 November 2022. When the RAA first provided this advice, 55 LGAs had been disaster-declared and were therefore eligible for the program. When the RAA provided this advice the second time, 66 LGAs had been disaster-declared but the RAA did not update its assumptions to revise the expected program expenditure. If it had updated its assumptions, the RAA could have provided more accurate figures to the then Resilience NSW to estimate the program budget. A total of 75 LGAs and the Unincorporated Far West Area were disaster-declared.

The total program cost of $536.5 million was double the initial estimate. The model had a number of assumptions that resulted in this cost being underestimated. Even if cost estimates had factored in all of the disaster declared areas, the total cost of the program would most likely have been underestimated due to these other assumptions proving inaccurate. The assumptions and estimates compared to actual expenditure are outlined in Table 2 and include:

  • an underestimation of the amount that each applicant would apply for
  • the percentage of applicants that would be approved
  • the amount of money that each approved applicant would claim back from their allowed maximum.
Table 2: Estimated and actual costs
 EstimatedActual
Total applications9,49210,715
Approved applications7,1559,030
Approval rate75.4%84.3%
Total application amount$447.1 million$736.6 million
Total approved amount$370.8 million$631.1 million
Total disbursed amount$267.8 million$536.5 million
Percentage of approved funding disbursed72.2%85.0%
Average application amount$47,105$68,746
Average amount approved$51,823$69,895
Average disbursed amount$37,396$59,881

Source: Rural Assistance Authority modelling and Audit Office of NSW analysis.

Further, there were some differences between the 2021 flood programs and the AGRN 1030 and 1034 flood events. In particular, the previous events allowed six months for applications and 12 months for claims. In this case, the program was open for seven months and claims were open for 18 months, providing a greater opportunity for businesses to lodge applications and claims. The RAA advised that the Reconstruction Authority did not request forecasting based on these extended application and claim periods.

Inaccurate cost estimates meant that decisions were made on the basis of incorrect assumptions. The approved program budget assumed that $267.6 million was an accurate forecast, however the Reconstruction Authority had to seek approval in August 2023 and May 2024 for additional funds to make up the program shortfall. The RAA advised that monthly forecasts were provided to the Reconstruction Authority to support the request for additional funds. In addition, the RAA based its resourcing and administration assumptions on the initial cost estimate, meaning that its estimated administration costs and the number of staff that were contracted to administer this program was significantly lower than would have been the case if the assumptions had been more accurate. The RAA added more staff during the program when it became clear that the program would exceed the expected level of demand.


7 A ‘Show Cause’ letter was issued to this applicant to provide them the opportunity to rectify the issues identified with their application. As the applicant did not respond, a tax invoice was issued requesting the payment to be repaid to RAA.

 

The Rural Assistance Authority conducted an effective process to determine each applicant’s eligibility for the program

The GAG states that all grants should have clear eligibility criteria that outline the minimum requirements an applicant must meet to be eligible for funding. The program guidelines outlined the criteria that would determine applicant eligibility for the grant. Administering a program in accordance with its guidelines is a mandatory requirement of the GAG. This is essential to ensure the program is administered fairly and that the program achieves its objectives. The program’s overall compliance with the mandatory requirements of the GAG is set out in Appendix 2.

To determine whether the grant program had been administered in line with the program guidelines, the audit team tested a sample of applications, which included the assessment of application eligibility. All approved applicants examined by the audit team were correctly found to be eligible. All rejected applicants in the sample were correctly found to be ineligible.

To ensure applicants were assessed equitably against the eligibility criteria, assessment officers were provided with an assessment template and training guidance. This documentation provided guidance on interpreting the program guidelines and was designed to ensure that each applicant would be assessed consistently.

In line with the program guidelines, assessment officers reviewed the lodged tax returns and financial statements to ensure that applicants derived at least 50% of their gross income from the primary production enterprise. They also reviewed applicant ABNs to ensure that these were active and current at the time of the flood event(s), and LGA rate notices to determine if the enterprises were located within an eligible area. Applicants were also required to provide an estimated value and description of damage incurred.

The assessment of this evidence was entered into the assessment template for each applicant and the completed template was provided as written advice to a program officer as the decision-maker. The program officer then approved or declined the application based on the advice provided by the assessment officer. For each application, the RAA retained documentation that related to the application outcome and the reasoning behind the outcome. It also documented the decisions on both approved and rejected applications.

The Rural Assistance Authority processed most claims for the grant program in accordance with the program guidelines and the Grants Administration Guide

The program guidelines outlined a list of items and activities that were eligible for reimbursement, along with the evidence required to claim. This list was created to ensure that only eligible expenses were reimbursed. In addition, the RAA provided further guidance to payment officers, particularly covering more difficult situations that may arise. This included creating a payment schedule template. This documentation aimed to ensure that each claim was assessed against the same criteria.

For anyone seeking to claim additional funds after receiving the upfront payment, payment officers reviewed the invoices submitted, including the supplier, date, invoice amount and the description for each claim. Payments officers reviewed the invoice item descriptions to determine if expenses were eligible for reimbursement under the program guidelines. In addition, payment officers reviewed proof of payment for these invoices, usually in the form of bank statements. The payment schedule and the supporting evidence was provided to the program officer as written advice for approval or denial.

The procedure for assessing and processing the upfront payments is discussed in detail below.

The audit team tested a sample of applications for the program, which included the processing of claims for these applications. The sample demonstrated that invoices and proof of payment were retained for all applicants who claimed funding above the $25,000 upfront payment amount. Payment schedules were generated for these applicants, and invoice and payment data was entered into the schedule template to evidence claim eligibility. The payments made aligned with the invoices and followed the established process.

Most of the applicants in the sample were only reimbursed for eligible expenditure. The audit team identified one applicant who was reimbursed for ‘business advice post-flood’, which was not eligible expenditure under the program guidelines. The documentation retained for this applicant did not outline any reasons for approving the ineligible expense, as required by the GAG.

Applicants were required to provide proof of payment for any previous SDA grants they had made under the other 2021 and 2022 storm and flood disaster events before they could receive payment from the AGRN 1030 and 1034 SDA program. Payment officers checked if applicants had made claims under previous programs and validated this expenditure as per the guidelines.

The Rural Assistance Authority did not require evidence of how funds would be spent or validate claims of estimated damage before distributing the upfront payments

Applicants who had not successfully applied for grants under previous iterations of the SDA program were entitled to an upfront payment of $25,000 without the need to provide invoices at the point of application. Applicants who had received grant payments under previous SDA programs were only eligible for the upfront payment if they had fully validated their previous grant funding. The RAA advised that this was to assist primary producers with their cash flow by providing them with enough money to begin recovery works.

The program guidelines, which were designed by the RAA and approved by the then Resilience NSW, stated that payment would be provided on the basis of quotes or estimated costs. The guidelines also included an application checklist which specified the documentation the applicant would need to provide at the point of application. This checklist included ‘quotes, estimates, photos, valid tax invoices and proof of payment (if you have them)’. The program guidelines did not explicitly require applicants to provide evidence to support their estimates or to validate their expenditure post payment.

The frequently asked questions (FAQs) for the program, which were published on the RAA website, stated that reasonable evidence was required to be submitted by all applicants to prove damage from the flood event(s). The following examples of evidence were listed:

  • quotes or estimates for works to be completed
  • tax invoices of expenses incurred for clean-up or salvage works already completed following the flood event(s)
  • photos of damaged property with time, date and location stamps (not mandatory).

The audit team tested a sample of 16 applicants who received only an upfront payment of $25,000 or less. Two applicants in the sample submitted evidence of their intention to spend this money in accordance with the program guidelines although this was not required by the guidelines. The remaining applicants submitted an estimated value of the damage and explained the impact of the flood on their business, which was confirmed by an assessment officer through a phone call. The RAA advised that the purpose of this phone call was to test the applicant’s claim against results from the Primary Industries Natural Disaster damage survey. This is an online survey that farmers, DPIRD, Local Land Services Staff and agricultural industry representatives can use to record damage to primary production and animals from natural disasters such as floods, fires and storms. Assessment officers could use this data to assess if applicants’ claims were consistent with the level of damage recorded in the survey results.

While it was in line with the guidelines, by not collecting this evidence, the RAA could not ensure that applicants who applied for payments below the $25,000 threshold had estimated damage accurately or validate that applicants intended to spend, or had in fact spent the grant in line with the program guidelines. The lack of appropriate controls increased the risk of fraudulent applications being made for these upfront payments and funds disbursed to those applications, as well as the risk that the upfront payments were not spent on eligible activities.

The program guidelines included a provision for the RAA to request additional evidence from applicants once a payment had been made. However, the RAA did not validate these applications post program to confirm that grant money had been spent in line with the guidelines.

There were long processing times for both assessments and grant claims throughout most of the life of the program

As discussed above, and as shown in Exhibits 3 and 4, there was a steady flow of applications and claims throughout the program before a sharp increase prior to the program closing. Due to the number of applications and grant claims exceeding the original estimates for the program, the RAA was not adequately prepared for the volume of applications, and this resulted in long processing times for both assessments and grant claims.

As can be seen in Exhibit 5, the average number of days required to process a grant application increased from 19 days for applications lodged in November 2022, the first month of the program, to 118 days for applications lodged in June 2023, the final month that applications were open. This excludes time where the RAA was waiting for additional information from the applicant. The RAA’s target was to process 80% of applications within 20 days. However, only 13.5% of grant applications for the AGRN 1030 and 1034 program were assessed in this timeframe. The average processing time for applications across the course of the program was 73 days.

 

The Rural Assistance Authority developed performance measures but there were no indicators for program outcomes

The RAA describes its overall objective as ‘farming businesses and other rural industries are more innovative, productive and resilient due to efficient provision of well-targeted government assistance programs by the RAA’.

To support this, the RAA has developed the following three performance measures that apply across all of the grant programs it administers:

  • timeframe to provide RAA assistance to the point of decision for grant applications – 80% of grant applications have a decision in 20 days
  • level of RAA customer satisfaction at the point of application – 80% of customers report a positive point of application experience
  • level of RAA customer satisfaction post-application – 80% of customers report a positive post-application experience.

The RAA aggregates performance across these indicators for all its grant programs, and the RAA also measures performance against these indicators for its programs individually. While these measures are all valuable in understanding the RAA’s grant administration performance, they do not allow for the outcomes of RAA programs to be evaluated. In particular, they do not consider a program’s impact on the RAA’s overall objective, such as the impact of the program on innovation, productivity and resilience. Measuring the outcomes of a program allows for an agency to determine whether the program has achieved its objective and was an effective use of money.

The timeliness indicator allows the RAA to measure one element of its efficiency by identifying the speed with which grant applications are assessed. However, there is no performance indicator in place to consider the timeliness of claim processing. Developing this performance indicator would allow the RAA to determine more clearly whether claims processing is occurring in a timely manner.

While customer satisfaction with the program was high, the Rural Assistance Authority did not meet its timeliness target

The RAA’s performance against its established targets for customer satisfaction at the point of application and post-application exceeded the targets of 80% of customers reporting a positive experience. To collect information about customer satisfaction, the RAA conducted an online customer survey with each applicant, where applicants were asked to rate their satisfaction with a variety of metrics, including satisfaction with program guidelines and ease of application.

The results of the RAA customer satisfaction surveys are shown in Table 3.

 

Table 3: Customer satisfaction with the AGRN 1030 and 1034 program
QuestionSatisfiedNeutralUnsatisfied
Satisfaction with guidelines85%12%1%
Satisfaction with website80%15%2%
Satisfaction with staff assistance97%1%0%
Satisfaction with staff knowledge99%0%0%
Satisfaction with processing time81%13%5%

Note that satisfied includes both ‘satisfied’ and ‘very satisfied’ as a response, and ‘unsatisfied’ includes both ‘unsatisfied’ and ‘very unsatisfied’.
Source: RAA customer satisfaction surveys


The results demonstrate that customer satisfaction with the program was high. This includes satisfaction with the processing time of applications which, as noted in the previous chapter, consistently worsened throughout the course of the program.

The RAA also asked about the difficulty of applications and the contract approval process. The results of these surveys are shown in Table 4.

Table 4: Customer views on the difficulty of processes in the AGRN 1030 and 1034 program
QuestionEasyNeutralDifficult
Difficulty of application69%24%5%
Difficulty of contract approval77%19%4%

Note that ‘easy’ includes both ‘easy and ‘very easy’ as a response, and ‘difficult’ includes both ‘difficult’ and ‘very difficult’.
Source: RAA customer satisfaction surveys.

The RAA advised that it uses the difficulty of application and difficulty of contract approval results, shown in Table 4, to determine whether it has met its customer satisfaction results of 80% of customers having a positive experience. The RAA aggregates the easy and neutral results to determine whether the target has been met, meaning that even neutral results are considered positive experiences. Calculated this way, 93% of customers had a positive experience at point of application and 96% had a positive experience post application. This calculation means that the RAA exceeded its target of 80% of customers having a positive experience at the point of application and post approval. However, as shown in Table 4, if neutral responses are excluded from this analysis and only ‘easy’ or ‘very easy’ responses are included, the RAA did not meet this target.

The RAA had a target of 80% of grant applications having a decision in 20 days. The RAA advised that this only includes business days and does not include time that is spent waiting for applicants to provide additional information after RAA has requested it. With these rules applied, only 13.5% of grant applications for the AGRN 1030 and 1034 program were assessed within 20 days. It was important for RAA to assess applications in a timely way in order to fulfil the program purpose of providing a timely and proportionate response to the disaster event.

Program performance was regularly reported to the Rural Assistance Authority’s management, allowing it to provide oversight of the program

Each week, the performance of the RAA in the AGRN 1030 and 1034 program was reported to management as a high-level dashboard. This included a review of the number of applications per day, the number of applications completed each day, outstanding cases, customer satisfaction and total funding disbursed through the program. This allowed management to provide a degree of oversight of the program’s performance against its key performance indicators.

In addition, the RAA reported performance against all of its grant programs to its Audit and Risk Committee (ARC) on a quarterly basis. These reports contained an aggregation of the performance across all of the disaster grants being administered by the RAA, including the volume of applications, the completion rates of assessments and the amount of money disbursed. In addition, performance against the three performance indicators outlined above was also reported to the ARC. This reporting allowed the ARC to receive an agency-wide view of grant administration performance.

The Reconstruction Authority is planning to conduct an outcome evaluation for the program

While the GAG does not set out a mandatory requirement for officials to undertake an evaluation of the outcomes of a grant program, it does recommend that agencies make a decision on evaluating based on the value, risk and significance of the grant program. The GAG refers to the NSW Treasury policy TPG 22-22 Policy and Guidelines: Evaluation, which recommends an evaluation of programs valued at over $50 million. Given that the program disbursed $536.5 million, it is reasonable to expect an outcome evaluation to be undertaken as a matter of good practice.

As noted above, the MoU between the Reconstruction Authority and the RAA does not set out the responsibility for undertaking an outcome evaluation of the program. Similarly, there is no responsibility established in the MoU to determine the overall benefits delivered by the program as part of a CBA. Not outlining these responsibilities risks gaps in program evaluation for future grant programs. As a result of this gap, neither agency was assigned initial responsibility for planning an evaluation.

In December 2024, the Reconstruction Authority received approval to undertake an outcome evaluation that will allow it to determine the outcomes achieved by the program. This evaluation is also planned to include an evaluation of the overall benefits and outcomes of the program, an economic evaluation – which will fulfil the purpose of an ex ante CBA, discussed above – and a process evaluation, which will consider how the program has been delivered. In addition, the RAA conducted a process evaluation of the program in August 2023.

 

Appendix 1 – Responses from audited agencies

Appendix 2 – Program compliance with the Grants Administration Guide

Appendix 3 – About the audit

Appendix 4 – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #405 released 20 May 2025.

Published

Actions for Northern Beaches Hospital

Northern Beaches Hospital

Health
Management and administration
Risk
Service delivery

About this report 

The Northern Beaches Hospital is a private hospital that also provides public hospital services. The hospital was built in 2018 and is operated by a private operator, Healthscope, in a public-private partnership with the NSW Government.

Healthscope is contracted to operate the public portion of the hospital until 2038. 

This audit assessed how effectively and efficiently the Northern Beaches Hospital public-private partnership delivers public hospital services.

Conclusion 

The Northern Beaches Hospital public-private partnership is not effectively delivering the best quality integrated health services and clinical outcomes to the Northern Beaches community and the State – the standard required under the arrangement and the key objective of the project deed. 

The partnership is at risk of failure, with Healthscope requesting in November 2023, and again in December 2023, that the return of the public portion of the Northern Beaches Hospital be brought forward by 14 years. In its requests, Healthscope noted the risk to the viability of the Northern Beaches Hospital, citing insufficient funding, a lack of integration into the wider health network, and strained stakeholder relationships. 

NSW Health effectively manages the contract with Healthscope day-to-day on behalf of the State, ensuring that public hospital activity at the Northern Beaches Hospital is provided at a lower cost than if the State operated the hospital. However, the public-private partnership structure creates tension between commercial imperatives and clinical outcomes. 

The Northern Beaches Hospital has recorded concerning results for some hospital-acquired complications and has not taken sufficient actions to address some identified clinical safety risks. 

The project deed, which governs the partnership, does not support the hospital’s integration into the local health district and broader health network. This has an impact on patient journeys and access to services for patients in the Northern Beaches. Additionally, Healthscope has no obligation or commitment to implement NSW Health initiatives – such as the Safe Staffing Levels initiative. 

The Northern Beaches Hospital has achieved accreditation to ensure it meets national quality standards for hospital care but some quality and safety concerns remain. 

Recommendations 

The report made three recommendations:  

  1. The NSW Government and NSW Health note the findings of the report and consider whether the Northern Beaches Hospital public-private partnership is the appropriate model to deliver the best quality integrated health care in the Northern Beaches region
     
  2. Healthscope should resolve:
    1. safety and quality issues
    2. system issues
    3. reporting issues
       
  3. NSW Health should consider issues raised for this public-private partnership for any future arrangement.

This chapter reports on the performance of the Northern Beaches Hospital. The first section reviews the performance of the Northern Beaches Hospital in terms of safety and quality. The second and third sections review the operational performance of the emergency department and elective surgery (including general surgery). One of the features of the Northern Beaches Hospital public-private partnership is the requirements of demand and volume management placed on Healthscope, the operator of the hospital. How that interacts with the performance of the emergency department and admitted patient areas is examined here. The fourth section reports on patient experience and complaints.

A key objective of the project deed is for the Northern Beaches Hospital to provide the best quality care for people in the Northern Beaches catchment and the people of NSW. The best quality care is operationalised in the project deed by requiring the Northern Beaches Hospital to perform in the top quartile of comparator hospitals for many measures. Only one of these measures relates to the scope of this audit – patients who left the emergency department after triage without being seen. Comparator hospitals are drawn from national hospitals for these measures.

When comparing results with NSW hospitals, the Northern Beaches Hospital is within the B1 hospital grouping, which includes Blacktown, Sutherland, Hornsby Ku-ring-gai and Campbelltown in metropolitan Sydney, and Orange, Tamworth, Wagga Wagga, Tweed Valley, Coffs Harbour, Port Macquarie and Lismore hospitals in regional NSW.

This chapter focuses on the role of the Northern Sydney Local Health District and Ministry of Health in managing the Northern Beaches Hospital public-private partnership for the State. The first section reviews identification and management of risks arising from this arrangement, including clinical risks and how NSW Health intervenes to address issues. (Chapter 3 also considered this question in relation to results for hospital-acquired complications and for sepsis and deteriorating patients). The second section looks at integration, which is one of the key objectives of the public-private partnership. Integration is the way the hospital fits into the surrounding NSW Health network. The third section then considers the efficiency of this arrangement for NSW Health.

Appendix 1 – Response from entities

Appendix 2 – Northern Beaches Hospital services and role delineation

Appendix 3 – Hospital-acquired complication data

Appendix 4 – 2023–24 abatable key performance indicators

Appendix 5 – About the audit

Appendix 6 – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #404 released 17 April 2025.