Refine search Expand filter

Reports

Published

Actions for Ambulance services in regional New South Wales

Ambulance services in regional New South Wales

Health
Internal controls and governance
Management and administration
Service delivery
Shared services and collaboration
Workforce and capability

About this report

NSW Ambulance delivers emergency and non emergency medical services and transport to patients in New South Wales, and connects patients who do not need an emergency medical response with the most appropriate health provider.

NSW Ambulance operates as part of a network of public health services. 

This audit assessed the efficiency and effectiveness of ambulance services in regional New South Wales.

Findings

NSW Health is maintaining effective ambulance services in regional New South Wales, despite increasing demand. 

NSW Ambulance and the Ministry of Health use effective governance arrangements to monitor regional ambulance performance. NSW Ambulance and Local Health Districts (LHDs) communicate effectively to manage day-to-day operational challenges. However, the audit identified opportunities to improve the Ministry’s oversight of regional performance, and to enhance information sharing between NSW Ambulance and LHDs.

NSW Health is working to identify opportunities to reduce demand on the NSW Ambulance fleet and hospital emergency departments in regional New South Wales.

NSW Ambulance undertakes holistic service planning to efficiently deliver ambulance services in regional New South Wales.

Recommendations

The audit recommends that:

  • The Ministry of Health, eHealth and NSW Ambulance implement a new NSW Ambulance Electronic Medical Record system
  • The Ministry of Health and NSW Ambulance improve system oversight, monitoring and reporting of ambulance performance at the regional and metropolitan level
  • The Ministry of Health finalise its Transport for Health strategy and undertake a review of all non-emergency patient transport operators across the state
  • NSW Ambulance and LHDs improve strategic engagement with other NSW Health entities.

 

NSW Ambulance is a front line health service provider, delivering emergency and non-emergency medical services and transport to patients in New South Wales. It provides medical help to patients experiencing life-threatening injuries (referred to as high acuity patients), illness, and trauma, and connects patients who do not need an emergency medical response (referred to as low acuity patients) with the most appropriate health provider.

NSW Ambulance operates as part of a network of public health services. For NSW Ambulance to efficiently transfer patients to hospitals, hospitals need to have sufficient capacity to accept new patients. In regional contexts, distance is an important factor in the effective delivery of ambulance services.

The objective of this audit is to assess the efficiency and effectiveness of ambulance services in regional New South Wales, by answering the following questions:

  1. Does NSW Health work effectively and efficiently to deliver ambulance services in regional and rural New South Wales?
  2. Is NSW Health effectively and efficiently planning and allocating ambulance services in regional New South Wales?
  3. Is the effectiveness of ambulance services in regional and rural New South Wales increasing over time?

The NSW Health agencies included in this audit are NSW Ambulance, the Ministry of Health, Murrumbidgee and Southern NSW Local Health Districts, eHealth NSW and HealthShare NSW.

The Ministry of Health expects Local Health Districts and state wide health services (such as NSW Ambulance) to engage and collaborate with stakeholders throughout service planning, but it is unclear whether the Ministry ensures that this occurs

The Ministry of Health is responsible for setting policy and strategy direction for the overall NSW Health system and provides guidance to all NSW Health entities (including Local Health Districts and NSW Ambulance) to inform service planning. Local Health Districts are responsible for ensuring that relevant policy objectives are achieved through the planning and funding of the range of health services that best meet the needs of their communities.

Service plans describe how services will achieve measurable health improvements and outcomes. NSW Health entities create service plans within a broader framework of system-wide goals, objectives and priorities. The Guide to Service Plans notes the importance of active and inclusive stakeholder engagement and requires that stakeholders should be engaged throughout the planning process. It also notes that state-wide health and shared services impacted by planning should be engaged to assist with the assessment of service requirements and resource implications.

The audit identified several examples of service plans and key initiatives developed within Southern NSW Local Health District which directly related to ambulance services, but where NSW Ambulance was not identified as a stakeholder. These include:

  • A business case for a new MRI service at Goulburn hospital: prior to the establishment of MRI services in Goulburn, there were no MRI services available within Southern NSW Local Health District, with the closest available provider located in Bowral (a private provider) or at the Canberra Hospital. This business case included decreased reliance on patient transport for imaging as a benefit.
  • The clinical service plan for Batemans Bay Community Health Centre (which will provide urgent care services in Southern NSW Local Health District).

Southern NSW Local Health District included NSW Ambulance as a stakeholder in cross-border service planning, including NSW Ambulance as a signatory in a cross-border memorandum of understanding for stroke patient transfers between Southern NSW Local Health District, Murrumbidgee Local Health District, Canberra Health Services and NSW Ambulance.

In Murrumbidgee Local Health District, the audit identified one example of the Local Health District including NSW Ambulance as a stakeholder in planning activities. In an updated terms of reference document for the Cootamundra Partnership Reference Committee, which was established to develop a new Health Service Plan for the Cootamundra Health Service, NSW Ambulance has been included as an invitee to this forum.

No health entities undertake whole-of-system service planning for non-emergency patient transport services in rural and regional New South Wales

Non-emergency patient transport services in regional and rural Local Health Districts are provided by HealthShare NSW (in Hunter New England Local Health District and Illawarra Shoalhaven Local Health District), Local Health Districts and NSW Ambulance. Both Southern NSW Local Health District and Murrumbidgee Local Health District engage private providers and community transport providers to supplement their patient transport capacity. When non-emergency patient transport services are at capacity, Local Health Districts rely on NSW Ambulance to assist with facilitating patient transfers.

Despite these challenges, there is no whole-of-system approach to service planning for patient transport. Whole-of-system planning would enable NSW Health to better manage risk and reduce reliance on the use of the NSW Ambulance fleet for patient transport in rural and regional New South Wales.

NSW Ambulance undertakes holistic service planning, but it did not engage Local Health Districts as stakeholders in the development of its recent Clinical Services Plan

As a state-wide health service, NSW Ambulance’s service planning broadly reflects the key deliverables articulated in its Service Agreement with the Secretary of Health. The Ministry of Health, in its responsibility for planning key services and as the ‘purchaser’ of ambulance services, ensures that NSW Ambulance service planning gives regard to the broader strategic policy environment.

In 2023, NSW Ambulance developed a new Clinical Services Plan 2024–2029 which includes a focus on supporting innovative approaches to clinical redesign and the delivery of new clinical programs. This includes strengthening collaboration between NSW Ambulance and Local Health Districts (particularly in care models for smaller rural communities and the involvement of paramedics in care and management of patients with chronic diseases).

NSW Ambulance consulted with the Ministry in the development of the Clinical Services Plan. It advised the audit that as the Clinical Services Plan largely reflects the objectives contained in its Strategic Plan, specific consultation with Local Health Districts was not required.

While NSW Ambulance is currently developing a five-year roadmap for the implementation of its Clinical Services Plan, it is unclear how NSW Ambulance intends to implement and resource these objectives in a timeframe that complements similar work across NSW Health.

The Southern NSW Local Health District Clinical Services Plan does not include specific consideration of the provision of patient transport and it is not clear whether it consulted NSW Ambulance during development

Southern NSW Local Health District’s 2023–28 Clinical Services Plan notes development of the plan was informed by local, state and national strategic directions for the health system, as well as outcomes and recommendations of relevant NSW Health and local reviews and inquiries.

Southern NSW Local Health District identified five focus areas in its 2023–28 Clinical Services Plan:

  • Supporting health and wellbeing through primary, secondary, and tertiary prevention
  • Providing care closer to home
  • Ensuring the sustainability of our existing services
  • Planning for growth and ageing in our population
  • Ensuring equity of access to care.

The Southern NSW Local Health District conducted community stakeholder consultation during development of its Clinical Services Plan, which resulted in feedback relating to challenges accessing health services. Community consultation feedback provided to Southern NSW Local Health District included the below key points relating to transportation to access health services:

  • a lack of public and/or private transport to and from health facilities
  • the additional burden on rural residents to access health care, noting that rural communities are often long distances from tertiary facilities
  • difficulties with transportation, noting community transport options are limited and it can be difficult to coordinate timing.

Southern NSW Local Health District’s Clinical Services Plan acknowledges the District consulted with internal stakeholders and other service providers to develop the plan, however, it is not clear whether Southern NSW Local Health District included NSW Ambulance in consultation for feedback. Additionally, while actions to address the areas of focus for the Clinical Services Plan relate to more localised access to care and delivery of care, as well as increased capacity and access, the plan does not include any actions specific to the provision of health related transportation.

Southern NSW Local Health District has committed to improve access to clinical services in rural and remote settings through the delivery of virtual care models

In its 2023-28 Clinical Services Plan, Southern NSW Local Health District commits to establishing a single point of entry so that patients can access appropriate care in ‘the right place, at the right time’ through (among other actions), an enhancement and expansion of its Virtually enhanced Community Care program and establishment of the Virtual Rural Generalist Service.

This audit identified some examples of Local Health Districts partnering to improve access to clinical service in rural and remote settings. In Southern NSW Local Health District, the Local Health District has partnered with Western NSW Local Health District to implement the Rural Virtual Generalist Service in smaller facilities across the District.

NSW Ambulance’s workforce planning effectively considers demand, workload, coverage, and capability requirements and it uses this evidence to allocate personnel and other resources to efficiently deliver ambulance services in regional New South Wales

NSW Ambulance has a well evolved and evidenced service planning methodology. NSW Ambulance established a service planning capability in 2010, and the current methodology (developed in 2022–23) includes analysis at the station and local network level of demand projections, staffing levels required, the drivers of effective and efficient supply provision, models of care, specialty resources and capital and infrastructure requirements. It includes a substantial focus on station location and the type of resource required.

Service planning informs (and is informed by) benefits realisation for new programs and initiatives (such as SWEP, SWIFT). NSW Ambulance has also developed a model to assess ‘unmet demand’ which it uses when determining sites for potential resource allocation and supplementation. NSW Ambulance continuously monitors its need and priority for additional or enhanced ambulance services and considers the following criteria:

  • volume of demand in town and surrounding area
  • distance from any ambulance service
  • current response times to emergency incidents
  • modelled improvement in response times if an ambulance station was commissioned
  • assessment of capacity and condition of closest ambulance station
  • capacity of NSW Ambulance volunteer service to provide a response.

NSW Ambulance continuously reviews key inputs into the service planning methodology, in particular its demand project methodology.

The main output of NSW Ambulance’s service planning methodology is the creation of a whole-of-state service model which describes the clinical service levels for each ambulance station. A station’s clinical service level determines both the number of clinical staff required and its specific roster pattern, as well as the staff type (graduate paramedic, specialist paramedic, etc.). NSW Ambulance then creates station rosters in alignment with this model.

In addition to the demand- and activity-based evidence sources NSW Ambulance uses to inform its service planning, NSW Ambulance includes evidence-based analysis in its business cases to support NSW Government funding requests, which also contain thorough descriptions of how the proposed funding would be allocated.

Recent investments in the regional paramedic workforce have allowed NSW Ambulance to reduce the use of on-call rostering and improve the working conditions of regional paramedics

NSW Ambulance rostering practices allow for some stations to utilise on-call resources, which can cause fatigue among paramedics rostered on shift following an on-call period.

Announced in the 2018–19 NSW Budget, the NSW Government announced funding for the recruitment of an additional 750 FTE paramedic and call-centre staff over four years commencing in 2018–19. The Statewide Workforce Enhancement Program (SWEP) was designed by NSW Ambulance to enable improvements in efficiency, coverage, quality, safety and performance across New South Wales and achieve response performance targets.

The SWEP business case detailed the extent to which NSW Ambulance relied upon various forms of premium labour in order to maintain service delivery and to meet community expectations in terms of response performance. The SWEP business case identified that $20 million in premium labour savings after the four-year implementation program would be achieved by reducing over-reliance on overtime.

SWEP resulted in an additional 376 FTE positions across ambulance stations in regional NSW, and allowed NSW Ambulance to reduce on-call rostering:

  • 22 regional/rural locations were converted to a 24/7 operating model removing overnight on-call
  • Removal of on-call at four locations that were previously operating on a 24/7 roster with overnight on-call
  • Reduction in on-call at eight locations.

NSW Ambulance measured premium labour savings achieved by monitoring callouts, crib-penalty payments, and dropped-shift overtime. In August 2022, as part of an internal review of the SWEP program, NSW Ambulance noted that the SWEP program achieved the reduction in premium labour expenditure and improved the working conditions of regional paramedics.

NSW Ambulance anticipates that recent changes to funding arrangements will result in a key program not achieving its intended benefits

In June 2022, the NSW Government announced a $1.76b investment in NSW Ambulance over a four-year period to fund 210 ambulance support staff (including the ongoing establishment of NSW Ambulance’s Virtual Clinical Care Centre (VCCC)), 1,878 new paramedics, 52 nurses, eight doctors, and build 30 stations.

Known as the Strategic Workforce InFrastructure Team program (SWIFT), NSW Ambulance designed the program to meet two objectives:

  • firstly, to improve patient outcomes, and the probability of survival from immediately life threatening conditions.
  • to achieve compliance with WHS obligations through the reduction of overrun shifts, overtime, and increase staff meal breaks.

When it was announced as part of the 2022–23 NSW Government budget, SWIFT was designed as a four-year program. However, recent changes to funding arrangements have changed the SWIFT timeframe and the program will now be delivered over seven years (at the same cost).

One of the key objectives of the SWIFT business case was to improve patient outcomes and the probability of patient survival by achieving response times within 15 minutes for 85% of P1 incidents by 30 June 2026. NSW Ambulance regularly reports and tracks performance on SWIFT indicators, and advises that as at 21 December 2023, the program was on track to meet the target.

NSW Ambulance modelled that the impact of extending the funding window from four years to seven years would add three years of additional demand growth and result in the program failing to achieve the 85% target by June 2026.

Appendix one – Response from agency

Appendix two – NSW Ambulance performance data

Appendix three – NSW Ambulance regional station map

Appendix four – NSW Ambulance key performance indicators

Appendix five – Types of patient transport operational across New South Wales

Appendix six – Scheduled psychiatric interhospital patient transfers

Appendix seven – NSW Ambulance governance bodies

Appendix eight – About the audit

Appendix nine – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

 Parliamentary reference - Report number #398 released 27 June 2024.

Published

Actions for Regional Digital Connectivity program

Regional Digital Connectivity program

Industry
Information technology
Infrastructure
Internal controls and governance
Management and administration
Procurement
Project management
Risk
Service delivery

About this report

The Regional Digital Connectivity program (RDCP) is intended to improve mobile coverage and internet connectivity in regional NSW.

The RDCP includes two funding programs, one for improving mobile coverage and the other for improving internet connectivity. Both programs provide grant funding to commercial telecommunications providers for eligible mobile and internet projects.

This audit assessed whether the Department of Regional NSW (the department) is effectively administering the RDCP to meet program objectives.

Findings

The department's approach to identifying priority areas for RDCP funding was comprehensive and it largely distributed funding in line with these priorities.

The department has not specifically defined the overall objectives of the RDCP. The department has developed business cases that set out each program’s respective objectives, but these do not consistently describe the objectives of the RDCP.

The department also has not developed an overarching investment strategy, which would assist it in addressing potentially conflicting priorities.

Deficiencies in project and risk management have contributed to delays in the department’s implementation of the program.

The department is not monitoring progress against outcomes, which limits its ability to demonstrate that the program is achieving its intended purpose.

The department did not meet its original mobile coverage performance target but met its internet connectivity target.

Recommendations

To improve RDCP administration, the report recommends that by June 2025, the department should:

  1. develop an overarching investment strategy for the RDCP
  2. outline the expected timelines for RDCP projects and ensure that these timelines are updated regularly
  3. develop and report on RDCP outcome indicators
  4. update the RDCP evaluation plan
  5. update the expected benefits of the program to reflect changes in the RDCP.

The Regional Digital Connectivity program (RDCP) is funded through the Snowy Hydro Legacy Fund (SHLF). Under the Snowy Hydro Legacy Fund Act 2018 (SHLF Act), the purpose of the SHLF is to improve economic development in regional New South Wales and to fund infrastructure projects that primarily benefit regional New South Wales. A priority area for SHLF investment is delivering improved mobile coverage and internet connectivity in underserved and remote communities.

The RDCP has been implemented by the Department of Regional NSW (the department) since 2019. The RDCP is broadly split into two funding programs. The larger funding program is for improving mobile coverage and the other funding program is for improving internet connectivity and is referred to as the Gig State program. Both programs provide grant funding to commercial telecommunications providers for eligible mobile and internet projects.

Over $300 million from the RDCP was allocated to improve mobile phone coverage and increase the number of mobile service providers across regional NSW. The mobile coverage program is being delivered through the following sub-programs:

  • Snowy Mountains Highway Safety project – co-funding with Snowy Hydro Limited to build five mobile towers along the Snowy Mountains Highway to improve mobile coverage.
  • Active Sharing Partnership (ASP) pilot – co-funding with private providers to deliver active sharing mobile technology in regional areas.
  • ASP main program – This is the main round of the mobile coverage program. A business case has been developed, but no funding has been distributed through this sub-program.
  • Mobile Black Spot Program Round 5A – co-funding with the Australian Government’s Mobile Black Spot Program to deliver new or upgraded mobile towers in regional and remote locations.
  • Mobile Black Spot Program Round 7 (MBSP7) – co-funding with the Australian Government’s Mobile Black Spot Program to deliver new mobile infrastructure.

Over $100 million from the RDCP was allocated to the Gig State program to improve regional internet connectivity through partnering with multiple providers and using a range of technologies suitable for rural and regional locations. The Gig State program was launched in 2019 and underwent significant changes in 2021 following an Infrastructure NSW deep dive review into the project. These changes to the program are referred to as the Gig State addendum. The Gig State program is being delivered through the following sub-programs:

  • Cobar corridor connectivity – providing fixed wireless internet access to five locations between Narromine and Cobar.
  • nbn regional NSW fixed wireless – co-funding with nbn to deliver new or co-located fixed wireless broadband towers in 56 locations.
  • Wamboin, Bywong and Sutton connectivity – improving internet connectivity in these three towns as part of a NSW Government commitment.
  • Regional Connectivity Program Round 3 (RCP3) – co-funding with the Australian Government’s Regional Connectivity Program to provide additional internet infrastructure.

The objective of this audit was to assess whether the Department of Regional NSW is effectively administering the Regional Digital Connectivity program to meet program objectives. The audit examined:

  • how effectively the department identifies priority areas to target RDCP funding
  • how effectively the department distributes RDCP funding in line with program objectives
  • how effectively the department measures the performance of the RDCP.

The department has not specifically defined the overall objectives of the RDCP

The RDCP is delivered as part of the SHLF. Under the SHLF Act, the purpose of the SHLF is to improve economic development in regional New South Wales and, for that purpose, to fund infrastructure projects that primarily benefit regional New South Wales. One of the priority areas for SHLF investment is digital connectivity, which is being delivered through the RDCP.

While the purpose of the SHLF is set out in the SHLF Act, the department has not specifically set out the overall purpose and objectives of the RDCP and how it will focus the RDCP on achieving the SHLF’s purpose. Such a document would support future business case development, and support the coordination and prioritisation of objectives across the business cases that have already been developed.

While the overall objectives of the RDCP are yet to be defined, there are objectives set out in the business cases for the separate programs but these are not consistently described. The Gig State business case advises that the RDCP’s goal is to enable transformative long-term benefits for regional areas through investment in digital connectivity. This goal aligns with the purpose of the SHLF Act. However, this objective is not set out in the mobile coverage business case, or any other document, and it is not clear how the RDCP is intended to fulfil this objective.

The Gig State business case sets out three objectives for the RDCP that provide further definition to the SHLF Act’s purpose, though it is unclear how these were determined and whether these are intended to cover the entire RDCP:

  • address the digital divide between regional and metro NSW
  • resolve market failures in the regional NSW telecommunications market
  • leverage Government assets and capabilities wherever possible.

The mobile coverage ASP pilot business case sets out a similar set of objectives, though there are some differences, such as the third objective being to ‘leverage Government assets and capabilities to achieve transformative results.’ It is important for the department to clarify the RDCP’s objectives to ensure a unified approach to investment decisions. At the time of the audit, the department’s website had a different set of objectives for the RDCP. They are:

  • build digital infrastructure to increase capacity
  • expand mobile coverage and provider choice
  • improve internet service, speed and quality
  • bridge the digital divide between regions and cities.

The department also provided a 2022–23 ‘division plan’, with goals for the mobile coverage and Gig State programs. These include:

  •  extend and improve internet coverage to deserving locations in regional NSW
  • investigate emerging digital technologies to improve connectivity
  • deliver new and improved mobile coverage to regional NSW communities
  • encourage competition in the regional telecommunications market.

While these different sets of objectives broadly align, there is no consistency across these business cases in describing the objectives of the RDCP. This indicates that there is a lack of clarity about the intended objectives of the RDCP. Further, the origin of the list of objectives in the ‘division plan’ is unclear. This reinforces the need to clearly define objectives for the overall RDCP.

Each business case the department has developed for RDCP programs has defined objectives that align with the SHLF’s purpose

The Gig state and mobile coverage business cases also define objectives for each program. These objectives align with the SHLF’s purpose, set out above. The Gig State business case advises that the purpose of the Gig State program is to:

  • address the digital divide between metro and regional NSW so that the price, quality, and choice of digital connectivity options in metro areas are made available in regional areas of NSW
  • resolve market failures in regional NSW telecommunications
  • leverage Government assets or investment where appropriate to achieve transformative long-term benefits for regional areas.

The ASP pilot business case states similar objectives, though it does not mention the ‘price, quality, and choice’ stated in the Gig State business case. The ASP pilot business case also lists another three objectives:

  • address mobile black spots where people live and work
  • investigate new and emerging technologies to future proof mobile coverage in regional NSW
  • promote consumer choice in the delivery of mobile services.

The ASP main program has a different set of objectives to the ASP pilot and include:

  • reduce the digital divide and enhance social inclusion by improving mobile coverage in regional locations not covered by existing programs
  • encourage competition in the regional telecommunications market to provide consumers greater choice, lower prices and improved services
  • address commercial viability and technical constraints to providing mobile coverage in regional areas
  • improve community resilience to emergency events through improved regional mobile service.

The RDCP program objectives align with relevant whole-of-government strategic objectives

There are several whole-of-government strategies that seek to guide government investment in digital infrastructure. While there is no document setting out the overarching objectives of the RDCP, the objectives set out for the mobile coverage program and the Gig State program align with these whole-of-government objectives.

The objectives align with the 2018 and 2021 ‘20 Year Economic Vision for Regional NSW’. For example, the 2018 ‘20 Year Economic Vision for Regional NSW’ sets out principles for regional NSW investment, including ‘Affordable, reliable and fast internet to support people and businesses.’

The RDCP sub-programs also align with the 2018 and 2022 State Infrastructure Strategies. In particular, the 2018 strategy has a set of recommendations around improving connectivity across NSW and another set of recommendations around investing in technology that improves productivity and social outcomes. One of the roles of the Gig State program is to help to implement the 2018 strategy’s recommendation to support statewide access to 50Mbps download and 10Mbps upload capacity by 2025. These speeds are specifically stated in the Gig State grant guidelines as an eligibility requirement for funded programs.

Both sub-programs of the RDCP also align with the NSW Connectivity Strategy. The NSW Connectivity Strategy has two directions of particular relevance: ‘All customers have metropolitan equivalent digital capacity’ and ‘Connectivity blackspots continually decrease across the State’. The first of these objectives has three strategic directions which are directly relevant to both the Gig State program and the mobile coverage program:

  • remote, rural and peri-urban citizens can access and effectively use digital systems and services for employment, justice, education, health, social, personal and entertainment use
  • Aboriginal and Torres Strait Islander communities have equitable access to connectivity that meets their local community needs
  • connectivity services are affordable for citizens no matter where they live, with access to a choice of providers.

Elements of both the Gig State and mobile coverage programs align with these, including the focus on expanding access and affordability.

In regard to regional Aboriginal communities, the RDCP may also contribute to the NSW Closing the Gap Implementation Plan, as the merit criteria in the grant guidelines for mobile coverage and Gig State grants include the extent to which the project will contribute to sustainable procurement and employment outcomes, including supporting Aboriginal businesses and employment. The criteria for prioritising locations for mobile coverage also includes extending coverage to discrete Aboriginal communities as something which could improve the score given to an application. However, this is not set out as an explicit objective of the program.

The department has not set out an overarching investment strategy for the RDCP to address potentially conflicting priorities or identify situations where funding may not align with program objectives

As noted above, the overall objectives of the RDCP have not been defined. The department does not have an overarching strategy setting out program objectives, how funding will be aligned with these objectives, and how the objectives will be prioritised. It is important to set out funding principles to establish how the elements of the stated objectives will be delivered and prioritised. Not setting these out risks funding decisions that do not align with program objectives.

As noted above, the mobile coverage ASP pilot business case lists two objectives around addressing mobile black spots and promoting consumer choice in the delivery of mobile services. These objectives may be potentially in conflict as expanding coverage can be done by funding one carrier to expand their own network, while promoting consumer choice could conceivably be done by funding a carrier to expand their network into areas already covered by only one existing carrier, thus increasing competition in those areas.

The department has not set out the relative weighting of its objectives across the RDCP funding packages and how it will prioritise funding in accordance with them. An overarching strategy would assist the department with prioritising funding in accordance with the objectives of the program, including determining the relative weight of each objective.

In addition, the department has not described the extent to which price reductions in the cost of internet will be prioritised as an objective of the Gig State program. The Gig State business case sets out that one of the objectives of the program will be to provide metropolitan equivalent or better service, quality and pricing for internet services in regional areas. It is unclear how internet pricing fits into the overarching objectives of the RDCP given that it is not mentioned as an objective of the SHLF. There would be value in setting out strategic investment principles and objectives to guide this decision-making and clarify the extent to which internet investment is intended to fulfil this purpose.

A lack of clarity about program objectives may also have impacted decisions about funding priorities. For example, the Gig State program business case sets out a plan to invest in Low Earth Orbit (LEO) satellites through a subsidy program. As noted above, the Gig State business case sets out some objectives for the RDCP, including leveraging government assets. While an investment in LEO satellites through subsidies may assist with bridging the digital divide, it is not clear how this aligns with the objective of leveraging government assets. More clarity over program objectives and a clear investment strategy may assist with clarifying this and similar investment decisions in future. As discussed below, the investment in LEO satellites did not proceed.

The department comprehensively identified priority areas that require improved mobile coverage for the mobile coverage program

As outlined above, the final business case for the mobile coverage ASP pilot program identifies three objectives for the mobile coverage program, including addressing the digital divide between metropolitan and regional NSW, and resolving market failures in regional NSW telecommunications. The department identified priority areas for improved mobile coverage in line with these objectives. The department refined its approach to prioritising locations for the mobile coverage ASP main program which resulted in a more comprehensive analysis of potential sites.

The department developed and implemented a structured process using a range of criteria to identify and prioritise suitable locations for funding. Before allocating funding to its mobile coverage program, it was necessary for the department to determine areas that required additional mobile coverage. The department undertook this work for both its mobile coverage ASP pilot program and the ASP main program as part of designing the grant programs. A key source of information it relied on for identifying priority areas for the pilot program was the Australian Government’s National Mobile Black Spot Database. The database identified around 4,000 mobile black spot locations across NSW. This database is no longer in use as it relied on community reports of mobile black spots which were unverified.

For its mobile coverage ASP pilot program, the department applied a series of filters to the mobile black spots identified in the database. It removed metropolitan areas, areas within a 10km radius of an existing mobile tower site, and areas that had already been selected for funding under either Commonwealth or State funded programs, such as the Connecting Country Communities Fund. This left the department with a list of around 1,200 potential sites.

The department then mapped the 1,200 identified black spot sites to their respective 383 unique locations and assessed and prioritised the mobile black spots and locations against a range of economic, community and feasibility criteria. Under the economic criteria, the department prioritised areas that had higher numbers of employed persons and higher proportions of land being used for agriculture or farming. Under the community criteria, the department prioritised areas based on the increase in the population that would benefit from expanded coverage, the increase in Aboriginal and Torres Strait Islander people that would benefit from the coverage, the increase in the kilometres of highway and main roads that would benefit that were within five kilometres of a mobile black spot, and areas with more square kilometres prone to bushfires or flooding that would benefit. Under feasibility criteria, the department prioritised areas that were closer to government and nbn infrastructure. This process resulted in 50 prioritised locations containing 307 black spot sites across 34 Local Government Areas in NSW.

For its mobile coverage ASP main program, the department undertook a detailed coverage analysis to identify locations with no and limited mobile coverage. It identified these using the latest publicly available coverage maps from the three mobile network operators and the distance of locations from existing sites/towers as published by the Australian Communications and Media Authority and the Radio Frequency National Site Archive databases. Using this data as the key source of information in determining mobile coverage resulted in a more comprehensive outcome than relying on the National Mobile Black Spot Database. The department did not use the National Mobile Black Spot Database, as this information was considered unreliable and had not been updated since 2018, and the coverage maps were more reliable.

The analysis focused on locations with small populations, road corridors, and tourism locations. It identified 257 locations with no or poor coverage consisting of 68 small population locations, 117 road corridors and 72 tourism locations. The department then analysed these possible locations against a range of criteria. These included maximising the number of people and businesses that would be supported, increasing the extent of existing coverage, determining whether coverage would support government strategies or Premier’s Priorities, other positive social impacts, focusing on the greatest length of road and most heavily used roads, and maximising the number of tourism businesses and points of interest impacted.

The department conducted analysis based on these criteria and shortlisted 24 small population locations, 24 road corridor locations and 12 visitor economy locations. These locations were taken forward for concept design, cost estimation, and economic and financial appraisal as part of the final business case.

The department’s initial approach to prioritising Gig State funding was based around larger regional centres

The department undertook a two-stage process for identifying priority areas for Gig State program investment. The first involved the identification of larger NSW towns that would benefit from additional internet coverage and where data centres could be located, and the second involved a selection of more remote locations to receive additional funding.

The department did not undertake an initial detailed analysis of internet coverage across NSW to prioritise funding for the Gig State program. Undertaking this work would have been in line with the Gig State program objectives of addressing the digital divide between metropolitan and regional NSW and resolving market failures in regional NSW telecommunications. In order to meet these objectives, it was important to first establish the extent of the digital divide and market failure before seeking to resolve it.

Instead, it categorised NSW towns according to their relative size and importance from a connectivity perspective. It prioritised towns with larger populations and more business users to maximise the potential benefit of the infrastructure. The department also prioritised locations that were closer to other telecommunications infrastructure, and it also considered proximity to other potential elements of the Gig State network for greater connectivity and to ensure that it was taking a whole-of-State approach to investment decisions. This process identified 14 major regional towns.

The department then prioritised two of these regional towns, Dubbo and Wagga Wagga, due to the higher prices paid by NSW Government agencies in the two locations for average internet bandwidth usage when compared to other regional and metropolitan population centres across NSW. The costs to government were considered a proxy for how much business users are likely to be charged for connectivity services in regional NSW towns. The department conducted surveys in both towns indicating that business users were paying higher prices than their metropolitan counterparts for higher-grade connectivity. This aligned with the department’s Gig State program objectives which related to providing price, quality and choice.

The department also included five satellite towns along the road from Dubbo to Cobar (Cobar corridor) in the Gig State final business case as well as the towns of Wamboin, Bywong and Sutton. The department’s prioritisation of funding for these locations was not based on any detailed analysis of need. The department identified that as part of its initial plan to expand the internet connectivity from Dubbo to Cobar, it would be able to connect a number of towns between those two at a reduced cost. There was no analysis of alternative options for expending this money, such as expanding coverage to other areas, or to determine the extent of coverage required in each town. The Wamboin, Bywong and Sutton project was prioritised as a result of a $5 million NSW Government commitment. This project is discussed further below.

The department strengthened its approach to targeting Gig State funding in 2021

The department reviewed and updated its approach to the Gig State program in September 2021. As part of this, it revised its approach to targeting funding, including the use of additional data and identifying areas with greater digital connectivity issues. This represented an improved approach compared to the original business case and aligned more closely with the changes that were made to the Gig State program in 2021, outlined in the Gig State addendum, which focussed more on the delivery of fixed wireless services rather than data centres.

The department carried out an analysis of areas that only have satellite internet coverage (i.e., no fibre or fixed wireless internet availability) to identify areas suitable for different types of technology such as fibre optic cables, fixed wireless and LEO satellites. This was more in line with the Gig State program objectives of addressing the digital divide and resolving market failures. It identified that these locations had challenging digital connectivity issues that were not likely to be resolved without government intervention. This process identified around 1,000 locations. This list was then refined by looking to maximise the number of premises and businesses, maximising the density of premises, prioritising locations with other Government assets, mobile sites and other technology available in the area, and locations close to an existing exchange to leverage existing infrastructure.

The location list was then prioritised based on scoring criteria for economic drivers, feasibility, risk and stakeholders. The economic criteria included the number of residential and business premises, the number of businesses, and the estimated construction costs for the infrastructure. The feasibility criteria included availability of existing and planned infrastructure. Stakeholder related criteria included identifying synergies with other government led programs, as well as sites that scored low on Australian Digital Inclusion Index (ADII) scores and the Socio-Economic Indexes for Areas. These criteria are appropriate and align with the objectives of the Gig State program.

The department’s process resulted in a list of 23 prioritised areas. These were generally areas with a higher density of premises and affordable access to infrastructure for power supply and data transmission.

The department considered socio-economic data when planning for Gig State and mobile coverage programs but did not use this to inform its pilot mobile coverage program

NSW Government Business Case Guidelines (TPP18-06) state that one of the main reasons for government action is promotion of equity where the distribution of economic costs and benefits is considered inequitable. It is therefore important for the department to consider socio-economic data in the planning of the RDCP.

The department has included some socio-economic data and ADII scores in the profiles it developed for each Local Government Area. It applied socio-economic data to identify additional priority areas for new and improved internet coverage through the Gig State program. However, it did not apply this data to identify priority areas across the pilot mobile coverage program of the RDCP. It improved its approach when developing the ASP main program by including socio-economic data as a component of its scoring for prioritising locations.

The department considered socio-economic data when selecting locations for grant funding. The mobile coverage grant guidelines and the Gig State grant guidelines both include merit criteria that consider whether the proposed solution would address disadvantage within a community. Both guidelines ask the grant applicants to consider the Index of Relative Socio-economic Advantage and Disadvantage.

The department engaged with key stakeholders when developing the RDCP

Under TPP18-06, NSW Government departments are required to identify and consult with key stakeholders as they can contribute to the development of the investment proposal by providing their expert opinions, research, and evidence.

The department identified key stakeholders, developed stakeholder engagement plans, and used feedback gained through consultations to design and adjust the RDCP. Key stakeholders have been involved on the RDC Steering Committee and the RDC Project Control Group ensuring that they have an avenue to provide input into the overall RDCP. This includes the Commonwealth department responsible for telecommunications infrastructure and telecommunication providers.

The department engaged with stakeholders when developing the ASP pilot program. As discussed below, the department transitioned the program from a one-stage pilot program, where telecommunication providers would be procured to provide the solution, to a two-stage program where the department would first work with telecommunication providers to identify technical solutions and then carry out the procurement. This involved significant engagement with stakeholders to identify the technical solution and procurement model.

The department has assessed the suppliers of internet and mobile connectivity to determine their capacity and willingness to participate in RDCP sub-programs

As part of procurement planning, when building a business case, NSW Government agencies are required to analyse and engage with the market. This involves developing a profile of the market, the capabilities of suppliers, innovative and emerging technology, and factors that influence the market such as customer preferences and competition.

The department considered the capacity of telecommunications suppliers, their level of interest, and willingness to participate in the program when developing the business cases for its mobile and internet coverage programs. In addition to doing this when constructing initial business cases, the department adjusted its approach when market factors changed, as evidenced by the changes it made to its Gig State program in 2021. In September 2020, the nbn announced an expansion of its fibre network nationally, with a focus on regional improvements. This meant that internet coverage for some of the locations included in the Gig State business case would be addressed by nbn and continued investment was not needed in those areas. The initial Gig State business case also planned an initial investment in data centres in regional NSW. Following this, a private market operator also announced plans to construct 14 regional data centres across NSW. This meant that the planned Gig State data centres were no longer required. The department changed it approach to avoid duplication by ceasing its planned internet coverage expansion into regional centres, including the data centres, and prioritising a range of new sites for coverage.

Conflicts of interest and probity procedures have largely been followed, although there were some gaps in declarations

Maintaining a record of conflict of interest declarations is important to provide a higher level of transparency, and therefore control, over officials in high-risk roles. Disclosing an interest before it becomes a conflict of interest also reduces the likelihood that an official will be tempted to conceal or favour the interest.

Conflict of Interest declaration forms have been completed for staff involved in the mobile coverage program, Gig State program and the Australian Government co-funded Regional Connectivity Program Round 3 (RCP3) and Mobile Black Spot Program Round 7 (MBSP7). Whilst the list of declarations is extensive, it is unclear whether it includes all relevant staff from the department, the NSW Telco Authority and consultants involved with the program.

In relation to the mobile coverage and Gig State programs, there was no declaration recorded for one consultant and three staff from the department, including the program sponsor. These omissions have the potential to create risks that conflicts of interest go unmanaged. The department advises that the register is now complete for all those working directly on the program. It also advises that, due to the breadth of programs senior staff oversee, conflicts of interest are managed by the department's Governance team centrally through a Declarations App.

Four declarations of a ‘real, potential or perceived conflict of interest’ were made under the RCP3 and MBSP7 grant programs, which were co-funded with the Australian Government. No declared conflicts were made for the other programs. The identified conflicts of interest have documented actions to manage them, and there is evidence to indicate that these were implemented. For example, a senior staff member and a consultant excluded themselves from parts of a grant process due to declared conflicts.

The NSW Grants Administration Guide states that officials must seek probity advice for all grant opportunities that are complex, high-risk or high-value, to support the design, application, assessment and decision-making phases. The department followed appropriate probity processes throughout and these probity reports did not find any material breaches of probity in the grant processes.

There have been delays in all streams of the RDCP which may have been reduced through proactive project and risk management

The business cases set out expected timelines for each program of the RDCP. The department has not met any of these expected timelines, with some projects delayed by over a year compared to their initial planned timelines. Some of these delays have been caused by changes to the department’s approach to the mobile coverage and Gig State business cases. While some of these changes were outside of the department’s control, others could have been anticipated and better managed by a stronger approach to project management and risk management.

Exhibits 1 and 2 set out the status of each Gig State and mobile coverage project reviewed as part of this audit as at April 2024 and the planned completion date for that project at the outset of the program. Note that this does not include projects co-funded by the Australian Government due to the department’s limited ability to influence the process. This also excludes projects which have not yet distributed funding, such as the mobile coverage ASP main program.

Exhibit 1: Status of Gig State projects as at April 2024.
ProjectCurrent statusPlanned completion
Cobar corridorSolution designJune 2022
NBN fixed wirelessFeasibility studiesEarly 2024
Other provider fixed wirelessContract negotiationEarly 2024
Wamboin, Bywong and SuttonConstruction (paused)

Original business case:
June 2022

Gig State addendum:
Mid 2023


Source: Audit Office analysis.

Exhibit 2: Status of mobile coverage projects as at April 2024.
ProjectCurrent statusPlanned completion
Snowy Mountains Highway Safety programCompleted March 2023Early 2022
Active Sharing Partnership pilotConstructionJune 2023

Source: Audit Office analysis.

As can be seen from Exhibits 1 and 2, each project in the RDCP has been delayed past its initially planned completion date, and the Wamboin, Bywong and Sutton project has been delayed past both its original planned completion date and also the revised completion date in the Gig State addendum.

Some of these delays can be accounted for by the fact that the department revised its approach to both the mobile coverage ASP pilot and the Gig State programs. While some of these changes were outside of the department’s control, others could have been anticipated and managed by more proactive risk management. In the case of the mobile coverage program, some of this change in approach may have been foreseeable. The March 2021 mobile coverage ASP pilot business case set out a one-stage tendering process with construction planned for completion in June 2022. The department revised this approach in July 2021, when it changed to a two-stage process involving a technical stage and then a grant process. This was the result of additional research by the department that identified that the market may not have sufficient interest in the initial proposed approach. Undertaking this additional research earlier may have allowed for this alternative approach to be identified sooner.

In addition, the department only allowed two months in the business case for contract negotiations with providers for the mobile coverage ASP pilot program, however this has taken a significantly longer time and in one case has been ongoing for over twelve months. Given the complexities of the funding deed negotiations, this may also have been foreseeable. The department advised that some delays in the mobile coverage program can be attributed to the proposed merger of major mobile network operators which delayed funding deed negotiations.

As with the mobile coverage program, the Gig State program was also delayed by a change in approach, though this was driven by market changes. As part of the original Gig State business case, the department intended to deliver data centres in regional NSW, as well as expanding internet coverage. The business case was approved in December 2019 and the department intended to complete the Gig State program in June 2022. Little progress had been made by the time that the Gig State program underwent a significant change in scope following a review in September 2021. The department removed some aspects of the original business case, such as the construction of data centres in regional NSW, and changed the approach to other parts of the business case. The revised business case, called the Gig State addendum, delayed the planned delivery date of some projects into 2022.

The most significantly delayed sub-program has been the expansion of internet access to the towns of Wamboin, Bywong and Sutton as part of the Gig State program. In January 2019, the NSW Government announced $5 million of funding to provide internet access to these towns. The department ran a tender for this work in mid-2021 with a plan to start construction in late 2021. However, this tender resulted in no contract being awarded due to no providers being willing to provide the project within the proposed $5 million budget. The department started working on technical solutions with providers in late 2021 and gave them until May 2022 to identify solutions and potential budgets. The contract for Wamboin, Bywong and Sutton was executed in June 2022, with an expected completion date of June 2024, though given delays with construction this date will not be met. As discussed below, if the department had provided better advice to Government on the expected costs at the planning stage, it may have reduced the delays in this sub-program.

The department has not effectively managed RDCP timelines

The department has provided limited evidence of effective project management in place to monitor overall progress against program timelines, such as regularly updating a detailed project plan. The department may have identified and managed the above delays sooner through a stronger project management approach.

The department set out timelines at the outset of each of the sub-programs. This was not always done in detail but for all the sub-programs at least key milestones were mapped. While this was done at the outset, there is no evidence that the department regularly updated timelines across the various sub-programs to ensure that these projects were on track and to monitor expected completion dates.

The department provided regular updates on project status to relevant governance committees. This included providing information on upcoming milestones and associated delays. However, holistic monitoring of program completion dates and the impact of delays on subsequent milestones was not presented to the governance committees. As a result, there has been little monitoring and oversight of how projects are tracking against their target end dates.

Gaps in the governance framework have limited the oversight of the implementation of the RDCP

There are three key committees that oversee the implementation of the RDCP: the SHLF Steering Committee, the RDC Steering Committee, and the RDC Program Control Group. These three committees are intended to provide oversight of the implementation of the RDCP, however there are deficiencies that limit the effectiveness of their oversight.

The SHLF Steering Committee is intended to provide oversight of all programs funded through the SHLF, including the RDCP. Despite an intended meeting schedule of quarterly, the committee only met once in 2023 and three times in each of 2021 and 2022. While the Committee did receive reports on each of the programs funded through the SHLF at these meetings, this reporting did not identify any key risks for these projects that might affect achieving the objectives of the SHLF. This reduces the level of oversight that the SHLF Steering Committee can provide for these projects.

The RDC Steering Committee provides oversight of the RDCP and is intended to act as an escalation point for key issues in the program. While the committee receives regular reports on the components of the RDCP, including on program risks, there are some gaps that limit the oversight it can provide. The committee operated throughout 2021, 2022 and 2023 without finalised terms of reference, which were finalised in February 2024. Prior to this, it was unclear how often the RDC Steering Committee was intended to meet, but it met only four times in 2023 compared to six in 2022.

The RDC Steering Committee terms of reference include a role for the committee in making key decisions around program strategy and implementation. Prior to 2023, the committee was involved in many key decisions. For example, in 2022 it endorsed decisions around the ASP pilot grant guidelines. By contrast, a review of meeting minutes since the start of 2023 shows that the RDC Steering Committee has not made decisions or provided endorsements for any key decisions. The committee was not involved in endorsing the MBSP7 and RCP3 grant guidelines in 2023 and was not involved in strategic decision-making about the budget reprofiling in 2023 and the decision to remove the LEO satellite pilot from the Gig State program scope.

The RDC Program Control Group did not have terms of reference until February 2024. The purpose of the RDC Program Control Group is to oversee and support the strategic direction and implementation of the RDCP. This should be carried out through regular meetings and reporting, however the control group only met six times in 2023 despite an intention that they would meet monthly. The expected meeting frequency has since changed to every six weeks.

The RDC governance committees routinely discuss risks, but the department did not identify or mitigate all key risks at the outset of the program

The department has a structured approach to risk management for the RDCP, though this risk management approach has not always succeeded at mitigating key risks. The RDCP program team identified a number of key risks at the outset of each program and designed mitigations for them. In addition, the RDC Steering Committee and RDC Project Control Group both receive risk reports and discuss risks at meetings where appropriate. This reporting indicates a proactive approach to risk management throughout the program.

However, not all key risks were successfully mitigated or identified at the outset of the program. For example, one of the key causes of delays with the mobile coverage program has been protracted contract negotiations. Despite the fact that the program team understood the complexities of the mobile contract negotiations that would be required, this was not identified as a risk at the outset of the program. Later in the program this was identified by the RDC Program Control Group and Steering Committee as a key risk. While the risk was identified, it was not sufficiently mitigated, as demonstrated by the delays that resulted from the contract negotiations.

Other risks were not identified at the outset of the program. For example, the Snowy Mountains Highway Safety program was delayed due to the need to get development approval from the National Parks and Wildlife Service. There is no separate risk register for the Snowy Mountains Highway Safety program, and the potential for delays due to approval processes is not mentioned in any of the overall mobile business cases. Stronger initial project management may have allowed for this to be identified.

The Wamboin, Bywong and Sutton internet coverage program has been delayed numerous times throughout the course of its delivery. One of the key delays in 2023 was that, after the contract was signed and building works had commenced, it was discovered that challenging ground conditions with a higher than anticipated rock concentration around the towns was delaying construction. Potential delays from construction issues were not foreseen in the Gig State program risk register. While the specific issues relating to ground conditions may not have been easily foreseeable at the outset of the program, the department’s evaluation of potential providers in 2021 noted that rock was present and could have an impact on the cost of the program. It is reasonable to expect that this would have led to additional risk mitigation at the time, detailing the potential impact of the rock concentration on both cost and timelines. When the issue was eventually discussed in the RDC Project Control Group in 2023, the only mitigation for the risk was to review and monitor the existing and future schedule. This was not sufficient to mitigate the risk.

The department conducted cost-benefit analyses for all RDCP sub-programs, but did not implement the element with the highest return on investment

The ‘NSW Government Guide to Cost-Benefit Analysis’ requires that a cost-benefit analysis (CBA) be undertaken for capital, recurrent or ICT projects valued at more than $10 million. Undertaking a CBA provides a benefit-cost ratio (BCR) which helps to determine if a program will provide a net benefit to the people of New South Wales. A BCR greater than one indicates that the benefits will exceed the costs. For programs funded through the SHLF, such as the RDCP, there is no requirement for a program to achieve a BCR of greater than one.

The department conducted a CBA for the Gig State and mobile coverage programs, as well as all the sub-programs under both programs, including revising the CBA for the Gig State program after it was reviewed in late 2021. The BCR for the mobile coverage and Gig State programs are shown in Exhibit 3. Only the Gig State initial business case achieved a BCR of one, meaning that it delivers benefits equivalent to its costs. However, when this program was amended in 2021, this BCR reduced to 0.62. When combined, the RDCP does not have a BCR greater than one, meaning that it represents a net cost to New South Wales. However, as noted above, there is no requirement for the RDCP to reach a BCR of one.

Exhibit 3: BCR for each RDCP program.
Business CaseBCR
Mobile coverage project pilot0.59
Mobile coverage ASP main program0.19
Gig State1.00
Gig State addendum0.62

Source: Department of Regional NSW.

The highest BCR was calculated for the planned investment in Low-Earth Orbit (LEO) satellites which is an element of the Gig State addendum, but this investment did not go ahead. LEO satellites can be used to provide digital connectivity to isolated properties. They sit closer to the Earth’s surface than a geostationary satellite and can transmit data with lower delay and improved connectivity. This LEO satellite pilot was identified to deliver a BCR of 2.62, including approximately 40% of the benefits attributable to the Gig State addendum. The Gig State addendum anticipated that the pilot would commence in 2022, however the department did not proceed with this. The 2023 budget reduced the funding for the Gig State program, and the department decided to discontinue the proposed pilot. The department advises it plans to revisit the LEO satellite project in mid 2025.

The RDCP’s grant guidelines largely comply with mandatory NSW Government requirements

In September 2022, the NSW Government released the revised ‘Grants Administration Guide’ (the guide) which, among other things, sets out mandatory requirements for NSW Government grant guidelines. Premier’s Memorandum ‘M2022-07 Grants Administration Guide’ makes it mandatory for agencies to follow the requirements of the guide for all grants released from 19 September 2022.

The guide states that clear and consistent grant guidelines must be prepared that contain the purpose and objectives of the grant, selection criteria (comprising eligibility and assessment criteria) and assessment process, grant value, opening and closing dates, application outcome date, the source agency, and the decision-maker.

The department developed grant guidelines for grant schemes funded by the RDCP. The guidelines explain the application and selection process, eligibility criteria and assessment criteria, and key dates. These include:

  • Mobile Coverage Project – Active Sharing Partnership Grant Guidelines (September 2022)
  • Gig State Grant Guidelines (October 2022)
  • NSW Government Co-Investment in RCP3 and MBSP7 Program Guidelines (July 2023).

The guidelines for these three grant programs largely align with the requirements of the guide, but there were some gaps. The ASP pilot and Gig State program guidelines both note the contact person for complaints, but the RCP3 and MBSP7 guidelines do not state this. While the RCP3 and MBSP7 guidelines set out the relevant decision-maker and the role of key individuals in the assessment process, the guidelines for the ASP pilot did not identify the decision-maker and the Gig State Grant Guidelines did not provide the membership of the assessment panel making the recommendations.

The department’s grant programs were designed to target identified priority locations

Across the RDCP sub-programs, the department designed grant programs in a way that targeted funding towards its priority locations and other locations that met its eligibility criteria. The department has not been prescriptive about locations that would be funded through grant programs, but designed the programs in a way that encouraged providers to co-fund either the target locations or those that fit the criteria that the department was interested in funding.

For the Gig State grant program, the department released a list of preferred locations to potential applicants. The grant guidelines make clear that any proposals to build infrastructure to provide coverage to these areas would be given preferential treatment. The merit criteria are also aligned with this as the department awarded additional points for providing coverage to the target areas. Locations outside the preferred list were also eligible, provided they met the grant program’s objectives and eligibility criteria.

Similarly, for the mobile coverage ASP pilot program, the department released a list of preferred locations to potential applicants. The grant guidelines similarly encouraged potential applicants to follow this target list, both in terms of eligibility and also in terms of the way that the grants program provided additional points for providing coverage to the target areas. In addition, applicants could consider locations outside of the preferred list provided they met the grant program’s objectives and eligibility criteria set out in the grant guidelines.

For the co-funding opportunity with the Australian Government’s RCP3 and MBSP7 programs, a list of target locations was again provided. Applicants could consider locations outside of the target locations provided they were still eligible under Australian Government requirements for the RCP3 and MBSP7. Alternative solutions that provide mobile coverage on road corridors and mobile solutions for First Nations communities in other remote and very remote NSW locations could also be considered, however, funding was to be allocated to target locations and target transport corridors as a priority.

The department was not able to demonstrate a similar approach for the co-investment in the Mobile Black Spot Program Round 5A. The Australian Government developed eligibility criteria for the program, which align with the department’s mobile program objectives.

The department has selected grant recipients in line with its funding priorities

The department developed grant guidelines and an assessment methodology for the Gig State program and the ASP pilot program to guide its assessment panel, and applicants, through the process. The department assessed the applications for the Gig State and the ASP pilot grant programs against the eligibility and merit criteria contained in its guidelines, and in accordance with its assessment methodology. This resulted in the department funding locations that aligned with its target locations or areas that were in line with the purpose of each grant opportunity.

For the Gig State grant program, the department determined that projects were to be located in one of the 93 regional NSW Local Government Areas (LGA) identified in the grant guidelines. Eligible locations were in areas where internet access was via satellite services only and there were no committed or planned projects for fixed services in the area. The assessment panel for the Gig State grants recommended projects in 34 eligible locations from four applicants, for funding totalling $58.3 million (excl. GST), intended to bring improved connectivity to around 13,900 premises.

For the ASP pilot program, eligible locations were areas of regional NSW, where there was no existing handheld coverage provided by any Mobile Network Operators (MNO) or existing handheld coverage was provided by only one MNO. The assessment panel for the ASP pilot grants recommended 32 projects for funding totalling $30.4 million (excl. GST), intended to improve mobile coverage across ten regional LGAs. All other projects were considered not suitable for funding or ineligible.

The department provided a list of preferred locations for both grant programs. Applicants received a marginally higher score against assessment criteria if they put forward a preferred location but the location they identified could still be accepted if it was not in a preferred location but met the eligibility criteria. Funding was allocated to the majority of the Gig State program preferred locations identified in the Gig State business case addendum, but funding was allocated to only two of the 23 preferred locations identified in the business case for the ASP main program.

For the grants co-funded by the Australian Government (RCP3 and MBSP7), the department prioritised and selected grant recipients based on whether they met the eligibility criteria. It developed an assessment methodology to guide the assessment panel through this process. A probity advisor was present at both assessment panel meetings.

The department intends to further verify the RCP3 and MBSP7 application’s compliance with the RDCP objectives and eligibility criteria, following the assessment of applications by the Australian Government. Once verified, deeds will be negotiated and issued.

The department did not advise Government on the full cost of the Wamboin, Bywong and Sutton project, leading to a protracted and difficult process

The department’s process for awarding the grant to construct a fibre network for internet connectivity in the Wamboin, Bywong and Sutton regions was complex. The department appears to have estimated the initial costs of this program to be significantly higher than the funds allocated to the project. The department did not advise Government of this, and conducted the tender process based on the budget of $5 million committed by the Government. This budget proved insufficient, and the department had to request additional funds to contract the project. Not providing this advice to Government at an earlier stage means that the process which followed was more complex and protracted than it may have been if the department had provided this advice.

In January 2019, the NSW Government announced that it would provide $5 million to upgrade internet in the Wamboin, Bywong and Sutton region based on costings undertaken by a local community organisation. The department included this cost in the Gig State business case in December 2019 and also the Gig State addendum in September 2021. Documentation from late 2020 indicates that the department conducted an initial estimate that the full cost of the Wamboin, Bywong and Sutton project would be up to $16.3 million. It is unclear whether this was conducted before the Gig State business case was completed. The department was unable to provide the analysis that led to this initial cost estimate to the audit team. However, this indicates that the department was aware that the cost of the project would be greater than $5 million but did not provide this advice to Government. The additional cost was to be funded from the remainder of the Gig State business case.

In mid-2021, the department commenced a tender process with a budget of $5 million in January 2021. Only two applicants responded to this initial request for tender, and only one was evaluated as meeting the technical and construction requirements of the project. The cost estimates provided in the complying tender response were significantly higher than $5 million. As a result, the department did not award a contract following this tender.

The department then planned to undertake an in-depth analysis into alternative technology options. It noted the most promising option in terms of speed of delivery, quality of service, and value for money was LEO satellites. The department was unable to provide a copy of this analysis and so it is unclear the extent of the work undertaken to find alternative solutions for Wamboin, Bywong and Sutton rather than the construction of a fibre network to the premises.

After the initial market approach resulted in no contract being awarded, the department altered its procurement approach. A closed Expression of Interest (EOI) was sent to both respondents to the request for tender in November 2021 seeking a recommended technical solution, a proposed delivery method and timeframes. Both respondents achieved satisfactory scores for the EOI and were invited to submit a detailed design. As the department had determined through the tender process that the budget of $5 million was insufficient to ensure that it could provide internet services across the Wamboin, Bywong and Sutton region, the budget limit for the procurement was increased.

Both respondents submitted a detailed design and in May 2022 the department received approval to negotiate. The unsuccessful respondent scored marginally higher against the selection criteria. However, the assessment team considered that their proposal contained too much unmitigated risk. In May 2022, the department received approval to proceed to the negotiation phase with the successful proponent. Following this negotiation, a $9.5 million grant was awarded to the successful respondent to connect 1,352 premises. Around 140 premises were not included in the scope due to the significantly higher costs in connecting these premises.

The project cost has since increased to over $12 million, in part due to challenging terrain and ground conditions. Additional funding of around $1.7 million was also approved to connect an additional 134 properties that were identified during the detailed design phase. The department advises that these were initially missed due to boundary changes, incorrect council records and quality issues in the geospatial databases. It indicated that this is a separate group of properties to the 140 premises that were excluded due to higher connection costs.

The fact that the Wamboin, Bywong and Sutton project has a total cost of over $12 million, more closely aligned with the department’s internal cost estimate, indicates that fully advising Government of the costs may have saved significant time in the delivery of the project.

The department monitors the progress of its grant agreements but has not formalised its acquittal process

The department receives progress reports and milestone reports from grant recipients to assist in monitoring the progress of RDCP projects and assess if works provided match the requirements listed in the grant funding agreements. It also advises it has regular meetings with grant recipients, although no minutes are kept of these meetings.

The projects that have progressed to the construction phase are:

  • Mobile coverage to Brewarrina and Wilcannia through the mobile coverage ASP pilot
  • Improved internet to Wamboin, Bywong and Sutton.

The department receives regular progress reports for both projects, including some photographs and technical drawings. The reports provide information on progress against milestones and any changes to expected completion dates.

The department receives quarterly progress reports on improved internet for the Cobar corridor and the 56 other sites scheduled for fixed wireless internet, which are yet to progress to construction. The current scheduled completion date is March 2025. It also receives monthly reports on progress with mobile towers it is co-funding with the Australian Government as part of the Mobile Black Spot Program Round 5A.

The department provided few acquittal process documents or milestone acquittal documents, apart from the site qualification report for the Cobar corridor and its evaluation of the detailed design for the Wamboin, Bywong and Sutton project. The department advises it has an acquittal process in place for processing milestone reports, however it is yet to formalise this process. The three projects which have progressed enough to require acquittal are Wamboin, Bywong and Sutton, Wilcannia and Brewarrina, and the Cobar corridor.

The department has provided funding deeds for each project it has funded. Whilst the deeds include milestones, they do not include the dates for each milestone making it more difficult for the department to track the progress of each project.

The department’s approach to reporting its expenditure on consultants is inconsistent and does not always meet reporting requirements

Under the Annual Reports (Departments) Regulation 2015 agencies are required to report any consultancy engagements over $50,000 in their annual reports. The NSW Procurement Board Direction PBD-2023-05 Engagement of professional services suppliers defines a consultancy agreement as a type of professional services agreement where a person or organisation is engaged to provide recommendations or professional advice to assist decision-making by management.

The department has several professional services agreements as part of the RDCP, some of which are consultancy engagements within this definition and some of which contain elements of the contract that would be considered a consultancy agreement. For example, one of the major consultancy agreements involves providing strategic advice across the Gig State program, as well as providing advice on market engagement, and reviewing technical advice. This aligns with the definition of a consultancy agreement as the contracted organisation is providing professional advice to assist decision-making by management.

The department has not reported any of its agreements used as part of the RDCP in its annual reports, despite having several agreements that exceeded the $50,000 threshold which may fall into this definition.

The department advises that the agreements are categorised in the General Ledger as contractors and as such, are not required to be reported in the Department’s Annual Report. This interpretation is not in accordance with NSW Treasury and NSW Procurement Board requirements. It also identifies one contracted consultant as a ‘consultancy’ in its contract variation documentation but has not reported this expenditure in its annual reports.

Further, the department has not applied its interpretation consistently. For example, it has reported the preparation of some strategic and business planning documents as consultancies in its annual reports and not others.

The department is not monitoring the outcomes of the RDCP

Measuring outcomes of a program is important to determine whether that program is fulfilling its intended purpose. While many elements of the RDCP are still at an early stage, there is value in monitoring the outcomes of those elements which have completed construction to inform project implementation. There are no outcome measures for the effectiveness of the RDCP as a whole, and only limited measures for the mobile and Gig State programs. The department has the following outcome that it has set out for the Gig State program:

  • Improve the digital connectivity (accessibility) in rural and remote NSW communities.

When developing the final business case for the Gig State program, the department utilised the ADII scores to identify the digital divide between Metropolitan Sydney and rural NSW. The ADII uses data from the Australian Internet Usage Survey to measure digital inclusion across three dimensions of access, affordability and digital ability. While the department utilised the ADII to determine the baseline for accessibility of digital connectivity in regional and remote NSW communities, the department is not using the ADII to measure whether the program has led to improvements in these communities. This limits the department’s ability to determine whether the RDCP has met its objectives.

At the time of the Gig State business case being developed, rural NSW ADII scores were reported, allowing the department to utilise the figures as a baseline, but since 2020 these are not publicly reported. The department is in the process of determining how it can use ADII scores to measure the performance of the program over time.

In addition to the Gig State program outcome measure, the department has one outcome measure for its mobile coverage program:

  • Square kilometres with improved mobile coverage in regional NSW.

This outcome measure will not allow the department to understand the impact of the RDCP’s mobile coverage program. While measuring the number of square kilometres of coverage will allow the department to determine whether the mobile towers it is funding are achieving the intended extent of new mobile coverage, it will not allow the department to measure the quality of service, price of coverage, and other key information that could measure the impact of the new coverage.

In December 2023, the NSW Telco Authority released the NSW Digital Connectivity Index (DCI), which provides an overview of connectivity in each LGA and suburb across NSW. Each LGA and suburb is given a score out of 100 for access, affordability and demographics (as a proxy for the ability to use technology). The DCI includes several data points, including coverage from telecommunications providers, mobile signal strength, and internet speed. Given that the DCI includes useful data points and can allow for data to be inspected at the suburb level, there is an opportunity for the department to use this to identify the impact of its program both at a statewide level and in regions targeted for funding. However, the department has no plans to utilise the DCI to measure program performance.

In addition to not collecting data to measure the overall effectiveness of the RDCP, the department is also not collecting data to measure whether a number of the objectives of the Gig State and mobile coverage programs are being achieved. For example, both programs aim to reduce the price of digital services in regional areas, however there is no measurement of price in place to determine whether this is being achieved. Similarly, there is no plan in place to measure the speed of internet services or signal strength for mobile services, despite improvements in these things being part of the objectives of both programs as set out in their business cases.

The department is also not measuring whether there are improvements in competition in the mobile market through the mobile coverage program, despite one of the objectives of that program being to encourage competition in the regional telecommunications market. The department also has no plans to measure its contribution to the Closing the Gap target to understand the impact of the RDCP on Aboriginal communities. This is despite it identifying that seven locations with current or pending funding will support discrete Aboriginal communities. Four of these locations are part of the ASP project for Wilcannia and Brewarrina, and the other three are funded through the MBSP7 project.

The department has some output performance measures in place for the RDCP, but these focus on contracted outputs rather than outcomes

The department has identified performance measures for the program in reporting templates, in its final business cases for the Gig State and mobile coverage programs, and in its evaluation plan for the RDCP. These performance indicators measure the outputs of the program rather than the outcomes that would demonstrate whether program objectives have been met.

The measures that the department uses to report to NSW Treasury as part of its budgeting process have changed over time. Until June 2023, the department used two key output measures to determine the progress of the RDCP:

  • Number of premises covered by signed contracts to deliver upgraded internet connectivity.
  • Number of sites with signed contracts for new mobile coverage.

As noted, these are output measures and will not enable the department to determine whether the project is delivering its intended purpose. Since July 2023, the department has used two output measures:

  • Number of premises covered by signed contracts to deliver upgraded internet connectivity.
  • Contracted square kilometres for new and improved mobile coverage.

These four measures relate only to contracted coverage and do not provide a clear picture of ongoing progress with the construction and connection of new mobile and internet projects. Projects can have long lead times for a variety of reasons such as acquiring access to land, designing a solution and the time required to construct the solution. In addition, only measuring contracted coverage will not enable the department to determine whether these outputs are being delivered and will not reflect delays in those stages, nor will it enable the department to determine whether the towers are achieving their intended purpose. While there is value in measuring contracted coverage as an early lead indicator of performance, there is also value in reflecting the current state more accurately through measuring the progress of the construction of each project.

The department did not meet its original mobile coverage performance targets but met its Gig State program target

As noted above, the department had three metrics that it was using to measure the RDCP until June 2023. The department successfully achieved its Gig State program target but did not achieve its mobile coverage program targets. Exhibit 4 shows the results against targets for the RDCP measures. As can be seen, the result for square kilometres of improved mobile coverage delivered was significantly below the target.

Exhibit 4: Performance targets and results to June 2023.
MeasureTargetTarget dateResults
Square kilometres with improved mobile coverage in regional NSW36,00June 2023718
Number of premises covered by signed contracts to deliver upgraded internet connectivity2,500June 202313,330
Number of sites with signed contracts for new mobile coverage25June 202324*

* This comprises two towers funded through the ASP project and 22 towers co-funded through the Australian Government’s Mobile Black Spot Round 5A. This does not include five small towers for the Snowy Mountains Highway Safety project as the department has identified these as a temporary service.

Source: Audit Office analysis.

The department revised its performance measures after June 2023. This included revising output targets for the mobile and Gig state programs. The updated performance targets can be seen in Exhibit 5. The mobile coverage program performance measure was changed to measure the contracted square kilometres of new coverage rather than the actual square kilometres of new coverage. At the same time, the target value increased from 36,000 square kilometres to 60,000 square kilometres. The target value for the Gig State program was also updated compared to the 2023–24 target.

Exhibit 5: Revised 2023–24 performance targets.
MeasureTargetTarget date
Contracted square kilometres for new and improved mobile coverage60,000December 2028
Number of premises covered by signed contracts to deliver upgraded internet connectivity15,000December 2025

Source: Department of Regional NSW.

The department had nearly achieved its December 2025 target for contracted upgrades to internet connectivity by June 2023. As can be seen in Exhibit 4, 13,330 premises were covered by signed contracts to deliver upgraded internet connectivity as at June 2023.

In early 2023, the department estimated that it would have 12,279 square kilometres of new or improved mobile coverage delivered by December 2025. The department advised that it is likely to deliver on this forecast as early as December 2024, through its co-funding of two ASP locations and 22 locations under the Commonwealth’s Mobile Back Spot Program 5A.

There is uncertainty around whether the data the department is using is reliable to measure its performance

The department is collecting or planning to collect data from grant recipients to determine whether they are delivering the intended projects to the required quality. The funding deeds contain obligations on the quality and extent of the services to be provided by grant recipients and require that the contracted organisations report to the department on the construction and the extent of coverage (new ground covered for the mobile towers and number of premises connected for internet coverage). This aligns with the output measures set out above. The department is not collecting information that it could use to inform outcome measurement as part of its grant funding deeds with each grant recipient.

Grant recipients provide the department with the data that it has requested in line with the terms of the funding deeds. This information is collected through a regular schedule of status reporting. These status reports include information on progress with internet or mobile coverage, including the number of premises that will be able to connect to a service.

Information on the availability of fixed fibre connections to premises should be reliable, as with the Wamboin, Bywong and Sutton project. However, data on the availability and quality of fixed wireless internet connectivity and mobile coverage is likely to vary with terrain. While the department is collecting this information, it currently has no plans or a formal process to undertake validation testing following each project completion. This means that the department will not be able to provide assurance that the information collected is accurate.

The department has not updated the expected benefits of the program despite significant changes in scope

In September 2021, following a review of the Gig State program, the department prepared an addendum to the original Gig State business case to change the program from capital expenditure to operational expenditure, and set out a range of other changes. The department’s addendum to the business case noted that the approach to delivering benefits would remain the same, and it did not revisit the benefits realisation register nor attempt to recalculate expected benefits. Given the significant scope changes in the business case addendum, it is likely that there would have been an impact on expected benefits that would justify recalculating the program benefits.

This was not the only time where significant changes in the Gig State program’s operations did not result in an updated benefits realisation register. As noted in the introduction, the RDCP budget was reduced in the 2023 budget, and the remaining budget was extended out to 2028. As discussed above, the change in budget coincided with the department’s decision to discontinue the LEO satellite pilot, which was anticipated to deliver 40% of the financial benefits of the program. The change in budget profile for the program has likely led to a change in the benefits profile of the program, however the department has not updated its program assumptions in line with this change.

The department has documented key lessons learned from its funding rounds to date

Documenting lessons learned from early delivery of any given program is important, particularly pilot programs, to ensure that these can be incorporated into future program development. The department has documented lessons learned across the two programs of the RDCP, including the early grant rounds.

For its Gig State program, the department documented lessons learned in relation to the management of grants, industry engagement, the grant guidelines, the assessment of grants, and the time that the grants went to market. These lessons include reinforcing positive experiences, such as releasing a list of preferred locations to applicants, which the department believes served to encourage funds to be directed to those areas. The department also identified potential improvements, including how it communicated with industry and the data that it would request from future applicants. There have been no grant programs run through the Gig State program since these lessons were documented so it is not yet clear whether the department will implement changes as a result of these lessons learned.

As noted above, the mobile coverage ASP pilot program was delivered across two phases: the first phase involved working with industry to determine potential technical solutions, and the second phase was a grant program to deliver the preferred solutions. The department commissioned a lessons learned report of the first phase of the ASP pilot program with the intention of using this to inform the mobile coverage ASP main program business case development. The lessons learned report and the mobile coverage ASP main program business case were both completed in the same month, however, meaning that lessons could not be fully incorporated into that business case. The department has also identified additional lessons learned specifically in relation to the grant process. There have been no grant programs run through the mobile coverage ASP main program since these lessons were documented so it is not yet clear whether the department will implement changes as a result of these lessons learned.

In addition, the department has conducted an internal audit on the governance of the RDCP. The internal audit had largely positive findings about the governance structures and the grant guidelines. The internal audit did not make findings on the governance issues outlined above, such as not having finalised terms of reference. However, the internal audit did note that not all probity advice had been documented and some had been provided verbally, which increased the risk of grant processes not being undertaken with integrity.

The department has planned evaluations for all grant programs within the RDCP

The department has a draft evaluation plan for the RDCP that includes evaluations for each program to validate whether they have achieved their objectives, as well as finalised evaluation plans for each of the programs. Both process and outcome evaluations are planned. Process evaluations ensure that planned processes were followed and that lessons are learned for future grant programs. The department is planning process evaluations for when all funding deeds have been signed and outcome evaluations are planned for after project delivery is largely complete.

The sub-programs have not yet reached the point where the department will undertake outcome evaluations. The department has indicated that the outcome evaluations will be undertaken when each project has been delivered, which means that while it will determine whether the project has achieved its objectives, it will not be measuring outcomes on an ongoing basis to determine whether changes are needed for the program to meet its objectives. The funding deeds with grant recipients make it clear that the department will undertake an evaluation and may collect relevant information for this purpose. While the department should be able to collect information, the limitations in data collection noted above may need to be resolved to ensure that required data is available.

Appendix one – Response from agency

Appendix two – About the audit

Appendix three – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #397 released 27 June 2024.

Published

Actions for Universities 2023

Universities 2023

Universities
Compliance
Cyber security
Financial reporting
Information technology
Internal controls and governance
Risk
Service delivery

About this report

Financial audit results of the NSW public universities’ financial statements for the year ended 31 December 2023.

Audit findings

Unmodified audit opinions were issued for all ten universities.

Eight universities reported net deficits. Three of these improved on their 2022 results.

Total fees and charges returned to pre-pandemic levels, with 40.5% earned from overseas students from three countries.

Employee related expenses increased 10.2% in 2023 mainly due to an additional 2,830 full time equivalent staff, in response to increased teaching and research activities.

Key issues

The number of findings reported to management has increased to 111 matters in 2023 up from 88 in 2022.

These included one high risk finding and 62 moderate risk findings, a 72% increase from last year.

Gaps identified in universities governance processes included delays in responding to findings and recommendations; staff not attesting compliance with codes of conduct annually; and not capturing and recording staff conflicts of interests within central registers.

Seven of the ten universities have cyber security risks above what they determine as an acceptable risk. Four universities did not have a cyber security uplift program.

Recommendations

Universities should address all recommendations made in the report (see Appendix one for a summary of these).

In particular, there should be a focus on prioritising remediation of wage underpayments to affected employees; ensuring a centralised conflict of interest register is maintained for all staff; considering emerging risks in university risk registers; ensuring controlled entities are considered when determining internal audit plans; and focusing efforts to improve cyber security risk management and cyber resilience capability.

This report provides NSW Parliament with the results of our 2023 financial audits of universities in New South Wales and their controlled entities, including analysis, observations and recommendations in the following areas:

  • financial reporting
  • internal controls and governance
  • teaching and enrolments
  • cyber security.

Financial reporting is an important element of good governance. Confidence and transparency in university sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines audit observations related to the financial reporting of universities in NSW for 2023.

Appropriate financial controls help to ensure the efficient and effective use of resources and administration of policies. They are essential for quality and timely decision-making. Effective governance is essential for the stability, sustainability and ethical operation of universities. It ensures accountability, transparency and promotes responsible decision making.

This chapter outlines our observations and insights from our financial statement audits of NSW universities.

Our audits do not review all aspects of internal controls and governance every year. The more significant issues and risks are included in this chapter. These, along with the less significant matters, are reported to universities for management to address.

Section highlights

  • The 2023 audits identified one high risk finding which has been carried forward since 2018. There were 62 moderate risk issues also identified across NSW universities.
  • Seventeen of the moderate risk issues were repeat issues. Repeat issues mainly related to information technology controls around user access management, privileged user review, outdated policies and procedures, payroll and procurement processing improvements.
  • The number of findings reported to management has increased to 111 matters in 2023 up from 88 in 2022.
  • The number of overall repeat deficiencies has decreased with 32 reported in 2023 compared to 41 in 2022. 
  • Seven universities do not require staff to annually attest to the Code of Conduct.
  • Four universities did not capture and record conflicts of interests for all staff within a centralised register.
  • All universities have developed risk management frameworks, policies, appetite statements and registers however improvements are needed.

Universities' primary objectives are the functions of teaching and research. They invest most of their resources aiming to achieve quality outcomes in academia and student experience. Universities have committed to achieving certain government targets and compete to advance their reputation and their standing in international and Australian rankings.

This chapter outlines teaching and enrolment outcomes for universities in NSW for 2023.

Section highlights

  • Six universities were reported as having full-time employment rates of their domestic undergraduates in 2023 that were greater than the national average.
  • Overall student enrolments at NSW universities increased, with higher enrolments in Health, Information Technology and Engineering related courses.
  • On average, universities delivered 52% of courses face to face, an increase from 45% reported in 2022.
  • Five universities in 2023 were reported as meeting the target enrolment rate for students from low socio-economic status (SES) backgrounds.
  • Only one metropolitan based university reported increased enrolments of Aboriginal and Torres Strait Islander students in 2022.

This chapter of the report focuses on the cyber risk environment for universities, how universities have assessed that risk, what frameworks they use to strategically identify controls that respond to those risks, and the extent to which they have implemented or have plans to implement those controls. We also address some specific controls in respect of cyber resilience.

Section highlights

  • Seven of the ten universities have cyber security risks above what they have determined as an acceptable risk level.
  • One university did not assess its current cyber security maturity, which is a recommended practice to support prioritisation of cyber security improvements.
  • Four universities did not have a formal cyber security uplift program.
  • One university did not have a specific budget for improving its cyber security.

Appendix one – List of 2023 recommendations

Appendix two – Status of 2022 recommendations

Appendix three – Universities' controlled entities

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Published

Actions for Oversight of the child protection system

Oversight of the child protection system

Community Services
Justice
Compliance
Internal controls and governance
Management and administration
Procurement
Risk
Service delivery
Shared services and collaboration
Workforce and capability

About this report

This audit assessed the effectiveness of the Department of Communities and Justice (DCJ) in planning, designing, and overseeing the NSW child protection system.

The audit used 'follow the dollar' powers to assess the performance of five non-government organisations (NGOs), that were contracted to provide child protection services. More information about how we did this is included in the full report.

Findings

The NSW child protection system is inefficient, ineffective, and unsustainable.

Despite recommendations from numerous reviews, DCJ has not redirected its resources from a ‘crisis driven’ model, to an early intervention model that supports families at the earliest point in the child protection process.

DCJ's organisational structure and governance arrangements do not enable system reform.

DCJ has over 30 child protection governance committees with no clarity over how decisions are made or communicated, and no clarity about which part of DCJ is responsible for leading system improvement.

DCJ's assessments of child protection reports are labour intensive and repetitive, reducing the time that caseworkers have to support families with services.

DCJ has limited evidence to inform investments in family support services due to a lack of data about the therapeutic service needs of children and families. This means that DCJ is not able to provide relevant services for families engaged in the child protection system. DCJ is not meeting its legislated responsibility to ensure that families have access to services, and to prevent children from being removed to out of home care.

DCJ does not monitor the wellbeing of children in out of home care. This means that DCJ does not have the information needed to meet its legislative responsibility to ensure that children 'receive such care and protection as is necessary for their safety, welfare and well-being’.

In August 2023, there were 471 children living in costly and inappropriate environments, such as hotels, motels, and serviced apartments. The cost of this emergency accommodation in 2022–2023 was $300 million. DCJ has failed to establish ‘safe, nurturing, stable and secure’ accommodation for children in these environments.

Since 2018–19, the number of children being returned to their parents from out of home care has declined. During the five years to 2022–23, families have had limited access to restoration services to support this process.

Recommendations

The audit made 11 recommendations to DCJ. They require the agency to identify accountability for system reform, and to take steps to ensure that children and families have access to necessary services and support.

 

The child protection system aims to protect children and young people under 18 years old from risk of abuse, neglect, and harm. In NSW, child protection services can include investigations of alleged cases of child abuse or neglect, referrals to therapeutic services for family members, the issuing of care and protection orders, or the placement of children and young people in out of home care if it is deemed that they are unable to live safely in their family home.

A key activity in the child protection process is to determine whether a child is at ‘risk of significant harm’ as defined by Section 23 of the Children and Young Persons (Care and Protection) Act 1998. The Act describes significant harm as when ‘the child's or young person's basic physical or psychological needs are not being met or are at risk of not being met'. The Department of Communities and Justice (DCJ) has developed a process for determining risk of significant harm. It requires multiple assessments of child concern reports and at least two separate assessments of the child in the home. This process can take a number of months, and until all of these activities are complete, DCJ describes the child as suspected or presumed to be at risk of significant harm.

DCJ has primary responsibility for the child protection system in NSW. DCJ is both a provider of child protection services and a purchaser of child protection services from non-government organisations (NGOs). As system steward, DCJ has a role to establish the policy environment for child protection services and operations. In addition, DCJ is responsible for all governance and reporting arrangements for the commissioned NGOs that deliver services on its behalf, as well as for the governance and reporting arrangements of its own DCJ staff. DCJ must ensure that the child protection system is achieving its intended outcomes – to protect and support children in ways that meet their best interests - as described in legislation.

This audit assessed the effectiveness of DCJ’s planning, design, and oversight of the statutory child protection system in NSW. We assessed whether DCJ was effective in ensuring:

  • there is quality information to understand and effectively plan for child protection services and responses
  • there are effective processes to manage, support, resource, and coordinate child protection service models and staffing levels
  • there is effective oversight of the quality and outputs of child protection services and drivers of continuous improvement.

To do this, the audit assessed the statutory child protection system with a particular focus on:

  • initial desktop assessments and triaging of child protection reports
  • family visits and investigations of child protection reports
  • case management services and referrals to services
  • the management of all types of care and protection orders
  • the assessments and placements of children in out of home care.

The audit also assessed the performance of five NGOs that provide commissioned child protection services. Collectively, in 2021–2022, the five audited NGOs managed approximately 25% of all out of home care services in NSW. The policies, practices, and management reporting of the five NGOs was assessed for effectiveness in relation to the following:

  • quality of data used to understand service requirements
  • arrangements for operational service delivery to meet identified needs
  • governance arrangements to deliver safe and quality out of home care services under contract arrangements with DCJ.

This audit was conducted concurrently with another audit: Safeguarding the rights of Aboriginal children in the child protection system.

The child protection system aims to protect children and young people (aged less than 18 years) from the risks of abuse, neglect, and harm. Child protection services can include investigations, (which may or may not lead to substantiated cases of child abuse or neglect), care and protection orders, and out of home care placements.

The Department of Communities and Justice (DCJ) has statutory responsibility for assessing whether a child or young person is in need of care and protection. DCJ’s Child Protection Helpline receives and assesses reports of possible child abuse or neglect. If the information in the report is assessed as meeting a threshold for risk of significant harm, DCJ caseworkers at Community Service Centres investigate the report and decide on a course of action. Follow-up actions can include referring the family to services, visiting the family to conduct ongoing risk and safety assessments of the child, or closing the case. If a child is determined to be unsafe, the child may be removed from the family home and placed in out of home care.

Non-government organisations (NGOs) are funded by the NSW Government to provide services to children and young people who require out of home care and other support services. NGOs provide approximately half of all out of home services in NSW, and DCJ provides the other half.

Government agencies such as Health, Education and Police also play a role in child protection processes, particularly in providing support for children and families where there are concerns about possible abuse or neglect. NSW Health provides some support services for families, along with the Department of Communities and Justice. Exhibit 1 shows some headline child protection statistics for NSW in 2022–2023.

Exhibit 1: Child protection statistics in 2022–2023
 

404,611

Report to the Child Protection Helpline

 

112,592

Children suspected to be at risk of significant harm

27,782

Children received a safety assessment by DCJ caseworker 

10,059

Children (and families) provided with caseworker services or targeted therapeutic services to support safety

$3.1b

Total expenditure on child protection, out of home care, and family support services

$1.9b

Expenditure on out of home care services

$0.4b

Expenditure of family support services 

14,473

Children in out of home care 30 June 2023

 

471

Children living in high cost, emergency arrangements

Source: Audit Office summary of DCJ data on child protection statistics.

DCJ has not made progress in shifting the focus and resources of the child protection system to an early intervention model of care, as recommended by major system reviews

DCJ has not readjusted its resource profile so that its operating model can take a more preventative approach to child protection. A preventative approach requires significant early intervention and support for families and children soon after a child has been reported as being at risk of significant harm. This approach has been recommended by a number of reviews into the child protection system.

In 2015, the Independent Review of Out of Home Care in New South Wales recommended an investment approach that uses client data and cost-effective, evidence-based interventions to reduce entries to out of home care and improve outcomes for families and children.

The NSW Government response to the Independent Review of Out of Home Care in New South Wales was a program entitled: Their Futures Matter. This program commenced in November 2016 and was intended to place vulnerable children and families at the heart of services through targeted investment of resources and services. A 2020 report from our Audit Office found that ‘while important foundations were laid and new programs trialled, the key objective of establishing an evidence-based whole of government early intervention program … was not achieved. The majority of $380 million in investment funding remained tied to existing agency programs, with limited evidence of their comparative effectiveness.’

DCJ’s expenditure since 2018–2019 shows that most additional funding has been used to address budget shortfalls for out of home care, and to expand the numbers of frontline case workers. Budget increases show that during the period from 2018–2019 to 2022–2023, DCJ’s expenditure on out of home care increased by 36%, and expenditure on caseworkers increased by 26%. DCJ’s expenditure on family support services, including early intervention and intensive support services, increased by 31% during the audit period.

These resourcing priorities indicate that DCJ has not shifted its focus or expenditure in ways which reorient the child protection system. DCJ has not dedicated sufficient resources to early intervention, and therapeutic support for families and children, in order to implement the recommended changes made by systemwide child protection reviews.

In 2019, the Family is Culture Review recommended increased investment in early intervention support services to prevent more Aboriginal children entering out of home care, with a preference for these services to be delivered by Aboriginal Community Controlled Organisations. Progress towards enhancing a culturally appropriate service profile has been limited. DCJ last published progress against the Family is Culture recommendations in August 2021, when it reported that projects to increase financial investment in early intervention services were under review.

Data from March 2023 shows that 89% of the DCJ-funded, family support service volume across NSW is delivered by mainstream providers compared with ten per cent provided by Aboriginal Community Controlled Organisations, and one per cent by culturally specific providers. Given that Aboriginal children make up approximately half of all children in out of home care, there is still significant work required to shift the service profile.

DCJ’s governance arrangements are not structured in a way that ensures transparency and accountability for system reform activity and service improvements

DCJ’s organisational structure reflects multiple operational and policy functions across its three branches - the Commissioning Branch, the Operational Branch, and the branch responsible for Transforming Aboriginal Outcomes. Some branches have responsibility for similar functions, and it is not clear where overall executive-level accountability resides for system reform. For example, all three branches have a policy function, and there is no single line of organisational responsibility for this function, and no indication about which branch is responsible for driving system reform.

DCJ has over 30 governance committees and working groups with responsibilities for leadership and oversight of the statutory child protection and out of home care system. DCJ’s governance committees include forums to provide corporate and operational direction, to make financial and resourcing decisions, and to provide leadership and program oversight over the different functions of child protection and out of home care. Some committees and working groups oversee DCJ’s activity to meet government strategic priorities and respond to the findings and recommendations of child protection and out of home care reviews and commissions of inquiry.

Much of DCJ’s work in child protection and out of home care is interdependent, but its governance arrangements have not been structured in a way that show the lines of communication across the Department. There is no roadmap to show the ways in which decisions are communicated across the various operational and corporate segments of DCJ’s child protection and out of home care business operations.

In 2022, DCJ commenced activity to reorganise its operational committees into a four-tier structure, with each tier representing a level in the hierarchy of authority, decision-making and oversight. Draft documents indicate the ways in which the new organisational structure will facilitate communication through the different business areas of DCJ to the Operations Committee where most of the high-level decisions are made or authorised before being referred to the Executive Board for sign off. The new governance arrangements indicate a more transparent process for identifying Department and divisional priorities across policy and programs, though the process for reforming governance processes was not complete at the time of this audit.

DCJ’s strategic planning documents do not contain plans to address the pressure points in the child protection system or address the increasing costs of out of home care. After the merger of the Department of Family and Community Services (FACS) and the Department of Justice, DCJ’s Strategic Directions 2020–2024 document sets out the direction for the expanded Department in generalised terms. While it describes DCJ’s values, and describes an intention to improve outcomes for Aboriginal people and reduce domestic and family violence, it does not contain enough detail to describe a blueprint for Departmental action.

In April 2023, DCJ published a Child Safe Action Plan for 2023 to 2027. This plan includes a commitment to hear children’s voices and to ‘improve organisational cultures, operations and environment to prevent child abuse’. In September 2023, the NSW Government committed to develop ‘long-term plans to reform the child protection system and repair the budget, as part of its plan to rebuild essential services and take pressure off families and businesses'. Any activity to implement these commitments was not able to be audited, as it was too soon to assess progress at the time of this report publication.

DCJ’s expenditure priorities predominantly reinforce its longstanding operating model – to focus on risk assessments and out of home care services rather than early intervention

More than 60% of DCJ’s budget for child protection is spent on out of home care. In the five years from 2018–2019, DCJ’s expenditure on out of home care increased by 36% from $1.39 billion in 2018−19 to $1.9 billion in 2022–23.

During the same timeframe, DCJ’s expenditure on risk report assessments and interventions at the Helpline and Community Service Centres increased by 25%. It grew from $640 million in 2018–2019 to $800 million in 2022–2023. This not only reinforced the existing model of child protection, it expanded upon it, at the expense of other activity.

While DCJ’s expenditure on family support services increased by 31% from $309 million in 2018–2019 to $405 million in 2022–2023, it remains a small component of DCJ’s overall expenditure at 13% of the total budget spend in 2022−2023, as shown at Exhibit 6.

Exhibit 6: Report on Government Services - Productivity Commission
Expenditure ($b)

2018–19

2019–20

2020–21

2021–22

2022–23

% of total 2022–23

Increase 2018–19 to 2022–23 (%)

Out of Home Care

1.392

1.527

1.561

1.713

1.892

61

36

Risk and safety assessments & interventions at the Helpline & Community Service Centres

0.640

0.651

0.685

0.737

0.800

26

25

Family support services inc. early intervention and intensive support services

0.309

0.322

0.319

0.338

0.405

13

31

Total

2.342

2.501

2.565

2.788

3.097

100

32


Note: Expenditure is actual spending in each year, not adjusted for inflation. Totals may be more than the sum of components due to rounding. percentages may not sum to 100 due to rounding.

Source: Audit Office analysis of Productivity Commission data published in Reports on Government Services 2024, Table 16A.8.

DCJ has not done enough to support the transition of Aboriginal children to the Aboriginal community controlled sector as planned

In 2012, the NSW Government made a policy commitment to ensure the transfer of all Aboriginal children in out of home care to Aboriginal Community Controlled Organisations. DCJ acknowledges that over the past 12 years, the NSW Government has made limited progress in facilitating this transition.

In June 2023, a total of 1,361 children were managed by Aboriginal Community Controlled Organisations across NSW. At the same time, 1,746 Aboriginal children were being case managed by non-Aboriginal NGO providers, and 3,456 Aboriginal children were case managed by DCJ. In total there were 5,202 Aboriginal children waiting to be transferred to Aboriginal Community Controlled Organisations in June 2023.

The transition process was planned and intended to occur over a ten year timeframe from 2012 to 2022. This has not been successful. DCJ has revised its timeframes for the transition process, and now aims to see the transfer of the ‘majority’ of Aboriginal children to Aboriginal Community Controlled Organisations by June 2026. At the current rate of transition, it would take over 50 years to transfer all 5,202 children to Aboriginal Community Controlled Organisations, so this timeframe is ambitious and will require close monitoring by DCJ.

The cost of transitioning all 5,202 Aboriginal children from DCJ and the non-Aboriginal NGOs to the Aboriginal Community Controlled sector will add close to $135 million to the NSW Government out of home care budget. The increased costs are due to the higher costs of administration, accreditation, and oversight of services provided by the Aboriginal Community Controlled sector.

DCJ has prioritised the transfer of Aboriginal children from non-Aboriginal NGOs to Aboriginal Community Controlled Organisations before the transfer of Aboriginal children from DCJ’s management. This prioritisation is due, in part, to the fact that most of the non-Aboriginal carers of Aboriginal children are with NGOs. NGO contract requirements should have been one of the drivers of the transition of Aboriginal children to Aboriginal Community Controlled Organisations.

The most recent NGO contracts, issued in October 2022, required that NGOs develop an Aboriginal Community Controlled transition plan by 31 December 2022. This timeframe was extended to 30 June 2023. All of the NGOs we audited have now prepared detailed transition plans for the transition of Aboriginal children, including service plans that identify risks and document collaborative efforts with Aboriginal Community Controlled Organisations.

One important requirement in the success of the transitions, is the willingness of carers to switch from their existing NGO provider to an Aboriginal Community Controlled Organisation. During the period of this audit DCJ failed to provide sufficient information to carers, to assure them of the NSW Government’s commitment to the transition process. Since July 2023 DCJ has written to carers of Aboriginal children case managed by non-Aboriginal Community Controlled Organisations and provided them with more information about the transition process.

NGOs have had limited success in transitioning Aboriginal children to Aboriginal services, and can do more to report on activity, so that system improvements can be made

Non-Aboriginal NGOs have had limited success in transferring Aboriginal children to the Aboriginal-controlled out of home care sector. For example, of the approximately 1,700 Aboriginal children that were managed by non-Aboriginal providers in 2022–2023, 25 Aboriginal children were transferred from non-Aboriginal NGOs to Aboriginal Community Controlled Organisations in that year. While DCJ controls the key drivers in this transition, there is limited evidence that NGOs have initiated consultations with Aboriginal Community Controlled Organisations during the audit period.

NGOs advised that some of their carers do not want to transition to Aboriginal Community Controlled Organisations, and this is slowing the transfer process. NGO contracts in force until September 2022 required that: ‘The express agreement of carers must be sought prior to the transfer of an Aboriginal Child to an Aboriginal Service Provider.’ This audit was not able to verify the extent to which carers have resisted the move to Aboriginal Community Controlled Organisations.

DCJ did not provide NGOs with sufficient direction, coordination, or governance through its contract arrangements to effect transitions from non-Aboriginal NGOs to Aboriginal NGOs. DCJ has established a project control group with representatives from NGO peak bodies and has set up an internal program management office to manage the transition.

There are limited drivers for the transition of Aboriginal children to Aboriginal-controlled services, and financial risks for both Aboriginal Community Controlled Organisations and non-Aboriginal NGOs in the process

Aboriginal Community Controlled Organisations and non-Aboriginal NGOs are carrying significant financial risk due to a lack of certainty in the transition process of Aboriginal children to the Aboriginal Community Controlled sector. These agencies are responsible for planning and making changes to their business models in order to facilitate the transition process. DCJ does not provide funds for this activity.

Some non-Aboriginal NGOs have high numbers of Aboriginal children in their care. These agencies risk financial viability if children and their carers are transitioned in a short space of time. There is a degree of uncertainty about the timelines for transitions to Aboriginal Community Controlled Organisations, and the numbers of children that will be transitioned at any given time.

Non-Aboriginal NGOs are not in a position to require Aboriginal Community Controlled Organisations to take Aboriginal children. Similarly, Aboriginal Community Controlled Organisations cannot compel the transition of children to their care. There are no real system drivers for this activity, and some financial disincentives for NGOs supporting large Aboriginal caseloads.

Throughout 2023, some Aboriginal Community Controlled Organisations have been upscaling their businesses to prepare for the transition of Aboriginal children to their care. They have employed additional caseworkers and enhanced administrative and infrastructure arrangements to take on new children, without receiving new intakes. They report that they have been financially disadvantaged by the failure of the transition process. Aboriginal Community Controlled Organisations advise that they don’t expect confirmation of the child transition process and timelines until 2024 and must carry the financial consequences of upscaling.

 

DCJ does not collect sufficient data to assess the effectiveness of its child protection service interventions and does not know whether they lead to improved outcomes

DCJ does not collect sufficient information to understand whether its child protection risk and safety interventions are effective in protecting children from abuse, neglect, exploitation, and violence.

DCJ is the sole entity with responsibility to make assessments of children after there has been a child protection report. After a child has been reported, DCJ caseworkers conduct a range of assessments of the child and family context, to determine whether the child is at risk of significant harm. If DCJ caseworkers determine that a child is ‘in need of care and protection,’ Section 34 of the Care Act requires DCJ to ‘take whatever action is necessary to safeguard and promote the safety, welfare and well-being of the child or young person’, including ‘providing, or arranging for the provision of, support services for the child or young person and his or her family’.

DCJ has limited measures to assess the effectiveness of its service interventions. DCJ monitors and reports on the number of children who are re-reported within 12 months after receiving a DCJ caseworker intervention. However, DCJ does not monitor or report any comparative data that would potentially demonstrate the effectiveness of its service interventions. For example, DCJ does not collate and publish data on re-report rates of children who do not receive a DCJ service intervention. This comparative data would give DCJ greater understanding about the effectiveness of its service interventions.

In addition, DCJ’s re-report data does not differentiate between re-reports of children that are substantiated, from those that are not. Children can be re-reported for a variety of reasons. Some re-reports are of children who are not at increased risk of significant harm. Therefore, the current re-report data is a limited measure of the effectiveness of DCJ’s service interventions.

DCJ does not collect data or compare outcomes based on the kinds of services that are accessed by children and families. For example, DCJ does not report on instances where families were denied service interventions because support services were full, or did not exist in their region. DCJ does not collect data or report on children who were taken into out of home care in areas where there were no available services to support the family.

DCJ caseworkers can support families by making referrals to drug and alcohol rehabilitation services, family violence services, parenting support courses, or mental health services. It is not known whether families receive services that are relevant to their needs. Some services are offered as additional DCJ caseworker support, some are NGO funded support packages, some offer therapeutic interventions, and some are provided via external government agency services, such as NSW Health. Support services are highly rationed in NSW, and many families engaged in the child protection system do not have access to them.

Limited outcomes data and reporting means that DCJ cannot demonstrate how its actions and service interventions are reducing risks and harms to children, and promoting their safety, welfare, and wellbeing in line with the Care Act.

While child protection reports have significantly increased over the past ten years, around 40% do not meet the threshold for suspected abuse and neglect to warrant a response

The overall number of child protection reports received by the Helpline has increased significantly over the past ten years. Reports to the Helpline ensure that children at risk of significant harm come to the attention of DCJ, but around 40% of reports do not meet the threshold of abuse and neglect to warrant a child protection report and response from child protection caseworkers. DCJ has finite resources, and responding to reports that do not require intervention reduces the capacity of DCJ to effectively respond to children who are at risk of significant harm.

In 2022–2023, the Helpline received 404,611 concern reports, an increase of over 60% since 2012–2013 when there were 246,173 reports. Between 2012–2013 and 2017–2018, reports grew slowly, then increased rapidly for three following years up until 2021. While the number of Helpline reports fell in 2021–2022, this reduction was partly due to a drop in reports by teachers during COVID school closures, and was not maintained in 2022–2023.

DCJ attributes the rapid growth in child protection reports to increasing awareness amongst mandatory reporters about their statutory responsibilities to report, along with the introduction of the online reporting option. Mandatory reporters include medical practitioners, psychologists, teachers, social workers, and police officers. These personnel are legally required to report children that they suspect are at risk of significant harm. In one 3-month period from April to June 2021 there were over 40,000 reports from mandatory reporters that did not meet the threshold that activates a statutory child protection response from DCJ caseworkers. The assessment of these reports consumes significant resources, costing over $4 million during the three month period in 2021, which equates to over $15 million per annum.

In 2010, Child Wellbeing Units were established so that mandatory reporters from Education, Police and Health could be assisted in child protection reporting. The units were established in response to recommendations made by the Wood Special Commission of Inquiry into Child Protection Services. They aimed to reduce the number of reports to the Helpline and to support mandatory reporters to assist children and families to receive an appropriate response. DCJ managers advise that the units are underutilised, and mandatory reporters continue to submit reports to the Helpline. The Child Wellbeing Units have not successfully reduced the overall number of reports to the Helpline.

DCJ advised that it is evaluating the Child Wellbeing Units and is developing new guidance for mandatory reporters that aims to address the culture of over-reporting.

Exhibit 7 shows the ten years of Helpline reports from 2012–2013 to 2022–2023.

DCJ does not collate or analyse its service referral data, and as a result, is unable to commission relevant services for families engaged in the child protection system

DCJ lacks data to understand the supply and demand requirements for therapeutic services across the child protection system. DCJ does not collect or report aggregate data about service referrals for children and families, nor does DCJ report data about service uptake across its Districts. DCJ does not collect the necessary information to plan for commissioned therapeutic services, or to fill its service gaps. DCJ does not know whether its funded services are competing with, or complimentary to, services funded by other agencies.

DCJ is required to monitor its therapeutic service interventions in order to comply with the objectives and principles of the Care Act. The Care Act requires that ‘appropriate assistance is rendered to parents and other persons … in the performance of their child-rearing responsibilities in order to promote a safe and nurturing environment’, and that any intervention ‘must … promote the child’s or young person’s development.

DCJ does not collect reliable data on the success of service referrals after a child has been identified as being at risk of significant harm. DCJ does not collect information or report on the uptake and outcomes of its referrals where there is a low to intermediate risk of significant harm to the child or young person. In most cases, DCJ does not know whether children or families received a therapeutic service after a referral. The uptake of referrals is voluntary, and families may decide that they do not want to access therapeutic services. DCJ does not routinely record data about the numbers of families that decline services.

DCJ does not collect data on instances where a referral was needed but not made because there was no available service in the District or there were no available places in the service. It is well known within DCJ that therapeutic services are lacking in regional and remote NSW. These include poor access to paediatricians and adolescent psychiatrists, disability assessors, mental health services, alcohol and other drug rehabilitation services, and domestic violence services.

Over the past five years, there is no evidence that DCJ has conducted an assessment of the statewide therapeutic service needs of children and families in NSW, or matched its statewide service profile to these needs through the targeted commissioning of therapeutic services. There has been a lack of system stewardship to ensure there is equity of service access for children and families in all Districts.

In each District, Commissioning and Planning units undertake market analyses at the point when programs are due for recommissioning, generally every three to five years. This market analysis includes an assessment of the availability of local services. There is no consistency in how this work is done across the Districts. While the purpose of District-level, market analysis is to identify gaps and opportunities for services, we did not find evidence of services being newly commissioned where gaps were identified.

District-level Commissioning and Planning units conduct some assessment of the demographics of the local area, as well as information about socio-economic characteristics, and expected population growth. For example, one DCJ District identified that their population is expected to grow by 33% by 2031. This means that more contracts for family preservation places will be needed. Another District identified that they do not have culturally appropriate services. However, the contracts for this District are in place for at least three years, so the District cannot provide the required service profile for local families.

While DCJ is taking some steps to arrange an expanded service profile, the efforts are piecemeal. Different programs are managed and commissioned across different parts of DCJ. For example, one District has developed a localised partnership with the Ministry of Health, but DCJ has not developed a state-wide Memorandum of Understanding with NSW Health to give priority access to all children engaged in the statutory child protection system.

In 2015, the Independent Review of Out of Home Care in New South Wales recommended that DCJ ‘establish local cross-agency boards in each … district to provide local advice, and commission services in line with its priorities and defined outcomes.’ In response, DCJ developed a program known as Their Futures Matter. In 2020, the NSW Audit Office’s assessed this program and found that DCJ had not established any cross-agency boards with the power to commission services. At the time of this audit, in 2024, there is no evidence that DCJ has created cross-agency boards.

DCJ advises that, in future, it plans to issue extra contracts to increase the number of intensive therapeutic care services. DCJ is using data on the locations of children in emergency out of home care placements as part of its needs analysis. The process includes mapping the service system across the State. DCJ’s work to date, has identified a lack of intensive therapeutic care places in Western NSW. The lack of services in Western NSW impacts on the ability of DCJ to keep Aboriginal children on their traditional country, and connected to family and kin.

DCJ is using District-level data in its future-focused recommissioning for family preservation services. DCJ advises that, commencing in 2024, the agency will identify family support service requirements by matching data on instances of risk of significant harm to children by category of harm, and assess service availability at the District level. This audit has not received evidence that the work has begun.

DCJ lacks an integrated performance management system to collect, collate, and compare data about the effectiveness of NGO providers or the outcomes of child support programs

DCJ does not have an integrated performance management system to manage its many programs and contracts with NGO service providers. DCJ advises that at March 2024, it had 1,816 active contracts in its contract management system. DCJ has multiple reporting systems for its different program streams, with information on early intervention programs provided through a different information technology system than the system that is used for out of home care placements. Central program teams do not have good oversight of historical data or trends.

Until 2022, data related to DCJ’s Family Preservation Program was collected separately from each NGO provider, via quarterly spreadsheets. There was no consistency in the ways in which the data was collated or analysed. This means that DCJ does not know how many families entered the Brighter Futures program in each District, even though contracts were issued at a District level and over 7,000 families entered Brighter Futures program in 2018–2019, 2019–2020 and 2020–2021. DCJ does not have a statewide view of the location or effectiveness of this, or any of its other family preservation services.

Contracts with NGOs for out of home care contain service volume requirements, for example a minimum number of children in out of home care each year. Contracts also include performance measures and financial penalties for underperformance. Underperformance includes failure to notify DCJ about out of home care placement changes within contracted time periods. Due to problems with NGOs accessing the ChildStory system, DCJ does not collect reliable data on out of home care placements provided by NGOs and therefore DCJ is not able to issue financial penalties.

DCJ has also failed to deliver expected outcomes from the Human Services Dataset. The dataset was recommended by the 2015 Independent Review of Out of Home Care, and approved by the NSW Government in August 2016. The aim of the dataset was to bring together a range of service demand data in order to prioritise support for the most vulnerable children and families. It was intended to deliver whole-of-system reform that would lead to improved outcomes for children and families with the highest needs.

The dataset brings together 27 years of data, and over seven million records about children, young people, and families. The records contain de-identified information about all NSW residents born on or after 1 January 1990 (the Primary Cohort) and their relatives such as family members, guardians, and carers (the Secondary Cohort). The Independent Review of Out of Home Care recommended that the dataset include information about the service requirements of the most vulnerable families. This recommendation has not been implemented to date. The Human Services Dataset does not contain records about the service interventions made by NGOs, and has minimal child protection and out of home care placement data.

DCJ’s package-based funding system has not been successful in tailoring services to children in out of home care

When a child is transferred to an NGO for out of home care services, DCJ provides the NGO with relevant funding packages to support the child. NGOs receive different funding packages according to the care needs of the child. Some packages relate to the placement of the child, whether it be a foster care placement, or an intensive therapeutic care placement for children with complex needs. Other packages relate to the permanency goals for each child. These goals can include restoring the child to their parents, establishing the child in long-term foster care, or supporting the child through an adoption process. Each funding package is based on an average cost for the different service type.

While the funding packages are attached to individual children, in practice, NGOs can allocate this funding flexibly. NGOs can integrate the funds from the packages into their global budgets and use the funds for a range of activities. The package-based system that was intended to deliver tailored services to individual children in out of home care, is not being implemented in the ways it was intended.

NGOs do not receive funding for administrative or management costs. They are not funded for supporting Children’s Court work, or the recruitment of new foster carers. NGOs calculate how much they need for these different activities, and use the required funds from funding packages and other sources of income.

DCJ does not collect data from NGOs to determine the nature of the services that were delivered to the child against the funding for each package. In fact, NGOs are not required to report on the expenditure of package funds in relation to any outcomes that relate to the child’s health, wellbeing, cultural, or educational needs.

An external evaluation of the permanency support package system was completed in 2023. It found that children receiving permanency support packages did not achieve better outcomes than children in a control group who did not receive them. This indicates that the package-based system has not achieved its objective to shift the out of home care system from a bed per night payment model, to a child-centred funding model, aimed at supporting safety, wellbeing, and permanency in out of home care.

DCJ’s contract arrangements for NGO funding are overly complex and administratively burdensome

NGO recipients of package-based funding must liaise with separate DCJ contract managers for the different types of funding packages they receive. Within each DCJ District, a range of contract managers have oversight of the different package types – including the packages for out of home care placements, and for the family preservation program. In addition, many NGOs have contracts in more than one DCJ District. This means that NGOs must liaise with a number of different contract managers and operational teams across different units in multiple DCJ Districts. NGOs advise that the time spent navigating the DCJ system reduces the time they can spend actively supporting children and families.

NGOs report that DCJ District personnel can vary in their preferred communication styles and channels. Some District staff prefer email contact, others prefer phone calls, and some prefer service requests that are entered into ChildStory. NGOs must adapt to these different styles depending on the District.

DCJ Districts also vary in the processes that NGOs must follow to have a child’s needs reassessed. This is a routine process, but some Districts take three months to consider and approve a reassessment, while others complete the process more rapidly. If a child is reassessed as requiring a higher category of support, DCJ does not back-pay any increased allowances. This is regardless of the time during which the NGO has provided the child with increased services. In these Districts, NGOs must carry the financial burden for the time it takes for re-assessment approval processes.

The NSW Procurement Policy Framework includes an objective of ‘easy to do business’. This includes a requirement to pay suppliers within specific timeframes, and recommends that government agencies should limit contract length and complexity.

An external evaluation of the package-based system found that that the funding packages are complex and administratively burdensome, and that DCJ Districts have different models and approaches to implementing them. As a result, a child and family living in one District could receive very different care from a child in another District. In 2023, DCJ advised that it is considering the recommendations of the evaluation with the aim of operationalising relevant system reforms, while not increasing the administrative burden on NGOs.

Exhibit 16 shows the multiple stages that NGOs must navigate in DCJ’s complex, contract environment.

DCJ’s case management system lacks an effective business to business interface with NGO partners, and has not produced data on key deliverables

DCJ’s case management system promised a single entry point for NGOs to interact with DCJ. In 2017, DCJ commenced the rollout of ChildStory, its new case management system, at a cost of more than $130 million. While the ChildStory system has become an important repository for information about children in the child protection system, it has failed to deliver on some of its key intended functionalities. ChildStory does not provide an integrated business to business system interface with commissioned NGOs where they can record information about children and families in their care.

Most of the ChildStory system is locked off to NGOs, meaning that NGOs cannot use it as a case management system. NGO personnel must enter data into their own client information systems before manually replicating any required data into the ChildStory system. Until June 2022, NGO staff lost access to ChildStory if they did not log onto the system for a three month period, and staff had to reapply for access, increasing the administrative burden on some NGO personnel.

The lack of an integrated business to business interface between DCJ’s ChildStory and the NGO case management systems, has vastly increased levels of administrative handling for all parties, and frequently results in mismatched data between DCJ and NGOs. The process for NGOs to correct data errors in ChildStory requires contact with DCJ, and the process can be protracted. NGOs advise that they spend significant time on complex data reconciliation processes and that these processes have financial implications. In some instances, NGOs are asked to repay contract ‘underspends’ as a result of DCJ data errors.

The lack of system interface between DCJ and NGOs has been a lost opportunity to produce and report NGO trend data on a wide range of metrics. While some data is manually entered by NGOs into ChildStory Partner, and some systemwide data produced, it is only available for a limited number of key performance indicators. For example, it was intended that ChildStory would be used to collect and collate information about the status and wellbeing of children. According to DCJ, this has not been possible, as the system does not have the functionality to collate data from questionnaires or instruments that assess child wellbeing.

Given that many of the smaller NGO data systems have limited sophistication and functionality, the failure of ChildStory to become a case management system for all NGOs, means they are not able to produce trend data on a wider range of metrics. The inability to collate key data from all NGO service providers limits the statewide data that is available for service planning.

Until 2022−2023, DCJ did not contribute all required data to a national, publicly-reported dataset on child protection. The Australian Institute for Health and Wellbeing (AIHW) collates data from Australian states and territories every year. Child protection information is published on the AIHW website and provided to the Productivity Commission for the annual Report on Government Services. Since 2014−2015, AIHW requested that all states and territories provide anonymised child-level data for reporting and research purposes. DCJ did not provide this requested child-level data until 2022−2023. In previous years, DCJ provided the AIHW with aggregated data tables that lacked some of the required information.

ChildStory has not been effective for the contract management of NGOs and commissioned services. The system cannot be used to report and generate information about NGO contract activity, nor can it be used to make payments to NGOs.

Caseworkers advise that they spend significant time updating the case management system, limiting the time they have for child and family visits

DCJ has not quantified the amount of time that staff spend entering information and updating records. While DCJ completed a time and motion study on caseworker activity in 2021, the study did not include information on the time it takes for caseworkers to enter data for individual tasks. The DCJ caseworkers who were interviewed for this audit, advised that they spend a large proportion of their total working week entering data into the case management system, rather than visiting families or providing phone support to families.

DCJ’s ChildStory system does not display all of the summary information that caseworkers need in order to be efficient and effective in their role. For example, triage caseworkers need to know when a report was made to the Helpline, in order to meet the statutory period for response of 28 days after the report was received. This information is not shown in the triage transfer list and is only visible by clicking into case notes for each child, one at a time.

ChildStory does not contain accurate information about decisions made by frontline staff. Caseworkers are required to choose a reason when they close a child protection case. Reasons can include that the family was referred to an external service. There is no field for a caseworker to indicate that a case was closed because the child protection report related to a person who was external to the family. ChildStory does not have a case closure field to record that the parents were protective in instances when a child was at risk from someone outside the home. These cases are closed with the reason ‘No capacity to allocate’, resulting in inaccurate management reporting. This incorrect record keeping can be problematic for the family. It can mean that if the child is re-reported, there may be unnecessary interventions by DCJ in future.

DCJ advises that ChildStory is not being used to its full functionality and that District DCJ Offices have created arrangements that increase the administrative burden on staff. For example, in some Districts before a caseworker can submit an approval request in ChildStory to the relevant Director, the caseworker must attach an email with the same Director’s written approval. DCJ managers advise that ChildStory is not being used in ways that would allow for efficient approvals of ‘out of guidelines’ expenses. It is not known whether this is a training deficit, or related to another matter.

Up until recently, DCJ’s information management system did not have functionality to record and collate information about the service needs of children and families. DCJ advises that in 2022, a referral function was added to ChildStory. While DCJ advise that this functionality is being used for referrals to family preservation services, there is no evidence that caseworkers are using the function, or that referral data is collated and reported. Prior to July 2022, decisions to refer a child or family to therapeutic services were recorded in individual ChildStory case notes, and could not be extracted and reported as trend data.

Some Districts have developed local monitoring systems to track vacancies in local family preservation and targeted early intervention services. These local initiatives go some way to improving the planning for child protection services responses at the local level, but they are yet to be systematised.

DCJ advises that it is developing a service vacancy dashboard and it is due to be rolled out to all Districts in late 2023. In order for service information to be visible to DCJ staff, NGO partner agencies will need to regularly update their service vacancy information in the dashboard. Initially DCJ will collect data on which families were referred to services, and NGOs will be expected to enter information on attendance at program sessions at a later date.

DCJ has management reporting systems to track activity and outputs for child protection work, however some key metrics are missing

DCJ’s interactive internal dashboards effectively report against an agreed performance framework that measures caseworker activity. This provides DCJ managers with caseworker progress against targets such as seeing new children and families within specified timeframes. Managers can drill into the dashboard data to see individual cases and the caseworkers behind the numbers. This assists managers in allocating new cases to their frontline staff. While DCJ managers advise that they use the dashboards on a daily or weekly basis, they raised concerns that dashboards did not account for staff vacancies or new recruits who cannot carry a full caseload.

DCJ dashboards do not allow managers to focus on groups of children who are at greater risk of harm, or on children who require a tailored service. This limits the effectiveness of DCJ’s response. While Aboriginal children are identified on most internal dashboards, there are gaps in the identification of Aboriginal children, especially at the early Helpline assessments of child protection reports and at the initial caseworker assessment of child safety and risk. There is no indication in DCJ’s system to show whether a family has experienced intergenerational removal, despite these families needing a specific trauma-informed response. Children from Culturally and Linguistically Diverse (CALD) backgrounds are not reported clearly on dashboards and refugee children are not flagged.

Children and parents with disability are not identified accurately in ChildStory and are not reported on dashboards. The Disability Royal Commission found that parents with disability are over-represented in all stages of the child protection system, and that they are more likely to have their children removed from their care. The Commission found that child protection agencies are less likely to try to place children back in the care of parents with disability.

DCJ data is stored in a Corporate Information Warehouse, which combines child protection data and data about children in out of home care. This information is sourced from ChildStory. The Corporate Information Warehouse also includes staffing data, and contract management data from the Contracting Online Management System. The Warehouse is updated every night to ensure that management reports and dashboards are current. However, some key datasets are not included in the Warehouse, such as the Helpline report backlog, which means that the DCJ Executive does not have easy visibility of Helpline workload or delays in responding to electronic reports.

DCJ’s external dashboards provide limited public transparency about child protection and out of home care activity. Until early 2024 the dashboards did not show the numbers of children in emergency out of home care. In addition, the main quarterly and annual dashboards do not show the average time that children have been in out of home care. 

External reporting is managed by DCJ’s Insights Analysis and Research directorate, known as FACSIAR. In addition to quarterly and annual dashboards reporting key statistics, FACSIAR hosts monthly seminars presenting research findings aimed at improving caseworker practice. The seminars are well attended by DCJ and NGO caseworkers. FACSIAR also maintains a public evidence hub summarising research papers and evaluations.

While regular quantitative data is necessary for day-to-day management purposes, it is not sufficient to understand the experience and outcomes of children in out of home care. In order to deliver additional insights, DCJ has invested in a long-term study of children in out of home care through the Pathways of Care Longitudinal Study. This study follows children who entered care in NSW for the first time between May 2010 and October 2011 and includes data from external sources such as Medicare data, health and education records, and youth offending data. DCJ has used this data for research studies on topics such as outcomes for children with disability in out of home care, and to assist caseworkers in working with children and families through Evidence to Action notes.

DCJ’s system for requesting out of home care placements is ineffective, resulting in multiple unsuccessful requests to NGOs to place children

DCJ does not have a centralised system where its NGO service providers can indicate that they are able to take on new children requiring out of home care. There are almost 50 providers of out of home care services across the State, but no consolidated database showing that there are foster carers who are able to take on new children by location.

DCJ uses a system (known as the broadcast system) to notify NGOs that it needs a foster care placement or another placement type for a child. The number of placement broadcasts has increased from around 450 per month in 2018–2019, to over 1200 per month in 2022–2023, even though the number of children in out of home care has not risen during this timeframe.

Exhibit 17 shows the monthly numbers of children that were ‘broadcast’ to NGOs as requiring out of home care placements from July 2018 to June 2023.

Appendix one – Response from entities

Appendix two – DCJ Organisational Structure for Child Protection

Appendix three – Child protection flowchart from Family is culture review report 2019

Appendix four – About the audit

Appendix five – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #394 - released 6 June 2024

Published

Actions for Safeguarding the rights of Aboriginal children in the child protection system

Safeguarding the rights of Aboriginal children in the child protection system

Community Services
Compliance
Internal controls and governance
Management and administration
Project management
Regulation
Risk
Service delivery
Shared services and collaboration

About this report

The Department of Communities and Justice (DCJ) is responsible for safeguarding the rights of Aboriginal children, families, and communities when they encounter the child protection system. These rights are known as the Aboriginal and Torres Strait Islander Principles (the Principles), which are set out in legislation.

DCJ provides early intervention, prevention and out of home care services and also subcontracts non-government organisations to provide these services.

This audit assessed whether DCJ, and five funded non-government organisations that provide out of home care services, are effectively safeguarding the rights of Aboriginal children in the child protection system.

Findings

DCJ cannot demonstrate its compliance with the Principles. DCJ has not embedded the Principles in its governance, accountability arrangements, policy and day-to-day casework practice.

Insufficient governance and accountability arrangements have contributed to DCJ's failure to deliver on Aboriginal strategies and reforms in the last five years.

DCJ has not developed holistic family preservation models based on Aboriginal ways of healing.

DCJ is aware that its structured decision-making tools, used to make significant casework decisions, adversely affect Aboriginal children and their families. However, DCJ continues to use the tools.

DCJ has no quality assurance mechanisms over its child protection system and casework practice.

As system steward, DCJ has not provided non-government organisations with means to satisfy the Principles.

Recommendations

The audit recommends that DCJ:

  • establish governance and accountability arrangements that provide oversight of the safeguards and outcomes for Aboriginal children and families
  • develop and implement a quality assurance framework to ensure compliance with safeguards for Aboriginal children at all points in the child protection system
  • fulfil its commitment to develop and implement a healing framework for child protection services
  • commission family preservation services consistent with the principles of self-determination and participation set out in the Principles.

In this report, the term Aboriginal people is used to describe Aboriginal and Torres Strait Islander peoples. The Audit Office of NSW acknowledges the diversity of traditional Nations and Aboriginal language groups across the state of New South Wales.

The Department of Communities and Justice (DCJ) is responsible for the administration of the child protection system in NSW.

Aboriginal children and their families' rights in the child protection system are contained in the Children and Young Persons (Care and Protection) Act 1998 and the United Nations Conventions on the Rights of the Child and the Declaration on the Rights of Indigenous Peoples. These rights are also binding on DCJ funded non-government organisations (NGOs) through the administration of service contracts.

In 2022–23, DCJ spent $3.1 billion on child protection and out of home care services. This includes $1.9 billion on out of home care services, $800 million on child protection services and $405 million on early and intensive family preservation services.

DCJ subcontracts various early intervention, prevention programs and out of home care services to NGOs. However, DCJ is responsible, as system steward, for the effectiveness of the entire child protection system.

This audit assessed whether DCJ and five of its funded NGOs are effectively safeguarding the rights of Aboriginal children in the child protection system. The audit period was June 2018 to June 2023 (five years). In this report, children and young people under 18 are described together as children.

We addressed the audit objective by answering three questions:

  1. Does DCJ and its funded non-government organisations have established governance and accountability arrangements to understand and track performance in safeguarding the rights of Aboriginal children in the child protection system?
  2. Does DCJ and its funded non-government organisations have effective policies, practices, systems, and resources to support and enable staff to safeguard the rights of Aboriginal children in the child protection system?
  3. Does DCJ and its funded non-government organisations have effective monitoring and quality assurance systems to ensure that the outcomes for Aboriginal children in the child protection system are consistent with their legislative rights and their human rights?

This audit was conducted concurrently with the Oversight of the child protection system performance audit.

The child protection system aims to protect children and young people from the risks of abuse, neglect and harm. This report refers to several parts of the child protection system including:

  • Helpline: DCJ receives and triages reports about children suspected to be at risk of significant harm
  • Investigation of reports (mostly performed at community service centres): DCJ determines if reports meet the suspected risk of significant harm threshold and the subsequent assessment and investigation of suspected risk of significant harm reports
  • Case work: where risk of significant harm has been substantiated, DCJ provides and procures services to prevent a child’s entry into the child protection system
  • Entry into care decisions: DCJ determines when a child enters out of home care
  • Out of home care services: where a child cannot safely remain at home, DCJ or a contract service provider, place the child in foster care, kinship care, temporary care arrangements or residential care.

DCJ is not monitoring or reporting on safeguards for the rights of Aboriginal children 

Decisions and actions that affect families and children in contact with the child protection system are often made within the context of complex circumstances. They are also deeply impactful on children and their families and can have lifelong implications in areas such as mental health and wellbeing, social inclusion and the likelihood for descendants to also be in contact with the child protection system. Legislative safeguards exist to ensure that the rights of children are paramount.

DCJ governance arrangements are not informed by, and do not reflect, legislative safeguards for the rights of Aboriginal children. Such safeguards include the Convention on the Rights of the Child or the Declaration on the Rights of Indigenous Peoples and the Aboriginal and Torres Strait Islander Principles (the Principles) contained in sections 11 to 13 of the Children and Young Persons (Care and Protection) Act 1998.

DCJ has not established mechanisms to:

  • address the reasons, including those arising from its own process deficiencies, that Aboriginal children are disproportionately reported at suspected Risk of Significant Harm, seen by caseworkers and enter statutory out of home care
  • assess and hold its funded non-government organisations (NGO) accountable for the quality and outcomes of family preservation services that aim to prevent Aboriginal children entering out of home care
  • hold departmental districts and NGOs accountable for outcomes for Aboriginal children in out of home care.

Department districts are instead held accountable against nine key performance indicators at Quarterly Business Review Meetings. The performance indicators reflect activity in the child protection and out of home care system. None are disaggregated by Aboriginality, and no indicators require districts to demonstrate casework outcomes for Aboriginal children and families.

DCJ has not developed effective accountability mechanisms for its staff to safeguard the rights of Aboriginal children in the child protection system

DCJ does not have formal accountability mechanisms for any of its staff to safeguard the rights of Aboriginal children. Because of this, DCJ does not have a framework to address staff non-compliance with safeguards for Aboriginal children and their families.

DCJ does not collect data to demonstrate adherence to the Principles or consistently collect feedback from the Aboriginal community to understand its performance. Without Aboriginal outcomes focused data and feedback from Aboriginal stakeholders, DCJ cannot understand its performance or hold its staff accountable for complying with the Principles.

DCJ advises that it plans to introduce a new performance framework that will require senior executives to demonstrate their performance with respect to Aboriginal children in the child protection system. DCJ has not nominated when the framework will come into effect.

DCJ has made negligible progress in implementing key recommendations, strategies and reforms designed to improve outcomes for Aboriginal children and their families

DCJ has not delivered on any Aboriginal specific child protection reform strategy and made negligible progress in implementing key recommendations from the Family is Culture report.

Exhibit 5 identifies major Aboriginal specific reforms to address longstanding issues that impact Aboriginal children and their families. These reviews attempted to reorient the system toward preventing children from entering care and focused on improving outcomes for Aboriginal children in contact with the child protection and out of home care system.

Exhibit 5: Major Aboriginal specific reforms

The Aboriginal Outcomes Strategy 2017–2021, Target 2: reduce the long-term and continued over-representation of Aboriginal children in out of home care

In February 2023, the NSW Ombudsman reported ‘DCJ effectively abandoned the [Aboriginal Outcomes Strategy] at some point, without either reporting on what it had or had not achieved and without announcing it had been abandoned’. DCJ in reply to the NSW Ombudsman’s report noted that a machinery of government change in 2019 had impeded continuity of the Aboriginal Outcomes Strategy and that without clear governance, projects to address the over-representation of Aboriginal children in out of home care ‘continued but were disconnected from each other’.

Family is Culture report 2019: recommendation implementation

The Family is Culture report is the first Aboriginal led review on the experiences of Aboriginal children, young people and their families in the child protection system. The report made 126 systemic recommendations to the NSW Government in addition to over 3,000 recommendations based on individual case studies developed to inform the report.

DCJ released progress updates on the implementation of the recommendations in November 2020, May and November 2021 and February 2024.

In four years, only 12 of the 105 systemic recommendations accepted by the NSW Government and for which DCJ is responsible have been implemented. DCJ reports that it has implemented all individual recommendations about the cohort of Aboriginal children identified during the Family is Culture report.

Implementing the Aboriginal Case Management Policy

In 2018, DCJ commissioned AbSec to design the Aboriginal Case Management Policy, to translate the Aboriginal and Torres Strait Islander Principles into practice. Published in 2019, the Aboriginal Case Management Policy is yet to be implemented anywhere in the state.

Transition of case management of Aboriginal children to Aboriginal Community Controlled Organisations

In 2012, the NSW Government committed to transferring case management of all Aboriginal children and young people in out of home care to Aboriginal Community Controlled Organisations (ACCOs) within ten years. DCJ did not achieve this.

However, in September 2022 DCJ inserted an obligation into the Service Level Agreements of NGOs to the transition of Aboriginal children in out of home care to ACCOs. Currently, ACCOs manage approximately 20% of Aboriginal children in out of home care.

In the 2022–23 financial year, DCJ recorded 25 transfers of case management responsibility for Aboriginal children and young people from non-ACCOs to ACCOs across the entire sector. At 30 June 2023, there were 6,563 Aboriginal children in out of home care. Around half of these children were case managed by DCJ. To achieve the renewed commitment, DCJ will need to oversee the transfer of almost 500 Aboriginal children each year. In July 2023, DCJ estimated that at the current pace it will take 57 years to transition the case management of Aboriginal children to ACCOs.

DCJ’s organisational structure and governance arrangements are not enabling the system reform needed to meet the NSW Government’s commitment to Closing the Gap Target 12

The NSW Government is a signatory to the National Agreement on Closing the Gap 2021-2031. The objective of the Agreement ‘is to overcome the entrenched inequality faced by Aboriginal and Torres Strait Islander people so that their life outcomes are equal to all Australians’. The agreement commits the NSW Government to ‘mobilise all avenues and opportunities available, to meet the objectives’.

DCJ established a temporary Deputy Secretary Transforming Aboriginal Outcomes (TAO) role and associated unit in November 2021 to lead its Closing the Gap targets, which includes Target 12 (to reduce the proportion of Aboriginal children in out of home care by 45% by 2031). The TAO unit does not have decision-making powers over policy, commissioning of DCJ funded services or operational decisions. Instead DCJ has nominated a series of 18 disparate projects to achieve Target 12, which are monitored by TAO.

DCJ districts make significant child protection decisions that would likely contribute to achieving Target 12, including whether Aboriginal children enter out of home care and whether Aboriginal children currently in out of home care are restored to their families. However, there are no targets, measures or data to hold districts accountable to demonstrate progress in these key areas which would likely contribute to achieving Target 12.

Although senior executives meet regularly, the meetings are not used to drive the structural reform needed to achieve Target 12. DCJ is not on track to achieve Target 12.

Aboriginal children are over-represented in the child protection system. Approximately 6,500 Aboriginal children were in out of home care as at 30 June 2023, making up 45% of the out of home care population. By comparison, around seven per cent of children in NSW are Aboriginal. Aboriginal children are three times more likely than non-Aboriginal children to be reported at risk of significant harm and four times more likely to be allocated to a community service centre for a caseworker to undertake a face-to-face safety assessment. One in eight Aboriginal children seen by caseworkers enters out of home care.

DCJ does not have a quality assurance framework in child protection to safeguard the rights of Aboriginal children

DCJ has no quality assurance framework over systems and processes prior to the removal of a child into out of home care. Without such a framework, DCJ cannot be assured of its compliance with legislative safeguards afforded to Aboriginal children.

In late 2022, DCJ engaged a consultant to examine Aboriginal quality assurance for the child protection system. In July 2023, the consultant report highlighted deficient quality assurance systems and concerns with cultural capacity of staff to support Aboriginal families and children. DCJ has not indicated how or when it plans to address this deficiency.

DCJ does not have assurance that out of home care services are safeguarding the rights of every Aboriginal child in out of home care

The Office of the Children’s Guardian accredits out of home care providers, including DCJ and its funded NGOs, to a minimum standard set out in the Child Safe Standards for Permanent Care. As a result, DCJ and NGOs can demonstrate a range of internal quality controls and processes for children in out of home care to support the Office of the Children’s Guardian accreditation process.

However, the Office of the Children’s Guardian cannot provide qualitative assurance that DCJ and the NGOs have adhered to safeguards for each of the approximately 6,500 Aboriginal children in statutory out of home care at any given time. For example, the Office of the Children’s Guardian looks at whether a cultural plan exists for an Aboriginal child, but generally does not provide feedback for agencies to improve cultural plans.

DCJ, as the system steward, has a duty of care to ensure that it, and all NGOs it contracts with, have quality assurance processes to demonstrate compliance with safeguards for every Aboriginal child that is placed in out of home care. DCJ needs to do more than the minimum requirements of Office of the Children’s Guardian accreditation to gain assurance, commensurate with the risk of poor compliance and practice set out in this report, that it is adequately safeguarding the rights of every Aboriginal child in out of home care.

DCJ contracts NGOs to provide out of home care services through Service Level Agreements, aligned with the Principles in the Children and Young Persons (Care and Protection) Act 1998. This audit assessed whether NGOs are effectively safeguarding the rights of Aboriginal children in out of home care.

Five NGOs were selected as auditees for this performance audit. Selection of the providers was based on criteria which included:

  • a mix of faith- and non-faith-based entities
  • Aboriginal and non-Aboriginal entities
  • number of children in care
  • funding
  • location
  • service model.

Collectively, the NGOs selected for this audit were contracted to provide 2,600 foster care places in the 2021–22 financial year. This equated to one third of the total number of contracted foster care places in NSW in 2021–22. The two Aboriginal Community Controlled NGOs selected case managed about 20% of Aboriginal children in out of home care who were contracted out to NGOs.

Appendix one – Response from entities

Appendix two – The Aboriginal and Torres Strait Islander Principles (extract from the Children and Young Persons (Care and Protection) Act 1998

Appendix three – Data tables

Appendix four – About the audit

Appendix five – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Parliamentary reference - Report number #395 - released 6 June 2024.

Published

Actions for Cyber security in local government

Cyber security in local government

Local Government
Cyber security
Information technology
Internal controls and governance
Management and administration
Risk

What this report is about

NSW local councils provide a wide range of essential services and infrastructure to their communities and are increasingly reliant on digital technologies.

Councils need to manage cyber security risks to ensure their information, data and systems are appropriately safeguarded. Councils also need to be prepared to detect, respond and recover when a cyber security incident occurs.

The audit assessed how effectively three selected councils identified and managed cyber security risks.

The audit also included the Department of Planning, Housing and Infrastructure (Office of Local Government) and Department of Customer Service (Cyber Security NSW), due to their roles in providing guidance and support to local councils.

Audit findings

The audit found that the selected councils are not effectively identifying and managing cyber security risks. Each of the councils undertook activities to improve their cyber security during the audit period, but this audit found significant gaps in their cyber security risk management and cyber security processes.

Such gaps result in unmitigated risks to the security of information and assets which, if compromised, could impact their local communities, service delivery and public infrastructure.

Cyber Security NSW and the Office of Local Government recommend that councils adopt requirements in the Cyber Security Guidelines for Local Government, but could do more to monitor whether the Guidelines are enabling better cyber security risk management in the sector.

Audit recommendations

In summary, the councils should:

  • integrate assessment and monitoring of cyber security risks into corporate governance processes
  • self-assess their performance against Cyber Security NSW's guidelines for local government
  • develop and implement a risk-based cyber security improvement plan and program of activities
  • develop, implement and test a cyber incident response plan.

Cyber Security NSW and the Office of Local Government should regularly consult on cyber security risks facing local government, and review the effectiveness of guidelines and related resources for the sector.

While this report focuses on the performance of the selected councils, the findings and recommendations should be considered by all councils to better understand their risks and challenges relevant to managing cyber security risks.

Local councils in New South Wales (NSW) provide a wide range of essential services and infrastructure to their communities and are increasingly reliant on digital technologies for this.

Councils use various information systems and software to manage significant amounts of information and data relevant to their corporate functions, infrastructure and service delivery. This may include sensitive information about residents, customers and staff.

Audit Office of New South Wales reports to Parliament have highlighted gaps in councils' cyber security risk management approaches since 2020. The Local Government 2023 report, tabled in March 2024, found that 50 councils were yet to implement cyber security governance frameworks and related internal controls.

The threat from cyber security incidents continues to rise. Such incidents can harm local government service delivery and may include the theft of information, denial of access to critical technology, or even the hijacking of systems for profit or malicious intent.

It is important that councils are effectively identifying and managing cyber security risks to:

  • protect their information, data and systems
  • be prepared to detect, respond to and recover from cyber security incidents 
  • ensure confidence in the services they are providing for their communities.

This report outlines important findings and recommendations from a performance audit of three councils: City of Parramatta Council, Singleton Council and Warrumbungle Shire Council. This audit report has deidentified findings for each council, but the specific findings have been directly shared with each council to enable them to remediate and improve cyber safeguards. The findings and recommendations in this report are likely to be relevant to most local councils in NSW and councils are encouraged to ensure they have sufficient cyber safeguards.

This audit assessed how effectively the selected councils identified and managed cyber security risks. The audit considered whether the councils:

  • effectively identify and plan for cyber security risks
  • have controls in place to effectively manage identified cyber security risks
  • have processes in place to detect, respond to, and recover from cyber security incidents.

This audit also included the Department of Customer Service and the Office of Local Government (OLG) within the Department of Planning and Environment (DPE) due to their roles in providing guidance and support to local government.1

Cyber Security NSW, part of the Department of Customer Service, supports local councils to improve their cyber resilience through a range of services and guidance, including the Cyber Security Guidelines – Local Government issued in December 2022.

The OLG is responsible for strengthening the sustainability, performance, integrity, transparency and accountability of the local government sector.

Conclusion

The three councils are not effectively identifying and managing cyber security risks. As a result, councils' information and systems are exposed to significant risks, which could have consequences for their communities and infrastructure.

Ineffective cyber security risk management can result in unmitigated risks to the security of information and assets which, if compromised, could impact the councils' local communities, service delivery and public infrastructure.

Poor management of cyber security can lead to consequences including theft of information or money, service interruptions, costs of repairing affected systems, and reputational damage.

Each council undertook activities to improve their cyber security during the audit period, but there were significant gaps in the councils' risk management processes and controls meaning the councils are not effectively identifying and managing cyber security risks.

Key findings include:

  • None of the councils are effectively using risk management processes to identify and manage cyber security risks.
  • None of the councils have assessed the business value of their information and systems to inform cyber security risk identification and management, nor have they assigned cyber security responsibilities for all core systems.
  • Two of the three councils do not have a formal plan to improve their cyber security, resulting in an uncoordinated approach to cyber security activities and related expenditure. The council that does have a plan has not formally considered the resourcing required to fully implement the plan.
  • None of the councils have implemented effective governance arrangements to ensure accountability for managing cyber security risks, and their reporting to ARICs did not link activities to risk mitigation.
  • None of the councils have effective cyber security policies and procedures for managing cyber security risks and to support consistent cyber security practices.None of the councils have a clear and consistent approach to monitoring the effectiveness of controls to mitigate identified cyber security risks.
  • All three councils are not effectively identifying or managing third party cyber security risks.

None of the councils have up to date plans and processes to support effective detection, response and recovery from cyber security incidents.

Councils need to be prepared to identify when a cyber incident occurs, and be able to respond to cyber incidents to contain any compromises and minimise the impact. This is even more important for councils with low levels of maturity in their preventative cyber security controls.

Key findings include:

  • None of the councils have a cyber incident response plan to ensure an effective response to and prompt recovery from cyber incidents, and their business continuity and disaster recovery planning documentation is not up to date.
  • None of the councils have clearly defined roles and responsibilities for detecting, responding to (including through appropriate reporting) and recovering from cyber incidents.
  • None of the councils maintain a register of cyber incidents to record information about the sources and types of incidents experienced and relevant responses, to support post-incident evaluation.

Cyber Security NSW and the OLG recommend that councils adopt requirements set out in the Cyber Security Guidelines for Local Government, but could do more to monitor whether the Guidelines are enabling better cyber security risk management in the sector.

Cyber Security NSW and the OLG recommend that local councils implement the Cyber Security Guidelines for Local Government. However, while the roles of both Cyber Security NSW and the OLG involve identifying and responding to specific sector risks, neither is monitoring the uptake of the Guidelines by local councils to identify whether they are enabling better cyber security risk management.

Cyber Security NSW and the OLG did not ensure that their roles, responsibilities and actions relevant to cyber security management were coordinated and complementary during the audit period. Cyber Security NSW's Local Government Engagement Plan was updated in November 2023 to include information about its approach to stakeholder collaboration to support a cyber secure NSW Government, including through engagement with the OLG.


1 The OLG was part of DPE up to 1 January 2024, when DPE was abolished and the OLG became part of the Department of Planning, Housing and Infrastructure (DPHI).

Local councils in New South Wales (NSW) provide a wide range of essential services and infrastructure to their communities. In doing so, councils use a range of information technology (IT) systems, assets, and digital services.

This audit follows several audit reports by the Audit Office of New South Wales that have considered how effectively NSW Government entities, including local councils have managed cyber security risks (see Appendix three).

The Audit Office of New South Wales has reported on how councils have managed cyber security risks since 2020. In the Local Government 2023 report, tabled in March 2024, gaps in cyber security frameworks and related internal controls were reported in 50 councils.

This chapter includes a summary of thematic key findings for the selected councils.

Cyber Security NSW is responsible for supporting local councils to improve their cyber resilience through a range of services and guidance and published its Local Government Engagement Plan in 2023 (discussed below).

The Office of Local Government (OLG) is responsible for strengthening the sustainability, performance, integrity, transparency and accountability of the local government sector. It does this through a range of activities including monitoring sector-wide and council-specific risks, issuing guidance, engaging with councils to build capacity and supporting the Minister for Local Government’s discretionary intervention powers.

Appendix one - Response from entities Cyber security in LG

Appendix two - Glossary-  Cyber security in local government

Appendix three – Overview of Audit Office of New South Wales reports that consider cyber security - Cyber security in local government

Appendix four – Cyber Security Guidelines – Local Government foundational requirements- Cyber security in local government

Appendix five – About the audit- Cyber security in local government

Appendix six – Performance auditing -Cyber security in local government

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Parliamentary reference - Report number #392- released 26 March 2024

Published

Actions for Local Government 2023

Local Government 2023

Local Government
Asset valuation
Cyber security
Financial reporting
Fraud
Information technology
Internal controls and governance

What this report is about

Results of the local government sector financial statement audits for the year ended 30 June 2023.

Findings

Unqualified audit opinions were issued for 85 councils, eight county councils and 12 joint organisations.

Qualified audit opinions were issued for 36 councils due to non-recognition of rural firefighting equipment vested under section 119(2) of the Rural Fires Act 1997.

The audits of seven councils, one county council and one joint organisation remain in progress at the date of this report due to significant accounting issues.

Fifty councils, county councils and joint organisations missed the statutory deadline of submitting their financial statements to the Office of Local Government, within the Department of Planning, Housing and Infrastructure, by 31 October.

Audit management letters included 1,131 findings with 40% being repeat findings and 91 findings being high-risk. Governance, asset management and information technology continue to represent 65% of the key areas for improvement.

Fifty councils do not have basic governance and internal controls to manage cyber security.

Recommendations

To improve quality and timeliness of financial reporting, councils should:

  • adopt early financial reporting procedures, including asset valuations
  • ensure integrity and completeness of asset source records
  • perform procedures to confirm completeness, accuracy and condition of vested rural firefighting equipment.

To improve internal controls, councils should:

  • track progress of implementing audit recommendations, and prioritise high-risk repeat issues
  • continue to focus on cyber security governance and controls.

 

Pursuant to the Local Government Act 1993 I am pleased to present my Auditor-General’s report on Local Government 2023. My report provides the results of the 2022–23 financial audits of 121 councils, eight county councils and 12 joint organisations. It also includes the results of the 2021–22 audits for two councils and two joint organisations which were completed after tabling of the Auditor-General’s report on Local Government 2022. The 2022–23 audits for eight councils, one county council and one joint organisation remain in progress due to significant accounting issues.

This will be my last consolidated report on local councils in NSW as my term as Auditor-General ends in April. Without a doubt, the change in mandate to make me the auditor of the local government sector has been the biggest challenge in my term. Challenging for councils as they adjust to consistent audit arrangements and for the staff of the Audit Office of NSW as they learn about the issues facing NSW councils.

The change in mandate aimed to improve the quality of financial management and reporting across the sector. This will take time. But this report does show some ‘green shoots’ with more councils submitting financial reports to the Office of Local Government by 31 October and more councils having Audit, Risk and Improvement Committees. 

I also want to acknowledge that councils face significant challenges responding to and recovering from emergency events whilst cost and resourcing pressures have been persistent.

The findings from our audits identify opportunities to further improve timeliness and quality of financial reporting and integrity of systems and processes. The recommendations in this report are also intended to improve financial management and reporting capability, encourage sound governance, and boost cyber resilience.

 

Margaret Crawford PSM
Auditor-General for New South Wales

Financial reporting is an important element of good governance. Confidence in and transparency of public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines audit observations related to the financial reporting audit results of councils, county councils and joint organisations.

A strong system of internal controls enables councils to operate effectively and efficiently, produce reliable financial reports, comply with laws and regulations, and support ethical government.

This chapter outlines the overall trends in governance and internal controls across councils, county councils and joint organisations in 2022–23.

Financial audits focus on key governance matters and internal controls supporting the preparation of councils’ financial statements. Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues are reported to management and those charged with governance through audit management letters. These letters include our observations with risk ratings, related implications, and recommendations.

Appendix one – Response from the Office of Local Government within the Department of Planning, Housing and Infrastructure

Appendix two – NSW Crown Solicitor’s advice

Appendix three – Status of previous recommendations

Appendix four – Status of audits

Appendix five – Councils received qualified audit opinions for non-recognition of rural firefighting equipment

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Published

Actions for Regulation insights

Regulation insights

Environment
Finance
Health
Local Government
Whole of Government
Compliance
Cyber security
Internal controls and governance
Management and administration
Procurement
Regulation
Risk

What this report is about

In this report, we present findings and recommendations relevant to regulation from selected reports between 2018 and 2024.

This analysis includes performance audits, compliance audits and the outcomes of financial audits.

Effective regulation is necessary to ensure compliance with the law as well as to promote positive social and economic outcomes and minimise risks with certain activities.

The report is a resource for public sector leaders. It provides insights into the challenges and opportunities for more effective regulation.

Audit findings

The analysis of findings and recommendations is structured around four key themes related to effective regulation:

  • governance and accountability
  • processes and procedures
  • data and information management
  • support and guidance.

The report draws from this analysis to present insights for agencies to promote effective regulation. It also includes relevant examples from recent audit reports.

In this report, we also draw out insights for agencies that provide a public sector stewardship role.

The report highlights the need for agencies to communicate a clear regulatory approach. It also emphasises the need to have a consistent regulatory approach, supported by robust information about risks and accompanied with timely and proportionate responses.

The report highlights the need to provide relevant support to regulated parties to facilitate compliance and the importance of transparency through reporting of meaningful regulatory information.

Image
Picture of Margaret Crawford Auditor-General for New South Wales in a copper with teal specks dress with black cardigan.

I am pleased to present this report, Regulation insights. This report highlights themes and generates insights about effective regulation from the last six years of audit.

Effective regulation is necessary to ensure compliance with the law. Effective regulation also promotes social, economic, and environmental outcomes, and minimises risks or negative impacts associated with certain activities. But regulation can be challenging and costly for governments to implement. It can also involve costs and impact on the regulated parties, including other public sector and private entities, and individuals. As such, effective regulation needs to be administered efficiently, and with integrity.

Having a clearly articulated and communicated regulatory approach is essential to achieving this outcome, particularly when this promotes voluntary compliance and sets performance standards that are informed by community expectations. A consistent approach to exercising regulatory powers is important: it should be supported by robust information about regulatory risks and issues, and accompanied with timely, proportionate responses. Providing relevant support to the regulated parties and coordinating activities to facilitate compliance and performance can generate efficiencies.

Finally, transparency matters. It matters so that government has oversight of and can be held accountable for its leadership of public sector compliance, and in regulating the activities of third parties. Transparency also matters because it can provide insights into the effective exercise of government power. To achieve this, meaningful regulatory information needs to be reported.

While these issues are most pertinent for government agencies that exercise traditional regulatory functions, they are also relevant to lead government agencies that provide a stewardship role in promoting compliance and performance by other government agencies in relation to particular areas of risk.

Over the past six years, our audit work has found many common and repeat performance gaps, creating risks, inefficiencies, and limiting outcomes of regulatory activities. In considering these gaps, this report provides public sector leaders with insights into the challenges and opportunities they may encounter when aiming for more effective regulation, including the good governance of regulatory activities. This includes insights for lead agencies that provide a public sector stewardship role. Through applying these insights and maximising regulatory effectiveness, unintended impacts on the people and sectors government serves and protects can be avoided or at the very least minimised.

 

Margaret Crawford PSM
Auditor-General for NSW

This report brings together key findings and recommendations relevant to regulation from selected performance and compliance audits between 2018 and early 2024 (19 in total), and from two reports that summarise results of financial audits during the same period. It aims to provide insights into the challenges and opportunities the public sector may encounter when aiming to enhance regulatory effectiveness.

The report is structured in two sections, each setting out insights from relevant audits and providing summaries as illustrative examples.

Section 3 is focused on insights from audits of agencies that administer regulatory powers and functions over other entities or activities (typically known as 'regulators'). The powers and functions of regulators are defined in law, and often relate to issuing approvals (e.g., licensing) for certain activities, and/or monitoring allowable activities within certain limits. Regulators often have compliance and enforcement powers that can be exercised in particular circumstances, such as when a regulated entity has not complied with relevant requirements.

Agencies may be primarily established as regulators or perform regulatory activities alongside other functions. Depending on the context, the regulated activity may relate to other state agencies, local government entities, non-government entities or individuals.

Section 4 summarises insights from a selection of audits of agencies that provide a stewardship role in promoting compliance by and performance of other state agencies and local government entities in relation to specific regulations or policies. These policies may or may not be mandatory and, unlike a more traditional regulator, the coordinating agency may not have enforcement powers to ensure compliance.

These policies, and accompanying guidelines and frameworks, are typically issued by ‘central agencies’ such as the Premier's Department that have a public sector stewardship role. They can also be issued by agencies with a leadership role in particular policy areas ('lead agencies'). While individual agencies and local government entities implementing these policies are responsible for their own compliance and performance, lead and central agencies have an oversight role including by promoting accountability and coordinating activities towards achieving compliance and performance outcomes across the public sector.

Readers are encouraged to view the full reports for further information. Links to versions published on our website are provided throughout this document, and a full list is in Appendix one. An overview of the rationale for selecting these audits and the approach to developing this report is in Appendix two.

The status of agencies' responses to audit recommendations

Findings from the audits referred to in this report were current at the time each respective report was published. In many cases, agencies accepted audit recommendations, as reflected in the letters from agency heads that are included in the appendix of each audit report.

The Public Accounts Committee of the NSW Parliament has a role in reporting on and ensuring that agencies respond appropriately to audit recommendations. Readers are encouraged to review the Public Accounts Committee's inquiries on agencies' implementation of audit recommendations, which can be found on the Committee's website.

Published

Actions for Effectiveness of SafeWork NSW in exercising its compliance functions

Effectiveness of SafeWork NSW in exercising its compliance functions

Finance
Industry
Health
Compliance
Internal controls and governance
Management and administration
Procurement
Project management
Regulation
Risk

What this report is about 

This report assesses how effectively SafeWork NSW, a part of the Department of Customer Service (DCS), has performed its regulatory compliance functions for work health and safety in New South Wales. 

The report includes a case study examining SafeWork NSW's management of a project to develop a real-time monitoring device for airborne silica in workplaces. 

Findings 

There is limited transparency about SafeWork NSW's effectiveness as a regulator. The limited performance information that is available is either subsumed within DCS reporting (or other sources) and is focused on activity, not outcomes. 

As a work health and safety (WHS) regulator, SafeWork NSW lacks an effective strategic and data-driven approach to respond to emerging WHS risks. 

It was slow to respond to the risk of respirable crystalline silica in manufactured stone. 

SafeWork NSW is constrained by an information management system that is over 20 years old and has passed its effective useful life. 

While it has invested effort into ensuring consistent regulatory decisions, SafeWork NSW needs to maintain a focus on this objective, including by ensuring that there is a comprehensive approach to quality assurance. 

SafeWork NSW's engagement of a commercial partner to develop a real-time silica monitoring device did not comply with key procurement obligations. 

There was ineffective governance and process to address important concerns about the accuracy of the real-time silica monitoring device. 

As such, SafeWork NSW did not adequately manage potential WHS risks. 

Recommendations 

The report recommended that DCS should: 

  • ensure there is an independent investigation into the procurement of the research partner for the real-time silica detector 
  • embed a formal process to review and set its annual regulatory priorities 
  • publish a consolidated performance report 
  • set long-term priorities, including for workforce planning and technology uplift 
  • improve its use of data, and start work to replace its existing complaints handling system 
  • review its risk culture and its risk management framework 
  • review the quality assurance measures that support consistent regulatory decisions

SafeWork NSW is the work health and safety regulator in New South Wales. It was established by the State Insurance and Care Governance Act 2015.

As the regulator, SafeWork NSW is responsible for, among other things, enforcing compliance with the Work Health and Safety Act 2011 (the WHS Act) and the Work Health and Safety Regulation 2017. The regulator’s full functions are set out in section 152 of the WHS Act.

SafeWork NSW’s operations are guided by seven regulatory priorities for 2023, which contribute to three strategic outcomes:

  • Workers understand their rights and responsibilities.
  • Employers ensure that work is healthy and safe, with no advantage for cutting corners.
  • Regulation is fair and efficient.

This audit assesses the effectiveness of SafeWork NSW in monitoring and enforcing compliance with the WHS Act, through the examination of three lines of inquiry:

  1. Does SafeWork NSW have evidence-based processes to set its objectives and priorities for monitoring and enforcing compliance?
  2. How effectively does SafeWork NSW measure and report its performance in monitoring and enforcing compliance against the WHS Act?
  3. Are SafeWork NSW's policies and procedures for monitoring and enforcing compliance applied consistency across different sectors?

As SafeWork NSW is part of the NSW Department of Customer Service (DCS), the department is the auditee. Prior to 2019, SafeWork NSW was located in the former Department of Finance, Services and Innovation. Unless otherwise stated, any reference to SafeWork NSW should be read as including the broader department in which it sits.

This chapter considers whether SafeWork NSW has evidence-based processes to set its objectives and priorities, including how it takes into account operational feedback and expertise. It also includes how existing and emerging risks are assessed as part of the priority-setting process, and how planning and prioritisation takes into account resourcing, including workforce skills and capacity.

SafeWork NSW's operating model is now based on annual regulatory priorities, rather than longer-term priorities

From 2016 to 2022, SafeWork NSW worked under a six-year Work Health and Safety Roadmap (‘the Roadmap’). The Roadmap was revised in August 2018 and included the following statements:

The WHS Roadmap for NSW, along with the BRD Strategic Plan, provides a clear line of sight between our strategic objectives and the activities that will allow us to deliver our overall outcomes.

This Roadmap spans 2016-2022 but it will be refreshed and released every two years to ensure it stays relevant.

 

In addition to the Roadmap, SafeWork NSW operated under its 2019–20 Strategic Business Plan.

After SafeWork NSW was moved into DCS, the Roadmap was subject to a mid-term evaluation by ARTD Consultants in 2020. SafeWork NSW management subsequently accepted all nine recommendations of that mid-term evaluation, which included the following:

  • Strengthen business intelligence data systems to allow managers and inspectors to access to real-time data on safety incidents and workers compensation claim data (Rec 5).
  • Improve evidence available to assess Roadmap outcomes in 2022 (Rec 9).

In 2023, SafeWork NSW replaced its six-year Roadmap with a model of setting annual regulatory priorities. Seven regulatory priorities were set for 2023. These priorities were:

  •  gig economy – increase safety and WHS compliance in the sector, particularly food delivery riders and health care
  • safety around moving plant – reduce workplace safety incidents, particularly forklifts
  • seasonal workplaces – increase WHS compliance to support itinerant workers, particularly in the agricultural sector and those working with amusement devices
  • psychological safety – reduce the prevalence of psychological injury at workplaces, with a focus on mental health and well being
  • respect at work – reduce the incidence of bullying, sexual harassment, and customer aggression in the workplace, particularly in make dominated sectors and healthcare
  • exposure to harmful substances – reduce the incidence of worker exposure to dangerous substances in the workplace, particularly silica and dangerous chemicals
  • falls – reduce the incidence of falls from heights with a particular focus on construction.

These priorities are intended 'to deliver on three strategic outcomes’:

  • Workers understand their rights and responsibilities.
  • Employers ensure that work is healthy and safe, with no advantage for cutting corners.
  • Regulation is efficient and fair.

As SafeWork NSW works to deliver on these outcomes, the focus is on priority or vulnerable groups of workers – these being younger workers, workers from culturally and linguistically diverse backgrounds (especially newly arrived workers), and Aboriginal people.

Shorter-term priorities are intended to enable SafeWork NSW to be more responsive to work health and safety risks and were developed in consultation with operational staff

The adoption of shorter-term priority-setting is intended to enable a more agile approach to regulation that, according to DCS, is better able to adapt to changes in risk profiles and industries. It was put to the audit by some interviewees that the six-year plan was less able to respond to rapid changes in the economy that may lead to quickly emerging work health safety risks. An example commonly cited was the significant increase in gig economy workers, including in areas such as food delivery workers and personal care workers. It was put to the audit that this example highlighted new WHS risks unique to those emerging workplaces.

According to DCS, in addition to being more agile and responsive to macro changes in the workforce, the annual priorities are intended to enhance accountability by creating a more timely and contemporaneous link between activities and outcomes. The more immediate nature of annual priorities is also designed to provide a more immediate and tangible link to SafeWork NSW’s activities and ensure better accountability for delivery.

The annual priorities are intended to complement SafeWork NSW’s commitments under the national Australian Work Health and Safety Strategy 2023-33. This strategy sets a high-level vision and goal for Australia’s work health and safety regulators, including to address agreed persistent challenges, such as psychosocial risks, vulnerable workers, and ensuring that small businesses are adequately supported to meet their work health and safety obligations.

The process for developing regulatory priorities for 2023 involved internal consultation with SafeWork NSW executive directors, directors, managers, inspectors, project leads, as well as consultation with external stakeholders and experts. There is evidence that SafeWork NSW considered the feedback it received, including from its inspectors.

SafeWork NSW staff identified potential risks that SafeWork NSW will need to manage as the process for developing regulatory priorities continues to develop

The audit team interviewed almost all SafeWork NSW executive directors, directors, and team managers, particularly those performing regulatory functions. These interviews revealed a strong level of commitment to the purpose and functions of SafeWork NSW, as well as a shared desire to see the organisation fulfil its potential.

In regard to the annual priorities, senior executives and the majority of team managers we interviewed supported the adoption of annual priorities and expressed confidence that establishing annual priorities would improve the effectiveness of SafeWork NSW in delivering its compliance functions. It was noted by SafeWork NSW that the shift towards regulatory priorities 'brings us to a level of maturity mirroring the approach of regulators such as ASIC and the ACCC'.

While most staff interviewed during this audit welcomed the sharper focus and greater flexibility afforded by shorter-term priorities, others identified a range of risks. Some experienced people managers in SafeWork NSW expressed significant doubts about the pursuit of annual regulatory priorities. Risks identified during audit interviews included:

  • That the short-term focus had prevented SafeWork NSW from establishing a longer-term goal or vision.
  • That the annual priorities were simplistic and lacked sufficient detail to engage the regulator, industry, and the community.
  • That short-term priorities would make it difficult to meaningfully measure and report progress, especially for activities and initiatives that may take longer to achieve demonstratable change.
  • That the process of considering the next annual priorities may need to commence well before initiatives for the current year have been completed (or even commenced), hindering how effectively lessons can be incorporated into future planning.
  • That frequent changes in regulatory priorities may make it difficult to ensure that the SafeWork NSW workforce has appropriate capability and capacity, particularly for potentially complex emerging threats such as artificial intelligence in workplaces.

In response to these risks, SafeWork NSW has noted that:

  • SafeWork NSW has a separate vision in addition to the regulatory priorities. This is 'healthy, safe and productive working lives'.
  • A review process will occur to understand what went well and what did not from the first year of regulatory priorities before finalising priorities for 2024.
  • Planning will improve over time as the process reoccurs, and lessons learned will be linked to future priorities.

The inability to achieve full ‘buy-in’ from experienced people managers in SafeWork NSW suggests that change management, including consultative and communication processes, has not been completely successful. SafeWork NSW advised that this initiative was a significant shift for all its staff and in particular middle management. Given this, the leadership of SafeWork NSW should prioritise investment in effective change management processes, especially if the annual regulatory priorities are anticipated to change in 2024.

Importantly, the SafeWork NSW leadership team should undertake strategic planning to ensure that a meaningful set of longer-term priorities underpin their investment decision-making on organisational fundamentals, such as a capable and sustainable workforce and fit-for purpose technology systems. Without this, there is a real risk that the regulator's business needs and priorities will be overtaken by the priorities of a much bigger department.

SafeWork NSW consulted with external stakeholders in determining its 2023 annual regulatory priorities

SafeWork NSW developed a discussion paper in 2022 for external stakeholders as a precursor to consultation on its 2023 annual priorities. This discussion paper outlined an intent by SafeWork NSW to develop a new strategy that would prioritise activities that were the biggest points of leverage to drive material change and were the biggest risks and most important trends affecting WHS in NSW.

SafeWork NSW considered expert feedback and expertise in the development of its regulatory priorities through this process. A summary document detailing the rationale for its regulatory priorities provides evidence that feedback from external stakeholders, such as unions and industry groups, were taken into account.

SafeWork NSW has not established a formal process for determining its regulatory priorities for 2024 and beyond

SafeWork NSW has an indicative timeline for preparing its 2024 priorities which provides that the priorities will not be settled until March 2024 and will be based on the results of the previous year’s priorities to December 2023. However, no ongoing process for determining annual priorities in each future year was settled at the time of writing this report. Some priorities might be expected to remain relatively constant, especially persistent challenges such as preventing falls from heights. However, if the annual priorities model is to meet the expectation of being agile, then new and emerging priorities will need to be identified, understood, scoped, and responded to with relatively short notice.

Elements of the 2023 regulatory priorities will overlap with any new or revised priorities, such as the monitoring and evaluation framework, and the three-year Construction Services Blueprint. SafeWork NSW explains that these longer-term initiatives are 'intended to support the delivery of priorities that are likely to run over many years, providing more granular detail on specific drivers of harm, regulatory responses and targets'.

SafeWork NSW does not effectively use data to inform its priority-setting or assessment of risk, despite adopting the recommendations from the 2020 mid-term Roadmap evaluation

SafeWork NSW states that it chose its regulatory priorities in 2023 based on the following factors - potential for serious harm or death, new or emerging risks, and increases in the frequency of an issue. An emerging issue is where:

A hazard and/or risk to health and safety relating to a new or existing product, process or service was not previously known or fully realised and SafeWork NSW intervenes to address the workplace health and safety risks for example, guidance material, training, regulatory change. 

SafeWork NSW has a substantial data repository, with over 20 years of case and activity data contained in its Workplace Services Management System (WSMS). However, SafeWork NSW does not effectively interrogate this data to provide an evidence base for its regulatory functions.

SafeWork NSW has only recently established a data governance committee. SafeWork NSW also advised that a data science function was created within the Centre for Work Health and Safety during 2023, repurposing existing resources and supported by a business intelligence working group comprising of inspector representatives from operational directorates.

While this data science function is newly created, SafeWork NSW does not have a strategic business intelligence function that is both recognised and understood across each directorate and team, and the ability of its technology infrastructure to deliver sophisticated strategic and operational data intelligence has been limited.

As a result of this lack of central coordination and capability, directorates have sought to develop their own data analysis capability, with inconsistent, fragmented and potentially duplicative results. The audit did find specific (albeit isolated) examples of data being used to inform decision-making, though these efforts were disparate and uncoordinated at the directorate level.

SafeWork NSW said that data is used to inform leadership discussions at the quarterly SafeWork NSW Leadership Meetings, and monthly operational executive meetings. The audit did not review the agenda papers for these meetings.

At the 2020–21 NSW Parliament Budget Estimates Committee hearing, SafeWork NSW stated that it:

…used predictive analytics and machine learning to generate a WHS rating system leveraging a large dataset to aid decision-making. The WHS rating supports an evidence-based approach to identifying high risk workplaces and provides additional data-based evidence to assist in decision-making'. 

SafeWork NSW has started to use artificial intelligence to interrogate historical compliance data to rate the risk of different employers. However, this is used inconsistently across SafeWork NSW and there is limited evidence about its effectiveness. A similar tool does not exist for industry or product-related trends or relationships that may assist SafeWork to proactively identify high-risk workplaces and issues.

Outdated technology and uncertainty in planning its replacement is limiting SafeWork NSW's ability to effectively use its data for analytics and insights

SafeWork NSW uses WSMS to manage work health and safety data. This system has been in place for over 20 years. It was noted in interviews conducted during this audit that this data system is at the end of its effective life.

Issues noted by users of WSMS include:

The lack of governance associated with data management of WSMS. There is no data custodian, and a formalised data quality assurance process does not exist. This means that data can be extracted from the system with no controls on the accuracy of the analysis.

Access to WSMS cannot be tracked (and is therefore not auditable).

  • Data quality is variable, depending on the quality of notes provided by inspectors (with individuals noting that these notes could be full of speculation), and inconsistent approaches to entering information into the system. At the same time, inspectors noted that entering information into the system can be an administrative burden due to duplication and time requirements.
  • Analysis cannot readily be undertaken on a geographic basis (for example, all high-risk employers within a particular region).
  • As WSMS does not track information about the directors of companies, it is unable to identify risks associated with 'phoenixing', where directors of wound-up businesses establish new entities, or other forms of related-entity risk. The audit team linked WSMS data with ASIC data to match company directors with company and notice data. This was done in order to understand the additional intelligence that could be used to inform risk-based decision-making. As an example, the audit found that there is a large number of companies that have not received notices from SafeWork NSW but may be at higher risk due to the conduct of their directors:
    • There were approximately 151,000 companies with directors that were also linked to at least one other company that had received at least one type of notice from SafeWork NSW.
    • There were approximately 24,500 companies with directors that were also linked to one or more companies that had cumulatively received over 100 notices from SafeWork NSW.
    • There were approximately 8,600 companies with directors that were also linked to one or more other companies that had cumulatively received over 400 notices from SafeWork NSW.

In addition to the feedback provided by WSMS users within SafeWork NSW, the audit team also found related data quality issues during the course of our own analysis, including:

  •  Industry analysis is more challenging to perform because specific industry data points and grouping details are not captured in WSMS.
  • There was no systematic method to identify all silica-related incidents. The search terms were not standardised and relied on judgement, for example: ‘silic’ (potentially capturing both ‘silica’ and ‘silicosis’) and ‘benchtop’, though SafeWork NSW advised that consultation with subject matter experts informed these searches. There is a high-risk of false positives and incomplete analysis without time intensive manual review of each identified case. WSMS was not readily able to provide data on silica-related complaints without workarounds and manual file review (which proved unreliable) and requiring significant effort from data staff in both the Audit Office and SafeWork NSW.
  • Test data is captured in production systems, rather than in test systems. These records do not have a unique identifier and are difficult to identify and isolate for business intelligence analysis.
  • Data validations are not enforced (for example, on Australian Business Number, Australian Company Number columns). Instead, the data entry fields allow for incorrect details to be captured or left blank without explanation from the staff entering the data.

SafeWork NSW provided advice to the audit team that an upgrade of WSMS was planned as part of the broader e-regulation program across DCS (that is, the single digital platform for all 28 business regulators). However, this upgrade is now uncertain as there is no funding for SafeWork NSW to be onboarded to the new platform. This means that for the foreseeable future SafeWork NSW will be constrained by the limitations inherent to WSMS.

SafeWork NSW took around eight years to actively and sufficiently respond to the emerging risk of respirable crystalline silica in manufactured stone

Silicosis is a progressive, occupational lung disease resulting from inhalation of respirable crystalline silica (RCS). Silicosis is one of the oldest known occupational diseases, particularly affecting industries like mining. In Australia, silicosis has been a known cause of death and disability for over 100 years. This disease is preventable through appropriate workplace practices in a hierarchy of controls, which includes the use of correct personal protective equipment.

The use of manufactured stone for applications such as kitchen benchtops became popular in Australia in the early 2000s. Other substances that contain silica, such as rock, stone, clay, gravel, concrete and brick, may contain between 2% and 40% silica. In contrast, manufactured stone contains up to 95% silica. Workers exposed to respirable crystalline silica from manufactured stone are more likely to develop severe silicosis (and other serious lung diseases), and more quickly, than workers exposed to silica from other sources.

In 2010, international research was published that pointed to the specific heightened risk posed by the high silica content of manufactured stone used primarily for kitchen countertops and bathroom fixtures. This was confirmed by subsequent research published in 2012, which concluded that, in regard to a documented outbreak of silicosis among manufactured stone workers in Israel:

This silicosis outbreak is important because of the worldwide use of this and similar high-silica-content, artificial stone products. Further cases are likely to occur unless effective preventive measures are undertaken and existing safety practices are enforced. 

This research was relevant to Australia as the sample of workers was derived from the same Israeli-based manufacturer and exporter of manufactured stone that supplies the majority of the product used in Australia.

The first identified group of related workers who contracted silicosis in NSW was reported in literature in 2015. Further cases have been reported in the media since 2015. These included examples of relatively young workers developing silicosis, presumptively from inhaling silica dust derived from manufactured stone.

In 2017, SafeWork NSW listed RCS as one of the top ten priority chemicals in its 2017–2022 Hazardous Chemicals and Materials Exposures Baseline and Reduction Strategy (dated October 2017).

A legislatively-mandated case finding study conducted by SafeWork NSW in 20213 reported that screening conducted by icare between 2017–18 and 2019–20 found an average of 29 cases per year of silicosis among workers in the manufactured stone industry.4 Despite the relatively small size of this workforce, this was three times the number of cases of all workers engaged in all other at-risk industries.

While the heightened risk posed by respirable crystalline silica in manufactured stone was first published in research in 2010 and detected in cases from 2015, SafeWork NSW’s first substantial practical response commenced in 2018–19.

From July 2018, SafeWork NSW convened a Manufactured Stone Industry Taskforce, including representatives from industry, unions, health, education and other government agencies. During the term of this taskforce (which ended at 30 June 2019), SafeWork NSW conducted 523 visits to 246 manufactured stone sites. These inspections resulted in 656 improvement notices being issued, along with 43 prohibition notices (this included matters not related to silica). Prior to this, the extent of SafeWork NSW’s active response to the emerging risk was to conduct a limited inspection program of six work sites in May 2017 (one site) and August 2017 (five sites). The results of these six workplace visits were incorporated into a research project report that was finalised in August 2018.

In the period from 2012 to 2018, SafeWork NSW also received complaints about silica-related matters, including matters not related to manufactured stone. These are detailed in Exhibit 1 below. The number of complaints was a relatively small proportion of all complaints received, though the number increased after 2018. This increase may be a result of increased community and industry awareness through media reporting and SafeWork NSW’s proactive audit work.5 The majority of these complaints did not result in further regulatory action by SafeWork NSW beyond preliminary inquiries and, in some cases, site visits. The right-hand column of the below table shows key events leading up to and shortly after SafeWork NSW’s first regulatory interventions.

Exhibit 1: Silica-related complaints made to SafeWork NSW, 2012–2023
YearNumberSilica-related activity and events
201255International published research reiterates 2010 findings of a link between manufactured stone and silicosis.
201352 
201455 
201538First NSW case series linked to manufactured stone industry.
201654Youngest known case of silicosis in NSW admitted to hospital.
201770Crystalline silica listed as the second priority chemical (out of 10 priority chemicals) by SafeWork NSW. Media reporting on the ABC.
2018104SafeWork NSW commences proactive work. Manufactured Stone Industry Taskforce commenced. Media reporting on the ABC, The Project and Daily Mail on silicosis.
2019173NSW Parliamentary Dust Diseases Review.
Probable first Australian death from silicosis caused by manufactured stone.
2020210Silicosis becomes notifiable, fines introduced, workplace exposure standard halved.
2021174Respirable crystalline silica exposure in the NSW manufactured stone industry case finding study undertaken.
Media reporting by The Project and ABC 7.30 Report.
2022193 
2023*381 
TOTAL1559 

*         2023 data are to 30 November 2023.
Note: Complaints received by SafeWork NSW where the issue description includes ‘silic*’ or ‘benchtop’. This will include silica derived from sources other than manufactured stone, including relating to those products listed in the Safe Work Australia 2020 national guide.
Source: Audit Office analysis of WSMS data.

High-profile media reporting in 2018, 2021, and early 2023 appeared to provide impetus to SafeWork NSW’s regulatory actions. SafeWork NSW subsequently conducted further rounds of proactive compliance, education and awareness activities among identified workplaces. This work increasingly targeted high-risk workplaces. Since 2018–19, SafeWork NSW has conducted three rounds of workplace inspections that have progressively focused on the highest risk workplaces. This program has adopted a strategic and evidence-based approach.

Since October 2019, 17 matters were progressed to further investigation with a view to prosecution. Five silica-related matters have been filed in court for prosecution. Three of these matters were still in court at the time of this audit, and two matters have been finalised.

In 2020, NSW introduced a range of legislative reforms including:

  • Banning the practice of dry cutting engineered stone containing crystalline silica. Maximum penalty of $30,000 for a body corporate and $6,000 for an individual, with on-the-spot fines for uncontrolled dry processing of engineered stone.
  • Halving the Workplace Exposure Standard from 0.1mg/m3 to 0.05 mg/m3 (ahead of the national deadline to implement it).
  • Silicosis becoming a notifiable disease requiring clinicians to report each case of silicosis diagnosed in NSW. Those notifications are shared with SafeWork NSW to manage a NSW Dust Disease Register. An annual report is tabled in Parliament and published on the NSW Government website www.nsw.gov.au (NSW Silica Dashboard) alongside some information on compliance activities.
  • On 27 October 2020, silicosis became a notifiable disease requiring clinicians to report each case of silicosis diagnosed in NSW. Those notifications are shared with SafeWork NSW to manage a NSW Dust Disease Register. In August 2021, SafeWork NSW published the first NSW Dust Disease Register Annual Report, detailing diagnosed cases of silicosis, asbestosis, and mesothelioma in NSW during 2020–21 and the Case Finding Study Report on silica exposure in the Manufactured Stone Industry. The Annual Report is tabled in Parliament and published on the NSW Government website www.nsw.gov.au (NSW Silica Dashboard) alongside some information on compliance activities.

Also in 2020, SafeWork NSW released the NSW Dust Strategy 2020-2022, which identified silica as one of three focus areas for the regulator.

In February 2022, New South Wales introduced the NSW Code of Practice – Managing the risks of respirable crystalline silica from engineered stone in the workplace, based on the National Model Code that was finalised in late 2021. The Code provides practical information on how to manage health and safety risks associated with respirable crystalline silica from engineered stone in the workplace.

Silica continues to be a priority for SafeWork NSW in 2023 under the SafeWork NSW regulatory priority: Exposure to harmful substances - Reduce the incidence of worker exposure to dangerous substances in the workplace, particularly silica and dangerous chemicals.

The online NSW Silica Dashboard provides members of the public with information on SafeWork NSW’s silica workplace visit program that commenced in 2018 through to 30 September 2023.

Organisational silos within SafeWork NSW contribute to inconsistent regulatory decision-making, duplication of effort, and inefficient practices

There is evidence indicating that SafeWork NSW works in silos, with limited communication, collaboration, and awareness of activities across functions.

We note the finding made by the South Australian Independent Commission Against Corruption in reviewing SafeWork SA:

A failure to ensure adequate and appropriate communication within an agency can result in duplication of effort, inconsistent approaches to the same function and the creation of unique risks. 

The existence of silos was evidenced by the audit team through:

  • The inconsistent application of policies and procedures. For example, performance management practices differ between directorates and individual teams. This is further discussed in Chapter 4.
  • How data is used across SafeWork NSW. While there are pockets of effective data analysis, they often seem to operate in isolation from each other, resulting in duplication and a failure to achieve economies of scale and the benefits of synergies.
  • Limited feedback loops across SafeWork NSW. SafeWork NSW does not have an overarching continuous improvement framework, and communication surrounding decision-making is limited. For example, where the Investigations and Emergency Response team decide to discontinue an investigation, there is no requirement to inform the referring inspector that this has occurred, or the rationale behind the decision.

Similar findings on the existence of silos, and the need to improve teamwork and collaboration, have been made by SafeWork NSW in internal reviews undertaken as part of restructuring activities.

This audit also found broader issues of concern regarding organisational structure. SafeWork NSW staff frequently expressed reservations about the effectiveness of the current structure and compared it unfavourably to the regulator’s previous form. In particular, some SafeWork NSW staff said that the existing structure:

  • reduced SafeWork NSW’s profile as the regulator for work health and safety in NSW
  • confused lines of accountability for senior strategic leadership
  • diluted the regulator’s focus and the cohesion of the staff.

The Independent Review of SafeWork NSW being conducted by Mr Robert McDougall KC is examining organisational structural issues. In the interim, the decision has been made by DCS that SafeWork NSW will transition out of the Better Regulation Division of DCS from 1 December 2023, to become a standalone division within DCS.

Organisational restructuring and any uncertainty that it involves in the short- to medium-term could impact on the SafeWork NSW's progress in achieving desired policy outcomes, especially if the change management process is not effective.

The lack of a strategic approach to data and intelligence by SafeWork NSW hampers effective targeting and prioritisation of proactive compliance activity

Effective proactive compliance work is an important part of an effective regulatory approach. For SafeWork NSW, these activities range from dedicated state-wide programs over extended periods through to specific, localised ‘blitzes’ of targeted workplaces. These activities are performed alongside 'reactive compliance activities' such as responding to incidents, complaints, or requests by ‘persons conducting a business or undertaking’ (PCBUs) for education and awareness-building activities.

In accordance with Safe Work Australia’s National Compliance and Enforcement Policy, proactive compliance activities are intended to be:


…conducted in line with the activities of assessed highest risk and the strategic enforcement priorities.
 

SafeWork NSW’s proactive compliance activity is intended to be based on:

  • SafeWork NSW’s annual regulatory priorities
  • data and insights on high-risk harms, industries or businesses
  • the identification of new or emerging risks
  • targeted programs focused on reducing the greatest harms.

As discussed earlier in this section, SafeWork NSW does not effectively use data to inform priorities or to assess risk.

While managers at SafeWork NSW referred to an overall target for proactive work (it was commonly suggested that between 60% and 70% of regulatory activities should be proactive), we were informed by the Head of SafeWork NSW (and Deputy Secretary of the Better Regulation Division) that there was no specific target.

In practice, there is significant variation in the mix of proactive and reactive compliance activities between directorates and teams, with some teams doing either largely proactive or largely reactive activities. This can depend on the nature of the industry sectors and geographic areas in which they function, and the extent of teams’ non-discretionary reactive workload.

Planning, implementing and evaluating proactive compliance work is inconsistently done across SafeWork NSW, making it hard to assess whether resources are being used effectively

The audit team found widely differing approaches to how directorates and even individual teams within the same directorate used evidence to identify and target risk areas for proactive work programs, such as blitzes. While there was evidence that data was used to inform how activities would be targeted, this was not consistent. For example, some teams draw on intelligence generated by dedicated interventions staff in their directorates, while others rely entirely on opportunistically identifying potential worksites for proactive work by driving or walking past sites. The audit found examples of effective use of data and intelligence to plan proactive activities.

There is also no consistent approach to planning, implementing, or evaluating proactive compliance work across SafeWork NSW. Even within the same directorate, there can be significant differences in approach. Some of these differences can be explained by the different types of matters and circumstances that apply to PCBUs across different industries. However, inconsistencies extended to fundamental aspects of proactive compliance work such as:

  • the rigour of evidence and intelligence by which priorities are determined and targeted, which was partly reflected by directorates having different levels of internal data capability
  • the degree of project management capability and resourcing, including where some directorates have dedicated specialist project management skills, while others rely on inspectors to perform project management
  • the extent to which different directorates and teams had a clear approach to how programs would be evaluated, beyond simply measuring activity, something which appears undermined by the absence of an evaluation framework
  • whether the strategic intent of programs and blitz activities are to drive meaningful behavioural change or just, as some interviewees expressed it, to ‘make sure they tick some boxes.’

These material differences and lack of consistency in approaches to proactive compliance makes it difficult to assess whether these activities are effective and efficient regulatory interventions. While there was strong support for proactive compliance activity among both managers and inspectors (indeed, most thought that there should be more proactive activity), there were relatively few who could provide an evidence base to justify the significant staff resources that they consume.

The Centre for Work Health and Safety has a function to improve data, research, and evidence to support risk identification

The Centre for Work Health and Safety (CWHS), a functional unit within SafeWork NSW, was established in December 2017 under the WHS Roadmap 2016-2022. Among other things, it has an insights and analytics function. Its establishment was driven by the recognition that SafeWork NSW was not effectively using data and evidence to support its decision-making and activities.

Two pieces of work undertaken by the CWHS are intended to provide SafeWork NSW with greater capability in identifying and addressing risk in both strategic and operational contexts.

First, the WHS Radar project is intended to deliver ‘…regular and actionable insights about WHS in an Australian context.’ Conducted twice a year, the WHS Radar synthesises information about work health and safety by drawing on five sources of evidence:

  • existing data, including incidents, worker’s compensation, ABS, and prosecutions
  • analysis of grey literature (non-peer reviewed sources, such as government reports, some conference papers, and reports from academic, business and industry bodies)
  • social media listening
  • nationwide survey of WHS inspectors and experts
  • nationwide survey of Australian workers across all industries.

The WHS Radar is intended to reduce the extent to which SafeWork NSW is dependent on lag data, by actively collecting more contemporaneous data from multiple sources. The first WHS Radar report was released publicly in April 2023.

A second piece of work delivered by the CWHS is the WHS Risk Rating tool for a PCBU.6 This tool attributes a rating to many businesses in NSW based on assessment of their future risk of non-compliance with WHS legislation. The WHS Risk Rating is intended to:

  • support existing SafeWork NSW Triage decision-making
  • support IDMP decision-making
  • select high-risk profiles during blitz operations
  • proactively screen and target high-risk profiles.

While some managers in SafeWork NSW did use the WHS Risk Rating tool, others were less confident in its value, expressing doubts about the accuracy and completeness of the data, or were not aware of it at all. These inconsistent views between different managers and directors, between those who use the WHS Risk Rating tool and those who do not use it or do not even have awareness about it, suggests that its purpose and functionalities have not been fully communicated to the wider inspectorate.

The governance of the CWHS, and particularly its relationship to SafeWork NSW, is somewhat unclear. While the Centre sits under the Executive Director, Regulatory Engagement, it identifies on its website as ‘A division of the Department of Customer Service’. Structurally, it is equivalent to a directorate under the Regulatory Engagement business area of SafeWork NSW, rather than a division of the department.

SafeWork NSW's inspectors are its core asset, and its ability to recruit, train and retain inspectors is key to fully performing its functions and meeting the internationally recognised benchmark

SafeWork NSW is funded to fully operate with up to 370 inspectors, though with 352 inspectors at August 2023 it has not recruited to full capacity.

Staff retention within the inspectorate has been a historic strength of the regulator. However, there has been a recent increase in inspector turnover. SafeWork NSW notes that from 2020 to 2022 attrition rates doubled from 5.3% to 10.6% within the inspectorate, which – due to the average age of its workers – was anticipated. Nearly one-third of inspectors were 56 years or older in the 2021–22 financial year. SafeWork NSW also experienced a general increase in resignations since the COVID-19 pandemic.

Increased recruitment activity is intended to mitigate the impact of ongoing attrition due to retirement. However, given the training requirements for new inspectors, there is a significant lag time between recruitment and the utility of inspectors in the field to progress regulatory priorities. SafeWork NSW notes however that inspectors receive authorisations to use their powers throughout the 12-month training period, with individuals assessed at a number of stages based on individual competence.

Where there have been capacity limitations, there have been localised responses such as the sharing of inspectors between teams, or the change in resourcing profile of investigations where instead of one inspector working on a case, a case is assigned to a team.

The International Labour Organization sets a benchmark of one labour inspector per 10,000 workers in industrial market economies. This benchmark is considered the number of inspectors deemed sufficient to ensure the effective discharge of the duties of the inspectorate. In October 2022, SafeWork NSW reported at the Parliamentary Budget Estimates Committee hearings that recruiting the full contingent of 370 inspectors would have meant that there was one SafeWork NSW inspector for every 10,000 workers, allowing it to meet this benchmark.

SafeWork NSW provided advice to the audit team that forecast increases in the number of workers and workplaces in New South Wales will result in 471 inspectors being required to meet the International Labour Organization benchmark by 2027.

SafeWork NSW inspectors can take up to two years to be considered ready to be fully utilised, due to training requirements and variations in their experience

Once recruitment is completed and new inspectors commence employment, they will start the New Inspector Training Program (NITP). The NITP is a 12-month comprehensive training program which prepares new Inspectors to perform the duties required of an Inspector within SafeWork NSW as well as providing training and assessment required for the PSP50116 Diploma of Government (Workplace Inspection) qualification. Inspectors will be fully trained after 12 months.

They will be issued with their instrument of appointment (authorities) to use their powers throughout the 12 month course. However it was noted throughout interviews with the inspectorate that it can take up to two years for new inspectors to be deployed in the field on their own and confidently making decisions. SafeWork NSW notes that the level of mentoring and support provided to individual inspectors, and access to a variety of experiences to build a range of skills contributes to variations in new inspectors building their confidence.

SafeWork NSW also provides:

  • a structured framework for new inspector onboarding and capacity-building, including in May 2023 formalising requirements for accompanied field visits, and delivering the NITP, delivered by the SafeWork NSW Registered Training Organisation (RTO) and utilising experienced inspectors from across the directorate to deliver training across the 12-month period
  • a SafeWork NSW Inspectorate and Manager Continuing Professional Development Program Policy
  • formal processes for Inspectorate Continuing Professional Development and Manager Continuing Professional Development, including recognition of prior learning through credit transfer from other registered training organisations
  • a formalised procedure for inspectors to progress to senior inspector and principal inspector.

While it was beyond the scope of this audit to assess the effectiveness of this training and capability development framework, it was recognised by interviewees that the commitment of time and resources provided by SafeWork NSW to training inspectors was significant. This underscores the importance of ensuring the effective use of inspectors.

There are inconsistent expectations around the responsibilities of SafeWork NSW inspectors and managers for identifying new and emerging issues

Inspectors may apply to the Inspector Progression Panel of SafeWork NSW to progress from Inspector to the level of Senior Inspector, or Senior Inspector to the level of Principal Inspector. In addition to the overarching requirements of the (Department of Customer Service – SafeWork NSW Inspectors 2007) Reviewed Award, this process is governed by a formal written procedure.

This procedure sets out that in considering applications for progression, the panel should take into account whether the applicant has fulfilled the responsibilities of their current role. The procedure specifies that inspectors and principal inspectors are accountable to:

Identify trends and emerging issues and provide advice to inform decision making.’ 

It is unclear why inspectors and principal inspectors have this responsibility, but not the intermediate level of senior inspectors. It is also unclear whether people managers, such as team managers, directors, and executive directors, also have similar formal obligations to proactively identify emerging issues.

Moreover, as senior inspectors are not accountable for identifying trends and emerging issues, inspectors are not assessed against this accountability when seeking progression to the senior inspector level. In contrast, when seeking progression from senior inspector to principal inspector, the applicant is required to provide evidence of how they meet this accountability, even though it is not an accountability specified for senior inspectors.

The accuracy of SafeWork NSW’s workforce planning is uncertain

Workload capacity is managed at the directorate level, with a forecasting report on the capacity across all teams discussed quarterly at the SafeWork NSW Leadership Group. Inspectors do not fill out timesheets, instead, this is based on time estimates for specific activities undertaken by inspectors. Directorates are also responsible for leading or supporting work against specific regulatory priorities, requiring directorates to discuss workforce capacity as part of planning proactive work.

SafeWork NSW has a 'workload management treatment model' that provides operation guidance once certain thresholds are reached within this forecasting report. These mechanisms include the reallocation of resources within the directorate at 125% of capacity reached, sharing and reallocation of work between equivalent portfolios at 150% of capacity reached, and cross directorate sharing of work and resources as well as the cessation or deference of work at 175% of capacity reached.

The actual allocation of inspectors to individual directorates is determined at the executive level when vacancies arise, with SafeWork NSW noting that 'consideration is given to the demand for regulatory services (current and expected future) across all teams to determine which directorate and office location a replacement position should be allocated'.

Audit interviews identified some concern that the calculations the forecasting reports are based on were not accurate, overestimated time, and that the data was used inconsistently and as a method to 'grab for resources'. While this audit did not examine SafeWork NSW's forecasting methodology in detail, a sample of the workforce forecasting report for April to June 2023 showed average capacity ranging from 9% to 390%, which may indicate under-utilised or over-utilised teams, or under or overweighted activities.

While there are mechanisms in place to review operational capacity, longer-term strategic workforce planning does not seem to form part of these review processes.

As part of developing its regulatory priorities, SafeWork NSW released a discussion paper that noted broader trends affecting workplaces and communities that it regulates, for example the rise in mental health issues in the workplace, automation, and the return of regional on-shore manufacturing. SafeWork NSW has a SafeWork Inspectorate and Manager Continuing Professional Development Program Policy, however this policy was only finalised in July 2023.


3 This study, conducted by a third-party, stemmed from a recommendation made by the NSW Parliament’s 2019 Dust Disease Review to amend the WHS Act to require SafeWork NSW to ensure that a case finding study was carried out:

  • to investigate respirable crystalline silica exposure in the manufactured stone industry, and

  • to gather information to improve the identification and assessment of workers at risk of exposure.

The purpose of this recommendation was to ‘to improve the identification and assessment of workers at risk of exposure.

4 The authors of this case finding study identified significant data limitations, which meant that it was not possible to estimate with confidence the complete number of workers potentially affected by silicosis.

5 Because of the lag period between when a worker is exposed to risky work practices and when they may develop silicosis, complaint data is not necessarily a useful tool to identify the emerging risk, especially where awareness of the risk is low. Unlike with risks that pose a more immediate and direct harm – such as falling off an insecure elevated platform - individuals may be less conscious to complain about a risk where the potential injury is not immediately visible.

6 A person conducting a business or undertaking has the primary duty of care for work health and safety.

 

This chapter considers how effectively SafeWork NSW measures and reports its performance in monitoring and enforcing compliance with the WHS Act. This includes whether it has meaningful performance measures, whether its performance is transparent to all stakeholders, and whether it uses performance information to support continuous improvement and quality assurance.

Performance measurement and reporting are essential to demonstrating a regulator's effectiveness

The Audit Office’s 2022 Audit Insights 2018–22 report noted that:

Defining measurable outcomes, tracking and reporting performance are core to delivering system stewardship, and to ensure effective and economical use of public funds.’ 

The same report also observed that government activity should:

…be supported by performance frameworks that provide structure for agencies to set performance targets, assess performance gaps, measure outcomes achieved, and benefits realised, capture lessons learned, and implement continuous improvement. 

Relatedly, the Organisation for Economic Co-Operation and Development has said that it is important for regulators to be aware of the impacts of their regulatory actions and decisions, and that this:

…helps drive improvements and enhance systems and processes internally. It also demonstrates the effectiveness of the regulator to whom it is accountable and helps to build confidence in the regulatory system. 

SafeWork NSW reports its activities and performance against certain KPIs, along with equivalent regulators in other Australian jurisdictions

Safe Work Australia, the national policy body for work health and safety, collects, analyses and publishes data across jurisdictions. SafeWork NSW provides data on regulatory activities such as the volume of proactive and reactive regulatory work, and performance measures such as injuries and fatalities. This is contained in the Safe Work Australia Comparative Performance Monitoring – Work Health and Safety Performance, and Work Health and Safety Compliance and Enforcement Activities reports.

The data published by Safe Work Australia provides comparative and longitudinal performance data relating to workplace injuries, fatalities, and compliance activities. This is ‘lag’ data, often 12 months or more in arrears. SafeWork NSW notes that due to the currency of data, it is not useful for planning purposes.

The ability to directly compare jurisdictional activities to form a view on the effectiveness of each regulator is limited, due to differences in how each work health and safety regulator works and the scope of their powers and responsibilities. For example, unlike in other states and territories, SafeWork NSW is not responsible for claims management or return to work matters.

Data reported by SafeWork NSW to Safe Work Australia indicates that, while fatalities have decreased, SafeWork NSW may not have had meaningful impact on the rates of serious injuries and disease claims since 2016–17

The data provided to Safe Work Australia shows that SafeWork NSW has presided over a period where there has been an increase in the incident rate of serious injury and disease claims in New South Wales. While SafeWork NSW is not responsible for workers compensation, the payment of workers compensation necessitates that a workplace injury has occurred.

The audit team has not seen evidence that SafeWork NSW has interrogated the root cause data trends since 2016–17 (discussed below). While the causes of workplace injury are often complex and multifaceted, the data suggests that SafeWork NSW may not be having a meaningful impact on reducing rates of serious injuries, but the poor data quality means that we cannot be sure. It was beyond the scope of this audit to specifically examine serious injuries and disease claims, or the root cause(s) for the upward trend.

An extract of one performance indicator is shown in Exhibit 2 below. It shows serious injury and disease claim data from 2012–13 through to 2020–21 (where 2020–21p stands for preliminary data). The 2015–16 financial year is highlighted to indicate the establishment phase of SafeWork NSW.

 

This chapter considers selected policies and procedures that SafeWork NSW has implemented to ensure that it performs its compliance functions in a manner that is consistent with regulatory good practice. This includes that regulatory decisions are fair, consistent, predictable, transparent and in accordance with any laws or government policy. This extends to how complaints and incidents are initially triaged, the decisions inspectors make in response to complaints or incidents, and decisions made about whether a matter is referred to investigation for possible prosecution.

SafeWork NSW has made significant efforts to promote consistency in regulatory decision-making

A core element of an effective compliance regime is that the regulator’s behaviour and decision-making should be consistent and predictable. This encourages trust and confidence in the regulator, while promoting clarity and certainty among regulated entities.

SafeWork NSW faces particular challenges to achieving consistency in regulatory outcomes without fettering the legislative decision-making authority of individual inspectors. The audit was made aware of cases where stakeholders could not understand the rationale by which decisions were made, including in matters raised in Parliamentary Budget Estimates Committee hearings.

The reasons for the lack of consistency, whether perceived or actual, includes such matters as:

  • the unique circumstances that may apply to individual risks, hazards, or incidents
  • the wide variation in characteristics of PCBUs, including in regard to matters that might affect their culpability for non-compliance, such as their size or compliance history
  • varying levels of experience across inspectors
  • potential differences between individual inspectors in risk appetite, regulatory posture and attitudes to varying regulatory interventions.

These complexities have received heightened attention by SafeWork NSW since the 2020 findings of the NSW Ombudsman’s inquiry into SafeWork NSW and the Blue Mountains City Council. Among other things, in this inquiry the Ombudsman found that:

  • only inspectors had the authority to form a ‘reasonable belief’ that non-compliance with the WHS Act or regulation had occurred
  • where an inspector forms a ‘reasonable belief’ of non-compliance, then they must issue a regulatory notice
  • instances had occurred where inspectors had issued notices without forming the necessary ‘reasonable belief’ that valid grounds existed for those notices
  • inspectors had issued notices without forming their own requisite ‘reasonable belief’ because they had been directed to issue notices by management.

Notwithstanding these challenges, SafeWork NSW was able to demonstrate that it has implemented measures aimed at promoting consistency in regulatory decision-making. These measures include:

  • extensive guidance in exercising discretionary decision-making
  • inspector practice notes
  • directorate and team level discussions intended to promote consistency in decision-making.

These measures are primarily focused at encouraging consistency in the application of the law prospectively. There was less evidence that decisions were consistently, formally, and robustly reviewed retrospectively, such as by:

  • peer review
  • internal audit or quality assurance of decisions
  • managerial coaching and mentoring.

The audit found varying practices and processes across SafeWork NSW teams and directorates for these sorts of retrospective and reflexive learning processes. Some managers and directors were able to describe regular review activities, either through one-on-one case reviews with individual inspectors, or through team meetings, though the evidence was that these activities were not consistent across regulatory decision-making areas of SafeWork NSW.

Such retrospective mechanisms would not be aimed at varying decisions already made, but at contributing to standardising how inspectors make future decisions by promoting consistency through setting precedents for responding to substantively similar matters.

Staff performance management is inconsistent across SafeWork NSW, which may hinder consistent practices, behaviours and outcomes

The use of organisational performance management and planning systems can be an important tool for promoting consistent behaviours, understandings and outcomes.
This audit included a survey of all members of the inspectorate, excluding team managers. Approximately 60% the inspectorate responded to the survey. The survey of found that:

  • 36% said that they did not have an annual performance agreement – almost one in every two inspectors (46%) in the two metropolitan focused directorates said they did not have performance agreements that set out what was required of them
  • the Investigation and Emergency Response directorate had a comparatively higher rate of reported performance agreements in place (80%) than all the other directorates that comprised SafeWork NSW (57%) – the reasons for this were not examined by the survey.

Findings from a survey of the inspectorate highlight the role of discretion in decision-making, and how these factors can be inconsistently applied

The survey conducted by the audit also asked inspectors about how different factors might affect their decision to issue a penalty notice for a breach of the WHS Act (excluding the most serious categories of matters that would ordinarily be immediately referred to full investigation and possible prosecution).

The discretionary factors that were included in the survey included:

  • a sample taken from SafeWork NSW's written procedure for issuing penalty notices (shown in Exhibit 5 below)
  • a small number that had been raised with the audit team by SafeWork NSW staff during interviews, namely: current regulatory priorities, media or political interest, and the size of the PCBU (specifically, whether or not a hypothetical PCBU was a small, family-owned business).
Exhibit 5: Discretionary factors when issuing a penalty notice

Factors that are considered relevant to the exercise of discretion to issue a penalty notice are:

  1. The seriousness of the risk and the actual or potential consequences or harm.
  2. The extent of any injury or illness (penalties must not be issued for a fatality or serious injury which may lead to a full investigation or prosecution unless in accordance with this procedure).
  3. The duty holder’s safety and compliance history, e.g., a repeat offender or there is a likelihood of the offence being repeated.
  4. The prevalence of the offence in the jurisdiction and industry impact.
  5. The culpability of the duty holder, that is, how far below acceptable standards the conduct falls and the extent to which the duty holder contributed to the risk.
  6. Whether the duty holder was authorised to undertake certain types of work, e.g., work requiring a licence, registration, permit or other authority (however described) as required by the regulations.
  7. Prior notice of the risk or offence (e.g., direct to the duty holder or through codes of practice, educational material, safety alerts, guidance sheets, campaigns or priority interventions etc).
  8. Whether the circumstances warrant the application of an administrative sanction at a lesser scale than an enforceable undertaking or prosecution (in addition to remedial action in the form of an improvement or prohibition notice).
  9. Any mitigating or aggravating circumstances including efforts undertaken by the duty holder to control risks and the duty holder’s co-operation and willingness to address the issue.

Source: SafeWork NSW, Penalty Notice Procedure.

Inspectors were asked whether a range of selected factors were in general more, less, or not at all likely to influence their decision to issue a penalty notice.

As shown in Exhibit 6 below, the survey found that the most common response to most of the factors was that they made it neither more nor less likely that an inspector would issue a penalty notice in response to non-compliance. In some cases, this is probably to be expected.

For example, whether or not a non-compliant PCBU is a NSW government agency should probably not affect whether it is issued with a penalty notice. This was the case for 80% of respondents (though notably, 20% of inspectors responded that it would affect their decision, including 3% who responded that they would be much more likely to issue a penalty notice).

Other variations seem less intuitive to explain. This is particularly the case when a factor is written in policy or procedures. For example, 44% of inspectors responded that their decision would not be affected by whether or not the PCBU had prior notice of the risk, even though prior notice is prescribed in the SafeWork NSW procedure as a factor that should be taken into account (see item 7 of Exhibit 5).

The role played by SafeWork NSW regulatory priorities is also uncertain. On the one hand, 62% of inspectors said that they would be more (39%) or much more (23%) likely to issue a penalty if the non-compliance related to a regulatory priority, while 38% said it would have no impact.

The survey also found noticeable variations in responses between directorates regarding when penalty notices would be more or less likely to be issued. This included in regard to:

  • whether a non-compliant PCBU was a small business or not
  • the role of PCBU culpability
  • whether non-compliance related to a matter of media or political interest.

This chapter presents a case study that arose during the course of this audit. The case study demonstrates issues discussed in earlier chapters of this report, particularly in relation to the management of risk and the proper application of policies and procedures to ensure SafeWork NSW’s effectiveness as a regulator.

About the case study

The case study concerns the activities of the Department of Customer Service and SafeWork NSW, the latter of which is located within the department. Neither the case study nor this performance audit generally examined the activities of the commercial partner (including any related companies) referenced in the case study, including Trolex Ltd (UK), Trolex Nome Australia Pty Ltd., or Trolex Sensors Pty Ltd. No findings have been made, either express or implied, in relation to the commercial partner.

The case study was based on a review of evidentiary documents, primarily in the form of emails sourced from SafeWork NSW. To avoid compromising other processes, interviews were not held.

SafeWork NSW’s respirable crystalline silica real-time detection project

As discussed earlier, silicosis is a progressive, occupational lung disease resulting from inhalation of respirable crystalline silica. In recent years, there has been high profile attention to respirable crystalline silica exposure from manufactured stone products (such as kitchen benchtops), though these risks had been published in international research since at least 2010. Unlike asbestos, respirable crystalline silica from manufactured stone can lead to the development of silicosis and other lung diseases after relatively short exposure and latency periods, resulting in relatively young workers developing serious diseases.

From 2016 to 2022, SafeWork NSW’s Work Health and Safety Roadmap included a target to reduce workplace exposure to priority hazardous chemicals and materials by 30%. This focus was retained in SafeWork NSW's regulatory priorities for 2023, which included the aim of reducing the incidence of worker exposure to harmful substances such as silica.

In 2018, SafeWork NSW commenced a project to fund a ‘research partner’ to develop a device that would detect in real-time the presence of respirable crystalline silica in workplaces. This project was led by the Centre for Work Health and Safety within SafeWork NSW.

Following a selection process, Trolex, a private company from the United Kingdom, was selected as the research partner. Trolex developed a device intended to meet the objective of the project. This device is called the Air XS and sells for approximately $18,500 AUD. The Air XS device was launched on 7 April 2022. The first-generation of the Air XS devices are no longer on the market, however up to 60 second-generation devices are currently in use across Australia.

In December 2022, this research project won the DCS Secretary’s Award for Excellence in Digital Innovation and was also one of the department’s nominees for a Premier’s Award in 2022.

As part of understanding SafeWork NSW’s response to the work health and safety risks of respirable crystalline silica from manufactured stone products, the audit examined this research project to procure a 'research partner' to develop a respirable crystalline silica real-time detection device. The findings of this examination are set out below.

SafeWork NSW’s processes were ineffective in responding to and mitigating risk and in ensuring compliance

As detailed below, our examination of this project found significant governance failings in SafeWork NSW, including the absence of key documentation, which created risks relating to whether the project would deliver its objective and whether it complied with procurement requirements. Concerns about whether the Air XS device would satisfy project objectives were not properly addressed.

We also found non-compliance with mandatory procurement policies. The failure to ensure compliance with procurement requirements leaves open the risk that value for money was not achieved, or that the procurement was not fair, transparent, consistent with promoting competition, or free from corruption or maladministration.

As a result of the Audit Office raising these issues with the Head of SafeWork NSW, the regulator undertook to enter into discussions with the CSIRO to conduct further testing of the real-time RCS detection device.

Concerns were raised by staff about the accuracy of the Air XS devices, though these concerns were not escalated beyond Director-level staff

Both before and after the launch of the Air XS device, concerns were raised by technical staff within SafeWork NSW about the accuracy of the devices and the rigour with which they had been tested during development.

It should be noted that the manufacturer, in correspondence with SafeWork NSW, defended the accuracy of the Air XS devices. It was beyond the scope of the audit to reconcile apparently conflicting technical assessments. Rather, the audit examined how SafeWork NSW managed the potential project delivery risk when these material concerns were raised.

Toward the end of 2021, concerns first emerged about the accuracy of the Air XS devices in emails between staff in the Regulatory Engagement business area of SafeWork NSW. These emails outlined concerns that the Air XS devices were not sufficiently accurate in detecting respirable crystalline silica. These views were derived from testing performed outside of any technical assurance process. At the time, these concerns were not shared with executive-level staff, including with any relevant Directors.

By the end of March 2022, the Centre for Work Health and Safety had requested and received from Trolex testing reports on the Air XS device. Two technical staff in the Testing Services directorate of SafeWork NSW were asked to review the testing reports. They were given five days to conduct these reviews.

On 5 April 2022, two days before the product was launched, one of the technical staff emailed the Director, Testing Services, advising that each of the two technical staff had independently prepared assessments and that their conclusions were ‘…not what DCS will want to hear’.

The internal assessment reports were subsequently provided to the Director, Testing Services, and to the Centre for Work Health and Safety. One of the reports stated that the product was not ‘market ready’ and that further testing was required. The audit did not find evidence that these conclusions were escalated to the Executive Director, Regulatory Engagement.

On 6 April 2022, the research project manager was advised by a staff member in the Centre for Work Health and Safety that an independent expert’s report (commissioned by the Centre for Work Health and Safety) concluded that ‘…there isn’t enough data to assess the validity of the device’.

Despite these concerns, the product launch occurred on 7 April 2022.

The audit found that concerns were again documented on at least two occasions after the product was launched. First, in September 2022, a senior technical staff member in the Centre for Work Health and Safety expressed concerns to colleagues, including the Director, Testing Services, that the staff member was uncomfortable promoting the Air XS without further testing being conducted.

Secondly, in May 2023, an internal test report prepared within the Testing Services business unit highlighted specific concerns about the accuracy of a first-generation Air XS device. This internal test report was provided to the Director, Testing Services, and was conducted with at least the knowledge of the Director, Research and Evaluation.

In both cases (September 2022 and May 2023), there are gaps in the evidence concerning how widely these internal concerns were shared. The audit found no evidence of:

  • any material response by SafeWork NSW management to address the concerns that had been raised
  • any assessment of risks posed to SafeWork NSW and other stakeholders
  • any escalation of the concerns to the relevant Executive Director or to the Head of SafeWork NSW.

This apparent lack of management action was despite the potential risks to the work health and safety of workers who may have relied on the Air XS, and to the reputation of the regulator.

Some SafeWork NSW staff were hesitant to raise concerns about the Air XS device

Some staff reported to us that they did not raise these risks with their managers due to concerns that to do so might affect their employment. In the Auditor-General’s 2018 audit report Managing risks in the NSW public sector: risk culture and capability, it was noted that:

Effective risk management is essential to good governance, and supports staff at all levels to make informed judgements and decisions. 

The report also observed that it is now widely accepted that organisational culture is a key element of risk management because it influences how people recognise and engage with risk. This includes ensuring that agencies have a culture of open communication so that all employees feel comfortable speaking openly about risks.

In this case, SafeWork NSW lacked the risk processes and culture to encourage all staff to identify, raise, escalate, and respond to risk appropriately. While the department does have a mechanism (via dedicated phone and email contacts) for staff to report integrity concerns, this mechanism was not used.

Concerns about the Air XS device were also raised by an external user of the device, though there is no evidence that these concerns were substantively addressed

On 21 August 2023, a senior manager from an external user emailed staff in SafeWork NSW’s Testing Services Directorate to advise that they had told the local distributor that they no longer wished to conduct further testing, nor purchase any Air XS devices. The senior manager stated that:

…the claim that the Air XS Silica monitor ‘delivers highly accurate, continuous, real-time silica detection’ could not be validated by the distributor despite many requests and efforts in the field to test the monitors and validate the data. 

The senior manager further stated that they were:

…disappointed that SafeWork NSW promotes the monitors with no evidence, known and/or held by them, that the monitors deliver the promoted monitor outcomes. 

The audit found no evidence that these concerns were meaningfully addressed by SafeWork NSW.

The process of procuring a ‘research partner’ to develop the Air XS device was flawed, in that there was non-compliance with procurement obligations and inadequate record keeping

The cost of procuring the Air XS research partner increased from an initial estimated cost of $200,000 when the request for tender was issued in May 2019 to $1.34 million when the final contract was executed in August 2019.

The audit found non-compliance in the process undertaken by the CWHS to procure the research partner. This non-compliance related to the requirements of the applicable departmental procurement manual, as well as with DCS financial delegations, and with the tender evaluation plan prepared for the process.

Examples of non-compliance and other poor practices are outlined below.

  • The Director, Research and Evaluation, was a voting member of the evaluation committee and also signed the acceptance letter for the successful proposal. This contravened the department’s procurement requirement that an approving delegate may not also evaluate tender responses. At the time, the estimated cost of the engagement was $200,000 and was therefore within the Director’s financial delegation.
  • The evaluation of the submitted tenders included an assessment provided by a designated non-voting member of the tender evaluation committee who had a declared conflict of interest.
  • One member of the tender evaluation committee lodged a strong objection to the preferred provider. SafeWork NSW could not provide documentation about how this objection was addressed.
  • When the final cost of the engagement increased to $1.34 million by August 2019, the Director, Research and Evaluation, no longer had the necessary delegation to approve the engagement of Trolex. Under the delegations issued by the DCS Secretary on 29 August 2019, the approval of an Executive Director was required for contracts valued between $500,000 and $2 million.
  • The scoring in the tender evaluation committee’s (unsigned) evaluation report did not comply with the approach set out in the tender evaluation plan. This was material as, had the tender evaluation plan been followed, two tenders would have been assessed as having the same successful score.
  • SafeWork NSW was unable to provide:
    • a signed and dated copy of an approval to issue the initial request for tender
    • a signed and dated copy of an approval for SafeWork NSW to enter into a formal agreement with Trolex
    • a final tender evaluation report signed by all members of the tender evaluation panel
    • evidence of any approval to increase the value of the contract from the $200,000 anticipated in the initial request for tender up to the $1.34 million final value of the contract.

Such non-compliance can contribute to the risk of maladministration in procurement activities, including by undermining probity and challenging whether value for money is achieved.

 

Appendix one – Response from agency

Appendix two – About the audit

Appendix Three – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #390 - released 27 February 2024

 

Published

Actions for Flood housing response

Flood housing response

Planning
Whole of Government
Community Services
Premier and Cabinet
Internal controls and governance
Management and administration
Procurement
Project management
Risk
Service delivery
Shared services and collaboration

What this report is about

Extreme rainfall across eastern Australia in 2021 and 2022 led to a series of major flood events in New South Wales.

This audit assessed how effectively the NSW Government provided emergency accommodation and temporary housing in response to the early 2022 Northern Rivers and late 2022 Central West flood events.

Responsible agencies included in this audit were the Department of Communities and Justice, NSW Reconstruction Authority, the former Department of Planning and Environment, the Department of Regional NSW and the Premier’s Department.

Findings

The Department of Communities and Justice rapidly provided emergency accommodation to displaced persons immediately following these flood events.

There was no plan in place to guide a temporary housing response and agencies did not have agency-level plans for implementing their responsibilities.

The NSW Government rapidly procured and constructed temporary housing villages. However, the amount of temporary housing provided did not meet the demand.

There is an extensive waitlist for temporary housing and the remaining demand in the Northern Rivers is unlikely to be met. The NSW Reconstruction Authority has not reviewed this list to confirm its accuracy.

Demobilisation plans for the temporary housing villages have been developed, but there are no long-term plans in place for the transition of tenants out of the temporary housing.

Agencies are in the process of evaluating the provision of emergency accommodation and temporary housing.

The findings from the 2022 State-wide lessons process largely relate to response activities.

Audit recommendations

The NSW Reconstruction Authority should:

  • Develop a plan for the provision of temporary housing.
  • Review the temporary housing waitlist.
  • Determine a timeline for demobilising the temporary housing villages.
  • Develop a strategy to manage the transition of people into long-term accommodation.
  • Develop a process for state-wide recovery lessons learned.

All audited agencies should:

  • Finalise evaluations of their role in the provision of emergency accommodation and temporary housing.
  • Develop internal plans for implementing their roles under state-wide plans.

Extreme rainfall across eastern Australia in 2021 and 2022 led to a series of major flood events in New South Wales. In response, the NSW Government declared each of these events a natural disaster and made available a wide range of support for affected individuals and businesses. The flooding experienced by the State was widespread and its severity caused significant destruction in communities across the State. Some of the most significant damage occurred in the Northern Rivers and Central West regions of New South Wales.

Whilst areas of the Northern Rivers are prone to regular flooding, the scale of flooding in 2022 had not been experienced in the region before. On 28 February 2022, the Wilsons River in Lismore reached a height of 14.4 metres, approximately 2.3 metres higher than the previous record. A second flood occurred on 30 March 2022, with the river reaching 11.4 metres. The flooding in the region was extensive, affecting towns including Lismore, Coraki, Woodburn and Ballina. Between late February and early April 2022, 13 lives were lost in the Northern Rivers floods. In addition, 4,055 properties were deemed uninhabitable, and a further 10,849 properties were assessed as damaged. Approximately 4,000 people had to be evacuated from Lismore alone during this period, with thousands displaced from their homes across the region.

In the Central West, on 14 November 2022, the Lachlan River at Forbes peaked at 10.6 metres and was categorised as major flooding due to the inundation of extensive rural areas with properties, villages and towns isolated. On the same day in Eugowra, the Mandagery Creek peaked at 9.8 metres, passing the previous record of 9.6 metres in 1950. Flooding occurred in other areas of the Central West including Parkes, Molong, Cowra and Canowindra. Two lives were lost in the town of Eugowra with 80% of homes and businesses in the town damaged.

This audit assessed the following two areas of NSW Government support provided in response to these flood events:

  • Provision of emergency accommodation: short-term accommodation provided to displaced persons unable to return to their own home in an emergency situation.
  • Provision of temporary housing provided in the form of temporary pods and caravans.

The Department of Communities and Justice (DCJ) is responsible for the provision of emergency accommodation and other welfare services in response to a disaster event. With regards to temporary housing, the following agencies were involved in this audit:

  • Resilience NSW was the lead agency responsible for recovery and led the implementation of the temporary housing program under the oversight of the Chair, Housing Taskforce (HTF) from July 2022. On 16 December 2022, Resilience NSW was abolished, with some staff transferred to the NSW Police Force, Department of Premier and Cabinet (DPC) and DCJ. The remaining staff were transitioned to the newly established NSW Reconstruction Authority.
  • The Department of Planning and Environment (DPE) chaired the HTF until July 2022 and led the process for the identification and evaluation of temporary housing village sites. On 1 January 2024, DPE was abolished and the DPE functions discussed in this report now form part of the Department of Planning, Housing and Infrastructure.
  • NSW Public Works (NSWPW), a branch of the Department of Regional NSW (DRNSW) procured and managed the construction of the pods used in this program, and procured the caravans used as part of the temporary housing response.

The then DPC (now Premier’s Department (PD)) was responsible for whole-of-government policy advice, convening the Crisis Policy Committee of Cabinet, and whole-of-government communications.

This audit assessed how effectively the NSW Government provided emergency and temporary housing in response to the early 2022 Northern Rivers and late 2022 Central West flood events. We addressed this objective by examining whether the audited agencies:

  • effectively planned for the provision of emergency accommodation and temporary housing prior to the flood events
  • provided emergency accommodation and temporary housing to meet the needs of affected communities in response to the flood events
  • are effectively capturing lessons learned in relation to their provision of emergency accommodation and temporary housing as part of the flood response.

There is a State-level plan in place to guide the approach to emergency accommodation

The Welfare Services Functional Area Supporting Plan (WSFASP, the plan) is a supporting plan to the New South Wales Emergency Management Plan (EMPLAN). The plan outlines the responsibilities of the Department of Communities and Justice (DCJ) for the coordination and delivery of disaster welfare services in New South Wales. This includes the provision of emergency accommodation services. The plan in place during the flood events outlined the responsibilities of DCJ and the former Office of Emergency Management (OEM), some responsibilities of which have since transitioned to the NSW Reconstruction Authority (the Reconstruction Authority). The plan sets out a framework for government and non-government organisations to coordinate to provide key welfare services during an emergency, and outlines agreed roles and responsibilities. The plan outlines preparedness measures and arrangements for the provision of key welfare services during the response to and recovery from emergencies in New South Wales.

The plan details the organisations and key positions involved in welfare services, including their overall roles and responsibilities, and a basic structure for the delivery of disaster welfare services. For example, the plan states that both the former Department of Families and Communities Services and the not-for-profit Adventist Development and Relief Agency (ADRA) are responsible for emergency accommodation but does not clarify the detailed responsibilities associated with this role. These provide a State-wide, though not detailed, approach to emergency accommodation and welfare services in a disaster recovery context.

There was no plan in place to guide the temporary housing response, despite the NSW Government utilising this type of response in a previous emergency event

The State-level emergency planning documents do not contemplate the need for temporary housing as a government disaster response. Although there was a temporary housing response to the Black Summer bushfires in 2019–20, albeit on a smaller scale, no specific plans were in place to guide this response or the flood events in 2021–22. The NSW Government therefore had to develop its approach to addressing demand for temporary housing whilst responding to the flood emergency as it was occurring.

A partnership was established between the NSW Government and the Minderoo Foundation in 2020 to provide 100 pods to people whose homes were destroyed in the Black Summer bushfires. The initial rollout consisted of four-person pods, however the need for greater capacity was identified, with larger, family-sized pods developed for up to six people. The implementation of this program did not include formalising the work completed in documented plans for future use in response to other emergency events.

A plan that sets out how temporary housing should be used is in place in Queensland. The Queensland Government released a Temporary Emergency Accommodation (TEA) plan in 2021 which describes the arrangements, roles and responsibilities of key organisations critical to supporting displaced community members after the closure of an evacuation centre. The TEA plan outlines the five phases in the provision of accommodation support which includes temporary housing recovery. This demonstrates that a plan for the use of temporary accommodation would not be unprecedented.

Without plans in place to respond to all aspects of an emergency, decision makers are forced to be reactive in their decision making or to develop these plans while also responding to the events. In this specific instance, the government was forced to develop governance structures and perform tasks such as options analysis and site selection for temporary housing during the immediate aftermath of the flood events.

The Reconstruction Authority has acknowledged the need for a formalised plan for temporary housing responses and has started work to develop this in preparation for future flood events. It advised that the Housing Taskforce (HTF) has begun this work by performing assessments and reviews of high-risk areas and engaging with local councils and community groups. The Reconstruction Authority is also developing a Recovery Readiness Checklist, which will include preparedness for the provision of temporary housing in an emergency. Pre-event recovery planning specific to Local Government Areas (LGAs) is also underway, with the Reconstruction Authority developing tailored checklists which cover the provision of temporary housing. These tools will form part of the State's recovery response under the NSW Recovery Plan, which the Reconstruction Authority is currently in the process of updating. The Reconstruction Authority advises that this update will include identifying responsibilities in relation to the temporary housing response and recovery more broadly.

The WSFASP in place during the flood events had not been reviewed and updated in line with its planning requirements

Plans which outline the coordination and delivery of services in response to an emergency are imperative to ensure all required activities are completed, and the needs of affected communities are met. Plans also serve as a common reference point for decision making. Out of date plans can result in unclear roles and responsibilities, requiring agencies to make improvised decisions due to the urgent nature of emergency response. This creates a risk of key activities not being fulfilled and community needs going unmet.

The WSFASP in place during the flood response was last updated and endorsed by the State Emergency Management Committee (SEMC) in June 2018. As part of the planning requirements outlined in the plan, the State Welfare Services Functional Area Coordinator (WelFAC) is required to ensure the plan is reviewed every five years, or when relevant aspects require review following emergency operations or changes to legislation. The State WelFAC is an officer from DCJ responsible for the monitoring, support and coordination of disaster welfare services in New South Wales.

In 2020, a machinery of government change was implemented which established Resilience NSW as a public service executive agency and transferred persons employed in OEM to Resilience NSW. Despite these legislative changes, the plan had not been updated in line with its requirements to reflect these and subsequent changes, as OEM was still listed as one of the two agencies responsible for the coordination and delivery of disaster welfare services. Similarly, the plan had not been updated to reflect emergency operations changes with ADRA listed as the responsible coordinator for the provision of emergency accommodation services, despite no longer being responsible for this service.

The WSFASP has since been updated to reflect these changes and was endorsed by the SEMC in September 2023. The current WSFASP aligns with the welfare services responsibilities following the transfer of the welfare services functional area to DCJ in 2023. This includes the role of DCJ as the lead agency for the WSFASP, and DCJ and the Housing Contact Centre (HCC) within DCJ as the coordinator of emergency accommodation. The updated plan also provides an outline of the key welfare services that are delivered by the functional area, including emergency accommodation, personal support, essential food and grocery items, and transition from emergency accommodation. The outline provides a description of each service and the agency, team or non-government organisation responsible for coordinating the service.

Agencies did not have agency-level plans in place for implementing their responsibilities under State-level emergency accommodation and temporary housing plans

The State EMPLAN establishes a framework for sub plans, supporting plans and related policy instruments and guidelines. It states that a supporting plan should describe the support which is to be provided to the controlling or coordinating authority during emergency operations and be an action plan which describes how an agency or functional area is to be coordinated in order to fulfill the roles and responsibilities allocated. Without this more detailed guidance being in place, there is no common reference point for individuals within an agency to refer to when implementing the broader State-level plans, such as the WSFASP.

The WSFASP defines emergency accommodation and outlines the government and non-government organisations responsible for its provision. It does not provide a detailed description of the specific roles and responsibilities related to its provision. DCJ does not have an agency-level plan in place that specifies these in more detail, and did not have any standard operating procedures (SOPs) in place to guide the process of housing displaced persons in emergency accommodation.

The absence of SOPs to guide this process can increase the chance of inconsistent implementation of the WSFASP, with a reliance on the experience of staff to complete tasks to house people in emergency accommodation. For example, at the onset of an emergency, staff in the HCC contact local accommodation venues such as hotels and motels to determine availability in the area. They may also book blocks of rooms in preparation for housing displaced persons. At the time of the flood events, there was no documentation which detailed the process for DCJ staff to follow and these tasks were not recorded anywhere as requiring completion before a disaster occurred.

DCJ has advised that they have since developed internal processes which form part of the training program for Disaster Welfare staff. In addition to this, the HCC has developed a guide which steps out the various processes relating to the provision of emergency accommodation, as well as outlining the different roles and responsibilities within the HCC in relation to these processes.

As noted, there is no State-level plan in place to guide the temporary housing response. As a result, there is no framework to guide this process at an agency level for the Reconstruction Authority. The absence of both State and agency-level plans guiding the provision of temporary housing at the time of the flood events meant that agencies were required to develop a process to follow at the same time as responding to the flood events.

Appropriate governance structures were established quickly and changed as needed to reflect recovery needs

The State Recovery Committee (SRC) was activated following the 2019–20 bushfires and was still operating at the time of the 2022 floods. As part of this, the SRC had a terms of reference which included responsibilities of the SRC and a membership list. The responsibilities of the SRC in the terms of reference are to:

  • provide strategic direction in relation to disaster recovery
  • oversee reconstruction and recovery efforts in disaster impacted areas
  • provide senior leadership to facilitate whole-of-government coordination
  • monitor and report to the Premier, Deputy Premier and Cabinet on the progress of recovery efforts in disaster impacted areas.

Once the flood events commenced on 28 February 2022, the SRC increased its meeting frequency to every two days initially, for a total of 13 meetings in March. The SRC continued to meet at least twice a week from mid-April until the end of May, at which point it reduced gradually in frequency to weekly and then fortnightly. The SRC continued to meet throughout all of 2022 and 2023.

The SRC established a range of subcommittees to assist with recovery efforts. These subcommittees were operational from March 2022 onwards. Subcommittees had terms of reference setting out their role and were chaired by appropriate agencies with operational responsibilities that aligned with those roles. The Health and Wellbeing subcommittee was established as part of this and initially had responsibility for the provision of both emergency accommodation and temporary housing. This subcommittee was chaired by a relevant Senior Executive in DCJ.

As noted above, none of the whole-of-government plans prior to the flood events allocated responsibility to an agency or subcommittee for constructing and managing temporary housing. Although temporary housing had been utilised by the government previously in response to the 2019–20 bushfires, its provision had never been implemented on the scale required in response to the flood events.

In early March, the SRC created a new subcommittee: the Housing Taskforce (HTF). The HTF contained key staff from a wide variety of agencies, as well as other key stakeholders like local councils where appropriate, and was chaired by a Senior Executive from the Planning Branch of the Department of Planning and Environment (DPE). A terms of reference was quickly developed for the subcommittee. The HTF’s initial purpose included developing a strategy for identifying locations and pathways for temporary housing. This allowed the Health and Wellbeing subcommittee and the HTF to provide more focus on their particular areas of responsibility.

The SRC helped to manage issues but did not provide strategic risk management

Subcommittees regularly reported to the SRC throughout the flood response period. The SRC was able to manage issues with these programs as they arose, often by connecting relevant staff and providing a forum for these issues to be resolved across agencies. In this way, the SRC was able to manage issues, which aligns with its role in facilitating whole-of-government coordination.

Given that all relevant agencies were represented on the SRC, it was uniquely placed to provide strategic risk management across all aspects of the recovery effort including provision of accommodation and housing following the floods. This would fall within the SRC’s role of providing strategic direction in relation to disaster recovery. Strategic risk management involves addressing external risks, including those which may impact the government’s ability to achieve its objectives. The SRC did not undertake strategic risk management to proactively identify issues that could hinder the recovery effort, such as through developing risk registers and assigning mitigation strategies to agencies or specific individuals.

In regards to the flood temporary housing response, this may have included identifying and mitigating risks that could impact on the quantity of housing provided, risks to the overall flood recovery budget, and risks related to further flood events occurring that might hinder flood recovery. While the SRC did not consider this work during the flood response, Resilience NSW and the Reconstruction Authority both documented some whole-of-government risks to the delivery of the response to natural disasters as part of their enterprise risk management processes, including throughout 2022. However, this work was not undertaken specifically in relation to the unfolding flood events, but was instead done as part of the agency's regular review of its enterprise risks. Given that only one agency was involved in this risk identification, it was not a substitute for whole-of-government risk identification through the SRC.

The HTF did undertake some separate risk identification for the temporary housing response in the Northern Rivers, but not until October 2022. The HTF had been in operation since March 2022 without undertaking formal risk assessments to determine key risks to the provision of temporary housing that required mitigation. Some of the risks identified included expenditure on temporary housing exceeding its allocated budget, temporary housing sites failing to deliver agreed outcomes, and that there would be inappropriate or ineffective engagement with Aboriginal communities. This risk identification from the HTF was also reflected in Resilience NSW's and the Reconstruction Authority’s enterprise risk registers, where it is identified that there is a risk that the agencies do not effectively deliver on short and medium term housing.

The SRC provided oversight of the work of subcommittees

As noted above, one of the roles of the SRC is to oversee reconstruction and recovery efforts in disaster impacted areas. To fulfil this role of providing oversight, the SRC received updates on the activities of each subcommittee at each meeting.

In March 2022, each subcommittee developed a 100-Day Flood Action Plan that set out actions that would be completed in the first 30, 60 and 100 days. Each subcommittee was required to update its Flood Action Plan and report progress on implementation to the SRC every two weeks. The SRC received this regular reporting from each subcommittee, which included the status of each item, actions undertaken to date, and the next steps that each subcommittee was undertaking. This served to provide the SRC with oversight of the actions of each group to supplement the subcommittee updates with greater detail.

The quality of reporting from the HTF to the SRC reduced throughout August and September 2022. At this time the updates from the subcommittee included either only a verbal update or only statistical updates on the temporary housing response. This means that throughout this period, the SRC was providing only limited oversight of the temporary housing response. From October 2022, the HTF provided more detailed updates to the SRC, providing data on the temporary housing villages including the number of dwellings, estimated capacity and the status of each of the village sites (whether operational or estimated date of construction completion).

DCJ adapted its usual procedures to house a large number of people in emergency accommodation following the Northern Rivers flood event

The HCC, a branch within DCJ, is responsible for arranging emergency accommodation during a disaster, although this responsibility was not outlined in a specific emergency accommodation plan or procedure at the time of the flood events. Once a disaster is declared, the HCC is activated for a disaster welfare response. The team is required to estimate the number of people who will be displaced by the disaster and may seek emergency accommodation. The team is also required to contact local accommodation providers such as hotels, motels and caravan parks to determine vacancy information, as well as obtain information about the facilities such as wheelchair accessibility and pet-friendly rooms. The HCC team will then make direct contact with staff at evacuation centres and facilitate bookings based on the demand. A central internal database is utilised by the HCC, which enables them to see providers and book within the system.

In following these procedures, DCJ housed 788 people in the two weeks following the initial flood event by utilising the standard local accommodation providers. On 27 April 2022, 1,440 people were reported as staying at local accommodation providers as part of the emergency accommodation response. Exhibit 5 shows the number of people housed in emergency accommodation across the North Coast from March 2022 to early April 2023.

Governance structures continued to operate as previously established in response to the Central West flood event

The governance structures established in response to the 2019–20 bushfires and the flood event in the Northern Rivers mostly operated in the same capacity for the management of the Central West flood event. In October 2022, the meeting frequency for the SRC reduced to fortnightly, following the same structure with subcommittee updates discussed as part of the agenda. There was no increase in meeting frequency during or in the immediate aftermath of the response to the Central West flood event.

Resilience NSW continued to document whole-of-government risks to the delivery of the response to natural disasters during the response to the Central West flood event, and this work was continued by the Reconstruction Authority once established. Resilience NSW also continued to develop risk dashboard heatmaps each quarter, monitoring any changes in the residual risk rating of these risks, as well as outlining issues identified, and any new and emerging risks.

DCJ housed displaced persons in the Central West quickly, considering additional needs during the process

DCJ, through the HCC, advised that it followed its standard process outlined above for the provision of emergency accommodation during the Central West flood event. The evacuation order for Eugowra was made on 15 November 2022, and by 8 December 2022, DCJ had housed 93 people from the community in emergency accommodation. The HCC was able to utilise alternative accommodation such as rooms at Charles Sturt University to meet the increasing demand for emergency accommodation in the Central West.

Through the initial consultation process conducted with displaced persons at evacuation centres, the HCC was also able to consider their additional needs and meet these where possible. For example, companion animals were supported by Local Land Services and the Royal Society for the Prevention of Cruelty to Animals through the provision of boarding services. DCJ advised that local needs were also considered as part of the intake process. For example, displaced persons were accommodated as close to their hometown as possible. Those evacuated from Forbes were given priority for emergency accommodation in Forbes. This did impact evacuees from other towns. Ordinarily, those displaced in Eugowra would also be housed in Forbes, but due to limited accommodation options, they were evacuated to Orange instead. Other considerations made for displaced persons included level access and accessible rooms for those with disabilities, and baby care items, such as cots, where required.

The At-home Caravans program was implemented as immediate shelter for displaced persons awaiting pods on their property in the Central West

By 28 November 2022, Resilience NSW made the decision to activate the At-home Caravans program in the Central West, with applications from displaced persons being taken within a week after the flood event in Eugowra. Caravans were temporarily set up on private properties in Eugowra. Displaced persons are able to live in these caravans while waiting for a pod to be installed on their property. By 10 January 2023, 102 caravans had been delivered to the Central West and started to be located on private properties. At 30 May 2023, Resilience NSW had delivered 124 out of the 129 required caravans to properties. A plan was implemented to provide immediate shelter in the community through the caravans, organise medium-term housing in the form of pods, and support displaced persons to repair or rebuild their homes. Caravans were provided to households where properties required demolition, those that were damaged but reparable, and rental properties with owner’s consent.

Other options for immediate shelter were considered but not progressed. Placing caravans on site at showgrounds or caravan parks was considered, however a NSWPW assessment found that 95% of impacted homes could accommodate caravans on property. Caravans on property require less ongoing case management, site works and utilities. Private farm house rental accommodation was also considered, however extremely low availability of these in the area resulted in the decision to not progress this option.

Resilience NSW was able to meet the demand for housing in the Central West by placing temporary housing on people’s property

Resilience NSW conducted early analysis of potential temporary housing village sites in the aftermath of the floods in the Central West. However, after reviewing the situation in Eugowra and the relatively larger blocks, it was decided a more appropriate solution would be to place temporary pods on private property. Part of this decision was the impact a centralised village located in Eugowra would have on displaced persons from other affected towns. At 30 May 2023, 59 out of 100 pods had been installed on private properties. These pods replaced caravans initially installed on private properties, although at the time of the audit some disaster-affected persons were still living in caravans while they wait for pod installation on their property.

Resilience NSW was able to utilise the excess pods from the Northern Rivers to reduce the wait time for displaced persons to move into the pod from the caravan located on their property. Once their eligibility had been confirmed, the resident met with NSWPW and the builders contracted to install the pods. The resident confirmed where they would like the pod placed and the size needed. Applicants were then prioritised by Resilience NSW and pods installed in order of this prioritisation. NSWPW engaged the same third-party contractor used in the Northern Rivers construction to expedite the installation process.

Resilience NSW used measures to adapt the pods for suitable use in the Central West, as well as configuring them to meet mobility needs of residents. Cabonne Shire and Forbes Shire Councils required pods to be built at a height of 1.5 metres. The pods were therefore installed on scaffolding to raise their height. As the pods were designed and constructed for the Northern Rivers climate, insulation was installed on the base of the pods to ensure the inside temperature was appropriate for residents in the Central West. The raised height of the pods also impacted their accessibility, so the contractor was also engaged to install ramps instead of stairs where needed.

The first demobilisation of a pod occurred on 7 August 2023, after the resident’s home had been repaired and it was suitable for them to move back home. The Reconstruction Authority advised that as pods continue to be demobilised, they will be cleaned, any required repairs completed, and then moved onto the next property as needed. There was no long-term plan initially developed for the transition of tenants out of temporary housing, although the Reconstruction Authority has advised that the newly developed Temporary Housing Plan will include these considerations to inform processes at the end of the lease period. There has been consideration for returning the pods to the Northern Rivers once the work in the Central West is complete.

The Reconstruction Authority advised that due to the delays residents are facing in accessing trades and payment of insurance claims, the HTF is currently seeking the support of councils to extend the placement of pods beyond the two years that were initially planned.

There was no clear process in place to support displaced persons in emergency accommodation who were ineligible for temporary housing in the Central West

The WSFASP in place during the flood events did not outline a transition plan for displaced persons staying in emergency accommodation. Resilience NSW took over responsibility for the transition of displaced persons from emergency accommodation to temporary housing. It was not always possible to house rental tenants by placing a pod on the property they were occupying because they were unable to obtain landowner permission. It was necessary to find an alternative property to install these pods, usually on property owned by a family member. This was able to address most tenants’ issues.

It was unclear which agency was responsible for the support of renting households in the medium to long-term. The lack of a documented process for the provision of emergency accommodation created a gap in relation to the support for displaced persons. The WSFASP has since been updated to include provision for coordinated case management support to assist people in emergency accommodation with longer-term housing needs.

DCJ maintained a list of displaced persons who had been staying in emergency accommodation and were unable to exit without assistance. This list was provided to Resilience NSW weekly. Resilience NSW provided updates to DCJ on the status of those who were being transitioned into temporary housing, but no assistance was provided by Resilience NSW to those who were ineligible for temporary housing. DCJ was therefore required to provide case management to these people to assist in their transition to more stable housing.

Agencies learned and applied lessons from the Northern Rivers floods to the Central West flood event, but most have not formalised these for future consideration

Agencies involved in the provision of emergency accommodation and temporary housing learned key lessons from the Northern Rivers floods that could be applied in the Central West response. These lessons included the Reconstruction Authority rapidly standing up the At-home Caravans Program to provide immediate accommodation to displaced persons, and instigating a community reference group to provide feedback on the proposed housing response plan. These lessons learned were largely undocumented, with many staff being involved across both the Northern Rivers and Central West flood response, and able to directly apply lessons learned from their experience in the earlier response. It is good practice to formalise lessons learned to ensure that future responses may have access to contemporary information to learn from both positive and negative experiences in previous situations.

DCJ and Premier’s Department (PD) have not yet documented any lessons learned from their roles in the flood events. Some lessons were documented by Resilience NSW in April 2022 as part of a process to identify emerging insights. These lessons covered a broad range of activities, including findings relevant to the provision of temporary housing.

In June 2023, the Reconstruction Authority formally documented its own lessons learned from the provision of temporary housing. This includes identifying actions to avoid repeating some of the negative experiences, such as Aboriginal communities not being consulted at the appropriate time, and not having adequate program design processes in place for the temporary housing program. In addition, NSWPW has commissioned an evaluation of its work in the construction and provision of temporary housing, which includes a formal lessons learned component.

External reviews have also been conducted and have captured interim lessons learned, including the 2022 NSW Flood Inquiry and the ‘Response to major flooding across New South Wales in 2022’ Parliamentary Inquiry.

Agencies are in the process of evaluating the provision of emergency accommodation and temporary housing

Agencies have commenced the process of evaluating their role in the provision of emergency accommodation and temporary housing. DCJ advised that an external evaluation would commence shortly and that it was in the process of engaging a consultancy firm to conduct this. NSWPW has also commenced an external review of its provision of temporary housing. DPE and PD have not commenced a review, although PD has established a new unit for strategic communications during disasters in response to the agency's involvement in crisis communications during the flood events. This unit has been developed to deliver overarching whole-of-government messaging during disaster events.

Similarly, the Reconstruction Authority advised that an evaluation was planned for the provision of temporary housing. In addition, Resilience NSW commissioned an evaluation of the use of the Minderoo Foundation pods in response to the 2019–20 bushfires. This review reported in November 2022, though it had limited consideration of the role of the Minderoo Foundation pods as a source of temporary housing in the Northern Rivers. This report made 19 recommendations to the Reconstruction Authority and the Minderoo Foundation, and found that the Minderoo pods had largely been delivered in line with the original intended objectives.

There is no State-wide process in place to capture lessons learned from all agencies involved in recovery

Each year, the SEMC conducts a State-wide lessons learned exercise, incorporating learnings from all of the emergency events in the previous year. This exercise has commenced for the 2022 emergency events, however at the time of the audit it was in draft and not yet formally endorsed by the SEMC.

The agencies involved in the State lessons learned process are agencies with emergency response responsibilities. The findings largely relate to these response activities, with very few lessons learned relating to recovery. Only a limited number of agencies are involved in this activity, and the 2022 review did not incorporate the views of a number of agencies that were involved in the recovery phase of the Northern Rivers and Central West flood events.

While it is important that lessons are learned from the response phase of an emergency, it is equally important that State-wide lessons are learned from the recovery phase to ensure that appropriate State-wide changes can be made, or positive experiences can be continued. There is currently no process in place to capture these lessons learned from the recovery phase from all agencies involved in the recovery phase.

Appendix one – Responses from entities

Appendix two – About the audit

Appendix three – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #389 - released 22 February 2024