Reports
Actions for Customer Service 2021
Customer Service 2021
This report analyses the results of our audits of the Customer Service cluster agencies for the year ended 30 June 2021.
Our preferred approach is to table the ‘Report on State Finances’ in Parliament before any other cluster report. This is because the ‘Report on State Finances’ focuses on the audit results and observations relating to the Total State Sector Accounts, in effect a consolidation of all government agencies. This year the ‘Report on State Finances’ has been delayed due to significant accounting issues being considered in the Total State Sector Accounts and which may impact the Treasury and Transport clusters.
As there are no outstanding matters relating to audits in the Customer Service cluster impacting the Total State Sector Accounts we have decided to break with normal practice and table this cluster report ahead of the ‘Report on State Finances’.
What the report is about
The results of Customer Service cluster agencies' financial statement audits for the year ended 30 June 2021.
What we found
Unmodified audit opinions were issued for all Customer Service cluster agencies.
The number of monetary misstatements decreased from 48 in 2019–20 to 46 in 2020–21.
Seven out of eight agencies did not complete all mandatory early close procedures.
What the key issues were
Upon the implementation of AASB 1059 'Service Concession Arrangements: Grantors', the Department of Customer Service (the department) recognised a service concession asset, the land titling database, totalling $845 million for the first time at 1 July 2019.
The department reported several retrospective corrections of prior period errors.
The 2020–21 audits identified three high-risk and 59 moderate risk issues across the cluster. The high-risk issues were related to:
- the Department of Customer Service – internal control qualifications and control deviations in GovConnect service providers
- the Department of Customer Service – significant control deficiencies in information technology change management controls
- Rental Bond Board – uncertainties in the accounting treatment of rental bonds.
The percentage of repeat issues we report to management and those charged with governance in management letters increased from 29 per cent in prior year to 42 per cent in 2020–21 while the number of items decreased from 94 to 93.
The magnitude and number of internal control exceptions in GovConnect service providers increased resulting in additional audit procedures to address the risks of fraud and errors in the financial statements.
What we recommended
The department should improve the validation process of key valuation assumptions and inputs provided by the private operator NSW Land Registry Services. It should revisit its accounting treatment of new land titling records.
The department should ensure GovConnect service providers prioritise the remediation of control deficiencies in information technology services.
The department should continue to improve controls in cyber security management.
Cyber Security NSW and NSW Government agencies need to prioritise improvements to their cyber security resilience as a matter of urgency.
The New South Wales Government Telecommunications Authority should improve its fixed assets management and financial reporting process to accommodate its growing fixed assets profile.
Fast factsThe Customer Service cluster aims to plan, prioritise, fund and drive digital transformation and customer service across every cluster in the NSW Government.
|
This report provides Parliament and other users of the Customer Service cluster’s financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Customer Service cluster (the cluster) for 2021.
Section highlights
|
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the Customer Service.
Section highlights
|
Findings reported to management
Forty-two per cent of findings reported to management were repeat issues
Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues were reported to management and those charged with governance of agencies. The Audit Office does this through management letters, which include observations, related implications, recommendations and risk ratings.
In 2020–21, there were 93 findings raised across the cluster (94 in 2019–20). Forty-two per cent of all issues were repeat issues (29 per cent in 2019–20).
The most common repeat issues related to weaknesses in controls over information technology user access administration.
A delay in implementing audit recommendations increases the risk of intentional and accidental errors in processing information, producing management reports and generating financial statements. This can impair decision-making, affect service delivery and expose agencies to fraud, financial loss and reputational damage. Poor controls may also mean agency staff are less likely to follow internal policies, inadvertently causing the agency not to comply with legislation, regulation and central agency policies.
The table below describes the common issues identified across the cluster by category and risk rating.
Risk rating | Issue |
Information technology | |
High3 1 new, 1 repeat |
The financial audits identified the need for agencies to improve information technology processes and controls that support the integrity of financial data used to prepare agencies' financial statements. Of particular concern are issues associated with:
High-risk issues are discussed later in the chapter. |
Moderate2 |
|
Low1 |
|
Internal control deficiencies or improvements | |
Moderate2 |
The financial audits identified internal control weaknesses across key business processes, including:
|
Low1 |
|
Financial reporting | |
High3 |
The financial audits identified opportunities for agencies to strengthen financial reporting, including:
High-risk issues are discussed later in the chapter. |
Moderate2 |
|
Low1 |
|
Governance and oversight | |
Moderate2 10 new, 3 repeat |
The financial audits identified opportunities for agencies to improve governance and oversight processes, including:
|
Low1 3 new |
|
Non-compliance with key legislation and/or central agency policies | |
Moderate2 4 new, 4 repeat |
The financial audits identified the need for agencies to improve its compliance with key legislation and central agency policies, including:
|
Low1 1 repeat |
2020–21 audits identified three high-risk findings
High-risk findings, including repeat findings, were reported at the following cluster agencies. One of the 2019–20 high-risk findings were not resolved.
Agency | Description |
2020–21 findings | |
Department of Customer Service Repeat finding: Qualifications and control deviations in GovConnect NSW controls assurance reports |
The GovConnect information technology general controls (ITGC) provided by the department, Infosys and Unisys were qualified in 2020–21. The key controls over user access, system changes and batch process failed in all ITGC reports. Most of these deviations were not mitigated or sufficiently mitigated to address the risk of unauthorised user access. The control deficiencies in ITGC increase:
The role of the department has changed significantly from a coordinating agency on behalf of GovConnect customers to a GovConnect IT service provider. It is leading a new IT operating model called ‘Service Integration and Application Management’ (SIAM) to strengthen governance and improve performance of GovConnect service providers. The Department is responsible for the remediation of control deficiencies and continuous improvement in the GovConnect environment. This matter was assessed as high-risk, if not adequately addressed, it had the potential to result in material fraud and error in the department's financial statements and reputation damages. This issue is further discussed later in this chapter. |
2020–21 findings | |
Department of Customer Service New finding: Change management significant control deficiencies |
Revenue NSW, a division of the department has a key role in managing the State’s finances. It administers State taxes, manages fines, recovers State debt and administers grants and subsidies. The audit team found significant control deficiencies in change management controls:
We have included this matter as a high-risk management letter finding, as the audit team could not identify mitigating controls. The system activity of these developers was also not being independently logged and monitored. This increases the risk of unauthorised system change. This can significantly affect the integrity of tax calculation, business process approvals, invalid changes to bank accounts, unauthorised refunds and write-offs. The audit team conducted a risk analysis over the relevant business processes affected by this issue and performed additional audit procedures to address the audit risk. |
Rental Bond Board Repeat finding: Accounting treatment of rental bonds held in trust |
The Rental Bond Board (the Board) holds rental bonds totalling $1.7 billion at 30 June 2021. The Board treated the rental bonds off-balance sheet and disclosed the rental bonds as ‘trust funds’. This treatment is based on management’s judgement that the Board does not have control of these funds. Previously the Board obtained advices from the Crown Solicitors who stated that in their view the rental bond funds held in the rental bond account were not moneys held in trust and the Residential Tenancies Act 2010 (the Act) should be reviewed and amended to better support its accounting treatment of rental bonds. The Board has initiated the need to amend the Act, however the implementation of the legislative amendments is still pending. This matter was assessed as high-risk, if not adequately supported, it had the potential to result in material misstatements in the Board's financial statements. |
The number of moderate risk findings increased from prior year
Fifty-nine moderate risk findings were reported in 2020–21, which was a 11.3 per cent increase from 2019–20. Of these, 26 were repeat findings, and 33 were new issues.
Moderate risk findings include:
- weaknesses in user access management, such as untimely access removal for terminated staff, and a lack of periodic user access review
- accounting for leases such as the review of extension options, assessing indicators of impairment and reviewing the lease reports for completeness and accuracy
- formalising arrangements between agencies including corporate service arrangements, funding arrangements, leases, use of SAP system and computer assets
- use of purchasing cards where our data analytics performed indicated potential gaps and controls and non-compliance with government policies.
The magnitude and number of internal control exceptions in GovConnect service providers have increased
In 2015, the NSW Government selected Unisys Australia Pty Limited’s (Unisys) as an information technology (IT) outsourced service provider and Infosys Limited (Infosys) as a business process outsourced service provider. The outsourced services arrangement was branded GovConnect NSW (GovConnect). The Department of Customer Service (the department) is the contract authority for the NSW Government. In 2019, the NSW Government transitioned a number of Unisys’ IT services progressively to the department and ceased all Unisys's IT services in May 2021. In 2020-21, Infosys, Unisys and the Department were co-providers of business processes and information technology services that constitute the GovConnect environment.
The role of the department has changed significantly from a coordinating agency on behalf of GovConnect customers to a GovConnect IT service provider. The department is responsible for the remediation of control deficiencies and continuous improvement in GovConnect internal control environment.
The department leads the project management of GovConnect services, including the arrangement to provide internal control assurance reports to customers in 2020–21. It engages an independent service auditor (service auditor) from the private sector to perform annual assurance reviews of controls at GovConnect service providers in accordance with Australian Standard on Assurance Engagements 3402 'Assurance Reports on Controls at a Service Organisation' (ASAE 3402). The service auditor reports on the internal controls at a service organisation, which are relevant to a user entity's internal control environment.
The service auditor issued eight ASAE 3402 reports covering business processes controls and information technology general controls (ITGC) provided by the service providers. Four out of eight reports were qualified, a significant increase from previous years.
The table below shows the service auditor's ASAE 3402 opinions issued in various business processes and information technology services provided by service providers for the last five years.
ASAE 3402 controls report# | 2015–16^ | 2016–17 | 2017–18 | 2018–19 | 2019–20 | 2020–21 |
Infosys Accounts receivable | Qualified | Unqualified | Unqualified | Unqualified | Unqualified | Qualified |
Infosys Accounts payable | Qualified | Qualified | Unqualified | Unqualified | Unqualified | Unqualified |
Infosys Fixed assets | Qualified | Unqualified | Unqualified | Unqualified | Unqualified | Unqualified |
Infosys General ledger | Qualified | Qualified | Unqualified | Unqualified | Unqualified | Unqualified |
Infosys Payroll | Adverse | Qualified | Unqualified | Unqualified | Unqualified | Unqualified |
Infosys ITGC | Qualified | Qualified | Unqualified | Unqualified | Unqualified | Qualified |
Unisys ITGC | Qualified | Unqualified | Qualified | Qualified | Unqualified | Qualified |
The department ITGC* | -- | -- | -- | -- | Qualified | Qualified |
ServiceFirst** | Disclaimer | -- | -- | -- | -- | -- |
In 2020–21, the information technology services controls reports issued to the department, Infosys and Unisys were qualified. Infosys' accounts receivable business process controls report was also qualified. The audit qualifications were because:
- the service auditor did not get access to the complete set of records processed during the financial year for several ITGC controls. The system that stored these records was hosted at Unisys. From December 2019 to 28 May 2021, the services at Unisys were progressively migrated to the department's IT environment but this system could not be migrated to the department in the required format, resulting in audit scope limitation for service auditors
- of the deviations identified during sample testing of ITGC controls
- the monthly follow up of outstanding receivables was not performed regularly, which was the only key control to address the timely collection of accounts receivable.
Internal control exceptions in GovConnect information and technology services require urgent remediations
The relevant controls over user access, system changes and password controls failed in all three ASAE 3402 GovConnect ITGC reports. These control failures can lead to unauthorised system access, system and configuration changes (workflow approvals, three-way match, etc.) and modifications to key reports. It increases the risk of:
- fraud and error in the financial statements
- ineffective segregation of duties controls
- accuracy and completeness of system generated reports for the agencies using the SAPConnect system.
The table shows the number of ITGC control deviations compared to prior year:
Year ended 30 June | 2021 | 2020 | ||
Total controls tested | Total number of control deviations and findings | Total controls tested | Total number of control deviations and findings | |
Infosys ITGC | 41 | 16 | 35 | 8 |
Unisys ITGC | 25 | 11 | 33 | 4 |
DCS ITGC | 31 | 9 | 10 | 5 |
Most of these deviations were not mitigated or sufficiently mitigated to address the risk of unauthorised user access.
The service auditor identified significant areas for remediation:
- governance arrangement of the IT services
- user access management controls
- SAP database controls
- logical access
- incident management.
In response to the internal control qualifications, the audit teams performed data analytics over payroll and accounts payable. The data analytics identified several terminated employees that were paid long after their termination dates which resulted in salary overpayments during 2020–21. While management had put processes in place to recover these overpayments, the payroll processing controls need to be improved to prevent such overpayments.
The Department of Customer Service advised that it established a ‘Control Reframe Project’ (the project) to address the internal control exceptions at GovConnect service providers. The objective of the project is to ensure the GovConnect assurance model is aligned with clear lines of responsibility and remediation actions are in place to support the delivery of services and achieve an improved outcome for future years.
Recommendation
We recommend the Department of Customer Service:
- improve governance and internal control environment over the information technology services
- ensure GovConnect service providers prioritise remediation actions to address internal control exceptions
- perform a post-implementation review of the transition of the Unisys arrangement to identify lessons learnt and continuous improvement
- develop data analytics to help analyse and identify high-risk patterns and anomalies in GovConnect key transaction systems, augmenting their existing monitoring and detective controls.
The NSW Public Sector's cyber security resilience needs urgent attention
The 2020 'Central Agencies' Report to Parliament highlighted the need for Cyber Security NSW, a business unit within the Department of Customer Service, and NSW Government agencies to prioritise improvements to their cyber security resilience as a matter of urgency. A status update of the 2020 recommendation is included in Appendix five of this report.
The Audit Office's Annual Work Program identifies cyber security as a focus area for the Audit Office in 2021–24. It outlines a three-pronged approach to auditing cyber security in this period:
- considering how agencies are responding to the risks associated with cyber security across our financial audits across the NSW public sector
- examining the effectiveness of cyber security planning and governance arrangements for large NSW state government agencies for our Internal Controls and Governance report
- conducting deep-dive performance audits of the effectiveness of specific agency activities in preparing for, and responding to cyber security risks.
A performance audit 'Managing cyber risks' was tabled in Parliament in July 2021. The audit made several recommendations to audited agencies to uplift their cyber security management. It also recommended the Department of Customer Service to:
- clarify the requirement of the NSW Cyber Security Policy (CSP) reporting to all systems
- require agencies to report the target level of maturity for each mandatory requirement.
A compliance audit 'Compliance with the NSW Cyber Security Policy' was tabled in October 2021. The audit examined whether agencies are complying with the NSW Cyber Security Policy to ensure all NSW Government departments and public service agencies are managing cyber security risks to their information and systems.
The report found that key elements to strengthen cyber security governance, controls and culture are not sufficiently robust and not consistently applied. There has been insufficient progress to improve cyber security safeguards across NSW Government agencies. The poor levels of cyber security maturity are a significant concern. Improvement requires dedicated leadership and resourcing. To comply with some elements of the government’s policy agencies will have to invest in technical uplift and some measures may take time to implement. However, other elements of the policy do not require any investment in technology. They simply require leadership and management commitment to improve cyber literacy and culture. And they require accountability and transparency. Transparent reporting of performance is a key means to improve performance.
The report noted that the CSP was not achieving the objective of improved cyber governance, controls and culture. The compliance audit made several recommendations to Cyber Security NSW and other NSW Government agencies.
The 2021 maturity self-assessment results against the Australian Cyber Security Centre Essential 8 for the 25 largest NSW State Government agencies are reported in the 2021 'Internal Control and Governance' Report to Parliament.
Repeat recommendation
Cyber Security NSW and NSW Government agencies need to prioritise improvements to their cyber security resilience as a matter of urgency.
Management of cyber security risk
Our 2020-21 financial audit assessed whether cyber security risks represent a risk of material misstatement to the department's own financial statements. A request performance audit 'Service NSW's handling of personal information' was tabled on 18 December 2020. The audit followed two cyber security incidents that resulted in data breaches of customer information. As part of our audit procedures, we obtained an understanding of the controls the department has in place to address the risk of cyber security incidents and respond to any incidences which may have occurred during the year, including its impact on the audit.
Our assessment of the department’s own cyber risk management shows that:
- an approved security incident response plan was not in place during the reporting period. There was a lack of testing over incident detection and monitoring process
- a formal process over patch management that includes assessment, determining relevance and priority, timely rollout and escalation and reporting of long outstanding patches to senior management is being established.
The department provides information security services including cyber security management to cluster agencies. We found that there were insufficient communications within the Customer Service cluster over the controls and assurance over cyber security risk management. Some cluster agencies had put in place limited controls over cyber security risk management.
Recommendation
We recommend the Department of Customer Service:
- establish an approved security incident response plan and formal process over patch management
- improve communications with cluster agencies over the controls and assurance in cyber security management.
Appendix one – Misstatements in financial statements submitted for audit
Appendix two – Early close procedures
Appendix three – Timeliness of financial reporting
Appendix four – Financial data
Appendix five – Status of 2020 recommendations
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Actions for Stronger Communities 2021
Stronger Communities 2021
This report analyses the results of our audits of the Stronger Communities cluster agencies for the year ended 30 June 2021.
Our preferred approach is to table the ‘Report on State Finances’ in Parliament before any other cluster report. This is because the 'Report on State Finances' focuses on the audit results and observations relating to the Total State Sector Accounts, in effect a consolidation of all government agencies. This year the 'Report on State Finances' has been delayed due to significant accounting issues being considered in the Total State Sector Accounts and which may impact the Treasury and Transport clusters.
As there are no outstanding matters relating to audits in the Stronger Communities cluster impacting the Total State Sector Accounts we have decided to break with normal practice and table this cluster report ahead of the ‘Report on State Finances’.
What the report is about
The results of the Stronger Communities cluster agencies' financial statement audits for the year ended 30 June 2021.
What we found
Unqualified audit opinions were issued for all 30 June 2021 financial statements of cluster agencies.
Eleven of the 15 cluster agencies required to submit 2020–21 early close financial statements and other mandatory procedures did not meet the statutory deadline. Five agencies did not perform all mandatory procedures.
The implementation of AASB 1059 'Service Concession Arrangements: Grantors' had a significant impact on the Department of Communities and Justice's (the department) 2020–21 financial statements. The department applied a modified retrospective approach upon initial adoption at 1 July 2020 and recognised service concession assets and liabilities of $1.0 billion and $1.2 billion respectively (relating to three correctional centres with private sector operators).
The department was, this year for the first time, able to reliably measure Incurred But Not Reported (IBNR) claims relating to its Victims Support Scheme. The department recorded a liability of $200 million at 30 June 2021. Liabilities for Child Sexual Assault IBNR claim continue to be not recorded on the basis they are unable to be reliably measured.
The number of monetary misstatements identified during the audit of the financial statements for the cluster increased from 61 in 2019–20 to 72 in 2020–21.
What the key issues were
The number of issues reported to management decreased from 191 in 2019–20 to 172 in 2020–21. However, 45 per cent were repeat issues related to information technology, governance and oversight controls.
Seven high risk issues were identified in 2020–21, an increase of five compared to last year. High risk issues related to deficiencies in IT access controls at Sydney Cricket and Sports Ground Trust; a lack of a formal agreement between the Office of Sport and Planning Ministerial Corporation over the management of a sporting venue; asset revaluations at both Fire and Rescue NSW and the Trustees of the Anzac Memorial Building; and three issues related to revenue recognition control deficiencies at New South Wales Aboriginal Land Council and two of its subsidiaries.
What we recommended
Cluster agencies should ensure all applicable mandatory early close procedures are completed and the outcomes provided to the audit team in accordance with the deadlines set by NSW Treasury.
We recommend cluster agencies action recommendations to address internal control weaknesses promptly. Focus should be given to addressing high risk and repeat issues.
Fast factsThe Stronger Communities cluster, consisting of 28 agencies, aims to deliver community services that support a safe and just New South Wales.
|
This report provides Parliament and other users of the Stronger Communities cluster’s financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Stronger Communities cluster (the cluster) for 2021.
Section highlights
|
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the Stronger Communities cluster.
Section highlights
|
Findings reported to management
The overall number of findings has decreased, but the level of repeat issues increased
Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues were reported to management and those charged with governance of agencies. The Audit Office does this through management letters, which include observations, related implications, recommendations and risk ratings.
In 2020–21, there were 172 findings raised across the cluster (191 in 2019–20). 45 per cent of all issues were repeat issues (32 per cent in 2019–20).
Repeat issues largely related to weaknesses in controls over information technology (IT), governance and oversight.
A delay in implementing audit recommendations increases the risk of intentional and accidental errors in processing information, producing management reports and generating financial statements. This can impair decision‑making, affect service delivery and expose agencies to fraud, financial loss and reputational damage. Poor controls may also mean agency staff are less likely to follow internal policies, inadvertently causing the agency not to comply with legislation, regulation and central agency policies.
2020–21 audits identified seven high risk findings
High risk findings were reported at the following cluster agencies. Two high risk findings reported in 2019–20 were resolved.
Agency | Description |
2020–21 findings | |
Sydney Cricket and Sports Ground Trust (new finding) * | The audit of Sydney Cricket and Sports Ground Trust's IT access controls identified:
|
Fire and Rescue NSW (new finding) | Fire and Rescue NSW (FRNSW) completed a comprehensive revaluation of its fire appliances in 2020–21. The audit of the revaluation found there was inadequate analysis and quality control by management over the valuation process prior to the outcomes being included in the financial statements. FRNSW had 57 fleet assets that have not been revalued due to problems with data supplied by the valuer. The written down value:
The review also found:
|
New South Wales Aboriginal Land Council (NSWALC) (new finding) | The audit of NSWALC's revenue identified there was no formal assessment of relevant contracts for the nature, amount and timing of revenue recognition before preparing the financial statements. This matter has been included as a high risk finding as it contributed to material monetary misstatements and disclosure deficiencies relating to revenue transactions. |
NSWALC Employment and Training Limited (new finding) | The audit of NSWALC Employment and Training Limited's revenue found:
|
NSWALC Housing Limited (new finding) | The audit of NSWALC Housing Limited's revenue identified it:
|
Office of Sport (new finding) |
The Olympic Co-ordination Authority Dissolution Act 2002 transferred the assets, rights and liabilities relating to the Sydney International Regatta Centre (SIRC) to the Planning Ministerial Corporation (the Corporation) effective from 1 July 2002. The Corporation recognised the related land assets but did not recognise any of the built assets at the time of transfer. The total value of the land and built assets at 30 June 2021 was The SIRC has been managed by the Office of Sport (the Office) for many years in accordance with a not yet executed management agreement. It appears there was a clear intention in 2005 that the control of SIRC built assets was to be transferred from the then Department of Planning to the then Department of Tourism, Sport and Recreation (a predecessor of the Office), through the exchange of letters between the relevant Ministers and an Administrative Order (the Order). The Order transferred the SIRC staff from the then Department of Planning to the then Department of Tourism, Sport and Recreation. However, it was silent on whether the relevant built assets were transferred. Currently, the Office recognises the SIRC built assets in the financial statements whilst the Corporation recognises the land assets as the legal owner of the property. This matter has been included as a high risk finding as the lack of a formal management agreement casts doubt over the accounting treatment of SIRC property. |
The Trustees of the Anzac Memorial Building (new finding) |
The audit of the Trustees of the Anzac Memorial Building's property, plant and equipment identified:
This matter has been included as a high risk finding as it contributed to material monetary misstatements and disclosure deficiencies relating to property, plant and equipment. |
Recommendation (repeat issue)We recommend cluster agencies action recommendations to address internal control weaknesses promptly. Focus should be given to addressing high risk and repeat issues. |
The table below describes issues commonly identified across the cluster by category and risk rating.
Risk rating | Issue |
Information technology | |
High3 |
The financial audits identified weaknesses in information technology processes and controls that support the integrity of financial data used to prepare agencies' financial statements. Of particular concern are issues with:
|
Moderate2 |
|
Low1 5 new, 6 repeat |
|
Internal control deficiencies or improvements | |
High3 |
The financial audits identified internal control weaknesses across the following key business processes:
|
Moderate2 |
|
Low1 |
|
Financial reporting | |
High3 |
The financial audits identified weaknesses in financial reporting processes, including:
|
Moderate2 |
|
Low1 |
|
Governance and oversight | |
High3 1 new |
The financial audits identified areas where agencies could strengthen governance and oversight processes, including:
|
Moderate2 5 new, 11 repeat |
|
Low1 12 new, 8 repeat |
|
Non-compliance with key legislation and/or central agency policies | |
Moderate2 7 new, 6 repeat |
The financial audits identified the need for agencies to improve their compliance with key legislation and/or central agency policies, including:
|
Low1 2 new, 8 repeat |
2 Moderate risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
1 Low risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
Note: Management letter findings are based either on final management letters issued to agencies, or draft letters where findings have been agreed with management.
The number of moderate risk findings decreased from prior year
Seventy‑eight moderate risk findings were reported in 2020–21, representing a 22 per cent decrease from 2019–20. Of these, 43 were repeat findings, and 35 were new issues.
Moderate risk findings reported in 2020–21 include:
- weaknesses in governance arrangements, including outdated policies and procedures and arrangements that do not align with NSW Government guidelines, such as the NSW Government Procurement Policy Framework and NSW Cyber Security Policy
- weaknesses in user access administration including:
- user access reviews
- monitoring of privileged user access and activities
- password policy configuration
- cyber security improvements including:
- implementation and update of governance arrangements
- monitoring of third‑party system access
- patch management improvement
- outdated instruments of financial delegation and non‑compliance with established financial delegations
- weaknesses in supplier and employee masterfile maintenance.
Appendix one – Misstatements in financial statements submitted for audit
Appendix two – Early close procedures
Appendix three – Timeliness of financial reporting
Appendix four – Financial data
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Actions for Health 2021
Health 2021
This report analyses the results of our audits of the Health cluster agencies for the year ended 30 June 2021.
Our preferred approach is to table the ‘Report on State Finances’ in Parliament before any other cluster report. This is because the 'Report on State Finances' focuses on the audit results and observations relating to the Total State Sector Accounts, in effect a consolidation of all government agencies. This year the 'Report on State Finances' has been delayed due to significant accounting issues being considered in the Total State Sector Accounts and which may impact the Treasury and Transport clusters.
As there are no outstanding matters relating to audits in the Health cluster impacting the Total State Sector Accounts we have decided to break with normal practice and table this cluster report ahead of the ‘Report on State Finances’.
What the report is about
The results of Health cluster (the cluster) agencies' financial statements audits for the year ended 30 June 2021.
What we found
Unmodified audit opinions were issued for the financial statements of all Health cluster agencies.
The COVID-19 pandemic increased the complexity and number of accounting matters faced by the cluster. The total gross value of corrected misstatements in 2020–21 was $250.2 million, of which $226.0 million were pandemic related.
A qualified audit opinion was issued on the Annual Prudential Compliance Statement. The basis of the qualification related to 19 instances (18 in 2018–19) of non-compliance relating to three of the 20 prudential requirements across five aged care facilities.
What the key issues were
The total number of matters we reported to management across the cluster increased from 112 in 2019–20 to 116 in 2020–21. Of the 116 issues raised in 2020–21, three were high risk (one in 2019–20) and 57 were moderate risk (47 in 2019–20). Nearly one half of the issues were repeat issues.
The three new high-risk issues identified were:
Hotel Quarantine (HQ) fees
The absence of a tailored debt recovery strategy, data integrity issues and uncertainties around future HQ arrangements increased risks around the recoverability of HQ fees from travellers.
COVID-19 inventories
Data errors and anomalies in the impairment model and difficulties forecasting key factors impacting the management of Personal Protective Equipment (PPE) increased uncertainty associated with the valuation and impairment of COVID-19 inventories.
COVID-19 vaccines
The Commonwealth did not provide information about the cost of vaccines provided to NSW free of charge, which required the performance of internal valuations to reflect the consumption of vaccines in the financial statements.
What we recommended
Hotel Quarantine (HQ) fees
Develop a tailored assessment methodology to estimate recoverability of HQ fees and work with Revenue NSW to develop a tailored debt recovery strategy.
COVID-19 inventories
Review the current stocktaking and impairment methodology to incorporate validation of data key to the management of COVID-19 related PPE.
COVID-19 vaccines
Work with the Commonwealth to obtain primary price information on COVID-19 vaccines.
Fast facts
The Health cluster, comprising 15 local health districts, five pillars agencies, two specialty health networks and six shared state-wise services agencies, deliver health services to the people of New South Wales.
- 100% unqualified audit opinions were issued on agencies' 30 June 2021 financial statements
- 24 monetary misstatements were reported in 2020–21
- 3 high risk management letter findings were identified
- 47.4% of reported issues were repeat issues
- $23.5b property, plant and equipment as at 30 June 2021
- $26.8b total expenditure incurred in 2020–21
This report provides Parliament and other users of the Health cluster’s financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely. This chapter outlines our audit observations related to the financial reporting of agencies in the Health cluster (the cluster) for 2021.
Section highlights
|
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making. This chapter outlines our observations and insights from our financial statement audits of agencies in the Health cluster.
Section highlights
|
Findings reported to management
The number of findings reported to management has increased, with 47.4 per cent of all issues being repeat issues
Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues were reported to management and those charged with governance of cluster agencies. The Audit Office does this through our management letters, which include observations, implications, recommendations and risk ratings.
In 2020–21, there were 116 findings raised across the cluster (112 in 2019–20). 47.4 per cent of all issues were repeat issues (38.4 per cent in 2019–20).
A delay in implementing audit recommendations increases the risk of intentional and accidental errors in processing information, producing management reports and generating financial statements. This can impair decision-making, affect service delivery and expose agencies to fraud, financial loss and reputational damage. Poor controls may also mean agency staff are less likely to follow internal policies, inadvertently causing the agency not to comply with legislation, regulation and central agency policies.
The table below describes the common issues identified across the cluster by category and risk rating.
Risk rating | Issue |
Information technology | |
Moderate2 |
We identified the need for agencies to improve information technology processes and controls that support the integrity of financial data used to prepare agencies' financial statements. Of particular concern are issues associated with:
Repeat issues included:
|
Low1 |
|
Internal control deficiencies or improvements | |
High3 1 new, 0 repeat |
We identified internal control weaknesses across key business processes, including new issues relating to:
Repeat issues included:
|
Moderate2 |
|
Low1 |
|
Financial reporting | |
High3 2 new, |
We identified weaknesses with respect to financial reporting in relation to the:
|
Moderate2 |
|
Low1 |
|
Governance and oversight | |
Moderate2 9 new, 5 repeat |
We identified opportunities for agencies to improve governance and oversight processes, including:
Repeat issues include:
|
Low1 2 new, 2 repeat |
|
Non-compliance with key legislation and/or central agency policies | |
Moderate2 1 new, 7 repeat |
We identified the need for agencies to improve compliance with key legislation and central agency policies, with new findings including:
Repeat issues include:
|
Low1 5 new, 13 repeat |
4Extreme risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
3 High risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
2 Moderate risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
1 Low risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
Note: Management letter findings are based either on final management letters issued to agencies, or draft letters where findings have been agreed with management.
Complexities arising from the COVID-19 response
The 2020–21 audit identified three new high-risk findings
COVID-19 has presented the cluster with several new accounting challenges. New and evolving matters arose from changes to operating conditions, which characterised the 2020–21 financial reporting period. Issues with a high degree of estimation uncertainty will require ongoing attention as the strategies employed to deal with the COVID-19 pandemic evolve.
Expected rate of recovery of outstanding Hotel Quarantine invoices
The estimation of the amount likely to be recovered is complicated not only by the uncertainties that exist regarding the assumptions those estimations rely upon, but also the debt collection processes and strategies put into place to manage the accumulated debtors' balance. Debt collection is not administered by the cluster, but rather Revenue NSW. We observed an absence of a methodology to assess the likelihood of recovery. Instead, Sydney Local Health District was relying on Revenue NSW to develop and execute on a collection strategy. Sydney Local Health District was using the same approach to hotel quarantine debts as it did to other Health receivables. As the approach to managing international borders evolves over time, so too will the cluster's need to develop robust estimation models to assess the likely collectability of debtors.
Procurement, management and impairment of COVID-19 inventories
$656.2 million of COVID-19 inventories were procured in 2020–21, with $220.2 million consumed; $558.7 million impaired and a further $217.1 million written off. Estimates of the degree to which inventories are expired, not fit for purpose or are faulty is often based on management judgement at all stages in the procurement cycle.
With respect to the stocktaking methodology applied, the following issues were identified:
- discrepancies noted in the stock bin listing provided for audit
- discrepancies in the recount sheet generated
- inconsistent application of the stocktake methodology
- inconsistent labelling of quarantined stock
- a lack of an approach for validating stock expiry dates, which is a key input to the impairment calculations.
Although management had developed processes and a methodology to count as well as to assess the level of inventory that was not fit for purpose, ongoing attention to the operating environment that emerges post pandemic will be important in assessing the degree to which existing COVID-19 inventories can be integrated into a ‘business as usual’ model going forward. Further refinement of the key elements of the stocktaking methodology will also be required to ensure that key inputs upon which management relies to calculate the year-end inventory impairment provision can be appropriately validated.
Valuation and recognition of COVID-19 vaccines received from the Commonwealth Government
The 2020–21 financial reporting period saw the Commonwealth acquire COVID-19 vaccines and provide these to state jurisdictions to dispense to their communities. The vaccines, although provided free of charge require recognition. However, Health entities were not responsible for acquiring the vaccines and data on the vaccines' cost was not shared by the Commonwealth. Management undertook a valuation using publicly available data to estimate the value to attribute to the vaccine inventory; developed new systems and leveraged existing pharmacy systems to track physical quantities received from the Commonwealth and ultimately distributed to NSW citizens. As the response to the pandemic evolves, larger quantities, and new lines of vaccine stock will be dealt with, and policy settings will need to adapt when patterns of distribution of those vaccines (e.g., timing of third booster shots) emerge. The Ministry of Health will need to ensure that the valuations applied to the prices of inventory distributed and held in stock are as accurate as possible. This can be done through further refinement of the existing valuation methodology, obtaining price information from the Commonwealth and engaging specialist pharmaceutical valuers.
Emerging trends
Recognition of provisions without sufficient support
Several NSW Health entities raised accruals and provisions in 2020–21, which did not have an appropriate basis for recognition. Liabilities can only be recognised where there is a present obligation to make a payment arising from a past event. A number of these errors remain uncorrected in the financial statements of those entities as they are not material, individually or in aggregate to the financial statements as a whole. Increased training and guidance are required to ensure that treatment within the cluster is consistent and reflects events that have occurred and give rise to obligations.
Treatment of Commonwealth funding
In the 2020–21 and 2019–20 financial reporting periods, we observed prior period errors arising from the treatment of Commonwealth funding. These errors related to recognising revenue under funding agreements entered into with the Commonwealth in the incorrect period. The conditions of these funding arrangements, the transactional information requiring validation and the circumstances when revenue should be recognised are not always clear and can be complex. Early and continuous engagement with the Commonwealth is required to ensure that revenue recognition principles are consistently applied across the cluster.
Key repeat issues
Management of excessive annual leave
NSW Treasury guidelines stipulate annual leave balances exceeding 30 days are considered excess annual leave balances. Managing excess annual leave balances has been reported as an issue for the cluster for more than five years, with the average percentage of employees with excessive leave balances over the last five years being 36.1 per cent (35.5 per cent over five years covering 2015–16 to 2019–20).
The operational demands required to manage the COVID-19 pandemic have presented new challenges for the cluster in trying to manage its excessive leave balances. 39.2 per cent of employees now have excess leave balances at 30 June 2021 (35.4 per cent at 30 June 2020).
The state's leave policy C2020-12 Managing Accrued Recreation Leave Balances requires agencies to manage excessive leave balances to 30 days or less to maintain their workforces physical and mental health.
Accurate time recording
Forced-finalisation of time records by system administrators within HealthRoster remains an issue and we continue to observe time records forced-finalised by system administrators so pay runs can be finalised on a timely basis. During 2020–21, a total of two million (2.2 million in 2019–20) time records were force approved, which represents 5.7 per cent of total time records (6.9 per cent in 2019–20).
Existence, completeness and accuracy of key agreements
Delivery of major capital projects
Health Infrastructure (a division of the Health Administration Corporation) is responsible for the delivery of major capital projects with a budgeted spend of more than $10.0 million. Health Infrastructure oversee the planning, design, procurement, and construction phases. Capital works in progress are recognised in the financial statements of the health entity that intends to use those assets upon completion. The health entities recognise both the capital work in progress and the revenue associated with the capital funding from the Ministry for the construction of the assets. Capital funding is currently agreed with health entities as part of the annual Service Agreement. The assumption that the health entities control the assets during their construction is consistent with Health Infrastructure's role as an agent for the health entity and the Ministry's policy directive PD2020-033 'Management and control of Health Administration Corporation owned Real Property'.
We continued to observe a lack of clarity regarding agreements between Health Infrastructure, the Ministry and the cluster agency that will eventually receive the completed asset. This can lead to confusion and uncertainty around the rights and obligations of each party to the transaction.
Cross border patient funding arrangements
When patients require medical care in a jurisdiction where they are not generally domiciled, there are arrangements in place to provide funding to support cross border patient treatments. We have previously observed that agreements between NSW and other jurisdictions have not been finalised, and this continues to be the case. In the case of Victoria, no agreement has been finalised for the past seven years.
We continue to note that the cluster has long outstanding receivables and payables with other states. The absence of formal agreements between the states hampers the settlement of the debts relating to the treatment of cross border patients. The following table shows the status of Cross Border Agreements between NSW and other jurisdictions:
States | 2014–15 | 2015–16 | 2016–17 | 2017–18 | 2018–19 | 2019–20 | 2020–21 |
Queensland | Signed | Signed | Signed | Signed | Signed | Not finalised | Not finalised |
Victoria | Not finalised | Not finalised | Not finalised | Not finalised | Not finalised | Not finalised | Not finalised |
Australian Capital Territory | Signed | Signed | Signed | Signed | Signed | Signed | Not finalised |
South Australia | Signed | Signed | Signed | Signed | Signed | Signed | Not finalised |
Tasmania | Signed | Signed | Signed | Signed | Signed | Signed | Not finalised |
Northern Territory | Signed | Signed | Signed | Signed | Signed | Signed | Not finalised |
Western Australia | Signed | Signed | Signed | Signed | Signed | Signed | Not finalised |
Albury Base Hospital
Albury Base hospital is located on the border of NSW and Victoria and services residents of both states. Documentation supporting the extension of the expired Intergovernmental Agreement 2009–2017 between NSW and Victoria in relation to the integration of health services in Wodonga and Albury could not be located.
Appendix one – Misstatements in financial statements submitted for audit
Appendix two – Early close procedures
Appendix three – Timeliness of financial reporting
Appendix four – Financial data
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Actions for Education 2021
Education 2021
This report analyses the results of our audits of the Education cluster agencies for the year ended 30 June 2021.
Our preferred approach is to table the ‘Report on State Finances’ in Parliament before any other cluster report. This is because the 'Report on State Finances' focuses on the audit results and observations relating to the Total State Sector Accounts, in effect a consolidation of all government agencies. This year the 'Report on State Finances' has been delayed due to significant accounting issues being considered in the Total State Sector Accounts and which may impact the Treasury and Transport clusters.
As there are no outstanding matters relating to audits in the Education cluster impacting the Total State Sector Accounts we have decided to break with normal practice and table this cluster report ahead of the ‘Report on State Finances’.
What the report is about
The results of the Education cluster (the cluster) agencies' financial statements audits for the year ended 30 June 2021.
What we found
Unmodified audit opinions were issued on the Department of Education (the department), the NSW Education Standards Authority and the NSW Skills Board's financial statements.
An 'other matter' paragraph was included in the Technical and Further Education Commission's (the TAFE Commission) audit opinion drawing attention to legislative non-compliance concerning financial delegations during the reporting year.
The number of misstatements identified in the financial statements of cluster agencies decreased from 14 in 2019–20 to seven.
What the key issues were
The department and the TAFE Commission revalued their land assets this year, recognising collective increases of $863.8 million.
The department and the TAFE Commission are not scheduled to perform comprehensive revaluations of their buildings until 2022–23. Construction costs, which are a key input in their current replacement cost valuation methodologies for buildings, may have increased by an estimated nine per cent since the last comprehensive revaluation in 2017–18 based on broad based indices used by the department and the TAFE Commission. While the estimated index increase indicates the fair value of buildings may exceed the carrying values, the use of such high-level indicators has a degree of estimation uncertainty due to the specialised nature of the assets. Therefore, both agencies did not adjust the values of their buildings.
The number of issues we reported to management decreased. Fifty per cent of issues were repeated from prior years.
Of the 11 newly identified moderate rated issues, seven related to internal control deficiencies, with six identified in procurement and payroll controls.
What we recommended
The department and the TAFE Commission reconsider policy settings governing the frequency of revaluations; and refine and consider the outcomes of interim fair value assessments to ensure asset carrying values reflect fair value at each balance date.
Cluster agencies should prioritise and action recommendations to address internal control deficiencies.
Fast facts
The Education cluster, comprising four agencies, administers and delivers education and training services for NSW students, workers and industry.
- $38.6b property, plant and equipment as at 30 June 2021
- $21.2b total expenditure incurred in 2020–21
- 100% unqualified audit opinions were issued on agencies’ 30 June 2021 financial statements
- 22 moderate risk management letter findings were identified and reported to management
- 7 monetary misstatements were reported in 2020–21
- 50% of reported issues were repeat issues
This report provides Parliament and other users of the Education cluster’s financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Education cluster (the cluster) for 2021.
Section highlights
|
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the Education cluster.
Section highlights
|
Findings reported to management
The number of findings reported to management has decreased. Fifty per cent of all issues were repeat issues
Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues were reported to management and those charged with governance of agencies. The Audit Office does this through management letters, which include observations, related implications, recommendations and risk ratings.
In 2020–21, there were 28 findings raised across the cluster (33 in 2019–20). Fifty per cent of all issues were repeat issues (45 per cent in 2019–20).
The most common repeat issues related to weaknesses in controls over information technology general controls, application controls, and identified deficiencies in procurement and payroll practices.
A delay in implementing audit recommendations increases the risk of intentional and accidental errors in processing information, producing management reports and generating financial statements. This can impair decision-making, affect service delivery and expose agencies to fraud, financial loss and reputational damage. Poor controls may also mean agency staff are less likely to follow internal policies, inadvertently causing the agency not to comply with legislation, regulation and central agency policies.
The table below describes the common issues identified across the cluster by category and risk rating.
Risk rating | Issue |
Information technology | |
Moderate2 |
The financial audits identified areas for agencies to improve information technology processes and controls that support the integrity of financial data used to prepare agencies' financial statements. Of note were deficiencies identified in:
|
Low1 |
|
Internal control deficiencies or improvements | |
Moderate2 |
The financial audits identified internal control weaknesses across key business processes relevant to financial reporting. Of note were deficiencies identified in:
|
Low1 |
|
Financial reporting | |
Moderate2 |
The financial audits identified:
|
Low1 |
3 High risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
2 Moderate risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
1 Low risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
The department continues to address recommendations to improve monitoring of privileged user access
Privileged users have higher levels of access to systems, and in some instances, may include access that can bypass segregation of duty controls. If reviews of access logs are not fully embedded in the control environment, the risk of unauthorised transactions occurring and not being detected in a timely manner is elevated.
In 2019–20 a high-risk issue was reported at the department relating to the inadequate monitoring and follow up of privileged user activity in its enterprise resource planning system – SAP. This year the department has largely addressed our findings by initiating a review of the identified instances of privileged user activity and establishing periodic oversight controls. There remains a need to improve the timeliness and completeness of these newly implemented controls.
Data analytics identified the root cause of internal control deficiencies in procurement and payroll
Our 2020–21 agency management letters identified seven new moderate risk internal control deficiency matters, of which six related to payroll and procurement.
To enhance our financial statement audit of the department we applied data analytics over elements of the department's procurement and payroll control processes. Our procedures, conducted over periods across the financial year, helped identify the following:
- a low level of compliance with procurement practices requiring the creation of purchase orders before invoices are received. The root cause was a lack of understanding by agency staff of the procurement processes
- transactions related to previous years being recorded in the current year. The root cause was a lack of understanding of the three-way matching process and the goods received/not invoiced facilities within SAP
- negative payments in fortnightly pay runs, predominantly representing deductions to recover salary payments made in error. The root cause was the lack of timeliness in notifying payroll for cessation of employment, or for employees undertaking secondments who should have been classified as being on leave without pay.
Recommendation
We recommend cluster agencies prioritise and action recommendations to address the internal control deficiencies outlined above.
Appendix one – Early close procedures
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Actions for Education 2018
Education 2018
The Auditor-General for New South Wales, Margaret Crawford, released her report today on the results of the financial audits of agencies in the Education cluster. The report focuses on key observations and findings from the most recent financial audits of these agencies. 'I am pleased to report that unqualified audit opinions were issued on the financial statements of both agencies in the Education cluster', the Auditor-General said. Statements were submitted and audited within statutory deadlines.
This report analyses the results of our audits of financial statements of the Education cluster for the year ended 30 June 2018. The table below summarises our key observations.
This report provides parliament and other users of the Education cluster’s financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations
- service delivery.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Education cluster for 2017–18.
Observation | Conclusions and recommendations |
2.1 Quality of financial reporting | |
Unqualified audit opinions were issued on the financial statements of both cluster agencies. | Sufficient audit evidence was obtained to conclude the financial statements were free of material misstatement. |
2.2 Timeliness of financial reporting | |
Both cluster agencies met the statutory deadlines for completing early close procedures and submitting financial statements. | Early close procedures continue to facilitate the timely preparation of cluster agencies’ financial statements and completion of audits, but scope exists to improve outcomes by resolving issues and supplying supporting documentation earlier. |
2.3 Key issues from financial audits | |
Inconsistencies in the Department’s annual leave and long service leave data, identified over the past three audits, remain unresolved. This issue impacts the Department’s liability estimates for annual leave and long service leave, including associated on-costs. It also on-flows to the Crown Entity, which assumes the Department's liability for long service leave. | Recommendation: The Department should confirm leave data and review assumptions following deployment of the new HR/Payroll system to better estimate the liability for employee benefits and the amount to be assumed by the Crown Entity. |
2.4 Key financial information | |
Cluster agencies recorded net deficits in 2017–18. |
The Department recorded a net deficit of $30.7 million in 2017–18 against a budgeted surplus of $122 million. The NSW Education Standards Authority recorded a net deficit of $4.1 million against a budgeted deficit of $4.7 million. |
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our observations and insights from:
- our financial statement audits of agencies in the Education cluster for 2018
- the areas of focus identified in the Audit Office work program.
The Audit Office Annual Work Program provides a summary of all audits to be conducted within the proposed time period as well as detailed information on the areas of focus for each of the NSW Government clusters.
Observation | Conclusions and recommendations |
3.1 Internal controls | |
Twenty internal control deficiencies were identified during our audits of cluster agencies. We assessed one as a high risk finding. | |
Eight internal control weaknesses were repeat issues from previous financial audits that had not been fully addressed by management. | Recommendation: Management should prioritise and action recommendations to address internal control weaknesses. |
3.2 Information technology | |
Delivery of the Learning Management and Business Reform (LMBR) program is complete. |
The LMBR program has been a major project for the Department since it was established in 2006. A staged approach was adopted for implementing the Department’s new HR/Payroll system to manage the risks associated with this large-scale roll-out. |
3.3 Valuation of the Department’s land and buildings | |
The Department completed a revaluation of land and building assets during 2017–18. |
A market approach was used to revalue the Department’s land, resulting in a revaluation increment of $2.3 billion. A current replacement cost approach was used to revalue the Department’s school buildings, resulting in an increment of $6.2 billion. |
3.4 Maintenance of school facilities | |
The Department regularly assesses the condition of school buildings and uses Life Cycle Costing to predict maintenance and capital renewal, and to prioritise maintenance activities. | The Life Cycle Costing assessment conducted by the Department in 2017–18 rated 70 per cent of school buildings as being in either as new or good condition. No school buildings were rated as being in end-of-life condition. |
3.4 School asset delivery | |
The Department’s School Assets Strategic Plan is designed to ensure that there are sufficient fit-for-purpose places for students up to 2031. | The Department created a new division, School Infrastructure NSW, to oversee the planning, supply and maintenance of schools and implement major school infrastructure projects. |
This chapter provides service delivery outcomes for the Education cluster for 2017–18. It provides important contextual information about the cluster's operation, but the data on achievement of these outcomes is not audited. The Audit Office does not have a specific mandate to audit performance information.
Actions for Health 2018
Health 2018
The Auditor-General, Margaret Crawford, released a report today on the New South Wales Health Cluster. The report focuses on key observations and findings from the most recent financial audits of thirty health entities in New South Wales. Unqualified audit opinions were issued for all health entities’ financial statements. However, assessing the fair value of health entities’ property, plant and equipment created challenges, particularly for local health districts.
This report analyses the results of our audits of financial statements of the Health cluster for the year ended 30 June 2018. The table below summarises our key observations.
This report provides parliament and other users of the Health cluster’s financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Health cluster for 2018.
Observation | Conclusions and recommendations |
2.1 Quality of financial reporting | |
We issued unqualified audit opinions for all health entities. We identified fewer misstatements than last year, but they were more significant. | The Ministry of Health sets significant accounting policies centrally and provides a template for the preparation of health entities' financial statements. These processes promote consistent quality in the financial reports of health entities. Significant errors identified in 2017–18 predominantly related to revaluations of property, plant and equipment. |
2.2 Timeliness of financial reporting | |
Entities' continue to bring forward financial statement procedures to 31 March where possible. All entities submitted their financial statements on time. | Health entities continue to meet statutory deadlines. |
2.3 Financial and sustainability analysis | |
NSW Health recorded an operating surplus of $377.7 million in 2017–18. Fewer health entities recorded operating deficits in 2017–18. | The operating surplus was $123 million less than budgeted, and $29.0 million less than the surplus recorded for 2016–17. NSW Health budgets for surpluses to help it invest in new facilities, upgrades and redevelopments. |
Expenses across NSW Health increased by 5.5 per cent in 2017–18 (4.4 per cent in 2016–17). | The expense growth rate for NSW Health is 0.5 percentage points lower than the projected long-term annual expense growth rate of six per cent. |
The capital replacement ratio (investment in new assets divided by depreciation) for NSW Health is 2.0. | NSW Health's high capital replacement ratios for ten health entities in 2017–18 is driven by its substantial ongoing investment in hospitals and other assets. |
2.4 Performance against budget | |
This year, four out of 17 (ten out of 17 in 2016–17) local health districts and specialty networks reported a budget variance outside of performance expectations. | Health entities' budgets are revised frequently throughout the year by the Ministry of Health. In 2017–18 the budgeted expenses of health entities were incrementally increased throughout the year by a total of $807 million. The Ministry of Health expects health entities not to exceed their revised budgeted expenses by more than 0.5 per cent. Four of the local health districts did not meet this requirement. |
2.5 Financial impact of health entity employees | |
Thirty-four per cent of NSW Health’s workforce has excess annual leave balances, compared to 35 per cent in 2016–17. |
Managing excess annual leave continues to challenge health entities.
|
The Ambulance Service of NSW reported an average sick leave rate of 88.9 hours per FTE in 2017–18, an increase from 85.2 hours per FTE in 2016–17. | Managing sick leave continues to challenge the Ambulance Service of NSW. Recommendation: The Ambulance Service of NSW should further implement and monitor targeted human resource strategies to address the high rates of sick leave taken. |
The Ambulance Service of NSW reported overtime payments of $74.8 million ($74.6 million in 2016–17). This continues to be significantly higher than other health entities. | Recommendation: The Ambulance Service of NSW should further review the effectiveness of its rostering practices to identify strategies to reduce excessive overtime payments. |
Weak timesheet approval controls mean unapproved employee timesheets continue to be a problem for health entities. | Recommendation: Health entities should, as part of the benefits realisation of HealthRoster, continue to rectify time and leave recording control weaknesses, to reduce the risk of timesheet errors and fraud. |
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our observations and insights from:
- our financial statement audits of agencies in the Health cluster for 2018
- the areas of focus identified in the Audit Office annual work program.
The Audit Office Annual Work Program provides a summary of all audits to be conducted within the proposed time period as well as detailed information on the areas of focus for each of the NSW Government clusters.
Observation | Conclusions and recommendations |
3.1 Internal control deficiencies | |
The number of internal control deficiencies decreased. However, almost a quarter of control deficiencies are repeat issues and over a quarter relate to managing employees' leave and time recording. | Control deficiencies that relate to managing employees' leave, employees' time recording or information system limitations can be difficult for entities to resolve in a timely manner. Nonetheless, the longer the deficiency remains unaddressed the more likely the vulnerability will contribute to error or fraud. |
3.2 Audit Office annual work program | |
Revaluation of property, plant and equipment | |
Three health entities did not effectively oversee the asset revaluations performed by the experts they engaged in 2017–18. All three entities made material adjustments to their draft financial statements. | Valuation of health property, plant and equipment is complex and subjective. Health entities and the Ministry of Health rely on the experts they engage, but needed to do more to review and oversee their work. |
Capital projects | |
NSW Health manages a significant capital program ($1.7 billion in 2017–18). We noted significant revisions to completion dates and budgeted costs for some projects. | NSW Health complied with approval requirements for business cases, initial budgets and budget variations for the projects we reviewed. For some projects revisions to planned completion dates and budgeted costs impact on the ability to assess the timeliness and cost effectiveness of projects. Combining stages of projects for simplicity of reporting, as a project progresses also makes it difficult to see how the project is tracking to the original plan. |
Asset maintenance | |
The five health entities with the highest maintenance expense used different methods to estimate budgets for maintenance expense. Entities that calculated maintenance budgets by applying CPI factors to prior year expenses were less likely to deliver within budget. | Maintenance budgets are more accurately predicted when estimates are made of expected costs and prepared with the input of asset maintenance staff. |
Two of the five entities recorded significantly higher unplanned maintenance expenditure. Planned maintenance expenditure for these entities was lower than other entities. |
The entities plan to address this by performing condition audits of their assets, increasing planned maintenance and replacing assets. |
All five of the entities were using assets that have been fully depreciated. The replacement cost of each entities' fully depreciated assets represented between 3–7 per cent total replacement cost. | While entities are now regularly reassessing the useful lives of their assets, they continue to use some assets that were fully depreciated prior to the implementation of these processes. |
Actions for Central Agencies 2018
Central Agencies 2018
The Auditor-General for New South Wales, Margaret Crawford, released her report today on the results of the financial audits of NSW Government central agencies. The report focuses on key observations and findings from the most recent financial statement audits of agencies in the Treasury, Premier and Cabinet, and Finance, Services and Innovation clusters. While clear audit opinions were issued on all agency financial statements, the report notes that some complex accounting requirements caused significant errors in agency financial statements submitted for audit, which were corrected before the financial statements were approved.
This report analyses the results of our audits of the Treasury, Premier and Cabinet and Finance, Services and Innovation cluster agencies for the year ended 30 June 2018. The table below summarises our key observations.
This report provides parliament and other users of the NSW Government's central agencies and their cluster agencies financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations
- liquidity risk management
- government financial services.
The central agencies and their key responsibilities are set out below.
Central agencies | Key central agency responsibilities | Cluster responsibilities |
The Treasury |
|
The cluster:
|
Department of Premier and Cabinet |
|
The cluster:
|
Department of Finance, Services and Innovation |
|
The cluster:
|
Public Service Commission |
|
|
A full list of agencies that this report covers by relevant cluster is included in Appendix three.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Treasury, Premier and Cabinet and Finance, Services and Innovation clusters for 2018.
Observation | Conclusions and recommendations |
2.1 Quality of financial reporting | |
Unqualified opinions were issued for all agencies' financial statements submitted to the Audit Office. Complex accounting requirements caused significant errors in some agency financial statements, which were corrected before the financial statements were approved. |
Sufficient audit evidence was obtained to conclude the financial statements were free of material misstatement. Recommendation: Agencies should respond to key accounting issues when they are identified by preparing accounting papers and engaging with Treasury, the Audit Office and their Audit and Risk Committee when these matters are identified. |
2.2 Timeliness of financial reporting | |
Most agencies complied with the statutory timeframe for completion of early close procedures, 48 agencies in the Treasury cluster did not comply with the statutory requirement to prepare financial statements, and the audits of nine agencies in the Treasury cluster were not completed within the statutory timeframe. All financial statement information of the 48 agencies that did not prepare financial statements has been captured in the consolidated financial statements of their parent entity, which was subject to audit. |
Early close procedures allow financial reporting issues and risks to be addressed early in the audit process. The timeliness of financial reporting can be improved by performing more robust early close procedures. |
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our observations and insights from:
- our financial statement audits of agencies in the Treasury, Premier and Cabinet and Finance, Services and Innovation cluster for 2018
- the areas of focus identified in the Audit Office work program.
The Audit Office work program provides a summary of all audits to be conducted within the proposed time period as well as detailed information on the areas of focus for each of the NSW Government clusters.
Observation | Conclusions and recommendations |
3.1 Internal controls | |
The 2017–18 audits found one high risk issue and 83 moderate risk issues across the agencies. Nineteen per cent of all issues were repeat issues. | Agencies should focus on rectifying repeat issues. |
The high risk issue at Service NSW related to several deficiencies in procurement and contract management processes. | Service NSW may not be achieving value-for-money from their procurement and contract management activities. The high risk issue should be rectified as a matter of priority. This includes updating and implementing its procurement, vendor and contract management frameworks and delivering training to key staff involved in procurement and contract management activities. |
Property NSW has implemented several controls during the year to rectify the high risk issue identified last year related to its transition to a new property and facility management service provider. However, the service providers performance remains below expectations and there are further opportunities to improve oversight and lift performance. | Property NSW can better define roles and accountabilities with the service provider and formalise policies and processes associated with its monitoring and oversight of the service provider. Implementing relevant KPIs, receiving timely reports and providing timely review and feedback to the service provider may help to lift performance. |
GovConnect received unqualified opinions from their service auditor on all business process controls, except for information technology controls provided by Unisys, where a qualified opinion was received from the service auditor. A qualified opinion was received because of several deficiencies in user access controls. | These internal control deficiencies increase the risk of unauthorised access to key business systems, and increase audit effort and costs associated with addressing the risks arising from the deficiencies. |
3.2 Audit Office annual work program | |
Remediation of the Barangaroo site is now estimated to cost the Barangaroo Delivery Authority in excess of net $400 million. |
Measuring the remaining costs to remediate requires the use of estimation techniques and judgements, making the actual outcome inherently uncertain. We reviewed evidence to support the provision for remediation, including future costs estimates and this evidence supported management’s estimate. |
The State Insurance Regulatory Authority have administered the refund of $138 million in Green slip refunds to policy holders through Service NSW during 2017–18. At 30 June 2018, $112 million in refunds are yet to be claimed. We reviewed the systems and processes supporting the refund process. While we found that this supports the disbursement of refunds to policyholders there were some deficiencies in Service NSW’s project controls when the program was being developed. |
Service NSW should apply the lessons learnt from this program to other programs it is delivering or will be delivering for agencies. |
Revenue NSW recorded $30.4 billion from taxes, fines and fees in 2017–18 ($30.0 billion in 2016–17) to support the State’s finances. |
Crown revenue has steadily increased over the last five years predominately driven by rises in payroll tax and land tax and responsibility for collection of the Emergency Services Levy transferring to Revenue NSW under the Emergency Services Levy Act 2017 effective from July 2017. |
3.3 Managing maintenance | |
Place Management NSW manages significant commercial and retail leases and maintains public domain spaces and other assets around the harbour foreshore. It has consistently underspent its asset maintenance budget. In 2017–18, asset maintenance expenses were only 34 per cent of budgeted maintenance expense. Currently, Place Management NSW does not use any ratios or benchmarks to determine the adequacy of its maintenance spend or to monitor whether it is achieving its budgeted maintenance program. |
This may be contributing to a high proportion of unplanned maintenance, which Place Management NSW reports was 38 per cent of total maintenance expense in 2017–18. Place Management NSW is outsourcing its property and facilities management function from 1 December 2018 to an external service provider. |
This chapter outlines our audit observations, conclusions and recommendations specific to NSW Government agencies providing financial services.
Observation | Conclusions and recommendation |
5.1 Superannuation funds | |
The SAS Trustee Corporation (STC) Pooled Fund and the Parliamentary Contributory Superannuation (PCS) Fund are not required to comply with the prudential and reporting standards issued by the Australian Prudential Regulation Authority (APRA). However, legislation allows the responsible Minister to prescribe prudential standards, reporting and audit requirements. |
Structured and comprehensive prudential oversight of these Funds is important as they operate in a volatile financial sector, have 103,000 members and manage investments of $43.3 billion. Recommendation: Treasury should consult with the Trustees of the STC Pooled Fund and PCS Fund to prescribe appropriate prudential standards and requirements, including oversight arrangements. |
5.2 Insurance and compensation | |
Nominal Insurer and NSW Self Insurance Corporation investment performance marginally exceeded benchmark over the past five years. | Investment returns can impact on the premiums required to maintain an adequate funding ratio in addition to other factors such as claims experience and discount rates. |
The Workers Compensation Nominal Insurer (Nominal Insurer) and NSW Self Insurance Corporation's net collected premiums and contributions decreased over the past five years. | The insurance schemes' investment performance and stable claim payments have enabled less reliance on net collected premiums and contributions as a source of funding, over the past five years. |
Reforms were introduced to manage the Home Warranty Scheme's financial sustainability risks. | The Home Warranty Scheme has not collected sufficient premiums to fund expected claims costs, since commencing operations in 2011. In 2017–18, the Crown contributed $181 million for historical shortfalls. New reforms started on 1 January 2018 enabling the Scheme to price premiums based on risk. |
Actions for Justice 2018
Justice 2018
The Auditor-General, Margaret Crawford released her report today on NSW Justice cluster agencies. The report focuses on key observations and findings from the most recent financial audits of law and order and emergency services agencies. We are pleased to report that unqualified audit opinions were issued for all Justice agencies’ financial statements.
This report analyses the results of the financial statement audits of the Justice cluster for the year ended 30 June 2018. The table below summarises our key observations.
This report provides parliament and other users of the Justice cluster agencies' financial statements with the results of our audits, including our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations
- service delivery.
The Justice cluster delivers legal, law enforcement and emergency services across the state and plays the lead role in commemorating the legacy of servicemen and women.
The commentary in this report covers the following cluster agencies.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making is enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations, conclusions and recommendations related to the financial reporting of agencies in the Justice cluster for 2018.
Observation | Conclusions and recommendations |
2.1 Quality of financial reporting | |
Unqualified audit opinions were issued for all agencies' 30 June 2018 financial statements. | Unqualified audit opinions were issued for all agencies' 30 June 2018 financial statements. However, further actions can be taken by some cluster agencies to enhance quality financial reporting. |
2.2 Timeliness of financial reporting | |
Mandatory early close procedures were largely completed and all financial statements were submitted and audited within statutory timeframes. | Early close procedures continue to facilitate the timely preparation of financial statements and completion of audits. Agencies can improve the effectiveness of early close procedures by completing revaluations earlier. |
2.3 Death and disability schemes | |
The cost of the NSW Police Blue Ribbon Insurance Scheme decreased to 5.3 per cent of total NSW Police Officers’ remuneration in 2017–18, but remains above the statutory target of 4.6 per cent. | Recommendation: NSW Police should estimate the cost of its Blue Ribbon Insurance Scheme for future years, to understand when the statutory target of 4.6 per cent of total NSW Police Officers’ remuneration, will be met. |
The Fire and Rescue NSW Death and Disability Scheme liability has doubled over the past six years. | The Scheme’s liability was $184 million at 30 June 2018, double the $92 million recorded at 30 June 2013. Fire and Rescue NSW projections show the liability could increase to $257 million by 30 June 2022. |
2.5 Financial sustainability | |
Funding in the criminal and civil justice system is determined in advance through the annual appropriation process. This does not always reflect required expenditure, which is driven by the level of activity. | Various agencies from across the cluster in conjunction with NSW Treasury have commenced work on a new demand funding model for the criminal and civil justice systems. |
2.6 Human resources | |
More than a third of Justice cluster employees continue to have annual leave balances above the state's target. Almost 4,700 employees took little or no annual leave during 2017–18 compared to 4,394 in the prior year. |
Recommendation (repeat issue):
Focus should be given to employees who have taken little or no leave in the last 12 months. |
2.7 Workplace Health and Safety | |
Lost hours due to workplace injuries in NSW Police continue to increase. | NSW Police data shows frontline staff recorded average workplace injury leave of 71.3 hours per full time employee in 2017–18, an increase of 17.6 hours over the last four years. NSW Police attribute the rising injury leave to an ageing workforce. |
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our observations and insights from:
- our financial statement audits of agencies in the Justice cluster for 2018
- the areas of focus identified in the Audit Office annual work program.
The Audit Office annual work program provides a summary of all audits to be conducted within the proposed time period as well as detailed information on the areas of focus for each of the NSW Government clusters.
Observation | Conclusions and recommendations |
3.1 Internal controls and governance | |
The number of internal controls or governance related issues reported increased to 116 (94 in 2016–17). One in three were repeat issues. |
Delays in implementing audit recommendations can prolong the risk of fraud and error. Recommendation: Audit Office management letter recommendations to address internal control and governance weaknesses should be actioned promptly, with a focus on addressing repeat issues.. |
3.2 Audit Office annual work program | |
The Department continues to resolve IT, payroll and general finance related issues resulting from the implementation of the interrelated Justice SAP and Business Support Centre projects in 2016–17. | During the year, the Department continued to make progress in stabilising its internal control environment, however more effort is required to ensure controls are operating as intended. Internal control issues continue to collectively pose a high risk to the Department’s overall control environment. However, individually they are rated as low or moderate risk. The Department provides financial, human resources and IT services to other independently governed agencies within the cluster. The internal control environment at these agencies is similarly impacted by the Department's Justice SAP and BSC issues. |
The Department received an exemption from NSW Treasury from completing its asset revaluation as part of early close. The revaluation results were not robustly reviewed before their inclusion in the financial statements. |
While all revaluation matters were resolved and corrected, completing the revaluation process earlier would enable more timely review, identification and resolution of matters. Recommendation: Revaluations should be performed early and completed by the early close procedures deadline. The Department should quality review the revaluation results before including them in the financial statements. |
Capital projects at the Department and NSW Police were underspent against their budgets. | The Department spent $671 million on capital projects in 2017–18, which was $905 million or 57.4 per cent less than budget. Similarly, NSW Police spent $69.0 million or 28.3 per cent less than planned on capital projects. Eleven projects experienced delays in completion ranging from one to six years. |
3.3 Managing maintenance | |
Total backlog maintenance in the Justice cluster is unknown because some agencies assess backlog maintenance, while others do not. | When the backlog maintenance is unknown it is difficult for agencies to develop an accurate and effective maintenance plan that focuses on areas of highest need. It also means agencies' maintenance plans are reactive rather than preventative. Recommendation: Cluster agencies should complete a condition based assessment of their assets to identify any maintenance backlog. This will help the cluster provide more reliable and consistent information on assets and their condition. |
Justice cluster agencies we reviewed do not benchmark the adequacy of their maintenance spend. |
Recommendation: Cluster agencies should consider establishing benchmarks to help assess the adequacy of their maintenance spend. |
Government outcomes can be achieved through effective delivery of the right mix of services, whether from the public, private or not for profit sectors. Service delivery reform will be most successful if there is clear accountability for service delivery outcomes, decisions are aligned to strategic direction and performance is monitored and evaluated.
The Justice cluster is an integrated cluster with key service delivery inter-dependencies. Achieving state priorities and ensuring communities are safe requires both upstream and downstream agencies to be appropriately resourced. This is a delicate balance. Increases in frontline policing can subsequently impact the court system as more offences are identified. More convictions can in turn increase prison overcrowding and limit the opportunities for inmate rehabilitation.
Failure to successfully rehabilitate prisoners and prevent reoffending could impact future police resourcing.
This chapter outlines certain service delivery outcomes for 2017–18. The data on activity levels and performance is provided by Cluster agencies. The Audit Office does not have a specific mandate to audit performance information. Accordingly, the information in this chapter is unaudited.
We report this information on service delivery to provide additional context to understand the operations of the Justice cluster and to collate and present service information on law and order and emergency services agencies in one report.
In our recent performance audit, Progress and measurement of the Premier's Priorities, we identified 12 limitations of performance measurement and performance data. We recommended the Department of Premier and Cabinet ensure that processes to check and verify data are in place for all agency data sources.
Actions for Internal Controls and Governance 2018
Internal Controls and Governance 2018
The Auditor-General for New South Wales Margaret Crawford found that as NSW state government agencies’ digital footprint increases they need to do more to address new and emerging information technology (IT) risks. This is one of the key findings to emerge from the second stand-alone report on internal controls and governance of the 40 largest NSW state government agencies.
This report analyses the internal controls and governance of the 40 largest agencies in the NSW public sector for the year ended 30 June 2018.
This report covers the findings and recommendations from our 2017–18 financial audits that relate to internal controls and governance at the 40 largest agencies (refer to Appendix three) in the NSW public sector.
This report offers insights into internal controls and governance in the NSW public sector
This is our second report dedicated to internal controls and governance at NSW State Government agencies. The report provides insights into the effectiveness of controls and governance processes in the NSW public sector by:
- highlighting the potential risks posed by weaknesses in controls and governance processes
- helping agencies benchmark the adequacy of their processes against their peers
- focusing on new and emerging risks, and the internal controls and governance processes that might address those risks.
Without strong governance systems and internal controls, agencies increase the risks associated with effectively managing their finances and delivering services to citizens. The way agencies deliver services increasingly relies on contracts and partnerships with the private sector. Many of these arrangements deliver front line services, but others provide less visible back office support. For example, an agency may rely on an IT service provider to manage a key system used to provide services to the community. The contract and service level agreements are only truly effective where they are actively managed to reduce risks to continuous quality service delivery, such as interruptions caused by system outages, cyber security attacks and data security breaches.
Our audits do not review all aspects of internal controls and governance every year. We select a range of measures, and report on those that present heightened risks for agencies to mitigate. This report divides these into the following five areas:
- Internal control trends
- Information technology (IT), including IT vendor management
- Transparency and performance reporting
- Management of purchasing cards and taxis
- Fraud and corruption control.
The findings in this report should not be used to draw conclusions on the effectiveness of individual agency control environments and governance arrangements. Specific financial reporting, controls and service delivery comments are included in the individual 2018 cluster financial audit reports, which will be tabled in Parliament from November to December 2018.
The focus of the report has changed since last year
Last year's report topics included asset management, ethics and conduct, and risk management. We are reporting on new topics this year. We plan to introduce new topics and re-visit our previous topics in subsequent reports on a cyclical basis. This will provide a baseline against which to measure the NSW public sectors’ progress in implementing appropriate internal controls and governance processes to mitigate existing, new and emerging risks in the public sector.
Agencies selected for the volume account for 95 per cent of the state's expenditure
While we have covered only 40 agencies in this report, those selected are a large enough group to identify common issues and insights. They represent about 95 per cent of total expenditure for all NSW public sector agencies.
Internal controls are processes, policies and procedures that help agencies to:
- operate effectively and efficiently
- produce reliable financial reports
- comply with laws and regulations
- support ethical government.
This chapter outlines the overall trends for agency controls and governance issues, including the number of findings, level of risk and the most common deficiencies we found across agencies. The rest of this volume presents this year’s controls and governance findings in more detail.
Observation | Conclusions and recommendations |
---|---|
2.1 High risk findings | |
We found six high risk findings (seven in 2016–17), one of which was repeated from both last year and 2015–16. | Recommendation: Agencies should reduce risk by addressing high risk internal control deficiencies as a priority. |
2.2 Common findings | |
We found several internal controls and governance findings common to multiple agencies. | Conclusion: Central agencies or the lead agency in a cluster can play a lead role in helping ensure agency responses to common findings are consistent, timely, efficient and effective. |
2.3 New and repeat findings | |
Although internal control deficiencies decreased over the last four years, this year has seen a 42 per cent increase in internal control deficiencies. | The increase in new IT control deficiencies and repeat IT control deficiencies signifies an emerging risk for agencies. |
IT control deficiencies feature in this increase, having risen by 63 per cent since last year. The number of repeat IT control deficiencies has doubled and is driven by the increasing digital footprint left by agencies as government prioritises on-line interfaces with citizens, and the number of transactions conducted through digital channels increases |
Recommendation: Agencies should reduce IT risks by:
|
Government agencies’ financial reporting is now heavily reliant on information technology (IT). IT is also increasingly important to the delivery of agency services. These systems often provide the data to help monitor the efficiency and effectiveness of agency processes and services they deliver. Our audits reviewed whether agencies have effective controls in place to manage both key financial systems and IT service contracts.
Observation | Conclusions and recommendations |
---|---|
3.1 Management of IT vendors | |
Contract management framework Although 87 per cent of agencies have a contract management policy to manage IT vendors, one fifth require review. |
Conclusion: Agencies can more effectively manage IT vendor contracts by developing policies and procedures to ensure vendor management frameworks are kept up to date, plans are in place to manage vendor performance and risk, and compliance with the framework is monitored by:
|
Contract risk management Forty-one per cent of agencies are not using contract management plans and do not assess contract risks. Half of the agencies that did assess contract risks, had not updated the risk assessments since the commencement of the contract. |
Conclusion: Instead of applying a 'set and forget' approach in relation to management of contract risks, agencies should assess risk regularly and develop a plan to actively manage identified risks throughout the contract lifecycle - from negotiation and commencement, to termination. |
Performance management Only 24 per cent of agencies sought assurance about the accuracy of vendor reporting against KPIs, yet sixty-seven per cent of the IT contracts allow agencies to determine performance based payments and/or penalise underperformance. |
Conclusion: Agencies are monitoring IT vendor performance, but could improve outcomes and more effectively manage under-performance by:
|
Transitioning services Where IT vendor contracts do make provision for transitioning-out, only 28 per cent of agencies have developed a transitioning-out plan with their IT vendor. |
Conclusion: Contract transition/phase out clauses and plans can mitigate risks to service disruption, ensure internal controls remain in place, avoid unnecessary costs and reduce the risk of 'vendor lock-in'. |
Contract Registers Eleven out of forty agencies did not have a contract register, or have registers that are not accurate and/or complete. |
Conclusion: A contract register helps to manage an agency’s compliance obligations under the Government Information (Public Access) Act 2009 (the GIPA Act). However, it also helps agencies more effectively manage IT vendors by:
Recommendation: Agencies should ensure their contract registers are complete and accurate so they can more effectively govern contracts and manage compliance obligations. |
3.2 IT general controls | |
Governance Ninety-five per cent of agencies have established policies to manage key IT processes and functions within the agency, with ten per cent of those due for review. |
Conclusion: Regular review of IT policies ensures risks are considered and appropriate strategies and procedures are implemented to manage these risks on a consistent basis. An absence of policies can lead to ad-hoc responses to risks, and failure to consider emerging IT risks and changes to agency IT environments. |
User access administration
|
Recommendation: Agencies should strengthen the administration of user access to prevent inappropriate access to key systems. |
Privileged access Forty per cent of agencies do not periodically review logs of the activities of privileged users to identify suspicious or unauthorised activities. |
Recommendation: Agencies should:
|
Password controls Twenty-three per cent of agencies did not comply with their own policy on password parameters. |
Recommendation: Agencies should ensure IT password settings comply with their password policies. |
Program changes Fifteen per cent of agencies had deficient IT program change controls mainly related to segregation of duties and authorisation and testing of IT program changes prior to deployment. |
Recommendation: Agencies should maintain appropriate segregation of duties in their IT functions and test system changes before they are deployed. |
This chapter outlines our audit observations, conclusions and recommendations from our review of how agencies reported their performance in their 2016–17 annual reports. The Annual Reports (Statutory Bodies) Regulation 2015 and Annual Reports (Departments) Regulation 2015 (annual reports regulation) currently prescribes the minimum requirements for agency annual reports.
Observation | Conclusion or recommendation |
4.1 Reporting on performance | |
Only 57 per cent of agencies linked reporting on performance to their strategic objectives. The use of targets and reporting performance over time was limited and applied inconsistently. |
Conclusion: There is significant disparity in the quality and consistency of how agencies report on their performance in their annual reports. This limits the reliability and transparency of reported performance information. Agencies could improve performance reporting by clearly linking strategic objectives to reported outcomes, and reporting on performance against targets over time. NSW Treasury may need to provide more guidance to agencies to support consistent and high-quality performance reporting in annual reports. |
There is no independent assurance that the performance metrics agencies report in their annual reports are accurate. Prior performance audits have noted issues related to the collection of performance information. For example, our 2016 Report on Red Tape Reduction highlighted inaccuracies in how the dollar-value of red tape reduction had been reported. |
Conclusion: The ability of Parliament and the public to rely on reported information as a relevant and accurate reflection of an agency's performance is limited. The relevance and accuracy of performance information is enhanced when:
|
4.2 Reporting on reports | |
Agency reporting on major projects does not meet the requirements of the annual reports regulation. Forty-seven per cent of agencies did not report on costs to date and estimated completion dates for major works in progress. Of the 47 per cent of agencies that reported on major works, only one agency reported detail about significant cost overruns, delays, amendments, deferments or cancellations. |
NSW Treasury produce an annual report checklist to help agencies comply with their annual report obligations. Recommendation: Agencies should comply with the annual reports regulation and report on all mandatory fields, including significant cost overruns and delays, for their major works in progress. |
The information the annual reports regulation requires agencies to report deals only with major works in progress. There is no requirement to report on completed works. Sixteen of 30 agencies reported some information on completed major works. |
Conclusion: Agencies could improve their transparency if they reported, or were required to report:
|
This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency preventative and detective controls over purchasing card and taxi use for 2017–18.
Observation | Conclusion or recommendation |
5.1 Management of purchasing cards | |
Volume of credit card spend Purchasing card expenditure has increased by 76 per cent over the last four years in response to a government review into the cost savings possible from using purchasing cards for low value, high volume procurement. |
Conclusion: The increasing use of purchasing cards highlights the importance of an effective framework for the use and management of purchasing cards. |
Policy framework We found all agencies that held purchasing cards had a policy in place, but 26 per cent of agencies have not reviewed their purchasing card policy by the scheduled date, or do not have a scheduled revision date stated within their policy. |
Recommendation: Agencies should mitigate the risks associated with increased purchasing card use by ensuring policies and purchasing card frameworks remain current and compliant with the core requirements of TPP 17–09 'Use and Management of NSW Government Purchasing Cards'. |
Preventative controls We found that:
|
Agencies have designed and implemented preventative controls aimed at deterring the potential misuse of purchasing cards. Conclusion: Further opportunities exist for agencies to better control the use of purchasing cards, such as:
|
Detective controls Major reviews, such as data analytics (29 per cent of agencies) and independent spot checks (49 per cent of agencies) are not widely used. |
Agencies have designed and implemented detective controls aimed at identifying potential misuse of purchasing cards. Conclusion: More effective monitoring using purchasing card data can provide better visibility over spending activity and can be used to:
|
5.2 Management of taxis | |
Policy framework Thirteen per cent of agencies have not developed and implemented a policy to manage taxi use. In addition:
|
Conclusion: Agencies can promote savings and provide more options to staff where their taxi use policies:
|
Detective controls All agencies approve taxi expenditure by expense reimbursement, purchasing card and Cabcharge, and have implemented controls around this approval process. However, beyond this there is minimal monitoring and review activity, such as data monitoring, independent spot checks or internal audit reviews. |
Conclusion: Taxi spend at agencies is not significant in terms of its dollar value, but it is significant from a probity perspective. Agencies can better address the probity risk by incorporating taxi use into a broader purchasing card or fraud monitoring program. |
Fraud and corruption control is one of the 17 key elements of our governance lighthouse. Recent reports from ICAC into state agencies and local government councils highlight the need for effective fraud control and ethical frameworks. Effective frameworks can help protect an agency from events that risk serious reputational damage and financial loss.
Our 2016 Fraud Survey found the NSW Government agencies we surveyed reported 1,077 frauds over the three year period to 30 June 2015. For those frauds where an estimate of losses was made, the reported value exceeded $10.0 million. The report also highlighted that the full extent of fraud in the NSW public sector could be higher than reported because:
- unreported frauds in organisations can be almost three times the number of reported frauds
- our 2015 survey did not include all NSW public sector agencies, nor did it include any NSW universities or local councils
- fraud committed by citizens such as fare evasion and fraudulent state tax self-assessments was not within the scope of our 2015 survey
- agencies did not estimate a value for 599 of the 1,077 (56 per cent) reported frauds.
Commissioning and outsourcing of services to the private sector and the advancement of digital technology are changing the fraud and corruption risks agencies face. Fraud risk assessments should be updated regularly and in particular where there are changes in agency business models. NSW Treasury Circular TC18-02 NSW Fraud and Corruption Control Policy now requires agencies develop, implement and maintain a fraud and corruption control framework, effective from 1 July 2018.
Our Fraud Control Improvement Kit provides guidance and practical advice to help organisations implement an effective fraud control framework. The kit is divided into ten attributes. Three key attributes have been assessed below; prevention, detection and notification systems.
This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency fraud and corruption controls for 2017–18.
Observation | Conclusion or recommendation |
6.1 Prevention systems | |
Prevention systems Only 54 per cent of agencies have an employment screening policy and all agencies have IT security policies, but gaps in IT security controls could undermine their policies. |
Conclusion: Most agencies have implemented fraud prevention systems to reduce the risk of fraud. However poor IT security along with other gaps in agency prevention systems, such as employment screening practices heightens the risk of fraud and inappropriate use of data. Agencies can improve their fraud prevention systems by:
|
Twenty-three per cent of agencies were not performing fraud risk assessments and some agency fraud risk assessments may not be as robust as they could be. | Conclusion: Agencies' systems of internal controls may be less effective where new and emerging fraud risks have been overlooked, or known weaknesses have not been rectified. |
6.2 Detection systems | |
Detection systems Several agencies reported they were developing a data monitoring program, but only 38 per cent of agencies had already implemented a program. |
Studies have shown data monitoring, whereby entire populations of transactional data are analysed for indicators of fraudulent activity, is one of the most effective methods of early detection. Early detection decreases the duration a fraud remains undetected thereby limiting the extent of losses. Conclusion: Data monitoring is an effective tool for early detection of fraud and is more effective when informed by a comprehensive fraud risk assessment. |
6.3 Notification systems | |
Notification system All agencies have notification systems for reporting actual or suspected fraud and corruption. Most agencies provide multiple reporting lines, provide training and publicise options for staff to report actual or suspected fraud and corruption. |
Conclusion: Training staff about their obligations and the use of fraud notification systems promotes a fraud-aware culture |
Actions for State Finances 2018
State Finances 2018
Pursuant to the Public Finance and Audit Act 1983, I present my Report on State Finances 2018.
I am pleased to once again report that I issued a clear audit opinion on the State’s consolidated financial statements. This demonstrates the Government’s focus on preparing high quality information on the State’s financial position and performance for use by stakeholders.
However, there are two key areas I would like to see addressed to further support the preparation of the State’s financial statements.
Firstly, some complex accounting matters are not being resolved until late in the financial reporting cycle. This has contributed to an increase in the number of errors in the financial statements key agencies are submitting for audit, particularly around assessing the value of physical assets. Better planning and earlier resolution of these matters would lead to more efficient processes.
Secondly, the State needs to implement five new accounting standards over the next two years. Agencies will need to devote significant resources and effort to collect the necessary information and assess the impact at the whole of government level. I will work with Treasury and relevant agencies to help them improve quality assurance controls over their financial reporting.
Throughout 2017-18 my office worked with Treasury on reforms to improve financial governance, budgeting and reporting arrangements across the sector.
The Government Sector Finance Bill 2018 passed both houses of Parliament in June 2018. However, the Legislative Council returned other proposed changes to the Public Finance and Audit Act 1983 to the Legislative Assembly for further consideration. Most of these changes relate to the Public Accounts Committee. At the time of writing, the cognate Bill had not been debated.
The budget result was a $4.2 billion surplus. The consolidated financial statements at 30 June 2018 do not reflect the sale of 51 per cent of the State’s investment in Sydney Motorway Corporation for which it received $9.3 billion. The sale was announced on 31 August 2018.
Finally, I would like to thank the staff of Treasury for the way they approached the audit. Our partnership is critical to ensuring the quality of financial management and reporting.
Margaret Crawford
Auditor-General
19 October 2018
The State's financial statements given a clear audit opinion
Timely and accurate financial reporting enables informed decision making, effective management of public funds and enhances public accountability.
Since the introduction of mandatory ‘early close procedures’ in 2011-12, the number of significant errors in financial statements of agencies had fallen largely due to identifying and resolving complex accounting issues early.
In 2016-17, Treasury narrowed the scope of mandatory procedures to focus on physical asset valuations and pro-forma financial statements. Despite being broadened for 2017-18, we have observed an increase in the number of errors in agency financial statements.
In 2017-18, twenty-three errors exceeding $20 million were found in agencies’ financial statements that make up the State’s consolidated financial statements. This compares to only five in 2015-16.
The errors identified this year were the result of:
- incorrectly applying Australian Accounting Standards
- deficiencies in assessing the value of physical assets
- using inappropriate and inaccurate assumptions when measuring liabilities
- inaccurately reflecting inter-agency payables and receivables.
Quality financial reporting would be enhanced by responding to key accounting issues as soon as they are identified, and preparing accounting position papers for consideration by Treasury, agency Audit and Risk Committees and the Audit Office.
Key accounting matters addressed by the State in 2017-18.
Restatement of some of the State’s previously reported asset and liability values.
The state corrected the previously reported values of some long-term liabilities ($2 billion).
Accounting standards require the State to measure its long-term liabilities at the best estimate of the expenditures required to settle the obligations. The affected liabilities include claims liabilities of the Lifetime Care and Support Authority of NSW and the NSW Self Insurance Corporation, and scheme liabilities of the Long Service Corporation. The liabilities are adjusted by what is referred to as the ‘discount rate’ to reflect the decreasing value of money over time.
In the past, agencies used a variety of rates to discount these liabilities. Some liabilities were discounted using the estimated long-term fair value of 10-year TCorp bond yields while others were discounted using the expected
return on investments. These discount rates did not comply with the requirements of Australian Accounting Standards and underestimated liabilities by $2.0 billion.
In 2017-18, the State assessed the discount rates previously used in the Sector. It determined the market yield on Commonwealth Bonds best met the Accounting Standard requirements and used this rate to discount similar liabilities in relevant agencies. This resulted in a $2.0 billion increase in the previously reported values of these liabilities and a similar decrease in retained earnings at 1 July 2016.
The State corrected previously reported values of certain Library assets ($1.1 billion).The value of the Pictorial Collection of the Library Council of NSW (the Library) was reassessed at 31 January 2018. During the valuation process the Library identified three errors in the 2015 valuations which overstated the previously reported asset values. The errors included:
This resulted in a $1.1 billion decrease in previously reported asset values and a corresponding decrease in the asset revaluation reserve at 1 July 2016. |
Information system limitations continue at TAFE NSW.TAFE NSW has experienced ongoing issues with its student administration system.TAFE NSW has again implemented additional processes to verify the accuracy and completeness of revenue from student fees. TAFE NSW expects to spend up to $89 million on a new information system to address these issues. Modules of the new student enrolment system are planned to be in place by May 2019 |
Risks to the quality and timeliness of financial reporting.
Challenges associated with valuing the State's physical assets.
When we audit financial statements we focus on areas we consider higher risk. These areas often require the use of estimates and judgements.
The valuation of the State’s physical assets is one such area. Fair value estimates are inherently complex and sensitive to assumptions and judgements. In the public sector, this may be exacerbated by the unique nature of its assets, such as land under roads, preserved plant specimens, cultural collections and other heritage assets.
In 2017-18, valuations of physical assets added $24.5 billion to the value of the State’s balance sheet. These assets are now valued at $339.2 billion. Our audits of these valuations identified:
The Library Council of NSW had three errors in the methodology previously used to value their pictorial assets ($1.1 billion error). |
The Royal Botanic Gardens and Domain Trust did not previously recognise a value for their Herbarium assets ($284 million error). |
Some revaluations within the Ministry of Health did not meet the requirements of Australian Accounting Standards or Treasury requirements ($159 million error). |
The Department of Justice used an incorrect valuation
|
Some important matters agencies should consider when planning/conducting asset valuations include:
STARTING OUT
- Planning is important
- Most effective revaluations include early engagement with all stakeholders, including auditors.
- Determine who needs to be involved and advised of progress with the revaluation – e.g. finance, internal audit, audit and risk committee.
- Ensure asset registers are complete and there is evidence to demonstrate the agency controls the assets.
- The effective date of the valuation can be any date after the financial year commences, but well before year end.
MANAGEMENT'S ROLE
- For large mass valuations consider using a suitable project management methodology to ensure the process remains ‘on track’ with sufficient oversight.
- Consider engaging an expert to perform the valuation, but maintain responsibility for the outcomes. Ensure the outcomes are reasonable and quality review the results, including the appropriateness of inputs and key assumptions.
- Compare pre and post valuation results on an individual asset basis. Where changes are significant and/or unexpected, document explanations from the valuer.
- Start revaluations early so they are completed by early close (around March). The timetable must allow time for a quality review of results and for the results to be recorded in the financial records.
- Revaluation workpapers must include the revaluation source data provided to the valuer and a reconciliation of the source data to the general ledger.
USING EXPERTS
- The terms of engagement should be documented in an engagement letter, which clearly details the proposed valuation methodology. It’s important the valuer knows what is required from a policy perspective and clearly understands the accounting framework used to prepare the financial statements.
- Valuation reports should detail the key assumptions used, explain why the valuation approach was adopted and how the use of relevant observable input was maximised.
- Valuation reports should clearly differentiate between assets revalued using a cost approach and those using an income or market approach. They should explain why the approach used was the most relevant for the asset type.
- Consider using representative/statistical sampling for mass valuations and determine the extent of physical inspections that may be required.
- If a sampling technique is used, it should provide sufficient confidence that the sample is representative of the population.
- Significant judgements should be supported by relevant benchmark data or other analysis and observations. A common example in the public sector is to discount asset values to reflect restrictions on use.
- Ensure the valuer has considered the age and condition of the assets, and heritage/cultural aspects and/or other special factors.
WHAT ABOUT INTERVENING YEARS?
- Perform revaluations with sufficient regularity to ensure asset carrying values in the financial statements reflect fair value.
- Indexation alone is not normally a substitute for a full revaluation. A full revaluation may be needed to accurately establish fair values if asset values move significantly when indices are applied to them.
- Where indexation is used between full revaluations, the indices should be appropriate for the type of asset being assessed.
- Indexing can be unreliable in assessing whether the fair value of assets has moved over time. For example, some assets are valued based on re- collection cost estimates, which may fall over time due to improved re-collection methods and technology.
COMMUNICATION
- For mass or complex valuations, key stakeholders, including auditors, should be involved at the scoping stage and invited to planning meetings with valuers.
- Management should meet with the auditors regularly to discuss progress and outcomes.
- When issues are identified, management should consult with and seek advice from Treasury.
The state will need to implement five new accounting standards over the next two years.
The State has started developing processes it considers necessary to effectively implement the requirements of five new accounting standards. The changes are significant and will impact the financial position and results of agencies and the State.
The new requirements increase the risk of errors in the financial statements. To minimise this risk, agencies will need to devote resources and effort to collect the necessary information and assess the impact of the accounting changes at the whole of government level.
Treasury is liaising with and obtaining information from agencies to assess the impact of the new standards at the whole of government level. Treasury is also liaising with other Treasuries throughout Australia on common implementation issues. To help agencies implement the new standards, Treasury is developing guidance, preparing position papers on proposed accounting treatments, and mandating options within the new standards that agencies need to adopt on transition.
A $4.2 billion surplus, $1.5 billion more than was budgeted
The Total State Sector comprises 304 entities controlled by NSW Government
The General Government Sector, which comprises 212 entities, generally provides goods and services funded centrally by the State.
The non-General Government Sector, which comprises 92 Government businesses, generally provides goods and services, such as water, electricity and financial services that consumers pay for directly.
A principal measure of a Government’s overall performance is its Net Operating Balance (Budget Result). This is the difference between the cost of General Government service delivery and the revenue earned to fund these sectors.
WHAT CHANGED FROM 2017 TO 2018?
$4.2b |
2017-18 General Government Budget Result |
Changes in revenues compared to 2016-17
Dividends and distributions
|
Due to:
|
||
2016-2017 | Change | 2017-2018 | |
2.4b |
+1.3b |
3.7b |
Taxation
|
Due to:
|
||
2016-2017 | Change | 2017-2018 | |
30.8b |
+537m |
31.3b |
Grants & Subsidies
|
Due to:
|
||
2016-2017 | Change | 2017-2018 | |
31.4b |
+509m |
31.9b |
Sale of Goods and services
|
Includes:
|
||
2016-2017 | Change | 2017-2018 | |
8.2b |
+349m |
8.5b |
5.5b |
-185m |
5.3b |
Other revenues |
Changes to expenses compared to 2016-17
Recurrent Grants & Subsidies
|
Due to:
|
||
2016-2017 | Change | 2017-2018 | |
12.6b |
+1.3b |
13.9b |
Employee costs
|
Due to:
|
||
2016-2017 | Change | 2017-2018 | |
34.9b |
+1.2b |
36.1b |
Other operating expenses
|
Includes:
|
||
2016-2017 | Change | 2017-2018 | |
18.3b |
+1.4b |
19.7b |
|
6.8b |
+103m |
6.9b |
Other expenses |
$5.7b |
2016-17 General Government Budget Result |
The State maintained its AAA credit rating.
The object of the Fiscal Responsibility Act 2012 is to maintain the State’s AAA credit rating.
The Government manages NSW’s finances in alignment with the Fiscal Responsibility Act 2012 (the Act).
The Act establishes the framework for fiscal responsibility and the strategy to protect the State’s AAA credit rating and service delivery
to the people of NSW.
The legislation sets out targets and principles for financial management to achieve this.
New South Wales has credit ratings of AAA/ Stable from Standard & Poor’s and Aaa/ Stable from Moody’s Investors Service.
THE FISCAL TARGETS FOR ACHIEVING THIS OBJECTIVE ARE:
General Government annual expenditure growth is lower than long term average revenue growth.
General Government expenditure grew by 5.4 per cent in 2017-18. This was lower than the long-term revenue growth rate of 5.6 per cent.
Eliminating unfunded superannuation liabilities by 2030.
The Act sets a target to eliminate unfunded superannuation liabilities by 2030.
The State’s funding plan is to contribute amounts escalated by five per cent each year so the schemes will be fully funded by 2030. In 2017-18, the State made employer contributions of $1.7 billion, which is largely consistent with contributions over the past five years. Treasury expects superannuation liabilities will be fully funded by 2030 based on the funding program at the last triennial review (December 2015).
For fiscal responsibility purposes, the State uses AASB 1056: Superannuation Entities. This standard discounts superannuation liabilities using the expected return on assets backing the liability.
Using this method, the State’s unfunded superannuation liability was $14.0 billion at 30 June 2018 ($15.0 billion at 30 June 2017). The unfunded liability is $3.4 billion less than it was when the Act was introduced.
Revenues increased by $3.2 billion to $86.7 billion in 2017-18.
Revenues were underpinned by growth in taxation and Australian Government grant revenues, but stamp duties fell.
Tax revenue for the Total State Sector increased by $746 million, or 2.5 per cent compared to 2016-17, primarily due to a:
- $582 million increase in land tax from growth in land values
- $562 million increase in payroll tax from NSW employment and wages growth
- $1 billion decrease in stamp duty due to lower than expected growth in property market transactions, volumes and prices. In 2016-17, stamp duty included $718 million from the leases of Ausgrid and Endeavour Energy assets.
The State expects total stamp duties will fall to $9.5 billion in 2018-19, a decrease of almost $2.0 billion from 2016-17.
The State received Australian Government grants and subsidies of $30.9 billion in 2017-18.
The State received $444 million more in grants and subsidies from the Australian Government than it did in 2016-17. This was due to increases in GST revenues ($753 million) and special purpose payments ($683 million).
There was a decrease in National Partnership payments ($992 million), mainly due to the timing of major road projects including the Pacific Highway (Woolgoolga to Ballina), WestConnex and Western Sydney Infrastructure Program.
In 2017-18, sales of goods and services were $1.1 billion higher than in 2016-17. This reflected increased transaction revenue at Sydney Water ($139 million), the Department of Education ($133 million), WestConnex ($145 million), Department of Finance, Services and Innovation ($111 million) and Sydney Trains ($83 million).
Other dividends and distributions were $803 million higher than in 2016-17 mainly reflecting higher investment returns on TCorp investments.
$ |
83.5b |
+3.9% |
86.7b |
Total Revenue |
Key revenues include:
2016-2017 | Change% | 2017-2018 | ||
35.4b |
+2.8 |
36.3b |
Taxation, Fees, Fines, and other | |
31.4b |
+1.6 |
31.9b |
Grants & Subsidies | |
14.1b |
+8.1 |
15.2b |
Sale of Goods and Services |
Expenses increased $4.9 billion to $84.2 billion in 2017-18
Overall expenses increased 6.1 per cent compared to 2016-17. Most of the increase was due to higher employee and operating costs.
$ |
79.3b |
+6.1% |
84.2b |
Total Expenses |
Salaries and wages increased by 3.6 per cent compared to 2016-17.
Salaries and wages increased to $31.1 billion from $30 billion. This was due to inflation linked salary and wage increases and a reported increase in front line staff.
The Government wages policy aims to limit growth in employee remuneration and other employee related costs to no more than 2.5 per cent per annum.
Operating expenses increased by 7.8 per cent from 2016-17.
Within operating expenses, payments for supplies, services and other expenses increased, in part, due to:
- increased costs of major rail projects, WestConnex, B-Line bus program and a new rail timetable
- addressing the maintenance backlog and higher school operating expenses of the Department of Education.
Key expenses include:
2016-2017 | Change% | 2017-2018 | ||
32.8b |
+3.8 |
34.1b |
Employee Expenses | |
21.6b |
+7.8 |
23.3b |
Operating Costs | |
9.7b |
+12.7 |
10.9b |
Grants & Subsidies | |
7.2b |
+6.6 |
7.6b |
Depreciation | |
4.6b |
+2.8 |
4.7b |
Superannuation Expense |
Health costs remain the highest expense of the State.
The Australian Bureau of Statistics introduced a revised Classification of the Function of Government Australia Framework (COFOG-A) effective 1 July 2017. This resulted in some re-classification of expenditure between purposes and now shows State expenses are highest in:
- Health (25.5 per cent)
- General Public Services (25.0 per cent)
- Education (19.6 per cent).
General Public Services includes the executive and legislative branches, financial affairs, public debt transactions and general public service transactions.
The graph highlights the annual expenditure by function and the value of assets to deliver those services.
Assets grew by $35.6 billion to $443 billion in 2017-18
Valuing the State’s physical assets.
The State had physical assets with a fair value of $339 billion at 30 June 2018. This includes land and buildings ($161.6b) and Infrastructure ($160.2b).
Our audits assess the reasonableness and appropriateness of assumptions used to value physical assets. This includes obtaining an understanding of the valuation methodologies used and judgements made. We also review the completeness of asset registers and the mathematical accuracy of valuation models.
Net movements between years include additions, disposals, depreciation and valuations. This year, revaluations of physical assets added $24.5 billion to the value of the State’s assets. This was mainly attributable to the following agencies:
- Department of Education - $8.5 billion
- Roads and Maritime Services - $7.4 billion.
The State’s financial assets increased by $308 million in 2017-18 ($27.5 billion in 2016-17).
In 2016-17, the significant increase in financial assets was primarily from the sale or lease of the following government assets and businesses:
- In June 2017, the Government leased 50.4 per cent of Endeavour Energy assets, which followed the long-term lease 50.4 per cent of Ausgrid’s assets in December 2016. The Government received proceeds of $24.0 billion from these transactions.
- A 35-year concession for providing titling and registry services, effective 30 June 2017, was granted to a private sector operator. The Government received $2.6 billion cash for the concession.
The Government implemented reforms relating to the use the State’s financial assets.
In 2017-18, the Asset and Liability Committee, which advises the Government on balance sheet management, recommended the following policy actions and frameworks to help manage the State’s financial risks and opportunities:
- expanding the scope of cash management reforms to give the State a whole-of-government view on the use of surplus funds. Treasury advises these reforms have centralised funds management of approximately $3.0 billion
- endorsing a new whole-of-government Foreign Exchange (FX) Risk Policy (effective 1 July 2018) to effectively manage the State’s FX risk
- expanding management of the State’s debt portfolio to minimise interest rate risks, reduce interest costs where possible, and extend the average weighted life of the General Government’s debt portfolio towards eight years
- endorsing establishment of a ‘sustainability bond’ program to further diversify and expand the State’s bond investor base and raise awareness of the Government’s social and environmental initiatives.
The State has established the NSW Generations Fund to maintain debt at sustainable levels.
The State established the NSW Generations Funds (NGF) in June 2018 to support debt retirement and to fund community-focused initiatives. The Government has indicated it will initially capitalise the NGF with $3.0 billion from its reserves.
The NSW Generations Funds Act 2018 requires an audit of each NSW Generations Fund by the Auditor- General (including a report by the Auditor-General on whether payments from the Funds have been made in accordance with the Act). The first audit of the fund will be for the period up to 30 June 2019.
$ |
407b |
+8.7% |
443b |
Total Assets |
Key assets include:
2016-2017 | Change% | 2017-2018 | ||
Physical Assets | ||||
147.0b |
+9.0 |
160.2b |
Infrastructure | |
143.4b |
+12.7 |
161.6b |
Land and Buildings | |
Financial Assets | ||||
27.7b |
- 4.6 |
26.4b |
Equity investments | |
20.6b |
- 5.2 |
19.5b |
Cash and Recievables | |
40.5b |
+6.5 |
41.3b |
Investments and Placements |
Liabilities increased $5.1 billion to $189 billion in 2017-18
Valuing the State’s liabilities relies on actuarial assessments.
Nearly half of the State’s liabilities relate to its employees. They include unfunded superannuation, and employee benefits, such as long service and recreation leave.
Valuing these obligations involves complex estimation techniques and significant judgements. Small changes in assumptions can materially impact the values and the financial statements.
The State’s superannuation obligations fell $2.2 billion in 2017-18.
The State’s $56.4 billion unfunded superannuation liability represents obligations to past and present employees less the value of assets set aside to meet those obligations. The unfunded superannuation liability fell from $58.6 billion to $56.4 billion in 2017-18.
The State’s borrowings at 30 June 2018 were $700 million higher than they were at 30 June 2017.
The State’s borrowings totalled $71.3 billion at 30 June 2018.
TCorp issues bonds to raise funds for NSW Government agencies. These are actively traded in financial markets, which provides price transparency and liquidity to public sector borrowers and institutional investors. All TCorp bonds are guaranteed by the NSW Government.
The Government manages its debt liabilities through its balance sheet management strategy. The strategy extends to TCorp, which applies an active risk management strategy to the Government’s debt portfolio.
General Government Sector debt has been restructured by replacing shorter-term debt with longer-term debt. This lengthens the portfolio to match liabilities with the funding requirements for infrastructure assets.
$ |
184b |
+2.8% |
189b |
Total Liabilities |
Key liabilities include:
2016-2017 | Change% | 2017-2018 | ||
58.6b |
- 3.7 |
56.4b |
Unfunded Superannuation | |
18.3b |
+4.7 |
19.1b |
Other Employee Benefits | |
70.6b |
+1.0 |
71.3b |
Borrowings |