Reports
Property Asset Utilisation
Property NSW’s effectiveness in managing NSW Government owned and leased commercial office property is limited in three areas according to a report released today by the Auditor-General for New South Wales, Margaret Crawford.
At 30 June 2018, the NSW Government owned $160 billion worth of land and buildings. The NSW Treasury predicts this figure will rise over the coming years. Property NSW manages more than 900 leased office properties across the state. Approximately 250 of these are owned by Property NSW. Other NSW Government agencies maintain ownership and control of properties considered essential for service provision, such as schools, prisons and hospitals. Between 2012–13 and 2017–18 sales of property assets across the whole of the NSW Government have raised $10 billion, of which Property NSW has sold property assets of approximately $2 billion.
In September 2012, the Property Asset Utilisation Taskforce (the Taskforce) released its report on ‘real property asset management across government’ and concluded that the government has accumulated, over time, ‘a real property asset portfolio it cannot afford to maintain or protect’. The Taskforce noted that ‘a lack of centralised information seriously inhibits any whole-of-government strategic asset planning’ and that maintaining under-utilised or unnecessary properties diverted funds from areas where they might be better used. The Taskforce’s key findings included:
- the NSW Government should own property only as a means to deliver or enhance services
- many government properties were under-utilised, poorly maintained and inappropriate to support service delivery.
The Taskforce recommended the creation of Property NSW, as a replacement for the State Property Authority, to improve property asset utilisation and to drive efficiencies in the government’s owned and leased property portfolio. Property NSW was to achieve these goals by:
- collating property information across the whole-of-government
- working with agencies on longer-term strategic real property asset planning to:
- provide services to agencies as customers
- bring a whole-of-government perspective to real property asset planning.
In response to the Taskforce report, in December 2012, the Premier's Memorandum M2012-20 (the Memorandum) established Property NSW to improve the management of the NSW Government's owned and leased real property portfolio.
Under the Memorandum, Property NSW is responsible for:
- management of all leased and owned commercial office accommodation
- acting as the central acquisition and disposal agency
- providing advice to the government on property matters and developing property policy
- conducting regular and ongoing reviews of agencies portfolios, working with agencies to identify efficiencies to improve service delivery, in relation to the review of capital planning1
- maintaining the register of all government owned property.
The Memorandum states that ownership of all commercial office property should be vested in Property NSW.
This audit assessed whether Property NSW is effective in the management of NSW Government owned and leased commercial office property. To do this we assessed whether NSW Government leased commercial office space is being effectively utilised and whether the Government Property Register, a register of all government owned property, is accurate and up-to-date.
In December 2017, Property NSW started working across the NSW Government to help agencies identify real property assets, including commercial office properties, that are under-utilised or surplus and that could be recycled, repurposed, or vested to Property NSW.
1 Capital Planning was previously referred to as Total Asset Management (TAM).
By December 2019, Property NSW should:
- combine the results of property portfolio reviews to produce a whole-of-government picture of the NSW Government property portfolio
- devise a strategy and plan to recycle or repurpose under-utilised properties using a whole-of-government picture of the NSW Government property portfolio
- develop and report on indicators for progress in reducing the number and value of under-utilised properties at the whole-of-government level, referencing progress against an accurate baseline stocktake.
By December 2019, Property NSW should:
4. improve the data held on government owned and leased properties by combining and automating data feeds to construct a single, consolidated and accurate whole-of-government property data set.
By December 2019, Property NSW should:
5. document and communicate to stakeholders how its assessment criteria inform key decisions including agency relocations, lease renewals and rectifying under-utilisation
6. include customer satisfaction measures in its annual reports and reviews, in accordance with the requirements set out in the Premier's Memorandum M2012-20
7. improve record-keeping and compliance with the State Records Act 1998 and the Department of Finance, Services and Innovation Records Management Policy.
Appendix one - Response from agency
Appendix two - Audit Office response
Appendix three - About the audit
Appendix four - Performance auditing
Parliamentary reference - Report number #312 - released 18 December 2018
Newcastle Urban Transformation and Transport Program
The urban renewal projects on former railway land in the Newcastle city centre are well targeted to support the objectives of the Newcastle Urban Transformation and Transport Program (the Program), according to a report released today by the Auditor-General for New South Wales, Margaret Crawford. The planned uses of the former railway land achieve a balance between the economic and social objectives of the Program at a reasonable cost to the government. However, the evidence that the cost of the light rail will be justified by its contribution to the Program is not convincing.
The Newcastle Urban Transformation and Transport Program (the Program) is an urban renewal and transport program in the Newcastle city centre. The Hunter and Central Coast Development Corporation (HCCDC) has led the Program since 2017. UrbanGrowth NSW led the Program from 2014 until 2017. Transport for NSW has been responsible for delivering the transport parts of the Program since the Program commenced. All references to HCCDC in this report relate to both HCCDC and its predecessor, the Hunter Development Corporation. All references to UrbanGrowth NSW in this report relate only to its Newcastle office from 2014 to 2017.
This audit had two objectives:
- To assess the economy of the approach chosen to achieve the objectives of the Program.
- To assess the effectiveness of the consultation and oversight of the Program.
We addressed the audit objectives by answering the following questions:
a) Was the decision to build light rail an economical option for achieving Program objectives?
b) Has the best value been obtained for the use of the former railway land?
c) Was good practice used in consultation on key Program decisions?
d) Did governance arrangements support delivery of the program?
1. The urban renewal projects on the former railway land are well targeted to support the objectives of the Program. However, there is insufficient evidence that the cost of the light rail will be justified by its contribution to Program objectives.
The planned uses of the former railway land achieve a balance between the economic and social objectives of the Program at a reasonable cost to the Government. HCCDC, and previously UrbanGrowth NSW, identified and considered options for land use that would best meet Program objectives. Required probity processes were followed for developments that involved financial transactions. Our audit did not assess the achievement of these objectives because none of the projects have been completed yet.
Analysis presented in the Program business case and other planning documents showed that the light rail would have small transport benefits and was expected to make a modest contribution to broader Program objectives. Analysis in the Program business case argued that despite this, the light rail was justified because it would attract investment and promote economic development around the route. The Program business case referred to several international examples to support this argument, but did not make a convincing case that these examples were comparable to the proposed light rail in Newcastle.
The audited agencies argue that the contribution of light rail cannot be assessed separately because it is a part of a broader Program. The cost of the light rail makes up around 53 per cent of the total Program funding. Given the cost of the light rail, agencies need to be able to demonstrate that this investment provides value for money by making a measurable contribution to the Program objectives.
2. Consultation and oversight were mostly effective during the implementation stages of the Program. There were weaknesses in both areas in the planning stages.
Consultations about the urban renewal activities from around 2015 onward followed good practice standards. These consultations were based on an internationally accepted framework and met their stated objectives. Community consultations on the decision to close the train line were held in 2006 and 2009. However, the final decision in 2012 was made without a specific community consultation. There was no community consultation on the decision to build a light rail.
The governance arrangements that were in place during the planning stages of the Program did not provide effective oversight. This meant there was not a single agreed set of Program objectives until 2016 and roles and responsibilities for the Program were not clear. Leadership and oversight improved during the implementation phase of the Program. Roles and responsibilities were clarified and a multi-agency steering committee was established to resolve issues that needed multi-agency coordination.
Recommendations
For future infrastructure programs, NSW Government agencies should support economical decision-making on infrastructure projects by:
- providing balanced advice to decision makers on the benefits and risks of large infrastructure investments at all stages of the decision-making process
- providing scope and cost estimates that are as accurate and complete as possible when initial funding decisions are being made
- making business cases available to the public.
The planned uses of the former railway land align with the objectives of encouraging people to visit and live in the city centre, creating attractive public spaces, and supporting growth in employment in the city. The transport benefits of the activities are less clear, because the light rail is the major transport project and this will not make significant improvements to transport in Newcastle.
The processes used for selling and leasing parts of the former railway land followed industry standards. Options for the former railway land were identified and assessed systematically. Competitive processes were used for most transactions and the required assessment and approval processes were followed. The sale of land to the University of Newcastle did not use a competitive process, but required processes for direct negotiations were followed.
Recommendation
By March 2019, the Hunter and Central Coast Development Corporation should:
- work with relevant stakeholders to explore options for increasing the focus on the heritage objective of the Program in projects on the former railway land. This could include projects that recognise the cultural and industrial heritage of Newcastle.
Consultations focusing on urban renewal options for the Program included a range of stakeholders and provided opportunities for input into decisions about the use of the former railway land. These consultations received mostly positive feedback from participants. Changes and additions were made to the objectives of the Program and specific projects in response to feedback received.
There had been several decades of debate about the potential closure of the train line, including community consultations in 2006 and 2009. However, the final decision to close the train line was made and announced in 2012 without a specific community consultation. HCCDC states that consultation with industry and business representatives constitutes community consultation because industry representatives are also members of the community. This does not meet good practice standards because it is not a representative sample of the community.
There was no community consultation on the decision to build a light rail. There were subsequent opportunities for members of the community to comment on the implementation options, but the decision to build it had already been made. A community and industry consultation was held on which route the light rail should use, but the results of this were not made public.
Recommendation
For future infrastructure programs, NSW Government agencies should consult with a wide range of stakeholders before major decisions are made and announced, and report publicly on the results and outcomes of consultations.
The governance arrangements that were in place during the planning stages of the Program did not provide effective oversight. Project leadership and oversight improved during the implementation phase of the Program.
Multi-agency coordination and oversight were ineffective during the planning stages of the Program. Examples include: multiple versions of Program objectives being in circulation; unclear reporting lines for project management groups; and poor role definition for the initial advisory board. Program ownership was clarified in mid-2016 with the appointment of a new Program Director with clear accountability for the delivery of the Program. This was supported by the creation of a multi-agency steering committee that was more effective than previous oversight bodies.
The limitations that existed in multi-agency coordination and oversight had some negative consequences in important aspects of project management for the Program. This included whole-of-government benefits management and the coordination of work to mitigate impacts of the Program on small businesses.
Recommendations
For future infrastructure programs, NSW Government agencies should:
- develop and implement a benefits management approach from the beginning of a program to ensure responsibility for defining benefits and measuring their achievement is clear
- establish whole-of-government oversight early in the program to guide major decisions. This should include:
- agreeing on objectives and ensuring all agencies understand these
- clearly defining roles and responsibilities for all agencies
- establishing whole-of-government coordination for the assessment and mitigation of the impact of major construction projects on businesses and the community.
By March 2019, the Hunter and Central Coast Development Corporation should update and implement the Program Benefits Realisation Plan. This should include:
- setting measurable targets for the desired benefits
- clearly allocating ownership for achieving the desired benefits
- monitoring progress toward achieving the desired benefits and reporting publicly on the results.
Appendix one - Response from agencies
Appendix two - About the audit
Appendix three - Performance auditing
Parliamentary reference - Report number #310 - released 12 December 2018
Unsolicited proposal process for the lease of Ausgrid
In October 2016, the NSW Government accepted an unsolicited proposal from IFM Investors and AustralianSuper to lease 50.4 per cent of Ausgrid for 99 years. The deal followed the Federal Government’s rejection of two bids from foreign investors, for national security reasons.
A performance audit of the lease of Ausgrid has found shortcomings in the unsolicited proposal process. Releasing the audit findings today, the Auditor-General for New South Wales, Margaret Crawford said ‘this transaction involved a $20 billion asset owned by the people of New South Wales. As such, it warranted strict adherence to established guidelines’.
Ausgrid is a distributor of electricity to eastern parts of Sydney, the Central Coast, Newcastle and the Hunter Region.
In June 2014, the then government announced its commitment to lease components of the state's electricity network as part of the Rebuilding NSW plan. Implementation of the policy began after the government was re-elected in 2015. Between November 2015 and August 2016, the NSW Government held a competitive tender process to lease 50.4 per cent of Ausgrid for 99 years. The NSW Government abandoned the process on 19 August 2016 after the Australian Treasurer rejected two bids from foreign investors, for national security reasons. That day, the Premier and Treasurer released a media statement clarifying the government's objective to complete the transaction via a competitive process in time to include the proceeds in the 2017–18 budget.
On 31 August 2016, the state received an unsolicited proposal from IFM Investors and AustralianSuper to acquire an interest in Ausgrid under the same terms proposed by the state during the tender process. In October 2016, the government accepted the unsolicited proposal.
This audit examined whether the unsolicited proposal process for the partial long-term lease of Ausgrid was effectively conducted and in compliance with the government’s 2014 Unsolicited Proposals: Guide for Submission and Assessment (Unsolicited Proposals Guide or the Guide).
The audit focused on how the government-appointed Assessment Panel and Proposal Specific Steering Committee assessed key requirements in the Guide that unsolicited proposals must be demonstrably unique and represent value for money.
The evidence available does not conclusively demonstrate the unsolicited proposal was unique, and there were some shortcomings in the negotiation process, documentation and segregation of duties. That said, before the final commitment to proceed with the lease, the state obtained assurance that the proposal delivered value for money.
It is particularly important to demonstrate unsolicited proposals are unique, in order to justify the departure from other transaction processes that offer greater competition, transparency and certainty about value for money.
The Assessment Panel and the Proposal Specific Steering Committee determined the Ausgrid unsolicited proposal was unique, primarily on the basis that the proponent did not require foreign investment approval from the Australian Treasurer, and the lease transaction could be concluded earlier than through a second tender process. However, the evidence that persuaded the Panel and Committee did not demonstrate that no other proponent could conclude the transaction in time to meet the government’s deadline.
It is not appropriate to determine an unsolicited proposal is unique because it delivers an earlier outcome than possible through a tender process. The Panel and Committee did not contend, and it is not evident, that the unsolicited proposal was the only way to meet the government’s transaction deadline.
The evidence does not demonstrate that the proponent was the only party that would not have needed foreign investment approval to participate in the transaction. It also does not demonstrate that the requirement for foreign investment approval would have reduced the pool of foreign buyers to the degree that it would be reasonable to assume none would emerge.
The Panel, Committee and financial advisers determined that the final price represented value for money, and that retendering offered a material risk of a worse financial outcome. However, an acceptable price was revealed early in the negotiation process, and doing so made it highly unlikely that the proponent would offer a higher price than that disclosed. The Department of Premier and Cabinet (DPC) and NSW Treasury were not able to provide a documented reserve price, bargaining strategy or similar which put the negotiations in context. It is not evident that the Panel or Committee authorised, justified or endorsed negotiations in advance.
Key aspects of governance recommended by the Guide were in place. Some shortcomings relating to role segregation, record keeping and probity assurance weakened the effectiveness of the unsolicited proposal process adopted for Ausgrid.
The reasons for accepting that the proposal and proponent were unique are not compelling.
The Unsolicited Proposals Guide says the 'unique benefits of the proposal and the unique ability of the proponent to deliver the proposal' must be demonstrated.
The conclusion reached by the Panel and Committee that the proposal offered a ‘unique ability to deliver (a) strategic outcome’ was primarily based on the proponent not requiring foreign investment approval from the Australian Treasurer, and allowing the government to complete the lease transaction earlier than by going through a second tender process.
It is not appropriate to determine an unsolicited proposal is unique because it delivers an earlier outcome than possible through a tender process. The Panel and Committee did not contend, and it is not evident, that the unsolicited proposal was the only way to meet the government’s transaction deadline.
The evidence does not demonstrate that the proponent was the only party that would not have needed foreign investment approval to participate in the transaction. Nor does it demonstrate that the requirement for foreign investment approval would have reduced the pool of foreign buyers to the degree that it would be reasonable to assume none would emerge.
That said, the Australian Treasurer’s decision to reject the two bids from the previous tender process created uncertainty about the conditions under which he would approve international bids. The financial advisers engaged for the Ausgrid transaction informed the Panel and Committee that:
- it was not likely another viable proponent would emerge soon enough to meet the government’s transaction deadline
- the market would be unlikely to deliver a better result than offered by the proponent
- going to tender presented a material risk of a worse financial result.
The Unsolicited Proposals Guide says that a proposal to directly purchase or acquire a government-owned entity or property will generally not be unique. The Ausgrid unsolicited proposal fell into this category.
Recommendations:
DPC should ensure future Assessment Panels and Steering Committees considering a proposal to acquire a government business or asset:
- recognise that when considering uniqueness they should:
- require very strong evidence to decide that both the proponent and proposal are the only ones of their kind that could meet the government’s objectives
- give thorough consideration to any reasonable counter-arguments against uniqueness.
- rigorously consider all elements of the Unsolicited Proposals Guide when determining whether a proposal should be dealt with as an unsolicited proposal, and document these deliberations and all relevant evidence
- do not use speed of transaction compared to a market process as justification for uniqueness.
The Panel and Committee concluded the price represented value for money, based on peer-reviewed advice from their financial advisers and knowledge acquired from previous tenders. The financial advisers also told the Panel and Committee that there was a material risk the state would receive a lower price than offered by the unsolicited proposal if it immediately proceeded with a second market transaction.
The state commenced negotiations on price earlier than the Guide says they should have. Early disclosure of a price that the state would accept reduced the likelihood of achieving a price greater than this. DPC says the intent of this meeting was to quickly establish whether the proponents could meet the state’s benchmark rather than spending more time and resources on a proposal which had no prospect of proceeding.
DPC and NSW Treasury were not able to provide a documented reserve price, negotiation strategy or similar which put the negotiations and price achieved in context. It was not evident that the Panel or Committee authorised, justified or endorsed negotiations in advance. However, the Panel and Committee endorsed the outcomes of the negotiations.
The negotiations were informed by the range of prices achieved for similar assets and the specific bids for Ausgrid from the earlier market process.
Recommendations:
DPC should ensure any future Assessment Panels and Steering Committees considering a proposal to acquire a government business or asset:
- document a minimum acceptable price, and a negotiating strategy designed to maximise price, before commencing negotiations
- do not communicate an acceptable price to the proponent, before the negotiation stage of the process, and then only as part of a documented bargaining strategy.
The state established a governance structure in accordance with the Unsolicited Proposals Guide, including an Assessment Panel and Proposal Specific Steering Committee. The members of the Panel and Steering Committee were senior and experienced officers, as befitted the size and nature of the unsolicited proposal.
The separation of negotiation, assessment and review envisaged by the Guide was not maintained fully. The Chair of the Assessment Panel and a member of the Steering Committee were involved in negotiations with the proponent.
DPC could not provide comprehensive records of some key interactions with the proponent or a documented negotiation strategy. The absence of such records means the Department cannot demonstrate engagement and negotiation processes were authorised and rigorous.
The probity adviser reported there were no material probity issues with the transaction. The probity adviser also provided audit services. This is not good practice. The same party should not provide both advisory and audit services on the same transaction.
Recommendations:
DPC should ensure any future Assessment Panels and Steering Committees considering a proposal to acquire a government entity or asset:
• maintain separation between negotiation, assessment and review in line with the Unsolicited Proposals Guide
• keep an auditable trail of documentation relating to the negotiation process
• maintain separation between any probity audit services engaged and the probity advisory and reporting services recommended in the current Guide.
Appendix one - Response from agency
Appendix two - NSW Government’s summary of assessment of the Ausgrid unsolicited proposal
Appendix three - The definition and nature of unsolicited proposals
Appendix four - Ausgrid unsolicited proposal process
Appendix five - About the audit
Appendix six - Performance auditing
Parliamentary reference - Report number #309 - released 11 December 2018
Central Agencies 2018
The Auditor-General for New South Wales, Margaret Crawford, released her report today on the results of the financial audits of NSW Government central agencies. The report focuses on key observations and findings from the most recent financial statement audits of agencies in the Treasury, Premier and Cabinet, and Finance, Services and Innovation clusters. While clear audit opinions were issued on all agency financial statements, the report notes that some complex accounting requirements caused significant errors in agency financial statements submitted for audit, which were corrected before the financial statements were approved.
This report analyses the results of our audits of the Treasury, Premier and Cabinet and Finance, Services and Innovation cluster agencies for the year ended 30 June 2018. The table below summarises our key observations.
This report provides parliament and other users of the NSW Government's central agencies and their cluster agencies financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations
- liquidity risk management
- government financial services.
The central agencies and their key responsibilities are set out below.
| Central agencies | Key central agency responsibilities | Cluster responsibilities |
| The Treasury |
|
The cluster:
|
| Department of Premier and Cabinet |
|
The cluster:
|
| Department of Finance, Services and Innovation |
|
The cluster:
|
| Public Service Commission |
|
|
A full list of agencies that this report covers by relevant cluster is included in Appendix three.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Treasury, Premier and Cabinet and Finance, Services and Innovation clusters for 2018.
| Observation | Conclusions and recommendations |
| 2.1 Quality of financial reporting | |
| Unqualified opinions were issued for all agencies' financial statements submitted to the Audit Office. Complex accounting requirements caused significant errors in some agency financial statements, which were corrected before the financial statements were approved. |
Sufficient audit evidence was obtained to conclude the financial statements were free of material misstatement. Recommendation: Agencies should respond to key accounting issues when they are identified by preparing accounting papers and engaging with Treasury, the Audit Office and their Audit and Risk Committee when these matters are identified. |
| 2.2 Timeliness of financial reporting | |
| Most agencies complied with the statutory timeframe for completion of early close procedures, 48 agencies in the Treasury cluster did not comply with the statutory requirement to prepare financial statements, and the audits of nine agencies in the Treasury cluster were not completed within the statutory timeframe. All financial statement information of the 48 agencies that did not prepare financial statements has been captured in the consolidated financial statements of their parent entity, which was subject to audit. |
Early close procedures allow financial reporting issues and risks to be addressed early in the audit process. The timeliness of financial reporting can be improved by performing more robust early close procedures. |
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our observations and insights from:
- our financial statement audits of agencies in the Treasury, Premier and Cabinet and Finance, Services and Innovation cluster for 2018
- the areas of focus identified in the Audit Office work program.
The Audit Office work program provides a summary of all audits to be conducted within the proposed time period as well as detailed information on the areas of focus for each of the NSW Government clusters.
| Observation | Conclusions and recommendations |
| 3.1 Internal controls | |
| The 2017–18 audits found one high risk issue and 83 moderate risk issues across the agencies. Nineteen per cent of all issues were repeat issues. | Agencies should focus on rectifying repeat issues. |
| The high risk issue at Service NSW related to several deficiencies in procurement and contract management processes. | Service NSW may not be achieving value-for-money from their procurement and contract management activities. The high risk issue should be rectified as a matter of priority. This includes updating and implementing its procurement, vendor and contract management frameworks and delivering training to key staff involved in procurement and contract management activities. |
| Property NSW has implemented several controls during the year to rectify the high risk issue identified last year related to its transition to a new property and facility management service provider. However, the service providers performance remains below expectations and there are further opportunities to improve oversight and lift performance. | Property NSW can better define roles and accountabilities with the service provider and formalise policies and processes associated with its monitoring and oversight of the service provider. Implementing relevant KPIs, receiving timely reports and providing timely review and feedback to the service provider may help to lift performance. |
| GovConnect received unqualified opinions from their service auditor on all business process controls, except for information technology controls provided by Unisys, where a qualified opinion was received from the service auditor. A qualified opinion was received because of several deficiencies in user access controls. | These internal control deficiencies increase the risk of unauthorised access to key business systems, and increase audit effort and costs associated with addressing the risks arising from the deficiencies. |
| 3.2 Audit Office annual work program | |
|
Remediation of the Barangaroo site is now estimated to cost the Barangaroo Delivery Authority in excess of net $400 million. |
Measuring the remaining costs to remediate requires the use of estimation techniques and judgements, making the actual outcome inherently uncertain. We reviewed evidence to support the provision for remediation, including future costs estimates and this evidence supported management’s estimate. |
| The State Insurance Regulatory Authority have administered the refund of $138 million in Green slip refunds to policy holders through Service NSW during 2017–18. At 30 June 2018, $112 million in refunds are yet to be claimed. We reviewed the systems and processes supporting the refund process. While we found that this supports the disbursement of refunds to policyholders there were some deficiencies in Service NSW’s project controls when the program was being developed. |
Service NSW should apply the lessons learnt from this program to other programs it is delivering or will be delivering for agencies. |
| Revenue NSW recorded $30.4 billion from taxes, fines and fees in 2017–18 ($30.0 billion in 2016–17) to support the State’s finances. |
Crown revenue has steadily increased over the last five years predominately driven by rises in payroll tax and land tax and responsibility for collection of the Emergency Services Levy transferring to Revenue NSW under the Emergency Services Levy Act 2017 effective from July 2017. |
| 3.3 Managing maintenance | |
| Place Management NSW manages significant commercial and retail leases and maintains public domain spaces and other assets around the harbour foreshore. It has consistently underspent its asset maintenance budget. In 2017–18, asset maintenance expenses were only 34 per cent of budgeted maintenance expense. Currently, Place Management NSW does not use any ratios or benchmarks to determine the adequacy of its maintenance spend or to monitor whether it is achieving its budgeted maintenance program. |
This may be contributing to a high proportion of unplanned maintenance, which Place Management NSW reports was 38 per cent of total maintenance expense in 2017–18. Place Management NSW is outsourcing its property and facilities management function from 1 December 2018 to an external service provider. |
This chapter outlines our audit observations, conclusions and recommendations specific to NSW Government agencies providing financial services.
| Observation | Conclusions and recommendation |
| 5.1 Superannuation funds | |
| The SAS Trustee Corporation (STC) Pooled Fund and the Parliamentary Contributory Superannuation (PCS) Fund are not required to comply with the prudential and reporting standards issued by the Australian Prudential Regulation Authority (APRA). However, legislation allows the responsible Minister to prescribe prudential standards, reporting and audit requirements. |
Structured and comprehensive prudential oversight of these Funds is important as they operate in a volatile financial sector, have 103,000 members and manage investments of $43.3 billion. Recommendation: Treasury should consult with the Trustees of the STC Pooled Fund and PCS Fund to prescribe appropriate prudential standards and requirements, including oversight arrangements. |
| 5.2 Insurance and compensation | |
| Nominal Insurer and NSW Self Insurance Corporation investment performance marginally exceeded benchmark over the past five years. | Investment returns can impact on the premiums required to maintain an adequate funding ratio in addition to other factors such as claims experience and discount rates. |
| The Workers Compensation Nominal Insurer (Nominal Insurer) and NSW Self Insurance Corporation's net collected premiums and contributions decreased over the past five years. | The insurance schemes' investment performance and stable claim payments have enabled less reliance on net collected premiums and contributions as a source of funding, over the past five years. |
| Reforms were introduced to manage the Home Warranty Scheme's financial sustainability risks. | The Home Warranty Scheme has not collected sufficient premiums to fund expected claims costs, since commencing operations in 2011. In 2017–18, the Crown contributed $181 million for historical shortfalls. New reforms started on 1 January 2018 enabling the Scheme to price premiums based on risk. |
Transport 2018
The Auditor-General for New South Wales, Margaret Crawford released her report today on key observations and findings from the 30 June 2018 financial statement audits of agencies in the Transport cluster. Unqualified audit opinions were issued for all agencies' financial statements. However, assessing the fair value of the broad range of transport related assets creates challenges.
This report analyses the results of our audits of financial statements of the Transport cluster for the year ended 30 June 2018. The table below summarises our key observations.
This report provides Parliament and other users of the Transport cluster’s financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Transport cluster for 2018.
| Observation | Conclusions and recommendations |
| 2.1 Quality of financial reporting | |
| Unqualified audit opinions were issued for all agencies' financial statements | Sufficient audit evidence was obtained to conclude the financial statements were free of material misstatement. |
| 2.2 Key accounting issues | |
| Valuation of assets continues to create challenges. Although agencies complied with the requirements of the accounting standards and Treasury policies on valuations, we identified some opportunities for improvements at RMS. |
RMS incorporated data from its asset condition assessments for the first time in the valuation methodology which improved the valuation outcome. Overall, we were satisfied with the valuation methodology and key assumptions, but we noted some deficiencies in the asset data in relation to asset component unit rates and old condition data for some components of assets. Also, a bypass and tunnel were incorrectly excluded from RMS records and valuation process since 2013. This resulted in an increase for these assets’ value by $133 million. The valuation inputs for Wetlands and Moorings were revised this year to better reflect the assets' characteristics resulting in a $98.0 million increase. |
| 2.3 Timeliness of financial reporting | |
| Residual Transport Corporation did not submit its financial statements by the statutory reporting deadline. | Residual Transport Corporation remained a dormant entity with no transactions for the year ended 30 June 2018. |
| With the exception of Residual Transport Corporation, all agencies completed early close procedures and submitted financial statements within statutory timeframes. | Early close procedures allow financial reporting issues and risks to be addressed early in the reporting and audit process. |
| 2.4 Financial sustainability | |
| NSW Trains and the Chief Investigator of the Office of Transport Safety Investigations reported negative net assets of $75.7 million and $89,000 respectively at 30 June 2018. | NSW Trains and the Chief Investigator of the Office of Transport Safety Investigations continue to require letters of financial support to confirm their ability to pay liabilities as they fall due. |
| 2.5 Passenger revenue and patronage | |
| Transport agencies revenue growth increased at a higher rate than patronage. | Public transport passenger revenue increased by $114 million (8.3 per cent) in 2017–18, and patronage increased by 37.1 million (5.1 per cent) across all modes of transport based on data provided by TfNSW. |
| Negative balance Opal Cards resulted in $3.8 million in revenue not collected in 2017–18 and $7.8 million since the introduction of Opal. A total of 1.1 million Opal cards issued since its introduction have negative balances. | Transport for NSW advised it is liaising with the ticketing vendor to implement system changes and are investigating other ways to reduce the occurrences. |
| 2.6 Cost recovery from public transport users | |
| Overall cost recovery from users has decreased. | Overall cost recovery from public transport users (on rail and bus services by STA) decreased from 23.2 per cent to 22.4 per cent between 2016–17 and 2017–18. The main reason for the decrease is due to expenditure increasing at a faster rate than revenue in 2017–18. |
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our observations and insights from:
- our financial statement audits of agencies in the Transport cluster for 2018
- the areas of focus identified in the Audit Office annual work program.
The Audit Office Annual Work Program provides a summary of all audits to be conducted within the proposed time period as well as detailed information on the areas of focus for each of the NSW Government clusters.
| Observation | Conclusions and recommendations |
| 3.1 Internal controls | |
| There was an increase in findings on internal controls across the Transport cluster. | Key themes related to information technology, employee leave entitlements and asset management. Eighteen per cent of all issues were repeat issues. |
| 3.2 Audit Office Annual work program | |
| The Transport cluster wrote-off over $200 million of assets which were replaced by new assets or technology. |
Majority of this write-off was recognised by RMS, with $199 million relating to the write-off of existing assets which have been replaced during the year. |
| RailCorp is expected to convert to TAHE from 1 July 2019. | Several working groups are considering different aspects of the TAHE transition including its status as a for-profit Public Trading Enterprise and which assets to transfer to TAHE. We will continue to monitor developments on TAHE for any impact to the financial statements. |
| RMS' estimated maintenance backlog at 30 June 2018 of $3.4 billion is lower than last year. Sydney Trains' estimated maintenance backlog at 30 June 2018 increased by 20.6 per cent to $434 million. TfNSW does not quantify its backlog maintenance. | TfNSW advised it is liaising with Infrastructure NSW to develop a consistent definition of maintenance backlog across all transport service providers. |
| Not all agencies monitor unplanned maintenance across the Transport cluster. | Unplanned maintenance can be more expensive than planned maintenance. TfNSW should develop a consistent approach to define, monitor and track unplanned maintenance across the cluster. |
This chapter outlines certain service delivery outcomes for 2017–18. The data on activity levels and performance is provided by Cluster agencies. The Audit Office does not have a specific mandate to audit performance information. Accordingly, the information in this chapter is unaudited.
We report this information on service delivery to provide additional context to understand the operations of the Transport cluster and to collate and present service information for different modes of transport in one report.
In our recent performance audit, Progress and measurement of Premier's Priorities, we identified 12 limitations of performance measurement and performance data. We recommended that the Department of Premier and Cabinet ensure that processes to check and verify data are in place for all agency data sources.
Progress and measurement of the Premier's Priorities
The Premier’s Implementation Unit uses a systematic approach to measuring and reporting progress towards the Premier’s Priorities performance targets, but public reporting needed to improve, according to a report released today by the Auditor-General of NSW, Margaret Crawford.
The Premier of New South Wales has established 12 Premier’s Priorities. These are key performance targets for government.
| The 12 Premier's Priorities | |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
Source: Department of Premier and Cabinet, Premier’s Priorities website.
Each Premier’s Priority has a lead agency and minister responsible for achieving the performance target.
The Premier’s Implementation Unit (PIU) was established within the Department of Premier and Cabinet (DPC) in 2015. The PIU is a delivery unit that supports agencies to measure and monitor performance, make progress toward the Premier’s Priorities targets, and report progress to the Premier, key ministers and the public.
This audit assessed how effectively the NSW Government is progressing and reporting on the Premier's Priorities.
The Premier’s Implementation Unit (PIU) is effective in assisting agencies to make progress against the Premier’s Priorities targets. Progress reporting is regular but transparency to the public is weakened by the lack of information about specific measurement limitations and lack of clarity about the relationship of the targets to broader government objectives.The PIU promotes a systematic approach to measuring performance and reporting progress towards the Premier’s Priorities’ performance targets. Public reporting would be improved with additional information about the rationale for choosing specific targets to report on broader government objectives.
The PIU provides a systematic approach to measuring performance and reporting progress towards the Premier's Priorities performance targets. Public reporting would be improved with additional information about the rationale for choosing specific targets to report on broader government objectives. The data used to measure the Premier’s Priorities comes from a variety of government and external datasets, some of which have known limitations. These limitations are not revealed in public reporting, and only some are revealed in progress reported to the Premier and ministers. This limits the transparency of reporting.
The PIU assists agencies to avoid unintended outcomes that can arise from prioritising particular performance measures over other areas of activity. The PIU has adopted a collaborative approach to assisting agencies to analyse performance using data, and helping them work across organisational silos to achieve the Premier’s Priorities targets.
Data used to measure progress for some of the Premier’s Priorities has limitations which are not made clear when progress is reported. This reduces transparency about the reported progress. Public reporting would also be improved with additional information about the relationship between specific performance measures and broader government objectives.
The PIU is responsible for reporting progress to the Premier, key ministers and the public. Agencies provide performance data and some play a role in preparing progress reports for the Premier and ministers. For 11 of the Premier's Priorities, progress is reported against measurable and time-related performance targets. For the infrastructure priority, progress is reported against project milestones.
Progress of some Priorities is measured using data that has known limitations, which should be noted wherever progress is reported. For example, the data used to report on housing completions does not take housing demolitions into account, and is therefore overstating the contribution of this performance measure to housing supply. This known limitation is not explained in progress reports or on the public website.
Data used to measure progress is sourced from a mix of government and external datasets. Updated progress data for most Premier’s Priorities is published on the Premier’s Priorities website annually, although reported to the Premier and key ministers more frequently. The PIU reviews the data and validates it through fieldwork with front line agencies. The PIU also assists agencies to avoid unintended outcomes that can arise from prioritising single performance measures. Most, but not all, agencies use additional indicators to check for misuse of data or perverse outcomes.
We examined the reporting processes and controls for five of the Premier’s Priorities. We found that there is insufficient assurance over the accuracy of the data on housing approvals.
The relationships between performance measures and broader government objectives is not always clearly explained on the Premier’s Priority website, which is the key source of public information about the Premier’s Priorities. For example, the Premier’s Priority to reduce litter volumes is communicated as “Keeping our Environment Clean.” While the website explains why reducing litter is important, it does not clearly explain why that particular target has been chosen to measure progress in keeping the environment clean.
By December 2018, the Department of Premier and Cabinet should:
- improve transparency of public reporting by:
- providing information about limitations of reported data and associated performance
- clarifying the relationship between the Premier’s Priorities performance targets and broader government objectives.
- ensure that processes to check and verify data are in place for all agency data sources
- encourage agencies to develop and implement additional supporting indicators for all Premier’s Priority performance measures to prevent and detect unintended consequences or misuse of data.
The Premier's Implementation Unit is effective in supporting agencies to deliver progress towards the Premier’s Priority targets.
The PIU promotes a systematic approach to monitoring and reporting progress against a target, based on a methodology used in delivery units elsewhere in the world. The PIU undertakes internal self-evaluation, and commissions regular reviews of methodology implementation from the consultancy that owns the methodology and helped to establish the PIU. However, the unit lacks periodic independent reviews of their overall effectiveness. The PIU has adopted a collaborative approach and assists agencies to analyse performance using data, and work across organisational silos to achieve the Premier’s Priorities targets.
Agency representatives recognise the benefits of being responsible for a Premier's Priority and speak of the value of being held to account and having the attention of the Premier and senior ministers.
By June 2019, the Department of Premier and Cabinet should:
- establish routine collection of feedback about PIU performance including:
- independent assurance of PIU performance
- opportunity for agencies to provide confidential feedback.
Appendix one: Response from agency
Appendix three: About the audit
Appendix four: Performance auditing
Parliamentary reference - Report number #307 - released 13 September 2018
Regional Assistance Programs
Infrastructure NSW effectively manages how grant applications for regional assistance programs are assessed and recommended for funding. Its contract management processes are also effective. However, we are unable to conclude whether the objectives of these programs have been achieved as the relevant agencies have not yet measured their benefits, according to a report released today by the Auditor-General for New South Wales, Margaret Crawford.
In 2011, the NSW Government established Restart NSW to fund new infrastructure with the proceeds from the sale and lease of government assets. From 2011 to 2017, the NSW Government allocated $1.7 billion from the fund for infrastructure in regional areas, with an additional commitment of $1.3 billion to be allocated by 2021. The NSW Government allocates these funds through regional assistance programs such as Resources for Regions and Fixing Country Roads. NSW councils are the primary recipients of funding provided under these programs.
The NSW Government announced the Resources for Regions program in 2012 with the aim of addressing infrastructure constraints in mining affected communities. Infrastructure NSW administers the program, with support from the Department of Premier and Cabinet.
The NSW Government announced the Fixing Country Roads program in 2014 with the aim of building more efficient road freight networks. Transport for NSW and Infrastructure NSW jointly administer this program, which funds local councils to deliver projects that help connect local and regional roads to state highways and freight hubs.
This audit assessed whether these two programs (Resources for Regions and Fixing Country Roads) were being effectively managed and achieved their objectives. In making this assessment, we answered the following questions:
- How well are the relevant agencies managing the assessment and recommendation process?
- How do the relevant agencies ensure that funded projects are being delivered?
- Do the funded projects meet program and project objectives?
The audit focussed on four rounds of Resources for Regions funding between 2013–14 to 2015–16, as well as the first two rounds of Fixing Country Roads funding in 2014–15 and 2015–16.
The project selection criteria are consistent with the program objectives set by the NSW Government, and the RIAP applied the criteria consistently. Probity and record keeping practices did not fully comply with the probity plans.
The assessment methodology designed by Infrastructure NSW is consistent with2 the program objectives and criteria. In the rounds that we reviewed, all funded projects met the assessment criteria.
Infrastructure NSW developed probity plans for both programs which provided guidance on the record keeping required to maintain an audit trail, including the use of conflict of interest registers. Infrastructure NSW and Transport for NSW did not fully comply with these requirements. The relevant agencies have taken steps to address this in the current funding rounds for both programs.
NSW Procurement Board Directions require agencies to ensure that they do not engage a probity advisor that is engaged elsewhere in the agency. Infrastructure NSW has not fully complied with this requirement. A conflict of interest arose when Infrastructure NSW engaged the same consultancy to act as its internal auditor and probity advisor.
While these infringements of probity arrangements are unlikely to have had a major impact on the assessment process, they weaken the transparency and accountability of the process.
Some councils have identified resourcing and capability issues which impact on their ability to participate in the application process. For both programs, the relevant agencies conducted briefings and webinars with applicants to provide advice on the objectives of the programs and how to improve the quality of their applications. Additionally, Transport for NSW and the Department of Premier and Cabinet have developed tools to assist councils to demonstrate the economic impact of their applications.
The relevant agencies provided feedback on unsuccessful applications to councils. Councils reported that the quality of this feedback has improved over time.
Recommendations
- By June 2018, Infrastructure NSW should:
- ensure probity reports address whether all elements of the probity plan have been effectively implemented.
- By June 2018, Infrastructure NSW and Transport for NSW should:
- maintain and store all documentation regarding assessment and probity matters according to the State Records Act 1998, the NSW Standard on Records Management and the relevant probity plans
Infrastructure NSW is responsible for overseeing and monitoring projects funded under Resources for Regions and Fixing Country Roads. Infrastructure NSW effectively manages projects to keep them on track, however it could do more to assure itself that all recipients have complied with funding deeds. Benefits and outcomes should also start to be measured and reported as soon as practicable after projects are completed to inform assessment of future projects.
Infrastructure NSW identifies projects experiencing unreasonable delays or higher than expected expenses as 'at‑risk'. After Infrastructure NSW identifies a project as 'at‑risk', it puts in place processes to resolve issues to bring them back on track. Infrastructure NSW, working with Public Works Advisory regional offices, employs a risk‑based approach to validate payment claims, however this process should be strengthened. Infrastructure NSW would get better assurance by also conducting annual audits of compliance with the funding deed for a random sample of projects.
Infrastructure NSW collects project completion reports for all Resources for Regions and Fixing Country Roads funded projects. It applies the Infrastructure Investor Assurance Framework to Resources for Regions and Fixing Country Roads at a program level. This means that each round of funding (under both programs) is treated as a distinct program for the purposes of benefits realisation. It plans to assess whether benefits have been realised once each project in a funding round is completed. As a result, no benefits realisation assessment has been done for any project funded under either Resources for Regions or Fixing Country Roads. Without project‑level benefits realisation, future decisions are not informed by the lessons from previous investments.
Recommendations
- By December 2018, Infrastructure NSW should:
- conduct annual audits of compliance with the funding deed for a random sample of projects funded under Resources for Regions and Fixing Country Roads
- publish the circumstances under which unspent funds can be allocated to changes in project scope
- measure benefits delivered by projects that were completed before December 2017
- implement an annual process to measure benefits for projects completed after December 2017
- By December 2018, Transport for NSW and Infrastructure NSW should:
- incorporate a benefits realisation framework as part of the detailed application.
Appendix one - Response from agencies
Appendix two - Maps of funded projects
Appendix three - About the audit
Appendix four - Performance auditing
Parliamentary reference - Report number #300 - released 17 May 2018
Managing risks in the NSW public sector: risk culture and capability
The Ministry of Health, NSW Fair Trading, NSW Police Force, and NSW Treasury Corporation are taking steps to strengthen their risk culture, according to a report released today by the Auditor-General, Margaret Crawford. 'Senior management communicates the importance of managing risk to their staff, and there are many examples of risk management being integrated into daily activities', the Auditor-General said.
We did find that three of the agencies we examined could strengthen their culture so that all employees feel comfortable speaking openly about risks. To support innovation, senior management could also do better at communicating to their staff the levels of risk they are willing to accept.
Effective risk management is essential to good governance, and supports staff at all levels to make informed judgements and decisions. At a time when government is encouraging innovation and exploring new service delivery models, effective risk management is about seizing opportunities as well as managing threats.
Over the past decade, governments and regulators around the world have increasingly turned their attention to risk culture. It is now widely accepted that organisational culture is a key element of risk management because it influences how people recognise and engage with risk. Neglecting this ‘soft’ side of risk management can prevent institutions from managing risks that threaten their success and lead to missed opportunities for change, improvement or innovation.
This audit assessed how effectively NSW Government agencies are building risk management capabilities and embedding a sound risk culture throughout their organisations. To do this we examined whether:
- agencies can demonstrate that senior management is committed to risk management
- information about risk is communicated effectively throughout agencies
- agencies are building risk management capabilities.
The audit examined four agencies: the Ministry of Health, the NSW Fair Trading function within the Department of Finance, Services and Innovation, NSW Police Force and NSW Treasury Corporation (TCorp). NSW Treasury was also included as the agency responsible for the NSW Government's risk management framework.
In assessing an agency’s risk culture, we focused on four key areas:
Executive sponsorship (tone at the top)
In the four agencies we reviewed, senior management is communicating the importance of managing risk. They have endorsed risk management frameworks and funded central functions tasked with overseeing risk management within their agencies.
That said, we found that three case study agencies do not measure their existing risk culture. Without clear measures of how employees identify and engage with risk, it is difficult for agencies to tell whether employee's behaviours are aligned with the 'tone' set by the executive and management.
For example, in some agencies we examined we found a disconnect between risk tolerances espoused by senior management and how these concepts were understood by staff.
Employee perceptions of risk management
Our survey of staff indicated that while senior leaders have communicated the importance of managing risk, more could be done to strengthen a culture of open communication so that all employees feel comfortable speaking openly about risks. We found that senior management could better communicate to their staff the levels of risk they should be willing to accept.
Integration of risk management into daily activities and links to decision-making
We found examples of risk management being integrated into daily activities. On the other hand, we also identified areas where risk management deviated from good practice. For example, we found that corporate risk registers are not consistently used as a tool to support decision-making.
Support and guidance to help staff manage risks
Most case study agencies are monitoring risk-related skills and knowledge of their workforce, but only one agency has addressed the gaps it identified. While agencies are providing risk management training, surveyed staff in three case study agencies reported that risk management training is not adequate.
NSW Treasury provides agencies with direction and guidance on risk management through policy and guidelines. In line with better practice, NSW Treasury's principles-based policy acknowledges that individual agencies are in a better position to understand their own risks and design risk management frameworks that address those risks. Nevertheless, there is scope for NSW Treasury to refine its guidance material to support a better risk culture in the NSW public sector.
Recommendation
By May 2019, NSW Treasury should:
- Review the scope of its risk management guidance, and identify additional guidance, training or activities to improve risk culture across the NSW public sector. This should focus on encouraging agency heads to form a view on the current risk culture in their agencies, identify desirable changes to that risk culture, and take steps to address those changes.
Appendix one - Response from agencies
Appendix three - About the audit
Appendix four - Performance auditing
Parliamentary reference - Report number #298 - released 23 April 2018
Internal Controls and Governance 2017
Agencies need to do more to address risks posed by information technology (IT).
Effective internal controls and governance systems help agencies to operate efficiently and effectively and comply with relevant laws, standards and policies. We assessed how well agencies are implementing these systems, and highlighted opportunities for improvement.
1. Overall trends
|
New and repeat findings |
The number of reported financial and IT control deficiencies has fallen, but many previously reported findings remain unresolved. |
|
High risk findings |
Poor systems implementations contributed to the seven high risk internal control deficiencies that could affect agencies. |
|
Common findings |
Poor IT controls are the most commonly reported deficiency across agencies, followed by governance issues relating to cyber security, capital projects, continuous disclosure, shared services, ethics and risk management maturity. |
2. Information Technology
|
IT security |
Only two-thirds of agencies are complying with their own policies on IT security. Agencies need to tighten user access and password controls. |
|
Cyber security |
Agencies do not have a common view on what constitutes a cyber attack, which limits understanding the extent of the cyber security threat. |
|
Other IT systems |
Agencies can improve their disaster recovery plans and the change control processes they use when updating IT systems. |
3. Asset Management
|
Capital investment |
Agencies report delays delivering against the significant increase in their budgets for capital projects. |
|
Capital projects |
Agencies are underspending their capital budgets and some can improve capital project governance. |
|
Asset disposals |
Eleven per cent of agencies were required to sell their real property through Property NSW but didn’t. And eight per cent of agencies can improve their asset disposal processes. |
4. Governance
|
Governance arrangements |
Sixty-four per cent of agencies’ disclosure policies support communication of key performance information and prompt public reporting of significant issues. |
|
Shared services |
Fifty-nine per cent of agencies use shared services, yet 14 per cent do not have service level agreements in place and 20 per cent can strengthen the performance standards they set. |
5. Ethics and Conduct
|
Ethical framework |
Agencies can reinforce their ethical frameworks by updating code‑of‑conduct policies and publishing a Statement of Business Ethics. |
|
Conflicts of interest |
All agencies we reviewed have a code of conduct, but they can still improve the way they update and manage their codes to reduce the risk of fraud and unethical behaviour. |
6. Risk Management
|
Risk management maturity |
All agencies have implemented risk management frameworks, but with varying levels of maturity. |
|
Risk management elements |
Many agencies can improve risk registers and strengthen their risk culture, particularly in the way that they report risks to their lead agency. |
This report covers the findings and recommendations from our 2016–17 financial audits related to the internal controls and governance of the 39 largest agencies (refer to Appendix three) in the NSW public sector. These agencies represent about 95 per cent of total expenditure for all NSW agencies and were considered to be a large enough group to identify common issues and insights.
The findings in this report should not be used to draw conclusions on the effectiveness of individual agency control environments and governance arrangements. Specific financial reporting, controls and service delivery comments are included in the individual 2017 cluster financial audit reports tabled in Parliament from October to December 2017.
This new report offers strategic insight on the public sector as a whole
In previous years, we have commented on internal control and governance issues in the volumes we published on each ‘cluster’ or agency sector, generally between October and December. To add further value, we then commented more broadly about the issues identified for the public sector as a whole at the start of the following year.
This year, we have created this report dedicated to internal controls and governance. This will help Parliament to understand broad issues affecting the public sector, and help agencies to compare their own performance against that of their peers.
Without strong control measures and governance systems, agencies face increased risks in their financial management and service delivery. If they do not, for example, properly authorise payments or manage conflicts of interest, they are at greater risk of fraud. If they do not have strong information technology (IT) systems, sensitive and trusted information may be at risk of unauthorised access and misuse.
These problems can in turn reduce the efficiency of agency operations, increase their costs and reduce the quality of the services they deliver.
Our audits do not review every control or governance measure every year. We select a range of measures, and report on those that present the most significant risks that agencies should mitigate. This report divides these into the following six areas:
- Overall trends
- Information technology
- Asset management
- Governance
- Ethics and conduct
- Risk management.
Internal controls are processes, policies and procedures that help agencies to:
- operate effectively and efficiently
- produce reliable financial reports
- comply with laws and regulations.
This chapter outlines the overall trends for agency controls and governance issues, including the number of findings, level of risk and the most common deficiencies we found across agencies. The rest of this volume then illustrates this year’s controls and governance findings in more detail.
|
Issues |
Recommendations |
|
1.1 New and repeat findings |
|
|
The number of internal control deficiencies reduced over the past three years, but new higher-risk information technology (IT) control deficiencies were reported in 2016–17. Deficiencies repeated from previous years still make up a sizeable proportion of all internal control deficiencies. |
Recommendation Agencies should focus on emerging IT risks, but also manage new IT risks, reduce existing IT control deficiencies, and address repeat internal control deficiencies on a more timely basis. |
|
1.2 High risk findings |
|
|
We found seven high risk internal control deficiencies, which might significantly affect agencies. |
Recommendation Agencies should rectify high risk internal control deficiencies as a priority |
|
1.3 Common findings |
|
|
The most common internal control deficiencies related to poor or absent IT controls. We found some common governance deficiencies across multiple agencies. |
Recommendation Agencies should coordinate actions and resources to help rectify common IT control and governance deficiencies. |
Information technology (IT) has become increasingly important for government agencies’ financial reporting and to deliver their services efficiently and effectively. Our audits reviewed whether agencies have effective controls in place over their IT systems. We found that IT security remains the source of many control weakness in agencies.
| Issues | Recommendations |
2.1 IT security |
|
|
User access administration While 95 per cent of agencies have policies about user access, about two-thirds were compliant with these policies. Agencies can improve how they grant, change and end user access to their systems. |
Recommendation Agencies should strengthen user access administration to prevent inappropriate access to sensitive systems. Agencies should:
|
|
Privileged access Sixty-eight per cent of agencies do not adequately manage who can access their information systems, and many do not sufficiently monitor or restrict privileged access. |
Recommendation Agencies should tighten privileged user access to protect their information systems and reduce the risks of data misuse and fraud. Agencies should ensure they:
|
|
Password controls Forty-one per cent of agencies did not meet either their own standards or minimum standards for password controls. |
Recommendation Agencies should review and enforce password controls to strengthen security over sensitive systems. As a minimum, password parameters should include:
|
2.2 Cyber Security |
|
|
Cyber security framework Agencies do not have a common view on what constitutes a cyber attack, which limits understanding the extent of the cyber security threat. |
Recommendation The Department of Finance, Services and Innovation should revisit its existing framework to develop a shared cyber security terminology and strengthen the current reporting requirements for cyber incidents. |
|
Cyber security strategies While 82 per cent of agencies have dedicated resources to address cyber security, they can strengthen their strategies, expertise and staff awareness. |
Recommendations The Department of Finance, Services and Innovation should:
Agencies should ensure they adequately resource staff dedicated to cyber security. |
2.3 Other IT systems |
|
|
Change control processes Some agencies need to improve change control processes to avoid unauthorised or inaccurate system changes. |
Recommendation Agencies should consistently perform user acceptance testing before system upgrades and changes. They should also properly approve and document changes to IT systems. |
|
Disaster recovery planning Agencies can do more to adequately assess critical business systems to enforce effective disaster recovery plans. This includes reviewing and testing their plans on a timely basis. |
Recommendation Agencies should complete business impact analyses to strengthen disaster recovery plans, then regularly test and update their plans. |
Agency service delivery relies on developing and renewing infrastructure assets such as schools, hospitals, roads, or public housing. Agencies are currently investing significantly in new assets. Agencies need to manage the scale and volume of current capital projects in order to deliver new infrastructure on time, on budget and realise the intended benefits. We found agencies can improve how they:
- manage their major capital projects
- dispose of existing assets.
| Issues | Recommendations or conclusions |
3.1 Capital investment |
|
|
Capital asset investment ratios Most agencies report high capital investment ratios, but one-third of agencies’ capital investment ratios are less than one. |
Recommendation Agencies with high capital asset investment ratios should ensure their project management and delivery functions have the capacity to deliver their current and forward work programs. |
|
Volume of capital spending Most agencies have significant forward spending commitments for capital projects. However, agencies’ actual capital expenditure has been below budget for the last three years. |
Conclusion The significant increase in capital budget underspends warrant investigation, particularly where this has resulted from slower than expected delivery of projects from previous years. |
3.2 Capital projects |
|
|
Major capital projects Agencies’ major capital projects were underspent by 13 percent against their budgets. |
Conclusion The causes of agency budget underspends warrant investigation to ensure the NSW Government’s infrastructure commitment is delivered on time. |
|
Capital project governance Agencies do not consistently prepare business cases or use project steering committees to oversee major capital projects. |
Conclusion Agencies that have project management processes that include robust business cases and regular updates to their steering committees (or equivalent) are better able to provide those projects with strategic direction and oversight. |
3.3. Asset disposals |
|
|
Asset disposal procedures Agencies need to strengthen their asset disposal procedures. |
Recommendations Agencies should have formal processes for disposing of surplus properties. Agencies should use Property NSW to manage real property sales unless, as in the case for State owned corporations, they have been granted an exemption. |
Governance refers to the high-level frameworks, processes and behaviours that help an organisation to achieve its objectives, comply with legal and other requirements, and meet a high standard of probity, accountability and transparency.
This chapter sets out the governance lighthouse model the Audit Office developed to help agencies reach best practice. It then focuses on two key areas: continuous disclosure and shared services arrangements. The following two chapters look at findings related to ethics and risk management.
| Issues | Recommendations or conclusions |
4.1 Governance arrangements |
|
|
Continuous disclosure Continuous disclosure promotes improved performance and public trust and aides better decision-making. Continuous disclosure is only mandatory for NSW Government Businesses such as State owned corporations. |
Conclusion Some agencies promote transparency and accountability by publishing on their websites a continuous disclosure policy that provides for, and encourages:
|
4.2 Shared services |
|
|
Service level agreements Some agencies do not have service level agreements for their shared service arrangements. Many of the agreements that do exist do not adequately specify controls, performance or reporting requirements. This reduces the effectiveness of shared services arrangements. |
Conclusion Agencies are better able to manage the quality and timeliness of shared service arrangements where they have a service level agreement in place. Ideally, the terms of service should be agreed before services are transferred to the service provider and:
|
|
Shared service performance Some agencies do not set performance standards for their shared service providers or regularly review performance results. |
Conclusion Agencies can achieve better results from shared service arrangements when they regularly monitor the performance of shared service providers using key measures for the benefits realised, costs saved and quality of services received. Before agencies extend or renegotiate a contract, they should comprehensively assess the services received and test the market to maximise value for money. |
All government sector employees must demonstrate the highest levels of ethical conduct, in line with standards set by The Code of Ethics and Conduct for NSW government sector employees.
This chapter looks at how well agencies are managing these requirements, and where they can improve their policies and processes.
We found that agencies mostly have the appropriate codes, frameworks and policies in place. But we have highlighted opportunities to improve the way they manage those systems to reduce the risks of unethical conduct.
| Issues | Recommendations or conclusions |
5.1 Ethical framework |
|
|
Code of conduct All agencies we reviewed have a code of conduct, but they can still improve the way they update and manage their codes to reduce the risk of fraud and unethical behaviour. |
Recommendation Agencies should regularly review their code-of-conduct policies and ensure they keep their codes of conduct up-to-date. |
|
Statement of business ethics Most agencies maintain an ethical framework, but some can enhance their related processes, particularly when dealing with external clients, customers, suppliers and contractors. |
Conclusion Agencies can enhance their ethical frameworks by publishing a Statement of Business Ethics, which communicates their values and culture. |
5.2 Potential conflicts of interest |
|
|
Conflicts of interest All agencies have a conflicts-of-interest policy, but most can improve how they identify, manage and avoid conflicts of interest. |
Recommendation Agencies should improve the way they manage conflicts of interest, particularly by:
|
|
Gifts and benefits While all agencies already have a formal gifts-and-benefits policy, we found gaps in the management of gifts and benefits by some that increase the risk of unethical conduct. |
Recommendation Agencies should improve the way they manage gifts and benefits by promptly updating registers and providing annual training to staff. |
Risk management is an integral part of effective corporate governance. It helps agencies to identify, assess and prioritise the risks they face and in turn minimise, monitor and control the impact of unforeseen events. It also means agencies can respond to opportunities that may emerge and improve their services and activities.
This year we looked at the overall maturity of the risk management frameworks that agencies use, along with two important risk management elements: risk culture and risk registers.
| Issues | Recommendations or conclusions |
6.1 Risk management maturity |
|
|
All agencies have implemented risk management frameworks, but with varying levels of maturity in their application. Agencies’ averaged a score of 3.1 out of five across five critical assessment criteria for risk management. While strategy and governance fared best, the areas that most need to improve are risk culture, and systems and intelligence. |
Conclusion Agencies have introduced risk management frameworks and practices as required by the Treasury’s:
However, more can be done to progress risk management maturity and embed risk management in agency culture. |
6.2 Risk management elements |
|
|
Risk culture Most agencies have started to embed risk management into the culture of their organisation. But only some have successfully done so, and most agencies can improve their risk culture.
|
Conclusion Agencies can improve their risk culture by:
|
|
Risk registers and reporting Some agencies do not report their significant risks to their lead agency, which may impair the way resources are allocated in their cluster. Some agencies do not integrate risk registers at a divisional and whole-of-enterprise level. |
Conclusion Agencies not reporting significant risks at the cluster level increases the likelihood that significant risks are not being mitigated appropriately. |
Effective risk management can improve agency decision-making, protect reputations and lead to significant efficiencies and cost savings. By embedding risk management directly into their operations, agencies can also derive extra value for their activities and services.
Sydney Road Maintenance Contracts
In November 2013, Roads and Maritime Services (RMS) outsourced the maintenance of State roads in the Sydney region south and west zones using an innovative contracting approach called the Stewardship Maintenance Contract (SMC). The SMC links risk to reward, and uses a performance framework where outcomes should drive improved performance over time.
| WA | VIC | QLD | NSW | |
|---|---|---|---|---|
| Roads managed (lane kms) | 52,659 | 50,510 | 71,353 | 80,348 |
| Estimated spend ($/lane km) | 5,000 | 4,500 | 6,000 | 7,000 |
| Road quality measure (%) | 99 | 99 | 94 | 91 |
Parliamentary reference - Report number #288 - released 15 June 2017
