Reports
Cyber security in local government
What this report is about
NSW local councils provide a wide range of essential services and infrastructure to their communities and are increasingly reliant on digital technologies.
Councils need to manage cyber security risks to ensure their information, data and systems are appropriately safeguarded. Councils also need to be prepared to detect, respond and recover when a cyber security incident occurs.
The audit assessed how effectively three selected councils identified and managed cyber security risks.
The audit also included the Department of Planning, Housing and Infrastructure (Office of Local Government) and Department of Customer Service (Cyber Security NSW), due to their roles in providing guidance and support to local councils.
Audit findings
The audit found that the selected councils are not effectively identifying and managing cyber security risks. Each of the councils undertook activities to improve their cyber security during the audit period, but this audit found significant gaps in their cyber security risk management and cyber security processes.
Such gaps result in unmitigated risks to the security of information and assets which, if compromised, could impact their local communities, service delivery and public infrastructure.
Cyber Security NSW and the Office of Local Government recommend that councils adopt requirements in the Cyber Security Guidelines for Local Government, but could do more to monitor whether the Guidelines are enabling better cyber security risk management in the sector.
Audit recommendations
In summary, the councils should:
- integrate assessment and monitoring of cyber security risks into corporate governance processes
- self-assess their performance against Cyber Security NSW's guidelines for local government
- develop and implement a risk-based cyber security improvement plan and program of activities
- develop, implement and test a cyber incident response plan.
Cyber Security NSW and the Office of Local Government should regularly consult on cyber security risks facing local government, and review the effectiveness of guidelines and related resources for the sector.
While this report focuses on the performance of the selected councils, the findings and recommendations should be considered by all councils to better understand their risks and challenges relevant to managing cyber security risks.
Read the PDF report
Parliamentary reference - Report number #392- released 26 March 2024
Local Government 2023
What this report is about
Results of the local government sector financial statement audits for the year ended 30 June 2023.
Findings
Unqualified audit opinions were issued for 85 councils, eight county councils and 12 joint organisations.
Qualified audit opinions were issued for 36 councils due to non-recognition of rural firefighting equipment vested under section 119(2) of the Rural Fires Act 1997.
The audits of seven councils, one county council and one joint organisation remain in progress at the date of this report due to significant accounting issues.
Fifty councils, county councils and joint organisations missed the statutory deadline of submitting their financial statements to the Office of Local Government, within the Department of Planning, Housing and Infrastructure, by 31 October.
Audit management letters included 1,131 findings with 40% being repeat findings and 91 findings being high-risk. Governance, asset management and information technology continue to represent 65% of the key areas for improvement.
Fifty councils do not have basic governance and internal controls to manage cyber security.
Recommendations
To improve quality and timeliness of financial reporting, councils should:
- adopt early financial reporting procedures, including asset valuations
- ensure integrity and completeness of asset source records
- perform procedures to confirm completeness, accuracy and condition of vested rural firefighting equipment.
To improve internal controls, councils should:
- track progress of implementing audit recommendations, and prioritise high-risk repeat issues
- continue to focus on cyber security governance and controls.
Read the PDF report
Regulation insights
What this report is about
In this report, we present findings and recommendations relevant to regulation from selected reports between 2018 and 2024.
This analysis includes performance audits, compliance audits and the outcomes of financial audits.
Effective regulation is necessary to ensure compliance with the law as well as to promote positive social and economic outcomes and minimise risks with certain activities.
The report is a resource for public sector leaders. It provides insights into the challenges and opportunities for more effective regulation.
Audit findings
The analysis of findings and recommendations is structured around four key themes related to effective regulation:
- governance and accountability
- processes and procedures
- data and information management
- support and guidance.
The report draws from this analysis to present insights for agencies to promote effective regulation. It also includes relevant examples from recent audit reports.
In this report, we also draw out insights for agencies that provide a public sector stewardship role.
The report highlights the need for agencies to communicate a clear regulatory approach. It also emphasises the need to have a consistent regulatory approach, supported by robust information about risks and accompanied with timely and proportionate responses.
The report highlights the need to provide relevant support to regulated parties to facilitate compliance and the importance of transparency through reporting of meaningful regulatory information.
Read the PDF report
Design and administration of the WestInvest program
What this report is about
WestInvest is a $5 billion funding program announced in September 2021 to provide ‘local infrastructure to help communities hit hard by COVID-19’ in 15 local government areas (LGAs) selected by the government. It was divided into three parts: $3 billion for NSW government agency projects; $1.6 billion for competitive grants to councils and community groups; and $400 million for non-competitive grants to councils.
Following the change of government at the 2023 election, the program was renamed the Western Sydney Infrastructure Grants Program. Funding decisions made for the community and local government grants were retained, but multiple funding decisions for the NSW government projects were changed.
The audit objective was to assess the integrity of the design and implementation of the program and the award of program funding.
Findings
The design of the program lacked integrity because it was not informed by robust research or analysis to justify the commitment of public money to a program of this scale.
The then government did not have sufficient regard to the implications for the state's credit rating. A risk to the credit rating arose because the government may have been perceived to be using proceeds from major asset sales to fund new expenditure, rather than pay down its debt.
Decisions about program design were made by the then Treasurer's office without consultation with affected communities. The rationale for these decisions was not documented or made public.
For the NSW government projects, funding allocations did not follow advice from departments. Many funded projects did not meet the objectives of the program.
The two other rounds of the program were administered effectively, except for some gaps in documentation and quality assurance. The program guidelines did not require an equitable or needs-based distribution of funding across LGAs and there was a significant imbalance in funding between the 15 LGAs.
Recommendations
Our recommendations for the administration of future funding programs included:
- considering whether competitive grants are the best way to achieve the program's purpose
- completing program design and guidelines before announcements
- ensuring adequate quality assurance.
We also recommended that when providing advice for submissions by Ministers to Cabinet, agencies should ensure that departmental advice is clearly identified and is distinct from other advice or political considerations.
Read the PDF report
Parliamentary reference - Report number #391 - released 28 February 2024
State Finances 2023
What this report is about
Results of the audit of the Consolidated State Financial Statements of the New South Wales General Government Sector (GGS) and Total State Sector (TSS) for the year ended 30 June 2023.
Findings
The audit opinion on the 2022–23 Consolidated State Financial Statements was qualified in relation to two issues and included an emphasis of matter.
The first qualification matter is a continuation of the prior year limitation of scope on the audit relating to the Catholic Metropolitan Cemeteries Trust (CMCT), a controlled state entity, who continued to deny access to its management, books and records for the purposes of a financial audit. As a result, the Audit Office was unable to obtain sufficient appropriate audit evidence to support the assets, liabilities, income and expenses relating to CMCT recorded in the TSS and the equity investment recognised in the GGS relating to the net assets of CMCT.
The second qualification matter relates to the limitations on the accuracy and reliability of financial information relating to Statutory Land Managers (SLMs) and Common Trust entities (CTs) controlled by the State and were either exempted from requirements to prepare financial reports, or who were required to submit financial reports and have not done so. The Audit Office was unable to obtain sufficient appropriate audit evidence to determine the impact on the value of non-land assets and liabilities, income and expenses that should be recognised in the 2022–23 Consolidated State Financial Statements and which have not been recorded in the Consolidated State Financial Statements.
The independent audit opinion also includes an emphasis of matter drawing attention to key decisions made by the NSW Government regarding the future of the Transport Asset Holding Entity of New South Wales (TAHE).
Recommendations
The report includes recommendations for NSW Treasury to address several high-risk findings, including:
- ensuring accurate and reliable financial information is available to recognise the non-land balances of SLMs and CTs
- ensuring the CMCT, SLMs and CTs meet their statutory reporting obligations
- conducting a broader review of the financial reporting exemption framework
- continued monitoring of TAHE's control over its assets
- providing timely guidance to the sector relating to legislative or policy changes that impact financial reporting
- developing an accounting policy for the reimbursement of unsuccessful tender bid cost contributions.
Read the PDF report
Treasury 2023
What this report is about
Result of the Treasury portfolio of agencies’ financial statement audits for the year ended 30 June 2023.
The results of the audit of the NSW Government’s consolidated Total State Sector Accounts (TSSA), which are prepared by NSW Treasury, will be reported separately in our report on ‘State Finances 2023’.
The audit found
Unqualified audit opinions were issued on all general purpose financial statement audits.
Qualified audit opinions were issued on two of the 24 other engagements prepared by portfolio agencies. These related to payments made from Special Deposit Accounts that did not comply with the relevant legislation.
The number of monetary misstatements identified in our audits increased from 29 in 2021–22 to 39 in 2022–23.
The new parental leave policy impacted agencies across all portfolios. NSW Treasury should perform annual assessments to identify changes in legislation and regulation and provide timely guidance to the sector.
Transport for NSW and Sydney Metro have capitalised over $300 million of tender bid costs paid to unsuccessful tender bidders relating to significant infrastructure projects. Whilst NSW Treasury policy provides clarity on the reimbursement of unsuccessful bidders’ costs, clearer guidance on how to account for these costs in agencies’ financial statements is required.
The key audit issues were
Five high-risk issues were reported in 2022–23. Three were new findings on contract management, accounting treatments for workers compensation renewal premium adjustments and the management and oversight of a Special Deposit Account. Two repeat issues referred to the need to improve quality review processes over financial reporting and the timely approval of administration costs.
Portfolio agencies should prioritise and action recommendations to address internal control deficiencies.
This report provides Parliament and other users of the Treasury portfolio of agencies’ financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Treasury portfolio of agencies (the portfolio) for 2023.
Section highlights
- Unqualified audit opinions were issued on all Treasury portfolio agencies’ 2022–23 financial statements.
- Two qualified audit opinions were issued on special purpose financial reports, relating to whether payments from the Electricity Retained Interest Corporation – Ausgrid (ERIC-A) Fund and the Electricity Retained Interest Corporation – Endeavour (ERIC-E) Fund, complied with the relevant legislation.
- The total number of errors (both corrected and uncorrected) in the financial statements increased from 29 in 2021–22 to 39 in 2022–23.
Reported corrected misstatements increased from 15 in 2021–22 to 25 with a gross value of $7.1 billion in 2022–23. Reported uncorrected misstatements increased from 13 in 2021–22 to 14 in 2022–23, with a gross value of $277.6 million in 2022–23.
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the Treasury portfolio.
Section highlights
- Five high-risk issues were reported in 2022–23. Three were new findings on contract management, accounting treatments for workers compensation renewal premium adjustments and the management and oversight of a Special Deposit Account.
- A further 35 moderate risk findings were reported in 2022–23, of which ten were repeat findings.
- Some agencies have again spent monies without an authorised delegation.
- The quality of information provided for audit purposes needs to improve.
Appendix one – Misstatements in financial statements submitted for audit
Appendix two – Early close procedures
Appendix three – Timeliness of financial reporting
Appendix four – Financial data
Appendix five – Acquittals and other opinions
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Procurement of services for the Park'nPay app
What this report is about
The report assesses whether the Department of Customer Service (the department) complied with legislation and NSW government policy when it directly negotiated with Duncan Solutions to procure backend services relating to the Park'nPay app.
The Park'nPay app, developed by the department, enables users to locate and pay for parking remotely using their smart mobile device.
The audit found
The department failed to establish the grounds for entering a direct negotiation procurement strategy, without any competitive tendering, for services for the Park'nPay app. It rushed a decision to trial the app in The Rocks, without considering how this might affect its procurement obligations.
There is no evidence that the procurement achieved value for money. Despite being required by legislation, as well as mandatory NSW government policy, the department did not consider how it would ensure value for money, nor did it demonstrate an adequate understanding of what is meant by value for money on this occasion.
The department failed to implement key probity requirements. There was no effective management of conflicts of interest. Key decisions were not documented. There was a lack of clarity, transparency, and oversight of the relationship between the Minister's office and staff in the department.
The audit made recommendations about
- making and retaining complete and accurate records, particularly on decisions to commit or expend public money
- ensuring department staff understand how to exercise their financial delegations and procurement processes
- ensuring that only staff with appropriate delegations are committing or approving the spending of public money
- consistency with the contract extension provisions of the NSW Government Procurement Policy Framework, particularly regarding ensuring value for money
- protocols to guide the interactions between department staff and Minister and Minister's staff
- the need for proper management and oversight of contingent workers, such as contractors.
On 27 February 2019 the then Minister for Finance, Services and Property announced the commencement of a Park’nPay app trial in The Rocks precinct of Sydney.
The app was intended to enable users to locate and pay for parking remotely, using their smart mobile device such as a phone or tablet, rather than needing to physically be at a parking meter.
In July 2019, following a direct negotiation procurement conducted by the then Department of Finance, Services and Innovation, a contract was executed with Duncan Solutions for an estimated value of $1,260,600 over three-years, with three single-year options to extend. The contract required Duncan Solutions to provide development services to link the Park'nPay app to its Parking Enterprise Management System platform and to provide ongoing software support services.
This audit assessed whether the department complied with the procurement obligations that applied at the time it procured these services from Duncan Solutions.
This audit focussed on the department's processes and decision-making relating to:
- the direct negotiation with Duncan Solutions at the exclusion of any other potential supplier
- the negotiation, execution and management of the contract with Duncan Solutions.
As this audit focusses on the department's procurement and contract management processes, it does not comment on the activities of Duncan Solutions. The detailed audit objective, criteria and audit approach are in Appendix three.
The auditee is the Department of Customer Service. As a result of machinery of government changes, the Department of Finance, Services, and Innovation became the Department of Customer Service from 1 July 2019. To avoid confusion, this report simply uses ‘the department’ to refer to either. Where the report refers to the Minister, it relates to the former Minister in office at the time.
Conclusion
The department failed to establish the grounds for entering a direct negotiation procurement strategy for services for the Park'nPay app. It rushed a decision to trial the app in The Rocks, without considering how this might affect its procurement requirements.
As part of a direct negotiation process, the department was required to, but did not:
- undertake a comprehensive analysis of the market and all relevant factors to demonstrate that a competitive process does not need to be conducted
- conduct a risk assessment for the procurement approach
- follow the internal delegation process, including obtaining approval of the department's delegate and endorsement of the Chief Procurement Officer.
There is no evidence that the procurement to support Park'nPay represented value for money. Despite it being required by legislation, as well as mandatory NSW Government policy, the department did not consider how to ensure value for money, nor demonstrate an adequate understanding of what is meant by value for money in this case.
The department issued no tender or expression of interest documents against which any proposal could be assessed, and it had no tender evaluation plan, committee, or criteria. Without any objective standards against which the supplier's proposal could be assessed, it was not possible for the department to determine if value for money was achieved, and no value for money has been demonstrated.
The department failed to implement key probity requirements. There was no effective management of conflicts of interest. Key decisions were not documented. There was a lack of clarity, transparency, and oversight of the relationship between the Minister's office and staff in the department.
No conflict of interest declarations were made by staff until almost one year after the direct negotiations commenced and even then they were not made by all members of the negotiation team and key decision-makers.
The department did not document the reasons for its decisions or minute key meetings, such as when, why and by whom the decision was made to transform the procurement from a 'trial' to a contract of up to six years duration. The department had no policies guiding the interactions between the Minister, the Minister's office and staff in the department (including contractors) in relation to this initiative, resulting in blurred and uncertain roles, responsibilities, and accountabilities.
The department initially sought to withhold information from the Audit Office pertaining to Park'nPay. When questions were raised through external scrutiny, there was little evidence of genuine inquiry or review into its practices to ensure improvement and compliance.
The department deliberately sought to withhold information from the Audit Office of NSW when initial inquiries were lawfully made about the Park'nPay project in the context of the audit of the department's financial statements in May 2021.
There is also limited evidence to demonstrate the department has reviewed the decisions and practices around the Park'nPay project, despite receiving internal legal advice at the time that questioned the characterisation of the procurement as a 'pilot', and external scrutiny via the NSW Parliament's Budget Estimates Committee hearings. This indicates a risk that opportunities to review and improve the department's procurement practices based on learnings from this process have been missed.
Appendix one – Response from auditee
Appendix two – Key requirements of the department's procurement manual
Appendix three – About the audit
Appendix four– Performance auditing
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Parliamentary reference - Report number #387 - released 14 December 2023
Local Government 2022
This report is about
Results of the local government sector financial statement audits for the year ended 30 June 2022.
What we found
Unqualified audit opinions were issued for 83 councils, 11 joint organisations and nine county councils' financial statements.
The financial audits for two councils and two joint organisations are in progress due to accounting issues.
Fifty-seven councils and joint organisations (2021: 41) required extensions to submit their financial statements to the Office of Local Government (OLG), within the Department of Planning and Environment (the department).
The audit opinion on Kiama Municipal Council's 30 June 2021 financial statements was disclaimed due to deficient books and records.
Qualified audit opinions were issued on 43 councils' financial statements due to non-recognition of rural firefighting equipment vested under section 119 (2) of the Rural Fires Act 1997. Forty-seven councils appropriately recognised this equipment.
What we recommended
Consistent with the NSW Government's accounting position and the department's role of assessing councils' compliance with legislative responsibilities, standards or guidelines, the department should intervene where councils do not recognise vested rural firefighting equipment.
The key issues
There were 1,045 audit findings reported to councils in audit management letters, with 52% being unresolved from prior years.
What we recommended
Councils need to track progress of implementing audit recommendations, giving priority to high-risk and repeat issues.
Ninety-three high-risk matters were identified across the sector mainly relating to asset management, information technology, financial accounting and council governance procedures.
Asset valuations
Audit management letters reported 267 findings relating to asset management. Fifty-three councils had deficiencies in processes that ensure assets are fairly stated.
What we recommended
Councils need to complete timely asset valuations (repeat recommendation).
Integrity and completeness of asset source records
Fifty-two councils had weak processes over the integrity of fixed asset registers.
What we recommended
Councils need to improve controls that ensure integrity of asset records (repeat recommendation).
Cybersecurity
Our audits found that 47% of councils did not have a cyber security plan.
What we recommended
All councils need to prioritise creation of a cyber security plan to ensure data and assets are safeguarded.
Pursuant to the Local Government Act 1993 I am pleased to present my Auditor-General's report on Local Government 2022. My report provides the results of the 2021–22 financial audits of 126 councils, 11 joint organisations and nine county councils. The audits for two councils and two joint organisations are in progress due to significant accounting issues.
Unqualified audit opinions were issued for 83 councils, 11 joint organisations and nine county councils' 2021–22 financial statements. The statements for 43 councils were qualified due to non-recognition of rural firefighting equipment vested under section 119 (2) of the Rural Fires Act 1997. And the audit opinion on Kiama Municipal Council's 30 June 2021 financial statements was disclaimed due to deficiencies in books and records.
This year has again been challenging for many New South Wales local councils still recovering from the impact of emergency events and facing cost and resourcing pressures. We appreciate the efforts of council staff and management in meeting their financial reporting obligations. We share a mutual interest in raising the standard of financial management in this sector, and the importance of accurate and transparent reporting.
Disappointingly, accounting for the value of rural firefighting equipment vested in councils continued to be an unnecessary distraction and resulted in 43 councils having their financial statements qualified. We continue to recommend that the Office of Local Government should intervene where councils fail to comply with Australian Accounting Standards by not recognising assets vested to them under section 119(2) of the Rural Fires Act 1997.
Sound financial management is critical to councils' ability to instil trust and properly serve their communities. The recommendations in this report are intended to further improve their financial management and reporting capability, and encourage sound governance arrangements and cyber resilience. I am committed to continuing this work with councils in the 2022–23 year and beyond.
Margaret Crawford PSM
Auditor-General for New South Wales
Financial reporting is an important element of good governance. Confidence in and transparency of public sector decision-making are enhanced when financial reporting is accurate and timely.
This chapter outlines audit observations related to the financial reporting audit results of councils and joint organisations.
Section highlights
|
A strong system of internal controls enables councils to operate effectively and efficiently, produce reliable financial reports, comply with laws and regulations, and support ethical government.
This chapter outlines the overall trends in governance and internal controls across councils and joint organisations in 2021–22.
Financial audits focus on key governance matters and internal controls supporting the preparation of councils’ financial statements. Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues are reported to management and those charged with governance through audit management letters. These letters include our observations, related implications, recommendations and risk ratings.
Section highlights
|
Total number of findings reported in audit management letters decreased
The following shows the overall findings of the 2021–22 audits reported in management letters compared with the previous year.
Appendix two – Status of audits
Appendix three – Councils received qualified audit opinions
Appendix four – Common reasons for council extensions
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Natural disasters
What this report is about
This report draws together the financial impact of natural disasters on agencies integral to the response and impact of natural disasters during 2021–22.
What we found
Over the 2021–22 financial year $1.4 billion from a budget of $1.9 billion was spent by the NSW Government in response to natural disasters.
Total expenses were less than the budget due to underspend in the following areas:
- clean-up assistance, including council grants
- anticipated temporary accommodation support
- payments relating to the Northern Rivers Business Support scheme for small businesses.
Natural disaster events damaged council assets such as roads, bridges, waste collection centres and other facilities used to provide essential services. Additional staff, contractors and experts were engaged to restore and repair damaged assets and minimise disruption to service delivery.
At 30 June 2022, the estimated damage to council infrastructure assets totalled $349 million.
Over the first half of the 2022–23 financial year, councils experienced further damage to infrastructure assets due to natural disasters. NSW Government spending on natural disasters continued with a further $1.1 billion spent over this period.
Thirty-six councils did not identify climate change or natural disaster as a strategic risk despite 22 of these having at least one natural disaster during 2021–22.
Section highlights
|
Section highlights
|
NSW government agencies' use of consultants
What the report is about
This audit assessed how effectively NSW government agencies procure and manage consultants. It examined the role of the NSW Procurement Board and NSW Procurement (a unit within NSW Treasury) in supporting and monitoring agency procurement and management of consultants.
The audit used four sources of data that contain information about spending on consultants by NSW government agencies, including annual report disclosures and the State's financial consolidation system (Prime). It also reviewed a sample of consulting engagements from ten NSW government agencies.
What we found
Our review of a selection of consulting engagements indicates that agencies do not procure and manage consultants effectively.
We found most agencies do not use consultants strategically and do not have systems for managing or evaluating consultant performance. We also found examples of non-compliance with procurement rules, including contract variations that exceeded procurement thresholds.
NSW Procurement has made improvements to the information available about spending on consultants, including additional analysis and reporting. However, there is no single data source that accurately captures spending on consultants.
Our analysis of data on whole-of-government spending on consultants, drawn from agency annual reports, indicates that four large professional services firms accounted for about a quarter of consultancy expenditure from 2017–18 to 2021–22. This concentration increases strategic risks, including over-reliance on a limited number of providers and potential reduction in the independence of advice.
It is also highly unlikely that NSW government agencies will meet the government's 2019 policy commitment to reduce consultancy expenses by 20% each year, over four years, from 2019–20. NSW Treasury advised that to implement this commitment, agency budgets were reduced in Prime in line with the savings targets. However, actual spending on consulting in NSW Treasury's Reports on State Finances 2020–21 and 2021–22 was almost $100 million higher than the savings targets over the first three years since 2019–20.
What we recommended
The report made seven recommendations which aim to improve:
- the quality and transparency of data on spending on consultants
- monitoring of strategic risks and agency compliance with procurement and recordkeeping rules
- agencies' strategic use of consultants, including evaluation and knowledge retention.
Between 2017–18 and 2021–22, NSW government agency annual reports disclosed total spending of around $1 billion on consultants across more than 10,000 engagements. More than 1,000 consulting firms provided services to NSW government agencies during this period. Consulting is a classification of professional services that is characterised by giving advice or recommendations on a specific issue. The NSW Procurement Board Direction PBD-2021-03 defines a consultant as a person or organisation that provides 'recommendations or professional advice to assist decision-making by management'. PBD-2021-03 notes that the advisory nature of the work of consultants is the main factor that distinguishes them from other providers of professional services.
The NSW Procurement Board is responsible for setting procurement policy, issuing directions to support policies, and monitoring and reporting on agency compliance with policies and directions. NSW Procurement, a division within NSW Treasury, supports agencies to comply with the NSW Procurement Board’s policies and directions. A 'devolved governance model' is used for procurement in New South Wales. This means the heads of government entities that are covered by the NSW Procurement Board’s directions are responsible for managing the entity's procurement, including managing risks, reporting and ensuring compliance, in line with procurement laws and policies.
This audit assessed how effectively NSW government agencies procure and manage consultants. It assessed the role of the NSW Procurement Board and NSW Procurement in supporting and monitoring agency procurement and management of consultants. It also reviewed a sample of consulting engagements from ten NSW government agencies to examine how agencies procured, managed and reported on their use of consultants. The ten NSW government agencies were:
- NSW Treasury
- Department of Communities and Justice
- Department of Customer Service
- Department of Education
- Department of Planning and Environment
- Department of Premier and Cabinet
- Department of Regional NSW
- Infrastructure NSW
- Sydney Metro
- Transport for NSW
There are four different sources of data that contain information about spending on consultants by NSW government agencies: the State's financial consolidation system (Prime), disclosures of spending on consultants in agency annual reports, and two systems operated by NSW Procurement (the Business Advisory Services (BAS) dashboard and Spend Cube). Each of these data sources serves a different purpose, and collects and categorises information differently. None of these provide a complete source of data on spending on consultants, either in their own right or collectively.
NSW Treasury considers Prime to be the 'source of truth' on consulting expenditure across the NSW public sector. An account within Prime records recurrent spending on consultants, but this account does not include capital expenditure (that is, spending on consultants that has from a financial reporting perspective been 'capitalised' to a project on the balance sheet). As the State's financial consolidation system, Prime captures all financial information. However, capitalised consulting expenditure is recorded within various capital accounts, and is not identifiable within these accounts. While this is appropriate for accounting purposes, it means that the Prime account that records recurrent consulting expenditure does not reflect total spending on consultants by NSW government agencies. We used the data in Prime to assess whether NSW government agencies met the NSW Government's policy commitment—stated before the 2019 election and costed by the Parliamentary Budget Office—to reduce recurrent expenditure on consulting by 20% each year, over four years, from 2019–20. We did this because, while the Prime account for recurrent consulting expenditure does not reflect all spending on consultants, it does capture the recurrent spending that was subject to the policy commitment.
Most NSW government agencies are required by legislation to disclose spending on consultants (as defined in PBD-2021-03) in their annual reports. These disclosures include both recurrent and capital expenditure. For consulting engagements that cost more than $50,000, the disclosures also provide itemised information, including the names of the individual projects and the consultants used. While this data is more complete than Prime because it includes capital expenditure, it also has some gaps. Some entities are excluded from public reporting requirements on consultant use. For example, NSW Local Health Districts (LHD) are not required to produce annual reports, and the Ministry of Health does not include LHD consulting expenditure in its annual report.1 We used annual report disclosure data to report on total expenditure on consultants, and the concentration of suppliers of consulting services to NSW government agencies.
The BAS dashboard and Spend Cube are systems created by NSW Procurement to collect information about spending on suppliers of professional services. This includes consultants, but also includes other professional services providers. The systems were not designed for reporting on spending on consulting as defined in PBD-2021-03. However, we have used this data to assess specific aspects of NSW Procurement's monitoring of the use of consultants by NSW government agencies.
In 2018, we conducted an audit titled 'Procurement and reporting of consultancy services'. This assessed how 12 NSW government agencies complied with procurement requirements and how NSW Procurement supported the functions of the NSW Procurement Board. The 2018 audit found that none of the 12 agencies fully complied with NSW Procurement Board Directions on the use of consultants and that the NSW Procurement Board was not fully effective in overseeing and supporting agencies’ procurement of consultants. Specific findings from the 2018 audit included:
- Agencies applied the definition of consultant inconsistently, which affected the accuracy of reporting on consultancy expenditure.
- There was inadequate guidance from NSW Procurement for agencies implementing the procurement framework, with a need for additional tools, automated processes, and other internal controls to improve compliance.
- NSW Procurement had insufficient data for effective oversight of procurement and did not publish any data on the procurement of consultancy services by NSW government agencies.
Conclusion
Our review of a selection of consulting engagements from ten NSW government agencies indicates that these agencies do not procure and manage consultants effectively. We found that most agencies do not have a strategic approach to using consultants, or systems for managing or evaluating their performance. We also found examples of non-compliance with procurement rules, including contract variations that exceeded procurement thresholds. NSW Procurement, a division within NSW Treasury, provides frameworks and some guidance to agencies for procuring consultants. However, gaps in its data collection and analysis mean monitoring of strategic risks is limited and it does not respond to agency non-compliance consistently. There are limitations in ability of various data sources to accurately record spending on consultants. These limitations include incomplete recording of all spending, and different definitions of consulting for accounting and financial reporting purposes. Notwithstanding these limitations, and based on information in the State's financial consolidation system (Prime)—which records recurrent expenditure on consultants—it is highly unlikely that NSW government agencies will meet the government's 2019 policy commitment to reduce spending on consultants, as defined in the policy commitment and costed by the Parliamentary Budget Office.
The use of a 'devolved governance model' for procurement means NSW government agencies are responsible for developing and implementing their own systems that align with the NSW Government Procurement Policy Framework. Agency heads are responsible for demonstrating compliance. Most agencies included in this audit did not have a clear strategic approach to how and when consultants should be used (for example, to seek advice and expertise not already available within the agency) and were using consultants in an ad hoc manner.
Our analysis of whole-of-government spending on consultants, drawn from agency annual reports, indicates that four large professional services firms account for around 27% of spending on consultants in the period from 2017–18 to 2021–22. The number of firms making up the top 50% of expenditure decreased from 11 to eight during this time, with the other 50% of expenditure spread across more than 1,000 firms. Concentration of consulting engagements within a small number of firms increases strategic risks, including that advice is not sufficiently objective and impartial, and that NSW government agencies become overly reliant on selected professional services firms.
Our review of a selection of consulting engagements by NSW government agencies found several examples of non-compliance with procurement policy. This included the use of variations to contract values which exceeded allowable limits. Record keeping was inadequate in many cases we reviewed, which limits transparency about government spending. Most agencies did not proactively manage their consulting engagements. The majority of consulting engagements that we reviewed were not evaluated or assessed by the agency for quality. Very few used any processes to ensure the transfer and retention of knowledge generated through consulting engagements. This means agencies miss opportunities to increase core staff skills and knowledge and to maximise value from these engagements.
NSW Procurement oversees a detailed policy framework that provides guidance and support to NSW government agencies when they are using consultants. The policy framework provides mandatory steps and some other guidance. Our audit on the procurement and reporting of consultancy services in 2018 found that agency reporting on the use of consultants was inconsistent and recommended that NSW Procurement should improve the quality, accuracy and completeness of data collection. NSW Procurement’s guidance on how agencies should classify and report on consulting engagements remains ambiguous. This contributes to continued inconsistent reporting by and across agencies, and reduces the quality of data on the use of consultants.
NSW Procurement has made some improvements to the information available about spending on consultants since our audit in 2018, including additional analysis and reporting that is available to agencies. However, there is still no single data source that accurately captures all spending on consultants. This is despite our recommendations in 2018 that NSW Procurement improve the quality of information collected from agencies and suppliers, which NSW Procurement accepted. This makes it harder for NSW Procurement or individual agencies to track trends and identify risks or improvement opportunities in the way consultants are used.
In early 2019, the NSW Government made a policy commitment to reduce consultancy expenses by 20% each year, over four years, from 2019–20 (excluding capital-related consultancy expenses). This commitment was set out in the Parliamentary Budget Office's '2019 Coalition Election Policy Costings (Policy Costings)'. NSW Treasury subsequently advised that to implement this commitment, agency budgets were reduced in Prime in line with the savings targets. However, actual spending on consultants recorded in Prime in the first three years after the commitment was made was almost $100 million higher than the targets. We did not see any evidence that the financial data on actual expenditure was used to inform reporting on NSW government agencies' progress toward achieving the savings set out in the policy commitment.
This chapter outlines our findings on the role of NSW Procurement in overseeing the use of consultants by NSW government agencies.
This chapter outlines our findings on the use of consultants by the ten NSW government agencies that were included in this audit.
Appendix one – Responses from auditees
Appendix two – About the audit
Appendix three – Performance auditing
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Parliamentary reference - Report number #378 - released 2 March 2023
