Browse our range of reports and publications including performance and financial statement audit reports, assurance review reports, information reports and annual reports.
Currently showing reports relevant to the Foreign Affairs, Defence and Trade Senate estimates committee. [Remove filter]
Summary and recommendations
Background
1. The Royal Australian Navy (Navy) amphibious warfare fleet includes two Canberra class amphibious assault ships, also known as landing helicopter docks (LHDs). These are HMAS Canberra, commissioned in November 2014, and HMAS Adelaide, commissioned in December 2015. The role of the LHDs is to provide capabilities in amphibious warfare, humanitarian assistance, disaster relief and sealift, and to contribute to broader naval activities. Effective sustainment of the LHDs, including maintenance and support, is essential for the effective delivery of these capabilities.
2. Defence’s Naval Shipbuilding and Sustainment Group has been responsible for the sustainment of the LHDs on behalf of the Navy (the capability manager) since October 2022.1 Since entry into service in 2014, Defence has contracted its core LHD sustainment delivery activities to industry. Defence’s contracting model has changed from time to time, with each of the arrangements established at the commencement of the following three phases: the transition from acquisition to sustainment (from 2014 to 2019); the asset class prime contractor model (from 2019 to 2024); and the Maritime Sustainment Model (as of 1 July 2024).
Rationale for undertaking the audit
3. In 2024–25, Defence’s sustainment activities for its fleet of two Canberra class amphibious assault ships, or LHDs, had a funding provision of $180 million (estimated at $1.9 billion to 2033–34). With service life-of-type until the mid-2050s, the LHDs provide Navy with amphibious capabilities which are to support the delivery of the Australian Government’s strategic intent through joint Australian Defence Force (ADF) deployments. This audit provides assurance to the Parliament on Defence’s sustainment of naval capability, building on Auditor-General Report No. 30 2018–19 ANZAC Class Frigates — Sustainment.
Audit objective and criteria
4. The audit objective was to examine the effectiveness of Defence’s sustainment arrangements for Navy’s Canberra class fleet of amphibious assault ships (or LHDs).
5. To form a conclusion against the audit objective, the following high-level criteria were adopted.
- Has Defence implemented fit-for-purpose planning and value for money procurement arrangements to support its sustainment activities?
- Has Defence effectively managed its sustainment contracts?
- Has Defence established appropriate performance monitoring and reporting arrangements?
Conclusion
6. Defence’s sustainment arrangements for Navy’s LHDs have been partly effective. Risks arising from an accumulation of defects and maintenance backlogs over several years have materialised. The substandard condition of the vessels, and personnel workforce shortages, have resulted in instances of critical failure and impacts to the Navy’s delivery of operational outcomes.
7. Defence did not implement fit-for-purpose planning and value for money procurement arrangements to support LHD sustainment. Defence’s future sustainment requirements, including access to important intellectual property for the LHDs, were not sufficiently developed during the acquisition phase. Establishment of the sustainment arrangements was delayed, occurring during the transition to sustainment process and alongside remediation activities to address issues persisting from acquisition. Defence’s remediation activities did not achieve the required outcomes, resulting in additional work being transferred to the sustainment phase or managed as part of capability improvement projects.
8. Value for money and the intended sustainment outcomes were not achieved through Defence’s procurement processes. Early cost estimates for the sustainment of the LHDs were under developed and did not anticipate the impact of the protracted acquisition deficiencies extending into sustainment and continuing into 2025. Defence has regularly reviewed and adjusted its sustainment budget.
9. Sustainment of the LHDs was not managed effectively by Defence through its prime contractor arrangements. Governance arrangements, contract management guidance, and risk management practices were not implemented in a timely manner and contract-specific probity arrangements were not developed. Defence did not take reasonable steps, as required by the Public Governance, Performance and Accountability Act 2013 (PGPA Act), to manage systemic poor procurement practices by the prime contractor or investigate claims of fraudulent activity in sub-contracting arrangements in accordance with its own policies. Defence did not use the full range of contractual levers available to manage its primary sustainment contract. This approach impacted the quality of service delivery and undermined the achievement of value for money through the contract.
10. Defence has established partly appropriate performance monitoring and reporting arrangements for the Canberra class LHDs. Sustainment outcomes have largely met Navy’s requirements for the operational use of the platforms. The long-term availability and reliability of the LHDs is at risk primarily due to the accumulation of urgent defects, maintenance backlogs and shortfalls in personnel to undertake organic level maintenance. As a result, the LHDs have experienced critical failures, impacting on Navy operations.
11. Defence’s transition to the new Maritime Sustainment Model lacked reliable and complete information on the expected performance of sustainment contractors. Value for money outcomes for the procurements under the new model were limited by poorly implemented probity arrangements and the procurements commencing later than planned, reducing the time available to resolve issues during contract negotiations.
Supporting findings
Planning and procurement
12. Defence accepted delivery of the ships from BAE in 2014 and 2015 later than planned and with defects and deficiencies in both vessels, many of which remain unresolved.
- In 2017, Defence established a Transition and Remediation Program (TARP) to manage the transition into sustainment and conduct the remediation work required to achieve the full capability expected from the LHDs. The remediation activities did not achieve all the intended outcomes, and in November 2019, Defence accepted the LHDs into full service with six ‘significant residual deficiencies’.
- In 2021, Defence established a capability assurance program to address urgent operational and safety issues for the LHDs, including issues carried over from the TARP.
- In July 2024, one quarter of the way through the planned life of the ships, Defence closed the acquisition project with significant defects and deficiencies from acquisition remaining unresolved and to be managed during the sustainment phase (see paragraphs 2.2 to 2.21).
13. The integrity of Defence’s procurement processes for the LHD sustainment prime contractors was undermined by poor controls over probity risks.
- In 2014, the Capability Support Coordinator contract was awarded following an open tender process. The effectiveness of this procurement was limited by issues in the planning and evaluation processes. There were also shortcomings in the subsequent extension of the services with the incumbent provider under the Major Service Provider Panel following an unsolicited proposal in 2022.
- In 2014, the Transition In-Service Support Contract was awarded following a ‘collaborative’ sole source procurement process involving protracted engagement by Defence to improve an under-developed tender response. The procurement outcome did not demonstrate value for money.
- In 2018, the Asset Class Prime Contractor was awarded following a two-stage selection process which involved assessments against fit-for-purpose evaluation criteria. The integrity of the process was compromised by the departure of a senior Defence official with early involvement in the procurement who was then employed by, and negotiated with Defence on behalf of, the winning tenderer (see paragraphs 2.22 to 2.77).
14. Defence’s forecast and management of sustainment costs have been impacted by deficiencies from acquisition extending into sustainment. Since final operating capability was declared in 2019, the LHD sustainment funding provision per financial year has not met in-year requirements, with some sustainment work deferred and future costs increasing. In 2024 senior Defence officials considered options to address Navy sustainment funding pressures. Following consultation with the Minister for Defence in 2024, Navy sustainment funding was increased by an additional $300 million over two years to June 2026, of which Defence allocated $36 million towards LHD sustainment funding for 2024–25 (see paragraphs 2.78 to 2.88).
Sustainment management
15. Defence established governance arrangements to support its management of LHD sustainment contracts. These arrangements were either not implemented effectively or not maintained by Defence, resulting in a number of shortcomings.
- Since 2012, updates to the Materiel Sustainment Agreement (head agreement) between Navy and the Naval Shipbuilding and Sustainment Group have not been timely, occurring several years after key changes in responsibilities or organisational restructures had taken effect.
- A contract management plan was not established for the first 17 months of the ACPC contract. Contract risks, including those identified during the procurement process, were not revisited as planned or covered in the contract management plan.
- Contract-specific probity arrangements were not established for the ACPC contract. Defence relied solely on its broader departmental arrangements instead, which require Defence personnel to proactively identify and declare any actual, potential or perceived conflicts of interest as and when they arise.
- LHD sustainment risks at the strategic level are managed separately and in isolation from risks at the operational and technical levels. There is no hierarchy or clear line of sight between the risks identified in the Materiel Sustainment Agreement and those being managed day-to-day (see paragraphs 3.2 to 3.32).
16. Defence did not manage its primary LHD sustainment contracts as intended by its performance-based design. As a result, Defence cannot assure itself or ministers that sustainment services were delivered effectively and in accordance with the contracted requirements. Key deficiencies were that Defence did not:
- ensure that all mandatory reports were submitted in a timely manner by the contractor;
- undertake full or timely assessments of the contractor’s performance;
- ensure that all key sustainment deliverables had been completed in full prior to making payments to the contractor; or
- use the full range of levers available in the contract to drive satisfactory performance.
17. Between 2021 and 2023 there were at least three separate allegations of fraudulent activities or instances of poor sub-contracting practices related to the ACPC contract. Defence did not seek further information from the contractor on the 2023 allegations and did not change its approach to managing the contract after being notified of the various issues (see paragraphs 3.33 to 3.79).
Performance monitoring and reporting
18. Defence has established a sustainment performance framework for the LHDs, with performance measures set out in a written agreement and reporting provided to senior Defence leadership. The performance measures adopted are relevant to the LHDs but are not fully reliable and do not provide a complete and clear picture of sustainment performance as some important areas of sustainment are not covered. For some performance measures, the nature of the targets selected has led to reporting that does not provide a fair presentation of performance results for the LHDs (see paragraphs 4.2 to 4.18).
19. Navy’s operational requirements have been impacted by shortcomings in the management of LHD sustainment. Sustainment outcomes have included an accumulation of urgent defects, persistent maintenance backlogs, and the degradation of the condition of the platforms. The LHDs have fallen short of meeting availability targets since 2020–21 and sustainment-related deficiencies and workforce shortfalls have given rise to risks involving critical failures in the vessels, possible damage to Navy’s reputation and concerns for the sustainability of the LHDs over the long-term. Some of these risks have materialised, including:
- total power failures in 2022 and 2023, making the LHDs temporarily unavailable while providing humanitarian assistance and disaster relief support in Tonga and Vanuatu; and
- a reduction from three ships to two available for deployment in the amphibious force during 2025 (see paragraphs 4.19 to 4.53).
20. In July 2024, Defence transitioned LHD sustainment to the ‘Maritime Sustainment Model’, which involved the procurement and contracting of new commercial arrangements. Defence started the procurements later than planned, which limited the options available to Defence to manage issues and strengthen value for money outcomes during negotiations. Arrangements to manage probity were not robust and, in respect to the LHD Capability Life Cycle Manager procurement, probity was poorly managed. Defence has not benchmarked or established expected sustainment performance levels for the Maritime Sustainment Model (see paragraphs 4.54 to 4.83).
Recommendations
Recommendation no. 1
Paragraph 2.18
The Department of Defence ensures that appropriate arrangements are in place for its transition and remediation programs to improve the rigour with which these activities are managed, and provide assurance that the relevant objectives have been achieved.
Department of Defence response: Agreed.
Recommendation no. 2
Paragraph 2.87
To support the future requirements for the LHDs, the Department of Defence develops and maintains class-specific life cycle sustainment plans for the Navy fleet, including funding requirements for the planned life of type, to ensure that the required capability is maintained across the classes’ whole of life, at a rate of agreed availability.
Department of Defence response: Agreed.
Recommendation no. 3
Paragraph 3.6
The Department of Defence promptly reviews and updates, Navy’s Materiel Sustainment Agreements with the Capability Acquisition and Sustainment Group and Naval Shipbuilding and Sustainment Group, following significant changes in organisational structures, or at least every three years.
Department of Defence response: Agreed.
Recommendation no. 4
Paragraph 3.31
The Department of Defence reviews and documents its LHD risk management arrangements, including the use of various ICT systems and oversight forums, with a view to identifying efficiencies, where possible, and ensuring that risks are appropriately identified, and actively managed with clear line of sight.
Department of Defence response: Agreed.
Recommendation no. 5
Paragraph 3.69
Where the Department of Defence is notified of incidents such as suspected fraud or unethical conduct, the Department of Defence ensures that its response is fully documented and conforms to Defence policies and the Commonwealth Fraud and Corruption Control Framework.
Department of Defence response: Agreed.
Recommendation no. 6
Paragraph 3.78
Where the Department of Defence’s contracts with industry include mechanisms to obtain assurance over the completion of activities under the contract and the performance of suppliers, the Department of Defence ensures that contractual mechanisms are implemented.
Department of Defence response: Agreed.
Recommendation no. 7
Paragraph 4.13
The Department of Defence review the performance measures for the sustainment of the LHDs to support a more reliable and complete assessment of sustainment performance.
Department of Defence response: Agreed.
Recommendation no. 8
Paragraph 4.63
The Department of Defence establishes arrangements to ensure that its internal policies for the establishment of appropriate probity processes commensurate with the size, scale and risk of its procurement activities are complied with.
Department of Defence response: Agreed.
Recommendation no. 9
Paragraph 4.82
The Department of Defence benchmarks and monitors sustainment performance under the Maritime Sustainment Model to enable an assessment of the achievement of its strategic objectives.
Department of Defence response: Agreed.
Summary of entity response
21. The proposed audit report was provided to the Department of Defence. Extracts of the proposed audit report were provided to BAE Systems Australia Pty Ltd, Babcock Pty Ltd, and Kellogg Brown and Root Pty Ltd. The Defence summary response is provided below and its full response is provided at Appendix 1. Responses from BAE Systems Australia Pty Ltd, Babcock Pty Ltd, and Kellogg Brown and Root Pty Ltd are provided at Appendix 1.
The Department of Defence acknowledges the findings contained in the Auditor General’s report on the sustainment of the Canberra Class amphibious assault ships.
Defence acknowledges that planning and procurement processes, sustainment management arrangements and performance monitoring and reporting were assessed as partly effective.
Defence supports the recommendations. Defence is committed to ensuring the through-life sustainment of the Canberra Class amphibious assault ships deliver the best possible capability outcomes for the Australian Government and the Australian Public.
Key messages from this audit for all Australian Government entities
22. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.
Policy and program design
Summary and recommendations
Background
1. An ‘interest’ is something related to an individual’s personal circumstances that may bring advantage to, or affect, that individual. Interests can include, but are not limited to: financial interests; relationships; employment, including past employment and outside employment; and memberships or affiliations.
2. A conflict of interest can occur when there is a conflict between the public duties and personal interests of a public official that could, or could be seen to, influence the decisions they make or advice they give. For example, an official may hold shares in a company that they are regulating or procuring goods and services from. Conflicts of interest can be real, apparent or potential. Real conflicts of interest occur when personal interests improperly influence officials in performing their public duties.
3. The Public Service Act 1999 sets out that the function of the Senior Executive Service (SES) is to provide APS-wide strategic leadership of the highest quality that contributes to an effective and cohesive APS.1 SES officers should, by personal example and other appropriate means, promote the Australian Public Service (APS) Values and compliance with the Code of Conduct.2 There are specific requirements for accountable authorities and SES employees in relation to the management of interests.3
Rationale for undertaking the audit
4. According to the Australian Public Service Commissioner, the public is entitled to have confidence in the integrity of public officials, and to know that the personal interests of public officials do not conflict with their public duties. Apparent conflicts can be just as damaging to confidence in public administration as real conflicts, so disclosure and effective management of real, apparent and potential conflicts of interest is an important element of the Australian Government’s integrity framework.4
5. This audit was conducted to provide assurance to the Parliament whether the selected entities are effectively managing SES conflict of interest requirements.
Audit objective and criteria
6. The objective of the audit was to assess the effectiveness of selected Commonwealth entities’ management of Senior Executive Service conflict of interest requirements.
7. To form a conclusion against the objective, the ANAO adopted the following three high-level audit criteria.
- Have the entities developed appropriate arrangements to support the management of SES personal interests and conflicts of interest?
- Have the entities implemented effective controls and processes for managing SES annual declarations of interests in accordance with policies and procedures?
- Are SES officers effectively completing conflict of interest declarations for activities of heightened risk of conflict?
Conclusion
8. The Aged Care Quality and Safety Commission (ACQSC), the Australian Trade and Investment Commission (Austrade) and the Department of Home Affairs (Home Affairs) are managing conflicts of interest for SES officers in a largely effective manner. The entities’ management of conflicts of interest has generally improved since 2022. There are a number of initiatives underway to strengthen the framework for managing conflicts of interest across the Australian Public Service.
9. The audited entities have largely appropriate arrangements in place to manage the personal interests and conflicts of interest of SES officers. All entities have policies and procedures which identify interests as a matter requiring consideration. ACQSC and Austrade do not have documented procedures for managing accountable authority declarations to the relevant minister as required by the Public Governance, Performance and Accountability Rule 2014 (PGPA Rule). Home Affairs introduced a procedure in March 2025. All entities identify responsibilities for managing interests. Internal reporting on the completion of declarations and risks arising from declarations has not been undertaken. All entities include conflicts of interest in their enterprise risk registers or fraud risks. Each entity provides training on conflicts of interest within their mandatory training modules. Entities do not adequately monitor completion of this training. All entities communicate information and guidance on conflicts of interest to staff.
10. All entities have implemented partly effective controls and processes for managing SES declarations of interests. Not all SES officers are making declarations. There are limitations in the completeness of information included in declarations by officers, and demonstrated managerial review only occurred for some declarations. Records documenting management plans were not maintained by ACQSC until early 2024. All entities monitor completion of declarations and follow up non-compliant individuals. Between 2022 and 2024, the accountable authorities of ACQSC and Austrade did not make declarations to relevant ministers, as required. The ACQSC’s new incoming accountable authority made a declaration to the relevant minister in January 2025 and the Austrade accountable authority made a declaration in November 2024 and March 2025. The Home Affairs accountable authority has made declarations as required. ACQSC and Austrade included conflicts of interest in assurance activities between 2022 and 2024, and Home Affairs last did so in 2020–21.
11. Entities are partly effective with respect to SES officers completing activity-based conflict of interest declarations. Entities have generally established a requirement for officers to declare conflicts of interest for procurement, recruitment and grants administration activities. The requirement is weakened when there is no requirement for all officers to make a declaration, including for officers with nothing to declare. The ANAO found that officers from ACQSC and Austrade were generally making declarations for procurement as required. Home Affairs officers were not. Officers from all entities involved in grants administration activities are declaring as required. Results were mixed for recruitment activities. No entities had adequate arrangements in place for conflict of interest risks related to post-separation employment.
Supporting findings
Governance
12. ACQSC’s and Home Affairs’ Accountable Authority Instructions (AAIs) follow the model AAI content from the Department of Finance on the disclosure of interests. ACQSC’s AAIs give additional organisational context. Austrade’s instructions do not include the model content and make limited reference to the management of interests. All entities have supporting policies and procedures. Home Affairs’ policies and procedures provide insufficient detail on the annual SES declaration process. None of the entities had procedures supporting accountable authority declarations to the relevant minister. Home Affairs introduced such a procedure in March 2025. (See paragraphs 2.1 to 2.39)
13. All entities have clearly documented responsibilities identifying that individuals are required to make declarations. ACQSC and Home Affairs identify additional responsibilities for other roles including supervisors, managers and business areas responsible for overall management of interests. There has been no internal reporting undertaken within the entities in relation to the completion of annual interest declarations processes, except ACQSC commenced reporting in January 2025 to its internal governance forum. None of the entities analysed declarations of interests to assess and report on emerging risks. (See paragraphs 2.40 to 2.60)
14. All entities have considered conflicts of interest as part of broader integrity or legislative compliance risks. While risks associated with conflicts of interest are considered by all entities, only Home Affairs has documented the controls and control owners associated with enterprise risks. ACQSC’s register includes risk owners. Appropriate documentation of controls and control owners is absent in ACQSC and Austrade. All entities have considered conflicts of interest as a factor within their fraud and corruption control plans. Home Affairs has assessed conflicts of interest as part of its fraud and corruption risk assessments. (See paragraphs 2.61 to 2.77)
15. All entities have training on conflict of interest within their mandatory annual training. This training is not being completed by all SES officers. To help remind SES officers to complete their annual declarations, each of the entities provide officers with reminders. Information and assistance to support officers to comply with their obligations is also available within each entity. (See paragraphs 2.78 to 2.109)
Annual declarations of interests
16. Not all SES officers are completing annual declarations, with completion rates varying across entities. For ACQSC, the completion rate was 92 per cent in 2024. For Austrade, it was 99 per cent (when taking into account long-term leave and departures) and for Home Affairs it was 84 per cent. Completion rates have varied over time. Declarations generally contain sufficient information to understand the nature and extent of a declared interest, however an explanation of how the interest relates to the ‘affairs of the entity’ is not always sufficiently described. The accountable authorities of ACQSC and Austrade did not make declarations of their interests to the relevant minister as required. (See paragraphs 3.3 to 3.31)
17. None of the entities require that all annual declarations made by SES officers are subject to review. If an officer makes a ‘nil’ declaration, none of the entities have required declarations be reviewed. Home Affairs introduced a requirement in December 2024. Only declarations including an interest are subject to manager review. Management plans developed by Austrade officers document managerial review. Evidence of managerial review was lacking for plans developed by ACQSC and Home Affairs officers prior to 2024. (See paragraphs 3.32 to 3.48)
18. All entities monitor the completion of declarations of interests by SES officers. Where SES officers had not completed declarations, there was a process to follow up with relevant officers and their managers. ACQSC and Austrade undertook assurance activity through the inclusion of conflicts of interest within internal audits between 2022 and 2024. (See paragraphs 3.49 to 3.58)
Declarations of conflicts of interest for activity-based activities
19. Each entity requires that SES officers involved in procurement declare conflicts of interest. For ACQSC the SES officers involved in procurement made declarations as required. Eleven of 14 Home Affairs SES officers did not make declarations as required. From March 2025, Austrade has required that all officers involved in procurement activities make conflict of interest declarations. Before this, only officers who had a conflict to declare were required to make a declaration. As such, there were no records for the two Austrade SES officers in the ANAO sample demonstrating that they had considered conflicts of interest. (See paragraphs 4.5 to 4.8)
20. Austrade does not have a policy specifically relating to making conflict of interest declarations for grants administration. Home Affairs requires officers to disclose and manage conflicts of interest, however, there is a lack of supporting process. The three Austrade SES officers involved in grants administration activities assessed by the ANAO had made conflict of interest declarations. The 13 Home Affairs SES officers involved in grants administration had also made declarations. (See paragraphs 4.9 to 4.13)
21. Each of the entities requires that SES officers involved in recruitment declare conflicts of interest, except Home Affairs does not have a documented policy where the recruitment is for an SES officer. Within ACQSC, 38 per cent of SES officers involved in recruitment activities assessed by the ANAO did not make a declaration as required. Austrade does not require officers to make declarations if they have nothing to declare — 44 per cent of SES officers involved in the recruitment assessed by the ANAO made no declaration. Ninety-seven per cent of Home Affairs’ SES officers involved in recruitment made a declaration. Where conflicts of interest were declared, appropriate officers at the three entities were not always reviewing these and management actions were not always being put in place. (See paragraphs 4.14 to 4.39)
22. None of the entities have adequate policies and procedures to support the identification, declaration and management of conflicts of interest related to post-separation employment. Austrade has a declaration addressing conflicts of interest in its cessation checklist. The checklist was not completed by all departing officers. In addition, there was a lack of evidence to demonstrate that such conflicts of interest were considered for SES employees who had departed. (See paragraphs 4.42 to 4.50)
Recommendations
Recommendation no. 1
Paragraph 2.36
Aged Care Quality and Safety Commission and the Australian Trade and Investment Commission establish arrangements to support compliance with the requirements of the Public Governance, Performance and Accountability Rule 2014 relating to accountable authority (including acting accountable authority) declarations of interests to relevant ministers.
Aged Care Quality and Safety Commission response: Agreed.
Australian Trade and Investment Commission response: Agreed.
Recommendation no. 2
Paragraph 2.99
All entities monitor the status of mandatory training to ensure that it is completed within expected timeframes. Where completion is not timely, follow up action should be taken to ensure that requirements are met.
Aged Care Quality and Safety Commission response: Agreed.
Australian Trade and Investment Commission response: Agreed.
Department of Home Affairs response: Agreed.
Recommendation no. 3
Paragraph 3.18
Aged Care Quality and Safety Commission revise:
- guidance supporting annual declarations to ensure individuals making declarations sufficiently describe their roles and responsibilities; and
- its annual declaration form to require that annual declarations be refreshed in detail at regular intervals and specify a duration permitted for reliance on prior declarations.
Aged Care Quality and Safety Commission response: Agreed.
Recommendation no. 4
Paragraph 4.15
Aged Care Quality and Safety Commission update its form for making conflict of interest declarations in relation to recruitment to include a section to describe the nature and extent of a conflict and how it is intended to be managed, and to record acceptance by the panel chair or recruitment delegate.
Aged Care Quality and Safety Commission response: Agreed.
Recommendation no. 5
Paragraph 4.19
Australian Trade and Investment Commission revise its recruitment policy to require declarations of conflicts of interest in all instances, including where no conflict is present.
Australian Trade and Investment Commission response: Agreed.
Recommendation no. 6
Paragraph 4.23
The Department of Home Affairs document its approach to managing conflicts of interest for SES recruitment activities.
Department of Home Affairs response: Agreed.
Recommendation no. 7
Paragraph 4.46
Aged Care Quality and Safety Commission and the Department of Home Affairs update policies and procedures to include employee obligations to identify, declare and manage conflicts of interest related to post-separation employment.
Aged Care Quality and Safety Commission response: Agreed.
Department of Home Affairs response: Agreed.
Summary of entity responses
23. The proposed report was provided to ACQSC, Austrade and Home Affairs. Summary responses from the entities are reproduced below. Full responses are at Appendix 1. Improvements observed by the ANAO during the course of this audit are listed at Appendix 2.
Aged Care Quality and Safety Commission
The Aged Care and Quality Safety Commission (the Commission) welcomes the findings of the audit which align well with the uplift in our integrity policies and practices the Commission already had underway, and some of which were applied during the period of the audit.
The Commission agrees with the five recommendations relating to arrangements for the accountable authority to provide declarations to the Minister, monitoring compliance with mandatory training, ensuring declarations contain information about the person’s role and responsibilities, ensuring annual declarations are refreshed at regular intervals, updating our recruitment Conflict of Interest Form and updating policies and procedures to include post separation conflicts of interest.
The Commission had already commenced improving its conflict of interest processes as part of a wider integrity uplift prior to the audit and the learnings from this audit will continue to inform our integrity maturity uplift. Recommendations from the audit have been actioned with amendments being made to forms, policies and procedures.
Australian Trade and Investment Commission
The Australian Trade and Investment Commission welcomes the audit report and acknowledges the findings and recommendations made by the Australian National Audit Office in relation to the Management of the Senior Executive Services Conflict of interest requirements.
The Australian Trade and Investment Commission is committed to implementing the recommendations from the report. These improvements will further strengthen Austrade’s efforts to ensure all Senior Executive Service (SES) employees of the agency declare all conflicts of interest, and that all declarations are managed with integrity and consistent with legislative obligations.
Department of Home Affairs
All findings and recommendations are agreed. The Department of Home Affairs is committed to ensuring that appropriate processes are maintained for identifying and managing conflicts of interest. This is fundamental to maintaining public trust and confidence in our operations.
Mandatory training is currently in place for all staff and the department will establish follow up actions to ensure SES officers are meeting their mandatory training obligations within set timeframes. This will strengthen the current system of automatic reminders which are sent to both staff and their supervisors, and non-compliance reports that are provided to senior leaders.
The department has work underway to improve its conflict of interest process. This includes updating policies and guidance material and strengthening education. The department has already updated and strengthened procurement guidance and templates to ensure delegates are aware of their conflict of interest obligations throughout each stage of the procurement process. Formal procedures have also been implemented for the Senior Executive Service annual declaration of interest process.
Key messages from this audit for all Australian Government entities
24. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.
Governance and risk management
Summary and recommendations
Background
1. Airservices Australia (Airservices) is established under the Air Services Act 1995 to provide air traffic control and other related services to the aviation industry in Australian-administered airspace. The Department of Defence (Defence) provides air traffic management to military aviation in Australia, including at Defence airfields that operate with shared military and civil use.
2. The OneSKY program aims to build and operate a joint civil–military air traffic management system. The program includes the design and delivery of the new Civil Military Air Traffic Management System (CMATS) plus supporting infrastructure for Airservices and Defence. Airservices is the lead agency delivering the CMATS program in collaboration with Defence.
3. In February 2018 Airservices entered into separate acquisition and support contracts with Thales Australia Limited (Thales) and an on-supply agreement with Defence.
Rationale for undertaking the audit
4. Passengers in Australian airspace rely on Airservices to provide critical air traffic control infrastructure safely and efficiently. The OneSKY program is a major change for Airservices, and CMATS is a core component of the program. Airservices has contracted Thales to develop and support CMATS. The ANAO has previously undertaken three performance audits on the procurements for CMATS, the most recent in 2019.1 Procurement and contract management of large-scale IT projects involve elevated risks. The audit provides assurance to Parliament on whether Airservices is managing the contract for CMATS effectively.
Audit objective and criteria
5. The objective of the audit was to assess the effectiveness of Airservices’ contract management for the OneSKY program.
6. To form a conclusion against the audit objective, the audit team applied the following high-level criteria:
- Has Airservices developed appropriate governance arrangements to support contract management?
- Has Airservices managed the contract effectively to achieve value for money?
Conclusion
7. Airservices’ contract management of the OneSKY program is partly effective. It has governance processes in place and has developed procedures to manage the contract. Shortcomings in contract management planning, performance management and probity have limited its effectiveness in managing the contract to minimise cost increases and schedule delays.
8. Airservices has implemented partly appropriate contract management governance arrangements. A contract management plan is in place; however, arrangements did not sufficiently cover provider performance, program risk and probity issues. Risk processes did not completely capture interdependencies between contract management and program risks. An on-supply agreement formalised arrangements between Airservices and the Defence for the delivery of CMATS. It relies on effective collaboration and governance forums for issues escalation. The Defence component of CMATS was declared a Project of Concern in October 2022 outside of the formal governance forums.
9. Airservices is partly effective in managing the contract to achieve value for money. It has a process to manage variations; however, a high number of variations to date have resulted in cost increases and schedule extensions, and the rationale for its value-for-money assessment was not consistently documented when seeking approval. The incentive-based pricing model agreed in the contract between Airservices and Thales has not been fully effective in containing costs, with the target price expected to be met. Airservices’ supplier performance management is not fully developed or utilised. Airservices applies enterprise-wide probity procedures for conflicts of interest and gifts and benefits, but staff did not always follow these.
Supporting findings
Contract management governance
10. Airservices has developed a OneSKY contract management plan. The plan covers elements set out in the Airservices contract management procedure, such as roles and responsibilities, governance arrangements and the variation process. It does not cover contract management risk or probity for CMATS, and does not reference the CMATS risk management plan or probity plan. The contract management plan does not sufficiently cover contractual performance management. The OneSKY program has 12 governance forums that are intended to provide direction and oversight. The OneSKY Strategic Relationship Forum has never met and in October 2022 CMATS was declared a Project of Concern. (See paragraphs 2.3 to 2.21)
11. Airservices applies the OneSKY program risk management process to contract management risks. It has risk management plans and documentation to identify and monitor contract risks; however, controls and treatments are not fully effective and contract management risks have been realised throughout the project. The interdependency between contract management risks (including Thales’ performance) and risk to overall program delivery and objectives is not fully captured — for example, through documentation of specific contract management actions and levers to ensure program-wide deliverables are achieved. (See paragraphs 2.22 to 2.39)
12. The on-supply agreement formalised the relationship between Airservices and Defence for the delivery of CMATS and has been varied 10 times. It covers collaboration between the two entities and governance forums, but does not provide for escalation if issues cannot be resolved within these mechanisms. In August 2021 Defence escalated its concerns about the project to ministerial level and in October 2022 the Minister for Defence Industry declared CMATS a Project of Concern. The Minister for Defence Industry has since held six meetings with principal stakeholders to address project underperformance. These have resulted in the development of a remediation plan to address program-wide issues. As at February 2025 CMATS remains on the Project of Concern list, with exit criteria formulated to demonstrate delivery of Defence capability. The exit criteria are not expected to be met before 2027. (See paragraphs 2.40 to 2.62)
Achievement of value for money
13. The combined impact of 44 variations as at 31 December 2024 has seen the cost of the acquisition contract increased by $160 million (AUD equivalent) and the delivery date extended by 53 months (four-and-a-half years). Airservices has a process in place to support the development and assessment of contract variations. Briefs to the approval delegate did not completely document how the various elements (technical need, risk and cost) collectively justified the value-for-money assessment or the effect of incremental change on the overall contract value for money. (See paragraphs 3.2 to 3.28)
14. The acquisition contract operates under an incentive arrangement where Airservices and Thales share costs and savings. Under the contract agreed in February 2018, Airservices reimburses Thales for actual costs incurred for works performed up to the ceiling cost. Since December 2023 the arrangement has focused on payments based on milestones. Airservices has mechanisms in place to monitor Thales’ performance, but it does not fully utilise these. In February 2024 program-level key performance indicators were introduced as part of Project of Concern remedial action but these do not provide associated consequences for supplier underperformance where relevant. (See paragraphs 3.29 to 3.69)
15. Airservices has procedures for probity management. Airservices utilises enterprise-wide conflict of interest procedures and gifts, benefits and hospitality acceptance procedures, but these are not reflected in OneSKY probity plans. Airservices staff accepted and did not declare gifts, benefits or hospitality, indicating limited compliance with Airservices’ code of conduct requirements and procedures on perceived and actual conflicts. (See paragraphs 3.70 to 3.88)
Recommendations
Recommendation no. 1
Paragraph 2.20
Airservices Australia update the contract management plan to:
- include how contract management risks and probity are managed;
- provide sufficient guidance on the performance management approach; and
- incorporate additional oversight and periodic contract reviews to ensure contract deliverables remain on track and commercial arrangements are fit for purpose.
Airservices Australia response: Agreed.
Recommendation no. 2
Paragraph 2.35
Airservices Australia identify and document how contract management risk connects to risk at the program level and when specific contract management action could be used to mitigate and improve control of program risks.
Airservices Australia response: Agreed.
Recommendation no. 3
Paragraph 3.21
Airservices Australia, when assessing contract variations:
- record the rationale in approval documentation explaining its value-for-money assessment, including against the overall contract cost and program delivery objectives; and
- identify thresholds for when the impact of incremental change warrants a more significant value-for-money assessment or new procurement rather than varying the current contract.
Airservices Australia response: Partially agreed.
Recommendation no. 4
Paragraph 3.62
Airservices Australia identify which program key performance indicators relate to contract management and link the results of these to contract management actions to better ensure Thales’ accountability in delivering under the contract.
Airservices Australia response: Agreed.
Recommendation no. 5
Paragraph 3.89
Airservices Australia strengthen guidance, education and process around accepting gifts, benefits and hospitality during contract management to address probity risks.
Airservices Australia response: Agreed.
Summary of entity responses
16. The proposed audit report was provided to Airservices and Defence. An extract was provided to Thales. Airservices’ and Defence’s summary responses are provided below and their full responses are provided at Appendix 1.2
Airservices Australia
Airservices acknowledges the report’s findings and appreciates its thorough analysis. While some findings do not fully align with the recommendations, the latter primarily focus on documentation improvements rather than significant deficiencies in existing practices. There are substantial differences between the previously shared report preparation paper (RPP) and the S19 proposed report, specifically noting that the newly added ‘Conclusion’ section presents a more negative view than the broader findings suggest.3 It is pertinent to note Airservices has swiftly implemented corrective actions, addressing all recommendations reflecting its commitment to the OneSKY program and national airspace management harmonization.
Key responses to the recommendations include updating the OneSKY Program Contract Management Plan to enhance guidance on risk management, performance monitoring, and periodic contract reviews. Contract management risks have been integrated into the broader program risk framework, while the Evaluation Report Template has been refined to further clarify value-for-money assessments. The in-practice structured set of approved KPIs have also been linked with contract management plan for cross-reference, and a new procedure has been introduced to strengthen probity awareness regarding hospitality, gifts, and benefits.
These promptly implemented actions demonstrate Airservices’ dedication to continuous improvement in successfully delivering the complex OneSKY program.
Department of Defence
Defence welcomes the ANAO Audit Report into the Management of the OneSKY contract and acknowledges the findings. Defence notes the five recommendations contained in the audit report relate to Airservices Australia’s (Airservices) contract management processes.
Defence is committed to strengthening and standardising processes and controls for contract management. Whilst the audit recommendations are against Airservices’ processes, as part of the collaboration between Airservices and Defence on the OneSKY Program, Defence will work with Airservices and assist, where required and appropriate, to apply the audit recommendations.
Key messages from this audit for all Australian Government entities
17. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.
Contract management
Summary and recommendations
Background
1. Reducing the disparity between Indigenous and non-Indigenous economic outcomes has been a longstanding goal of Australian governments. The National Agreement on Closing the Gap aims to strengthen economic participation and development of Aboriginal and Torres Strait Islander people and their communities.1 Increasing opportunities for Indigenous economic participation has also been an area of interest for the Australian Parliament.2
2. The Indigenous Procurement Policy (IPP) was established in 2015 with the objective ‘to stimulate Indigenous entrepreneurship, business and economic development, providing Indigenous Australians with more opportunities to participate in the economy’.3 One of three elements of the IPP are the mandatory minimum requirements (MMRs), which are targets for minimum Indigenous employment and/or supply use for Australian Government contracts valued from $7.5 million in certain specified industries.4 The National Indigenous Australians Agency (NIAA) is responsible for administering the IPP, including the MMRs.
Rationale for undertaking the audit
3. The stated policy objective of the MMRs is to ‘ensure that Indigenous Australians gain skills and economic benefit from some of the larger pieces of work that the Commonwealth outsources, including in Remote Areas’.5 Compliance with the MMRs is mandatory for non-corporate Commonwealth entities. The MMRs were established in July 2015 and became binding on contractors from 1 July 2016.
4. Auditor-General Report No. 25 2019–20 Aboriginal and Torres Strait Islander Participation Targets in Major Procurements was undertaken to provide assurance that the MMRs were being effectively administered and selected entities were complying with them.6 The audit concluded that while the MMRs were effectively designed, their administration had been undermined by ineffective implementation and monitoring by the policy owner and insufficient compliance by the selected entities.7 The audit made six recommendations to improve administration of and compliance with the MMRs, which were all agreed to.
5. Auditor-General reports identify risks to the successful delivery of government outcomes and provide recommendations to address them. The tabling in the Parliament of an agreed response to an Auditor-General recommendation is a formal commitment by the entity to implement the recommended action. Effective implementation of agreed Auditor-General recommendations demonstrates accountability to the Parliament and contributes to realising the full benefit of an audit.8
6. This audit examines whether the NIAA; Department of Defence (Defence); Department of Education (Education); Department of Employment and Workplace Relations (DEWR)9; Department of Home Affairs (Home Affairs); and Department of Infrastructure, Transport, Regional Development, Communications, Sport and the Arts (Infrastructure) have effectively implemented agreed recommendations from Auditor-General Report No. 25 2019–20. Entities’ implementation of agreed recommendations will help provide assurance to the Parliament about whether the MMRs are meeting the objective of stimulating Indigenous entrepreneurship, business and economic development and providing Indigenous Australians with opportunities to participate in the economy.
Audit objective and criteria
7. The audit objective was to assess whether selected entities effectively implemented agreed recommendations from Auditor-General Report No. 25 2019–20 Aboriginal and Torres Strait Islander Participation Targets in Major Procurements.
8. To form a conclusion against the objective, the following high-level criteria were adopted.
- Did the NIAA implement recommendations related to the administration of the MMRs?
- Does the NIAA manage exemptions to the MMRs effectively?
- Did selected entities implement recommendations related to their compliance with the MMRs?
Conclusion
9. Almost five years after the recommendations were agreed to, entities had partly implemented recommendations from Auditor-General Report No. 25 2019–20 Aboriginal and Torres Strait Islander Participation Targets in Major Procurements. Although the NIAA had improved guidance for entities and sought to increase MMR reporting compliance, a recommendation for the NIAA as the policy owner to implement an evaluation strategy was not completed. The NIAA has not demonstrated whether the MMRs are improving Indigenous economic participation. A risk related to the inappropriate use of exemptions was not managed. Recommendations intended to address the risk that reporting on MMR contracts is incomplete and inaccurate were partly implemented by audited entities. Reforms to the Indigenous Procurement Policy were announced in February 2025 without a clear understanding of the policy’s effectiveness.
10. The NIAA largely implemented two of three recommendations relating to its administration of the MMRs: to develop guidance on the MMRs for Australian Government entities and contractors; and to implement a strategy to increase MMR reporting compliance. The NIAA did not complete a third recommendation as it developed but did not implement an MMR evaluation strategy. Additional commitments made by the NIAA in response to two recommendations were not met.
11. Contracts subject to the MMRs may be exempted by entities for valid reasons established in the Indigenous Procurement Policy. The inappropriate use of exemptions impedes achievement of the Indigenous Procurement Policy’s objectives. The NIAA’s management of exemptions has been partly effective. Systems have been set up to allow potentially invalid exemptions. There is a lack of guidance and assurance over the appropriate use of exemptions.
12. Defence, Education and Home Affairs largely implemented the agreed recommendations relating to compliance with the MMRs. The NIAA, DEWR and Infrastructure partly implemented the agreed recommendations. The MMRs are relevant to the approach to market, tender evaluation, contract management, reporting and finalisation phases of a procurement. Compliance with the MMR requirements was higher in the approach to market, tender evaluation and contract management phases than in the reporting and finalisation phases. All entities could do more to ensure contractors’ compliance with MMR targets and to gain assurance over reported MMR performance.
Supporting findings
Administration of mandatory minimum requirements
13. Auditor-General Report No. 25 2019–20 recommended that the NIAA develop tailored guidance on managing the MMRs throughout the contract lifecycle in consultation with entities and contractors. The NIAA published updated guidance on managing the MMRs in July 2020, following stakeholder consultation. The guidance included complete information for nine of 14 topics identified as requiring additional guidance in Auditor-General Report No. 25 2019–20. Guidance included incomplete information on MMR exemptions, managing MMR performance reporting, and obtaining assurance over contractors’ MMR performance reporting. As at March 2025, guidance had not been updated since July 2020 despite changes to MMR reporting requirements. A commitment to publish guidance tailored for Indigenous businesses was not met. (See paragraphs 2.5 to 2.22)
14. Contractors must report on, and Australian Government entities must assess, performance in meeting agreed MMR targets. Auditor-General Report No. 25 2019–20 recommended that the NIAA implement a strategy to increase entity and contractor compliance with MMR reporting requirements to ensure information in the Indigenous Procurement Policy Reporting Solution (IPPRS) is complete. The NIAA planned and undertook activities aimed at increasing contractors’ compliance with MMR reporting requirements and entities’ management of reporting non-compliance. These included improvements to the IPPRS and monitoring reporting compliance in Australian Government portfolios. The NIAA closed the ANAO recommendation before planned changes to the IPPRS were implemented. As at February 2025, the IPPRS did not fully support contract managers to meet reporting requirements for all types of MMR contracts. User feedback indicated ongoing access and support issues. While reporting compliance increased between 2022 and 2024, as at June 2024, entities and contractors were not fully compliant with MMR reporting requirements and information in the IPPRS was incomplete. Reforms to the IPP announced by government in February 2025 included potentially increasing transparency of suppliers’ performance against MMR targets. (See paragraphs 2.23 to 2.32)
15. Auditor-General Report No. 25 2019–20 recommended that the NIAA implement an evaluation strategy for the MMRs that outlines an approach to measuring the impact of the policy on Aboriginal and Torres Strait Islander employment and business outcomes. Although an evaluation strategy for the MMRs was finalised, it was not implemented. The NIAA has not met requirements to review the effectiveness of a procurement-connected policy every five years. There is no performance monitoring and limited public reporting about the MMRs. (See paragraphs 2.33 to 2.54)
Exemptions from mandatory minimum requirements
16. Between July 2016 and September 2024, 63 per cent (valued at $69.3 billion) of all contracts recorded in the Indigenous Procurement Policy Reporting Solution (IPPRS) were exempted from the MRRs by relevant entities. The proportion of contracts exempted by entities from the MMRs has increased over time. The IPPRS has been set up by the NIAA to allow entities to record reasons for exemptions. The reason categories in the IPPRS mainly align with the Indigenous Procurement Policy, however include a category called ‘other’ that does not align. Of exempted contracts, 34 per cent (valued at $30.2 billion) used the exemption category ‘other’. The NIAA advised the ANAO that some contracts exempted for ‘other’ reasons were exempted because they are in practice non-compliant with the Indigenous Procurement Policy. Entities’ use of the ‘other’ exemption category for non-compliant contracts obscures the degree of non-compliance with the MMRs and is not appropriate. The NIAA does not provide complete guidance on the use of exemptions, or assurance over the legitimacy of exemptions. The NIAA has not considered the strategic implications of exemption usage for the achievement of policy objectives. (See paragraphs 3.1 to 3.13)
Compliance with mandatory minimum requirements
17. Auditor-General Report No. 25 2019–20 recommended that all audited entities review and update their procurement protocols to ensure procuring officers undertaking major procurements that trigger the MMRs comply with required steps in the procurement process.
- As at December 2024, all entities updated their procurement protocols for MMR requirements. One component of this was the development of detailed internal guidance. As at December 2024, Defence, Education, Home Affairs and Infrastructure’s guidance identified key MMR requirements for the approach to market to contract management phases of the procurement lifecycle. DEWR’s guidance and the NIAA’s internal guidance did not identify all key MMR requirements.
- Aside from Home Affairs, all entities’ contracts were largely compliant with the MMRs at the approach to market, tender evaluation and contract management phases of the procurement lifecycle. Home Affairs’ contracts was partly compliant. Defence’s compliance was poorer for contracts resulting from panel procurements.
- All audited entities could improve tender evaluation processes by including an IPPRS search on tenderers’ past MMR compliance.
- In summary: Defence, Education, and Infrastructure largely implemented the 2019–20 recommendation, and the NIAA and DEWR partly implemented it. Home Affairs’ guidance was appropriately updated, however it has not consistently ensured that procuring officers undertaking major procurements that trigger the MMRs comply in practice with the required steps. (See paragraphs 4.3 to 4.18)
18. Auditor-General Report No. 25 2019–20 recommended that all audited entities establish processes, or update existing processes, to ensure contract managers and contractors regularly use the IPP Reporting Solution (IPPRS) for MMR reporting.
- Defence, Education and Home Affairs’ internal guidance identified key IPPRS reporting requirements, while the NIAA, DEWR and Infrastructure’s internal guidance did not identify all key requirements.
- For a sample of contracts, the NIAA’s MMR reporting was timely and based on accurate IPPRS data. For the other five entities, there were issues with both timeliness and accuracy. None of the five entities consistently followed up on late contractor reporting.
- When a contract variation is published on AusTender, IPPRS data is not consistently updated. This means a contract may be identified as on track to meet the MMR target based on incorrect values or a contract may move to the finalisation step prematurely as the end date is inaccurate.
- In summary: Defence, Education and Home Affairs largely implemented the 2019–20 recommendation, and the NIAA, DEWR and Infrastructure partly implemented it. (See paragraphs 4.19 to 4.37)
19. Auditor-General Report No. 25 2019–20 recommended that after guidance has been provided by the policy owner, all audited entities establish appropriate controls and risk-based assurance activities for active MMR contracts.
- As the policy owner, the NIAA published guidance in July 2020 that has a short overview on how MMR performance information could be verified.
- All six entities established at least some controls and arrangements to gain assurance over contractors’ MMR performance reporting. Controls and arrangements were more developed in Education and Home Affairs.
- For a sample of contracts examined, none of the entities consistently undertook assurance activities to verify contractor performance reporting. Defence undertook the most assurance activity.
- In summary: all entities partly implemented the 2019–20 recommendation. (See paragraphs 4.38 to 4.59)
Effectiveness of the mandatory minimum requirements |
Based on MMR performance information reported by Australian Government entities and contractors, the number and value of MMR contracts have grown since the introduction of the Indigenous Procurement Policy (IPP) in 2015. In 2016–17, 17 contracts with MMR targets for Indigenous employment and/or supply use were awarded, with a total value of $756.4 million. In 2023–24, 189 MMR contracts were awarded with a total value of $5.9 billion. Between 1 July 2016 and 30 September 2024, 870 MMR contracts were awarded by 52 Australian Government entities with a total value of $45.2 billion. Indigenous employment and/or supply use targets established under the MMR contracts were reported to be met for 72 per cent of completed MMR contracts.a The majority of MMR contracts were reported to be meeting established employment and supply use targets. These results, however, were based only on contracts where reporting was complete. As at June 2024, 28 per cent of MMR contracts in the reporting phase were not compliant with MMR reporting requirements. Reporting relies on contractor information, and entities largely had not undertaken activities to verify that MMR performance information was accurate. While the application of the MMRs is trending upwards, between July 2016 and September 2024, 1,475 contracts valued at $69.3 billion were ‘exempted’ by entities from the MMRs, often for reasons that are unclear. There is a lack of performance information and evaluation data that allows for the impact and outcomes of the IPP to be assessed. The NIAA’s public reporting on the IPP does not provide information on the MMRs’ effectiveness. It is unclear if the IPP’s objectives of stimulating Indigenous entrepreneurship, business and economic development, and providing Indigenous Australians with more opportunities to participate in the economy, are achieved. While the Indigenous business sector has grown since the introduction of the IPP, in November 2024 the Joint Standing Committee on Aboriginal and Torres Strait Islander Affairs highlighted limitations in available data on the economic contribution of the sector and the impact of policies to support Indigenous economic participation.b |
Note a: Based on 161 contracts where an assessment outcome was reported as at 30 September 2024.
Note b: Joint Standing Committee on Aboriginal and Torres Strait Islander Affairs, Inquiry into economic self-determination and opportunities for First Nations Australians (2024), pp. 13–19, 39–40.
Recommendations
20. This report makes eight recommendations.
Recommendation no. 1
Paragraph 2.21
To support Australian Government entities and contractors to comply with the mandatory minimum requirements (MMRs), in consultation with entities and contractors, the National Indigenous Australians Agency review and update MMR guidance material to ensure that it:
- accurately reflects the current process for managing MMR reporting in the Indigenous Procurement Policy Reporting Solution and provides guidance on appropriate reporting timeframes;
- provides sufficient information to support entities to implement risk-based assurance activities for MMR contracts; and
- provides sufficient information for entities and contractors on suitable evidence to support performance reporting.
National Indigenous Australians Agency response: Agreed.
Recommendation no. 2
Paragraph 2.45
The National Indigenous Australians Agency establish a process to ensure it meets Australian Government requirements placed on policy owners of procurement-connected policies, including reapplication for recognition as a procurement-connected policy.
National Indigenous Australians Agency response: Agreed.
Recommendation no. 3
Paragraph 2.52
The National Indigenous Australians Agency:
- complete and publish an evaluation of the effectiveness of the mandatory minimum requirements in contributing to meeting the objectives of the Indigenous Procurement Policy; and
- develop mandatory minimum requirements performance measures to enable ongoing monitoring.
National Indigenous Australians Agency response: Agreed.
Recommendation no. 4
Paragraph 3.11
To ensure exemptions are accurately recorded in the Indigenous Procurement Policy Reporting Solution, non-compliance with the Indigenous Procurement Policy can be appropriately identified, all applicable contracts are subject to the mandatory minimum requirements reporting and assessment process, and the Indigenous Procurement Policy is achieving its policy objectives, the National Indigenous Australians Agency:
- amend its protocols to ensure that it is not treating non-compliance with mandatory minimum requirements as an exemption or exclusion;
- consider what scenarios that are consistent with allowable exclusions and exceptions within the Indigenous Procurement Policy are not covered by existing categories in the Indigenous Procurement Policy Reporting Solution and therefore whether the ‘other’ category is still justified and required;
- when implementing recommendation 1, provide additional guidance to Australian Government entities on the use of exemption categories, which includes information on when it is appropriate to classify a contract as an ‘exemption’, and when it is appropriate and inappropriate to use the exemption category of ‘other’; and
- implement a risk-based assurance process to ensure that reported exemptions or exclusions are legitimate.
National Indigenous Australians Agency response: Agreed to parts a–c, Not agreed to part d.
Recommendation no. 5
Paragraph 4.7
The National Indigenous Australians Agency and Department of Employment and Workplace Relations update internal procurement guidance to better support procuring officers undertaking major procurements that trigger the mandatory minimum requirements to comply with required steps in the procurement process.
National Indigenous Australians Agency response: Agreed.
Department of Employment and Workplace Relations response: Agreed.
Recommendation no. 6
Paragraph 4.16
Department of Home Affairs strengthen controls to ensure compliance with the mandatory minimum requirements at the approach to market, tender evaluation and contract management phases of major procurements.
Department of Home Affairs response: Agreed.
Recommendation no. 7
Paragraph 4.24
The National Indigenous Australians Agency; Department of Employment and Workplace Relations; and Department of Infrastructure, Transport, Regional Development, Communications, Sport and the Arts establish, strengthen or update guidance to ensure contract managers and contractors appropriately use the Indigenous Procurement Policy Reporting Solution for mandatory minimum requirements reporting.
National Indigenous Australians Agency response: Agreed.
Department of Employment and Workplace Relations response: Agreed.
Department of Infrastructure, Transport, Regional Development, Communications, Sport and the Arts response: Agreed.
Recommendation no. 8
Paragraph 4.53
All audited entities meet their responsibility under the Indigenous Procurement Policy to establish or strengthen processes to ensure contract managers undertake appropriate activities to ensure contractors’ compliance with mandatory minimum requirements (MMR) targets and verify that reported MMR performance information is accurate.
National Indigenous Australians Agency response: Agreed.
Department of Defence response: Agreed.
Department of Education response: Agreed.
Department of Employment and Workplace Relations response: Agreed.
Department of Home Affairs response: Agreed.
Department of Infrastructure, Transport, Regional Development, Communications, Sport and the Arts response: Agreed.
Summary of entity responses
21. Extracts of the proposed audit report were provided to the NIAA, Defence, Education, DEWR, Home Affairs and Infrastructure. Entities’ summary responses are provided below. Entities’ full responses are provided at Appendix 1.
National Indigenous Australians Agency
The National Indigenous Australians Agency (NIAA) welcomes the findings of the audit.
The primary purpose of the Indigenous Procurement Policy (IPP) is to stimulate Indigenous entrepreneurship, business and economic development, providing Indigenous Australians with more opportunities to participate in the economy. The Mandatory Minimum Requirements (MMR) are a key component of this policy.
Prior to the implementation of the policy in 2015, Indigenous businesses secured limited business from Commonwealth procurement. The policy has significantly increased the rate of purchasing from Indigenous businesses.
The NIAA is proud to take the lead on behalf of the Commonwealth in providing advice on how to best meet the requirements of the IPP. The NIAA provides advice to Commonwealth entities through its many publications and its dedicated IPP team. Within the resources available, the NIAA has also invested in providing ICT tools and support to assist Commonwealth entities with their responsibility to ensure accurate reporting on targets and MMRs.
As with all other elements of the Commonwealth Procurement Rules, it is the responsibility of each Commonwealth entity to meet the obligations of the IPP. The NIAA welcomes the ANAO’s recommendations on how it can improve the advice it provides to entities to meet their obligations.
Department of Defence
Defence welcomes the ANAO Audit Report assessing whether selected entities effectively implemented the agreed recommendations from Auditor-General Report No. 25 2019–20 Aboriginal and Torres Strait Islander Participation Targets in Major Procurements.
Defence agrees to the recommendation directed at all audited entities to establish or strengthen processes to ensure contract managers undertake appropriate activities to ensure contractors’ compliance with the mandatory minimum requirements (MMR) targets and verify that reported MMR performance information is accurate.
As the Commonwealth’s largest procurer, Defence is proud of its significant commitment towards supporting the long-term growth and sustainability of the Indigenous business sector, and will continue working with the National Indigenous Australians Agency to improve the monitoring and reporting of the MMR targets.
Department of Education
The Department of Education welcomes this report. The report recognises the significant efforts the department has made to implement changes recommended by the ANAO’s performance audit of February 2020, however the department acknowledges the need to continue its efforts to strengthen its processes to ensure contract managers undertake appropriate activities to ensure contractors’ compliance with mandatory minimum requirements (MMR) targets and verify that reported MMR performance information is accurate.
Education is already making progress towards meeting the report’s recommendation, including working with contract managers to ensure that assurance activities are performed more consistently, and that contract managers regularly review and verify contractor reports. Education will continue to engage with departmental contract managers to ensure that MMR contracts are actioned in the IPPRS within the audit’s recommended timeframes.
Education notes the audit’s broader messages to all entities on the importance of strengthening procurement processes to ensure tenderers’ Indigenous Participation Plans are assessed and that assessments are appropriately documented. Education has added additional information to its intranet guidance on the process required when evaluating tender responses for MMR contracts, and its guides on approaching the market and evaluating and selecting suppliers. In addition, Education has updated its Evaluation Plan templates to include MMR requirements as part of the evaluation process, where applicable.
Education are regular participants in the Commonwealth Procurement and Contract Management Community of Practice and participate in networking opportunities across the Australian Public Service, including informal knowledge sharing across entities.
Department of Employment and Workplace Relations
The Department of Employment and Workplace Relations (DEWR) acknowledges the Australian National Audit Office’s (ANAO) report detailing the outcomes of the follow up audit of Targets for minimum Indigenous employment or supply use in major Australian Government procurements.
DEWR is committed to delivering compliant procurement processes that deliver the expected business outcomes. This includes ensuring compliance with the Indigenous Procurement Policy and that our high value (as defined by the Indigenous Procurement Policy) contracts are properly managed and reported on. Starting from a low maturity level, we have been on a continuous journey of improvement since the Department’s creation in July 2022 (following a Machinery of Government change). We acknowledge and accept the ANAO’s findings and commit to implementing their recommendations as part of our broader procurement maturity program of work.
Department of Home Affairs
The Department of Home Affairs is committed to the implementation of the Government’s policy objective to drive growth in Aboriginal and Torres Strait Islander businesses and employment.
The Department agrees with the two recommendations made by the Auditor-General aimed at improving the Department’s compliance with mandatory minimum requirements (MMR) of the Indigenous Procurement Policy throughout the procurement and contract management phases, and will strengthen its processes, guidance, reporting and assurance activities to achieve this.
Department of Infrastructure, Transport, Regional Development, Communications, Sport and the Arts
The department supports the policy objectives of the Indigenous Procurement Policy and the achievement of the Mandatory Minimum Requirements (MMR) as a key element of the IPP. This follow up audit, which examined all five of the department’s procurements that triggered the MMR, has highlighted the need for further improvement in aspects of the department’s arrangements for meeting the MMR. The department is committed to making the necessary improvements to its processes.
Key messages from this audit for all Australian Government entities
22. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.
Policy implementation
Procurement
Governance and risk management
Summary and recommendations
Background
1. For the financial year 2022–23, the Department of Defence (Defence) ranked as the Australian Government’s largest procurer with 51.7 per cent of Commonwealth entity contracting, valued at $38.69 billion.1 Successive Australian governments have encouraged the involvement of domestic industries in Defence procurement to develop and maintain the industrial base, secure supply chains, and promote employment and economic growth.
2. Defence initiatives to maximise the opportunities for domestic suppliers to participate in government procurement include the Australian Industry Capability (AIC) Program, launched in February 2008.2 The AIC Program required potential contractors to demonstrate how their tenders provide opportunities for Australian businesses.
3. On 28 March 2019, the Minister for Defence Industry released the Defence Policy for Industry Participation (DPIP) to improve consistency in Defence’s approach to maximising Australian industry’s opportunity to participate in Defence procurement. The DPIP requires Defence to consider AIC plans or schedules (or Local Industry Capability plans for construction projects) during procurement decision-making and to ensure the industry commitments in those plans are captured as contracted obligations in materiel and non-materiel procurements valued at or above $4 million, and construction procurements at or above $7.5 million.
Rationale for undertaking the audit
4. Defence’s implementation and delivery of contracted Australian industry requirements has been an area of focus for successive governments and an ongoing interest for the Parliament. The government intent to maximise Australian industry involvement in Defence procurement was reflected in the AIC Program in 2008 and reaffirmed in the 2016 Defence Industry Policy Statement and the 2018 Defence Industrial Capability Plan. This audit provides the Parliament with independent assurance on the effectiveness of Defence’s arrangements to deliver Australian industry policy outcomes through its contractual arrangements with its suppliers.
Audit objective and criteria
5. The objective of the audit was to examine the effectiveness of Defence’s administration of contractual obligations to maximise Australian industry participation.
6. To form a conclusion against the audit objective, the ANAO adopted the following high-level criteria:
- Have fit-for-purpose administrative arrangements been established to maximise Australian industry participation in Defence procurement and contracting?
- Have applicable contracting requirements been implemented to maximise Australian industry participation?
- Has Defence implemented appropriate governance, assurance and reporting arrangements to support the objective of maximising Australian industry participation?
Conclusion
7. Defence has not maximised Australian industry participation through the administration of its contracts. Defence industry policy and contracting requirements were not applied to all relevant procurements, and — where supplier commitments have been contracted — Defence has not effectively monitored or ensured the delivery of those obligations.
8. Defence’s administrative arrangements for maximising Australian industry participation through its procurement and contracting activities are partly fit for purpose. Defence’s procurement framework has not been updated in a timely manner, and as at August 2024, did not fully reflect the requirements of the March 2019 DPIP. Guidance for Defence personnel in relevant tendering and contracting templates is incomplete, and in some cases outdated. Defence engages with industry through forums and other activities as well as through individual procurement processes to support the intent of government’s industry contracting policy.
9. Defence has not implemented applicable contracting requirements effectively. Of the eight contracts examined, each had one or more important shortcomings resulting from limitations in Defence’s advice to potential suppliers, weaknesses in Defence’s contracting of industry participation commitments, and ineffective monitoring of supplier compliance with those commitments.
10. Defence’s governance, assurance and reporting arrangements for industry participation are partly appropriate. Senior Defence committees have received reports on activities to support Australian industry policy objectives. Defence did not establish the Industry Policy Division working group to periodically review the policy in accordance with the DPIP. The AIC Plan assurance framework does not align with a professional standard-setting framework and activities conducted under that framework do not provide reasonable assurance over the matters examined. Defence reports on Australian industry expenditure and has undertaken to further develop its reporting as part of the 2024 Defence Industry Development Strategy.
11. As outlined in the 2024 Defence Industry Development Strategy, Defence was to update the DPIP in late 2024. This policy update follows the 2023 Defence Strategic Review and the 2024 National Defence Strategy. Effective implementation of the next iteration of Australian defence industry contracting policy will require appropriate administrative and IT support systems, including sound procurement controls and contract management activities.
Supporting findings
Administrative arrangements
12. Defence gives effect to its Australian industry contracting requirements through its internal policy framework. Defence’s framework is informed by requirements under the Public Governance, Performance and Accountability Act 2013, the Commonwealth Procurement Rules and government’s Defence industry policies, as set out by the 2016 Defence Industry Policy Statement and the 2018 Defence Industrial Capability Plan. Key elements of Defence’s established policy framework, such as the Defence Procurement Manual (DPM) and its contracting templates, were not updated in a timely manner following the release of the DPIP in March 2019. The DPM was not updated until 1 July 2020, 15 months after the DPIP’s release. Defence lacks arrangements to ensure that procurement documents and contracting templates are aligned with the DPIP requirements, and up to date. Automated system controls, which were established in 2022 and mandated in 2024 — to improve compliance with mandatory procurement policies — do not cover the requirements of the DPIP. (See paragraphs 2.2 to 2.41)
13. Guidance on the Australian Standard for Defence Contracting (ASDEFCON) and the Suite of Facilities tendering and contracting templates is incomplete, with additional guidance notes planned but not developed and released. Defence does not assess its personnel training data by role and therefore cannot provide assurance that its procurement and contracting staff have undertaken training relevant to their roles. The dedicated AIC training course announced in February 2019 is primarily focused on materiel procurements and was not implemented until September 2022. (See paragraphs 2.42 to 2.67)
14. Defence has undertaken a range of industry engagement activities to support the objective of maximising Australian industry participation in procurement. These activities have included the establishment of an Australian Industry Capability Forum and engagements with industry associations. In the absence of a communications strategy for the DPIP, Defence is unable to measure the effectiveness of the information and guidance it has provided to industry on the industry contracting policy requirements in place since 2019. (See paragraphs 2.68 to 2.80)
Implementation of requirements
15. Defence’s advice on Australian industry contracting requirements was provided to potential suppliers as part of the relevant tender processes. Each of the eight contracts examined contained one or more shortcomings with respect to this advice or in the contracting materials provided by Defence, including:
- Defence not considering industry contracting requirements during the early stage of the procurement and therefore not advising suppliers of all requirements;
- the rationale for exemptions from implementing Australian industry contracting requirements not being documented by Defence; and
- outdated or incorrect terminology and reference material being used by Defence or available to suppliers. (See paragraphs 3.6 to 3.15)
16. Of the eight contracts examined, the relevant suppliers for four had provided Defence with a project or industry plan (or schedule) in accordance with the procurement stage requirements of the DPIP. By 29 August 2024, one of these plans (or schedules) remained in draft and had not been further developed as required, and three had been finalised and approved by Defence. For the five contracts without finalised plans, Defence did not document the exemption from this requirement for three suppliers, provided one supplier with an extension to 20 June 2023, and did not finalise the draft plan for the remaining supplier.
17. For four examined contracts, additional AIC or LIC commitments were also within other contract documents. For the two examined contracts with no plans or schedules developed, AIC or LIC commitments were located in other contract artefacts such as a service management plan or statement of work. Unclear or imprecise clauses were included in the contract documentation for three contracts. Of the five that met the threshold for the publication of an AIC Plan, one was published on Defence’s website. Shortfalls in record keeping were observed in the documentation for each of the eight contracts. (See paragraph 3.16 to 3.33)
18. Defence undertakes limited monitoring to ensure the delivery of contracted Australian industry commitments. Where suppliers have reported against their DPIP-related commitments, this reporting has not been complete, with 12 of 59 relevant measures reported against. For four of the five contracts where supplier commitments have been contracted:
- the reporting to Defence indicated that these commitments were not being delivered. Defence undertook follow up action with respect to one of those contracts; and
- the DPIP-related terms in Defence’s contract with the head contractor are required to ‘flow down’ as requirements to the head contractor’s subcontractors. One of these four suppliers has reported to Defence on its engagement with subcontractors. (See paragraphs 3.34 to 3.46)
Governance, assurance and reporting
19. Senior Defence committees at the enterprise and group levels have received reports on the implementation of activities relevant to the DPIP, including the implementation of the ‘enhanced’ Australian industry capability (AIC) contractual framework announced in mid-2020. The policy oversight forum responsible for the periodic review and alignment of the policy with government’s defence industry policy objectives was not established as foreshadowed by the DPIP. In the absence of this forum, Defence has not regularly reported on the DPIP or monitored its implementation activities to ensure a unified approach at a whole-of-enterprise level, consistent with the intent of the DPIP. (See paragraphs 4.2 to 4.15)
20. Defence’s assurance framework does not prescribe the level of assurance to be obtained and does not align with an auditing standards framework. Defence’s ‘AIC Audit Program’ has provided limited insights on the extent to which Defence is implementing its DPIP obligations or whether suppliers are meeting their contracted DPIP-related commitments. Assurance activities conducted under Defence’s framework are limited to materiel contracts over $20 million in value, representing one-fifth of the procurement categories covered by the DPIP. The scope of Defence’s assurance program has included contracts that were executed prior to the March 2019 introduction of the DPIP. Of the 17 assurance activities conducted by Defence since July 2021, seven did not report the deficiencies identified in AIC plans as non-compliance, as the DPIP did not apply to those contracts.
21. Other assurance-related activities such as Defence’s self-reporting through compliance surveys under its Supplier Rating System indicate that Defence has not fully complied with its obligation to ensure supplier commitments are contracted in accordance with the DPIP. Of the 768 contract surveys conducted as at July 2024, 209 (27 per cent) reported that AIC obligations were ‘not applicable’. Other procurement and contracting compliance arrangements in Defence do not cover the DPIP’s requirements and have therefore not identified issues relating to its implementation. (See paragraphs 4.16 to 4.38)
22. Defence has established performance measures related to its engagement with Australian industry and provides quarterly reporting to the Minister for Defence. Defence’s administrative systems do not support reporting at the project level or ensure that AIC Plans are published where required. Defence has undertaken to further develop its reporting on defence industry as part of its implementation of the Defence Industry Development Strategy. (See paragraphs 4.39 to 4.57)
Recommendations
Recommendation no. 1
Paragraph 2.32
The Department of Defence establish arrangements to ensure that its contract template and guidance documents are up to date and aligned with Defence industry contracting and policy requirements.
Department of Defence response: Agreed.
Recommendation no. 2
Paragraph 2.40
The Department of Defence implement controls within relevant systems for its procurement, financial, and contract management activities to support and monitor compliance with its obligations to implement Australian industry participation and contracting requirements.
Department of Defence response: Agreed.
Recommendation no. 3
Paragraph 2.60
The Department of Defence complement the implementation of its new procurement and contract management training by:
- establishing measures to inform senior leadership of the extent to which role specific training is completed, such as by procurement and contract managers; and
- incorporating requirements for Defence policies, such as the DPIP, into mandatory training.
Department of Defence response: Agreed.
Recommendation no. 4
Paragraph 2.64
The Department of Defence extend the scope of the existing AIC Practitioners course to cover the needs of users of Defence contracting material beyond the ASDEFCON suite.
Department of Defence response: Agreed.
Recommendation no. 5
Paragraph 3.32
The Department of Defence implement measures to ensure that:
- where approval of industry commitments occurs after contract execution, this takes place within agreed timeframes and includes options for remediation and contract termination if this does not take place; and
- public AIC plans are prepared and published where required.
Department of Defence response: Agreed.
Recommendation no. 6
Paragraph 3.40
The Department of Defence improve its administrative arrangements for contracts to ensure that:
- contracts with industry participation-related requirements can be efficiently and effectively identified and managed; and
- contracted industry participation-related measures can be efficiently and effectively identified and monitored.
Department of Defence response: Agreed.
Recommendation no. 7
Paragraph 3.45
The Department of Defence:
- monitor subcontractor performance of industry participation commitments where there are contractual flow down requirements between head contractors and their subcontractors; and
- incorporate details on the potential for flow down industry participation requirements into relevant guidance for Defence personnel and industry.
Department of Defence response: Agreed.
Recommendation no. 8
Paragraph 4.14
The Department of Defence improve its oversight arrangements to monitor and drive appropriate consistency in its implementation of Australian industry policy in its procurement and contracting activities.
Department of Defence response: Agreed.
Recommendation no. 9
Paragraph 4.37
The Department of Defence review and revise its AIC assurance framework to:
- prescribe the level of assurance to be obtained through the assurance activities;
- cover the full scope of Defence industry contracting and policy requirements; and
- assess whether Defence industry contracting and policy requirements have been considered and addressed early in procurement processes as required, including the approval and documentation of exemptions.
Department of Defence response: Agreed.
Summary of entity response
23. The proposed audit report was provided to the Department of Defence. Defence’s summary response is provided below, and its full response is included at Appendix 1. Improvements observed by the ANAO during the course of this audit are listed in Appendix 2.
Defence acknowledges the findings of the Auditor-General’s Performance Audit report: Maximising Australian industry participation through Defence contracting. Defence is committed to ensuring that Australian industry participation in Defence contracts is considered and optimised in the delivery of Defence capabilities.
Defence accepts the key findings and recommendations aimed at enhancing governance, assurance, reporting arrangements, relevant training and guidance when implementing Australian industry participation policy requirements in Defence procurements.
In alignment with the Defence Industry Development Strategy, Defence has commenced the process to update the Defence Policy for Industry Participation and procurement reform initiatives to ensure Defence and industry are better positioned to deliver the required capabilities within reduced timeframes. These reforms will directly support the implementation of the ANAO’s recommendations relating to improvement of administrative arrangements to enable identification and monitoring of Defence’s industry policies enabled through its contract frameworks.
Key messages from this audit for all Australian Government entities
24. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.
Policy design
Executive summary
1. Performance information is important for public sector accountability and transparency as it shows how taxpayers’ money has been spent and what this spending has achieved. The development and use of performance information is integral to an entity’s strategic planning, budgeting, monitoring and evaluation processes.
2. Annual performance statements are expected to present a clear, balanced and meaningful account of how well an entity has performed against the expectations it set out in its corporate plan. They are an important way of showing the Parliament and the public how effectively Commonwealth entities have used public resources to achieve desired outcomes.
The needs of the Parliament
3. Section 5 of the Public Governance, Performance and Accountability Act 2013 (PGPA Act) sets out the objects of the Act, which include requiring Commonwealth entities to provide meaningful performance information to the Parliament and the public. The Replacement Explanatory Memorandum to the PGPA Bill 2013 stated that ‘The Parliament needs performance information that shows it how Commonwealth entities are performing.’1 The PGPA Act and the Public Governance, Performance and Accountability Rule 2014 (PGPA Rule) outline requirements for the quality of performance information, and for performance monitoring, evaluation and reporting.
4. The Parliament’s Joint Committee of Public Accounts and Audit (JCPAA) has a particular focus on improving the reporting of performance by entities. In September 2023, the JCPAA tabled its Report 499, Inquiry into the Annual Performance Statements 2021–22, stating:
As the old saying goes, ‘what is measured matters’, and how agencies assess and report on their performance impacts quite directly on what they value and do for the public. Performance reporting is also a key requirement of government entities to provide transparency and accountability to Parliament and the public.2
5. Without effective performance reporting, there is a risk that trust and confidence in government could be lost (see paragraphs 1.3 to 1.6).
Entities need meaningful performance information
6. Having access to performance information enables entities to understand what is working and what needs improvement, to make evidence-based decisions and promote better use of public resources. Meaningful performance information and reporting is essential to good management and the effective stewardship of public resources.
7. It is in the public interest for an entity to provide appropriate and meaningful information on the actual results it achieved and the impact of the programs and services it has delivered. Ultimately, performance information helps a Commonwealth entity to demonstrate accountability and transparency for its performance and achievements against its purposes and intended results (see paragraphs 1.7 to 1.13).
The 2023–24 performance statements audit program
8. In 2023–24, the ANAO conducted audits of annual performance statements of 14 Commonwealth entities. This is an increase from 10 entities audited in 2022–23.
9. Commonwealth entities continue to improve their strategic planning and performance reporting. There was general improvement across each of the five categories the ANAO considers when assessing the performance reporting maturity of entities: leadership and culture; governance; reporting and records; data and systems; and capability.
10. The ANAO’s performance statements audit program demonstrates that mandatory annual performance statements audits encourage entities to invest in the processes, systems and capability needed to develop, monitor and report high quality performance information (see paragraphs 1.18 to 1.27).
Audit conclusions and additional matters
11. Overall, the results from the 2023–24 performance statements audits are mixed. Nine of the 14 auditees received an auditor’s report with an unmodified conclusion.3 Five received a modified audit conclusion identifying material areas where users could not rely on the performance statements, but the effect was not pervasive to the performance statements as a whole.
12. The two broad reasons behind the modified audit conclusions were:
- completeness of performance information — the performance statements were not complete and did not present a full, balanced and accurate picture of the entity’s performance as important information had been omitted; and
- insufficient evidence — the ANAO was unable to obtain enough appropriate evidence to form a reasonable basis for the audit conclusion on the entity’s performance statements.
13. Where appropriate, an auditor’s report may separately include an Emphasis of Matter paragraph. An Emphasis of Matter paragraph draws a reader’s attention to a matter in the performance statements that, in the auditor’s judgement, is important for readers to consider when interpreting the performance statements. Eight of the 14 auditees received an auditor’s report containing an Emphasis of Matter paragraph. An Emphasis of Matter paragraph does not modify the auditor’s conclusion (see Appendix 1).
Audit findings
14. A total of 66 findings were reported to entities at the end of the final phase of the 2023–24 performance statements audits. These comprised 23 significant, 23 moderate and 20 minor findings.
15. The significant and moderate findings fall under five themes:
- Accuracy and reliability — entities could not provide appropriate evidence that the reported information is reliable, accurate and free from bias.
- Usefulness — performance measures were not relevant, clear, reliable or aligned to the entity’s purposes or key activities. Consequently, they may not present meaningful insights into the entity’s performance or form a basis to support entity decision making.
- Preparation — entity preparation processes and practices for performance statements were not effective, including timeliness, record keeping and availability of supporting documentation.
- Completeness — performance statements did not present a full, balanced and accurate picture of the entity’s performance, including all relevant data and contextual information.
- Data — inadequate assurance over the completeness, integrity and accuracy of data, reflecting a lack of controls over how data is managed across the data lifecycle, from data collection through to reporting.
16. These themes are generated from the ANAO’s analysis of the 2023–24 audit findings, and no theme is necessarily more significant than another (see paragraphs 2.12 to 2.17).
Measuring and assessing performance
17. The PGPA Rule requires entities to specify targets for each performance measure where it is reasonably practicable to set a target.4 Clear, measurable targets make it easier to track progress towards expected results and provide a benchmark for measuring and assessing performance.
18. Overall, the 14 entities audited in 2023–24 reported against 385 performance targets in their annual performance statements. Entities reported that 237 targets were achieved/met5, 24 were substantially achieved/met, 24 were partially achieved/met and 82 were not achieved/met.6 Eighteen performance targets had no definitive result.7
19. Assessing entity performance involves more than simply reporting how many performance targets were achieved. An entity’s performance analysis and narrative is important to properly inform stakeholder conclusions about the entity’s performance (see paragraphs 2.37 to 2.44).
Connection to broader government policy initiatives
20. Performance statements audits touch many government policies and frameworks designed to enhance government efficiency, effectiveness and impact, and strengthen accountability and transparency. This is consistent with the drive to improve coherence across the Commonwealth Government’s legislative and policy frameworks that led to the PGPA Act being established.8 The relationship between performance statements audits and existing government policies and frameworks is illustrated in Figure S.1.
Figure S.1. Relationship of performance statements audits to government policies and frameworks

Source: ANAO analysis.
The future direction of annual performance statements audits
21. Public expectations and attitudes about public services are changing.9 Citizens not only want to be informed, but also to have a say between elections about choices affecting their community10 and be involved in the decision-making process, characterised by, among other things, citizen-centric and place-based approaches that involve citizens and communities in policy design and implementation.11 There is increasing pressure on Commonwealth entities from the Parliament and citizens demanding more responsible and accountable spending of public revenues and improved transparency in the reporting of results and outcomes.
22. A specific challenge for the ANAO is to ensure that performance statements audits influence entities to embrace performance reporting and shift away from a compliance approach with a focus on complying with minimum reporting requirements or meeting the minimum standard they think will satisfy the auditor.12 A compliance approach misses the opportunity to use performance information to learn from experience and improve the delivery of government policies, programs and services.
23. Performance statements audits reflect that for many entities there is not a clear link between internal business plans and the entity’s corporate plan. There can be a misalignment between the information used for day-to-day management and governance of an entity and performance information presented in annual performance statements. Periodic monitoring of performance measures is also not an embedded practice in all Commonwealth entities. These observations indicate that some entities are reporting measures in their performance statements that may not represent the highest value metrics for running the business or for measuring and assessing the entity’s performance (see paragraphs 4.32 to 4.35).
Developments in the ANAO’s audit approach
24. Working with audited entities, the ANAO has progressively sought to strengthen sector understanding of the Commonwealth Performance Framework. This includes a focus on helping entities to apply general principles and guidance to their own circumstances and how entities can make incremental improvements to their performance reporting over time. For example:
- in 2021–22, the ANAO gave prominence to ensuring entities understood and complied with the technical requirements of the PGPA Act and the PGPA Rule;
- in 2022–23, there was an increased focus on supporting entities to establish materiality policies that help determine which performance information is significant enough to be reported in performance statements and to develop entity-wide performance frameworks; and
- in 2023–24, there was an increased focus on assessing the completeness of entity purposes, key activities and performance measures and whether the performance statements present fairly the performance of the entity (see paragraphs 4.36 to 4.38).
Appropriate and meaningful
25. For annual performance statements to achieve the objects of the PGPA Act, they must present performance information that is appropriate (accountable, reliable and aligned with an entity’s purposes and key activities) and meaningful (providing useful insights and analysis of results). They also need to be accessible (readily available and understandable).
26. For the 2024–25 audit program and beyond, the ANAO will continue to encourage Commonwealth entities to not only focus on technical matters (like selecting measures of output, efficiency and effectiveness and presenting numbers and data), but on how to best tell their performance story. This could include analysis and narrative in annual performance statements that explains the ‘why’ and ‘how’ behind the reported results and providing future plans and initiatives aligned to meeting expectations set out in the corporate plan.13
27. It is difficult to demonstrate effective stewardship of public resources without good performance information and reporting. Appropriate and meaningful performance information can show that the entity is thinking beyond the short-term. It can show that the entity is committed to long-term responsible use and management of public resources and effectively achieving results to create long lasting impacts for citizens (see paragraphs 4.39 to 4.45).
Linking financial and performance information
28. The ‘Independent Review into the operation of the PGPA Act’14 noted that there would be merit in better linking performance and financial results, so that there is a clear line of sight between an entity’s strategies and performance and its financial results.15
29. Improving links between financial and non-financial performance information is necessary for measuring and assessing public sector productivity. As a minimum, entities need to understand both the efficiency and effectiveness of how taxpayers’ funds are used if they are to deliver sustainable, value-for-money programs and services. There is currently limited reporting by entities of efficiency (inputs over outputs) and even less reporting of both efficiency and effectiveness for individual key activities.
30. Where entities can demonstrate that more is produced to the same or better quality using fewer resources, this reflects improved productivity.
31. The ANAO will seek to work with the Department of Finance and entities to identify opportunities for annual performance statements to better link information on entity strategies and performance to their financial results (see paragraphs 4.46 to 4.51).
Cross entity measures and reporting
32. ANAO audits are yet to see the systemic development of cross-sector performance measures as indicators where it has been recognised that organisational performance is partly reliant on the actions of other agencies. Although there are some emerging better practices16, the ANAO’s findings reveal that integrated reporting on cross-cutting initiatives and linked programs could provide Parliament, government and the public with a clearer, more unified view of performance on key government priorities such as:
- Closing the Gap;
- women’s safety;
- housing;
- whole-of-government national security initiatives; and
- cybersecurity.
33. Noting the interdependence, common objectives and shared responsibility across multiple government programs, there is an opportunity for Commonwealth entities to make appropriate reference to the remit and reporting of outcomes by other entities in annual performance statements. This may enable the Parliament, the government and the public to understand how the work of the reporting entity complements the work done by other parts of government.17
34. As the performance statements audit program continues to broaden in coverage, there will be opportunities for the ANAO to consider the merit of a common approach to measuring performance across entities with broadly similar functions, such as providing policy advice, processing claims or undertaking compliance and regulatory functions. A common basis for assessing these functions may enable the Parliament, the government and the public to compare entities’ results and consider which approaches are working more effectively and why (see paragraphs 4.52 to 4.56).
Executive summary
The Australian National Audit Office (ANAO) publishes an annual audit work program (AAWP) which reflects the audit strategy and deliverables for the forward year. The purpose of the AAWP is to inform the Parliament, the public, and government sector entities of the planned audit coverage for the Australian Government sector by way of financial statements audits, performance audits, performance statements audits and other assurance activities. As set out in the AAWP, the ANAO prepares two reports annually that, drawing on information collected during financial statements audits, provide insights at a point in time of financial statements risks, governance arrangements and internal control frameworks of Commonwealth entities. These reports provide Parliament with an independent examination of the financial accounting and reporting of public sector entities.
These reports explain how entities’ internal control frameworks are critical to executing an efficient and effective audit and underpin an entity’s capacity to transparently discharge its duties and obligations under the Public Governance, Performance and Accountability Act 2013 (PGPA Act). Deficiencies identified during audits that pose either a significant or moderate risk to an entity’s ability to prepare financial statements free from material misstatement are reported.
This report presents the final results of the 2023–24 audits of the Australian Government’s Consolidated Financial Statements (CFS) and 245 Australian Government entities. The Auditor-General Report No. 42 2023–24 Interim Report on Key Financial Controls of Major Entities, focused on the interim results of the audits of 27 of these entities.
Consolidated financial statements
Audit results
1. The CFS presents the whole of government and the General Government Sector financial statements. The 2023–24 CFS were signed by the Minister for Finance on 28 November 2024 and an unmodified auditor’s report was issued on 2 December 2024.
2. There were no significant or moderate audit issues identified in the audit of the CFS in 2023–24 or 2022–23.
Australian Government financial position
3. The Australian Government reported a net operating balance of a surplus of $10.0 billion ($24.9 billion surplus in 2022–23). The Australian Government’s net worth deficiency decreased from $570.3 billion in 2022–23 to $567.5 billion in 2023–24 (see paragraphs 1.8 to 1.26).
Financial audit results and other matters
Quality and timeliness of financial statements preparation
4. The ANAO issued 240 unmodified auditor’s reports as at 9 December 2024. The financial statements were finalised and auditor’s reports issued for 79 per cent (2022–23: 91 per cent) of entities within three months of financial year-end. The decrease in timeliness of auditor’s reports reflects an increase in the number of audit findings and legislative breaches identified by the ANAO, as well as limitations on the available resources within the ANAO in order to undertake additional audit procedures in response to these findings
5. A quality financial statements preparation process will reduce the risk of inaccurate or unreliable reporting. Seventy-one per cent of entities delivered financial statements in line with an agreed timetable (2022–23: 72 per cent). The total number of adjusted and unadjusted audit differences decreased during 2023–24, although 38 per cent of audit differences remained unadjusted. The quantity and value of adjusted and unadjusted audit differences indicate there remains an opportunity for entities to improve quality assurance over financial statements preparation processes (see paragraphs 2.138 to 2.154).
Timeliness of financial reporting
6. Annual reports that are not tabled in a timely manner before budget supplementary estimates hearings decrease the opportunity for the Senate to scrutinise an entity’s performance. Timeliness of tabling of entity annual reports improved. Ninety-three per cent (2022–23: 66 per cent) of entities that are required to table an annual report in Parliament tabled prior to the date that the portfolio’s supplementary budget estimates hearing commenced. Supplementary estimates hearings were held one week later in 2023–24 than in 2022–23. Fifty-seven per cent of entities tabled annual reports one week or more before the hearing (2022–23: 12 per cent). Of the entities required to table an annual report, 4 per cent (2022–23: 6 per cent) had not tabled an annual report as at 9 December 2024 (see paragraphs 2.155 to 2.166).
Official hospitality
7. Eighty-one per cent of entities permit the provision of hospitality and the majority have policies, procedures or guidance in place. Expenditure on the provision of hospitality for the period 2020–21 to 2023–24 was $70.0 million. Official hospitality involves the provision of public resources to persons other than officials of an entity to achieve the entity’s objectives. Entities that provide official hospitality should have policies, and guidance in place which clearly set expectations for officials. There are no mandatory requirements for entities in managing the provision of hospitality, however, the Department of Finance (Finance) does provide some guidance to entities in model accountable authority instructions. Of those entities that permit hospitality 83 per cent have established formal policies, guidelines or processes.
8. Entities with higher levels of exposure to the provision of official hospitality could give further consideration to implementing or enhancing compliance and reporting arrangements. Seventy-four per cent of entities included compliance requirements in their policies, procedures or guidance which support entity’s obtaining assurance over the conduct of official hospitality. Compliance processes included acquittals, formal reporting, attestations from officials and/or periodic internal audits. Thirty-one per cent of entities had established formal reporting on provision of official hospitality within their entities (see paragraphs 2.36 to 2.56).
Artificial intelligence
9. Fifty-six entities used artificial intelligence (AI) in their operations during 2023–24 (2022–23: 27 entities). Most of these entities had adopted AI for research and development activities, IT systems administration and data and reporting.
10. During 2023–24, 64 per cent of entities that used AI had also established internal policies governing the use of AI (2022–23: 44 per cent). Twenty-seven per cent of entities had established internal policies regarding assurance over AI use. An absence of governance frameworks for managing the use of emerging technologies could increase the risk of unintended consequences. In September 2024, the Digital Transformation Agency (DTA) released the Policy for the responsible use of AI in government, which establishes requirements for accountability and transparency on the use of AI within entities (see paragraphs 2.67 to 2.71).
Cloud computing
11. Assurance over effectiveness of cloud computing arrangements (CCA) could be improved. During 2023–24, 89 per cent of entities used CCAs as part of the delivery model for the IT environment, primarily software-as-a-service (SaaS) arrangements. A Service Organisation Controls (SOC) certificate provides assurance over the implementation, design and operating effectiveness of controls included in contracts, including security, privacy, process integrity and availability. Eighty-two per cent of entities did not have in place a formal policy or procedure which would require the formal review and consideration of a SOC certificate.
12. In the absence of a formal process for obtaining and reviewing SOC certificates, there is a risk that deficiencies in controls at a service provider are not identified, mitigated or addressed in a timely manner (see paragraphs 2.57 to 2.66).
Audit committee member rotation
13. Audit committee member rotation considerations could be enhanced. The rotation of audit committee membership is not mandated, though guidance to the sector indicates that rotation of members allows for a flow of new skills and talent through committees, supporting objectivity. Forty-six per cent of entities did not have a policy requirement for audit committee member rotation.
14. Entities could enhance the effectiveness of their audit committees by adopting a formal process for rotation of audit committee membership, which balances the need for continuity and objectivity of membership (see paragraphs 2.16 to 2.21).
Fraud framework requirements
15. The Commonwealth Fraud Control Framework 2017 encourages entities to conduct fraud risk assessments at least every two years and entities responsible for activities with a high fraud risk may assess risk more frequently. All entities had in place a fraud control plan. Ninety-seven per cent of entities had conducted a fraud risk assessment within the last two years. Changes to the framework which occurred on 1 July 2024 requires entities to expand plans to take account of preventing, detecting and dealing with corruption, as well as periodically examining the effectiveness of internal controls (see paragraphs 2.16 to 2.21).
Summary of audit findings
16. Internal controls largely supported the preparation of financial statements free from material misstatement. However, the number of audit findings identified by the ANAO has increased from 2023–24. A total of 214 audit findings and legislative breaches were reported to entities as a result of the 2023–24 financial statements audits. These comprised six significant, 46 moderate, 147 minor audit findings and 15 legislative breaches. The highest number of findings are in the categories of:
- IT control environment, including security, change management and user access;
- compliance and quality assurance frameworks, including legal conformance; and
- accounting and control of non-financial assets.
17. IT controls remain a key issue. Forty-three per cent of all audit findings identified by the ANAO related to the IT control environment, particularly IT security. Weaknesses in controls in this area can expose entities to an increased risk of unauthorised access to systems and data, or data leakage. The number of IT findings identified by the ANAO indicate that there remains room for improvement across the sector to enhance governance processes supporting the design, implementation and operating effectiveness of controls.
18. These audits findings included four significant legislative breaches, one of which was first identified since 2012–13. The majority (53 per cent) of other legislative breaches relate to incorrect payments of remuneration to key management personnel and/or non-compliance with determinations made by the Remuneration Tribunal. Entities could take further steps to enhance governance supporting remuneration to prevent non-compliance or incorrect payments from occurring (see paragraphs 2.72 to 2.137).
Financial sustainability
19. An assessment of an entity’s financial sustainability can provide an indication of financial management issues or signal a risk that the entity will require additional or refocused funding. The ANAO’s analysis concluded that the financial sustainability of the majority of entities was not at risk (see paragraphs 2.167 to 2.196).
Reporting and auditing frameworks
Changes to the Australian public sector reporting framework
20. The development of a climate-related reporting framework and assurance regime in Australia continues to progress. ANAO consultation with Finance to establish an assurance and verification regime for the Commonwealth Climate Disclosure (CCD) reform is ongoing (see paragraphs 3.20 to 3.24).
21. Emerging technologies (including AI) present opportunities for innovation and efficiency in operations by entities. However, rapid developments and associated risks highlight the need for Accountable Authorities to implement effective governance arrangements when adopting these technologies. The ANAO is incorporating consideration of risks relating to the use of emerging technologies, including AI, into audit planning processes to provide Parliament with assurance regarding the use of AI by the Australian Government (see paragraphs 3.25 to 3.33).
22. The ANAO Audit Quality Report 2023–24 was published on 1 November 2024. The report demonstrates the evaluation of the design, implementation and operating effectiveness of the ANAO’s Quality Management Framework and achievement of ANAO quality objectives (see paragraphs 3.34 to 3.39).
23. The ANAO Integrity Report 2023–24 and the ANAO Integrity Framework 2024–25 were also published on 1 November 2024 to provide transparency of the measures undertaken to maintain a high integrity culture within the ANAO (see paragraphs 3.44 to 3.46).
Cost of this report
24. The cost to the ANAO of producing this report is approximately $445,000.
Due to the complexity of material and the multiple sources of information for the 2023–24 Major Projects Report, we are unable to represent the entire document in HTML. You can download the full report in PDF or view selected sections in HTML below. PDF files for individual Project Data Summary Sheets (PDSS) are also available for download.
Summary and recommendations
Background
1. Tourism Australia (TA) was established in 2004 under the Tourism Australia Act 2004 (TA Act). Its corporate plan states that its purpose is to ‘grow demand to enable a competitive and sustainable Australian tourism industry’.1 The accountable authority for TA is the Board of Directors. TA reports having around 220 staff.
2. TA is a corporate Commonwealth entity within the Foreign Affairs and Trade portfolio. It is subject to the Commonwealth Procurement Rules (CPRs) issued by the Minister for Finance under section 105B of the Public Governance, Performance and Accountability Act 2013.
3. According to its audited financial statements, payments to suppliers represented 74 per cent of TA’s total expenses in 2023–24. Of its total budgeted expenses for 2024–25, 73 per cent were attributable to supplier expenses. As at 30 June 2024, TA had reported 55 contracts on AusTender with a start date falling within the last three financial years, valued at $265.6 million (including contract amendments).
Rationale for undertaking the audit
4. Noting that nearly three-quarters of organisational expenses relate to contracting suppliers, this audit provides assurance to the Parliament over the effectiveness of TA’s procurement and contract management activities.
Audit objective and criteria
5. The audit objective was to assess whether TA’s procurement and contract management activities are complying with the CPRs and demonstrating the achievement of value for money.
6. To form a conclusion against the objective, the following high-level criteria were applied:
- Do the procurement processes demonstrate the achievement of value for money?
- Are the contracts being managed appropriately to achieve the objectives of the procurement?
Conclusion
7. TA’s procurement and contract management activities are not effective in complying with the CPRs and demonstrating the achievement of value for money.
8. TA’s procurement processes have not demonstrated the achievement of value for money. TA makes insufficient use of open and competitive procurement processes, with 70 per cent of the 33 procurements examined in detail by the ANAO not involving open competition. An appropriate procurement policy framework is not in place and TA’s conduct of procurement activities regularly fails to adhere to requirements under the CPRs such as:
- including evaluation criteria in request documentation and using those criteria to select the candidate that represents the best value for money;
- acting ethically including fair treatment of suppliers and through the declaration and management of any conflicts of interest2; and
- maintaining appropriate records commensurate with the scale, scope and risk of the procurement.
9. TA has not effectively managed contracts to achieve the objectives of the procurement. In relation to the 33 contracts examined in detail by the ANAO:
- none had a contract management plan, including some high-risk and high-value arrangements;
- for more than half (55 per cent), TA had not included clear performance requirements in the contract. There were also shortcomings in TA’s monitoring of contractor performance across the sample examined by the ANAO;
- contract variations are common, with 33 per cent of contracts examined by the ANAO being varied. None of the variations had records created and retained by TA that demonstrated that the variation represented value for money; and
- invoicing and payments for 64 per cent did not adhere to the contracts and/or requirements under TA’s policies.
10. TA has also not been meeting its AusTender reporting requirements.
Supporting findings
Procurement processes
11. An appropriate procurement policy framework is not in place. The two versions of the Procurement Policy in place for the period covered by this ANAO performance audit do not fully reflect, or address, the principles, prescriptive requirements and mandatory rules set out in the CPRs. (See paragraphs 2.2 to 2.19)
12. Based on TA’s AusTender reporting, the majority (62 per cent) of procurements valued at or above the $400,000 threshold set by the CPRs did not involve open approaches to the market. (See paragraphs 2.23 to 2.39)
13. A competitive procurement approach was evident in the establishment of 55 per cent of the contracts examined by the ANAO. For 36 per cent of the contracts, a non-competitive approach was taken and in nine per cent there were insufficient records maintained to evidence the procurement approach taken by TA. For 10 of the procurements (30 per cent) examined by the ANAO, it was evident from the evaluation records that TA had favoured existing or previous suppliers when evaluating competing offers through panel procurement or when deciding which potential provider(s) should be invited to participate in a limited tender. Favouring existing or previous suppliers in the conduct of procurement processes is inconsistent with the CPRs. (See paragraphs 2.40 to 2.63)
14. Relevant evaluation criteria were included in request documentation for 52 per cent of the contracts examined in detail by the ANAO. For the remaining 48 per cent, either the request documentation did not include any evaluation criteria (12 per cent) or there were no records of the request documentation on file (36 per cent). This situation is not consistent with the CPRs which require evaluation criteria to be included in the request documentation. (See paragraphs 2.67 to 2.69)
15. Just over half of the contracts examined by the ANAO were awarded to the candidate where records demonstrated that it had been assessed by TA to offer the best value for money. For the remaining 48 per cent of contracts where value for money outcomes had not been demonstrated, this was primarily the result of insufficient analysis being presented commensurate with the scale of the procurement, or insufficient documentation being maintained. (See paragraphs 2.72 to 2.83)
16. TA had not conducted procurements to a consistent ethical standard as required under the CPRs. Of note was that:
- conflict of interest declarations were not completed by all evaluation team members in four per cent of the contracts examined where there was sufficient documentation on file;
- for eight per cent of the contracts where advisers were appointed to assist with the procurement process, TA’s records did not include a complete list of the individuals involved; and
- the procurements of external probity advisers were deficient in relation to how those advisers were engaged as well as the limited scope of probity services obtained by TA. (See paragraphs 2.86 to 2.110)
17. TA did not maintain appropriate records commensurate with the scale, scope and risk of the procurement (which is what the CPRs require). Forty-eight per cent of contracts examined by the ANAO were missing one or more important documents. In addition, for those contracts where adequate records were available, more than half of the contracts involved work commencing before a contract was in place. (See paragraphs 2.113 to 2.132)
Contract management
18. TA’s reporting of contracts on AusTender was not compliant with the CPRs. TA accurately reported 19 per cent of the relevant contracts examined in detail by the ANAO within the required timeframe. Key information on contract values and contract start and end dates have been reported inaccurately with contract amendments usually not reported at all. (See paragraphs 3.2 to 3.17)
19. An appropriate contract management framework is not in place. None of the 33 contracts examined by the ANAO had a contract management plan and none had a risk management plan. This included a five-year $311.3 million contract that relates to a key element of TA’s marketing efforts. (See paragraphs 3.18 to 3.32)
20. Less than half (45 per cent) of the contracts examined by the ANAO included clear performance requirements. Methods for monitoring performance were included for 79 per cent of contracts examined, including a number of contracts where performance requirements had not been specified (that is the monitoring arrangements, such as reporting and/or progress meetings, were not against a clear performance requirement). Further, TA has not consistently adhered to the performance framework set out in the contracts and it was common for there to be gaps in the records to evidence the contract management activities undertaken that TA was paying for. (See paragraphs 3.33 to 3.40)
21. For the procurements examined by the ANAO, TA has not consistently managed contracts effectively to deliver against the objectives of the procurements and to achieve value for money.
- Of the 33 contracts examined by the ANAO, 11 (33 per cent) had records of at least one variation being executed. None of the variations had supporting evidence of records to the delegate documenting the decision-making process and demonstrating that the variation represented value for money. Some variations have significantly increased the value of the contract (by up to 105 per cent) and retrospectively added additional services already delivered and/or paid for. There have also been instances of contracts continuing to operate past their stated completion date without being varied.
- Invoicing and payments under 21 of the 33 contracts examined by the ANAO did not adhere to the contracts and/or requirements under TA’s policies. This has included instances of full payments being made before final deliverables under the contract are received and payments exceeding the contracted amount. (See paragraphs 3.41 to 3.51)
Recommendations
Recommendation no. 1
Paragraph 2.20
Tourism Australia document a comprehensive procurement policy framework that gives full effect to the principles, prescriptive requirements and mandatory rules set out in the Commonwealth Procurement Rules.
Tourism Australia response: Agreed.
Recommendation no. 2
Paragraph 2.64
Tourism Australia increase the extent to which it employs open, fair, non-discriminatory and competitive procurement processes.
Tourism Australia response: Agreed.
Recommendation no. 3
Paragraph 2.70
Tourism Australia strengthen its procurement controls to ensure that procurement request documentation includes:
- the evaluation criteria that will be applied, together with any weightings; and
- the way that prices will be considered in assessing the value for money offered by each candidate.
Tourism Australia response: Agreed.
Recommendation no. 4
Paragraph 2.84
Tourism Australia strengthen its procurement practices so that it can demonstrate that contracts are awarded to the candidate that satisfies the conditions for participation, is fully capable of undertaking the contract and will provide the best value for money as assessed against the essential requirements and evaluation criteria specified in the approach to market and request documentation.
Tourism Australia response: Agreed.
Recommendation no. 5
Paragraph 2.111
Tourism Australia engage probity advisers through transparent procurement processes and, where a probity adviser has been appointed, Tourism Australia actively engage and manage the adviser to ensure probity has been maintained during the procurement process.
Tourism Australia response: Agreed.
Recommendation no. 6
Paragraph 2.128
Tourism Australia improve its record keeping processes to ensure that business information and records are accurate, fit for purpose and are appropriately stored within entity systems.
Tourism Australia response: Agreed.
Recommendation no. 7
Paragraph 2.133
Tourism Australia strengthen its procurement controls to better address the risk of work commencing before a contract is in place.
Tourism Australia response: Agreed.
Recommendation no. 8
Paragraph 3.14
Tourism Australia:
- place greater emphasis on timely and accurate reporting of its procurement activities; and
- implement a monitoring and assurance framework over its compliance with the Commonwealth Procurement Rules including for AusTender reporting.
Tourism Australia response: Agreed.
Recommendation no. 9
Paragraph 3.52
Tourism Australia strengthen its contract management including by:
- establishing and maintaining a contract register that contains details of all entity contracts, and implementing a quality assurance process to ensure that the information recorded is complete and accurate, and updated in a timely manner;
- documenting risk management and contract management plans for high-risk, high-value contracts;
- including clear performance requirements in contracts and applying contracted performance monitoring approaches in the management of contracts; and
- introducing effective controls over invoicing and payments under contracts.
Tourism Australia response: Agreed.
Summary of entity response
22. The proposed audit report was provided to TA. The letter of response that was received for inclusion in the audit report is at Appendix 1. TA’s summary response is provided below.
Tourism Australia acknowledges the ANAO’s report and is fully committed to implementing its nine recommendations to improve the agency’s procurement and contract management practices.
Tourism Australia had already begun to make improvements to its procurement and contract management systems ahead of the audit, and the agency is in the process of implementing remedial actions relating to the recommendations. This includes enhancing the agency’s records management framework and processes, implementing a new procurement and contract management system and adding resources to its corporate services teams. Additional training will also be provided to all staff to improve capability to ensure that decisions are compliant, defensible, and clearly demonstrate value for money.
Some of the report’s findings relate to work undertaken during the unprecedented events of the Covid-19 pandemic, when Tourism Australia’s primary focus was on the emergency response to support an industry in crisis. Nevertheless, Tourism Australia accepts the recommendations for improvement to ensure that it can better demonstrate that the agency’s procurement and contract management activities comply with Commonwealth Procurement Rules and achieve value for money.
Key messages from this audit for all Australian Government entities
23. Below is a summary of key messages, including instances of good practice, which have been identified in this audit and may be relevant for the operations of other Australian Government entities.