The Australian National Audit Office (ANAO) publishes two reports annually addressing the outcomes of the financial statement audits of Australian government entities and the Consolidated Financial Statements (CFS) of the Australian Government, to provide the Parliament of Australia with an independent examination of the financial accounting and reporting of public sector entities. This report focused on the results of the interim audit phase, including an assessment of entities’ key internal controls, of the 2017–18 financial statements audits of a range of entities including all departments of state and a number of major Australian government entities.

Executive summary

1. The primary purpose of financial statements is to provide relevant, reliable information to users about a reporting entity’s financial position. In the public sector, the users of financial statements include Parliament, Ministers and the community. The preparation of timely and accurate audited financial statements is also an important indicator of the effectiveness of an entity’s financial management and fosters confidence in an entity on the part of users.

2. The Australian National Audit Office (ANAO) prepares annually two publications that report the outcomes of the financial statements audits of Australian government entities1 and the Consolidated Financial Statements (CFS) of the Australian Government. These reports provide Parliament with an independent examination of the financial accounting and reporting of public sector entities.

3. This report focuses on the results of the interim audits, including an assessment of entities’ key internal controls, supporting the 2017–18 financial statements audits. This report examines 26 entities, including all departments of state and a number of major Australian government entities. The entities included in the report are selected on the basis of their contribution to the income, expenses, assets and liabilities of the 2016–17 CFS. Significant and moderate findings arising from the interim audits are reported to the responsible Minister(s), and all findings are reported to those charged with governance of each entity.

4. The second report provides the results of the 2017–18 final audits of the financial statements of all Australian Government controlled entities and the CFS.

Summary of audit findings and related issues

Entity internal controls

5. A central element of the ANAO’s financial statements audit methodology and the focus of the planning phase of ANAO audits is a sound understanding of an entity’s environment and internal controls. This understanding informs our audit approach, including the reliance placed on entity systems to produce financial statements that are free from material misstatement. To do this, the ANAO uses the framework contained in the Australian Auditing Standard 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment (ASA 315).

6. The interim audit phase includes an assessment of the effectiveness of each entity’s internal controls as they relate to the risk of misstatement in the financial statements. At the completion of our interim audits for the 26 entities included in this report we noted that key elements of internal control were operating effectively for 20 entities. For five entities2, except for particular finding/s outlined in chapter 3, the key elements of internal control were operating effectively to support the preparation of financial statements that are free from material misstatement. For the National Disability Insurance Agency, the ANAO identified a number of findings which reduced the level of confidence that could be placed on key elements of internal control and limited the assurance that could be obtained from that entity’s control framework.

Summary of audit findings

7. A total of 99 findings were reported to the entities included in this report as a result of interim audits, comprising of nil significant, 12 moderate and 87 minor findings. This is a decrease from the interim results of 2016–17 with a total of 114 findings reported comprising two significant, 22 moderate and 90 minor findings.

8. Eighty-three per cent of moderate findings continue to be in the areas of: compliance and quality assurance frameworks supporting program payments, revenue collection and financial reporting; and management of IT controls. These areas warrant further attention by entity management.

Reporting of gifts and benefits

9. The ANAO has reviewed the gifts and benefits policies of the entities in this report. The ANAO sees merit in the development of a whole of government gifts and benefits policy setting the minimum requirements for entities to include within their policies, to promote good practice across Commonwealth entities. A gifts and benefits policy incorporating regular review and monitoring increases accountability, while transparency would be enhanced through the publication of entity gifts and benefits registers on the internet. The maintenance of a central register may assist entities in meeting accountability and transparency obligations.

Reporting relating to compliance with finance law

10. The ANAO observed that entities had processes in place for monitoring and reporting instances of non-compliance with finance law. Following changes to the mandatory external reporting of non-compliance in 2015–16, there is evidence that some entities are reducing the level of internal reporting of non-compliance captured and reported to audit committees and accountable authorities.

Reporting and auditing frameworks

Summary of developments

11. There are no significant accounting standards changes for the Commonwealth public sector for 2017–18. Major changes in accounting standards will be applicable in 2018–19 and 2019–20 with the implementation of revised standards for financial instruments, revenue and leases. The majority of entities included in this report have indicated that they are still in the planning stage of transition to the new standards with approximately half of entities having both updated accounting policies and transition plans for standards expected to have a material impact.

Cost of this report

12. The cost to the ANAO of producing this report is approximately $405,000.

1. Summary of audit findings and related issues

Chapter coverage

This chapter provides:

  • an overview of the ANAO’s audit approach to financial statements audits;
  • a summary of observations regarding the internal control environments of the entities included in this report;
  • a summary of audit findings identified at the conclusion of the interim audit; and
  • observations relating to: the establishment and monitoring of gifts and benefits policies; and reporting relating to compliance with finance law.
Conclusion

Key to our audit process is our assessment of entities’ internal control frameworks as they apply to financial reporting. An effective internal control framework provides the ANAO with a level of assurance that entities are able to prepare financial statements that are free from material misstatement. At the completion of our interim audits for the 26 entities included in this report we noted that key elements of internal control were operating effectively for 20 entities. For five entitiesa, except for particular finding/s outlined in chapter 3, the key elements of internal control were operating effectively to support the preparation of financial statements that are free from material misstatement. For the National Disability Insurance Agency, the ANAO identified a number of findings which reduced the level of confidence that could be placed on key elements of internal control and limited the assurance that could be obtained from that entity’s control framework.

A total of 99 findings were reported to the entities included in this report as a result of interim audits, comprising of nil significant, 12 moderate and 87 minor findings. This is a decrease on the interim audit results of 2016–17 with a total of 110 findings reported comprising two significant, 22 moderate and 90 minor findings.

Eighty-three per cent of moderate findings continue to be in the areas of: compliance and quality assurance frameworks supporting program payments, revenue collection and financial reporting; and management of IT controls, particularly the management of privileged users. These areas warrant further attention by entity management.

The ANAO has reviewed the gifts and benefits policies of the entities in this report. The ANAO sees merit in the development a whole of government gifts and benefits policy setting the minimum requirements for entities to include within their policies, to promote good practice across Commonwealth entities. A gifts and benefits policy incorporating regular review and monitoring increases accountability, while transparency would be enhanced through the publication of entity gifts and benefits registers on the internet. The maintenance of a central register may assist entities in meeting accountability and transparency obligations.

The ANAO observed that entities had processes in place for monitoring and reporting instances of non-compliance with finance law. Following changes to the mandatory external reporting of non-compliance in 2015–16, there is evidence that some entities are reducing the level of internal reporting of non-compliance captured and reported to audit committees and accountable authorities.

Note a: The Departments of: Communications and the Arts; Defence; Home Affairs; the Prime Minister and Cabinet; and the Australian Taxation Office.

Introduction

1.1 The ANAO publishes an Annual Audit Work Program (AAWP) which reflects the ANAO’s strategy and deliverables for the forward year. The purpose of the AAWP is to inform the Parliament, the public and government sector entities of the planned audit coverage for the Australian Government sector by way of financial statements audits, performance audits and other assurance activities.

1.2 The financial statements audit coverage, as outlined in the AAWP, includes presenting two reports to the Parliament addressing the outcomes of the financial statements audits of Australian Government entities and the Consolidated Financial Statements of the Australian Government (CFS). These reports provide Parliament with an independent examination of the financial accounting and reporting of public sector entities.

1.3 This report focuses on the results of the interim audits of 26 entities.3 This includes a review of the governance arrangements related to entities’ financial reporting responsibilities and an examination of the relevant internal controls, including information technology system controls, that support the preparation of financial statements that are free from material misstatement.

1.4 The second report presents the final results of the financial statements audits of the CFS and all Australian Government entities.

1.5 The entities included in this report are those entities that contribute significantly to the three sectors of the CFS: the General Government Sector (GGS), Public Non-Financial Corporation (PFNC) sector and Public Financial Corporation (PFC) sector. A listing of these entities is provided in Appendix 1.

1.6 The ANAO conducts its financial statements audits in four phases: planning, interim, final and completion. Figure 1.1 outlines the key elements of each phase.

Figure 1.1: ANAO financial statements audit process

Figure 1.1 outlines the ANAO financial statements audit process.  The four phases and the purpose of each phase is as follows: Planning – understanding the entity and design an audit approach. Interim - Initial assessment of controls. Final - final assess

1.7 Accountable authorities4 of all Commonwealth entities and companies subject to the Public Governance, Performance and Accountability Act 2013 (PGPA Act) are required to govern the entity in a way that promotes the proper use and management of public resources, the achievement of the purposes of the entity and the entity’s financial sustainability.5 This requires the development and implementation of effective corporate governance arrangements and internal controls designed to meet the individual circumstances of each entity. These processes also assist in the orderly and efficient conduct of the entity’s business, and compliance with applicable legislative requirements, including the preparation of annual financial statements that present fairly the entity’s financial position, financial performance and cash flows.

1.8 A central element of the ANAO’s financial statements audit methodology, and the focus of the planning phase of the ANAO audits, is a sound understanding of an entity’s environment and internal controls relevant to assessing the risk of material misstatement in the financial statements. This understanding informs the ANAO’s audit approach, including the reliance that may be placed on entity systems to produce financial statements that are free from material misstatement. The interim phase of the audit assesses the operating effectiveness of controls. In the final audit phase the ANAO completes its assessment of the effectiveness of controls for the full year, undertakes detailed testing of material balances and disclosures in the financial statements, and finalises its audit opinion on entities’ financial statements.

1.9 The auditor’s understanding of the entity, its environment and its controls, helps the auditor design the work needed and respond to risks that bear on financial reporting. The key areas of financial statements risks identified through this planning approach are discussed in chapter 3 for each entity included in this report.

1.10 In accordance with generally accepted auditing practice, the ANAO accepts a low level of risk that the audit will fail to detect that the financial statements are materially misstated. This low level of risk is accepted because it is too costly to perform an audit that is predicated on no level of risk. Specific audit procedures are performed to ensure that the risk accepted is low. These procedures include: obtaining knowledge of the entity and its environment; reviewing the operation of internal controls; undertaking analytical reviews, testing samples of transactions and account balances; and confirming significant year end balances with third parties.

Understanding entities and their environments

1.11 The ANAO uses the framework in ASA 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment to consider the impact of different elements of an entity’s internal controls that support the preparation of financial statements. This approach provides a basis for designing and implementing responses to the assessed risk of material misstatement. Figure 1.2 outlines these elements.

Figure 1.2: Elements of entity internal controls

Figure 1.2 outlines the 5 elements of an entities intern control framework consisting of: Control Environment; Risk Assessment; Monitoring; Information Systems; and Control Activities, as per ASA 315

Source: ASA 315 Identifying and assessing the risk of material misstatement through understanding the entity and its environment, paragraph A59.

1.12 This chapter discusses each of these elements and outlines observations based on the ANAO’s review of aspects of each entity’s internal controls, relevant to the risk of material misstatement to the financial statements, including the detailed results of the interim audits.

1.13 At the completion of our interim audits for the 26 entities included in this report we noted that key elements of internal control were operating effectively for 20 entities. For five entities6, except for particular finding/s outlined in chapter 3, the key elements of internal control were operating effectively to support the preparation of financial statements that are free from material misstatement. For the National Disability Insurance Agency, the ANAO identified a number of findings which reduced the level of confidence that could be placed on key elements of internal control and limited the assurance that could be obtained from that entity’s control framework.

1.14 The key elements of internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audits.

Control environment

1.15 The PGPA Act sets out the requirements to establish and maintain systems relating to risk and control. Division 2, section 16 of the PGPA Act states that:

The accountable authority of a Commonwealth entity must establish and maintain:

  1. an appropriate system of risk oversight and management for the entity; and
  2. an appropriate system of internal control for the entity;

including by implementing measures directed at ensuring officials of the entity comply with finance law.7

1.16 In assessing an entity’s control environment that supports the preparation of financial statements that are free from material misstatement, the ANAO reviews aspects of the governance structures. The ANAO considers whether management has established frameworks and processes that promote positive attitudes, awareness and actions concerning the entity’s internal controls and their importance in the entity. The main elements reviewed included: governance structures relevant to the preparation of the financial statements; audit committee and assurance arrangements; and systems of authorisation, processes for recording financial transactions.

1.17 All entities included in this report had established executive management structures that met at least monthly, in the form of executive committees and sub-committees, supporting financial decision making at the strategic and operational levels.

1.18 Consistent with previous years, consideration of financial reporting was included on the agendas of all 26 entities’ executive and audit committees. The financial information provided to the entities’ executives was supplemented by non-financial operational information.

1.19 Clear accountability structures are important in establishing a strong internal control environment for the purposes of preparing the financial statements. The involvement of those charged with governance is an important element of these structures. Just as important is ensuring that staff at all levels understand their own role in the control framework. This can be achieved through the issuance of accountable authority instructions8, and delegation instruments. All entities had established accountable authority instructions and delegations reflecting current business arrangements.

Audit committees

1.20 The PGPA Act9 requires audit committees to be established for Commonwealth entities and Commonwealth companies. An independent audit committee is a fundamental principle of good governance.10 The audit committee plays a key role in assisting the accountable authority to fulfil its governance, risk management and oversight responsibilities through the provision of independent assurance and advice.

1.21 Section 17 of the Public Governance Performance and Accountability Rule 2014 (PGPA Rule) sets out the minimum requirements relating to the audit committee of a Commonwealth entity. Key requirements of the PGPA Rule include:

  • A written charter, set by the accountable authority, determining the functions of the audit committee for the entity. These functions must include reviewing the appropriateness of the accountable authority’s: financial reporting; performance reporting; system of risk oversight and management; and system of internal control for the entity.
  • Membership of the committee to include at least three persons with appropriate qualifications, knowledge, skills or experience to assist the committee to perform its functions and a majority of committee members must be independent of the entity.
  • Persons that must not be a member of the audit committee: the accountable authority or, if the accountable authority has more than one member, the head; the Chief Financial Officer; and the Chief Executive Officer.

1.22 The ANAO observed that all entities had established audit committees consisting of a majority of members which were assessed by the entity to be independent. Twenty-two entities had appointed an independent audit committee chair for the full financial year with the remaining four entities appointing independent chairs during the financial year.11

1.23 All entities included in this report had established an audit committee and had developed and endorsed an audit committee charter which set out the responsibilities required by the PGPA Rule. These entities have met the minimum requirements set out in the PGPA rule for the establishment of audit committees in relation to financial reporting.

Reporting of gifts and benefits

1.24 Section 27 of the PGPA Act, Duty in relation to use of position, states than an official of a Commonwealth entity must not improperly use his or her position to gain, or seek to gain, a benefit or an advantage for himself or herself or any other person.

1.25 The practical guide APS Values and Code of Conduct in Practice produced by the Australian Public Service Commission notes that:

The acceptance of a gift or benefit that is connected with an employee’s employment can create a real or apparent conflict of interest that should be avoided.12

All valuable gifts or benefits should be registered. Any gift accepted by an employee because of their employment becomes the property of the agency, unless there are agency policies to the contrary.13

1.26 Accepting gifts and benefits from customers, suppliers, visiting delegates or professional bodies exposes the public service to real or perceived conflicts of interest. There is increasing sensitivity to the appropriateness of accepting gifts and benefits as an officer in an organisation or a government entity. There may be instances when it is inappropriate to refuse a gift or benefit, for example, if it would cause cultural offence to refuse. In those circumstances transparency is maintained through reporting the receipt of the gift or benefit and the judgements made in accepting the gift or benefit.

1.27 A number of Australian States and Territory governments provide guidance to the government entities within their jurisdiction on the minimum requirements for acceptance, retention, reporting and monitoring of gifts and benefits.14 There is no whole of government guidance issued to Commonwealth entities that details the minimum requirements to report the offer and acceptance of gifts and benefits and the information to be included in a register.

1.28 A gifts and benefits policy is an important component of a robust control environment and assists entities with demonstrating compliance with the APSC’s guidance for all valuable gifts and benefits to be registered. The ANAO has confirmed that all entities included in this report have published a gifts and benefits policy that is available to all staff on their intranet. A summary of these policies is included in appendix 2. Policies for 19 entities have been updated within the last two financial years.15

1.29 Each policy outlines the entity’s requirement to report gifts accepted and the approval process for the retention of gifts or benefits by the recipient. The ANAO has reviewed the entities’ policies and has made the following observations.

  • All entities require that gifts and benefits accepted are reported as soon as possible with five entities setting a maximum timeframe by when items need to be reported. These five entities require gifts and benefits be reported within 10 to 14 days of the receipt of a gift or benefit16 or by the end of the month in which the gift or benefit was received.17
  • Twenty-five entity’s policies require employees to obtain approvals from their supervisor to personally retain the gift.18
  • The gifts and benefits policies for 25 entities include a requirement to provide written notification of gifts and benefits above set thresholds. The policy of the remaining entity does not specify whether receipt of gifts and benefits needs to be notified in writing.19 The reporting thresholds set by entities varies as follows: five require written notification of the receipt of all gifts and benefits irrespective of value; one requires written notification of all gifts which are not inconsequential20; and 19 specify a dollar threshold above which all gifts and benefits are required to be disclosed in writing. The thresholds set by entities range from $20 to $250.

1.30 An important element of a gifts and benefits policy is that it provides a process for monitoring and managing the gifts and benefits offered and/or accepted by officers within the entity. This can be supported by a centralised register to enable an assessment of the effectiveness of implementation of an entity’s policies; the types and frequency of gifts and benefits received by an entity; and the identification of potential conflict of interest risks. Sixteen entities maintain a centralised register. The remaining entities21 maintain registers within divisions/branches or geographical locations with no consolidation at the whole of entity level.

1.31 In most cases entity policies require the recipient to determine the value of the gift or benefit being declared and provide supporting information to the approver. Four entities22 have specified a role within the organisation, independent of the recipient, to determine the value of the gift or benefit. All entities record gifts and benefits in the asset register if the value is above the entity’s asset capitalisation threshold. Upon capitalisation those assets are subject to the entity’s revaluation policies and stocktake procedures. Two entities require a stocktake to be completed of items recorded on the gifts and benefits register that have not been capitalised.23

1.32 The ANAO sees merit in the development of a whole of government gifts and benefits policy setting the minimum requirements for entities to include within their policies, to promote good practice across Commonwealth entities. A gifts and benefits policy incorporating regular review and monitoring increases accountability, while transparency would be enhanced through the publication of entity gifts and benefits registers on the internet. The maintenance of a central register may assist entities in meeting accountability and transparency obligations.

Risk assessment processes

1.33 Section 16 of the PGPA Act sets out an accountable authority’s responsibilities in regard to the establishment of appropriate risk oversight and management in an entity. An understanding of an entity’s risk assessment process is essential to an effective and efficient financial statements audit. The ANAO reviews how entities identify risks relating to financial statements, how these risks are managed and considers the risk of material misstatement of an entity’s financial statements.

1.34 All entities reviewed had a risk management process to develop and update risk management plans at the organisational and work area levels. In addition, each entity had developed processes for the identification and notification of risks relevant to financial statements preparation either as part of the overall risk management plan, or through a targeted risk identification exercise. The monitoring of risks, and the entities’ implementation of risk management strategies, was typically assigned to either an executive committee and/or the audit committee.

Fraud control management

1.35 The Commonwealth Fraud Control Framework (the Framework) outlines the principles for fraud control within the Australian Government and sets minimum standards to assist entities in carrying out their responsibilities to combat fraud against government programs. As with risk management plans, fraud control plans need to be reviewed regularly and updated when significant changes to roles or functions occur, so that they reflect an entity’s current fraud risk and control environment. There are benefits in entities assessing fraud risks as part of risk management processes.

1.36 The importance of entities establishing effective fraud control arrangements is recognised in section 10 of the PGPA Rule, which specifies that accountable authorities must develop and implement a fraud control plan for the entity. The Framework requires entities to conduct fraud risk assessments regularly and when there is a substantial change in the structure, functions or activities of the entity.24

1.37 In assessing the risks of material misstatement of an entity’s financial statements, the ANAO considers misstatements arising from both fraud and error. In respect of fraud, two types of intentional misstatements are relevant – misstatements arising from fraudulent financial reporting and misstatements resulting from the misappropriation of assets. ASA 240 The Auditor’s Responsibilities Relating to Fraud in an Audit of a Financial Report contains requirements for identifying the risks of material misstatement due to fraud, and designing audit procedures to detect such misstatement.

1.38 As part of the 2017–18 interim audits, the ANAO noted that all entities included in this report had established a fraud control plan that had been reviewed within the last two years. Entities had also assigned responsibility for the oversight and monitoring of fraud control strategies and initiatives, to specified fraud and governance roles or dedicated branches and the audit committee.

Monitoring of controls

1.39 Entities undertake many types of activities as part of their monitoring of control processes, including external reviews, self-assessment processes, post-implementation reviews and internal audits. The level of review of these activities by the ANAO is determined through a risk assessment approach that takes into consideration the nature, extent and timing of each activity and the activities application to the preparation of the financial statements.

Internal Audit

1.40 As part of its financial statements audit coverage, the ANAO reviews the activities of internal audit and gains an understanding of its role and activities in the entity. Where an internal audit function has been established it can play an important role in providing assurance to the accountable authority that the internal control framework is operating effectively. The ANAO encourages entities to identify opportunities for internal audit coverage of key financial systems and controls as a means of providing increased assurance to accountable authorities to support their opinion on the entity’s financial statements.

1.41 The ANAO considers the extent to which it may be able to use the work of internal audit in a constructive and complementary manner, noting that this will vary between entities and is more likely to occur where internal audit work is focused on financial controls and legislative compliance. If the ANAO expects to use the work of internal audit, in accordance with ASA 610 Using the Work of Internal Auditors, the ANAO is required to assess whether internal audit has appropriate organisational status and relevant policies and procedures to support their objectivity; an appropriate level of competence; and whether they apply a systematic and disciplined approach in the execution of their work including quality control.

1.42 When it is determined that the work of internal audit can be used to support an effective audit approach the ANAO will perform audit work to confirm its adequacy to support the external audit. This will include confirmation that the scope of the work is appropriate, that there is sufficient evidence to support the conclusions drawn and selected re-performance of internal audit’s testing.

1.43 The ANAO observed that, for the entities included in this report, internal audit coverage is based on an internal audit plan that is aligned with entities’ risk management plans and includes a combination of audits that address assurance, compliance, performance improvements and IT systems reviews. In addition, suggested topics from management, audit committees and external influences, such as the ANAO’s planned performance and financial statements coverage, are factors considered in the development of internal audit work plans.

Reporting relating to compliance with finance law

1.44 Entities are required to comply with the finance law25 and this would lead to an expectation that entities are able to identify instances of non-compliance. Instances of non-compliance should be assessed to determine whether they indicate new or increased areas of risk for an entity. The PGPA Act sections 19 and 91 require accountable authorities of Commonwealth entities, to give the responsible Minister, reasonable notice, of any significant issue that may affect the entity. Prior to 2015–16, general government sector entities were required to submit an annual Certificate of Compliance to the Minister for Finance and the responsible Minister summarising all non-compliance with the PGPA Act Framework. From 2015–16, the Department of Finance changed the compliance reporting process to require entities to report only significant non-compliance with finance law to both the Minister for Finance and the responsible Minister.

1.45 To support the change in requirements, the Department of Finance issued guidance in relation to reporting of significant non-compliance through the Resource Management Guide 214 Notification of significant non-compliance with finance law (PGPA Act, section 19) (RMG 214). The guide outlines factors which may be considered when determining whether significant non-compliance occurred including:

  • failure to comply with the duties of accountable authorities (sections 15 to 19 of the PGPA Act);
  • serious breaches of the general duties of officials (sections 25 to 29 of the PGPA Act) including any fraudulent activity by officials;
  • systemic issues reflecting internal control failings or high volume instances of non-compliance; and
  • non-compliance issues that are likely to impact on the entity’s financial sustainability.

1.46 RMG 214 notes that the accountable authority should consider their entity’s environment when determining whether instances of non-compliance are significant. As part of the interim audits the ANAO considered entities’ application of RMG 214.26

1.47 Entities advised that professional judgement is applied and consideration given, to the nature and volume of breaches when assessing significance.27 The ANAO observed that three entities28 included a specific financial impact threshold for which all non-compliance above the threshold would be considered significant within their formal definition of significant non-compliance.

1.48 As part of the Audit Committee’s governance role the committee generally has oversight of the process for collating instances of non-compliance and the subsequent assessment regarding their significance. The Departments of: Foreign Affairs and Trade; and the Prime Minister and Cabinet provides only those breaches assessed as significant to their audit committees. The Department of Infrastructure, Regional Development and Cities did not provide a paper to the audit committee on its 2016–17 compliance with finance law. In addition the Department of Foreign Affairs and Trade’s policy requires only significant non-compliance to be reported to the audit committee and the accountable authority, therefore a complete listing of non-compliance breaches was not compiled. As a result, DFAT has been excluded from the analysis of non-compliance summarised in Figure 1.3.

1.49 In addition to notifying the relevant Minister of any significant issues which occur, the entity must also report any significant non-compliance in its annual report in line with the PGPA Rule section 17AG. The Department of Defence was the only entity to report an instance of significant non-compliance with finance law in their 2016–17 annual report as outlined below.

The Department of Defence reported 29 instances of significant noncompliance with the finance law, for circumstances proven as fraud committed by an official and addressed by Defence authorities through criminal, disciplinary or administrative action. Significant fraud cases are also reported separately to the Minister for Defence in accordance with reporting requirements set out in the Commonwealth Fraud Control Framework.29

1.50 Entities undertake a range of activities to identify instances of non-compliance and support their assessments of whether identified breaches meet the definition of significant breaches. These activities include self-reporting, internal assurance activities and questionnaires completed by officers holding delegations. Through these processes, in 2016–17 the entities included in this report30 identified a total of 3,185 instances of non-compliance. Two entities reported no non-compliance31, three entities reported 50 per cent of the non-compliance32 and the remaining 19 entities each reported between one and nine per cent of the non-compliance.

1.51 Figure 1.3 provides the ANAO analysis of instances of non-compliance by category as identified by entities in 2016–17.

Figure 1.3: Non-compliance identified during 2016–17 by entities

igure 1.3 shows the number of instances non-compliance identified during 2016–17 by entities, per category of finance law.  The breakdown is as follows: 1,440 instances of non-compliance with Commonwealth procurement rules; 1,030 instances of non-complian

Source: ANAO analysis of non-compliance identified by entities.

1.52 Further details of the areas of non-compliance reported in 2016–17 are detailed below.

  • Of the non-compliance with Commonwealth Procurement Rules, 95 per cent of the breaches related to rule 7.16 which requires entities to report contracts entered into or amended over $10,000 on AusTender within 42 days. The following three entities identified the highest levels of non-compliance in this area: the Department of Home Affairs (540 instances); the Department of Finance (143 instances); and the Department of Agriculture and Water Resources (108 instances).
  • Section 23 of the PGPA Act33 provides the powers for accountable authorities of non-corporate entities to enter into or vary contracts, agreements or deeds of understanding relating to the affairs of the entity and approve commitment of funds. Of the instances of non-compliance in 2016–17: 392 were instances were identified by the Department of Defence; 194 instances by the Department of Human Services; and 132 instances by the Department of Agriculture and Water Resources.
  • The instances of non-compliance of the PGPA Act excluding section 23 related to the misuse of corporate credit cards and the commitment of expenditure.
  • The non-compliance with the PGPA rule relates to failure to document the approvals to enter into arrangements under section 23 of the PGPA Act and banking monies within 5 days from receipt.
  • Non-compliance with the Commonwealth Grant Rules and Guidelines resulted from entities not meeting the requirement to publish grants on the website within 14 days.

1.53 The ANAO has noted that there are divergent practices in respect to determining the significance of identified non-compliance breaches. Following the changes to the mandatory external compliance reporting process in 2015–16, there is evidence that some entities are reducing the level of internal reporting of non-compliance captured and reported to audit committees and accountable authorities. The collation of this information, promotes greater transparency and enables the entity’s management to assess risks and determine training requirements or changes to procedures required to address trends.

Information systems

1.54 A review of the entity’s information system and related controls forms a significant part of the ANAO’s audit examination of internal controls. Information system controls include entity-wide general controls that establish an entity’s IT infrastructures, policies and procedures as well as specific application controls that validate, authorise, monitor and report financial and human resource transactions.

1.55 As discussed at paragraph 1.11, ASA 315 provides guidance on identifying and assessing the risks of material misstatement of financial statements, including risks associated with an entity’s IT environment. Where those risks are applicable to its particular business and operational circumstances, it is expected that an entity will implement appropriate controls to mitigate them, and these controls are assessed by the ANAO.

1.56 Table 1.1 outlines the areas of focus used by the ANAO in assessing an entity’s information system controls, including common controls tested to determine the effectiveness of those systems in supporting complete and accurate financial statements reporting.

Table 1.1: Information system controls – areas of focus

Area of focus

Control element

Control subject to ANAO assessment

IT General controls

IT security

  • IT security governance;
  • general and privileged user access; and
  • monitoring and reporting of security events.

IT change management

  • governance;

     

  • approvals;
  • testing;
  • implementation; and
  • emergency changes.

Application controls

Financial management information systems (FMIS)

Human resources information systems (HRMIS)

  • change management;
  • masterfile maintenance;
  • payment processing;
  • privileged user access management; and
  • general user access management.

Business continuity arrangements

Significant systems supporting financial reporting (including FMIS & HRMIS)

  • backup and recovery;
  • business continuity planning;
  • business continuity testing;
  • disaster recovery planning; and
  • disaster recovery testing.
     

Source: ANAO compilation.

1.57 Observations from the ANAO’s interim audit phase relating to entities’ information system controls are provided under the IT Control environment section included in Control activities below. Refer to paragraphs 1.65 to 1.91.

Control activities

1.58 As part of the interim audits, the ANAO assesses the effectiveness of key controls identified during the planning stages. This assessment is made at a point in time and provides the Parliament and entities with an insight into weaknesses which have the potential to impact the financial statements at year end. The broad categories of control activities assessed by the ANAO include:

  • IT control environment;
  • compliance and quality assurance frameworks;
  • accounting and control of non-financial assets;
  • revenue, receivables and cash management processes;
  • human resources financial processes; and
  • purchases and payables management.

1.59 Figure 1.4 presents the percentage of total audit findings by category, reported for the 26 entities considered in this report during the 2017–18 interim audits.

Figure 1.4: 2017–18 interim audit findings – by category

Figure 1.4 shows 2017–18 interim audit findings by category, as a percentage of total finding. The detail of the 2017–18 breaches by category is presented in table 1.3.

Source: ANAO compilation of interim findings.

1.60 The following section provides a summary of interim audit findings identified in these categories across the past four financial years, as well as making observations regarding common weaknesses identified in the 2017–18 interim audits.

Interim audit findings

1.61 The ANAO rates audit findings according to the potential business or financial management risk posed to the entity. The rating scale is presented in Table 1.2.

Table 1.2: Findings rating scale

Rating

Description

Significant (A)

Issues that pose a significant business or financial management risk to the entity. These include issues that could result in a material misstatement of the entity’s financial statements.

Moderate (B)

Issues that pose a moderate business or financial management risk to the entity. These may include prior year issues that have not been satisfactorily addressed.

Minor (C)

Issues that pose a low business or financial management risk to the entity. These may include accounting issues that, if not addressed, could pose a moderate risk in the future.

   

1.62 A summary of all significant, moderate and minor audit findings identified at the conclusion of the interim audits across the past four financial years is presented in Figure 1.5 below.34

Figure 1.5: Aggregate audit findings

Figure 1.5 shows the total number of audit findings reported to entities in this report, classified as significant, moderate or minor over the four financial years from 2014–5 to 2017–18.

1.63 The ANAO has observed a decrease of approximately 13 per cent in total audit findings in 2017–18 when compared with the 2016–17 interim period. Eighty-three per cent of moderate findings are in the areas of: compliance and quality assurance frameworks supporting program payments, revenue collection and financial reporting; and management of IT controls, particularly the management of privileged users.

1.64 Table 1.3 summarises the number of significant, moderate and minor findings in each category of control activity and common weaknesses noted in each area.

Table 1.3: Significant, moderate and minor audit findings by category

Category

Significant

Moderate

Minor

Main areas of weakness

IT control environment

5

33

  • Security management, particularly management of user access and monitoring of privileged users.

Compliance and quality assurance frameworks

5

23

  • Compliance frameworks for program and revenue collection.
  • Appropriate quality assurance frameworks supporting financial reporting.

Accounting and control of non-financial assets

1

9

  • Processes supporting the valuation and impairment of assets.
  • Completeness and accuracy of fixed asset registers.

Revenue, receivables and cash management

6

  • Timeliness and completeness of reconciliations.
  • Completeness and accuracy of revenue reported.

Human resources financial processes

9

  • Monitoring of controls over payroll processing and reporting.
  • Review processes supporting employee commencements and terminations.

Purchases and payables management

2

  • Authorisation of expenditure.
  • Maintenance of vendor data.

Other audit findings

1

5

  • Maintenance of appropriate documentation to support decision making.
  • Incomplete policies and procedures.

Total

12

87

99

         

Source: ANAO compilation of interim findings.

Information Technology control environment

1.65 As described in paragraph 1.54, the review of information systems and related controls is an integral part of an entity’s control environment. Figure 1.6 demonstrates the trends in interim audit findings related to entities’ overall IT control environments from 2014–15 to 2017–18.

1.66 At the time of this report, testing of the operating effectiveness of IT controls had not been completed for three entities35 and therefore those results are not reflected in this summary.

Figure 1.6: IT control environment findingsa

Figure 1.6 details the number of IT control environment findings over the four financial years from 2014–15 to 2017–18. These are presented by category significant, moderate or minor.

Note a: One moderate and two minor audit findings were reported in 2014–15 and three minor audit findings were reported in 2015–16 which do not relate to entities’ IT general controls. In 2017–18 one finding relates to both change and security. As a result, the number of audit findings reported in paragraph 1.70 - 1.91 does not fully align to the number of findings reported in Figure 1.6

1.67 Findings related to entities’ IT control environments represent 33 per cent of total findings identified during the 2017–18 interim period. IT control environment findings continue to represent the highest proportion of all findings, as observed in previous years.

1.68 Five moderate findings were reported in 2017–18, two of which remain unresolved from 2016–17. 36

1.69 An overview of the findings reported at the conclusion of the 2017–18 interim audits for the entities included in this report is provided below, relating to each of the information system control elements:

  • IT security;
  • IT change management;
  • IT application controls; and
  • business continuity management
IT security

1.70 IT security is concerned with protecting an entity’s information assets from internal and external threats. It includes controls to prevent or detect unauthorised access to systems, programs and data. In the context of the financial statements audit, the focus is on the financially significant systems and data only.

1.71 The key controls that address risks relating to IT security and that are assessed by the ANAO as part of the interim audit are:

  • IT security governance;
  • general and privileged user access; and
  • monitoring and reporting.

1.72 Figure 1.7 illustrates the trends in findings observed by the ANAO in entities’ IT security arrangements between 2014–15 and 2017–18.

Figure 1.7: IT security findings

Figure 1.7 details the number of IT security findings over the four financial years from 2014–15 to 2017–18. These are presented by category significant, moderate or minor.

1.73 Consistent with previous years IT security continues to be the component within the IT control environment with the largest number of findings reported. The number of moderate findings has increased from two in 2016–17 to five in 2017–18. Further details of the moderate findings is detailed in chapter 3.37 Findings related to:

  • management of segregation of duties conflicts;
  • removal of user access when it is no longer required;
  • logging and monitoring of privileged user activity; and
  • blocking privileged users from accessing the internet.

1.74 Terminating a user account when the user no longer has a requirement to access it, such as upon departure from an entity, can prevent unauthorised use. Entities must remove or suspend user access on the same day a user no longer has a legitimate business requirement for its use. 38 Of the findings raised in this category seven related to entities not removing user access in a timely manner.

1.75 Users with administrative privileges, commonly referred to as privileged user access, are able to make significant changes to IT systems configuration and operation, bypass critical security settings and access sensitive information. As part of reviewing IT security arrangements, the ANAO examined different groups of privileged users, including:

  • application administrators, sometimes referred to as super users;
  • database administrators;
  • system administrators; and
  • network or domain administrators.

1.76 To reduce the risks associated with this access, the Australian Government Information Security Manual (ISM) requires that privileged user access be appropriately restricted and when provided, that the access is logged, regularly reviewed and monitored. The ANAO reported two moderate39 and four minor findings related to entities that had not implemented adequate logging and monitoring procedures over privileged user accounts.

1.77 Restricting privileged accounts from accessing email and the internet minimises opportunities for these accounts to be compromised. Entities must prevent privileged accounts from accessing email and the internet.40 The ANAO reported five minor findings relating to entities that had not blocked privileged accounts from accessing the internet.

1.78 The findings within this category increase the risk of unauthorised changes being made to systems and data, or unauthorised data leakage. Entities should review their management of these areas in light of the recommendations of the ISM and the risks to their operational environment.

IT change management

1.79 IT change management provides a disciplined approach to making changes to the IT environment. It includes controls to prevent unauthorised changes being introduced, and to ensure that the implementation of authorised changes does not disrupt normal business operations.

1.80 Figure 1.8 illustrates the trends in findings identified by the ANAO in entities’ IT change management controls between 2014–15 and 2017–18.

Figure 1.8: IT change management findings

Figure 1.8 details the number of IT change management findings over the four financial years from 2014–15 to 2017–18. These are presented by category significant, moderate or minor.

1.81 The ANAO observed that changes to entities’ IT environments were managed using a standardised process, usually based on the ITIL Framework.41 The moderate audit finding reported in 2017–18 relates to approved release of changes at the Department of Defence. Further detail regarding this can be found in chapter 3 at paragraphs 3.6.14 to 3.6.20. The minor findings related to tracking of changes through to completion. The ANAO notes that there has been an increase in the number of minor findings in this area, entities are encouraged to monitor the operating effectiveness of their IT control environments to mitigate risks.

IT application controls

1.82 All Australian Government entities rely on two key financial reporting systems in the preparation of financial information. These are the financial management information system (FMIS) and the human resource management information system (HRMIS).

1.83 Where appropriate to do so, the ANAO assesses entities’ key FMIS and HRMIS controls in view of their importance for financial reporting. Areas of focus include:

  • changes to the systems or data that are not assessed through the entity’s IT change management system. These are changes that only affect the users of the FMIS or the HRMIS and are therefore often out of scope for the main change management process;
  • controls over invoice payment and payroll processing; and
  • management of general and privileged user access to the FMIS and HRMIS.

1.84 Figure 1.9 illustrates the trend in findings observed by the ANAO in relation to entities’ FMIS and HRMIS application controls between 2014–15 and 2017–18.

Figure 1.9: IT application control findings

Figure 1.9 details the number of IT application control findings over the four financial years from 2014–15 to 2017–18. These are presented by category significant, moderate or minor.

1.85 Privileged user access in the FMIS or HRMIS includes the ability to bypass normal application controls or make changes to system settings and data. This access is often necessary to administer applications, and should be restricted and monitored to reduce the risk of errors or unauthorised activity. Six of the seven minor findings were in relation to entities’ management of application privileged user access.

1.86 Controls over payment processing support the accurate processing of payments to vendors and employees. Additionally, payment processing is an area that is particularly susceptible to fraud. One minor finding relating to securing payment files to prevent unauthorised modification was raised during the interim phase of the 2017–18 audits.

Business Continuity Management

1.87 Business Continuity is defined as the capability of an entity to continue delivery of products or services at acceptable predefined levels following a disruptive incident. It includes three key elements:

  • effective back-up and recovery arrangements, to allow data to be recovered from current versions of key IT systems;
  • business continuity planning, including the development, maintenance and testing of a business continuity plan for each key business area to enable the entity to continue operations while waiting for systems and data to be restored; and
  • disaster recovery planning, including the development, maintenance and testing of a disaster recovery plan to enable IT systems to be recovered in line with defined business requirements.

1.88 The ANAO assesses entities’ business continuity arrangements in view of the potential for a disruptive event to impact on financial reporting.

1.89 Figure 1.10 illustrates the trend for findings identified by the ANAO in entities’ business continuity arrangements between 2014–15 and 2017–18.

Figure 1.10: Business continuity findings

Figure 1.10 details the number of business continuity findings over the four financial years from 2014–15 to 2017–18. These are presented by category significant, moderate or minor.

1.90 All entities had business continuity and disaster recovery plans in place. Four entities received minor audit findings relating to not undertaking testing of their business continuity or disaster recovery plans.

1.91 Overall, the majority of IT controls continued to be effective in most entities included in this report during 2017–18. Consistent with observations in previous years, IT Security, particularly with regard to management of user access, continues to be an area requiring improvement to address the risk of inappropriate access to systems and data.

Cyber resilience

1.92 In addition to work performed as part of the financial statements audit, ANAO also reviews information systems and related controls as part of its program of performance audits. This year, the ANAO has also extended some of this assessment to the entities included in this report. Since 2013–14, the ANAO has conducted three performance audits to assess the cyber resilience of eleven different government entities.42 These audits assessed both IT general controls and the entities’ implementation of the mandatory Strategies to Mitigate Targeted Cyber Intrusions (the Top Four mitigation strategies) in the ISM43, which are required by the Protective Security Policy Framework (PSPF). A fourth audit in this series is being conducted as part of the 2017–18 Annual Audit Work Program.

1.93 All non-corporate Commonwealth entities are required to undertake an annual point in time self-assessment against the requirements of the PSPF. These requirements are divided into four categories:

  • Governance, to implement and manage protective security protocols;
  • Personnel Security, to ensure the suitability of personnel to access Australian Government resources;
  • Information Security, to ensure the confidentiality, availability and integrity of all official information; and
  • Physical Security, to ensure a safe working environment for employees, contractors, clients and the public, and to provide a secure environment for official assets.

1.94 Corporate Commonwealth entities and Commonwealth companies are not required to report on their compliance with the PSPF, however NBN Co Limited has elected to do so, and their results are included in this section.

1.95 Entities are required to report the results of the self-assessment to the relevant Portfolio Minister, with a copy to be sent to the Secretary of the Attorney-General’s Department and to the Auditor-General.

1.96 The Strategies to Mitigate Cyber Intrusions form part of INFOSEC 4, one of the mandatory requirements of the PSPF under Information Security.

1.97 Figure 1.11 summarises the 2017 PSPF compliance reporting by the entities included in this report that that have reported.44 Eleven entities reported that they were compliant, which is an increase from eight in the previous year. Seven entities reported partial compliance and five entities reported that they were not compliant.

Figure 1.11: Entity compliance with INFOSEC 4

Figure 1.11 details the entity’s self-assessment of compliance with INFOSEC4. Their compliance is broken into the following categories, 30% of entities self-assessed as Compliant, 22% as Non-compliant and 48% as Partially Compliant.

Source: ANAO analysis.

1.98 Figure 1.12 summarises the 2017 PSPF compliance reporting by the entities included in this report that are required to report as well as corporate entities who have reported voluntarily. INFOSEC 4 continues to be the area of least compliance. This is consistent with the outcomes of the ANAO performance audits, which found that eight of the eleven entities assessed were not fully compliant with INFOSEC 4.

Figure 1.12: PSPF compliance comparison by mandatory requirement

A column chart showing the number of Commonwealth entities that are compliant with each element of the Protective Security Policy Framework. INFOSEC4, which is the information security requirement that includes implementation of the Australian Signals Directorate’s Strategies to Mitigate Cyber Security Incidents, has the lowest level of compliance.

Source: ANAO analysis

1.99 Not implementing the mandatory Top Four mitigation strategies reduces an entity’s ability to continue providing services while deterring and responding to cyber intrusions. It also increases the likelihood of a successful cyber intrusion. The recent ANAO reports in relation to cyber security include a number of recommendations to assist with this, which entities should review and implement where applicable.

Compliance and quality assurance frameworks

1.100 The business of government requires, in many circumstances, placing reliance on internal and external systems, parties and information in decision making processes. For this reason, the implementation of effective compliance frameworks, and processes that provide assurance regarding the completeness and accuracy of information, are integral to an entity’s internal control. Figure 1.13 demonstrates the trends in interim audit findings related to entities’ compliance and quality assurance frameworks from 2014–15 to 2017–18.

Figure 1.13: Compliance and quality assurance frameworks

Figure 1.13 details the number of compliance and quality assurance frameworks audit findings over the four financial years from 2014–15 to 2017–18. These are presented by category significant, moderate or minor.

1.101 There has been a reduction in the number of significant and moderate findings reported in 2017–18 compared to 2016–17. The two significant findings reported in the prior year have both been resolved. The significant finding relating to weaknesses in the child care compliance program administered by the Department of Education and Training was resolved during the 2016–17 final audit.45 The other significant audit finding related to the National Disability Insurance Agency and was resolved as part of the interim audit. This finding is outlined detail in chapter 3 at paragraphs 3.22.18 to 3.22.24.

1.102 The five moderate findings reported in 2017–18 related to weaknesses in: entities processes to obtain assurance over information sourced from third parties; and compliance frameworks supporting revenue collection and program payments.46

1.103 There has been an increase in the number of minor audit findings in comparison to the prior two financial years. The number of moderate and minor audit findings reported indicates a need for entities to focus greater attention on:

  • maintaining effective governance over third party or joint service delivery arrangements;
  • the risk management frameworks that support the effective management of risk in the delivery of programs; and
  • implementing effective quality assurance processes over key financial statements inputs particularly those subject to professional judgement and uncertainty.

Accounting and control of non-financial assets

1.104 Entities control a diverse range of non-financial assets on behalf of the Commonwealth, with the main asset classes being land and buildings, specialist military equipment, leasehold improvements, infrastructure, plant and equipment, inventories and internally‐developed software.

1.105 The number of audit findings related to entities’ controls in this area over the last four years is presented in Figure 1.14 below.

Figure 1.14: Accounting and control of non-financial assets audit findings

Figure 1.14 details the number of accounting and control of non-financial assets audit findings over the four financial years from 2014–15 to 2017–18. These are presented by category significant, moderate or minor.

1.106 One moderate audit finding remains unresolved at the conclusion of the 2017–18 interim audit. This finding was first reported to the Department of Defence during the 2015–16 final audit and relates to the data integrity of the Specialist Military Equipment fixed asset register. Further detail regarding this findings can be found in chapter 3 at paragraphs 3.6.21 to 3.6.22.

1.107 The number of minor audit findings reported in 2017–18 has decreased compared with 2016–17. The nine minor audit findings reported in 2017–18 relate to the accuracy of entities; fixed asset registers; asset valuation; and stocktaking procedures. Of these unresolved audit findings two minor audit findings remain unresolved from 2013–14 and four from 2015–16.

Revenue, receivables and cash management

1.108 The key financial statements items related to revenue and receivables consist of Parliamentary appropriations, taxation revenue, recoveries, customs and excise duties and administered levies. Other revenue is also generated by entities from the sale of goods and services and a range of other sources including interest earned from cash funds on deposit. Cash management involves the collection and receipt of public monies and the management of official bank accounts.

1.109 Figure 1.15 outlines trends in findings related to revenue, receivables and cash management identified during interim phases between 2014–15 and 2017–18.

Figure 1.15: Revenue, receivables and cash management audit findings

Figure 1.15 details the number of revenue, receivables and cash management audit findings over the four financial years from 2014–15 to 2017–18. These are presented by category significant, moderate or minor.

1.110 There are no significant or moderate audit findings reported in 2017–18 and a reduction in the number of minor audit findings compared to 2016–17. During the 2017–18 interim audit phase, the ANAO observed weaknesses in entities’ reconciliation processes and controls supporting the completeness and accuracy of revenue reported.

Human resource financial processes

1.111 Human resources encompass the day-to-day management and administration of employee entitlements and payroll functions. Expenditure associated with employee benefits represents the largest departmental expenditure item for most entities and employee entitlement liabilities are typically the largest liability. It is therefore important for entities to establish robust controls in these areas to support complete and accurate payment and recording of transactions.

1.112 The number of audit findings reported in this category over the past four financial years is presented in Figure 1.16.

Figure 1.16: Human resources financial processes audit findings

Figure 1.16 details the number of Human resources financial process audit findings over the four financial years from 2014–15 to 2017–18. These are presented by category significant moderate or minor.

1.113 The two moderate audit findings reported in 2016–17 related to weaknesses in the Department of Home Affairs and the National Disability Insurance Agency’s human resource management process. These findings were resolved during the 2016–17 final audit.47

1.114 Minor audit findings have increased in 2017–18 and relate to weaknesses identified in relation to commencements and terminations of employees and the monitoring of controls over payroll processing and reporting. Of these findings, three were identified as part of the 2016–17 interim audits.

Purchases and payables management

1.115 The main financial statements components of purchases and payables are payments to, or due to, suppliers including contractor and consultancy expenses, lease payments and general administrative and utility payments. These payments typically comprise the other significant departmental expenditure item of entities following employee entitlements. The number of audit findings identified in this category over the past four financial years is presented in Figure 1.17.

Figure 1.17: Purchases and payables management audit findings

Figure 1.17 details the number of purchases and payables management audit findings over the four financial years from 2014–15 to 2017–18. These are presented by category significant moderate or minor.

1.116 The figure above demonstrates the controls in this area for entities included in this report are typically strong, with no significant or moderate audit findings identified in the past four years. The most common areas requiring attention over the past four years are:

  • processes supporting the authorisation of expenditure, including maintaining proper segregation of duties;
  • maintenance of vendor records; and
  • processes supporting the accurate recording of accrual information.

Other audit findings

1.117 Other audit findings include items regarding maintenance of appropriate documentation to support decision making, general reconciliation processes, and incomplete policies and procedures affecting the administration of government programs, including grants. The number of audit findings identified in this category over the past four financial years is presented in Figure 1.18.

1.118 The moderate finding relates to weaknesses identified in the fraud and integrity reporting process at the Department of Home Affairs. Further details can be found in the Department of Home Affairs sections in chapter 3 at paragraphs 3.14.20 to 3.14.21.

Figure 1.18: Other audit findings

Figure 1.18 details the number of other audit findings over the four financial years from 2014–15 to 2017–18. These are presented by category significant, moderate or minor.

2. Reporting and auditing frameworks

Chapter coverage

This chapter outlines recent and future changes to the public sector reporting framework and the Australian auditing framework relating to the auditor’s report on financial statements.

Summary of developments

There are no significant accounting standards changes for the Commonwealth public sector for 2017–18. Major changes in accounting standards will be applicable in 2018–19 and 2019–20 with the implementation of revised standards for financial instruments, revenue and leases. The majority of entities included in this report have indicated that they are still in the planning stage of transition to the new standards with approximately half of entities having both updated accounting policies and transition plans for standards expected to have a material impact.

Introduction

2.1 The Australian Government’s financial reporting framework is based, in large part, on standards made independently by the Australian Accounting Standards Board (AASB). The framework is designed to support decision-making by, and accountability to, the Parliament.

2.2 The AASB bases its accounting standards on the International Financial Reporting Standards (IFRS) issued by the International Accounting Standards Board (IASB). Because IFRS are designed primarily for use by private sector and for-profit organisations, the AASB amends the IFRS to reflect significant transactions and events that are particularly prevalent in the public and not-for-profit private sectors. In doing so, it takes into account standards issued by the International Public Sector Accounting Standards Board.

2.3 The Finance Minister prescribes additional reporting requirements for Commonwealth entities. These are contained in the Public Governance, Performance and Accountability (Financial Reporting) Rule 2015 (the FRRs). The Rule is made under the Public Governance, Performance and Accountability Act 2013 (the PGPA Act).

2.4 The audits of the financial statements of Australian Government entities are conducted in accordance with the ANAO Auditing Standards, which are made by the Auditor-General under section 24 of the Auditor-General Act 1997. The ANAO Auditing Standards incorporate, by reference, the auditing standards made by the Australian Auditing and Assurance Standards Board (AUASB). The AUASB bases its standards on those made by the International Auditing and Assurance Standards Board, an independent standard setting board of the International Federation of Accountants.

2.5 The financial reporting and auditing frameworks that apply in 2017–18 are illustrated in appendices 4 and 5 of this report.

Changes to the Australian public sector reporting framework

Future changes to accounting standards

2.6 Public sector entities will need to prepare for a number of new standards for 2018–19 and 2019–20. These new standards represent major revisions to existing standards for financial instruments, revenue and leases. The effort and time required to transition to these new standards should not be underestimated with entities required to develop business models, write new accounting policies, revise existing accounting policies, undertake a review of all the underlying contracts and in some instances consider amending contracts.

Financial instruments

2.7 The new financial instruments standard AASB 9 Financial Instruments (AASB 9) is effective for financial years commencing on or after 1 January 2018; this means it will have implications for entities in the 2018–19 financial year. AASB 9 moves away from recognition and disclosure primarily determined by the type of instrument to recognition and disclosure determined in large part by an entity’s purpose for acquiring and holding the instrument. Where the financial instrument is held for the purpose of government policy, the entity will need to document the relationship between classification and policy.

2.8 AASB 9 amends the existing historical loss model for the assessment of credit risk to an expected loss model. This will require entities to consider the initial and ongoing ability of the creditor to settle the obligation.

Revenue

2.9 The new revenue standard AASB 15 Revenue from Contracts with Customers (AASB 15) is effective for financial years commencing on or after 1 January 2019 for not-for-profit entities, meaning it will impact most Commonwealth entities in the 2019–20 financial year.48 AASB 15 applies to all exchange transactions and provides a consistent approach to revenue recognition. The principle underpinning AASB 15 is that revenue is earned when the customer receives the goods or services that have been promised under the contract. AASB 15 will impact entities where:

  • funding is given to provide goods or services to a third party - the entity will recognise revenue when the goods or services are provided to the third party. Under standards currently in force, revenue is recognised when the money is received from the funding provider;
  • funding agreements do not identify specific goods or services to be delivered over the term of the contract. Entities will recognise revenue up front unless contract completion is a deliverable;
  • both revenue and the related expense are deferred until the goods or services are delivered, entities with significant non-appropriation revenue are likely to see an impact on their balance sheet and operating result, particularly for long term projects with a significant delay between establishment and initial delivery.
Leases

2.10 The revised leasing standard AASB 16 Leases (AASB 16) is effective for financial years commencing on or after 1 January 2019; this means it will impact entities in the 2019–20 financial year. AASB 16 significantly increases the recognition and disclosure of leases by lessees with the majority of leases currently treated as operating leases recognised on the balance sheet. The net impact on the balance sheet is expected to be limited as the right-of-use asset and liability for future lease payments will be largely offsetting as the value of the right-of-use asset is based on the net present value of the future lease payments. In terms of profit or loss impact, rather than the current annual rent expense over the term of the lease two expenses will be recognised - interest on the lease liability and amortisation of the right-of-use asset. The effect of AASB 16 is to “front-load” the recognition of expense, rather than recognising it on a straight-line basis.

2.11 The adoption of AASB 16 is expected to be a time consuming task for those entities with significant numbers of operating leases. Entities will need to review all lease agreements to identify the right-of-use asset, unbundle any service arrangements and identify where the lease payments are significantly below market value. Lessees will also need to consider that AASB 16 requires entities to include known contingent rents on initial measurement of the asset and liability and subsequently remeasure the lease asset and liability as subsequent contingent rent events become known.

Transition work to date

2.12 The ANAO requested, from entities included in this report, an indication of their progress in preparing for the new standards. All 26 entities covered by this report responded, with only one entity, the Department of Education and Training indicated that it was yet to make an assessment of the implication of AASB 15.

2.13 Table 2.1 shows that AASB 16 is expected to have the greatest impact with 21 entities (approximately 81 per cent) expecting AASB 16 to have a material impact on their financial statements.

Table 2.1: ANAO analysis of entities’ expectations of the impact of new accounting standards

Standard

Entities expecting a material impact

Entities not expecting a material impact

Entities who have not yet considered the impact

AASB 9

8 (31%)

18 (69%)

0 (0%)

AASB 15

4 (15%)

21 (81%)

1 (4%)

AASB 16

21 (81%)

5 (19%)

0 (0%)

       

Source: ANAO analysis of advice provided by entities.

Table 2.2: ANAO analysis of entities’ progress in preparation for new accounting standards expected to have a material impact

Standard

Entities with updated accounting policies

Entities with a transition plan

Entities who have quantified impact

Entities has sought external advice

AASB 9

4 (50%)

3 (38%)

1 (13%)

3 (38%)

AASB 15

3 (75%)

2 (50%)

1 (25%)

2 (50%)

AASB 16

10 (48%)

12 (57%)

2 (10%)

4 (19%)

         

Source: ANAO analysis of advice provided by entities.

2.14 Table 2.2 indicates that the majority of entities are still in the planning stage with approximately half of entities having both updated accounting policies and transition plans for standards expected to have a material impact. In particular, eight entities are expecting AASB 9 to have a material impact, however only four entities have determined their accounting policies and only one entity has quantified the impact.

2.15 The ANAO’s analysis of the responses indicates that there were a number of entities (AASB 16: four entities and AASB 9: one entity) that have prepared transition plans without first updating their accounting policies. The presence of a transition plan without updated accounting policies indicates the possibility of poor planning and limited senior management involvement as there are a number of significant management decisions that should have been made and documented prior to commencing transition planning. For example AASB 16 requires selection of a transition approach, identification of the incremental rate of borrowing, the setting of a low value lease threshold and choosing whether or not to exempt short term leases.

2.16 AASB 108 Accounting Policies, Changes in Accounting Estimates and Errors includes a requirement to disclose “reasonably estimable information relevant to assessing the possible impact” new standards will have on the financial statements. While this disclosure is not required for Tier 2 entities applying reduced disclosure requirements, it is required for Consolidated Financial Statements as they are Tier 1 and apply full disclosures. The significant amount of work still to be done in relation to the quantification of the impact of the new standards and collection of information from Tier 2 entities presents a challenge for the preparation of 2017–18 Consolidated Financial Statements. The ANAO will continue to monitor entity’s progress in this area.

Changes to the Australian auditing framework

Auditor’s report on financial statements

2.17 The ANAO Report No 24 2017-18 Audits of the Financial Statements of Australian Government Entities for the Period Ended 30 June 2017 reported on the adoption of a number of changes to the auditor’s reports for 2016–17, including the application of a new auditing standard ASA 701 Communicating Key Audit Matters in the Independent Auditor’s Report (ASA 701). While ASA 701 only requires Key Audit Matters (KAM) reporting for listed entities, the Auditor–General considers KAM reporting to be better practice in the financial statements auditing profession and consistent with the ANAO’s outcome of improving public sector performance and accountability through independent reporting on Australian Government administration to the Parliament, the Executive and the public. Consequently, the Auditor-General adopted KAM reporting in 2016–17 for the 25 entities included in ANAO Report No. 60. 2016–17 Interim Report on Key Financial Controls of Major Entities.

2.18 In 2016–17, the ANAO reported a total of 57 KAM across the 25 entities, the majority of which related to the valuation of assets and liabilities. The concentration of KAM within the balance sheet of key bodies within the Commonwealth reflects the complexities and judgement required in determining the value of the significant public assets and liabilities managed by the Commonwealth. For a number of these assets there are particular considerations regarding valuing assets that are managed for a public service delivery rather than profit-based reason.

2.19 The Auditor-General will continue to adopt KAM reporting in 2017–18 for the 26 entities included in this report as well as for the Consolidated Financial Statements of the Australian Government.

2.20 The purpose of communicating KAM is to provide greater transparency about the audit that was performed. Communicating KAM helps users of financial statements better understand those matters that, in the auditor’s professional judgement were of the most significance in the audit of the financial statements. The audit opinion is made in respect of the financial statements as a whole. Accordingly, the description of KAM does not provide a separate conclusion on the matter being described nor does it imply that the matter has been appropriately resolved in forming the overall opinion.

2.21 The application of ASA 701 has raised an implementation issue for the ANAO as the standard is written for the private sector. An audit finding, such as those described in this report, may be a reason for audit focus in a subsequent year for a particular area of the financial statements. For example if a significant or moderate finding is related to a particular financial statements balance or transaction, it may be the case that this will result in a KAM for the audit of the financial statements in the following year. Under ASA 701, the description of the KAM would include the basis for the prior year finding as a reason why the matter was considered to be one of the most significant in the audit and therefore determined to be a key audit matter.

2.22 The description would also explain how the matter was addressed in the audit. Under ASA 701 this would include a brief overview of the procedures performed and could include an indication of the outcome of those procedures as well as key observations with respect to the matter. However, the auditor is prevented from giving the impression that the description is conveying a separate opinion on the matter. As such, the ANAO may not be able to directly acknowledge the resolution of the finding that gave rise to a KAM. This is inconsistent with the ANAO’s practice of including both positive and negative findings and observations in reporting to the Parliament.

2.23 We note that, at its March meeting, the AUASB considered and discussed a draft Public Sector Audit Issues strategic project outline. The intention of the project is to produce guidance targeted at the public sector auditors in a number of areas, including KAM reporting. The ANAO will seek to have this implementation issue considered as part of this project.

3. Results of the interim audit phase by entity

Chapter coverage

This chapter summarises the results of the interim audits for the 2017–18 financial statements of the 26 entities covered by this report. The entities included in this report are all Departments of State, the Department of Parliamentary Services and other Commonwealth entities that significantly contribute to the income, expenses, assets and liabilities within the 2016–17 Consolidated Financial Statements (CFS) and are presented in Figure 3.0.1 and Figure 3.0.2.

Audit results

There were no significant and 12 moderate findings reported to the entities covered by this report at the completion of the 2017–18 interim phase compared with two significant and 22 moderate in 2016–17.

At the completion of the interim audits, the ANAO reported to five entities that, except for particular finding/s outlined in this chapter, key elements of internal control were operating effectively to provide reasonable assurance that the entities were able to prepare financial statements that are free from material misstatement. The ANAO identified a number of findings in relation to the National Disability and Insurance Agency, which reduced further the level of confidence that could be placed on key elements of internal control that supported the preparation of financial statements that were free from material misstatement.

Introduction

3.0.1 The ANAO’s assessment of the overall risk of material misstatement of the financial statements is based on professional judgement relating to the entity’s particular circumstances. The financial statements audit planning process involves joint procedures with performance audit and takes into account each entity’s environment and governance arrangements, its system of internal control, and prior year financial and performance audit findings. These planning processes inform the identification of areas of key risk that have the potential to impact on the integrity of the financial statements.

3.0.2 The ANAO’s interim phase of the audit focuses on the steps taken by entities to manage these risks, including their systems of internal control.

3.0.3 This chapter reflects portfolio and funding arrangements existing at 31 May 201849 50 and outlines the following information for each of the reported entities:

  • the entity’s primary role as reflected in its Portfolio Budget Statements;
  • the entity’s contribution to the Australian Government’s Consolidated Financial Statements (CFS);
  • 2017–18 appropriation funding and key financial statements items51;
  • key areas of financial statements risk;
  • the ANAO’s assessment of the overall risk of material misstatement of the financial statements, which informs the audit processes to be undertaken; and
  • the status of significant and moderate audit findings at the completion of the interim audit, and the conclusion relating to audit coverage to date.

3.0.4 The entities included in this report include all Departments of State, the Department of Parliamentary Services and other Commonwealth entities that significantly contribute to the revenues, expenses, assets and liabilities within the 2016–17 CFS.

3.0.5 An analysis of each of these entities’ 2016–17 results as a percentage of the 2016–17 CFS is presented below. Figure 3.0.1 presents the results of nine entities that contribute more than 10 per cent of either the income, expenses, assets or liabilities of the CFS. The maining entities are presented in Figure 3.0.2 and contribute less than 10 per cent of all categories.

Figure 3.0.1: Entities contributing more than 10 per cent to the Australian Government’s 2016–17 Consolidated Financial Statements52

Figure 3.0.1 details the contribution to the Consolidated Financial Statements, for Income, Expenses, Assets and Liabilities, for entities who contribute more than ten percent to the 2016–17 Consolidated Financial Statements.

Source: ANAO analysis of CFS and entities’ financial statements for the year ended 30 June 2017.

Figure 3.0.2: Entities contributing less than 10 per cent to the Australian Government’s Consolidated Financial Statements53

Figure 3.0.2 details the contribution to the Consolidated Financial Statements, for Income, Expenses, Assets and Liabilities, for entities who contribute less than ten per cent to the 2016–17 Consolidated Financial Statements.

Source: ANAO analysis of CFS and entities’ financial statements for the year ended 30 June 2017.

Results of financial statements audits

3.0.6 Table 3.0.1 presents a summary of new and unresolved significant and moderate findings54 at the conclusion of our 2017–18, 2016–17 interim audits and the 2016–17 final audit.

Table 3.0.1: Significant and moderate findings by entity

 

Interim 2017–18

Final 2016–17

Interim 2016–17

Entity

New findingsa

Unresolved findingsb

New findingsa

Unresolved findingsb

New findingsa

Unresolved findingsb

Department of Agriculture and Water Resources

Attorney-General’s Department

1

Department of Communications and the Arts

1

Australian Postal Corporation

NBN Co Limited

Department of Defence

2

2

2

4

Department of Veterans’ Affairs

Department of Education and Training

2

Department of the Environment and Energy

Department of Finance

1

Future Fund Management Agency and the Board of Guardians

Department of Foreign Affairs and Trade

Department of Health

1

Department of Human Services

Department of Home Affairs

2

1

1

1

3

Department of Industry, Innovation and Science

1

Department of Infrastructure Regional, Development and Cities

Department of Jobs and Small Business

1

Department of Parliamentary Services

Department of the Prime Minister and Cabinet

1

1

Department of Social Services

National Disability Insurance Agency

5

7

1

2

1

Department of the Treasury

Australian Office of Financial Management

Australian Taxation Office

1

1

4

Reserve Bank of Australia

TOTAL

2

10

12

2

6

18

             

Note a: Minor findings identified previously but upgraded to a moderate or significant finding are considered new for the purposes of this table.

Note b: Findings transferred to another entity as a result of Machinery of Government changes, which remain unresolved, are treated as repeat findings for the purposes of this table.

Source: 2016–17 and 2017–18 ANAO audit correspondence.

3.0.7 Details of the findings summarised above can be found in the relevant entity’s ‘Audit results’ section.

3.1 Department of Agriculture and Water Resources

Overview

3.1.1 The Department of Agriculture and Water Resources (Agriculture) supports the sustainability, profitability and competitiveness of Australia’s agricultural, fisheries, food and forestry industries and the sustainable and productive management and use of rivers and water resources.

3.1.2 As a result of an announcement by the Prime Minister on 19 December 2017, Agriculture transferred responsibility for dam and water infrastructure policy, including the administration of the National Water Infrastructure Development Fund and Loan Facility to the Department of Infrastructure, Regional Development and Cities.

3.1.3 Figure 3.1.1 shows Agriculture’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.1.1: Agriculture’s contribution to the Australian Government’s income, expenses, assets and liabilities55

Figure 3.1.1 shows Agriculture’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Agriculture’s financial statements for the year ended 30 June 2017.

3.1.4 Figure 3.1.2 and Figure 3.1.3 show the 2016–17 departmental and administered financial statements items reported by Agriculture and the 2017–18 key areas of financial statements risk.

Figure 3.1.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.1.2 shows Agriculture’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk

Source: ANAO analysis and Agriculture’s financial statements for the year ended 30 June 2017.

Figure 3.1.3: Key administered financial statement items and areas of financial statements risk

Figure 3.1.3 shows Agriculture’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Tabl

Source: ANAO analysis and Agriculture’s financial statements for the year ended 30 June 2017.

3.1.5 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Agriculture’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Agriculture’s environment and governance arrangements, including its financial reporting regime and system of internal control. The recommendations of any performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Agriculture are also considered as part of the ANAO’s 2017–18 financial statements audit risk identification processes.

3.1.6 In light of the key areas of risk detailed in Table 3.1.3 and the ANAO’s understanding of the operations of Agriculture, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items56

3.1.7 Annual appropriation funding of $410.0 million (departmental) and $1,134.4 million (administered) is to be provided to Agriculture in 2017–18 to support the achievement of Agriculture’s outcomes.57 Agriculture was also budgeted to receive special appropriation funding of $1,339.7 million.58 59

3.1.8 Table 3.1.1 and Table 3.1.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.1.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

821.1

1,974.2

Employee benefits

501.8

Suppliers

281.4

33.1

Depreciation and amortisation

28.2

7.8

Personal benefits

0.0

36.7

Grants

4.1

1,458.2

Other

5.6

0.4

Assets transferred to related entities

438.0

Total own-source income

424.2

731.9

Sale of goods and rendering of services

389.8

0.0

Other taxes

0.0

571.4

Interest

0.4

23.2

Gains

-

127.3

Other

34.0

10.0

Net cost of services

396.9

1,242.3

     

Table 3.1.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2016–17

Total assets

329.3

2,433.4

Trade and other receivables

108.4

1,348.7

Intangibles

113.0

125.0

Land and buildings

43.6

1.5

Property, plant and equipment

33.0

523.3

Investments

16.0

351.2

Other

15.3

83.7

Total liabilities

218.1

107.5

Grants

103.9

Suppliers payable

21.9

2.3

Other payables

47.0

1.3

Employee provisions

141.8

Other provisions

7.4

Net assets

111.2

2,325.9

     

Note a: Agriculture’s estimated average staffing level for 2017–18 is 4,594.

Key areas of financial statements risk

3.1.9 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Agriculture’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.1.3.

Table 3.1.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Departmental

Sale of goods and rendering of services

Trade and other receivables

Accuracy and completeness of export and quarantine revenue and receivables.

Higher

  • large range of revenue streams, collected across the country through multiple systems;
  • complex cost recovery arrangements;
  • collection of a significant portion of biosecurity revenues by the Department of Home Affairs;
  • estimation involved in the calculation of the provision for doubtful debts; and
  • complex disclosure requirements for cost recovery arrangements.

Administered

Other taxes

Accuracy and completeness of primary industry levies and charges revenue

Moderate

  • self-assessment nature of collections; and
  • complexities involved with estimating agricultural production on which the revenue is based.

Administered

Farm finance, drought and dairy assistance loans

(included in trade and other receivables)

Valuation of drought and farm finance assistance loans

Moderate

  • variation in loan terms across jurisdictions;
  • potential changes in the accounting treatment for loans should they be deemed concessional in nature;
  • the level of estimation involved in determining any potential impairment of loans, with the likelihood increasing as the loans age; and
  • Commonwealth loans with jurisdictions are managed by Agriculture. Subsequent management of loans to farm businesses is undertaken by a third party (the jurisdiction), who is responsible for the approval of recipients, and the ongoing monitoring and maintenance of loans.

Administered

Non-financial assets

(jointly controlled arrangements)

Valuation of jointly controlled assets

(River Murray Operations and Living Murray Initiative)

Moderate

  • jointly controlled arrangements are managed by a third party with limited oversight from joint venturers; and
  • the complexities involved in valuing the unique assets managed under the arrangement.

Administered

Personal benefits payments

Eligibility of personal benefit payments

Moderate

  • susceptibility to fraudulent benefit claims; and
  • eligibility for personal benefits paid by the Department of Human Services on behalf of Agriculture under the Farm Household Allowance scheme is subject to the applicants meeting a number of complex legislative conditions.
       

Source: ANAO 2017–18 risk assessment for Agriculture.

3.1.10 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.1.11 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the controls relating to the key areas of financial statements risk disclosed in Table 3.1.3. In addition, interim coverage of IT general controls and supplier and employee benefits expenses has been completed.

3.1.12 Audit coverage of all material financial statements items will be completed as part of the 2017–18 final audit.

3.1.13 No significant or moderate audit findings have been reported by the ANAO as a result of audit coverage to date. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.1.14 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Agriculture will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.2 Attorney-General’s Department

Overview

3.2.1 The Attorney-General’s Department (AGD) is responsible for the provision of expert advice and services on a range of law and justice issues. Responsibilities relating to national security, emergency management and natural disaster relief and recovery were transferred to the Department of Home Affairs in December 2017 as a result of Machinery of Government (MoG) changes.

3.2.2 Figure 3.2.1 shows AGD’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.2.1: AGD’s contribution to the Australian Government’s income, expenses, assets and liabilities60

Figure 3.2.1 shows AGD’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and AGD’s financial statements for the year ended 30 June 2017.

3.2.3 Figure 3.2.2 and Figure 3.2.3 show the 2016–17 departmental and administered financial statement items reported by AGD and the 2017–18 key areas of financial statements risk.

Figure 3.2.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.2.2 shows AGD’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per T

Source: ANAO analysis and AGD’s financial statements for the year ended 30 June 2017.

Figure 3.2.3: Key administered financial statement items and areas of financial statements risk

Figure 3.2.3 shows AGD’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.2.3

Source: ANAO analysis and AGD’s financial statements for the year ended 30 June 2017.

3.2.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on AGD’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of AGD’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of AGD also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.2.5 In light of the key areas of risk detailed in Table 3.2.3 and the ANAO’s understanding of the operations of AGD the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items61

3.2.6 Annual appropriation funding of $253.0 million (departmental) and $449.0 million (administered) was provided to AGD in 2017–18 to support the achievement of AGD’s outcomes.62 AGD was also budgeted to receive special appropriation funding of $16.9 million.63 64

3.2.7 Table 3.2.1 and Table 3.2.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.2.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

362.9

447.8

Employee benefits

204.9

15.1

Suppliers

141.2

90.1

Personal benefits

7.4

Grants

307.3

Other

16.8

27.9

Total own-source income

170.1

27.2

Sale of goods and rendering of services

167.0

2.5

Interest

0.1

7.0

Other

3.0

17.7

Net cost of services

192.8

420.6

     

Table 3.2.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered Estimated actual ($m) 2017–18

Total assets

281.3

388.9

Trade and other receivables

116.8

28.4

Other investments

351.2

Land and buildings

51.0

Property, plant and equipment

17.8

5.0

Intangibles

24.8

2.9

Other

70.9

1.4

Total liabilities

151.5

28.5

Employee provisions

68.4

6.7

Suppliers payable

53.4

15.9

Other

29.7

5.9

Net assets

129.8

360.4

     

Note a: AGD’s estimated average staffing level for 2017–18 is 1,591.

Key areas of financial statements risk

3.2.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of AGD’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.2.3.

Table 3.2.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

All financial statement line items

Completeness and accuracy of disclosures relating to the restructure that transferred functions from the department

Moderate

  • risk associated with the transfer of employees and related leave entitlements to the Department of Home Affairs; and
  • required additional financial statements disclosures.

Departmental

Sale of goods and rendering of services

Revenue recognition

Moderate

  • Australian Government Solicitor (AGS) is a branch within AGD. Revenue from AGS is derived from time recorded on matters. This is subject to management judgement concerning the timing of revenue recognition and recovery and the valuation of work-in-progress at year end.

Administered

Grants expenses

Accuracy and occurrence of grant expenses

Moderate

  • AGD has a decentralised grants management system which encompasses multiple and varied practices; and
  • a significant component of the grants expense is managed by the Department of Social Services.

All financial statements line items

Financial statements preparation, quality assurance and support processes

Moderate

  • financial statements information for AGS is sourced from a separate information system.
       

Source: ANAO 2017–18 risk assessment for AGD.

3.2.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.2.10 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the controls relating to: administered grants; departmental revenue; and the management of appropriations and special accounts. IT general and application controls and key controls over payroll and cash management have also been assessed.

3.2.11 Audit procedures relating to the valuation of non-financial assets, including administered investments and the consolidation and financial statements close processes will be undertaken as part of the 2017–18 final audit.

3.2.12 No significant or moderate audit findings have been reported by the ANAO as a result of audit coverage to date. There were no unresolved significant or moderate audit findings from 2016–17.

Conclusion

3.2.13 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that AGD will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.3 Department of Communications and the Arts

Overview

3.3.1 The Department of Communications and the Arts (Communications) is responsible for policy development, advice and program delivery with respect to digital technologies, communication services and promoting access to, and participation in, art and culture.

3.3.2 Figure 3.3.1 shows Communications’ income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.3.1: Communications’ contribution to the Australian Government’s income, expenses, assets and liabilities65

Figure 3.3.1 shows Communication’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Communications financial statements for the year ended 30 June 2017.

3.3.3 Figure 3.3.2 and Figure 3.3.3 show the 2016–17 departmental and administered financial statements items reported by Communications and the 2017–18 key areas of financial statements risk.

Figure 3.3.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.3.2 shows Communication’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements ris

Source: ANAO analysis and Communications’ financial statements for the year ended 30 June 2017.

Figure 3.3.3: Key administered financial statement items and areas of financial statements risk

Figure 3.3.3 shows Communication’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Ta

Source: ANAO analysis and Communications’ financial statements for the year ended 30 June 2017.

3.3.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Communications’ financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Communications’ environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Communications also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.3.5 In light of the key areas of risk detailed in Table 3.3.3 and the ANAO’s understanding of the operations of Communications, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items66

3.3.6 Annual appropriation funding of $107.7 million (departmental) and $9,625.4 million (administered) was provided to Communications in 2017–18 to support the achievement of Communications’ outcomes.67

3.3.7 Table 3.3.1 and Table 3.3.2 provide a summary of the key 2017–18 departmental and administered financial statements items.

Table 3.3.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

121.0

2,487.1

Employee benefits

71.2

Suppliers

37.5

381.9

Depreciation and amortisation

5.3

9.6

Grants / subsidies

1.7

325.0

Payments to corporate entities

1,762.9

Other

5.3

7.7

Total own-source income

22.8

157.7

Sales of goods and rendering services

5.8

Dividends

78.5

Interest

73.4

Other

17.0

5.8

Net cost of services

98.2

2,329.4

     

Table 3.3.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

85.6

32,252.5

Trade and other receivables

19.4

6,768.7

Land and buildings

3.0

58.1

Property, plant and equipment

15.3

148.1

Intangibles

6.6

Heritage and cultural assets

36.3

Other investments

25,246.4

Other

5.0

31.2

Total liabilities

31.3

394.7

Employee provisions

25.5

Suppliers payable

2.9

335.4

Other provisions

Other

2.9

59.3

Net assets

54.3

31,857.8

     

Note a: Communications’ estimated average staffing level for 2017–18 is 547.

Key areas of financial statements risk

3.3.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Communications’ financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.3.3.

Table 3.3.3: Key areas of financial statements risk

Relevant financial statement line item

Key area

Audit risk rating

Factors contributing to risk assessment

Administered

Receivables

Valuation and management of the administered loan to NBN Co Limited (NBN)

Higher

  • the need to establish additional financial risk management practices in connection with accounting for the Commonwealth’s $19.5 billion loan facility to NBN; and
  • complexity surrounding the assessment of the recoverability of the loan with significant accounting judgement involved in determining any potential impairment.

Administered

Other investments

Valuation of the Australian Government’s investment in the NBN and Australian Postal Corporation

Higher

  • significant judgement in determining the appropriate valuation methodology for each investment; and
  • significant judgement used in developing key inputs, including projected cash flows, terminal value and weighted average cost of capital.

Administered

Property, plant and equipment

Regional Backbone Blackspots Program (RBBP) assets

Valuation of network infrastructure – RBBP

Moderate

  • the specialised nature of RBBP assets and restrictions increases the judgement applied in establishing a fair value.
       

Source: ANAO 2017–18 risk assessment for Communications.

3.3.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. ANAO Report No.12 2017–18 Management of the Contract for Telephone Universal Service Obligations was tabled during 2017–18. The report focused on the effectiveness of Communications’ contract management of selected telephone universal service obligations.

3.3.10 The observations of this report were considered in designing audit procedures to address areas considered to pose a lower risk of material misstatement. The observations have been used to inform the assessment of controls related to the contract and grants management processes.

Audit results

3.3.11 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the controls relating to: administered grants expenses; cash and asset management; payroll processing; and supplier expenses. Audit coverage also included an assessment of Communications’ IT general and selected application controls.

3.3.12 As part of the 2017–18 final audit, audit coverage of the management of the administered loan will continue, and audit work on the valuation of administered investments and the assets associated with the RBBP will be completed.

3.3.13 The following table summarises the status of audit findings reported by the ANAO in 2016–17 and 2017–18.

Table 3.3.4: Status of audit findings raised by the ANAO

Category

Closing position (at the end of the 2016–17 final audit)

Resolved findings (at the time of the 2017–18 interim audit)

New findings (during the 2017–18 interim audit)

Closing position (at the end of the 2017–18 interim audit)

Significant (A)

0

0

0

0

Moderate (B)

0

0

1

1

Total

0

0

1

1

         
New moderate audit finding
Risk management practices relating to NBN’s loan facility.

3.3.14 On 22 December 2016, the Commonwealth entered into a loan arrangement with NBN which is administered by Communications. The loan agreement sets out the terms of the $19.5 billion facility that is available to NBN for the period 1 July 2017 to 30 June 2021, including the applicable undertakings, restrictions and interest rate and a requirement that the principal amount borrowed is to be repaid in full by 30 June 2021. The 2018–19 Budget68 estimates that $6.7 billion of the loan will be drawn down as at 30 June 2018. For the majority of the loan period NBN’s forecast operating cash flows are negative with a small positive cash flow projected for 2020–21.

3.3.15 At the time of the interim audit, Communications had not established the practices necessary to manage the risks associated with the loan facility. Communications was not able to provide evidence of:

  • their undertaking of the evaluation and assessment in establishing the loan, including suitability of the terms and conditions within the contract, other than the interest rate, and details of assessment undertaken to determine NBN’s capacity to fully service the loan;
  • a governance policy or a suitable framework for Communications’ oversight, review and monitoring of NBN’s compliance with the lending arrangements;
  • ongoing monitoring of NBN’s compliance with several aspects of the loan agreement; and
  • an analysis to progressively assess NBN’s capacity to fully repay the loan.

3.3.16 The failure to fully establish practices to manage the risks associated with this loan significantly increases the Commonwealth’s risk of exposure to loss. The Commonwealth is the sole shareholder of NBN, therefore the recovery of any losses may need to be absorbed by the Commonwealth.

3.3.17 Communications has advised that they are in the process of reviewing the governance and risk management arrangements to better support the ongoing management of the loan facility. They have advised that the annual review of NBN’s corporate plan will consider the serviceability of the loan.

Conclusion

3.3.18 At the completion of the interim audit, and except for the finding outlined above, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Communications will be able to prepare financial statements that are free from material misstatement. The effective operation of these controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.4 Australian Postal Corporation

Overview

3.4.1 The Australian Postal Corporation (Australia Post) is a government business enterprise that operates post offices and distributes mail and parcels in Australia and internationally.

3.4.2 Figure 3.4.1 shows Australia Post’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.4.1: Australia Post’s contribution to the Australian Government’s income, expenses, assets and liabilities69

Figure 3.4.1 shows Australia Post’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Australia Post’s financial statements for the year ended 30 June 2017.

3.4.3 Figure 3.4.2 shows the 2016–17 financial statement items reported by Australia Post and the 2017–18 key areas of financial statements risk.

Figure 3.4.2: Key financial statement items and areas of financial statements risk

Figure 3.4.2 shows Australia Post’s financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per Tab

Source: ANAO analysis and Australia Post’s financial statements for the year ended 30 June 2017.

3.4.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Australia Post’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Australia Post’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Australia Post also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.4.5 In light of the key areas of risk detailed in Table 3.5.3 and the ANAO’s understanding of the operations of Australia Post, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items

3.4.6 The operational functions of Australia Post are largely funded from internal sources, specifically revenue from parcel services, mail services and retail and agency Services.

3.4.7 Australia Post is not required to prepare budgeted financial statements as part of the Commonwealth budget process. Table 3.4.1 Table 3.4.2 and provide a summary of the key financial statements items reported in the audited 2016–17 financial statements.

Table 3.4.1: Key expenses and income

Expenses and income

Actual 2016–17 ($m)

Total expenses

6,681.1

Employees

3,007.3

Suppliers

3,202.5

Depreciation and amortisation

348.6

Other

122.7

Total income

6,807.2

Goods and services

6,623.2

Other

184.0

Profit before income tax

126.1

Income tax expense

30.7

Profit after income tax

95.4

   

Table 3.4.2: Key assets and liabilities

Assets and liabilities

Actual 2016–17 ($m)

Total assets

5,537.3

Cash and cash equivalents

442.7

Trade and other receivables

519.5

Accrued revenues

202.8

Property, plant and equipment

1,559.8

Intangible assets

859.0

Investment property

169.0

Net superannuation asset

700.4

Deferred tax assets

400.4

Other

683.7

Total liabilities

3,419.4

Trade and other payables

1,102.1

Employee provisions

1,042.6

Interest-bearing liabilities

702.7

Deferred tax liabilities

356.4

Other

215.6

Net assets

2,117.9

   

Australia Post’s staffing level at 30 June 2017 was 34,970.

Key areas of financial statements risk

3.4.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Australia Post’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.4.3.

Table 3.4.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Goods and services

Recognition of revenue

Higher

  • judgement is required in the selection and application of accounting policies for new and diverse revenue streams; and
  • the complexity of contracts and arrangements entered into, where they include multiple performance obligations and volume targets which affects the contracted price.

Net superannuation asset

Valuation of the Australia Post Superannuation Scheme

Moderate

  • complexity of the valuation including the sensitivity of the economic and demographic assumptions supporting the calculation.

Intangible assets

Valuation and impairment of goodwill and indefinite life intangible assets

Moderate

  • the estimation process is complex and judgemental and includes assumptions related to future cash flows and discount rates.
       

Source: ANAO 2017–18 risk assessment for Australia Post.

3.4.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.4.10 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the effectiveness of controls relating to: cash and cash equivalents; sales revenue and trade receivables; employee expenses; property, plant and equipment; and trade and other payables. Interim coverage also included an assessment of the IT general and application controls of key systems supporting the financial statements.

3.4.11 As part of the 2017–18 final audit, audit procedures over all key areas will be completed including the valuation of the Australia Post Superannuation Scheme and the valuation of goodwill.

3.4.12 To date, audit coverage of the above areas has not identified any new significant or moderate audit findings. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.4.13 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Australia Post will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed during the 2017–18 final audit.

3.5 NBN Co Limited

Overview

3.5.1 The primary objective of NBN Co Limited (NBN) is to provide wholesale services to internet service providers. NBN is a government business enterprise incorporated under the Corporations Act 2001.

3.5.2 Figure 3.5.1 shows NBN’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.5.1: NBN’s contribution to the Australian Government’s income, expenses, assets and liabilities70

Figure 3.5.1 shows NBN’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and NBN’s financial statements for the year ended 30 June 2017.

3.5.3 Figure 3.5.2 shows the 2016–17 financial statement items reported by NBN and the key areas of financial statements risk.

Figure 3.5.2: Key financial statement items and areas of financial statements risk

Figure 3.5.2 shows NBN’s financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.5.3.

Source: ANAO analysis and NBN’s financial statements for the year ended 30 June 2017.

3.5.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on NBN’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of NBN’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audits tabled since 1 July 2017 and relevant to the financial management or administration of NBN also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.5.5 In light of the key areas of risk detailed in Table 3.5.3 and the ANAO’s understanding of the operations of NBN, the ANAO has assessed the risk of a material misstatement as high.

Key financial statements items

3.5.6 The operational functions of NBN are funded from the committed equity funding of $29.5 billion from the Australian Government as well as a loan agreement between the Australian Government and NBN of up to $19.5 billion. NBN’s 2018–21 corporate plan estimates peak funding in the range of $49 billion to $51 billion with a base case peak funding estimate of $49.0 billion.

3.5.7 NBN is not required to prepare budgeted financial statements as part of the Commonwealth budget process. Table 3.5.1 and Table 3.5.2 provide a summary of the key financial statements items reported in the audited 2016–17 financial statements.

Table 3.5.1: Key expenses and income items

Key financial statements items

Actual 2016–17 ($m)

Total expenses

5,290.0

Subscriber costs

1,573.0

Depreciation and amortisation

1,488.0

Employee benefits

751.0

Direct network costs

537.0

Finance charges – leased assets

402.0

Outsourced and corporate services

177.0

IT and software expenses

125.0

Other

237.0

Total income

1,051.0

Telecommunications revenue

922.0

Other revenue and income

129.0

Loss before income tax

4,239.0

Income tax expense

5.0

Loss after income tax

4,244.0

   

Table 3.5.2: Key assets and liabilities

Key financial statements items

Actual 2016–17 ($m)

Total assets

24,127.0

Property, plant and equipment

20,508.0

Intangible assets

1,760.0

Other

1,859.0

Total liabilities

9,168.0

Trade and other payables

2,600.0

Other financial liabilities

5,889.0

Other

679.0

Net assets

14,959.0

   

NBN’s staffing level at 30 June 2017 was 5,965.

Key areas of financial statements risk

3.5.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of NBN’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.5.3.

Table 3.5.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Property, plant and equipment

Intangible assets

Valuation of network assets

Higher

  • accounting for the valuation of network assets is subject to a high degree of judgement and complexity arising in the estimation of the significant costs of network construction and software development.

Trade and other payables

Property, plant and equipment

Valuation of construction liabilities

Higher

  • involvement of multiple delivery partners and the capitalisation of associated network assets based on their respective stage of completion at reporting date.

Subscriber costs

Property, plant and equipment

Other financial liabilities

Accounting for significant agreements with Telstra and Optus

Higher

  • the agreements include arrangements for the lease of infrastructure as well as the payment of subscriber costs; and
  • these contracts are significant and complex in nature and represent a significant portion of the associated financial statements items.

Telecommunications revenue

Accounting for and reporting telecommunications revenue

Higher

  • revenue has increased significantly as the network continues to roll out with IT systems and controls continuing to evolve with scale.
       

Source: ANAO 2017–18 risk assessment for NBN.

3.5.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017—18 which had implications for the financial statements audit approach.

Audit results

3.5.10 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the key controls relating to: supplier expenses; employee benefits; inventory; fixed assets; revenue and receivables; purchases and payables; payroll; and accounting for the Telstra and Optus agreements. This included an assessment of the design of IT general controls for these accounting processes.

3.5.11 Further audit procedures relating to key processes and financial statements line items including IT general and application controls, where appropriate, will be undertaken as part of the planned 2017–18 final audit. In addition, audit procedures will be performed to assess the valuation of network assets.

3.5.12 To date, our audit coverage of the above areas has not identified any new significant or moderate audit findings. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.5.13 At the completion of the interim audit, the ANAO identified that the key elements of non-IT internal control were operating effectively to provide reasonable assurance that NBN will be able to prepare financial statements that are free from material misstatement. The effective operation of these controls for the full financial year will be assessed in conjunction with additional detailed audit testing during the 2017–18 final audit.

3.6 Department of Defence

Overview

3.6.1 The Department of Defence and the Australian Defence Force (ADF), collectively known as Defence, are responsible for protecting and advancing Australia’s strategic interests through the: promotion of security and stability; the provision of military capabilities to defend Australia and its national interests; and the provision of support for the Australian community and civilian authorities as directed by the Government.

3.6.2 Figure 3.6.1 shows Defence’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.6.1: Defence’s contribution to the Australian Government’s income, expenses, assets and liabilities71

Figure 3.6.1 shows Defence’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Defence’s financial statements for the year ended 30 June 2017.

3.6.3 Figure 3.6.2 and Figure 3.6.3 show the 2016–17 departmental and administered financial statements items reported by Defence and the 2017–18 key areas of financial statements risk.

Figure 3.6.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.6.2 shows Defence’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as p

Source: ANAO analysis and Defence’s financial statements for the year ended 30 June 2017.

Figure 3.6.3: Key administered financial statement items and areas of financial statements risk

Figure 3.6.3 shows Defence’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.

Source: ANAO analysis and Defence’s financial statements for the year ended 30 June 2017.

3.6.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Defence’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Defence’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Defence also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.6.5 In light of the key areas of risk detailed in Table 3.6.3 and the ANAO’s understanding of the operations of Defence, the ANAO has assessed the risk of a material misstatement as high.

Key financial statements items72

3.6.6 Annual appropriation funding of $35,537.7 million (departmental) is to be provided to Defence in 2017–18 to support the achievement of the Defence’s outcomes.73 Defence was also budgeted to receive special appropriation funding of $6,970.4 million.74

3.6.7 Table 3.6.1 and Table 3.6.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.6.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

33,884.5

6,970.4

Employee benefits

11,809.0

Suppliers

15,049.3

Depreciation and amortisation

6,114.6

Write-down and impairment of assets

598.0

Military superannuation benefits

6,760.0

Other

313.6

210.4

Total own-source income

712.1

1,344.9

Sales of goods and rendering of services

461.3

Reversals of previous asset write-downs

197.7

Military superannuation contributions

1,237.9

Other

53.1

107.0

Net cost of services

33,172.4

5,625.5

     

Table 3.6.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

97,380.2

3,440.6

Financial assets

1,072.0

3,141.0

Specialist military equipment

59,655.5

General assets:

 

 

Land and buildings

18,249.6

Infrastructure, plant and equipment

8,501.8

Intangibles

941.7

Heritage and cultural

577.2

Inventories

6,398.7

Prepayments

1,921.3

299.6

Other

62.4

Total liabilities

8,314.4

85,092.8

Suppliers

2,451.7

Leases

1,511.6

Employee provisions

2,744.0

Restoration, decontamination and decommissioning

1,216.0

Military superannuation

85,086.4

Other

391.1

6.4

Net assets/(liabilities)

89,065.8

(81,652.2)

     

Note a: Defence’s estimated average civilian employees staffing level for 2017–18 is 17,500 and the estimated ADF permanent force level is 58,596.

Key areas of financial statements risk

3.6.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Defence’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.6.3.

Table 3.6.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Departmental Specialist military equipment (SME)

Existence, completeness and valuation of SME

Higher

  • high degree of judgement is applied by management due to the highly specialised nature of these assets and the need to apply an appropriate valuation methodology which includes accurate measurement of any impairment.

Administered Military superannuation liabilities

Valuation of military superannuation liabilities

Higher

  • complexity of the calculation and the sensitivities of the key demographic economic assumptions applied by the actuary and the Department such as mortality and invalidity rates, new entrants and promotional increases in salaries; and
  • the changes in payment patterns based on experience.

Departmental Inventory

Existence, completeness and valuation of inventories

Moderate

  • inventory items are managed across a large number of geographically dispersed locations;
  • need to identify and account for obsolete stock; and
  • valuation involves a complex weighted average cost methodology.

Departmental General assets

Completeness and valuation of general assets

Moderate

  • diverse portfolio of general assets which include long term projects subject to complex cost allocation processes; and
  • the valuation is subjective and a high degree of judgement is applied by management and valuers.

Departmental Employee benefits

Accuracy and completeness of employee benefits

Moderate

  • complexities associated with manual and automated processes conducted at multiple locations; and
  • complex nature of benefits for employees which vary for civilian staff and ADF personnel.

Departmental Commitments

Accuracy and completeness of capital commitments

Moderate

  • the volume and completeness of capital commitments sourced from multiple locations which are subject to foreign currency translation.

Departmental Litigation and compensation schemes

Accounting for emerging threats of class actions for environmental contamination related to chemicals in the foam used in fighting liquid fuel fires

Moderate

  • complexity involved in assessing and reporting financial implications relating to actual and potential legal actions with regards to environmental contamination issues.
       

Source: ANAO 2017–18 risk assessment for Defence.

3.6.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. The following performance audit and assurance review reports tabled during 2017–18 were relevant to the financial management or administration of Defence:

3.6.10 The above reports included observations relevant to the accounting for and valuation of SME and inventories outlined in Table 3.6.3. These reports were considered in designing audit procedures to address areas considered to pose moderate and higher risks of material misstatement.

Audit results

3.6.11 The ANAO has substantially completed its interim audit coverage which included assessing asset management processes and the controls implemented to determine the value of the inventory at year-end. Interim audit coverage also included assessing IT general and application controls for systems that support the preparation of Defence’s financial statements, in addition to assessing the operation of key non-IT controls in areas including appropriation management, supplier and employee expenses. The ANAO has also assessed Defence’s progress in addressing audit findings.

3.6.12 Audit procedures relating to the 30 June 2018 balances for employee provisions, inventory, SME and other fixed assets, and the military superannuation provision will be undertaken during the 2017–18 final audit. The ANAO will also test Defence’s systems and processes supporting the complete and accurate disclosure of commitments, litigation and compensation schemes during as part of the final audit.

3.6.13 The following table summarises the status of audit findings reported by the ANAO in 2016–17 and 2017–18.

Table 3.6.4: Status of audit findings raised by the ANAO

Category

Closing position (at the end of the 2016–17 final audit)

Resolved findings (at the time of the 2017–18 interim audit)

New findings (during the 2017–18 interim audit)

Closing position (at the end of the 2017–18 interim audit)

Significant (A)

0

0

0

0

Moderate (B)

2

0

0

2

Total

2

0

0

2

         
Unresolved moderate audit findings
Monitoring of activities performed by service providers

3.6.14 Defence has engaged an external organisation to manage and maintain Defence’s IT Infrastructure that host business applications. Under a service contract, this organisation is required to maintain a reliable and secure ICT environment; perform authorised changes to IT infrastructure; and support Defence in meeting its performance, monitoring and compliance requirements under the Protective Security Policy Framework (PSPF) and Australian Government Information Security Manual (ISM). This organisation is also responsible for the management and maintenance of hosting infrastructure that supports the enterprise resource planning systems, including the management information domains of the human resources and financial management information systems and the logistics management system.

3.6.15 During the 2016–17 interim audit the ANAO observed weaknesses in relation to:

  • the timely removal of privileged access75 that was no longer required; and
  • the management of changes made to Defence’s IT infrastructure that was not in accordance with Defence’s policies and procedures.

3.6.16 Defence agreed to implement a risk based governance process and control framework to detect control weaknesses in a timely manner.

3.6.17 During the 2017–18 interim audit, the ANAO noted that Defence had taken a number of steps to remediate this finding. Defence had:

  • reviewed and rationalised the number of individuals with privileged access;
  • commenced a review of generic accounts with privileged access; and
  • rationalised the number of users with access to the change management tool.

3.6.18 From January 2018 Defence ICT Security commenced obtaining appropriate reports from the service provider to confirm privileged users’ access that was no longer required was promptly removed.

3.6.19 The ANAO also undertook sample testing of similar infrastructure changes executed by the service provider. This testing identified continuing weaknesses in the IT infrastructure change management process. These weaknesses included:

  • one instance where no evidence or supporting documentation could be provided that appropriate testing occurred prior to the implementation of a change; and
  • three instances where no evidence or supporting documentation could be provided of a post-implementation review being undertaken as required by Defence.

3.6.20 The ANAO will review Defence’s progress in addressing this finding in as part of the final audit.

Completeness and accuracy of Specialist Military Equipment data to support the fixed asset register

3.6.21 Specialist Military Equipment is dispersed across Defence bases with the acquisition, custodian and sustainment responsibility residing with Systems Project Offices, project Offices and Service Groups. These business units annually advise the centralised asset accounting team of impairment indicators, asset componentisation, inspection costs, present decommissioning costs and changes to asset useful lives, by completing a questionnaire and updating the Key Defence Asset Register (KDAR). During the 2016–17 final audit the ANAO observed weakness in the impairment assessment process for SME platforms and assets under construction projects that increased the risk of misstatement of the SME and depreciation balances. These weaknesses included:

  • information provided by the business units did not always reflect the current circumstances of the SME project;
  • incomplete information was provided by the business units in relation to the impairment assurance process; and
  • a lack of detailed and approved information contained in the KDAR to identify asset critical information.

3.6.22 Defence agreed to strengthen the impairment assessment assurance processes and to validate information contained in the KDAR.

3.6.23 During the 2017–18 interim audit, the ANAO reviewed Defence’s progress in remediating this finding. Defence issued revised instructions to business units to strengthen the impairment assurance process. Defence is implementing the revised assurance process which will include improved quality assurance checks over the completeness and accuracy of information provided in impairment returns. Defence is also in the process of implementing a new business process to validate the KDAR as a central repository for SME asset information.

3.6.24 The ANAO will undertake testing of the information to support the KDAR and the fixed asset register including a detailed assessment of the quality assurance processes implemented during the 2017–18 final audit.

Conclusion

3.6.25 At the completion of the interim audit, and except for the findings outlined above, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Defence will be able to prepare financial statements that are free from material misstatement. The effective operation of these controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.7 Department of Veterans’ Affairs

Overview

3.7.1 The Department of Veterans’ Affairs (DVA) is the primary service delivery entity responsible for implementing programs to assist the veteran and defence force communities.

3.7.2 Figure 3.7.1 shows DVA’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.7.1: DVA’s contribution to the Australian Government’s income, expenses, assets and liabilities76

Figure 3.7.1 shows DVA’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and DVA’s financial statements for the year ended 30 June 2017.

3.7.3 Figure 3.7.2 and Figure 3.7.3 show the 2016–17 departmental and administered financial statements items reported by DVA and the 2017–18 key areas of financial statements risk.

Figure 3.7.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.7.2 shows DVA’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per T

Source: ANAO analysis and DVA’s financial statements for the year ended 30 June 2017.

Figure 3.7.3: Key administered financial statement items and areas of financial statements risk

Figure 3.7.3 shows DVA’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.7.3.

Source: ANAO analysis and DVA’s financial statements for the year ended 30 June 2017.

3.7.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on DVA’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of DVA’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of DVA also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.7.5 In light of the key areas of risk detailed in Table 3.7.3 and the ANAO’s understanding of the operations of DVA, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items77

3.7.6 Annual appropriation funding of $449.3 million (departmental) and $181.8 million (administered) was provided to DVA in 2017–18 to support the achievement of DVA’s outcomes.78 DVA was also budgeted to receive special appropriation funding of $10,512.3 million.79

3.7.7 Table 3.7.1 and Table 3.7.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.7.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

437.7

11,201.7

Employee benefits

198.5

9.2

Suppliers

185.2

Depreciation and amortisation

25.0

Personal benefits

6,179.5

Health care benefits

4,889.3

Other

29.0

123.7

Total own-source income

45.6

21.0

Sale of goods and rendering of services

40.5

Other

5.1

21.0

Net cost of services

392.1

11,180.7

     

Table 3.7.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

217.2

1,592.4

Investments

62.0

1,430.0

Appropriation receivables

19.8

Trade and other receivables

16.0

79.4

Intangibles

84.2

Land and buildings

19.4

Other

15.8

83.0

Total liabilities

137.5

11,967.2

Supplier and other payables

22.2

277.3

Employee provisions

69.7

2.1

Personal benefits

7,371.0

Healthcare provisions

4,316.8

Other

45.6

Net assets/ (liabilities)

79.7

(10,374.8)

     

Note a: DVA’s estimated average staffing level for 2017–18 is1,880.

Key areas of financial statements risk

3.7.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of DVA’s financial statements. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.7.3.

Table 3.7.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Personal benefits and healthcare provisions

Valuation of military compensation provision

Higher

  • judgements involved in the assumptions and calculations underpinning the actuarial assessment of the military compensation provision, including assumptions relating to future trends in medical costs, permanent incapacity, and inflation rates;
  • increasing value of the provision as an unfunded liability; and
  • availability, quality and completeness of data used to derive the valuation.

Administered

Personal benefits and healthcare expenses

Accuracy of personal benefits and healthcare payments

Higher

  • complex legislation applicable to individual claims;
  • ageing IT infrastructure that supports the personal benefit and healthcare payments;
  • dependence on veteran-provided information; and
  • reliance on shared service providers.

All financial statements balances

IT control environment

Higher

  • from November 2017 all of DVA’s IT systems support, including maintenance of the ageing legacy IT systems, and design and implementation of new systems, will be performed by the Department of Human Services under a new shared service agreement; and
  • controls over data migration to new systems (including payroll, pension and healthcare payments), user access, and multiple interactions between new information and payments systems need to be effectively designed, implemented and monitored.

Departmental

Non-financial assets, Intangibles

Assessment of impairment and appropriate valuation of assets and intangibles, including the attribution of capital costs for internally developed software and assets under construction

Moderate

  • judgement required to determine depreciation and amortisation rates which accurately reflect the usage of the assets by the department; and
  • judgements applied to the capitalisation of costs and impairment associated with internally developed software.

Administered expenses

Legislative compliance on claim processing, assessment and payment arrangements

Moderate

  • conditions legislated by Parliament must be met before payments are made.
       

Source: ANAO 2017–18 risk assessment for DVA.

3.7.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.7.10 The ANAO has completed its 2017–18 interim audit coverage including: an assessment of the department’s methodology to estimate the military compensation provision; and an assessment of the controls supporting personal benefits and healthcare payments.

3.7.11 Audit coverage also included an assessment of: IT general and application controls in the financial management information system and human resources management information system; manual controls relating to cash and asset management, non‐financial assets, supplier expenses and employee benefits.

3.7.12 As part of the 2017–18 final audit, further audit procedures will be performed to substantiate the year–end balances in respect of the military compensation provision and personal benefits and healthcare payments; review the work of the valuation experts and the department’s disclosures relating to legislative compliance.

3.7.13 To date, audit coverage of the above areas has not identified any new significant or moderate audit findings. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.7.14 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that DVA will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.8 Department of Education and Training

Overview

3.8.1 The Department of Education and Training (Education) works with state and territory governments, other government entities and a range of service providers to deliver education and training related policy, advice and services for the benefit of Australians.

3.8.2 Figure 3.8.1 shows Education’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.8.1: Education’s contribution to the Australian Government’s income, expenses, assets and liabilities80

Figure 3.8.1 shows Education’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Education’s financial statements for the year ended 30 June 2017.

3.8.3 Figure 3.8.2 and Figure 3.8.3 show the 2016–17 departmental and administered financial statements items reported by Education and the 2017–18 key areas of financial statements risk.

Figure 3.8.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.8.2 shows Education’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as

Source: ANAO analysis and Education’s financial statements for the year ended 30 June 2017.

Figure 3.8.3: Key administered financial statement items and areas of financial statements risk

Figure 3.8.3 shows Education’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table

Source: ANAO analysis and Education’s financial statements for the year ended 30 June 2017.

3.8.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Education’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Education’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Education also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.8.5 In light of the key areas of risk detailed in Table 3.8.3 and the ANAO’s understanding of the operations of Education, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items81

3.8.6 Annual appropriation funding of $349.2 million (departmental) and $2,137.8 million (administered) is to be provided to Education in 2017–18 to support the achievement of Education’s outcomes.82 Education was also budgeted to receive special appropriation funding of $42,284.3 million.83

3.8.7 Table 3.8.1 and Table 3.8.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.8.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

414.4

38,702.8

Employee benefits

224.1

Suppliers

156.1

720.6

Subsidies

398.5

Personal benefits

7,250.0

Grants

28,875.0

Write-down and impairment of assets

9.7

1,130.0

Depreciation and amortisation

24.5

Other

328.7

Total own-source income

25.0

4,025.5

Sale of goods and rendering of services

13.9

Other taxes

6.6

Interest

701.7

Loan discount

Other

11.1

3,317.2

Net cost of services

389.4

34,677.3

     

Table 3.8.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered Estimated actual ($m) 2017–18

Total assets

169.8

46,157.5

Trade and other receivables

70.1

924.6

Other investments

2,301.6

Other financial assets

10.1

42,931.3

Land and buildings

34.4

Property, plant and equipment

1.0

Intangibles

51.4

Other

2.8

Total liabilities

115.3

7,566.5

Suppliers

29.7

95.1

Other payables

14.3

15.4

Personal benefits

115.7

Grants

13.7

Personal benefits provision

981.2

Provision for grants

6,345.4

Employee provisions

70.8

Other

0.5

Net assets

54.5

38,591.0

     

Note a: Education’s estimated average staffing level for 2017–18 is 1,817.

Key areas of financial statements risk

3.8.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Education’s financial statements. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.8.3.

Table 3.8.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Other financial assets:

HELP receivable

Write–down and impairment of assets:

Fair value losses

The valuation of the Higher Education Loan Program (HELP) receivable balance

Higher

  • the balances of outstanding loans and impairment are derived from complex actuarial estimates and the estimate contains a degree of estimation uncertainty;
  • the complexity involved in estimating future income of individuals that need to repay HELP debts and the amount of the loan not expected to be recovered; and
  • payment data is reliant on sources external to Education such as: the Australian Taxation Office; universities; and other third parties.

Administered

Provision for grants Grants payments

The valuation of the Higher Education Superannuation Program (HESP) liability balance due to the complexity of the actuarial estimation process

Higher

  • the valuation of the HESP liability is subject to an actuarial estimation process and is highly sensitive to movements in discount factors and bond rates; and
  • the valuation is complex and depends on accurate source data provided by universities.

Administered

Other financial assets:

Personal benefits receivable

The valuation of the childcare personal benefit accrual and receivable balances

Higher

  • the complex legislation and administration arrangements that apply to child care benefits;
  • complex actuarial assessment supporting the balances;
  • payments are reliant on self-assessed information provided by child care service providers and claimants; and
  • the IT environment is highly dependent on external information systems which are administered by the Department of Social Services and the Department of Human Services.

Administered

Grants payments

The validity and accuracy of grants payments made to government and non-government schools and Higher Education Providers

Moderate

  • grants programs are decentralised and are managed across a number of different systems that rely on information from third parties; and the payments process relies on third party assessment of eligibility to receive a nominated grant.
       

Source: ANAO 2017–18 risk assessment for Education.

3.8.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. ANAO Report No.18 2017–18 Monitoring the Impact of Australian Government School Funding was tabled during 2017–18 and was relevant to the moderate risk identified over administered grants payments made to schools as detailed in Table 3.8.3.

3.8.10 The financial statements audit approach includes a detailed review of the grants payments made to schools as well as the compliance program in place to monitor information provided by schools and used to calculate payments.

Audit results

3.8.11 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the controls relating to: HELP, Vocational Education and Training (VET) FEE-HELP and VET student loans; personal benefits payments systems; components of the compliance framework over third party information provided by schools; administered grants payments; and IT application controls.

3.8.12 Audit procedures relating to: calculation of payments to schools; detailed testing over child care payments; child care compliance; payments to providers, employers and apprentices; payment of grants expenses, and accounting for the HELP, HESP and personal benefits provisions at year end will be completed as part of the 2017–18 final audit.

3.8.13 To date, audit coverage has not identified any new significant or moderate audit findings. There were no unresolved audit findings from 2016–17.

Conclusion

3.8.14 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Education will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.9 Department of the Environment and Energy

Overview

3.9.1 The Department of the Environment and Energy (Environment) is responsible for advising the Government on environmental and energy policy; managing the conservation, protection and sustainability of Australia’s natural resources, biodiversity, ecosystems, environment and heritage requirements; and contributing to the national response to climate change. Additional areas of responsibility include: advancing Australia’s interests in the Antarctic; managing environmental water use and resources; and supporting the reliable, sustainable and secure operation of the energy markets.

3.9.2 Figure 3.9.1 shows Environment’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.9.1: Environment’s contribution to the Australian Government’s income, expenses, assets and liabilities84

Figure 3.9.1 shows Environment’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Environment’s financial statements for the year ended 30 June 2017.

3.9.3 Figure 3.9.2 and Figure 3.9.3 show the 2016–17 departmental and administered financial statements items reported by Environment and the 2017–18 key areas of financial statements risk.

Figure 3.9.2: Key departmental financial statement items and area of financial statements risk

Figure 3.9.2 shows Environment’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk

Source: ANAO’s analysis and Environment’s financial statements for the year ended 30 June 2017.

Figure 3.9.3: Key administered financial statement items and areas of financial statements risk

Figure 3.9.3 shows Environment’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Tabl

Source: ANAO’s analysis and Environment’s financial statements for the year ended 30 June 2017.

3.9.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Environment’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of the Department’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Environment also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.9.5 In light of the key areas of risk detailed in Table 3.9.3 and the ANAO’s understanding of the operations of Environment, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items85

3.9.6 Annual appropriation funding of $732.1 million (departmental) and $6,953.5 million (administered) is to be provided to Environment in 2017–18 to support the achievement of the entity’s outcomes.86 Environment was also budgeted to receive $2,405.2 million special appropriation funding.87

3.9.7 Table 3.9.1 and Table 3.9.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.9.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

585.0

1,138.4

Employee benefits

229.7

Suppliers

231.9

174.6

Depreciation and amortisation

49.2

Finance costs

17.1

Grants

8.7

715.2

Payments to Commonwealth entities

46.5

247.3

Other

1.9

1.3

Total own-source income

50.6

502.3

Sale of goods and rendering of services

44.2

2.9

Dividends

34.4

Fees and fines

20.3

Other

6.4

444.7

Net cost of services

534.4

636.1

     

Table 3.9.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

796.8

21,989.8

Cash and cash equivalents

9.3

6,435.8

Trade and other receivables

170.6

103.3

Buildings

234.9

Investments

11,850.3

Intangibles

23.1

Property, plant and equipment

344.1

Water assets

3,587.5

Other

14.8

12.9

Total liabilities

640.9

7.6

Suppliers

11.4

5.8

Employee provisions

70.2

Antarctic make good provisions

543.1

Other

16.2

1.8

Net assets

155.9

21,982.2

     

Note a: Environment’s estimated average staffing level for 2017–18 is 1,980.

Key areas of financial statements risk

3.9.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Environment’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.9.3.

Table 3.9.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Investments

Valuation of the Australian Government’s investment in Snowy Hydro Limited

Higher

  • subject to complex estimation and significant judgement relating to forecasts of future performance; and
  • the Commonwealth is acquiring the remaining shareholdings from the NSW and Victorian State Governments which may have implications for the basis of valuation.

Departmental

Antarctic make good provisions

Valuation of obligations to restore the Antarctic bases

Higher

  • the balance is subject to judgement and estimation, particularly relating to discount rates, escalation factors, asset replacement costs and useful lives.

Administered

Water assets

Valuation of the Government’s water entitlement assets

Moderate

  • the valuation is subject to complex estimation and judgement; and
  • information to support the valuation is provided by third parties.

Administered

Grant expenses and payables

Administration of grant programs

Moderate

  • the administration of grants programs is decentralised; and
  • grant programs are subject to varying eligibility and reporting requirements.
       

Source: ANAO 2017–18 risk assessment for Environment.

3.9.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.9.10 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the controls relating to: administered grant payments; payroll processes; and supplier expenses. As part of the interim audit coverage, the ANAO has also reviewed Environment’s proposed recognition and accounting treatment relevant to: the Antarctic make good provisions; water assets; and Snowy Hydro Limited. Interim coverage has also included an assessment of Environment’s key IT general and application controls.

3.9.11 Further audit procedures relating to the valuations of: water assets; the Snowy Hydro Limited; and make good costs for Antarctic bases will be undertaken as part of the 2017–18 final audit.

3.9.12 To date, audit coverage of the above areas has not identified any significant or moderate audit findings. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.9.13 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Environment will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed during the 2017–18 final audit.

3.10 Department of Finance

Overview

3.10.1 The Department of Finance (Finance) is responsible for supporting the Government’s objectives and public sector improvement, through responsible expenditure and oversight. In addition, Finance is responsible for the preparation of the annual Australian Government Consolidated Financial Statements (CFS), which includes the Whole-of-Government and the General Government Sector financial statements, and the Australian Government’s financial outcome.

3.10.2 Figure 3.10.1 shows Finance’s income, expenses, assets and liabilities as a percentage of the CFS.

Figure 3.10.1: Finance’s contribution to the Australian Government’s income, expenses, assets and liabilities88

Figure 3.10.1 shows Finance’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Finance’s financial statements for the year ended 30 June 2017.

3.10.3 Figure 3.10.2 and Figure 3.10.3 show the 2016–17 departmental and administered financial statements items reported by Finance and the 2017–18 key areas of financial statements risk.

Figure 3.10.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.10.2 shows Finance’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as

Source: ANAO analysis and Finance’s financial statements for the year ended 30 June 2017.

Figure 3.10.3: Key administered financial statement items and areas of financial statements risk

Figure 3.10.3 shows Finance’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3

Source: ANAO analysis and Finance’s financial statements for the year ended 30 June 2017.

3.10.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Finance’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Finance’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Finance also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.10.5 In light of the key areas of risk detailed in Table 3.10.3 and the ANAO’s understanding of the operations of Finance, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items89

3.10.6 Annual appropriation funding of $344.1 million (departmental) and $791.1 million (administered) was provided to Finance in 2017–18 to support the achievement of the Finance’s outcomes.90 Finance was also budgeted to receive special appropriation funding of $8,662.5 million.91

3.10.7 Table 3.10.1 and Table 3.10.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.10.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

494.5

9,737.2

Employee benefits

161.6

287.0

Suppliers

185.6

192.5

Depreciation and amortisation

31.6

20.7

Insurance claims

107.1

Superannuation

8,466.6

Distribution from investment funds

763.7

Other

8.6

6.7

Total own-source income

356.3

1,970.0

Rendering of services

71.5

3.8

Insurance premiums

140.5

Superannuation contributions

1,203.5

Interest and dividends

523.7

Rental income

71.8

Sale of investments

45.9

211.2

Other

26.6

27.8

Net cost of services

138.2

7,767.2

     

Table 3.10.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

2,822.0

15,163.0

Cash and cash equivalents

604.0

Trade and other receivables

285.1

161.7

Land and buildings (including investment properties)

1,724.2

20.6

Property, plant and equipment

69.5

69.0

Intangibles

107.1

1.1

Investments

14,904.8

Other

32.1

5.8

Total liabilities

680.7

131,391.0

Suppliers

84.0

11.2

Employee provisions

62.7

237.0

Return of equity

57.1

Superannuation provision

131,115.7

Insurance provisions

438.7

Other

38.2

27.1

Net assets/(liabilities)

2,141.3

(116,228.0)

     

Note a: Finance’s estimated average staffing level for 2017–18 is 1,256.

Key areas of financial statements risk

3.10.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Finance’s financial statements. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.10.3.

Table 3.10.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Superannuation provision

Valuation of unfunded public sector superannuation

Higher

  • complex valuation involving significant judgement in the selection of long-term assumptions, such as the salary growth and discount rates, which can result in material fluctuations in amounts recorded in the financial statements; and
  • reliance on the Commonwealth Superannuation Corporation for the processing of superannuation benefit payments and the provision of complete and accurate data to Finance’s actuary.

Departmental

Insurance provisions

Valuation of the outstanding claims liability under the Australian Government’s self-managed general insurance fund

Higher

  • complex valuation involving significant judgement in estimating the size, scope and value of future events and the period over which claims are expected to settle; and
  • reliance on the control environment of an external service provider for the effective management of the claims process.

Departmental

Land and buildings

Investment property

Valuation of the Government’s non-defence domestic property portfolio

Moderate

  • complex valuation using different valuation methodologies; and
  • requires significant judgement in the selection of assumptions including capitalisation rates, fair market rents, discount rates and conditions of the use of the properties.
       

Source: ANAO 2017–18 risk assessment for Finance.

3.10.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. ANAO Report No.17 Management of Special Appropriations was tabled during 2017–18 and is relevant to the financial management and administration of Finance. ANAO Report No.17 examined compliance with regulatory requirements for the establishment and ongoing management of special appropriations.

3.10.10 ANAO Report No.25 2017–18 included observations in regards to the disclosure of special appropriations which will be considered as part of the financial statements audit for 2017–18.

Audit results

3.10.11 The ANAO’s 2017−18 interim audit coverage has been completed and included assessing key controls over administered investment funds, property management, payroll management and supplier expenditure. As part of the interim coverage, the ANAO has also assessed controls relating to the payment of entitlements to Parliamentarians and their staff.

3.10.12 To date, audit coverage of the above areas has not identified any new significant or moderate audit findings. There were no unresolved significant or moderate audit findings from 2016–17.

3.10.13 Audit coverage relating to the valuations of the superannuation provisions, outstanding insurance claims liability and properties will be completed as part of the 2017–18 final audit.

Conclusion

3.10.14 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Finance will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed during the 2017–18 final audit.

3.11 Future Fund Management Agency and the Board of Guardians

Overview

3.11.1 The Future Fund Board of Guardians, supported by the Future Fund Management Agency, (together referred to as the Future Fund) has responsibility for investing the assets of the Future Fund under the Future Fund Act 2006 and other investment funds under the Nation-building Funds Act 2008, the Disability Care Australia Fund Act 2013, and the Medical Research Future Fund Act 2015, for the benefit of future generations of Australians.

3.11.2 Figure 3.11.1 shows the Future Fund’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.11.1: Future Fund’s contribution to the Australian Government’s income, expenses, assets and liabilities92

Figure 3.11.1 shows Future Fund’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and the Future Fund’s financial statements for the year ended 30 June 2017.

3.11.3 Figure 3.11.2 shows the 2016–17 key financial statements items reported by the Future Fund and the 2017–18 key area of financial statements risk.

Figure 3.11.2: Future Fund’s key financial statement items and area of financial statements risk

Figure 3.11.2 shows Future Fund’s financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table

Source: ANAO analysis and the Future Fund’s financial statements for the year ended 30 June 2017.

3.11.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact the Future Fund’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of the Future Fund’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Future Fund’s also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.11.5 In light of the key area of risk detailed in Table 3.11.3 and the ANAO’s understanding of the operations of the Future Fund’s, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items93

3.11.6 Between May 2006 and June 2008, the Government made cash contributions to the Future Fund totalling $51.3 billion. The Future Fund also received Telstra shares to the value of $9.2 billion. No further Government contributions have been made since this time. As a result, the operational functions of the Future Fund are funded through payments from the administered Future Fund special account and the other Australian Government Investment Funds. In 2017–18, these payments are estimated to total $66.2 million.

3.11.7 Table 3.11.1 and Table 3.11.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.11.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

66.3

457.9

Employee benefits

43.1

0.8

Suppliers

20.3

457.1

Depreciation and amortisation

2.9

Total own-source income

66.3

9,868.8

Payments from the Future Fund special accounta

62.9

Payments from the Australia Government Investment Funds

3.3

Interest and dividends

4,343.9

Investment gains

5,524.9

Other

0.1

Net contribution to services

9,410.9

     

Note a: As noted in paragraph 3.11.6 amounts are transferred from the Future Fund administered special account to offset the operational expenses incurred by the Future Fund in managing the Future Fund.

Table 3.11.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered Estimated actual ($m) 2017–18

Total assets

28.8

144,945.9

Receivables

18.4

2,405.2

Non-financial assets

9.8

Investments

142,536.2

Other

0.6

4.5

Total liabilities

28.8

2,122.8

Employee provisions

8.0

Suppliers payable

2.6

17.3

Other payables

18.2

2,105.5

Net assets

142,823.1

     

Note a: The Future Fund’s estimated average staffing level for 2017–18 is 151.

Key areas of financial statements risk

3.11.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general controls for key systems that support the preparation of the Future Fund’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. The areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.11.3.

Table 3.11.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Investments

Valuation of private market investments

Higher

  • the inherent subjectivity of valuations and illiquid market conditions for certain investments.

Investment management and performance fees

Accuracy of fees paid to investment managers

Moderate

  • calculation of performance fees due to their nature, multiple input variables and can require management estimation.

Investments

Effectiveness of governance processes, including monitoring external service providers and the custodian

Moderate

  • reliance on information from the custodian (including asset valuation, rights, obligations and existence of assets); and
  • potential for financial loss where custodian or sub-custodian fails to meet their obligations in accordance with the agreed terms.
       

Source: ANAO 2017–18 risk assessment for the Future Fund.

3.11.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.11.10 The audit coverage completed to date has included an assessment of the controls relating to: the management of investments; monitoring of services providers; and operational expenses incurred by the Future Fund.

3.11.11 The valuation of investments, including the assessment of controls that reside within the outsourced custodian, will be completed as part of the 2017–18 final audit.

3.11.12 To date, audit coverage of the above areas has not identified any new significant or moderate audit findings. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.11.13 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that the Future Fund will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed during the 2017–18 final audit.

3.12 Department of Foreign Affairs and Trade

Overview

3.12.1 The Department of Foreign Affairs and Trade (DFAT) is responsible for providing foreign, trade and development policy advice and for leading the Australian Government’s international efforts to shape the regional and international environment.

3.12.2 Figure 3.12.1 shows DFAT’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.12.1: DFAT’s contribution to the Australian Government’s income, expenses, assets and liabilities94

Figure 3.12.1 shows DFAT’s percentage 2017 contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and DFAT’s financial statements for the year ended 30 June 2017.

3.12.3 Figure 3.12.2 and Figure 3.12.3 show the 2016–17 departmental and administered financial statements items reported by DFAT and the 2017–18 key areas of financial statements risk.

Figure 3.12.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.12.2 shows DFAT’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per

Source: ANAO analysis and DFAT’s financial statements for the year ended 30 June 2017.

Figure 3.12.3: Key administered financial statement items and areas of financial statements risk

Figure 3.12.3 shows DFAT’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.12

Source: ANAO analysis and DFAT’s financial statements for the year ended 30 June 2017.

3.12.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on DFAT’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of DFAT’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of DFAT also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.12.5 In light of the key areas of risk detailed in Table 3.12.3 and the ANAO’s understanding of the operations of DFAT, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items95

3.12.6 Annual appropriation funding of $1,477.5 million (departmental) and $3,652.6 million (administered) was provided to DFAT in 2017–18 to support the achievement of DFAT’s outcomes.96 DFAT was also budgeted to receive special appropriation funding of $1.0 million.97

3.12.7 Table 3.12.1 and Table 3.12.2 provide a summary of the key 2017–18 departmental and administered estimated financial statement items.

Table 3.12.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

1,629.3

3,772.8

Employee benefits

776.2

Suppliers

672.4

Depreciation and amortisation

180.7

International Development Assistance (IDA)

3,067.3

Multilateral replenishments

23,5

Other contributions

547.0

Other

135.0

Total own-source income

273.0

634.5

Sale of goods and rendering of services

151.7

Fees and charges

546.2

Other

121.3

88.3

Net cost of services

1,356.3

3,138.3

     

Table 3.12.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

4,643.1

2,571.8

Investments IDA and Asian Development Fund (ADF))

1,896.0

Land and buildings

3,140.7

Other

1,502.4

675.8

Total liabilities

421.7

2,386.3

Suppliers and other payables

151.6

IDA and ADF grants component

2,062.5

Other payables

241.5

Employee provisions

216.9

82.3

Other provisions

53.2

Net assets

4,221.4

2 401.3

     

DFAT’s estimated staffing level for 201718 is 5,700.

Key areas of financial statements risk

3.12.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of DFAT’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.12.3.

Table 3.12.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Fees and charges

Completeness and accuracy of revenue generated from passport operations

Higher

  • a significant proportion of revenue is collected under contractual arrangements by a third party on behalf of the department; and
  • a significant component of the passport inventory balance is held and managed by a third party on behalf of the department.

Departmental

Sale of goods and rendering of services

Accuracy of revenue for rental accommodation and other services provided to other Government entities at overseas posts

Higher

  • multiple sources of revenue; and
  • revenue is assessed based on the staffing profiles for each agency attached to the post, agreed floor space and other factors.

Departmental

Land and buildings

Valuation of the department’s overseas property portfolio

Moderate

  • subject to complex estimation and judgements affected by market conditions at overseas locations and foreign exchange adjustments; and
  • the management of overseas property is undertaken by a third party through contract arrangements.

Administered

International Development Association (IDA) and Asian Development Fund (ADF) assets

IDA and ADF liabilities

Valuation of IDA and ADF investments and associated liabilities

Moderate

  • subject to estimation and judgement in determining the Commonwealth’s share of the outstanding loan principle of each fund discounted to present value; and
  • appropriate, classification and disclosure requirements.

Administered

International Development Assistance (IDA) expenses

Aid program liabilities

Accuracy of administered aid program payments and compliance with acquittal and reporting requirements

Moderate

  • there is significant geographical spread of aid program recipients and a diverse range of aid program payments and performance obligations.

Departmental

Suppliers expense Suppliers payables

Employee benefits expenses

Completeness and accuracy of financial information associated with overseas posts

Moderate

  • financial information is collected through decentralised operations; and
  • locally engaged staff payments are subject to various employee conditions and benefits based on local laws and regulations.
       

Source: ANAO 2017–18 risk assessment for DFAT.

3.12.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.12.10 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the controls relating to: departmental revenue for rental accommodation and services provided to other entities at overseas posts; administered passport revenue; administered aid expenses and the operations of overseas posts.

3.12.11 Interim audit coverage has also been completed over the department’s processes relating to: cash and asset management; employee and supplier expenditure; IT general and application controls in the financial management information system and human resource management information system.

3.12.12 Audit procedures relating to financial statement balances subject to valuation and IDA and ADF grants will be undertaken as part of the 2017–18 final audit.

3.12.13 To date, our audit coverage of the above areas has not identified any new significant or moderate audit findings. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.12.14 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that DFAT will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.13 Department of Health

Overview

3.13.1 The Department of Health (Health) is responsible for achieving the Australian Government’s health priorities through the development of evidence-based policy; administering a range of health-related programs and services, including Medicare, the Pharmaceutical Benefits Scheme and aged care; managing increasing pressures on the structure and sustainability of government health expenditure, including for public hospitals and mental health care; progressing a broad range of reforms to Australia’s health system; undertaking regulatory and compliance activities; and forming partnerships with the states and territories, other Australian Government entities, consumers and stakeholders.

3.13.2 Figure 3.13.1 shows Health’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.13.1: Health’s contribution to the Australian Government’s income, expenses, assets and liabilities98

Figure 3.13.1 shows Health’s  2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Health’s financial statements for the year ended 30 June 2017.

3.13.3 Figure 3.13.2 and Figure 3.13.3 show the 2016–17 departmental and administered financial statements items reported by Health and the 2017–18 key areas of financial statements risk.

Figure 3.13.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.13.2 shows Health’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as p

Source: ANAO analysis and Health’s financial statements for the year ended 30 June 2017.

Figure 3.13.3: Key administered financial statement items and areas of financial statements risk

Figure 3.13.3 shows Health’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.

Source: ANAO analysis and Health’s financial statements for the year ended 30 June 2017.

3.13.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Health’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Health’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Health also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.13.5 In light of the key areas of risk detailed in Table 3.13.3 and the ANAO’s understanding of the operations of Health, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items99

3.13.6 Annual appropriation funding of $677.5 million (departmental) and $9,002.1 million (administered) is to be provided to Health in 2017–18 to support the achievement of Health’s outcomes.100 Health was also budgeted to receive special appropriation funding of $21,949.5 million.101

3.13.7 Table 3.13.1 and Table 3.13.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.13.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

873.0

66,367.5

Employee benefits

511.4

Suppliers

327.4

751.9

Subsidies

12,122.1

Depreciation and amortisation

31.5

Personal benefits

44,727.9

Grants

8,223.7

Payments to corporate Commonwealth entities

510.4

Other

2.7

31.5

Total own-source income

187.7

38,393.8

Sale of goods and rendering of services

185.3

Other revenue & gains

2.4

73.5

Recoveries

3,406.8

Other taxes

17.0

Special Account transfers

34,896.4

Net cost of services

685.2

27,973.7

     

Table 3.13.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

338.9

2,317.2

Receivables

30.1

1,570.8

Cash and cash equivalents

96.7

126.4

Investments

504.2

Inventories

115.9

Land and buildings

51.2

Intangibles

125.8

Other

35.1

Total liabilities

292.5

2,893.3

Personal benefits payable

1,020.8

Subsidies payable

33.0

Suppliers payable

60.4

22.8

Grants payable

308.9

Other payables

53.8

Personal benefits provision

1,057.8

Subsidies provision

450.0

Employee provisions

147.3

Other provisions

31.0

Net assets/(liabilities)

46.4

(576.1)

     

Health’s estimated average staffing level for 2017–18 is 4,346.

3.13.8 The Department of Human Services (Human Services) delivers approximately $55 billion of health related payments on behalf of Health. These payments primarily relate to the Medicare Benefits Schedule, the Pharmaceutical Benefits Scheme, the Private Health Insurance Rebate and services funded under the Aged Care Act 1997.

Key areas of financial statements risk

3.13.9 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Health’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.13.3.

Table 3.13.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Subsidy expenses

Accuracy of Aged Care subsidies paid by Human Services on behalf of Health

Higher

  • payment of aged care subsidies to aged care providers are based on Aged Care Funding Instrument assessments prepared by the same providers and involve judgements regarding the required level of patient care.

Departmental

Sale of goods and rendering of services revenue

Completeness and accuracy of Therapeutic Goods Administration revenue

Higher

  • Health’s estimation of revenue under the Therapeutic Goods Act (TGA) 1989 involves judgements and assumptions related to the assessment of applications and applicable exemptions.

Administered

Personal benefits expenses

Accuracy of personal benefits paid by Human Services on behalf of Health, including:

  • Medicare Benefits Schedule
  • Pharmaceutical Benefits Scheme
  • Private Health Insurance Rebate

Higher

  • large volume of health care payments with complex eligibility requirements; and
  • processed by Human Services on complex IT systems.

Administered

Recoveries

Accuracy and completeness of Pharmaceutical Benefits Scheme recovery revenue

Moderate

  • manual calculation of complex information in spreadsheets; and
  • reliance on data sourced from Human Services and complex arrangements in place with pharmaceutical companies for recovery of expenditure.

Administered

Subsidies provisions

Valuation of the medical indemnity and professional indemnity provisions

Moderate

  • significant judgements over future claims and economic assumptions, that underpin the estimation of indemnity provisions.

Administered

Grants expenses

Accuracy and occurrence of grant program payments.

Moderate

  • significant number of grant programs are administered by Health and Human Services with different eligibility criteria.
       

Source: ANAO 2017–18 risk assessment for Health.

3.13.10 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.13.11 The ANAO has completed its 2017–18 interim audit coverage including assessment of the controls and transactions relating to: IT security and change management in the financial management information system and human resource management information system; cash and appropriations management; supplier expenses; assets; payroll processing; Therapeutic Goods Administration revenue; personal benefits; subsidies; and grant payments. In addition, testing of the accuracy of Pharmaceutical Benefits Scheme recovery revenue and aged care and health care payments made by Human Services on behalf of Health was also undertaken.

3.13.12 Other areas of audit focus including the compliance processes for Aged Care subsidies and Medicare payments and an assessment of the valuation methodologies used to estimate the medical indemnity program and Medicare outstanding claims liability provisions will be performed as part of the 2017–18 final audit.

3.13.13 To date, our audit coverage of the above areas has not identified any new significant or moderate audit findings. There were no unresolved significant or moderate audit findings from 2016–17.

Conclusion

3.13.14 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Health will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.14 Department of Home Affairs

Overview

3.14.1 The Department of Home Affairs (Home Affairs) was established on 20 December 2017 as a central policy agency, providing coordinated strategy and policy leadership for Australia’s national and transport security, federal law enforcement, criminal justice, cyber security, border, immigration, multicultural affairs, emergency management and trade related functions. The Department of Home Affairs includes the entirety of the former Department of Immigration and Border Protection (DIBP). It also includes the national security, emergency management, natural disaster relief and recovery and criminal justice functions from the Attorney-General’s Department; the Office of Transport Security from the Department of Infrastructure, Regional Development and Cities; multicultural affairs from the Department of Social Services; and the counter-terrorism coordination and cyber security policy functions from the Department of the Prime Minister and Cabinet.

3.14.2 Figure 3.14.1 shows DIBP’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS). The 2016–17 financial results for DIBP have been used as a reference due to the significance of the functions of the former department to Home Affairs.

Figure 3.14.1: DIBP’s contribution to the Australian Government’s income, expenses, assets and liabilities102

Figure 3.14.1 shows DIBP’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and DIBP’s financial statements for the year ended 30 June 2017.

3.14.3 Figure 3.14.2 and Figure 3.14.3 show the 2016–17 departmental and administered financial statement items reported by DIBP and the 2017–18 key areas of financial statements risk for Home Affairs.

Figure 3.14.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.14.2 shows DIBP’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per

Source: ANAO analysis and DIBP’s financial statements for the year ended 30 June 2017.

Figure 3.14.3: Key administered financial statement items and areas of financial statements risk

Figure 3.14.3 shows DIBP’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.14

Source: ANAO analysis and DIBP’s financial statements for the year ended 30 June 2017.

3.14.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Home Affairs’ financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Home Affairs’ environment and governance arrangements, including its financial reporting regime and system of internal control.

3.14.5 The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Home Affairs also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.14.6 In light of the key areas of risk detailed in Table 3.14.3 and the ANAO’s understanding of the operations of Home Affairs, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items103

3.14.7 Annual appropriation funding of $2,902.5 million (departmental) and $2,050.8 million (administered) is to be provided to Home Affairs in 2017–18 to support the achievement of the DIBP’s outcomes.104 DIBP was also budgeted to receive special appropriation funding of $422.0 million.105 106

3.14.8 Table 3.14.1 and Table 3.14.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.14.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

2,960.6

2,465.6

Employee benefits

1,420.2

Suppliers

1,272.3

1,790.6

Depreciation and amortisation

268.1

71.0

Personal benefits

231.2

Other

372.8

Total own-source income

201.7

19,118.4

Sale of goods and rendering of services

133.0

Customs duty

15,329.3

Other taxes

3,703.4

Fees and fines

12.8

58.7

Other

55.9

27.0

Net (cost of)/contribution to services

(2,758.9)

16,652.8

     

Table 3.14.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

1,999.5

1,740.7

Trade and other receivables

495.0

127.0

Taxation receivables

329.0

Land and buildings

158.7

941.8

Property, plant and equipment

665.4

254.0

Intangibles

588.0

Other

92.4

88.9

Total liabilities

701.0

320.8

Employee provisions

414.5

Payables

250.7

310.7

Other

35.8

10.1

Net assets

1,298.5

1,419.9

     

Home Affairs’ estimated average staffing level for 2017–18 is 14,420.

Key areas of financial statements risk

3.14.9 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Home Affairs’ financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.14.3.

Table 3.14.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Customs duty revenue

Completeness and accuracy of customs duty collections and refunds

Higher

  • the self-assessment nature of the import declaration process;
  • complexity of the legislation underpinning the import process;
  • complexity of the related IT infrastructure that supports the collection of revenue; and
  • high volume of transactions that are subject to multiple variables, such as tariff classification, country of origin considerations, customs valuation considerations and foreign exchange rates.

Administered

Other taxes

Completeness and accuracy of the collection of visa revenue

Higher

  • decentralised collection of revenue including by domestic and international offices, and by third parties under service level arrangements; and
  • complexity of the related IT infrastructure that supports the collection of revenue.

Administered

Land and buildings

Property, plant and equipment

Suppliers

Management of the onshore immigration detention centres and overseas regional processing centres, including management of assets and control over supplier expenditure

Higher

  • complex project and contract management processes associated with third party providers for health services, detention centre management and construction of detention centre assets;
  • judgements applied to estimate the value of the detention centre asset portfolio;
  • geographically dispersed land, buildings and equipment including assets located overseas; and
  • financial implications of the closure of centres.

Administered and Departmental

Multiple financial statement line items

Completeness and accuracy of disclosures of the restructure as a result of functions transferring to the department on its establishment.

Moderate

  • required amendments to the control environment and governance structures for transferred functions;
  • need to integrate IT systems, processes and controls, particularly in respect of suppliers and grant expenses for functions transferred;
  • transfer of approximately 800 staff together with related processes and balances into the department; and
  • transfer of non-financial and intangible asset processes and balances.

Administered

Personal benefits

Payment of personal benefits under the Status Resolution Support Services (SRSS) program

Moderate

  • complex eligibility criteria for the categories of allowable personal benefits;
  • payments are processed by the Department of Human Services;
  • the self-assessment nature of the personal benefits process; and
  • complexity in the underlying IT infrastructure that is used to assess eligibility and make payments to recipients.

Departmental

Employee benefits

Employee provisions

Completeness and accuracy of employee entitlements

Moderate

  • selected Home Affairs staff are entitled to a range of allowances, subject to a number of conditions under different enterprise agreements;
  • the calculation of employee leave provisions is based on multiple assumptions involving judgement; and
  • staff are located both in Australia and overseas, including locally engaged staff who may be entitled to varying employment conditions and benefits based on local laws and regulations.

Administered and Departmental

Multiple financial statement line items

Management of overseas posts particularly relating to the management of departmental resources and collection of visa application revenue

Moderate

  • decentralised nature of operations and controls, including monitoring procedures; and
  • managed under third party arrangements through service level agreements with the Department of Foreign Affairs and Trade, and the Australian Trade and Investment Commission.
       

Source: ANAO 2017–18 risk assessment for Home Affairs.

3.14.10 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.14.11 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the controls relating to: collection of customs duty revenue and visa application revenue; the management of the onshore immigration detention centres and overseas regional processing centres; and the reporting of overseas transactions.

3.14.12 Interim audit coverage has also included an assessment of IT general controls, including security and change management processes relevant to the financial management information system and human resources management information system, and business continuity and disaster recovery.

3.14.13 Audit procedures relating to: collection of customs duty revenue and visa application revenue; the management of the onshore immigration detention centres and overseas regional processing centres; financial reporting of functions transferring to the department on its establishment; payment of personal benefits under the SRSS programme; accounting for employee entitlements; the reporting of overseas transactions; and IT application controls, will be undertaken as part of the 2017–18 final audit.

3.14.14 The following table summarises the status of audit findings reported by the ANAO in 2016–17 and 2017–18.

Table 3.14.4: Status of audit findings raised by the ANAO

Category

Closing position (at the end of the 2016–17 final audit)

Resolved findings (at the time of the 2016–17 interim audit)

New findings (during the 2016–17 interim audit)

Closing position (at the end of the 2016–17 interim audit)

Significant (A)

0

0

0

0

Moderate (B)

2

0

0

2

Total

2

0

0

2

         
Unresolved moderate audit findings
Management of privileged security users in the IT networks

3.14.15 The ANAO’s review of users with privileged access to DIBP’s networks during the 2016–17 interim audit identified weaknesses in the operation of the controls relating to granting and terminating privileged user access and the use of these accounts. The department accepted the weaknesses observed.

3.14.16 Following the identification of this issue, the department has addressed weaknesses relating to deactivation due to inactivity and internet access for administrator accounts.

3.14.17 During the 2017–18 interim audit, the ANAO noted the following weaknesses remain:

  • the use of personal administrator accounts rather than a designated account for the running of scripted jobs; and
  • users had retained administrator accounts when they were no longer required.

3.14.18 The above control weaknesses increase the risk of the networks being compromised and interruption to operations.

3.14.19 Home Affairs has advised it will undertake and implement processes to address the above finding. The ANAO will review and assess this process during the 2017–18 final audit.

Fraud and integrity reporting

3.14.20 During the 2016–17 final audit, the ANAO identified weaknesses in DIBP’s fraud and integrity reporting, including that the reporting to the Audit Committee was not sufficient to facilitate appropriate review and independent advice and assurance about the appropriateness of DIBP’s fraud control and anti-corruption as it related to DIBP’s system of risk oversight and management. This is a requirement of the Public Governance, Performance and Accountability Act 2013.

3.14.21 The ANAO recommended that DIBP strengthen reporting by: clearly defining data flows from divisions and IT systems used for the purposes of reporting; prioritising system enhancements; resolving data quality and integrity issues; and implementing regular reporting of information with a focus on appropriate analysis of the various types of fraud, implications, actions being undertaken to address identified instances and trend analysis to support an assessment of the performance of fraud control measures. The department accepted the weaknesses observed and agreed with the related recommendations.

3.14.22 During the 2017–18 interim audit, the ANAO noted that Home Affairs has progressed the following initiatives:

  • identification and analysis of the types of activities that may constitute fraud in the department’s context and identification of potential sources of data that may be in scope for reporting purposes;
  • development of a report that details fraud instances and related analysis. The first quarterly report was provided to the Audit Committee in its March 2018 meeting;
  • development of standard operating procedures for compiling the fraud report;
  • reviewed and agreed the reporting framework to be applied within the investigator management system currently being used by Home Affairs; and
  • the exploration of potential enhancements to the investigator management system or opportunities to develop an alternative system that supports integrity case management, data integrity and extraction of information for reporting purposes.

3.14.23 The ANAO will continue to review Home Affairs’ implementation of the above initiatives during the 2017–18 final audit.

Conclusion

3.14.24 At the completion of the interim audit, and except for the findings outlined above, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Home Affairs will be able to prepare financial statements that are free from material misstatement. The effective operation of these controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.15 Department of Human Services

Overview

3.15.1 The Department of Human Services (Human Services) is responsible for delivering a range of payments and services to support individuals, families and communities, as well as providers and businesses. These include: income support payments and services; aged care payments; Medicare payments and services; and child support services.107

3.15.2 The range of social and health related payments and services delivered by Human Services on behalf of other entities are budgeted at $172.7 billion108 in 2017–18 and include:

  • Centrelink payments and services for retirees, the unemployed, families, carers, parents, students, people with disabilities, Indigenous Australians, farmers, people from diverse cultural and linguistic backgrounds, people living overseas, and provision of services at times of major change, including disaster recovery payments;
  • services and programs that support the health of Australians such as Medicare, the Pharmaceutical Benefits Scheme, the Private Health Insurance Rebate, and the Australian Childhood Immunisation Register; and
  • Aged Care payments to services funded under the Aged Care Act 1997, including residential care, home care, and flexible care services.

3.15.3 Human Services also delivers other services and payments on behalf of other entities, including veterans’ entitlements and the Tasmanian Freight and Bass Strait passenger vehicle equalisation schemes.

3.15.4 Figure 3.15.1 shows Human Services’ income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.15.1: Human Services’ contribution to the Australian Government’s income, expenses, assets and liabilities109

Figure 3.15.1 shows Human Services’ 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Human Services’ financial statements for the year ended 30 June 2017.

3.15.5 Figure 3.15.2 and Figure 3.15.3 show the 2016–17 departmental and administered financial statements items reported by Human Services and the 2017–18 key areas of financial statements risk.

Figure 3.15.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.15.2 shows Human Services’ departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements ri

Source: ANAO analysis and Human Services’ financial statements for the year ended 30 June 2017.

Figure 3.15.3: Key administered financial statement items and areas of financial statements risk

Figure 3.15.3 shows Human Services’ administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per T

Source: ANAO analysis and Human Services’ financial statements for the year ended 30 June 2017.

3.15.6 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Human Services’ financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Human Services’ environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Human Services also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.15.7 In light of the key areas of risk detailed in Table 3.15.3 and the ANAO’s understanding of the operations of Human Services, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items110

3.15.8 Annual appropriation funding of $4,863 million (departmental) and $1.6 million (administered) was provided to Human Services’ in 2017–18 to support the achievement of Human Services’ outcomes.111 Human Services was also budgeted to receive special appropriation funding of $58.3 million.112

3.15.9 Table 3.15.1 and Table 3.15.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.15.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

4,866.0

1,569.2

Employee benefits

2,799.5

Suppliers

1,799.4

Depreciation and amortisation

245.4

Child support maintenance

1,476.4

Write-down and impairment of assets

17.3

92.8

Other

4.4

Total own-source income

316.4

1,600.9

Rendering of services

298.1

Rental income

14.9

Child support maintenance revenue

1,554.9

Dividends

11.9

Other

3.4

34.1

Net (cost of)/contribution by services

(4,549.6)

31.7

     

Table 3.15.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

2,375.2

1,079.4

Cash

20.0

141.8

Trade and other receivables

1,189.3

6.2

Land and buildings

344.7

Plant and equipment

224.4

Software

470.0

Prepayments

126.8

Child Support receivables

866.7

Investment – Australian Hearing

64.7

Total liabilities

1,397.1

1,006.6

Suppliers

408.9

Lease incentives

48.4

Other payables and provisions

34.9

Employee payables and provisions

904.9

Child Support and other payables

29.0

Recovery of compensation

91.5

Child Support payments received in advance

21.4

Child Support provisions

864.7

Net assets

978.1

72.8

     

Human Services’ estimated average staffing level for 2017–18 is 28,587.

Key areas of financial statements risk

3.15.10 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Human Services’ financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.15.3.

Table 3.15.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Child support receivables

Valuation of child support receivables that are yet to be paid by non-custodial parents at the end of the financial year

Moderate

  • significant judgements and assumptions around the collection rates of child support obligations are applied in determining the valuation of child support receivables, and require the involvement of an actuary. These judgements rely on the quality of the underlying data used in the estimation process which is maintained in spreadsheets and requires manual processing; and
  • a large volume of child support financial transactions are processed under the complex Child Support Act 1988. This complexity increases the judgements and estimates associated with the child support receivable valuation.

Departmental

Land and buildings

Plant and equipment

Software

Valuation of non-financial assets

Moderate

  • significant judgements involved in considering the indicators of impairment to estimate the value of intangible assets; and
  • judgements involved in estimating the staff and other costs attributed to developing the software applications.
       

ANAO 2017–18 risk assessment for Human Services.

3.15.11 As indicated in paragraph 3.15.2 above, Human Services delivers payments on behalf of the Departments of Social Services, Health and a number of other Commonwealth entities. These payments are reported in the respective entities’ financial statements and are budgeted to be approximately $172.7 billion in 2017–18. The areas highlighted for specific audit coverage in relation to these payments113 for 2017–18 are outlined in this report against the relevant responsible entity.

3.15.12 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. The following performance audit reports tabled during 2017–18 are relevant to the financial management or administration of Human Services:

  • ANAO Report No.22 2017–18 Administration of Medicare Electronic Claiming Arrangements; and
  • ANAO Report No. 35 2017–18 Management of Special Appropriations.

3.15.13 These reports did not include recommendations regarding risks to Human Services’ financial statements. The observations of these reports were considered in designing audit procedures.

Audit results

3.15.14 The ANAO has completed its 2017–18 interim audit coverage including an assessment of controls in relation to areas of audit focus and IT controls over security and change management of the financial management and human resource management information systems.

3.15.15 As part of the 2017–18 final audit, the ANAO will also assess the controls over social and health related payments made by Human Services on behalf of other Commonwealth entities, including associated compliance and quality assurance activities. In addition, the ANAO’s final audit coverage will include the valuation of child support debts and non-financial assets, particularly intangibles.

3.15.16 No significant or moderate audit findings have been raised by the ANAO as a result of the audit coverage to date. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.15.17 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Human Services will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year and the controls not evaluated during the interim audit, will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.16 Department of Industry, Innovation and Science

Overview

3.16.1 The Department of Industry, Innovation and Science (Industry) is responsible for supporting science and commercialisation, growing business investment and improving business capability, developing Northern Australia and streamlining regulation.114

3.16.2 Figure 3.16.1 shows Industry’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.16.1: Industry’s contribution to the Australian Government’s income, expenses, assets and liabilities115

Figure 3.16.1 shows Industry’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Industry’s financial statements for the year ended 30 June 2017.

3.16.3 Figure 3.16.2 and Figure 3.16.3 show the 2016–17 departmental and administered financial statements items reported by Industry and the 2017–18 key areas of financial statements risk.

Figure 3.16.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.16.2 shows Industry’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as

Source: ANAO analysis and Industry’s financial statements for the year ended 30 June 2017.

Figure 3.16.3: Key administered financial statement items and areas of financial statements risk

Figure 3.16.3 shows Industry’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table

Source: ANAO analysis and Industry’s financial statements for the year ended 30 June 2017.

3.16.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Industry’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Industry’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Industry also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.16.5 In light of the key areas of risk detailed in Table 3.16.3 and the ANAO’s understanding of the operations of Industry, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items116

3.16.6 Annual appropriation funding of $418.1 million (departmental) and $555.5 million (administered) is to be provided to Industry in 2017–18 to support the achievement of Industry’s outcomes.117 Industry was also budgeted to receive special appropriation funding of $211.2 million.118

3.16.7 Table 3.16.1 and Table 3.16.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.16.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

572.8

1,803.7

Employee benefits

283.9

6.8

Suppliers

206.0

89.1

Depreciation and amortisation

43.0

1.0

Write-down and impairment of assets

39.0

Subsidies

80.1

Grants

0.2

520.2

Payments to corporate Commonwealth entities

1,076.7

Concessional loan discount

29.8

Other

0.7

Total own-source income

92.5

1,065.2

Royalties

994.9

Sale of goods and rendering of services

83.4

Other

9.1

70.3

Net cost of services

480.3

738.5

     

Table 3.16.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

311.8

3,747.1

Investments

3,457.1

Other financial assets

104.5

285.3

Land and buildings

97.8

Property, plant and equipment

38.6

1.1

Other

70.9

3.6

Total liabilities

156.3

72.2

Employee provisions

86.1

1.9

Grants payable

0.3

44.6

Other

69.9

25.7

Net assets

155.5

3,674.9

     

Note a: Industry’s estimated average staffing level for 2017–18 is 2,320.

Key areas of financial statements risk

3.16.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Industry’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.16.3.

Table 3.16.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Royalties

Completeness and accuracy of Industry’s offshore petroleum and uranium royalties

Higher

  • reliance on self-assessments by uranium and petroleum producers increases the risk of recording incomplete or inaccurate revenue.

Departmental

Other own-source income

Completeness and accuracy of Industry’s other revenue streamsa

Higher

  • diversity of revenue streams;
  • reliance on manual calculations to quantify some revenue amounts; and
  • the large volume of cash based transactions.

Administered

Advances and loans

Valuation of concessional loans made under the Northern Australia Infrastructure Facility program

Higher

  • subject to significant judgment relating to the determination of the market interest rate and loan terms for use in the valuation; and
  • complexity and variety of concessions that are able to be provided increases the risk of determining an inaccurate value.

Administered

Grants expense

Grants payable

Grants management

Moderate

  • a significant number of individual grant programs operate under separate grant agreements and are subject to different eligibility criteria.
       

Source: ANAO 2017–18 risk assessment for Industry.

Note a: Includes revenue from sources such as services delivered by the National Measurement Institute, Questacon entry fees and the sale of merchandise through shopfronts.

3.16.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. ANAO Report No.28 2016–17 Collection of North West Shelf Royalty Revenue, tabled during 2016–17, included observations concerning the financial management and administration of royalty revenue collection and the effectiveness of assurance processes implemented by Industry and the Western Australian Department of Mines, Industry Regulation and Safety. The 2017–18 financial statements audit continues to consider royalty revenue recognition to be a higher risk of material misstatement. Our audit approach will include the examination and re-performance of elements of the assurance framework that address the risks of incomplete and/or inaccurate royalty returns for royalty revenue streams.

Audit results

3.16.10 The ANAO has completed its 2017–18 interim audit coverage, including: an assessment of the controls relating to employee and supplier expenditure; appropriations and special accounts; and asset and cash management. As part of the interim audit coverage, the ANAO has also assessed controls relating to selected departmental and administered revenue streams, grant and subsidy payments and IT general and application controls for key financial systems.

3.16.11 Audit procedures relating to the: completeness and accuracy of royalties; and valuation of the administered advances and loans, investments and non-financial assets will be undertaken as part of the 2017–18 final audit.

3.16.12 To date, audit coverage has not identified any new significant or moderate audit findings. There are no significant or moderate findings carried forward from the 2016–17 audit.

Conclusion

3.16.13 At the completion of the interim audit the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Industry will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.17 Department of Infrastructure, Regional Development and Cities

Overview

3.17.1 As a result of an amendment to the Administrative Arrangements Order on 20 December 2017, the former Department of Infrastructure and Regional Development was renamed the Department of Infrastructure, Regional Development and Cities (Infrastructure). As a result of these machinery of government changes Infrastructure:

  • transferred functions associated with aviation and maritime transport security, including the functions of the Office of Transport Security, to the Department of Home Affairs; and
  • received the functions for the national policy on cities, infrastructure project financing and population policy from the Department of the Prime Minister and Cabinet.

3.17.2 In addition, as announced by the Prime Minister on 19 December 2017, Infrastructure received the functions for dam and water infrastructure policy, including the administration of the National Water Infrastructure Development Fund and Loan Facility, from the Department of Agriculture and Water Resources. Announcements have also been made by the Government that the Loan Facility will be transferred to the Regional Investment Corporation once it is established in July 2018.

3.17.3 Infrastructure is primarily responsible for: improving infrastructure across Australia, through funding coordination of transport and other infrastructure; providing an efficient, sustainable, competitive, safe transport system for all transport users; strengthening the sustainability, capacity and diversity of regional economies; and supporting governance arrangements in the Australian territories.

3.17.4 Figure 3.17.1 shows Infrastructure’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.17.1: Infrastructure’s contribution to the Australian Government’s income, expenses, assets and liabilities119

Figure 3.17.1 shows Infrastructure’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Infrastructure’s financial statements for the year ended 30 June 2017.

3.17.5 Figure 3.17.2 and Figure 3.17.3 show the 2016–17 departmental and administered financial statements items reported by Infrastructure and the 2017–18 key areas of financial statements risk.

Figure 3.17.2: Key departmental financial statement items and area of financial statements risk

Figure 3.17.2 shows Infrastructure’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements r

Source: ANAO analysis and Infrastructure’s financial statements for the year ended 30 June 2017.

Figure 3.17.3: Key administered financial statement items and areas of financial statements risk

Figure 3.17.3 shows Infrastructure’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per

Source: ANAO analysis and Infrastructure’s financial statements for the year ended 30 June 2017.

3.17.6 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Infrastructure’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Infrastructure’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of Infrastructure also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.17.7 In light of the key areas of risk detailed in Table 3.17.3 and the ANAO’s understanding of the operations of Infrastructure, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items120

3.17.8 Annual appropriation funding of $291.9 million (departmental) and $3,047.9 million (administered) was provided to Infrastructure in 2017–18 to support the achievement of Infrastructure’s outcomes.121 Infrastructure was also budgeted to receive special appropriation funding of $2,740.4 million.122 123

3.17.9 Table 3.17.1 and Table 3.17.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.17.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

268.6

5,235.0

Employee benefits

140.0

17.9

Suppliers

120.0

159.8

Depreciation and amortisation

8.6

37.0

Grants

4,178.0

Other

842.3

Total own-source income

8.3

600.2

Sale of goods and rendering of services

7.5

17.8

Other taxes

42.8

Fees and fines

224.7

Other

0.8

314.9

Net cost of services

260.3

4,634.8

     

Table 3.17.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

170.7

8,475.1

Financial assets

130.7

7,791.7

Land and buildings

17.4

188.7

Property, plant and equipment

8.8

362.5

Other

13.8

132.2

Total liabilities

61.9

60.6

Subsidies

8.2

Grants

33.2

Employee provisions

36.8

3.6

Other

25.1

15.6

Net assets/(liabilities)

108.8

8,414.5

     

Note a: Infrastructure’s estimated average staffing level for 2017–18 is 964.

Key areas of financial statements risk

3.17.10 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Infrastructure’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.17.3.

Table 3.17.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Investments

Valuation of the Australian Government’s investment in the Australian Rail Track Corporation and Airservices Australia

Higher

  • valuations are subject to complex estimation processes using a discounted cash flow model. The use of this model requires Infrastructure to make significant judgements in the selection of assumptions and inputs, such as future cash flows and discount rates; and
  • valuations can be influenced by a number of internal and external factors.

Administered Advances and loans

Valuation of concessional loans

Moderate

  • complexity of the valuation and required calculations for loan balances, including the level of estimation required to determine the appropriate market rate for the concessional component of new loans; and
  • impairment considerations that may apply considering the nature and length of loan arrangements.

Administered

Grants expense

Management of grant payments

Moderate

  • complex, significant and diverse range of programs that include a number of different administrative and legislative arrangements and conditions; and
  • level of subjectivity and professional judgement applied in determining whether a recipient meets eligibility and funding milestone requirements.

Multiple financial statement line items

Machinery of Government changes, particularly the valuation and reporting of assets and liabilities transferred to and from Infrastructure as a result of such changes

Moderate

  • risk associated with the transfer of employees and related leave balances to and from Infrastructure’s systems;
  • timely and accurate recognition of expenses, revenue and assets from the time of legal transfer; and
  • required additional financial statements disclosures.
       

Source: ANAO 2017–18 risk assessment for Infrastructure.

3.17.11 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. ANAO Report No.30 2017–18 Design and Governance of the National Water Infrastructure Development Fund was tabled during 2017–18. Report No.30 is relevant to the management of national partnership payments made from the National Water Infrastructure Development Fund for which responsibility was transferred to Infrastructure in January 2018. The observations in the report were considered in designing audit procedures related to national partnership payments.

Audit results

3.17.12 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of controls relating to: cash, appropriations and special accounts; grants; concessional loans; supplier expenditure and employee payroll.

3.17.13 Interim audit coverage has also included an assessment of: IT general controls including security and change management processes relevant to the financial management information system and human resources management information system; and controls over the accuracy of departmental and administered revenue.

3.17.14 Audit procedures relating to the following areas will be undertaken as part of the 2017–18 final audit: valuation of administered investments; machinery of government changes, particularly relating to the transfer and valuation of assets and liabilities to and from Infrastructure and other entities; accuracy of subsidy claims; and valuation of other assets including non-financial assets and concessional loans.

3.17.15 To date, audit coverage of the above areas has not identified any new significant or moderate audit findings. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.17.16 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Infrastructure will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.18 Department of Jobs and Small Business

Overview

3.18.1 The Department of Jobs and Small Business’s (Jobs’) core areas of responsibility are the provision of national policies and programs that help Australians find and keep employment124, facilitate the growth of small business and work in safe, fair and productive workplaces.125

3.18.2 Figure 3.18.1 shows Jobs’ income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.18.1: Jobs’ contribution to the Australian Government’s income, expenses, assets and liabilities126

Figure 3.18.1 shows Jobs’ percentage 2017 contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Job’s financial statements for the year ended 30 June 2017.

3.18.3 Figure 3.18.2 and Figure 3.18.3 show the 2016–17 departmental and administered financial statements items reported by Jobs and the 2017–18 key areas of financial statements risk.

Figure 3.18.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.18.2 shows Jobs’ departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per

Source: ANAO analysis and Jobs’ financial statements for the year ended 30 June 2017.

Figure 3.18.3: Key administered financial statement items and areas of financial statements risk

Figure 3.18.3 shows Jobs’ administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.18.

Source: ANAO analysis and Jobs’ financial statements for the year ended 30 June 2017.

3.18.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Jobs’ financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Jobs’ environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audits tabled since 1 July 2017 and relevant to the financial management or administration of Jobs also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.18.5 In light of the key areas of risk detailed in Table 3.18.3 and the ANAO’s understanding of the operations of Jobs, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items127

3.18.6 Annual appropriation funding of $555.8 million (departmental) and $2,149.9 million (administered) is to be provided to Jobs in 2017–18 to support the achievement of the Jobs’ outcomes.128 Jobs was also budgeted to receive $403.7 million special appropriation funding.129

3.18.7 Table 3.18.1 and Table 3.18.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.18.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

401.1

2,133.9

Employee benefits

226.8

Suppliers

137.1

1,382.8

Subsidies

341.8

Grants

99.6

Depreciation and amortisation

37.2

Personal benefits

303.0

Other

6.7

Total own-source income

53.1

217.5

Sale of goods and rendering of services

52.7

Other taxes

143.7

Recoveries

70.6

Other

0.4

3.2

Net cost of services

348.0

1,916.4

     

Table 3.18.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

358.9

390.2

Other Investments

346.2

Trade and other receivables

154.4

27.5

Leasehold improvements

24.1

Intangibles

128.4

Property, plant and equipment

32.0

Other

20.0

16.5

Total liabilities

142.2

2,630.8

Employee provisions

73.1

Suppliers

44.6

81.0

Other payables

24.5

2,507.3

Subsidies

36.9

Other

5.6

Net assets/(liabilities)

216.7

(2,240.6)

     

Note a: Job’s estimated average staffing level for 2017–18 is 1 965.

Key areas of financial statements risk

3.18.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Jobs’ financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.18.3.

Table 3.18.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Personal benefits, suppliers and subsidies

The effectiveness of the design and implementation of the jobactive compliance program

Moderate

  • payments are reliant on assessments made by third party service providers; and
  • the success of the department’s compliance activities is crucial to the integrity of the jobactive program.

Departmental

Intangible assets

Valuation and management of Intangible Assets

Moderate

  • a significant increase of $53 million in the department’s intangible assets has been budgeted for 2017–18; and
  • the process of managing projects to internally develop software is complex due to judgements required relating to the value of staff and other costs that can be capitalised in accordance with Australian Accounting Standards.
       

Source: ANAO 2017–18 risk assessment for Jobs.

3.18.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. ANAO Report No.4 2017–18 jobactive: Design and Monitoring was tabled during 2017–18. The report did not include recommendations which had implications on the financial statements audit approach.

3.18.10 An assurance review was also undertaken at the Department. ANAO Report No.40 2017–18 Achieving Value for Money from the Fair Entitlements Guarantee Recovery Program. The objective of this review was to determine whether the establishment and early implementation of the Fair Entitlements Guarantee Recovery Program by Jobs provided a sound basis for achieving value for money. No changes were made to the financial statements audit approach as a result of the assurance review.

Audit results

3.18.11 The ANAO has completed its 2017–18 interim audit coverage including an assessment of the controls relating to: administered supplier expenses; personal benefits and subsidy payments; and grants expenditure. Interim audit coverage also included an assessment of IT general controls, and the design and implementation of the jobactive compliance program.

3.18.12 Audit procedures relating to: substantive testing over administered supplier expenses and subsidies; review of personal benefit and grant transactions; review of capitalisation and accounting for intangibles; and review of the Department’s monitoring of the jobactive compliance program will be completed as part of the 2017–18 final audit.

3.18.13 To date, audit coverage of the above areas has not identified any new significant or moderate audit findings. There were no unresolved significant or moderate audit findings from 2016–17.

Conclusion

3.18.14 At the completion of the interim audit the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Jobs will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.19 Department of Parliamentary Services

Overview

3.19.1 The Department of Parliamentary Services (DPS) is responsible for supporting the Parliament through a range of services, including library, research, Hansard, broadcasting, telecommunications, central computing, food and beverage and building security and maintenance.

3.19.2 Figure 3.19.1 shows DPS’ income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.19.1: DPS’ contribution to the Australian Government’s income, expenses, assets and liabilities130

Figure 3.19.1 shows DPS’ 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and DPS’ financial statements for the year ended 30 June 2017.

3.19.3 Figure 3.19.2 and Figure 3.19.3 show the 2016–17 departmental and administered financial statements items reported by DPS and the 2017–18 key areas of financial statements risk.

Figure 3.19.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.19.2 shows DPS’ departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per T

Source: ANAO analysis and DPS’ financial statements for the year ended 30 June 2017.

Figure 3.19.3: Key administered financial statement items and areas of financial statements risk

Figure 3.19.3 shows DPS’ administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.19.3

Source: ANAO analysis and DPS’ financial statements for the year ended 30 June 2017.

3.19.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on DPS’ financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of DPS’ environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of DPS also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.19.5 In light of the key areas of risk detailed in Table 3.19.3 and the ANAO’s understanding of the operations of DPS, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items131

3.19.6 Annual appropriation funding of $140.6 million (departmental) and $129.2 million (administered) was provided to DPS in 2017–18 to support the achievement of DPS’ outcomes.132

3.19.7 Table 3.19.1 and Table 3.19.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.19.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

162.2

42.3

Employee benefits

86.8

0.8

Suppliers

54.0

4.5

Depreciation and amortisation

21.4

37.0

Total own-source income

18.1

Sales of goods and rendering of services

15.4

Rental income

2.1

Other

0.6

Net cost of services

144.1

42.3

     

Table 3.19.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

127.9

2,426.3

Financial assets

22.4

0.9

Land and buildings

2,299.6

Property, plant and equipment

58.6

124.9

Intangibles

39.4

0.9

Inventories

0.5

Other

7.0

Total liabilities

28.9

1.5

Suppliers

4.2

0.7

Personal Benefits and Employee provisions

24.2

Other payables

0.5

0.8

Net assets

99.0

2,424.8

     

Note a: DPS’ estimated average staffing level for 2017–18 is 897.

Key areas of financial statements risk

3.19.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of DPS’s financial statements. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.19.3.

Table 3.19.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Land and buildings

Property, plant and equipment

Departmental

Property, plant and equipment

Valuation of non-financial assets

Higher

  • the unique nature of Parliament House, its contents and the purpose of the land, increases the judgement applied and complexity in establishing a fair value.

Departmental

Employee provisions

Valuation of employee provisions

Moderate

  • significant judgement and assumptions are applied to determine the value of employee leave provisions.
       

Source: ANAO 2017–18 risk assessment for DPS.

3.19.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.19.10 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the controls relating to: cash and asset management; payroll processing; and supplier expenses.

3.19.11 As part of the 2017–18 final audit, audit procedures over the key areas of financial statement risk will be completed, including the valuation of non-financial assets and employee provisions.

3.19.12 To date, audit coverage of the above areas has not identified any new significant or moderate audit findings. The 2017–18 audit also did not identify any significant or moderate audit findings.

Conclusion

3.19.13 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that DPS will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.20 Department of the Prime Minister and Cabinet

Overview

3.20.1 The Department of the Prime Minister and Cabinet (PM&C) is responsible for coordinating policy development across government in economic, domestic and international affairs; Aboriginal and Torres Strait Islander advancement; and public service stewardship.133

3.20.2 Figure 3.20.1 shows PM&C’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.20.1: PM&C’s contribution to the Australian Government’s income expenses, assets and liabilities134

Figure 3.20.1 shows PM&C’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and PM&C’s financial statements for the year ended 30 June 2017.

3.20.3 Figure 3.20.2 and Figure 3.20.3 show the 2016–17 departmental and administered financial statement items reported by PM&C and the 2017–18 key areas of financial statements risk.

Figure 3.20.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.20.2 shows PM&C’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per

Source: ANAO analysis and PM&C’s financial statements for the year ended 30 June 2017.

Figure 3.20.3: Key administered financial statement items and areas of financial statements risk

Figure 3.20.3 shows PM&C’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.20

Source: ANAO analysis and PM&C’s financial statements for the year ended 30 June 2017.

3.20.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on PM&C’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of PM&C’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 relevant to the financial management or administration of PM&C also inform the ANAO’s 2017–18 financial statements audit risk identification processes.

3.20.5 In light of the key areas of risk detailed in Table. 3.20.3 and the ANAO’s understanding of the operations of PM&C, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items135

3.20.6 Annual appropriation funding of $485.8 million (departmental) and $1,320.9 million (administered) was provided to PM&C in 2017–18 to support the achievement of PM&C’s outcomes.136 PM&C was also budgeted to receive special appropriation funding of $421.6 million.137

3.20.7 Table 3.20.1 and Table 3.20.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.20.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

452.0

1,727.3

Employee benefits

263.6

0.9

Suppliers

175.2

72.9

Depreciation and amortisation

12.9

0.2

Grants

0.4

1,335.5

Payments to corporate entities

94.9

Other

222.9

Total own-source income

23.3

95.6

Sale of goods and rendering of services

14.4

Interest

81.9

Other

8.9

13.7

Net cost of services

428.7

1,631.7

     

Table 3.20.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

271.3

5,200.0

Cash and cash equivalents

3.0

34.7

Trade and other receivables

103.6

109.8

Land and buildings

83.9

49.7

Property, plant and equipment

47.9

1.2

Intangibles

25.2

Investments

5,002.1

Other

7.7

2.5

Total liabilities

146.3

60.9

Employee provisions

78.2

0.3

Suppliers

25.1

6.5

Grants

0.3

40.8

Other

42.7

13.3

Net assets

125.0

5,139.1

     

Note a: PM&C’s estimated average staffing level for 2017–18 is 2,033.

Key areas of financial statements risk

3.20.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of PM&C’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table. 3.20.3.

Table 3.20.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Grants

Occurrence of grants expenses

Higher

  • the magnitude and diversity of grant programs that are subject to a decentralised eligibility assessment and approval process; and
  • effectiveness of internal control activities and financial reporting arrangements.

Departmental

Employee benefits Employee provisions

Valuation of employee provisions

Moderate

  • prior year moderate audit finding identified in 2016–17 related to internal control review and quality assurance processes; and
  • business continuity and change management processes associated with the use of the human resource management information system.

Departmental

Land and buildings

Plant and equipment

Intangible assets

Valuation and existence of non-financial assets

Moderate

  • subject to judgement and estimation in determining fair value of non-financial assets dispersed across multiple and regional locations.

Administered

Investments

Valuation of investments

Moderate

  • appropriateness of the selection of valuation techniques and underlying assumptions applied by PM&C to determine fair value; and
  • inaccurate or incomplete consolidation of the Aboriginal Benefit Account and the Aboriginal and Torres Strait Islander Land Account investment balances into the administered financial statements.
       

Source: ANAO 2017–18 risk assessment for PM&C.

3.20.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date; no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.20.10 The ANAO has substantially completed its interim audit coverage, including an assessment of the controls relating to selected administered grant programs and IT general and application controls for key financial systems, including those provided through shared service arrangements with other entities.

3.20.11 Audit procedures relating to valuation of non-financial assets and administered investment will be undertaken during the final audit phase.

3.20.12 The following table summarises the status of audit findings reported by the ANAO in 2016–17 and 2017–18.

Table 3.20.4: Status of audit findings raised by the ANAO

Category

Closing position (at the end of the 2016–17 final audit)

Resolved findings (at the time of the 2017–18 interim audit)

New findings (during the 2017–18 interim audit)

Closing position (at the end of the 2017–18 interim audit)

Significant (A)

0

0

0

0

Moderate (B)

1

(1)

1

1

Total

1

(1)

1

1

         
New moderate audit finding
IT Logging and Monitoring

3.20.13 During the 2017–18 interim audit the ANAO identified weaknesses in the management of PM&C’s privileged user access to key PM&C systems, including a lack of:

  • active logging and monitoring of privileged users at the network and database level;
  • active logs for a number of months for the human resource management information system and a number of these logs being reviewed by privileged users; and
  • active logging or monitoring of privileged user activity on the financial management information system other than in relation to vendor accounts.

3.20.14 Inappropriate levels of access and inadequate monitoring of system access, particularly for privileged users, increases the risk of not preventing or identifying inappropriate activity. PM&C have advised that they will implement processes to address the above finding. The ANAO will review and assess their response during the 2017–18 final audit.

Resolved moderate audit finding
Internal control over human resource management processes

3.20.15 During the 2016–17 audit, the ANAO identified weaknesses in internal control and quality assurance processes for key human resource management processes, which resulted in overpayments in superannuation expenses. PM&C have implemented further human resource management information system configuration controls and strengthened internal policies and procedures as part of a formal remediation program.

3.20.16 During the interim audit the ANAO has observed the updated processes and confirmed the internal control and quality assurances processes. As a result this finding has been resolved.

Conclusion

3.20.17 At the completion of the interim audit, and except for the finding outlined above, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that PM&C will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed during the 2017–18 final audit.

3.21 Department of Social Services

Overview

3.21.1 The Department of Social Services (DSS) is responsible for social security, families and communities, disability and carers, and housing. DSS works in partnership with other government138 and non-government organisations, to develop, manage and deliver a range of policies, programs and services focused on improving the wellbeing of people and families in Australia.139

3.21.2 Figure 3.21.1 shows DSS’ income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.21.1: DSS’ contribution to the Australian Government’s income, expenses, assets and liabilities140

Figure 3.21.1 shows DSS’ 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and DSS’ financial statements for the year ended 30 June 2017.

3.21.3 Figure 3.21.2 and Figure 3.21.3 show the 2016–17 departmental and administered financial statements items reported by DSS and the 2017–18 key areas of financial statements risk.

Figure 3.21.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.21.2 shows DSS’ departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per T

Source: ANAO analysis and DSS’ financial statements for the year ended 30 June 2017.

Figure 3.21.3: Key administered financial statement items and areas of financial statements risk

Figure 3.21.3 shows DSS’ administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.21.3

Source: ANAO analysis and DSS’ financial statements for the year ended 30 June 2017.

3.21.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on DSS’ financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of DSS’ environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of DSS also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.21.5 In light of the key areas of risk detailed in Table 3.21.3 and the ANAO’s understanding of the operations of DSS, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items141

3.21.6 Annual appropriation funding of $465.4 million (departmental) and $5,151.1 million (administered) is to be provided to DSS in 2017–18 to support the achievement of the DSS’ outcomes.142 DSS was also budgeted to receive special appropriation funding of $111,061.3 million.143

3.21.7 Table 3.21.1 and Table 3.21.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.21.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

537.4

117,315.2

Employee benefits

275.7

Suppliers

185.0

1,095.5

Depreciation and amortisation

72.2

Personal benefits

110,606.3

Grants

1,598.2

Subsidies

84.9

Other

4.5

3,930.3

Total own-source income

76.7

39.5

Sale of goods and rendering of services

73.3

Other

3.4

39.5

Net cost of services

460.7

117,275.7

     

Table 3.21.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

386.3

5,250.8

Leasehold improvements

52.6

Property, plant and equipment

27.8

Intangibles

173.0

Receivables

99.3

3,695.9

Other

33.6

1,554.9

Total liabilities

152.7

6,238.1

Employee provisions

84.1

Personal benefits payable

1,986.3

Personal benefits provision

4,106.0

Other

68.6

145.8

Net assets/(liabilities)

233.6

(987.3)

     

Note a: DSS’ estimated average staffing level for 2017–18 is 2,002.

3.21.8 On behalf of DSS, Human Services delivers a range of social security payments (personal benefits) for services and programs that support individuals. These payments relate largely to the Family Tax Benefit, income support for seniors, carers, people with disability and working age payments.

Key areas of financial statements risk

3.21.9 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of DSS’ financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.21.3.

Table 3.21.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Personal benefits expenses

Accuracy and occurrence of personal benefits payments

Higher

  • reliance on the correct disclosure of personal circumstances by a large number of recipients across diverse socio-economic groups; and
  • reliance on Human Services’ complex information technology system for the processing of a high volume of payments across numerous personal benefit types with varying complexities.

Administered

Personal benefits provisions Personal benefits receivables

Valuation of personal benefits provisions and personal benefits receivables

Higher

  • provisions and receivables involve estimation models which require significant judgements and assumptions, and are dependent on a number of factors. These factors include: new budget measures affecting benefit programs; timing of payments; personal circumstances of recipients; the economic environment and the accuracy and completeness of the source data used by the actuary in developing the estimation models.

Administered

Grants expenses

Accuracy and occurrence of grant expenses

Moderate

  • a large number of grants programs with differing legislative and policy requirements; and
  • inherent information technology challenges relating to the expansion of existing grant management infrastructure including the use of DSS’ systems as a shared service operation for other entities.
       

Source: ANAO 2017–18 risk assessment for DSS.

3.21.10 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit.

3.21.11 ANAO Report No.35 2017–18 Management of Special Appropriations was tabled during 2017–18 and was relevant to the financial management of DSS. ANAO Report No.17 examined compliance with regulatory requirements for the establishment and ongoing management of special appropriations.

3.21.12 This report did not include recommendations which had implications on the financial statements audit approach. Additional disclosure of special appropriations will be considered as part of the financial statements audit.

Audit results

3.21.13 The ANAO has completed its interim audit coverage including: an assessment of the department’s IT general controls over security and change management; and compliance activities and assurance processes relating to personal benefits, disability services and grants.

3.21.14 Audit coverage of the department’s processes relating to: cash; asset management; payroll processing; suppliers expenses; IT general controls and application controls in financial management and human resource management information systems; and grants has also been completed.

3.21.15 As part of the 2017–18 final audit, assessment of the valuation of personal benefits related asset and liability balances will be completed. The testing of application controls for the IT systems that process payments related to personal benefits and disability services will also be finalised.

3.21.16 No significant or moderate audit findings have been raised by the ANAO as a result of the audit coverage to date. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.21.17 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that DSS will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year and the controls not evaluated during the interim audit, will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.22 National Disability Insurance Agency

Overview

3.22.1 The National Disability Insurance Agency (NDIA), which commenced operations on 1 July 2013, was established under the National Disability Insurance Scheme Act 2013. The NDIA is responsible for delivering the National Disability Insurance Scheme (the Scheme). The Scheme is designed to provide individual control and choice in the delivery of reasonable and necessary support; to improve the independence, social and economic participation of eligible people with disability, their families and carers; and to provide associated referral services and activities

3.22.2 Figure 3.22.1 shows NDIA’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.22.1: NDIA’s contribution to the Australian Government’s income, expenses, assets and liabilities144

Figure 3.22.1 shows NDIA’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and NDIA’s financial statements for the year ended 30 June 2017.

3.22.3 Figure 3.22.2 shows the 2016–17 financial statement items reported by NDIA and the 2017–18 key areas of financial statements risk.

Figure 3.22.2: Key financial statement items and areas of financial statements risk

Figure 3.22.2 shows NDIA’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per

Source: ANAO analysis and NDIA’s financial statements for the year ended 30 June 2017.

3.22.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on NDIA’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of NDIA’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of NDIA also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.22.5 In light of the key areas of risk detailed in Table 3.22.3 and the ANAO’s understanding of the operations of NDIA, the ANAO has assessed the risk of a material misstatement as high.

Key financial statement items145

3.22.6 Annual funding of $7,822 million is estimated to be provided to NDIA in 2017–18 to support the achievement of NDIA’s outcomes.146

3.22.7 Table 3.22.1 and Table 3.22.2 provide a summary of the key 2017–18 estimated financial statement items.

Table 3.22.1: Key expenses and total own-source income

Expenses and own-source income

Estimated actual ($m) 2017–18

Total expenses

7,825

Employee benefits

268

Suppliers

765

Grants

6,772

Depreciation and amortisation

13

Write-down and impairment of assets

7

Total own-source income

6,785

Sales of goods and rendering services

5,556

Resources received free of charge and other gains

1,228

Net cost of services

1,040

   

Table 3.22.2: Key assets and liabilities

Asset and Liabilities

Estimated actual ($m) 2017–18

Total assets

1,626

Cash and cash equivalents

1,351

Trade and other receivables

209

Non-financial assets

66

Total liabilities

753

Suppliers

131

Other payables

6

Employee provisions

46

Grants

506

Other provisions

64

Net assets

873

   

Note a: NDIA’s estimated average staffing level for 2017–18 is 2,460.

Key areas of financial statements risk

3.22.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of NDIA’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.23.3.

Table 3.22.3: Key areas of financial statement risks

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Participant plan expenses

Accuracy and validity of participant plan expenses

Higher

  • the Scheme is growing in participant numbers, and needs to cater for a diverse group of participants with varying and changing needs;
  • reliance on third parties to provide information to support payments, making these payments more susceptible to fraud; and
  • a control environment that has a number of areas requiring remediation including the reliance on a developing assurance framework and associated compliance program to support the accuracy and integrity of claims made by participants and service providers.

Participant plan provision

Valuation of participant plan provision

Higher

  • the provision is subject to significant judgements and assumptions to determine the service delivery patterns for unclaimed services given the maturity of the Scheme; and
  • complexity of calculations due to the significant number of participant plans and the diverse nature of goods and services provided.

Contributions in-kind from Commonwealth, State and Territory governments

Accuracy and completeness of contributions of in-kind services from Commonwealth and State and Territory governments

Higher

  • lack of incentive for providers to acquit their services in a timely manner; and
  • difficulties in estimating the value of in-kind services utilised by participants.
       

Source: ANAO risk assessment for NDIA.

3.22.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. The ANAO Report No.13 2017–18 Decision-making controls for sustainability – National Disability Insurance Scheme access was tabled in October 2017.

3.22.10 ANAO Report No.13 2017–18 included observations relevant to the Assurance framework – compliance program and Participant Plan Expenses outlined in Table 3.22.3. The audit assessed the effectiveness of controls being implemented and/or developed by the NDIA to ensure that access decisions are consistent with legislative and other requirements. The report concluded that the NDIA has implemented some controls to ensure that NDIA access decisions are consistent with legislative requirements but these have been inconsistently applied.

Audit results

3.22.11 The ANAO has completed its 2017–18 interim audit coverage including: an assessment of the controls relating to the NDIA’s IT general controls over security and change management; processes relating to cash; asset management; payroll processing; suppliers’ expenses; grants expenses; and participant expenses. Audit coverage of the application controls in the financial management and human resource management information systems and the Customer Relationship Management (CRM) system has also been completed.

3.22.12 As part of the 2017–18 final audit, assessment of the valuation of the participant provision balances will be completed. The testing of participant payments and the associated quality assurance framework will also be finalised.

3.22.13 The following table summarises the status of audit findings reported by the ANAO in 2017–18.

Table 3.22.4: Status of audit findings raised by the ANAO

Category

Closing position (at the end of the 2016–17 final audit)

Resolved findings (at the time of the 2017–18 interim audit)

New findings (during the 2017–18 interim audit)

Closing position (at the end of the 2017–18 interim audit)

A

2

(2)a

0

0

B

5

(1)b

1a

5

Total

7

(3)

1

5

         

Note a: One significant audit finding related to Business Assurance – Compliance Program has been downgraded to a moderate audit finding. Further details of this finding can be found at paragraphs 3.22.18 to 3.22.24.

Note b: One moderate audit related to IT Change Management has been downgraded to a minor audit finding. Further details of this finding can be found at paragraphs 3.22.40 to 3.22.43.

Resolved significant audit finding
IT User Access Management

3.22.14 The NDIA uses the Customer Relationship Management (CRM) system to manage Scheme participant records, assess eligibility to the Scheme, create and approve participant support plans, create and register disability support service providers and process claims for payment to providers and participants.

3.22.15 Each individual with access to the CRM is designated a role or roles that determine what functions they can perform in the CRM. To mitigate the risk of error or fraudulent behaviour it is important that roles are appropriately segregated.

3.22.16 ANAO testing in 2016–17 identified that a formal segregation of duties matrix had not been developed for CRM roles, users had been granted access to roles within the system that should be segregated and there were no processes in place to regularly review user access to ensure that it remained current and appropriate based on the user’s role within the organisation. These issues increased the risk of inappropriate or unauthorised transactions being processed.

3.22.17 ANAO testing performed in 2017–18 has confirmed that the NDIA has developed a segregation of duties matrix that removes incompatible roles from any single user profile. The NDIA has also undertaken a review of user activity that took place in 2016–17 to assess the risk of any inappropriate transactions being processed due to incompatible user profiles and has implemented a process of regular review of system access to ensure access remains consistent with the user’s role. As a result this finding is now resolved.

Downgraded significant audit finding
Business Assurance – Compliance Program

3.22.18 Access to the Scheme is regulated via NDIA’s assessment and approval of individual applicants against eligibility criteria. Once an application is approved as eligible for the Scheme, a participant plan is formulated and approved that outlines the reasonable and necessary supports required by the participant.

3.22.19 Scheme participants can choose to self–manage their approved plan of supports or have their plan managed by the NDIA. Where plans are managed by the NDIA, payments are made to the provider subject to claims lodged online. Self–managed participants also claim online but funds are paid directly to the individual participant. No supporting documentation is required as part of the claims process. Providers are expected to maintain evidence supporting the claims. Self–managed participants are required to keep copies of receipts for supports provided.

3.22.20 In 2015–16 the ANAO’s review of the NDIA’s progress towards implementing an assurance framework, including a compliance program, over the integrity of claims paid to both scheme participants and service providers identified weaknesses. The review noted that there were no documented compliance activities for payments made directly to self–managed participants and that the review program for payments made to providers was based on a non–statistical sample methodology which did not allow results to be extrapolated across the population to estimate the potential rate of non–compliance within the Scheme.

3.22.21 The ANAO also identified that there was insufficient documentary evidence to demonstrate quality assurance processes over the integrity of decisions made concerning provider registrations, participant identity or eligibility and participant plan approvals.

3.22.22 NDIA has advised the ANAO that it has a plan to fully address this finding by June 2019. Considerable progress has been made with the development and endorsement of a business assurance and compliance plan which is in the process of being implemented. A sound statistical sample methodology for the review of payments has also been developed. However a process for reviewing payments to self-managed participants had not been implemented at the time of the ANAO interim audit. A pilot program commenced in April 2018.

3.22.23 To date the business assurance and compliance plan has focused on controls that detect, not prevent, payments made inaccurately or inappropriately. The NDIA has advised that a preventative control has been implemented over Scheme access decisions. The first formal reporting on the operation of the control was due in April 2018. The introduction of other preventative controls is currently under consideration.

3.22.24 Based on the progress made to address this finding, it has been downgraded from a significant finding to a moderate finding. The ANAO will continue to monitor progress during the 2017–18 final audit phase.

Unresolved moderate audit findings
Provider Registration

3.22.25 Providers must register with the NDIA to submit claims for payment for goods and services provided to Scheme participants. The provider registration occurs in the CRM system.

3.22.26 A moderate finding was raised in 2016–17 as there was no IT control preventing a single person from creating and approving registration of a provider. The ANAO’s sample testing found approximately 10% of provider registrations were completed by one NDIA user. Once a provider has been approved as registered, a claim for payment can be made without any further approval or review by the NDIA. This increases the risk of inappropriate or unauthorised providers being registered and able to submit invalid claims for payment.

3.22.27 The preliminary finding from quality assurance processes over registrations for the period July – December 2017 has not identified any provider registrations created and approved by the same person. The NDIA advised that a new report to identify provider registrations that have been created and approved by a single NDIA user is in the process of being developed. Any provider registrations that have been created and approved by a single user will be reviewed. The ANAO will review these processes as part of the final phase of the 2017–18 audit.

Streamlined Access to Scheme - Defined Programs

3.22.28 Streamlined access processes for participants were introduced to facilitate the timely transition of large numbers of people into the Scheme. One of the streamlined pathways is through Defined Programs. Defined Programs are existing State, Territory and Commonwealth disability support programs that have been assessed by the NDIA as having eligibility requirements that align with Scheme access requirements. People currently receiving support from a Defined Program are automatically deemed eligible for the Scheme, as long as they meet the Scheme age and residence requirements. The NDIA advised that between 1 July 2016 and 30 June 2017, approximately 67 per cent of NDIS participants entered the Scheme through a Defined Program.

3.22.29 The Commonwealth, State and Territory Governments provide information to the NDIA on existing disability clients transitioning into the Scheme in accordance with an agreed data standard, including if a potential participant is a participant in a Defined Program.

3.22.30 Due to the reliance on state and territory information and the limited access review processes for participants once they have been accepted as eligible to the Scheme, there is an increased risk of ineligible participants entering the Scheme and not being identified as ineligible in a timely manner. A risk mitigation strategy had not been implemented to address this risk.

3.22.31 The NDIA has advised that a review of the Defined Program access processes, including the design of a risk-based assessment of participants deemed as eligible under a defined program, has commenced. The completion of this work is dependent on the outcome of legal advice regarding access reviews and the NDIA’s right to revoke access to the Scheme. This legal advice will be used to strengthen guidance and processes around the review of participants who have entered the Scheme through a Defined Program. The ANAO will review progress as part of the final phase of the 2017–18 audit.

Scheme Eligibility

3.22.32 Decisions on eligibility and therefore access to the Scheme are critical to both participant outcomes and Scheme financial sustainability. Evidence demonstrating that an applicant meets the Scheme eligibility requirements is to be provided as part of a valid Scheme access request. Additional information may also be requested by the NDIA to inform an access decision.

3.22.33 In 2016–17, the ANAO’s review of access decisions noted that supporting evidence for decisions was not always attached to the client record, that the decision maker did not always detail the reasons for their access decision and there were instances where additional evidence was requested but an access decision was made prior to receipt of the requested evidence.

3.22.34 Following a pilot process in November 2017, a program commenced in January 2018 whereby staff processing access requests have their decision reviewed prior to approval. The NDIA has advised that the staff processing access requests have had their decision accuracy rates baselined and the level of review of decisions prior to finalisation is linked to the decision makers’ level of accuracy. The first formal reporting from this process was due in April 2018. The ANAO will review this new process as part of our final audit phase.

3.22.35 The NDIA has also advised that the review of access decisions is part of its broader assurance program for 2017–18. As this program had not been finalised at the time of the interim phase of our audit, this will be examined during the final audit phase.

IT Logging and Monitoring

3.22.36 Maintaining and supporting IT systems requires that some individuals have powerful access rights – known as privileged access. This level of access can be used to bypass security controls and make changes, either to system settings or directly to system data. Individuals with privileged access should have their activity regularly monitored to detect any unauthorised use.

3.22.37 NDIA’s financial management information system is hosted and maintained by the Department of Human Services (DHS), and privileged user access is also managed by Human Services. Although Human Services manage the granting of privileged access, NDIA is accountable for ensuring that privileged access is used appropriately.

3.22.38 In 2016–17 a moderate finding was raised as NDIA did not have a formal policy for logging and monitoring privileged user activity. No evidence of the regular monitoring of privileged user access was able to be provided during the course of the 2016–17 audit.

3.22.39 The NDIA has committed to developing a logging and monitoring policy for the NDIA business system, to developing and implementing a process to review the activities of privileged users and to putting in place processes to gain assurance that Human Services has appropriate controls in place to oversight Human Services IT staff that have access to NDIA systems and data. The ANAO will review these processes as part of the final phase of the 2017–18 audit.

Resolved moderate audit finding
IT Change Management

3.22.40 IT change management processes provide a disciplined approach to making changes to the IT environment. They include controls to ensure that only authorised changes are made to the system and that these changes do not disrupt normal business operations. IT change management processes at NDIA are managed concurrently by both NDIA and the Department of Human Services (DHS).

3.22.41 In 2016–17, the ANAO raised a Category B finding regarding IT change management. A sample of CRM system changes tested by the ANAO noted that the NDIA was unable to provide evidence that appropriate testing had occurred prior to the change being implemented. In addition, the ANAO identified instances in the sample tested where evidence was not available to support the approval of the system change prior to its implementation.

3.22.42 A new change management policy was implemented in December 2017. During the 2017–18 interim audit, the ANAO concluded that the policy was sound and confirmed that it had been implemented. The timing and frequency of changes to the system has meant that there has not been sufficient time for ANAO to conclude that the process has been embedded as at the end of March.

3.22.43 As a sound change management policy and procedures have been implemented this finding has been downgraded from a moderate to a minor finding. Further testing of system changes will be undertaken during our final audit phase to determine whether the issue has been resolved.

Conclusion

3.22.44 At the completion of the interim audit, the ANAO has reported a number of areas where improvements are required. The audit findings outlined above reduce the level of confidence that can be placed on the key elements of internal control that support the preparation of the financial statements that are free from material misstatement. During the 2017–18 final audit the ANAO will undertake further procedures and assess action taken by NDIA to address the weaknesses identified.

3.23 Department of the Treasury

Overview

3.23.1 The Department of the Treasury (the Treasury) is responsible for the development, delivery and implementation of economic policy and advice. This includes advice on: taxation; the Budget and the economy; financial and foreign investment, competition and broader structural policy; small business; and international economic policy.

3.23.2 Figure 3.23.1 shows Treasury’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.23.1: Treasury’s contribution to the Australian Government’s income, expenses, assets and liabilities147

Figure 3.23.1 shows Treasury’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and Treasury’s financial statements for the year ended 30 June 2017.

3.23.3 Figure 3.23.2 and Figure 3.23.3 show the 2016–17 departmental and administered financial statements items reported by Treasury and the key areas of financial statements risk.

Figure 3.23.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.23.2 shows Treasury’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as

Source: ANAO analysis and Treasury’s financial statements for the year ended 30 June 2017.

Figure 3.23.3: Key administered financial statement items and areas of financial statements risk

Figure 3.23.3 shows Treasury’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table

Source: ANAO analysis and Treasury’s financial statements for the year ended 30 June 2017.

3.23.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on Treasury’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of Treasury’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audits tabled since 1 July 2017 and relevant to the financial management or administration of Treasury also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.23.5 In light of the key areas of risk detailed in Table 3.23.3 and the ANAO’s understanding of the operations of Treasury, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items148

3.23.6 Annual appropriation funding of $205.5 million (departmental) and $101.0 million (administered) was provided to Treasury in 2017–18 to support the achievement of the Treasury’s outcomes.149 Treasury was also budgeted to receive special appropriation funding of $89,099.3 million.150 151

3.23.7 Table 3.23.1 and Table 3.23.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.23.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

209.8

136,687.6

Employee benefits

135.8

Suppliers

66.6

19.5

Grants

2.0

101,366.9

Payments to the Medicare Guarantee Fund

34,774.9

Interest

42.2

Foreign Exchange losses

484.1

Other

5.4

Total own-source income

16.6

2,410.0

Sales of goods and services

11.7

638.4

Interest

10.7

Dividends

442.5

COAG revenue from government entities

1,076.4

Other

4.9

93.7

Foreign Exchange Gains

148.3

Net cost of services

193.2

134,277.6

     

Table 3.23.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

103.6

36,721.1

Cash and cash equivalents

1.3

Advances and loans

541.3

Trade and other receivables

55.3

632.7

Land and buildings

16.1

Property, plant and equipment

14.1

Intangibles

11.2

Investments

35,546.7

Other

5.6

0.4

Total liabilities

61.5

16,570.8

Suppliers

9.9

Other payables

3.1

21.9

Employee provisions

45.1

Grants payable

888.8

Loans

10,017.4

Other provisions

3.4

5,642.7

Net assets

42.1

20,150.3

     

The Treasury’s estimated actual average staffing level for 2017–18 is 849.

Key areas of financial statements risk

3.23.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of Treasury’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.23.3.

Table 3.23.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Other payables and provisions

Valuation of the Natural Disaster Relief and Recovery Arrangements (NDRRA) provision

Higher

  • complexities in calculating the provision due to the devolved nature and high level of judgement relating to the estimation process including judgements around the timing and amount of expenditure estimated by the states and reliance on quality assurance processes provided by a third party; and
  • reliance on the estimates provided by States and Territory governments in determining the provision value.

Administered

Grants expenses Grants payable Provision for grants

Payment to States and Territories under the Federal Financial Relations Act 2009

Moderate

  • reliance on a number of government entities responsible for administering the program, assessing eligibility and advising the Treasury of the amount to be paid.
       

Source: ANAO 2017–18 risk assessment for Treasury.

3.23.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.23.10 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the controls relating to: cash and asset management; payroll processing; supplier expenses; and appropriations. Audit coverage also included an assessment of the IT general controls.

3.23.11 Interim audit coverage has also been completed over the Treasury’s risk assessment and payments processes for National Partnership Payments made under the Federal Financial Relations Act 2009.

3.23.12 Audit procedures relating to: the valuation of NDRRA; administered investments; and revenue and receivables will be undertaken as part of the planned 2017–18 final audit. As part of the 2017–18 final audit, procedures will also be undertaken over the assurance processes for payments made under the Federal Financial Relations Act 2009.

3.23.13 To date, our audit coverage of the above areas has not identified any new significant or moderate audit findings. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.23.14 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that Treasury will be able to prepare financial statements that are free of material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.24 Australian Office of Financial Management

Overview

3.24.1 The Australian Office of Financial Management (AOFM) is responsible for managing Australian Government debt and financial assets and for issuing Treasury bonds, Treasury indexed bonds and Treasury notes.

3.24.2 Figure 3.24.1 shows AOFM’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.24.1: AOFM’s contribution to the Australian Government’s income, expenses, assets and liabilities152

Figure 3.24.1 shows AOFM’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and AOFM’s financial statements for the year ended 30 June 2017.

3.24.3 Figure 3.24.2 and Figure 3.24.3 show the 2016–17 departmental and administered financial statements items reported by AOFM and the 2017–18 key areas of financial statements risk.

Figure 3.24.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.24.2 shows AOFM’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per

Source: ANAO analysis and AOFM’s financial statements for the year ended 30 June 2017.

Figure 3.24.3: Key administered financial statement items and areas of financial statements risk

Figure 3.24.3 shows AOFM’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.24

Source: ANAO analysis and AOFM’s financial statements for the year ended 30 June 2017.

3.24.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on AOFM’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of AOFM’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of AOFM also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.24.5 In light of the key areas of risk detailed in Table 3.24.3 and the ANAO’s understanding of the operations of AOFM, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items153

3.24.6 Annual appropriation funding of $11.6 million (departmental) and $0.01 million (administered) was provided to AOFM in 2017–18 to support the achievement of AOFM’s outcomes.154 AOFM was also budgeted to receive special appropriation funding of $542,309.1 million.155

3.24.7 Table 3.24.1 and Table 3.24.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.24.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

11.0

17,047.2

Employee benefits

6.5

Suppliers

4.1

Depreciation and amortisation

0.4

Interest costs

17,017.2

Other

30.0

Total own-source income

0.7

220.8

Sales of goods and rendering of services

0.4

Resources received free of charge

0.3

Interest revenue

757.0

Net loss on debt repurchase and asset sales

536.2

Net gain on market revaluation

8,125.8

Net cost of services

10.3

8,700.6

     

Table 3.24.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

29.5

39,760.0

Cash and cash equivalents

0.1

0.6

Trade and other receivables

25.6

1,793.3

Investments

37,966.0

Non-financial assets

3.8

Total liabilities

3.3

568,924.3

Employee provisions

2.4

Australian Government securities

568,924.3

Other

0.9

Net assets/(liabilities)

26.2

(529,164.5)

     

Note a: AOFM’s estimated average staffing level for 2017–18 is 40.

Key areas of financial statements risk

3.24.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of AOFM’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. The area highlighted for specific audit coverage in 2017–18 is provided in Table 3.24.3.

Table 3.24.3: Key area of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered

Australian Government securities

Valuation and disclosure of Australian Government Securities

Higher

  • significant value of the liability and significant volume of instruments issued;
  • fair value movements have a material impact on the financial statements and are impacted by price changes in money markets and capital markets; and
  • complex financial statement disclosure requirements for financial assets and liabilities measured at fair value through profit and loss.
       

Source: ANAO 2017–18 risk assessment for AOFM.

3.24.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.24.10 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the controls relating to the issuance of debt instruments. Audit coverage of: cash and other financial assets; accounts payable and receivable; payroll processing; IT general and application controls in the financial management information system and the human resources information system, has also been completed.

3.24.11 The assessment of the measurement and disclosure of financial assets and Australian Government securities will be completed as part of the 2017–18 final audit.

3.24.12 To date, audit coverage of the above areas has not identified any new significant or moderate audit findings. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.24.13 At the completion of the interim audit, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that AOFM will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.25 Australian Taxation Office

Overview

3.25.1 The Australian Taxation Office (ATO) is the Australian Government’s principal revenue collection agency. Its role is to administer Australia’s tax system and significant aspects of Australia’s superannuation system, and support the delivery of government benefits to the community. The ATO has a single outcome delivered through 18 programs. In addition, the ATO provides support to the Tax Practitioners Board, the Australian Business Register and the Australian Charities and Not-for-profits Commission.

3.25.2 Figure 3.25.1 shows the ATO’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.25.1: ATO’s contribution to the Australian Government’s income, expenses, assets and liabilities156

Figure 3.25.1 shows ATO’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and ATO’s financial statements for the year ended 30 June 2017.

3.25.3 Figure 3.25.2 and Figure 3.25.3 show the 2016–17 departmental and administered financial statement items reported by the ATO and the 2017–18 key areas of financial statements risk.

Figure 3.25.2: Key departmental financial statement items and areas of financial statements risk

Figure 3.25.2 shows ATO’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per

Source: ANAO analysis and the ATO’s financial statements for the year ended 30 June 2017.

Figure 3.25.3: Key administered financial statement items and areas of financial statements risk

Figure 3.25.3 shows ATO’s administered financial statements for the year ended 30 June 2017, categorised by financial statement classification of, income, expenses, assets and liabilities, with the key areas of financial statements risk as per Table 3.25.

Source: ANAO analysis and ATO’s financial statements for the year ended 30 June 2017.

3.25.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on the ATO’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statements items and an understanding of the ATO’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of the ATO also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.25.5 In light of the key areas of risk detailed in Table 3.25.3 and the ANAO’s understanding of the operations of ATO, the ANAO has assessed the risk of a material misstatement as high.

Key financial statements items157

3.25.6 Annual appropriation funding of $3,839.7 million (departmental) and $5,887.1 million (administered) was provided to the ATO in 2017–18 to support the achievement of the ATO’s outcomes.158 The ATO was also budgeted to receive special appropriation funding of $11,934.2 million.159

3.25.7 Table 3.25.1 and Table 3.25.2 provide a summary of the key 2017–18 departmental and administered estimated financial statements items.

Table 3.25.1: Key expenses and total own-source income

Expenses and own-source income

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total expenses

3,507.3

20,886.7

Employee benefits

1,916.9

Suppliers

1,401.6

1.0

Depreciation and amortisation

188.9

Subsidies

10,059.2

Personal benefits

1,158.0

Penalty and Interest charge remission

2,000.0

Write-down and impairment of assets

7,051.5

Interest

145.0

Other

472.0

Total own-source income

134.8

407,200.3

Sale of goods and rendering of services

131.8

Income tax

313,538.2

Indirect tax

90,870.0

Other taxes

2,774.1

Other

3.0

18.0

Net (cost of)/contribution to services

(3,372.5)

386,313.6

     

Table 3.25.2: Key assets and liabilities

Assets and liabilities

Departmental estimated actual ($m) 2017–18

Administered estimated actual ($m) 2017–18

Total assets

1,315.6

38,154.2

Trade and other receivables

422.8

Non-financial assets

788.4

Taxation receivables

22,719.6

Accrued revenues

14,999.2

Other

104.4

435.4

Total liabilities

1,077.0

9,569.8

Suppliers

289.5

Employee provisions

681.3

Subsidies

4,223.8

Taxation refunds provided

1,142.8

Other provisions

27.7

1,651.2

Personal benefits

1,218.5

Other

78.5

1,333.5

Net assets

238.6

28,584.3

     

The ATO’s estimated average staffing level for 2017–18 is 18,193.

Key areas of financial statements risk

3.25.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of the ATO’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.25.3.

Table 3.25.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Administered revenue

Impairment of taxation receivables

Taxation receivables

Estimation and allocation processes associated with reporting of taxation revenue

Higher

  • complex estimation processes, involving significant judgement and specialist knowledge;
  • completeness, relevance and accuracy of source data; and
  • volatility in economic conditions increases the uncertainty of factors underpinning the estimates.

Administered

Revenue

Expenses

Impairment expenses

Provisions for credit amendments, impairment allowance and provisions for refunds

Processes for estimating taxation debt provisions which also includes accounting for settlements of outstanding taxation liabilities and other adjustments to taxpayer client accounts

Higher

  • complex estimation processes for debt provisions, including allowance for credit amendment and impairment losses associated with taxation receivable balances, involving significant judgement and specialist knowledge;
  • completeness, relevance and accuracy of source data;
  • complexity associated with negotiations and dispute resolutions;
  • application of significant judgement for settlement resulting from differing deeds and terms; and
  • quality assurance processes for key judgements relating to the debt provisions which includes: credit amendments; impairment losses; and accounting for settlements of outstanding taxation liabilities and other adjustments to client accounts.

All administered items

ATO compliance risk management relating to the collection of taxation revenue

Higher

  • self-assessment and voluntary compliance regime; and
  • judgements associated with the risk management approach to compliance activities.

Administered

Revenue

Penalty and interest charge remission expenses

Taxation receivables

Application of various types of penalties and interest charges

Moderate

  • significant manual processes surrounding imposition and remission of penalties;
  • application of various types of penalties and interest charges imposed by legislative requirements; and
  • application of judgement surrounding cancellation or remission of penalties and interest charges on unpaid or amended taxation liabilities.

All administered items

Complex manual processes required for financial reporting

Moderate

  • manual calculation of complex information in spreadsheets increases the risk of miscalculation due to data linkages and human errors.

All administered items

IT business systems and associated processing of taxpayer returns and statements

Moderate

  • large and complex IT environment with several hundred business applications processing a high volume of transactions;
  • IT systems are bespoke or heavily customised to the ATO; and
  • reliance on specialised reports to prepare financial statements balances.
       

Source: ANAO 2017–18 risk assessment for ATO.

3.25.9 As mentioned above, the ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. The following performance audit reports tabled during 2017–18 were relevant to the financial management or administration of the ATO:

  • ANAO Report No.15 2017–18 Costs and Benefits of the Reinventing the ATO Program;
  • ANAO Report No.21 2017–18 The Australian Taxation Office’s Use of Settlements;
  • ANAO Report No. 29 2017–18 Unscheduled Taxation System Outages; and
  • ANAO Report No. 36 2017–18 Corporate Planning in the Australian Public Sector 2017–18.

3.25.10 These reports included observations supporting the ANAO’s assessment of financial statements risk outlined in Table 3.25.3 in particular the processes for estimating taxation debt provisions which also includes accounting for settlements of outstanding taxation liabilities and other adjustments to taxpayer client accounts and IT business systems, which are identified as higher and moderate risks, respectively.

Audit results

3.25.11 The ANAO has substantially completed its 2017–18 interim audit coverage, including an assessment of the controls relating to the ATO’s business operations which incorporated ATO’s key financial administration systems and its key revenue collection processes.

3.25.12 The ANAO’s interim audit coverage included an assessment of the ATO’s IT general controls and departmental application controls. The assessment included logical security, change and release management and controls in the ATO’s financial management information system, human resource management information system and other key administered financial systems.

3.25.13 As part of the 2017−18 final audit, audit coverage in relation to the estimation and allocation processes associated with reporting of taxation revenue; processes for estimating taxation debt provisions and accounting transactions for settlements of outstanding taxation liabilities including adjustments to taxpayer client accounts, will be finalised. The ANAO will also finalise the assessment of the complex manual processes for financial reporting and coverage over the ATO’s external compliance program as part of the 2017–18 final audit. The ANAO will also assess the effective operation of the ATO’s IT general application controls during the 2017–18 final audit.

3.25.14 The following table summarises the status of audit findings reported by the ANAO in 2016–17 and 2017–18.

Table 3.25.4: Status of audit findings raised by the ANAO

Category

Closing position (at the end of the 2016–17 final audit)

Resolved findings (at the time of the 2017–18 interim audit)

New findings (during the 2017–18 interim audit)

Closing position (at the end of the 2017–18 interim audit)

Significant (A)

0

0

0

0

Moderate (B)

1

0

0

1

Total

1

0

0

1

         
Unresolved moderate audit finding
Debt provisions and adjustments to client accounts

3.25.15 During 2016–17 the ANAO reviewed the approach adopted by the ATO to determine the debt provision estimate and adjustments, including settlements, to taxpayer client accounts. The ANAO identified the following weaknesses:

  • instances of limited documentation to support key judgements made by ATO officers relating to large or complex cases;
  • inconsistent documentation of reconciliation between deeds of settlement and taxpayer client accounts; and
  • several other minor observations arising from debt provision processes and adjustments to the taxpayer client accounts.

3.25.16 These weaknesses increased the risk that key judgements applied by ATO officers were not based on sufficient and appropriate documentation and/or adjustments to taxpayer client accounts may not be correctly recorded. The ANAO undertook additional audit procedures to gain assurance that the 2016−17 financial statements were not materially misstated.

3.25.17 During 2017–18 the ATO has developed a response to the above identified weaknesses. The ATO has advised that this included strengthening the timely identification and understanding of the status of taxpayer disputes, creating consistency in procedures and documentation, improving debt provision processes and the review of instruments in the collation of evidence to support the decision making process. The ANAO will review the ATO’s progress in addressing this finding during the final phase of the 2017–18 audit.

Conclusion

3.25.18 At the completion of the interim audit, and except for the finding outlined above, the ANAO identified that key elements of internal control were operating effectively to provide reasonable assurance that the ATO will be able to prepare financial statements that are free from material misstatement. The effective operation of these controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

3.26 Reserve Bank of Australia

Overview

3.26.1 The objective of the Reserve Bank of Australia (RBA) is to conduct monetary policy, work to maintain a strong financial system and issue the nation’s currency. As well as being a policy-making body, the RBA provides selected banking services to a range of Australian Government entities and to a number of overseas central banks and official institutions. It also manages Australia’s gold and foreign exchange reserves.

3.26.2 Figure 3.26.1 shows RBA’s income, expenses, assets and liabilities as a percentage of the Australian Government’s Consolidated Financial Statements (CFS).

Figure 3.26.1: RBA’s contribution to the Australian Government’s income, expenses, assets and liabilities160

Figure 3.26.1 shows RBA’s 2017 percentage contribution to the Australian Government’s income, expenses, assets and liabilities.

Source: ANAO analysis of CFS and RBA’s financial statements for the year ended 30 June 2017.

3.26.3 Figure 3.26.2 shows the 2016–17 financial statement items reported by RBA and the 2017–18 key areas of financial statements risk.

Figure 3.26.2: Key financial statement items and areas of financial statements risk

Figure 3.26.2 shows RBA’s departmental financial statements for the year ended 30 June 2017, categorised by financial statement classification of, own source income, expenses, assets and liabilities, with the key areas of financial statements risk as per

Source: ANAO analysis and RBA’s financial statements for the year ended 30 June 2017.

3.26.4 The ANAO’s audit approach identifies key areas of risk that have the potential to impact on RBA’s financial statements. The ANAO’s risk assessment process considers the nature of the financial statement items and an understanding of RBA’s environment and governance arrangements, including its financial reporting regime and system of internal control. The observations of performance audit reports tabled since 1 July 2017 and relevant to the financial management or administration of RBA also informs the ANAO’s 2017–18 financial statements audit risk identification processes.

3.26.5 In light of the key areas of risk detailed in Table 3.26.3 and the ANAO’s understanding of the operations of RBA, the ANAO has assessed the risk of a material misstatement as moderate.

Key financial statements items

3.26.6 The operational functions of RBA are funded from: interest income; gains on securities and foreign exchange; and fees and commissions income.

3.26.7 RBA is not required to prepare budgeted financial statements as part of the Commonwealth budget process. Table 3.26.1 and Table 3.26.2 provide a summary of the key financial statements items reported in the audited 2016–17 financial statements.

Table 3.26.1: Key expenses and own-source income

Expenses and own-source income

Actual 2016–17 ($m)

Total expenses

2,443.0

General administrative

406.0

Other

180.0

Net gains/(losses) on securities and foreign exchange

1,857.0

Total own-source income

1,546.0

Net interest income

1,023.0

Fees and commission

473.0

Other

50.0

Net loss

897.0

   

Table 3.26.2: Key assets and liabilities

Assets and liabilities

Actual 2016–17 ($m)

Total assets

194,012.0

Cash and cash equivalents

221.0

Australian dollar investments

104,769.0

Foreign currency investments

83,577.0

Gold

4,147.0

Property, plant and equipment

741.0

Other

557.0

Total liabilities

172,249.0

Deposits

92,669.0

Distribution payable to the Commonwealth

1,286.0

Australian banknotes on issue

73,623.0

Other

4,671.0

Net assets

21,763.0

   

RBA’s staffing level as at 30 June 2017 was 1,369.

Key areas of financial statements risk

3.26.8 The ANAO undertakes appropriate audit procedures on all material items. The ANAO also assesses the IT general and application controls for key systems that support the preparation of RBA’s financial statements. The ANAO focuses audit effort on those areas that are assessed as having a higher risk of material misstatement. Areas highlighted for specific audit coverage in 2017–18 are provided in Table 3.26.3.

Table 3.26.3: Key areas of financial statements risk

Relevant financial statement line item

Key area of risk

Audit risk rating

Factors contributing to risk assessment

Australian dollar investments

Foreign currency investments

Net gains/(losses) on securities and foreign exchange

Valuation of Australian dollar and foreign investments

Higher

  • complexity in determining the fair value of a range of investments; and
  • potential for a significant financial impact from fluctuations in the value of the Australian dollar.

Australian banknotes on issue

Accuracy of the liability for Australian banknotes

Higher

  • accounting judgements applied in assessing the accuracy of the liability for Australian banknotes on issue;
  • security around production, storage and destruction of banknotes; and
  • high volume of note production and the supply and security of banknotes is structurally significant to the economy.

Other liabilities

Valuation of securities sold under repurchase agreements and foreign currency swap liabilities

Moderate

  • complexity in valuing securities sold under repurchase agreements and foreign currency swap liabilities using a variety of methodologies.
       

Source: ANAO 2017–18 risk assessment for RBA.

3.26.9 The ANAO also considers the results of recent performance audits in identifying risks and designing an approach for the financial statements audit. To date, no performance audits were tabled in 2017–18 which had implications for the financial statements audit approach.

Audit results

3.26.10 The ANAO has completed its 2017–18 interim audit coverage, including an assessment of the effectiveness of controls relating to: payments, settlements and banking; and key IT controls over backup and recovery activities for key systems supporting the financial statements. Interim audit coverage also included an assessment of the design of controls relating to overseas operations and a review of the outcomes of the RBA’s Internal Audit on cyber security.

3.26.11 Audit procedures relating to the effectiveness of key processes, where appropriate, will be undertaken as part of the 2017–18 final audit. This includes an assessment of controls over: domestic and international market operations; Australian banknotes on issue; and relevant IT general controls for key systems that supported the preparation of the RBA’s financial statements.

3.26.12 In addition, audit procedures relating to: net gains on foreign exchange and securities; the valuation of foreign currency and Australian dollar investments and deposits; and accuracy of Australian banknotes on issue will be performed as part of the 2017–18 final audit.

3.26.13 To date, audit coverage of the above areas has not identified any new, significant or moderate audit findings. The 2016–17 audit also did not identify any significant or moderate audit findings.

Conclusion

3.26.14 At the completion of the interim audit, the ANAO identified that key elements of non-IT internal control were operating effectively to provide reasonable assurance that RBA will be able to prepare financial statements that are free from material misstatement. The effective operation of these internal controls for the full financial year will be assessed in conjunction with additional audit testing during the 2017–18 final audit.

Appendices

Appendix 1 Listing of entities by Portfolio

1. The following entities have been considered in this report, selected on the basis of their contribution to the income, expenses, assets and liabilities within the consolidated financial statements. The entities are presented in order of portfolio.

  • Department of Agriculture and Water Resources
  • Attorney-General’s Department
  • Department of Communications and the Arts
    • Australian Postal Corporation
    • NBN Co Limited
  • Department of Defence
    • Department of Veterans’ Affairs
  • Department of Education and Training
  • Department of the Environment and Energy
  • Department of Finance
    • Future Fund Management Agency and the Board of Guardians
  • Department of Foreign Affairs and Trade
  • Department of Health
  • Department of Home Affairs
  • Department of Human Services
  • Department of Industry, Innovation and Science
  • Department of Infrastructure, Regional Development and Cities
  • Department of Jobs and Small Business
  • Department of Parliamentary Services
  • Department of the Prime Minister and Cabinet
  • Department of Social Services
    • National Disability Insurance Agency
  • Department of the Treasury
    • Australian Office of Financial Management
    • Australian Taxation Office
    • Reserve Bank of Australia

Appendix 2 Summary of Entities’ Gifts and Benefit Policy requirements

Table: Summary of Entities’ Gifts and Benefit Policy requirements

Entity

Financial year policy updated

Policy published on intranet

Specific reporting timeframe

Threshold for written reporting

Approval required to retain gifts

Centralised register

Requires stocktakea

Department of Agriculture and Water Resources

2013–14

Yes

All

Yes

Yes

Attorney-General’s Department

2014–15

Yes

Greater than $50

Yes

Yes

Department of Communications and the Arts

2016–17

Yes

10 Days

Greater than $50

Yes

Yes

Australian Postal Corporation

2017–18

Yes

Greater than $250

No

Yes

NBN Co Limited

2017–18

Yes

Greater than $200

Yes

Yes

Department of Defence

2014–15

Yes

Greater than $50

Yes

Yes

Department of Veterans’ Affairs

2017–18

Yes

Greater than $50

Yes

Yes

Department of Education and Training

2015–16

Yes

Greater than $20

Yes

Yes

Department of the Environment and Energy

2017–18

Yes

All

Yes

No

Yes

Department of Finance

2016–17

Yes

All non-inconsequentialb

Yes

No

Future Fund Management Agency and the Board of Guardians

2017–18

Yes

Greater than $100

Yes

Yes

Department of Foreign Affairs and Trade

2017–18

Yes

14 Days

All

Yes

No

Department of Health

2017–18

Yes

Greater than $50

Yes

No

Department of Home Affairs

2015–16

Yes

14 Days

Greater than $100

Yes

No

Department of Human Services

2017–18

Yes

Greater than $50

Yes

No

Department of Industry, Innovation and Science

2017–18

Yes

Greater than $100

Yes

No

Department of Infrastructure, Regional Development and Cities

2017–18

Yes

All

Yes

Yes

Department of Jobs and Small Business

2016–17

Yes

Greater than $20

Yes

No

Department of Parliamentary Services

2016–17

Yes

Greater than $200

Yes

No

Yes

Department of the Prime Minister and Cabinet

2014–15

Yes

Greater than $50

Yes

Yes

Department of Social Services

2017–18

Yes

10 days

Greater than $100

Yes

Yes

National Disability Insurance Agency

2014–15

Yes

Greater than $50

Yes

Yes

Department of the Treasury

2014–15

Yes

Greater than $200

Yes

Yes

Australian Office of Financial Management

2016–17

Yes

Yes

Yes

Australian Taxation Office

2017–18

Yes

Greater than $200

Yes

Yes

Reserve Bank of Australia

2016–17

Yes

ASAP by the end of the month.

All

Yes

No

               

Note a: For all entities where a gift or benefit received is greater than an entity’s capitalisation threshold, the asset will be recorded on the fixed asset register and subject to the entities asset management policy including stocktake.

Note b: The Department of Finance policy provides, inconsequential gifts or benefits may be accepted, where there are no ethical issues or conflicts. Inconsequential gifts is defined to include: small gifts such as inexpensive diaries, calendars, pens, caps or scarves; entry to local sporting events; on an ad hoc basis and modest, low value prizes awarded at public events; reasonable hospitality for regular social events and Christmas functions; reasonable hospitality associated with business presentations and seminars.

Source: Gifts and Register Policies.

Appendix 3 Summary of guidance issued for State and Territory Public Sectors

Table: Summary of guidance issued for State and Territory Public Sectors

Publication

Guidance/policy issued

Requires register

Threshold for written reporting

Monitoring Controls

New South Wales, Public Service Commission, Managing Gift and Benefits, available from link [Accessed May 2018]

Provides the minimum standards.

Yes - Recommends centrally whether hard copy or electronic and specifies minimum requirements.

Not specified outlines principles to consider.

Recommend regular reviews of entries.

Queensland Government, Ethics in the Public Service: Gifts and Benefits: available from link [Accessed May 2018]

Issued Directive, guideline and template for reporting gifts and benefits.

Yes – must be published online each quarter.

More than $150 in value individually or if multiple gifts are from the same donor in any financial year and more than $150 cumulative than all reported.

Register published quarterly.

Western Australia Integrity Coordinating Group, Gifts, benefits and hospitality, a guide to good practice. available from link [Accessed May 2018]

Better Practice Guide.

Recommends a register and provides examples of minimum requirements.

Not specified outlines principles to consider.

Recommends regular review of the register analysing quantitative and qualitative information.

Victorian Public Service Commission Gifts, benefits and hospitality resource suite available from link [Accessed May 2018]

Issued guidelines on minimum accountabilities and a model policy.

Yes.

Not specified outlines principles to consider.

Report to audit committee at least annually and publish policy on the website.

Government of South Australia Office for the Public Sector Commissioner for Public Sector Employment Guideline: Gifts and Benefits Available from link

[Accessed May 2018]

Guidelines.

Not specified.

Not specified.

Not specified.

ACT Government Gifts, Benefits and Hospitality Policy available from link [Accessed May 2018]

Policy including sample register and declaration form.

Yes for gifts offered and/or received.

Yes $40.

Senior executives should review at least annually and provide the relevant Director-General a report on compliance, highlighting any matters of concern.

Ombudsman Northern Territory Accepting Gifts, Benefits & Hospitality: Policy Framework for the Northern Territory Public Sector available from link [Accessed May 2018]

Policy Framework.

Noted as an important component of any benefits policy and notes items that should be included as a minimum.

Not specified outlines principles to consider.

Recommends that benefits registers are tested and that there is regular analyses and review of information provided in the register.

         

Appendix 4 The financial reporting and auditing standards frameworks for 2017−18

1. The figure below depicts the standard setting framework for financial reporting and auditing, in the Australian Government context.

Figure A.1: Australian Government standard setting framework

Figure A.1 sets out the figure below depicts the standard setting framework for financial reporting and auditing, in the Australian Government context.

Source: ANAO compilation.

Appendix 5 The financial reporting and auditing framework for 2017–18 financial statements

1. Key elements of the Australian Government’s financial reporting framework are outlined in the diagram below. An overview of the financial reporting requirements for the various types of Australian Government entities covered by the framework and the audit approach for the financial statements of these entities is also described below.

Figure A.2: Australian Government financial reporting framework

Figure A.2 shows the financial reporting and auditing framework for 2017–18 financial statements. Key elements of the Australian Government’s financial reporting framework are outlined in the diagram below. An overview of the financial reporting requireme

Source: ANAO compilation.

Australian Government reporting entities

Commonwealth Government of Australia

2. Section 48 of the PGPA Act requires the Finance Minister to prepare annual consolidated financial statements for the Commonwealth Government of Australia. These financial statements are general purpose financial statements consolidating the financial activities and financial position of Commonwealth entities and other entities controlled by the Commonwealth Government.

3. The PGPA Act prescribes the Australian Accounting Standards (AASs), and any other requirements prescribed by the rules, as the applicable financial reporting framework for the consolidated financial statements.

Commonwealth entities

4. A Commonwealth entity is a department of state, a Parliamentary department, a listed entity or a body corporate established by a law of the Commonwealth. There are two types of Commonwealth entities: a non-corporate Commonwealth entity, which is a Commonwealth entity that is not a body corporate161; and a corporate Commonwealth entity, which is a Commonwealth entity that is a body corporate and legally separate from the Commonwealth.

5. Section 42 of the PGPA Act requires the accountable authority of a Commonwealth entity to prepare annual financial statements that comply with the AASs and any other requirements prescribed by the rules.

6. Resource Management Guide 125: The Commonwealth Entities Financial Statements Guide applies to all Commonwealth reporting entities responsible for preparing financial statements under the Public Governance, Performance and Accountability (Financial Reporting) Rule 2015. The guide includes definitions of terms that have been used in this report.

Non-corporate Commonwealth entities

7. Non-corporate Commonwealth entities, comprising departments of state, Parliamentary departments and listed entities, are subject to the provisions of the PGPA Act.

8. The PGPA Act prescribes the AASs and Financial Reporting Rule (FRR) as the applicable financial reporting framework for non-corporate Commonwealth entities.

Corporate Commonwealth entities and subsidiaries

9. Corporate Commonwealth entities are bodies corporate that hold money on their own account and have been created to perform specific functions. Corporate Commonwealth entities operate under their own enabling legislation and also must comply with the relevant provisions of the PGPA Act.

10. The PGPA Act prescribes the AASs and FRR as the applicable financial reporting framework for corporate Commonwealth entities. The financial reporting framework applicable to subsidiaries of corporate Commonwealth entities depends on the nature of the subsidiary.

Commonwealth companies and subsidiaries

11. Commonwealth companies are companies that are controlled by the Australian Government through majority share holdings or voting rights, or via control over the composition of the company’s board. Commonwealth companies operate and prepare financial statements under the Corporations Act.

12. The applicable financial reporting framework for Commonwealth companies is the Corporations Act 2001 (Corporations Act), including the AASs and the Corporations Regulations.

13. The financial reporting framework applicable to subsidiaries of Commonwealth companies depends on the nature of the subsidiary.

Other bodies

14. The ANAO also audits the financial statements of other bodies under Commonwealth legislation other than the PGPA Act, including the ‘by arrangement’ provisions in section 20 of the Auditor-General Act 1997. Examples of these other bodies include statutory bodies not established as Commonwealth entities and trusts. The financial reporting framework applicable to these other bodies depends on legislation or other rules that govern that entity.

Audit of Australian Government entity financial statements

Audit scope

15. The accountable authority of a Commonwealth entity is responsible for the preparation and fair presentation of the financial statements and for maintaining records, internal controls, procedures and processes that support the preparation of those statements.

16. The Directors of a Commonwealth company, or a company that is a subsidiary of either a Commonwealth entity or a Commonwealth company, are responsible for the preparation of financial statements that give a true and fair view and for maintaining records, internal controls, procedures and processes that support the preparation of that report.

17. The ANAO’s independent audits of financial statements are undertaken to form an opinion whether they are free from material misstatement and present fairly in accordance with applicable accounting standards and legislation. These audits are conducted in accordance with the ANAO Auditing Standards, which incorporate the Australian Auditing Standards and provide reasonable assurance.

18. Audit procedures include an examination of the entity’s records and its internal control, information systems, control procedures and statutory disclosure requirements. Evidence supporting the amounts and other information in the statements is examined on a test basis, and accounting policies and significant accounting estimates are evaluated.

19. The entity’s internal control relevant to the entity’s preparation and fair presentation of the financial statements or reports is considered in order to design audit procedures that are appropriate in the circumstances. In some audits, audit procedures concentrate primarily on substantiating the amounts appearing in the financial statements and do not include detailed testing of systems and internal controls.

20. The primary responsibility for the prevention and detection of fraud and error rests with both those charged with the governance and the management of an entity. The auditor is not responsible for the prevention or detection of fraud and error.

The auditor’s report on financial statements

21. The ANAO auditor’s report on the financial statements includes a statement of the auditor’s opinion as to whether the financial statements present fairly the entity’s financial position, the results of its operations and its cash flows in accordance with the applicable financial reporting framework.

22. If the auditor is not of that opinion, the auditor’s opinion is modified, with the reasons being indicated.

23. The auditor’s report on the financial statements may also include an ‘emphasis of matter,’ ‘other matter’ or ‘material uncertainty related to going concern’ paragraph. A report on other legal and regulatory requirements may accompany the auditor’s report on the financial statements. The inclusion of these paragraphs does not modify the auditor’s opinion.

Form of auditor’s opinion

24. An auditor’s opinion is described as ‘unmodified’ when the auditor concludes that the financial statements are prepared, in all material respects, in accordance with the applicable financial reporting framework.

25. An auditor’s opinion may be ‘modified’ in one of three ways.

  • A ‘qualified opinion’ is expressed when the auditor, having obtained sufficient appropriate audit evidence, concludes that misstatements, individually or in aggregate, are material but not pervasive to the financial statements. A ‘qualified opinion’ is also expressed when the auditor, having been unable to obtain sufficient appropriate audit evidence, concludes that the possible effects on the financial statements of undetected misstatements could be material but not pervasive.
  • A ‘disclaimer of opinion’ is expressed when the auditor, having been unable to obtain sufficient appropriate audit evidence on which to base the opinion, concludes that the possible effects on the financial statements of undetected misstatements could be both material and pervasive. A ‘disclaimer of opinion’ is also expressed when the auditor, having been able to obtain sufficient appropriate audit evidence regarding individual uncertainties, concludes that the potential interaction of the uncertainties and their possible cumulative effect on the financial report cannot be determined.
  • An ‘adverse opinion’ is expressed when the auditor, having obtained sufficient appropriate audit evidence, concludes that misstatements individually or in aggregate, are both material and pervasive to the financial statements.
Emphasis of matter

26. An ‘emphasis of matter’ paragraph is included in the auditor’s report when the auditor considers it necessary to draw to users’ attention a matter presented in the financial statements that, in the auditor’s judgement, is of such importance that it is fundamental to the users’ understanding of the financial statements. The circumstances in which an emphasis of matter is used include:

  • when financial statements and the auditor’s report have been issued and a fact is discovered that leads to revised financial statements and a new auditor’s report being prepared; and
  • when financial statements have been prepared in accordance with a special purpose framework, and as a result the financial statements may not be suitable for another purpose.
Other matter

27. The auditor’s report on the financial statements may also include a reference to an ‘other matter’. This allows the auditor to communicate a matter other than a matter that is presented or disclosed in the financial statements that, in the auditor’s judgement, is relevant to users’ understanding of the audit, the auditor’s responsibilities or the auditor’s report.

Material uncertainty related to going concern

28. The auditor’s report on the financial statements will also include a reference to a ‘material uncertainty related to going concern’ when there are possible or actual events or conditions that may cast significant doubt on an entity’s ability to continue as a going concern and the financial statements include adequate disclosure about the uncertainty and management’s plans to deal with the uncertainty.

Report on other legal and regulatory requirements

29. The auditor’s report on the financial statements may also include a report on other legal and regulatory requirements. This report covers matters that the Auditor-General is required by law to report on in conjunction with the financial statements audit.

Footnotes

1 The term ‘entity’ applies to all organisations subject to the Public Governance, Performance and Accountability Act 2013 (PGPA Act).

2 The Departments of: Communications and the Arts; Defence; Home Affairs; the Prime Minister and Cabinet; and the Australian Taxation Office.

3 ANAO Report No.60 2016–17 Interim Report on Key Financial Controls of Major Entities reported on 25 entities. In 2017–18, the ANAO expanded the entities to include the National Disability Insurance Agency. The analysis in this report, including prior year findings, has been adjusted to reflect the inclusion of this entity.

4 There is a range of different governance structures within the Commonwealth depending on an entity’s particular legal status or its enabling legislation. The term ‘accountable authority’ as defined in the PGPA Act is used in this report to describe the person or body responsible for an entity’s governance.

5 Section 15 of the PGPA Act.

6 The Departments of: Communications and the Arts; Defence; Home Affairs; the Prime Minister and Cabinet; and the Australian Taxation Office.

7 In accordance with section 8 of the PGPA Act finance law means the PGPA Act; or PGPA Rules; any instrument made under the PGPA Act; or Appropriation Acts.

8 Section 20A of the PGPA Act authorises accountable authorities to give instructions to officials in their entities on any matter necessary or convenient for carrying out or giving effect to the Act or the rules.

9 Sections 45 and 92 of the PGPA Act.

10 Principle 4: Safeguard integrity in corporate reporting, Recommendation 4.1, Corporate Governance Principles and Recommendations, 3rd edition, ASX Corporate Governance Council. S&P/ASX 300 entities are required to comply with these recommendations regarding the structure of audit committees.

11 The following entities appointed independent chairs during 2017–18: the Australian Taxation Office (May 2018); and the Departments of: Foreign Affairs and Trade (March 2018); Jobs and Small Business (October 2017); and Social Services (November 2017).

12 Australian Public Service Commission, APS Values and Code of Conduct in Practice, section 5.4.1 {Internet}, http://www.apsc.gov.au/publications-and-media/current-publications/values-and-conduct [Accessed May 2018].

13 Ibid., section 5.4.8.

14 A summary of State and Territory guidance is provided in Appendix 3.

15 The entities that have not updated gifts and benefits policies within the last two financial years are: the Attorney-General’s Department; the Departments of: Agriculture and Water Resources; Defence; the Treasury; Education and Training; and the Prime Minister and Cabinet; and the National Disability Insurance Agency.

16 The Departments of: Communications and the Arts; Foreign Affairs and Trade; Home Affairs; and Social Services.

17 The Reserve Bank of Australia.

18 For Australia Post, the gifts and hospitality policy works in conjunction with the Ethics policy where the obligation/onus is on the employee to determine the appropriateness of accepting the gift or benefit. Once a gift is given, the employee is obliged to disclose the gift if above $250. If the employee has any doubt or confusion advice should be sought from their direct line manager.

19 The Australian Office of Financial Management policy requires that all gifts above $350 are reported to the Chief Executive Officer, gifts under $350 are reported to supervisors.

20 The Department of Finance’s policy provides, inconsequential gifts or benefits may be accepted, where there are no ethical issues or conflicts. Inconsequential gifts is defined to include: small gifts such as inexpensive diaries, calendars, pens, caps or scarves; entry to local sporting events; on an ad hoc basis and modest, low value prizes awarded at public events; reasonable hospitality for regular social events and Christmas functions; reasonable hospitality associated with business presentations and seminars.

21 The Departments of: the Environment and Energy; Finance; Foreign Affairs and Trade; Health; Home Affairs; Human Services; Industry, Innovation and Science; Jobs and Small Business; and Parliamentary Services; and the Reserve Bank of Australia.

22 The Departments of: Defence; the Environment and Energy; the Treasury; and Veterans’ Affairs.

23 The Department of the Environment and Energy requires annual stocktakes to be completed at the divisional level. The gifts received by the Department of Parliamentary Services, consists of artwork which is subject to an annual stocktake.

24 The Commonwealth Fraud Control Framework has three components the fraud rule and policy, which are binding for non-corporate entities and the guidance which is considered to be best practice. Part 6.1 of the fraud guidance notes that risk assessments should be conducted at least every two years.

25 In accordance with section 8 of the PGPA Act finance law means the PGPA Act; or PGPA Rules; any instrument made under the PGPA Act; or Appropriation Acts.

26 RMG 214 does not apply to NBN Co Limited (NBN). NBN is required to report significant issues to the Minister in accordance with the PGPA Act and other matters as required under the Corporations Act 2001. In 2016–17, NBN identified no matters that required reporting.

27 The ANAO did not undertake audit procedures to make an assessment of, or conclude on, judgements made by an accountable authority to determine whether non-compliance was significant.

28 The Department of the Environment and Energy, the Future Fund Management Agency and the Board of Guardians and the National Disability Insurance Agency.

29 Department of Defence 2016–17 Annual Report page 69.

30 The analysis excludes the Department of Foreign Affairs and Trade and the NBN Co Limited.

31 The Australian Postal Corporation and the Reserve Bank of Australia.

32 The Departments of: Agriculture and Water Resources; Defence; and Home Affairs.

33 Breaches of section 23 of the PGPA Act include: failure to obtain appropriate delegate approval prior to entering into contracts; and exceeding a delegate’s approval.

34 The number of prior year findings have been adjusted to reflect the inclusion of the National Disability Insurance Agency in this report as discussed at paragraph 1.3.

35 At time of compilation the ANAO had not completed assessments of the control environments of NBN Co Limited, the Reserve Bank of Australia and the Future Fund Management Agency and the Board of Guardians.

36 Further details regarding the moderate findings can be found in the following entities’ detailed in chapter 3 for the Departments of: Defence, Home Affairs, the Prime Minister and Cabinet; and the National Disability Insurance Agency.

37 Further details regarding the moderate findings can be found in the following entities’ detailed in chapter 3 for the Departments of: Defence; Home Affairs; the Prime Minister and Cabinet; and the National Disability Insurance Agency.

38 Australian Government Information Security Manual (ISM) control 0430.

39 For further detail regarding the moderate finding in this category, refer to the detailed results in chapter 3 for the Department of Home Affairs and the National Disability Insurance Agency.

40 ISM control 1175.

41 ITIL (formerly Information Technology Infrastructure Library) is a framework for designing, implementing, delivering and managing IT services. It was originally developed in the 1990s with the support of the British government, and has been widely adopted by public and private sector entities world-wide.

42 ANAO Report No. 50 2013–14, Cyber Attacks: Securing Agencies’ ICT System; ANAO Report No. 37 2015–16 Cyber Resilience and ANAO Report No. 42 2016–17 Cybersecurity Follow-up Audit.

43 The strategies are application whitelisting, patching applications, patching operating systems and minimising administrative privileges.

44 Three entities in this report are corporate Commonwealth entities, and not required to report on compliance with the PSPF. NBN Co Limited is also not required to report and has voluntarily reported.

45 One significant audit finding Child Care Compliance – estimated incorrect payments was resolved during the 2016–17 final audit. Details regarding this finding were reported in ANAO Report No.24 2017–18 Audits of the Financial Statements of Australian Government Entities for the Period Ended 30 June 2017.

46 Further details regarding the moderate audit findings can be found in the following entities’ detailed in chapter 3: the Australian Taxation Office; Department of Communication and the Arts and the National Disability and Insurance Agency.

47 Details regarding these findings were reported in ANAO Report No.24 2017–18 Audits of the Financial Statements of Australian Government Entities for the Period Ended 30 June 2017.

48 For-profit entities will apply the requirements for financial years commencing on or after 1 January 2018.

49 These arrangements were established by the Administrative Arrangements Order of 1 September 2017 incorporating amendments up to the 20 December 2017.

50 As at 31 May 2018 the following appropriation bills had not received passed through Parliament: Appropriation Bill (No.5) 2017–18 and Appropriation Bill (No.6) 2017–18.

51 These tables may contain rounding differences as a result of the rounding of balances.

52 The CFS balances have not been adjusted to eliminate inter-governmental transactions.

53 The CFS balances have not been adjusted to eliminate inter-governmental transactions.

54 The ANAO’s rating scale for findings can be found chapter 1 at Table 1.2.

55 The CFS balances in Figure 3.1.1 have not been adjusted to eliminate inter-governmental transactions.

56 Figures in Table 3.1.1 and Table 3.1.2 have been sourced from Agriculture’s Portfolio Budget Statements 2018–19.

57 This is provided through Appropriation Act (No.1) 2017–2018, Appropriation Act (No.2) 2017–2018, Appropriation Act (No.3) 2017–2018 and Appropriation Act (No.4) 2017–2018 which have passed through Parliament and Appropriation Bill (No.5) 2017–18 which is yet to pass through Parliament.

58 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

59 As a result of the Administrative Arrangement Order in December 2017, the Annual appropriation balances reported in the 2017–18 financial statements will be amended following the issue of a section 75 transfer determination (PGPA Act - transfer of functions between non-corporate commonwealth entities).

60 The CFS balances in Figure 3.2.1 have not been adjusted to eliminate inter-governmental transactions.

61 Figures in Table 3.2.1 and Table 3.2.2 have been sourced from AGD’s Portfolio Budget Statements 2018–19.

62Appropriation Act (No.1) 2017–2018, Appropriation Act (No.2) 2017–2018, Appropriation Act (No.3) 2017–2018 and Appropriation Act (No.4) 2017–2018.

63 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

64 As a result of the Administrative Arrangement Order in December 2017, the Annual appropriation balances reported in the 2017–18 financial statements will be amended following the issue of a section 75 transfer determination (PGPA Act - transfer of functions between non-corporate commonwealth entities).

65 The CFS balances in Figure 3.3.1 have not been adjusted to eliminate inter-governmental transactions.

66 Figures in Table 3.3.1 and Table 3.3.2 have been sourced from Communications’ Portfolio Budget Statements 2018–19.

67Appropriation Act (No.1) 2017–2018, Appropriation Act (No.2) 2017–2018 and Appropriation Act (No.3) 2017–2018.

68 Sourced from Communications’ Budget Statements 2018–19

69 The CFS balances in Figure 3.4.1 have not been adjusted to eliminate inter-governmental transactions.

70 The CFS balances in Figure 3.5.1 have not been adjusted to eliminate inter-governmental transactions.

71 The CFS balances in Figure 3.6.1 have not been adjusted to eliminate inter-governmental transactions.

72 Figures in Table 3.6.1 and Table 3.6.2 have been sourced from Defence’s Portfolio Budget Statements 2018–19.

73 This is provided through Appropriation Act (No.1) 2017–2018, Appropriation Act (No.2) 2017–2018, and Appropriation Act (No.3) 2017–18 which have passed through Parliament and Appropriation Bill (No.5) 2017–18 which is yet to pass through Parliament.

74 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

75 Users with administrative privileges, commonly referred to as privileged user access, are able to make significant changes to IT systems configuration and operation, bypass critical security settings and access sensitive information. Source: Australian Government Information Security Manual. This is discussed in chapter 1 paragraphs 1.70 to 1.78 of this report.

76 The CFS balances in Figure 3.7.1 have not been adjusted to eliminate inter-governmental transactions.

77 Figures in Table 3.7.1 and Table 3.7.2 have been sourced from DVA’s Portfolio Budget Statements 201819.

78Appropriation Act (No.1) 2017–2018, Appropriation Act (No.2) 2017–2018, Appropriation Act (No.3) 2017–2018 and Appropriation Act (No.4) 2017–2018.

79 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

80 The CFS balances in Figure 3.8.1 have not been adjusted to eliminate inter-governmental transactions.

81 Figures in Table 3.8.1 and Table 3.8.2 have been sourced from Education’s Portfolio Budget Statements 2018–19.

82 This is provided through Appropriation Act (No.1) 2017–2018, Appropriation Act (No.2) 2017–2018, Appropriation Act (No.3) 2017–2018 and Appropriation Act (No.4) 2017–2018 which have passed through Parliament and Appropriation Bill (No.5) 2017–18 which has yet to pass through Parliament.

83 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

84 The CFS balances in Figure 3.9.1 have not been adjusted to eliminate inter-governmental transactions.

85 Figures in Table 3.9.1 and Table 3.9.2 have been sourced from Environment’s Portfolio Budget Statements 2018–19.

86 This is provided through Appropriation Act (No.1) 2017–18, Appropriation Act (No. 2) 2017–18, Appropriation Act (No.3) 2017–18 and Appropriation Act (No.4) 2017–18 which have passed through Parliament and Appropriation Bill (No.5) 2017–18 and Appropriation Bill (No.6) 2017–18 which are yet to pass through Parliament.

87 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

88 The CFS balances in Figure 3.10.1 have not been adjusted to eliminate inter-governmental transactions.

89 Figures in Table 3.10.1 and Table 3.10.2 have been sourced from Finance’s Portfolio Budget Statements 2018–19.

90Appropriation Act (No.1) 2017–18, Appropriation Act (No.2) 2017–18, Appropriation Act (No.3) 2017–18 and Appropriation Act (No.4) 2017–18.

91 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

92 The CFS balances in Figure 3.11.1 have not been adjusted to eliminate inter-governmental transactions.

93 Figures in Table 3.11.1 and Table 3.11.2 have been sourced from the Future Fund’s Portfolio Budget Statements 2018–19.

94 The CFS balances in Figure 3.12.1 have not been adjusted to eliminate inter-governmental transactions.

95 Figures Table 3.12.1 and Table 3.12.2 have been sourced from DFAT’s Portfolio Budget Statements 2018–19.

96Appropriation Act (No.1) 2017–2018 and Appropriation Act (No.2) 2017–2018.

97 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

98 The CFS balances in Figure 3.13.1 have not been adjusted to eliminate inter-governmental transactions.

99 Figures in Table 3.13.1 and Table 3.13.2 have been sourced from Health’s Portfolio Statements 2018–19.

100 This is provided through Appropriation Act (No.1) 2017–18, Appropriation Act (No. 2) 2017–18, Appropriation Act (No.3) 2017–18 and Appropriation Act (No.4) 2017–18 which have passed through Parliament and Appropriation Bill (No.5) 2017–18 and Appropriation Bill (No.6) 2017–18 which are yet to pass through Parliament.

101 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

102 The CFS balances in Figure 3.14.1 have not been adjusted to eliminate inter-governmental transactions.

103 Figures in Table 3.14.1 and Table 3.14.2 have been sourced from Home Affairs’ Portfolio Budget Statements 2018–19.

104 This is provided through Appropriation Act (No.1) 2017–2018, Appropriation Act (No.2) 2017–2018, Appropriation Act (No.3) 2017–2018, and Appropriation Act (No.4) 2017–2018 which have passed through Parliament and Appropriation Bill (No.5) 2017–18 and Appropriation Bill (No.6) 2017–18 which are yet to pass through Parliament.

105Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

106 As a result of the Administrative Arrangement Order in December 2017, the Annual appropriation balances reported in the 2017–18 financial statements will be amended following the issue of a section 75 transfer determination (PGPA Act - transfer of functions between non-corporate commonwealth entities).

107 As part of the amendment to the Administrative Arrangements Order on 20 December 2017 the Human Services Portfolio was established.

108 The expenses associated with the payments made by Human Services are reported in the responsible entities’ financial statements.

109 The CFS balances in Figure 3.15.1 have not been adjusted to eliminate inter-governmental transactions.

110 Figures in Table 3.15.1 and Table 3.15.2 have been sourced from Human Services’ Portfolio Budget Statements 2018–19.

111Appropriation Act (No.1) 2017–18, Appropriation Act (No.2) 2017–18, Appropriation Act (No.3) 2017–18 and Appropriation Act (No.4) 2017–18.

112 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

113 The ANAO has identified an additional three risks in relation to the services provided by DHS for other Commonwealth entities.

114 As part of the amendment to the Administrative Arrangements Order on 20 December 2017 the Jobs and Innovation Portfolio was established. The portfolio contains two sub-portfolios: Jobs and Small Business, and Industry, Innovation and Science. The Department of Industry, Innovation and Science is the lead entity in the Industry, Innovation and Science sub-portfolio.

115 The CFS balances in Figure 3.16.1 have not been adjusted to eliminate inter-governmental transactions.

116 Figures in Table 3.16.1 and Table 3.16.2 have been sourced from Industry’s Portfolio Budget Statements 2018–19.

117 This is provided through Appropriation Act (No.1) 2017–2018, Appropriation Act (No.2) 2017–2018, Appropriation Act (No.3) 2017–2018, and Appropriation Act (No.4) 2017–2018 which have passed through Parliament and Appropriation Bill (No.5) 2017–18 which is yet to pass through Parliament.

118 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

119 The CFS balances in Figure 3.17.1 have not been adjusted to eliminate inter-governmental transactions.

120 Figures in Table 3.17.1 and Table 3.17.2 have been sourced from Infrastructure’s Portfolio Budget Statements 2018–19.

121Appropriation Act (No.1) 2017–2018, Appropriation Act (No.2) 2017–2018 and Appropriation Act (No.3) 2017–2018.

122 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

123 As a result of the Administrative Arrangement Order in December 2017, the Annual appropriation balances reported in the 2017–18 financial statements will be amended following the issue of a section 75 transfer determination (PGPA Act - transfer of functions between non-corporate commonwealth entities).

124 The employment services program known as ‘jobactive’ is delivered through a deed of agreement between the Department of Jobs and Small Business and third-party service providers. New arrangements came into force on 1 July 2015 amounting to $7.5 billion over five years.

125 As part of the amendment to the Administrative Arrangements Order on 20 December 2017 the Department of Employment became the Department of Jobs and Small Business and the Jobs and Innovation Portfolio was established. The portfolio contains two sub-portfolios: Jobs and Small Business, and Industry, Innovation and Science. The Department of Jobs and Small Business is the lead entity in the Jobs and Small Business sub-portfolio.

126 The CFS balances in Figure 3.18.1 have not been adjusted to eliminate inter-governmental transactions.

127 Figures in Table 3.18.1 and Table 3.18.2 have been sourced from Job’s Portfolio Budget Statements 2018–19.

128 This is provided through Appropriation Act (No.1) 2017–2018, Appropriation Act (No.2) 2017–2018, Appropriation Act (No.3) 2017–2018 and Appropriation Act (No.4) 2017–2018 which have passed through Parliament and Appropriation Bill (No.5) 2017–18 which is yet to pass through Parliament.

129 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

130 The CFS balances in Figure 3.19.1 have not been adjusted to eliminate inter-governmental transactions.

131 Figures in Table 3.19.1 and Table 3.19.2 have been sourced from DPS’ Portfolio Budget Statements 2018–19.

132Appropriation (Parliamentary Departments) Act (No.1) 2017–2018.

133 As a result of an amendment to the Administrative Arrangements Order on 20 December 2017 the functions for the national policy on cities, infrastructure project financing and population policy transferred from the Department of the Prime Minister and Cabinet to the Department of Infrastructure, Regional Development and Cities.

134 The CFS balances in Figure 3.20.1 have not been adjusted to eliminate inter-governmental transactions.

135 Figures in Table 3.20.1 and Table 3.20.2 have been sourced from PM&C’s Portfolio Budget Statements 2018–19.

136Appropriation Act (No.1) 2017–2018, Appropriation Act (No.2) 2017–2018, Appropriation Act (No.3) 2017–2018 and Appropriation Act (No.4) 2017–2018.

137 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

138 Particularly the Department of Human Services, which is responsible for processing a high volume of payments across numerous personal benefit types with varying complexities on behalf of DSS.

139 As a result of the amendment to Administrative Arrangements Order on 20 December 2017, responsibility for multicultural affairs transferred from DSS to the Department of Home Affairs.

140 The CFS balances in Figure 3.21.1 have not been adjusted to eliminate inter-governmental transactions.

141 Figures in Table 3.21.1 and Table 3.21.2 have been sourced from DSS’ Portfolio Budget Statements 2018–19.

142 This is provided through Appropriation Act (No.1) 2017–2018, Appropriation Act (No.2) 2017–2018 and Appropriation Act (No.3) 2017–2018 which have been passed through Parliament and Appropriation Bill (No.5) 2017–18 and Appropriation Bill (No.6) 2017–18 which are yet to pass through Parliament.

143 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

144 The CFS balances in Figure 3.22.1 have not been adjusted to eliminate inter-governmental transactions.

145 Figures in Table 3.22.1 and Table 3.22.2 have been sourced from NDIA’s Portfolio Budget Statements 2018–19.

146 Table 1.1 National Disability Insurance Agency resource statement – NDIA’s Portfolio Budget Statements 2018–19.

147 The CFS balances in Figure 3.23.1 have not been adjusted to eliminate inter-governmental transactions.

148 Figures in Table 3.23.1 and Table 3.23.2 have been sourced from Treasury’s Portfolio Budget Statements 2018–19.

149Appropriation Act (No. 1) 2017–2018, Appropriation Act (No. 2) 2017–2018 and Appropriation Act (No. 3) 2017–2018.

150 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19.

151 As a result of the Administrative Arrangement Order in December 2017, the Annual appropriation balances reported in the 2017–18 financial statements will be amended following the issue of a section 75 transfer determination (PGPA Act - transfer of functions between non-corporate commonwealth entities).

152 The CFS balances in Figure 3.24.1 have not been adjusted to eliminate inter-governmental transactions.

153 Figures in Table 3.24.1 and Table 3.24.2 have been sourced from AOFM’s Portfolio Budget Statements 2018–19.

154Appropriation Act (No.1) 2017–18 and Appropriation Act (No.2) 2017–18.

155 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2018–19 and AOFM Portfolio Budget Statements 2018–19, Table 1.1 AOFM Resource Statement

156 The CFS balances in Figure 3.25.1 have not been adjusted to eliminate inter-governmental transactions.

157 Figures in Table 3.25.1 and Table 3.25.2 have been sourced from ATO’s Portfolio Budget Statements 2018–19.

158Appropriation Act (No.1) 2017–2018 and Appropriation Act (No.2) 2017–2018.

159 Part 1: Special Appropriations Table, Agency Resourcing, Budget Paper No.4, 2017–18.

160 The CFS balances in Figure 3.26.1 have not been adjusted to eliminate inter-governmental transactions.

161 Three entities have a body corporate status but are prescribed as non-corporate Commonwealth entities. These are the Australian Competition and Consumer Commission; the Australian Prudential Regulation Authority; and the Australian Securities and Investments Commission.