The objective of this audit was to assess the effectiveness of Defence’s administration of allowances and entitlements paid to its Australian Public Service (APS) employees.

Summary and recommendations

Background

1. Where Australian Public Service (APS) employees1 are required to travel on Department of Defence (Defence) business, Defence’s policy is that it will provide its employees with the facility to meet reasonable travel costs on the basis that they neither gain nor lose financially.

2. Travel allowance payments are made through the Defence Travel Card (DTC)2, Defence’s payroll system and Defence’s financial management information system, depending on the type of allowance and whether the traveller has a DTC. The estimated amount of travel allowances paid to APS employees through the three payment systems for the period 1 July 2016 to 30 June 2018 is shown in Table 1.

Table 1: Estimate of travel allowances paid to Australian Public Service employees in Defence (July 2016 to June 2018)

Allowance type

Payment method

2016–17

$ (estimate)d

2017–18

$ (estimate)d

Meals and incidentalsa

DTCs (primarily cash withdrawals)

16,900,244

17,110,518

Meals and incidentals

Defence financial management information systemb

147,754

145,844

Motor vehicle

Defence payroll system

357,983

366,212

Part day travel

Defence payroll system

181,428

179,485

Totalc

 

17,587,409

17,802,059

       

Note a: Defence defines incidentals as minor expenses incurred casually and in addition to the amounts provided for meals.

Note b: Used when the employee does not hold a DTC, or when the card is not accepted.

Note c: This total is net of refunded, repaid, and disputed transactions during the period, which appear as negative amounts in each of the three systems listed.

Note d: The reasons amounts reported are estimates rather than actuals, and the criteria and method used to compile information for this set of transactions are outlined in Appendix 3.

Source: ANAO analysis of Defence data.

Rationale for undertaking the audit

3. The administration of employee allowances is a routine corporate function undertaken by government sector entities. Effective arrangements for the administration of allowances support entities to demonstrate the proper use of public money.

4. This audit focused on travel allowances, rather than all allowances paid to Defence’s APS employees as originally outlined in the ANAO’s 2017–18 Annual Audit Work Plan, because:

  • the results of an audit focusing on common allowances paid to public sector employees were expected to be useful to all government sector entities;
  • Defence has identified the fraudulent use of a Defence credit card (including the DTC) as a Defence-wide risk; and
  • testing conducted by the ANAO in the course of auditing Defence’s financial statements in recent years identified non-compliance with regard to travel allowance payment approvals.

5. Auditor‐General Report No.33 2015–16, Defence’s Management of Credit and other Transaction Cards (which included the DTC) found that Defence did not have a complete and effective set of controls to manage the use of credit and other transaction cards. In May 2017, the Parliament’s Foreign Affairs, Defence and Trade References Committee expressed interest in the Auditor-General following up on the recommendations made in that audit report.3 This audit includes an examination of Defence’s implementation of the two recommendations made in the previous audit report that are applicable to the DTC.

Audit objective, criteria and scope

6. The objective of this audit was to assess the effectiveness of Defence’s administration of travel allowances paid to its APS employees. To form a conclusion against the audit objective, the ANAO adopted the following high-level criteria:

  • Defence has appropriate arrangements that support accurate payments of travel allowances to eligible APS staff; and
  • Defence has effective arrangements in place to provide assurance over the payment of travel allowances to APS staff.

7. This performance audit focuses on Defence’s systems and processes to support travel allowance payments made to Defence’s APS employees during the period 1 July 2016 to 30 June 2018. The audit examined three types of travel allowance payments: meals and incidentals, motor vehicle, and part day travel. The rates for each type of allowance are outlined in Appendix 2.

Conclusion

8. Defence’s administration of travel allowances paid to its Australian Public Service (APS) employees is not fully effective.

9. Defence’s administrative arrangements to support the payment of travel allowances to APS employees exhibit shortcomings, which reduce their appropriateness. These include: inconsistency in guidance; a failure to consistently reflect policy requirements in guidance and supporting tools (such as travel calculators); and the division of policy and administrative responsibility across three Defence Groups. The 2015 Review of Red Tape in Defence made similar findings and recommended that Defence produce a ‘single, brief policy guidance document in plain English’ on official travel and the use of the Defence Travel Card. Defence reported internally that it had addressed this recommendation, when it had not. Another agreed recommendation to give overarching policy and administrative responsibility to one Defence Group, has not yet been implemented. Defence advised that, as a result of this audit, it had established a Travel Board in May 2019 to govern travel policy, controls, processes and compliance. It is too early to establish whether this arrangement will address the intent of the 2015 Review of Red Tape in Defence recommendations.

10. Defence’s arrangements for providing assurance over the payment of travel allowances to APS employees are not fully effective. Defence has identified shortcomings in the design of detective controls for credit cards and ANAO testing of a sample of travel allowance transactions indicates that preventative controls are not fully effective. This performance audit identified a number of instances where Defence reports to senior committees overstated the progress of activities intended to improve assurance across the administration of travel and credit cards. These instances included: incorrect advice about residual risk; and advice that recommendations from reviews and audits had been addressed, when they had not.

11. A key feature of this audit has been that Defence’s senior committees have been provided with advice that overstates the progress of activities intended to improve the administration of travel allowances and credit cards. Inaccurate performance reporting reduces accountability and senior leaders’ ability to assess risks and consider the need for remediation strategies.

Supporting findings

Defence’s management of travel allowances

12. Defence has established arrangements for the administration of travel allowances including accessible processes, procedures and tools for calculating travel budgets, documenting the travel approval process and enabling payment of travel allowances. Administrative responsibilities for the arrangements continue to be divided between three Defence Groups, notwithstanding an agreed recommendation from the 2015 Review of Red Tape in Defence to consolidate responsibility for travel in the Defence Finance Group. Defence informed the ANAO that, as a result of this audit, it had established a Travel Board in May 2019 to bring together the Defence groups responsible for overseeing travel expenditure.

13. The guidance and tools available to APS employees about travel allowances do not consistently reflect policy requirements. Defence’s collection of policies, procedures and guidance on travel allowances is fragmented and spread across multiple documents, tools and intranet pages. In April 2019, Defence implemented a new travel intranet site, which improves clarity and accessibility of information, but gaps, duplication and inconsistencies remain. Defence has not implemented agreed recommendation 19 of the 2015 Review of Red Tape in Defence relating to the simplification of guidance, even though it reported to a senior committee in 2018 that it had done so.

Defence’s assurance and reporting arrangements for travel allowances

14. Risks associated with the payment of travel allowances have been assessed and Defence has identified controls to manage identified risks. The March 2018 Enterprise Wide Defence Credit Cards Fraud Risk Assessment (current as at June 2019) identified three areas of high risk and set out controls that were expected to reduce the residual risk to ‘medium’. In March 2019, Defence Finance Group recommended that the Enterprise Business Committee note that ‘no individual high risk areas within financial management decision making have been identified’. Defence advised that its recommendation took into consideration ‘work that had been undertaken to mitigate some of the risks’. However, the committee was not advised that the controls set out in the March 2018 risk assessment had not yet been fully implemented or that the effectiveness of additional compliance activities had not yet been assessed.

15. Defence has not yet established appropriate and effective controls to ensure that accurate travel allowances are paid to eligible employees. ANAO analysis indicated that Defence’s preventative controls are not fully effective, with Defence unable to provide documented approvals for 21 per cent of the sample travel allowance transactions reviewed as part of this audit. Defence has progressively implemented detective controls since July 2017, in the form of credit card compliance activities, and expects that these activities will continue to evolve to address emerging and ongoing risks.

16. Defence has not fully implemented recommendations from the following review and audit relating to the administration of travel allowances:

  • The 2015 Review of Red Tape in Defence made 20 recommendations related to Defence’s administration of travel. Defence reported to its Enterprise Business Committee that ten of these recommendations had been completed as at 14 February 2018. The ANAO assessed that of the 10 recommendations reported as completed, five have not yet been implemented.
  • Auditor-General Report No.33 2015–16, Defence’s Management of Credit and other Transaction Cards made two recommendations to improve Defence’s management of credit cards. Defence advised that these recommendations had been completed in January 2016 and March 2016 respectively. The ANAO has assessed that one recommendation has been partially implemented, and the other has been progressively implemented since July 2017.

17. The 2015 Review of Red Tape in Defence recommended the introduction of an automated travel management system to simplify and improve the effectiveness of Defence’s administration of travel. In December 2016, Defence approved $11.9 million to implement the Travel and Expense Management project, which was ‘paused’ in March 2019, and subsequently ‘ceased’, after expenditure of over $10 million and delays in implementation. Reporting to the Enterprise Business Committee on the status of this project was largely positive until December 2018, shortly before the project was paused.

18. Assurance on compliance activities is provided internally through regular reporting to the Defence Enterprise Business Committee and Defence Audit and Risk Committee. External assurance on compliance with minimum standards for managing risks and incidents of fraud is provided through annual certification by the accountable authority, as required by the Public Governance, Performance and Accountability Rule 2014. This performance audit identified instances where Defence reports to senior committees overstated the progress of activities intended to improve the administration of travel and credit cards.

Recommendations

Recommendation no.1

Paragraph 2.38

Defence:

  1. review its travel guidance material to eliminate duplication and inconsistency and promote compliance with relevant policies and processes; and
  2. implement a process that ensures Defence policy relevant to travel is accurately reflected in guidance material and tools.

Department of Defence Response: Agreed.

Summary of the Department of Defence’s response

19. The proposed report was provided to the Department of Defence. The Department’s summary response is below and its full response is at Appendix 1.

Defence welcomes the findings contained in the audit report on Defence’s Administration of Travel Allowances paid to APS employees and agrees with the single recommendation.

Through its own internal review processes, Defence had already begun work on a number of initiatives to improve its administration and oversight of travel allowances and associated travel card processes. Defence has been actively improving the administration of travel allowances, making significant progress in the last six months. Some improvement initiatives were delayed pending the introduction of the travel requisition and expense management system project that was being relied upon to introduce a range of new controls. Following testing, this project has now ceased.

Defence commenced the implementation of a system that would support the administration of travel including the requisition, approval and acquittal of travel. Defence envisaged that this replacement system would also undertake the calculation and authorisation of travel allowances. Such issues were the subject of previous review recommendations. It became apparent through the implementation project that the varied and complex nature of some of the travel allowances paid to Australian Defence Force (ADF) and Australian Public Service (APS) officials would make the use of an off the shelf commercial software system difficult at this time. Defence will implement further controls and processes for travel administration whilst meeting the business requirements of the organisation. Principles underpinning this work will focus on making it easier for staff to comply, moving to electronic approvals by supervisors and improved management reporting.

As a result of this audit, Defence established a Travel Board in May 2019 to bring together the Defence groups responsible for overseeing travel expenditure. The Board will govern travel policy, controls processes and compliance. It will report to the organisation’s Enterprise Business Committee and Defence Committee on progress made in improving travel administration, compliance and performance across the business.

Key messages from this audit for all Australian Government entities

Below is a summary of key messages, including instances of good practice, which have been identified in this audit that may be relevant for the operations of other Commonwealth entities.

Governance and risk management

Policy/program implementation

1. Background

Introduction

1.1 The Department of Defence (Defence) may require its personnel to travel in order to perform their duties. Where Australian Public Service (APS) employees4 are required to travel on Defence business, Defence’s policy is that it will provide its employees with the facility to meet reasonable travel costs on the basis that they neither gain nor lose financially.

1.2 Defence’s APS employees can claim allowances as specified in the Defence Enterprise Agreement.5 Payments are made through the Defence Travel Card (DTC)6, Defence’s payroll system and Defence’s financial management information system, depending on the type of allowance and whether the traveller has a DTC.7

1.3 Defence expended $246 million on travel in 2017–18 and $237 million in 2016–178, reflecting Defence’s large, dispersed and mobile workforce.9 These amounts reflect expenditure by Australian Defence Force personnel and APS employees for flights, accommodation, car hire and the majority of travel allowances incurred during official travel.10

Expenditure on allowances claimed for business travel

1.4 Defence’s financial management information system identifies expenditure of approximately $93 million in 2017–18 and $90 million in 2016–17 on allowances paid to Australian Defence Force personnel and APS employees travelling on official business. These amounts include travel allowances claimed for meals and incidentals11, part day travel12, and the use of a private motor vehicle. Of these amounts, approximately 20 per cent is claimed by APS employees ($17,802,059 in 2017–18 and $17,587,409 in 2016–17 as set out in Table 1.1).

Table 1.1: Estimate of travel allowances paid to Australian Public Service employees in Defence (July 2016 to June 2018)

Allowance type

Payment method

2016–17

$ (estimate)d

2017–18

$ (estimate)d

Meals and incidentalsa

DTCs (primarily cash withdrawals)

16,900,244

17,110,518

Meals and incidentals

Defence financial management information systemb

147,754

145,844

Motor vehicle

Defence payroll system

357,983

366,212

Part day travel

Defence payroll system

181,428

179,485

Totalc

 

17,587,409

17,802,059

       

Note a: Defence defines incidentals as minor expenses incurred casually and in addition to the amounts provided for meals.

Note b: Used when the employee does not hold a DTC, or when the card is not accepted.

Note c: This total is net of refunded, repaid, and disputed transactions during the period, which appear as negative amounts in each of the three systems listed.

Note d: The reasons travel allowance amounts reported are estimates rather than actuals, and the criteria and method used to compile information for this set of transactions, are outlined in Appendix 3.

Source: ANAO analysis of Defence data.

1.5 Three Defence Groups have responsibility for various aspects of travel allowance administration:

  • Defence People Group manages the personnel policy aspects of travel, and processing of allowances paid through Defence’s payroll system.
  • Defence Estate and Infrastructure Group manages Defence’s implementation of Whole-of-Government Travel arrangements, maintains Defence’s travel budget tools, provides procedural guidance on travel through its intranet site, and provides travel booking services for Australian Defence Force conditions of service, courses and long term international postings travel.
  • Defence Finance Group manages DTCs, the credit card management system, and the payment of travel allowances through the financial management information system.13

1.6 Defence’s management of travel was examined in 2015 through the Review of Red Tape in Defence. Defence agreed to all 20 recommendations aimed at improving the management of travel in Defence.14

Rationale for undertaking the audit

1.7 The administration of employee allowances is a routine corporate function undertaken by government sector entities. Effective arrangements for the administration of allowances support entities to demonstrate the proper use of public money.

1.8 This audit focused on travel allowances, rather than all allowances paid to Defence’s APS employees as originally outlined in the ANAO’s 2017–18 Annual Audit Work Plan, because:

  • the results of an audit focusing on common allowances paid to public sector employees were expected to be useful to all government sector entities;
  • Defence has identified the fraudulent use of a Defence credit card (including the DTC) as a Defence-wide risk; and
  • testing conducted by the ANAO in the course of auditing Defence’s financial statements in recent years identified non-compliance with regard to travel allowance payment approvals.

1.9 Auditor‐General Report No.33 2015–16, Defence’s Management of Credit and other Transaction Cards (which included the DTC) found that Defence did not have a complete and effective set of controls to manage the use of credit and other transaction cards. In May 2017, the Parliament’s Foreign Affairs, Defence and Trade References Committee expressed interest in the Auditor-General following up on the recommendations made in that audit report.15 This audit includes an examination of Defence’s implementation of the two recommendations made in the previous audit report that are applicable to the DTC.

Audit approach

Audit objective, criteria and scope

1.10 The objective of this audit was to assess the effectiveness of Defence’s administration of travel allowances paid to its APS employees. To form a conclusion against the audit objective, the ANAO adopted the following high-level criteria:

  • Defence has appropriate arrangements that support accurate payments of travel allowances to eligible APS staff; and
  • Defence has effective arrangements in place to provide assurance over the payment of travel allowances to APS staff.

1.11 This performance audit focuses on Defence’s systems and processes to support travel allowance payments made to Defence’s APS employees during the period 1 July 2016 to 30 June 2018. The audit examined three types of travel allowance payments: meals and incidentals, motor vehicle, and part day travel. The rates for each type of allowance are outlined in Appendix 2.

Audit methodology

1.12 In undertaking the audit, the ANAO:

  • reviewed relevant Defence policy, procedure and process documentation;
  • interviewed key Defence personnel including: staff from Defence’s People, Finance, and Estate and Infrastructure Groups; and
  • extracted travel allowance transactions paid to APS employees between 1 July 2016 and 30 June 2018 from Defence’s credit card management, financial management information, and payroll systems, and examined the supporting records for a sample of those transactions. The purpose was to determine rates of compliance with relevant legislation, policies and procedures. Results from the testing of the sample did not support the use of the results as the basis of an audit conclusion as there was a higher non-compliance rate than expected when the sample was selected. However, the results provide an indication of the rate of non-compliance. The sample methodology and the results of testing are discussed in Appendix 3.

1.13 The audit was conducted in accordance with the ANAO Auditing Standards at a cost to the ANAO of $367,700.

1.14 The team members were Jennifer Myles, Kim Murray and Sally Ramsey.

2. Defence’s management of travel allowances

Areas examined

This chapter examines whether Defence has established appropriate arrangements that support the accurate payment of travel allowances to APS employees.

Conclusion

Defence’s administrative arrangements to support the payment of travel allowances to APS employees exhibit shortcomings, which reduce their appropriateness. These include: inconsistency in guidance; a failure to consistently reflect policy requirements in guidance and supporting tools (such as travel calculators); and the division of policy and administrative responsibility across three Defence Groups. The 2015 Review of Red Tape in Defence made similar findings and recommended that Defence produce a ‘single, brief policy guidance document in plain English’ on official travel and the use of the Defence Travel Card. Defence reported internally that it had addressed this recommendation, when it had not. Another agreed recommendation to give overarching policy and administrative responsibility to one Defence Group, has not yet been implemented. Defence advised that, as a result of this audit, it had established a Travel Board in May 2019 to govern travel policy, controls, processes and compliance. It is too early to establish whether this arrangement will address the intent of the 2015 Review of Red Tape in Defence recommendations.

Area for improvement

The ANAO has made one recommendation aimed at improving guidance material on the management of travel allowances to promote compliance with relevant policy and ensure accurate payment of travel allowances.

Has Defence established arrangements for the administration of travel allowances?

Defence has established arrangements for the administration of travel allowances including accessible processes, procedures and tools for calculating travel budgets, documenting the travel approval process and enabling payment of travel allowances. Administrative responsibilities for the arrangements continue to be divided between three Defence Groups, notwithstanding an agreed recommendation from the 2015 Review of Red Tape in Defence to consolidate responsibility for travel in the Defence Finance Group. Defence informed the ANAO that, as a result of this audit, it had established a Travel Board in May 2019 to bring together the Defence groups responsible for overseeing travel expenditure.

Types of travel allowances paid by Defence

2.1 Depending on the destination, duration and means of official travel, Defence may pay its APS employees:

  • A part day travel allowance.16
  • An amount to cover the costs of meals and incidentals.17
  • A motor vehicle allowance if a private vehicle is used.18

2.2 The rates for travel allowances are set and reviewed by the Secretary of Defence for Defence’s APS employees, and the Remuneration Tribunal for the Secretary of Defence.19

Arrangements for the administration of travel allowances

2.3 The Public Governance, Performance and Accountability Act 2013 (PGPA Act) enables the Secretary of Defence (the entity accountable authority) to delegate authority to enter into commitments to spend relevant (public) money, including for official travel.

2.4 Defence’s Accountable Authority Instructions are issued by the Secretary of Defence under the authority of section 20A of the PGPA Act. Accountability Authority Instruction 2 — Approval and Commitment of Relevant Money relates to the spending of public money by Defence officials. The Instruction specifies that when approving commitments of relevant money, delegates are to ensure that:

  • sufficient funds are available within the relevant budget;
  • the proposed commitment promotes value for money; and
  • approvals for proposed commitments are properly recorded.

2.5 Defence’s Financial Delegations Manual is managed by the Defence Finance Group. It specifies the requirement for delegates to comply with the Accountable Authority Instructions and to record and retain documentation of any exercise of a financial delegation. This is to be done by signing, dating and printing their name, position title and position number, in respect to each commitment of relevant money.

2.6 The Defence Finance Group is responsible for the management of DTCs, the credit card management system, and the payment of travel allowances through the financial management information system.20

2.7 Defence People Group is responsible for processing travel allowances paid through Defence’s payroll system and the management of travel policy. The Group provides guidance documents on:

  • Duty Travel21;
  • Part Day Travel Allowance;
  • Travel Time; and
  • Motor Vehicle Allowance.

2.8 Defence Estate and Infrastructure Group is responsible for managing the operational aspects of Defence travel including but not limited to: Defence’s implementation of Whole-of-Government Travel arrangements; maintaining Defence’s travel budget calculators; and providing procedural guidance on travel through its intranet site and support through the Defence Service Call Centre and Customer Service Centres on bases to assist Defence APS staff with travel queries.

2.9 The Review of Red Tape in Defence (2015) recommended that, as part of the implementation of an electronic travel management system, travel policy and its administration should become the clear responsibility of one area of Defence. Implementation of a travel requisition and expense management system was ‘paused’ in March 2019 and subsequently ‘ceased’.22 The three Defence Groups continue to have responsibility for various aspects of travel policy and administration.

2.10 In June 2019 Defence informed the ANAO that:

As a result of this audit, Defence established a Travel Board in May 2019 to bring together the Defence groups responsible for overseeing travel expenditure. The Board will govern travel policy, controls processes and compliance. It will report to the organisation’s Enterprise Business Committee and Defence Committee on progress made in improving travel administration, compliance and performance across the business.

2.11 In June 2019, Defence informed the ANAO that the:

  • Travel Board consists of four representatives from Defence’s Finance, People, and Estate and Infrastructure Groups;
  • terms of reference for the Travel Board have not been finalised; and
  • Travel Board has met four times to date but there are no meeting minutes or documented outcomes.

Approval of travel proposals and claims for associated travel allowances

2.12 For the payment of travel allowances, Defence seeks to achieve compliance with the PGPA Act, Accountable Authority Instructions and Financial Delegations Manual through the completion and approval of travel proposals.

2.13 Defence requires travel proposals to be documented using tools such as Defence’s travel budget calculators, iTravel23 and other forms. These tools capture information about the: travel purpose; schedule; estimated cost including travel allowances; approvals; and after travel certification, where required.

2.14 Allowances are calculated based on the planned travel dates, times and method of transport.24 Depending on the travel allowance, the traveller may also be required to complete additional forms to support their claim.

2.15 Figure 2.1 illustrates Defence’s travel allowance approval process for its APS employees.

Figure 2.1: Defence travel allowance approval process for APS employees

A flow chart that shows the tasks and forms that a Defence APS employee is required to complete to obtain, and retain evidence of, approval to travel: Traveller completes a travel budget calculator and supporting forms; Travel approver approves travel, including allowances; Traveller files approval documentation. The flow chart is based on Defence’s policy, guidance, forms, fact sheets and other documents intended to guide the claiming and processing of travel allowance payments.

Source: ANAO summary of Department of Defence’s policy, guidance, forms, fact sheets and other documents intended to guide the claiming and processing of travel allowance payments.

Payment of travel allowances

2.16 Figure 2.2 illustrates Defence’s process for APS employees to access approved travel allowances.

Figure 2.2: Defence’s process for claiming approved travel allowances

A flow chart that shows the various processes and payment methods that apply to enable payment of approved travel allowances: Part day travel allowance – traveller submits claim electronically via payroll self-service facility, supervisor reviews and approves claim and payment is made through Defence’s payroll system; Motor vehicle allowance – traveller emails approved travel forms to Defence’s pay centre for payment through the payroll system; Meals and incidental allowances – three payment options are available: traveller withdraws cash and/or pays for meals and incidentals using the DTC; traveller emails separate claim form to Defence’s account processing centre and payment is deposited in travellers bank account; where travel is over 21 days duration, traveller emails required forms to Defence’s personnel relocations team to calculate allowance and process payment. The flow chart is based on Defence’s policy, guidance, forms, fact sheets and other documents intended to guide the claiming and processing of travel allowance payments.

Source: ANAO summary of Department of Defence’s policy, guidance, forms, fact sheets and other documents intended to guide the claiming and processing of travel allowance payments.

Has Defence provided accurate guidance to APS employees about travel allowances, including eligibility criteria?

The guidance and tools available to APS employees about travel allowances do not consistently reflect policy requirements. Defence’s collection of policies, procedures and guidance on travel allowances is fragmented and spread across multiple documents, tools and intranet pages. In April 2019, Defence implemented a new travel intranet site, which improves clarity and accessibility of information, but gaps, duplication and inconsistencies remain. Defence has not implemented agreed recommendation 19 of the 2015 Review of Red Tape in Defence relating to the simplification of guidance, even though it reported to a senior committee in 2018 that it had done so.

Travel guidance material

2.17 The Review of Red Tape in Defence (2015) described Defence’s travel policy and procedure framework as a ‘frightening smorgasbord of documents’ and concluded that Defence personnel needed a single source of travel policy and procedure advice.25

The Department badly needs a streamlined, simple policy guidance document in plain English on Official Travel and the use of DTCs in place of the current multiple policy documents, instructions and regulations relating to travel. This should be a consolidated statement of Defence travel policy that is concise, in plain English, and no more than a few pages in length.

2.18 Recommendation 19 of the Review was that Defence produce a ‘single, brief policy guidance document in plain English on Official Travel and the use of DTCs’. Defence agreed to this recommendation and reported to the Enterprise Business Committee26 that this recommendation was completed on 14 February 2018.

2.19 Defence could not provide the ANAO with a single, brief policy guidance document in plain English on ‘Official Travel and the use of Defence Travel Cards’ as recommended by the 2015 Review of Red Tape in Defence, and was unable to demonstrate that this work had been undertaken. Defence’s collection of policies, procedures and tools remains fragmented, with three Defence groups responsible for managing elements of the multiple guidance documents and forms relating to the approval and payment of travel allowances. Some travel allowance guidance is reproduced in multiple documents.

2.20 As at 22 February 2019, documentation relating to travel allowance payments in Defence remained extensive and included:

  • four high level policy documents;
  • three joint directives;
  • seven policy guidance documents;
  • 16 intranet pages;
  • 15 fact sheets;
  • two quick guides;
  • two check lists; and
  • 27 DTC and credit card management system guidance documents, fact sheets and instructions.27

2.21 The ANAO reviewed these documents and found the following examples of gaps, inconsistencies and ambiguities.28

International travel approval

2.22 The Defence Travel intranet website contains conflicting information about forms required for international travel proposals and references to out-of-date Defence documents:

  • ‘Quick Guide for Short-term Duty Overseas Travel’ specifies that travellers must complete the following forms: Overseas Visit Authority; and Overseas Travel Budget Calculator or iTravel.
  • Fact sheet ‘International — Short-term Duty Overseas Travel — Before you Travel’ states travellers must complete the following forms: Overseas Visit Authority; Overseas Travel Budget Calculator or iTravel; and Notification of Proposed Overseas Travel.
  • Intranet page ‘International Travel Policy’ also specifies that international travel must be approved on the Overseas Visit Authority form, but that other simplified, local forms can be used.29 This page does not mention the Overseas Travel Budget Calculator, iTravel or the Notification of Proposed Overseas Travel form.
  • Fact sheet ‘International — Short-term Duty Overseas Travel Overview’ does not specify which forms to complete and refers to the Defence Enterprise Agreement 2012–14 and the Defence Workplace Relations Manual (archived 2017).

2.23 Defence’s information on International Travel delegations also varies and is not always consistent with Joint Directive 27/201230, which specifies the following approval requirements for international travel:

  • officers below the level of Group Head and Service Chief may not approve overseas travel for more than two Defence personnel.
  • Group Head or Service Chiefs may, in exceptional circumstances, give written personal permission for groups of up to five travellers.
  • the Secretary and Chief of the Defence Force are the sole authorities for a group constituting more than five people.

2.24 The Joint Directive states that relevant Defence Instructions and forms associated with overseas travel were to be amended accordingly. This has not been done in all cases.

2.25 Defence Travel’s fact sheet ‘Approval Requirements for Official International Travel’ (8 March 2017) and the Overseas Visit Authority (13 February 2017) have incorporated the requirements of Joint Directive 27/2012, specifying the following approval requirements:

  • up to two people — Senior Executive Service level 2 or equivalent;
  • up to five people — Group Heads or Service chiefs in exceptional circumstances; and
  • more than five people — Secretary or the Chief of the Defence Force.

2.26 However, other guidance documents available on the Defence Travel website have not incorporated the requirements of the Joint Directive. The website includes intranet page ‘International Travel Policy’ and fact sheet ‘International — Short-term Duty Overseas Travel Overview’ (4 August 2016), which state that the ‘Section 23 Commitment Approver for official international travel is at the Two-Star or Senior Executive Service Band 2 level.’ These guidance documents do not include the additional requirements for multiple travellers specified in Joint Directive 27/2012. Given that the Overseas Visit Authority is not specified as a mandatory form in some guidance provided on the Defence Travel website, travellers who choose not to use this form may not be aware of these additional approval requirements.

2.27 Of 46 international travel allowance claims reviewed by the ANAO, 11 (24 per cent) were not approved, or not approved by at least a Two-Star or Senior Executive Service Band 2 level officer, making them non-compliant with Defence’s internal policies and procedures.

After travel certification

2.28 After travel certification is incorporated in some travel budget calculators, to be completed by the traveller under specific circumstances.31 The Defence Travel website (intranet) page titled ‘After Travel Domestic and International’ contains the following conflicting statements on the need to complete the after travel certification:

  • Travellers, upon completion of official travel, will only be required to complete the after travel certification where there is a change to the approved travel plan that:
    • increases the original budget; or
    • decreases the original budget and results in an amount needing to be repaid.
  • Where the traveller has used either a Budget Calculator or iTravel to do their budget, the traveller is to complete the after travel certification section.
  • Travellers using iTravel to create their budget are to complete the after travel certification section on the Trip Budget.
  • For overseas Training and Education organised by Defence Travel - Travellers are to complete a PY083-1 Certification (Acquittal) and the PY083 Travel Diary.32

2.29 APS employees’ completion of the certification varied across the sample of transactions reviewed by the ANAO. Some travellers completed the after travel certification even though no changes to the approved travel plan were made. There were also instances where changes to the approved travel plan occurred but the after travel certification was not completed.

iTravel form

2.30 The iTravel trip budget form does not include a space for the approver (the Secretary’s delegate) to include their position number. Documentation of the approver’s position number is a requirement of Defence’s Financial Delegations Manual.

Motor Vehicle Allowance

2.31 Policy guidance issued by Defence People Group for use of an employee’s own motor vehicle states that Defence will not accept any responsibility for financial liability or loss which may be incurred by an employee involved in an accident, or as a result of theft or damage, while using their own vehicle for business purposes. The policy requires supervisors to sight proof of the driver’s licence, registration and ‘adequate insurance’ for the vehicle being used. This information is not readily accessible from the Defence Travel website and is not included in any of the forms or guidance documents on the Defence Travel website used to claim motor vehicle allowance (Domestic Travel Budget Calculator or the Cost Comparison form).

2.32 The ANAO reviewed 20 motor vehicle allowance payments and found no evidence that employees provided licence, registration and insurance information to their supervisor or the travel approver when proposing to undertake travel using a private vehicle. Defence should consider the implications of non-compliance with the policy and the merits of introducing compliance checks in this area.

2.33 The travel budget calculator and the Delegate Checklist for Own Means Travel (Use of own Conveyance) refer to the Defence Workplace Relations Manual, which was archived on 30 September 2017. A Defence intranet search in February 2019 for the Manual redirects users to the People Connect web page, which does not contain any reference to Motor Vehicle Allowance.

Record keeping

2.34 Defence’s Accountable Authority Instructions and Financial Delegations Manual are clear about the requirement to record proposed financial commitments and retain documentation when exercising delegations. Defence Finance Group guidance states that the relevant approved travel budget calculator and associated travel documentation must be retained on an official file and remain easily accessible for seven years from the end date of travel. None of the travel approval forms or calculators remind the traveller or approver of the requirement to maintain approval records. The requirement to maintain records is included in some guidance documents but responsibility for doing so is not clear. The following documents do not refer to the requirement to maintain records:

  • Fact sheet — Travel Approval;
  • Fact sheet — Travel Values and Principles;
  • Fact sheet — In-Principle and Section 23 Commitment Approver Approval; and
  • Defence travel budget calculators.

2.35 Records of approved travel are not held centrally. Defence relies on individuals or individual business areas to maintain sufficient records to demonstrate that travel costs were appropriate and authorised. The ANAO found that records requested as part of this audit for a sample of travel allowance transactions were, in many cases, not easily accessible.33 In 21 per cent of cases a valid delegate approval could not be provided (see Table 3.2, which summarises the results of ANAO sample testing).

Defence Travel intranet site

2.36 In April 2019, in the course of this audit, Defence Travel implemented a new intranet site, known as TravelConnect. The ANAO reviewed the guidance material provided on TravelConnect and found that a number of out-of-date references have been removed and accessibility and clarity of information has been improved. Some inconsistencies have been addressed — for example, the after travel certification guidance issue has been resolved. However, gaps, duplication and inconsistencies remain.

2.37 To promote compliance as expected under PGPA Act section 15, Defence should undertake a thorough review of its guidance to eliminate existing gaps, duplication and inconsistency and establish a process to ensure that guidance to employees is updated to reflect future policy changes accurately. Further, Defence should implement what it advised the Enterprise Business Committee that it had already done.

Recommendation no.1

2.38 Defence:

  1. review its travel guidance material to eliminate duplication and inconsistency and promote compliance with relevant policies and processes; and
  2. implement a process that ensures Defence policy relevant to travel is accurately reflected in guidance material and tools.

Department of Defence response: Agreed.

2.39 Defence agrees to this recommendation.

3. Defence’s assurance and reporting arrangements for travel allowances

Areas examined

This chapter examines whether Defence has effective arrangements in place to provide assurance over the payment of travel allowances to APS staff.

Conclusion

Defence’s arrangements for providing assurance over the payment of travel allowances to APS employees are not fully effective. Defence has identified shortcomings in the design of detective controls for credit cards and ANAO testing of a sample of travel allowance transactions indicates that preventative controls are not fully effective. This performance audit identified a number of instances where Defence reports to senior committees overstated the progress of activities intended to improve assurance across the administration of travel and credit cards. These instances included: incorrect advice about residual risk; and advice that recommendations from reviews and audits had been addressed, when they had not.

Has Defence assessed the risks associated with the payment of travel allowances and identified risk-based controls to manage them?

Risks associated with the payment of travel allowances have been assessed and Defence has identified controls to manage identified risks. The March 2018 Enterprise Wide Defence Credit Cards Fraud Risk Assessment (current as at June 2019) identified three areas of high risk and set out controls that were expected to reduce the residual risk to ‘medium’. In March 2019, Defence Finance Group recommended that the Enterprise Business Committee note that ‘no individual high risk areas within financial management decision making have been identified’. Defence advised that its recommendation took into consideration ‘work that had been undertaken to mitigate some of the risks’. However, the committee was not advised that the controls set out in the March 2018 risk assessment had not yet been fully implemented or that the effectiveness of additional compliance activities had not yet been assessed.

3.1 Defence’s Joint Directive on the Management of Risk in Defence (JD 30/2015) establishes the core principles for risk management in Defence, and requires that decisions on risk be evidence-based; result in actions that are realistic and affordable; and subject to active and regular review.

Risks relating to travel allowances paid through the Defence Travel Card

3.2 The primary method of payment for travel allowances is the DTC (see Table 1.1). Defence’s current (May 2018) Fraud and Corruption Control Plan identifies the fraudulent use of credit cards (including the DTC) as a Defence-wide risk.34 The Plan nominates Defence’s Chief Finance Officer as the risk steward and identifies three key controls that Defence uses to manage the risks of misuse of the DTC:

  • management oversight;
  • regular reconciliation of expenditure; and
  • regular review.

3.3 In March 2018, Defence Finance Group’s Enterprise Wide Defence Credit Cards Fraud Risk Assessment (current as at June 2019)35 assigned a ‘high’ risk rating to each of the following three risks, based on the controls in place at that time:

  • Risk 1.1.1 Fraudulent use of a Defence credit card by the Cardholder or Third party;
  • Risk 1.2.1 Unauthorised use of a Defence credit card by cardholder; and
  • Risk 1.4.1 Fraudulent use of Cabcharge FLEXeTICKETs/ E-Tickets.

3.4 The March 2018 risk assessment identified one proposed control for both risk 1.1.1 and 1.2.1 which, if implemented, was expected to reduce the residual risk to ‘medium’. The proposed control was:

Commence targeted, in depth analysis of specific issues each month. Designed to complement the DAA/Systeam process [credit card sample testing program], and address emerging and likely areas of risk.

3.5 The March 2018 risk assessment documented that the residual risk for 1.4.1 was assessed as ‘medium’ without any additional controls being proposed or implemented.

3.6 On 13 March 2019, Defence Finance Group reported to the Defence Enterprise Business Committee on the ‘Risk Based Approach to Financial Compliance’. The report included commentary and recommendations on improving compliance around travel and purchasing cards. As part of its report, Defence Finance Group recommended the Committee note, among other matters:

  • that ‘while no individual high risk areas within financial management decision making have been identified, there are a number of areas of medium risk…’;
  • that ‘[Defence Finance Group] is considering structural changes to the [financial compliance] testing program that will align it to focus on areas of higher risk to the organisation’; and
  • ‘four short term control options that will assist in mitigating risks associated with the use of travel and purchasing cards’.

3.7 Defence Finance Group did not reflect in its 13 March 2019 report to the Enterprise Business Committee that the use of credit cards had been assessed as presenting ‘high’ risks. The recommendation provided to the Committee — that it note that ‘no individual high risk areas within financial management decision making have been identified’ — was inconsistent with the department’s assessment of credit card fraud risk that was current at that time.36 In June 2019, Defence advised the ANAO that the recommendation made to the Enterprise Business Committee ‘relates to financial management decision making in context of the overall financial risks impacting the organisation and was not reflective or limited to the credit cards residual risk post-mitigation’. Defence further advised that ‘the comment was made giving consideration to the work that had been undertaken to mitigate some of the risks’, and ‘the [Committee] was not advised that a number of actions designed to reduce the identified high risk in relation to credit card misuse had not been fully implemented’.

3.8 As discussed, the ratings for risks 1.1.1 and 1.2.1 were adjusted from ‘high’ (inherent risk) to ‘medium’ (residual risk) based on the expected impact of proposed controls. Defence’s mitigation strategy relies on the successful implementation of the proposed controls, including the effectiveness of additional compliance activities implemented in September and December 2018 (see Table 3.1 below), and the short-term controls referred to in the March 2019 report to the Enterprise Business Committee.

Risks relating to travel allowances paid through Defence’s payroll system

3.9 Part day travel allowances and motor vehicle allowances are paid through Defence’s payroll system and are the responsibility of Defence People Group. Defence People Group’s March 2018 Fraud and Corruption Risk Assessment identifies allowance fraud by APS and Australian Defence Force personnel as a risk. The risk assessment and related controls focus on all types of allowances paid through the payroll system. The plan identifies the following controls relevant to travel allowances:

  • Delegation approval required; and
  • Eligibility of leave and allowances are checked prior to processing.

3.10 The ANAO’s review of 73 part day travel and motor vehicle allowance payments identified 18 (25 per cent) payments for which Defence could not provide a valid travel approval — that is, a travel proposal document, signed by an appropriate delegate of the Secretary prior to travel.37

Defence’s risk-based sampling for credit card transactions

3.11 As noted in Auditor-General Report No.33 2015–16 Defence’s Management of Credit and other Transaction Cards, independent review of credit card transactions is a strong detective control on credit card misuse, widely practised in organisations that use corporate credit cards. Awareness of processes for independent review of credit card expenditure may also have some deterrent benefit. In October 2016, Defence removed its requirement for the review and approval of all credit card transactions by someone other than the cardholder. In place of this control, Defence’s Finance Group introduced a credit card testing program.

3.12 In December 2016, Defence informed its Audit and Risk Committee that Defence had implemented ‘an ICT solution providing review of 100 per cent of Defence Credit Card Transactions’.38 In fact, a September 2017 Defence internal audit report noted that the earliest iteration of this credit card transaction testing program was implemented in February 2017. Defence informed the ANAO that the program typically queries the transactions of around six cardholders per week (300 per year). As noted previously, as at January 2019, 15,383 Defence APS employees held a (Diners) DTC and 2,297 Defence APS employees also held a (Mastercard) DTC.

3.13 In December 2018, Defence Finance Group reported to the Enterprise Business Committee that the ‘Defence Credit Card sample testing program was updated from the beginning of the 2017–18 financial year to a new risk-weighted sample’ based methodology. The reported purpose of the program is to provide an estimate of the rate of non-compliance (Table 3.1 summarises key features of the program). Defence has not assessed whether the credit card sample testing program is effective in estimating the rate of non-compliance.

3.14 In September 2018, Defence Finance Group commenced a new compliance program to detect fraudulent cash credit card transactions. The primary catalyst for the program was one particular fraud incident that was reported to Defence’s Audit and Fraud Control Division in March 2018 by the individual’s work area.39 Defence has identified some residual risks and issues in relation to credit card transactions that are not being sampled for potential fraud through Defence’s credit card testing activities. In May 2019 Defence informed the Defence Audit and Risk Committee that Defence Finance Group intends to examine these areas when resources allow, and that the credit card testing program is expected to evolve over time to address areas of emerging and ongoing risk.

Has Defence implemented appropriate and effective controls to ensure payment accuracy and the recipient’s eligibility for travel allowances claimed?

Defence has not yet established appropriate and effective controls to ensure that accurate travel allowances are paid to eligible employees. ANAO analysis indicated that Defence’s preventative controls are not fully effective, with Defence unable to provide documented approvals for 21 per cent of the sample travel allowance transactions reviewed as part of this audit. Defence has progressively implemented detective controls since July 2017, in the form of credit card compliance activities, and expects that these activities will continue to evolve to address emerging and ongoing risks.

3.15 Preventative controls are intended to reduce the likelihood of Defence paying an unauthorised or incorrect allowance. Detective controls are intended to detect an unauthorised or incorrect allowance transaction after it occurs.40 Defence has developed a number of preventative and detective controls relating to the payment of travel allowances to eligible employees.

Preventative controls

3.16 Defence’s primary preventative control is the use of travel budget calculators and associated forms to calculate allowances and record travel proposals and approvals. Travel budget calculators automatically calculate the amount of travel allowance payable and must be approved by an appropriate delegate of the Secretary before travel is booked.

3.17 The ANAO reviewed 296 Defence APS travel allowance transactions. Defence could not provide documented approval by an appropriate delegate of the Secretary for 63 (21 per cent) of these transactions.

3.18 APS employees’ knowledge of, and adherence to, Defence’s policies and processes for travel allowances is another preventative control. As discussed in paragraphs 2.17 to 2.35, Defence’s complex and fragmented collection of policies, procedures and tools, makes it difficult for Defence employees to access appropriate guidance, and there are inconsistencies in the guidance provided. Defence has not developed the simplified policy guidance recommended by the 2015 Review of Red Tape in Defence (see Appendix 4, recommendation 19).

3.19 Defence informed the ANAO that the following additional preventative controls are in place:

  • The mandatory Fraud and Integrity Awareness training program that all Defence personnel are required to complete every two years. Defence reported that as of 23 August 2018, 87,199 Defence personnel (including Australian Defence Force, APS and Reservists or approximately 90 per cent of the Defence workforce) had been recorded as competent for the fraud and integrity awareness mandatory training. Defence informed the ANAO that as at 27 February 2019, 82,453 (84.4 per cent) Defence personnel had been recorded as competent.
  • Default card expenditure limit of $10,000 per day.41
  • Automatic Teller Machine (ATM) cash withdrawal limits of $1,000 per day; $3,000 per week; and $10,000 per month.42
    • The ANAO identified 36 individual cash transactions over $1,000 withdrawn by APS employees from ATMs in the period 1 July 2016 to 30 June 2018.43
  • Cash withdrawal from over-the-counter outlets (for example, Travelex), limited to $10,000 per day.

3.20 Awareness of detective controls, which are discussed below, may also act as a preventative control by deterring personnel from committing fraud. Defence’s Financial Management Manual alerts employees to the existence of assurance and compliance activities conducted by the Defence Finance Group, and that cardholders may be required to provide documentation for review at any time.

Detective controls

Travel allowances accessed through the Defence Travel Card

3.21 Defence Finance Group conducts compliance activities on credit card transactions, which may include DTC transactions by APS employees (Table 3.1).

Table 3.1: Compliance activities for Defence credit cards

Compliance activity

Description

ANAO comment

Credit Card sample testing program

  • Commenced 1 July 2017.
  • Applies to all Defence credit cards issued to APS and Australian Defence Force personnel.
  • Identifies around six cardholders each week (300 per year)a according to a defined sampling methodology.
  • Supervisors of the selected cardholders are sent the cardholder’s transaction details and requested to:
    ‘confirm that in your opinion the transactions … are legitimate Defence expenditures, and have been appropriately authorised and undertaken in accordance with Defence policy.’
  • In May 2019, Defence reported that the program tested 874 credit card transactions in the nine months to 31 March 2019 and all transactions were subsequently found to be ‘legitimate’.
  • In June 2019, Defence informed the ANAO that Defence Finance Group regularly reviews the testing to ensure it remains relevant, taking into account any patterns or emerging risks.

Defence Finance Group has reported to Defence’s Enterprise Business Committee that this program is designed to test the rate of non-compliance.

Relies on supervisors to confirm all transactions were undertaken in accordance with Defence policy.

In June 2019, Defence advised the ANAO that: ‘Defence does not further test the supervisor’s test outcomes as such a process is not considered to add further benefit.’

Compliance program to detect fraudulent credit card transactions

  • Commenced September 2018 for transactions incurred from 1 July 2018.
  • Applies to all Defence credit cards issued to APS and Australian Defence Force personnel.
  • Identifies cash transactions that meet specified high value/high volume criteria.b
  • Supervisors of the cardholders responsible for the identified transactions are sent the transaction details and requested to:
    ‘confirm that, in your opinion, the transactions are legitimate Defence expenditures, and have been appropriately authorised and undertaken in accordance with Defence policy. To do this, you should obtain copies of relevant authorisations for the expenditure and verify that prior authorisation was obtained for the expenditure from a valid delegate and that the expense was incurred for a valid Defence purpose.’
  • Supervisors must provide a response to this request. Defence Finance Group monitors requests to ensure a response is received.
  • In May 2019, Defence Finance Group reported to the Defence Audit and Risk Committee that, in the nine months to the end of March 2019, it had investigated 13,518 credit card transactions conducted by 3,273 card holders, and that the transactions of 25 card holders had been referred to Defence’s Audit and Fraud Control Division or Australian Defence Force Investigative Services as appropriate.

Relies on supervisors to confirm all transactions were undertaken in accordance with Defence policy.

There is no evidence that Defence tests, on a sample basis, the information provided by supervisors.

Credit card expenditure reporting provided to managers

  • Commenced December 2018.
  • Applies to all Defence credit cards issued to APS and Australian Defence Force personnel.
  • A report of all cardholder transactions is sent to the cardholder’s supervisor (identified through Defence’s payroll system) each month for review. Supervisors are required to:
    ‘review the report and where any transactions are not authorised take appropriate action. If all transactions are authorised then no further action is required.
     

    If you believe that any of these transactions potentially involve fraud or theft whether by the cardholder or another party then please report this via e-mail to Fraud Investigations …’

In March 2019, 10,234 cardholder transactions reports were sent to supervisors. Transaction reports for 1,337 cardholders (11 per cent) were not sent, as supervisors for those cardholders could not be identified through the payroll system.

In June 2019 Defence advised that when the cardholder does not have a supervisor listed in the payroll system, a report is generated for the group finance officer to identify the second and third level supervisors.

Supervisors are not required to provide a response but suspected fraud or theft is to be reported.

PGPA Act non-compliance Review

Self-reporting of non-compliance with the PGPA framework including approvals by delegates of the Secretary.

Defence advised that it voluntarily self-reports to identify issues and improve policy, training and compliance activities.c

There is no evidence that Defence tests self-reporting.

     

Note a: There are over 74,000 cardholders in Defence. This includes APS and Australian Defence Force personnel.

Note b: The majority of cash transactions relate to travel allowances.

Note c: Defence advice to the ANAO, June 2019.

Source: Defence advice to the ANAO and Defence Enterprise Business Committee paper, 13 March 2019.

3.22 In May 2019, Defence informed its Audit and Risk Committee that:

  • some residual risks and issues in relation to credit card transactions are not being sampled for potential fraud through Defence’s credit card testing activities;
  • the value of credit card fraud cases has increased since the removal of the CMS supervisor acquittal process in late 2016 due to delays in detection and lack of sufficient management oversight in the control framework design (prior to late 2018); and
  • it is expected that the credit card compliance activities will evolve over time to ensure that areas of emerging and ongoing risk are appropriately mitigated’.
Travel allowances accessed through the Financial Management Information System

3.23 Travel allowances accessed via the financial management information system represent a relatively small proportion of travel allowances (see Table 1.1). They may be examined through internal audits or other management initiated reviews. However, there is no specific program of regular targeted testing of these payments.

Travel allowances accessed through the payroll system

3.24 Travel allowances accessed via the payroll system also represent a relatively small proportion of travel allowances paid to APS employees (see Table 1.1). Requests for part day travel allowance are processed by the traveller through a self-service function that requires manager approval. Requests for payment of motor vehicle allowance are submitted via email to Defence’s pay centre. Defence informed the ANAO that authority for the payment must be provided before processing. Defence could not provide an appropriate travel approval for 19 (26 per cent) out of 73 sample travel allowance transactions reviewed by the ANAO, which were paid through Defence’s payroll system (see Table 3.2).

ANAO testing

Defence travel allowance transaction testing

3.25 As part of this audit, the ANAO reviewed a sample of travel allowances paid to APS employees to assess their compliance with relevant legislation, policies and procedures. The ANAO requested Defence records to support the payment of 332 randomly selected travel allowance transactions across the three payment types for the period 1 July 2016 to 30 June 2018. Thirty-six transactions were found to be unrelated to travel allowances and therefore removed from the sample. The ANAO tested the remaining 296 travel allowance transactions.

3.26 The purpose of the testing was to check each transaction for compliance with Defence’s travel approval process as described in paragraphs 2.12 to 2.14 and figures 2.1 and 2.2 of this audit report. Such testing would provide an indication of whether: preventative controls were effective in ensuring employees follow Defence’s processes, and whether detective controls detect non-compliance with those processes.

3.27 For each travel allowance transaction examined, the ANAO tested for a valid travel approval as this is required for all travel allowances claims.44 Table 3.2 details the results of the ANAO’s testing.

Table 3.2: Travel allowance compliance 1 July 2016 to 30 June 2018

Payment method

Transactions tested

Travel approval not provided

Defence Travel Card

176

41 (23 per cent)

Defence payroll system

73

18 (25 per cent)

Defence financial management information system

47

4 (9 per cent)

Total

296

63 (21 per cent)

     

Source: ANAO analysis of Defence data.45

3.28 Defence was unable to provide evidence that the necessary approvals had been obtained for 21 per cent of the transactions reviewed. The testing indicates that Defence travel allowances are not being managed in accordance with the approval requirements of Defence’s Accountability Authority Instructions or Financial Delegations Manual.

Defence credit card transaction testing

3.29 As a result of the findings in Auditor-General Report No. 33 of 2015–16, and concerns expressed by the Parliament’s Foreign Affairs, Defence and Trade References Committee in May 201746, the ANAO expanded its testing of credit card transactions as part of its audit of Defence’s financial statements, and made a number of observations, including:

  • in 2016–17, five out of 31 (16 per cent) of the sampled transactions were found to be in breach of section 23 of the PGPA Act and Defence’s Travel & Purchasing Policy;
  • in 2017–18, seven out of 67 (10 per cent) of the sampled transactions were found to be in breach of section 23 of the PGPA Act and Defence’s Travel & Purchasing Policy; and47
  • in 2018–19, eight out of 26 (30 per cent) of the sampled transactions did not have sufficient documentation to support the payment.48

Has Defence implemented relevant review and audit recommendations?

Defence has not fully implemented recommendations from the following review and audit relating to the administration of travel allowances:

  • The 2015 Review of Red Tape in Defence made 20 recommendations related to Defence’s administration of travel. Defence reported to its Enterprise Business Committee that ten of these recommendations had been completed as at 14 February 2018. The ANAO assessed that of the 10 recommendations reported as completed, five have not yet been implemented.
  • Auditor-General Report No.33 2015–16, Defence’s Management of Credit and other Transaction Cards made two recommendations to improve Defence’s management of credit cards. Defence advised that these recommendations had been completed in January 2016 and March 2016 respectively. The ANAO has assessed that one recommendation has been partially implemented, and the other has been progressively implemented since July 2017.

The 2015 Review of Red Tape in Defence recommended the introduction of an automated travel management system to simplify and improve the effectiveness of Defence’s administration of travel. In December 2016, Defence approved $11.9 million to implement the Travel and Expense Management project, which was ‘paused’ in March 2019, and subsequently ‘ceased’, after expenditure of over $10 million and delays in implementation. Reporting to the Enterprise Business Committee on the status of this project was largely positive until December 2018, shortly before the project was paused.

Review of Red Tape in Defence (2015)

3.30 In 2015, Defence engaged a consultant to examine ways to streamline and improve routine transactions, including travel. This need had been identified in the First Principles Review of Defence. The resulting report, Review of Red Tape in Defence (August 2015), made 42 recommendations, 20 of which related to Defence’s administration of travel. The Secretary agreed to implement these 20 recommendations in September 2015.

3.31 The 20 recommendations were divided into two sets:

  • set 1 (recommendations 1 to 10) related to the implementation of a fully integrated and automated electronic travel management system; and
  • set 2 (recommendations 11 to 20) were to be implemented immediately to improve the existing system in the interim.

3.32 On 12 December 2018, Defence reported to the Defence Enterprise Business Committee that it had completed ten recommendations: five recommendations from set 1 and five from set 2. The ANAO assessed that, of the 10 recommendations reported as completed, five have not yet been implemented. (See Appendix 4 for the status of recommendations).

Defence’s implementation of the Travel and Expense Management project

3.33 The Review of Red Tape in Defence concluded that Defence travel processes were overly complicated, labour intensive and paper-based rather than electronic. It recommended Defence move to an automated travel processing system that:

  • is fully integrated electronically with all relevant parts of the organisation and the travel contractor;
  • uses the DTC as the sole payment mechanism; and
  • is supported by a strong audit system to ensure compliance.

3.34 Defence chose Concur (a SAP-owned system) to deliver on this recommendation, which is the foundation for implementing many of the other travel related recommendations in the review.49 The system is known as the Travel and Expense Management system.

3.35 In October 2016, Defence’s Chief Information Officer Group developed a draft business case for the implementation of the Travel and Expense Management project, which identified a target implementation date of 30 June 2017. On 20 December 2016, the Minister for Defence approved funding of $11.9 million (including $2.3 million contingency) for the acquisition of the system, with initial travel capability to be implemented by January 2017. The Minister’s approval indicates that the acquisition of the proposed solution was expected to:

  • meet the travel and expense management recommendations contained in the Review of Red Tape in Defence; and
  • address the issues identified in Auditor-General Report No. 33 2015–16, Defence’s Management of Credit and other Transaction Cards (May 2016).

3.36 In December 2018, the completion date for the project was scheduled as 7 November 2019. By February 2019, the completion date had slipped to 6 April 2020, three years later than originally envisaged and reported to the Minister for Defence.

3.37 In December 2018, Estate and Infrastructure Group provided a largely positive report to the Enterprise Business Committee, stating that:

  • the project had spent $6.718 million of the $9.615 million budget50;
  • due to project delays, $4.046 million in subscription fees were yet to be paid;
  • performance issues had largely been resolved;
  • testing had confirmed the system was working on Defence’s network;
  • the schedule would be re-baselined to reflect project delays; and
  • a detailed evaluation of the project would be undertaken in early 2019 leading to recommendations on the way forward.

3.38 On 5 March 2019 Defence’s Chief Information Officer, Chief Finance Officer, and Deputy Secretary Estate and Infrastructure agreed to ‘pause’ the project due to ‘performance issues’, ‘security concerns’ and a ‘low confidence of success.’ On 12 June 2019, Defence provided the ANAO with advice confirming that: ‘following testing, this project has now ceased.’ No alternative system has been proposed at this time to implement the Review of Red Tape in Defence recommendations.

3.39 Defence advised the ANAO that verbal updates about the project had been provided to the Enterprise Business Committee in January, February, March and April 2019. Outcomes recorded by the Committee referred to schedule delays, complexity and challenges being discussed on 16 January and 6 March 2019. On 16 April 2019, verbal advice to the Committee referred to the progress of negotiations to cancel the project.

Defence’s Compliance Review of Card Management System Controls (September 2017)

3.40 Until October 2016, Defence’s card management system supervisors were responsible for checking and approving all transactions for the credit card holders under their supervision.

3.41 Recommendation 5 of the Review of Red Tape in Defence was to enable electronic self-acquittal of travel except where significant changes to the approved itinerary or costs had occurred. This recommendation was to be implemented as part of a fully integrated electronic travel management system and in conjunction with nine other recommendations, including an enhanced system of random audits.

3.42 Defence removed its requirement for the card management system supervisor to review and approve all credit card transactions in October 201651, without implementing the accompanying recommendations.

3.43 In September 2017, an internal audit of credit card system controls found that Defence’s decision to remove the card management supervisor acquittal function in October 2016 was not supported by an adequate risk assessment. The report stated that:

Without an adequate risk assessment around the removal of the acquittal role, it is difficult to provide assurance that the risks mitigated by this role are still being [appropriately] mitigated post the removal.

Prior to the removal of the CMS supervisor acquittal function, the CMS supervisor was a main referral source for fraudulent and non-compliant transactions.52

3.44 The internal audit made four recommendations and two suggestions. Defence Finance Group initially rejected the recommendations but later agreed to them in August 2018 and implemented additional credit card compliance activities in September and December 2018 (see Table 3.1).53

3.45 In May 2019, Defence’s Quarterly Fraud Control Report, presented to the Defence Audit and Risk Committee, stated that:

  • An increase in the value of credit card fraud cases following the removal of the CMS supervisor acquittal process in late 2016 has been identified.
  • The value of this fraud is assessed as larger than traditionally experienced by Defence and post case analysis revealed an unreasonable delay in detection enabling the fraud to continue over a long period of time.
  • Whilst the number of credit card fraud incidents remains the same, the number of cases with higher values has increased. Cases have increased to tens of thousands of dollars due primarily to delayed detection and a lack of sufficient management oversight in the control framework design (prior to late 2018) and exacerbated in some cases through local area practices.

Auditor-General Report No. 33 2015–16, Defence’s Management of Credit and other Transaction Cards (May 2016)

3.46 Auditor-General Report No.33 2015–16, Defence’s Management of Credit and other Transaction Cards concluded that Defence did not have a complete and effective set of controls to manage the use of credit and other transaction cards. The ANAO made two recommendations to improve Defence’s management of its credit cards, and to provide assurance that the control arrangements for credit cards are working as intended.54

3.47 Following the presentation of the report in May 2016, Defence prepared a management action plan for the implementation of each of the ANAO recommendations. The plan noted that the actions required to implement Recommendations No. 1 and 2 were completed in January 2016 and March 2016 respectively.55 Defence’s Audit and Fraud Control Division subsequently closed each recommendation in Defence’s Audit Recommendations Management System.

3.48 Boxes 1 and 2 below summarise the ANAO’s assessment of implementation activities. In summary, the ANAO assessed that Recommendation 1 has been partially implemented and Recommendation 2 has been progressively implemented since July 2017.

Box 1: Recommendation 1 from Auditor-General Report No.33 2015–16 Defence’s Management of Credit and other Transaction Cards

Recommendation no.1

To improve its management of credit cards, the ANAO recommends that Defence:

  1. identifies the risks associated with its credit cards and its current control framework;
  2. implements enterprise-wide control arrangements aligned to key risks; and
  3. implements arrangements to provide assurance that the control arrangements are working as intended.

Defence’s response: Agreed.

Defence status: Completed.

ANAO assessment: Partially implemented.

Defence has identified the risks associated with its credit cards and revised its control arrangements for credit cards, and subsequently assessed that this activity addressed the intent of ANAO Recommendation No. 1. Defence has not assessed whether the control arrangements are working as intended.

Box 2: Recommendation 2 from Auditor-General Report No.33 2015–16 Defence’s Management of Credit and other Transaction Cards

Recommendation no.2

To provide assurance that credit card use is consistent with Defence policies, the ANAO recommends that Defence:

  1. undertakes periodic analysis of credit card transactions, targeting key areas of risk; and
  2. takes corrective action, where necessary.

Defence’s response: Agreed.

Defence status: Completed.

ANAO assessment: Implemented progressively from July 2017.

In March 2016, Defence assessed that it had implemented ANAO Recommendation No. 2 through the introduction of a credit card testing program. The purpose of this program was to assist in the detection of non-compliance with PGPA Act requirements, Defence travel policy and ensure sufficient proof of expenditure.

The 2017 Defence Compliance Review of Card Management System Controls (discussed in paragraphs 3.40 to 3.45), found that the full rollout of this program commenced at the end of February 2017, almost 12 months after Defence assessed that it had implemented the related ANAO recommendation. The review also found that the program was unable to provide a high level of assurance that it would capture all instances of non-compliance with travel policies and PGPA Act requirements, nor highlight instances of potential fraud for further review.

In July 2017 Defence updated its credit card sample testing program ‘to a new risk-weighted sample’ based methodology. In September and December 2018, Defence implemented additional credit card compliance activities (see Table 3.1).

In May 2019, Defence informed its Audit and Risk Committee that:

  • some residual risks and issues in relation to credit card transactions are not being sampled for potential fraud through Defence’s credit card testing activities; and
  • it is expected that the credit card compliance activities will evolve over time to ensure that areas of emerging and ongoing risk are appropriately mitigated.

Does Defence provide assurance through internal and external reporting?

Assurance on compliance activities is provided internally through regular reporting to the Defence Enterprise Business Committee and Defence Audit and Risk Committee. External assurance on compliance with minimum standards for managing risks and incidents of fraud is provided through annual certification by the accountable authority as required by the Public Governance, Performance and Accountability Rule 2014. This performance audit identified instances where Defence reports to senior committees overstated the progress of activities intended to improve the administration of travel and credit cards.

Internal management reporting

3.49 Defence does not provide consolidated reports on total travel allowance expenditure.56 Defence makes travel allowance payments through three separate systems and does not clearly identify travel allowance payments in the payment systems (see Appendix 3). For example, in December 2018, a brief to the Secretary of Defence and the Chief of the Defence Force requested agreement to changes to motor vehicle allowances. The brief noted that an analysis and projected savings report, which Defence Finance Group had previously been tasked with providing, could not be provided because vehicle allowance expenditure is captured on separate systems across Defence and is often aggregated with other travel allowance payments.

Enterprise level assurance reporting

3.50 Defence prepares a number of reports to provide assurance to senior leadership and the audit committee about the administration of travel allowances:

  • Defence Finance Group provides a quarterly financial compliance report to Defence’s Enterprise Business Committee. The report summarises the outcomes of the Group’s compliance activities.57
  • Defence Audit and Fraud Control Division provides quarterly updates to the Defence Audit and Risk Committee (DARC) about incidents (including fraud) reported to the Division. The reports include incident statistics such as the numbers of reported incidents, outcomes of selected Defence investigations, and the total value of fraud losses and recoveries across Defence.58

3.51 This performance audit identified a number of instances where Defence reports to senior committees overstated the progress of activities intended to improve the administration of travel and credit cards. For example:

  • Reporting to the Enterprise Business Committee in March 2019 did not reflect the high risk ratings attributed to the use of credit cards in Defence as reported in Defence Finance Group’s March 2018 Enterprise Wide Defence Credit Cards Fraud Risk Assessment (see paragraph 3.3).
  • In December 2016, Defence advised the Defence Audit and Risk Committee that it had implemented a credit card transaction testing program. A Defence Internal Audit noted that the earliest iteration of that program was implemented in February 2017 (see paragraph 3.12).
  • On 12 December 2018, reporting to the Enterprise Business Committee about the Travel and Expense Management project was largely positive, advising that previously reported performance issues had largely been resolved. On 5 March 2019 Defence’s Chief Information Officer, Chief Finance Officer, and Deputy Secretary Estate and Infrastructure agreed to ‘pause’ the project due to ‘performance issues’ and ‘security concerns’ and a ‘low confidence of success’ (see paragraphs 3.37 to 3.39). Defence subsequently ceased the project.
  • Defence advised senior committees that agreed audit and review recommendations were complete. The ANAO has assessed that the recommendations had not yet been fully implemented at the time the advice was given (see paragraphs 3.32 and 3.48).

External reporting

3.52 The majority of Defence’s travel allowances are accessed through the DTC and included as part of broad expenditure reporting under the travel component of supplier expenses in Defence’s Annual Report.59 Travel allowances paid through the payroll system are included as part of ‘other allowances’ in Defence’s Annual Report.60 Travel allowances paid through the financial information and management system are reported according to the General Ledger account code supplied with the transaction.

3.53 As required by the Public Governance, Performance and Accountability Rule 2014, Defence’s 2016–17 and 2017–18 Annual Reports included a certification from the accountable authority that the Department had complied with the minimum standards for managing risk and incidents of fraud as set out in the Rule.

Appendices

Appendix 1 Department of Defence response

Entity response page 1

Entity response page 2

Appendix 2 Defence APS domestic travel allowance rates 1 July 2016 to 30 June 2018

Table A.1: Defence APS domestic travel allowance rates 1 July 2016 to 30 June 2018

Allowance type

Allowance value (range)a

Taxable (Yes/No)

Breakfast

$23.20 to $35.00

No (for allowance amounts up to the reasonable allowances amount set by the Australian Taxation Office)

Lunch

$26.50 to $50.00

Dinner

$45.70 to $69.00

Incidentals

$18.75 to $28.00

Motor Vehicle (per kilometre)

$0.61 to $0.77

Dependent on the rate paid and the distance travelled in any financial year

Part-day travel

$47.90 to $49.80

Yes

     

Note a: Allowance rates for Defence APS employees are varied from time to time. Variations occur through determinations made under the Defence Enterprise Agreement (for APS employees), and the Remuneration Tribunal for the Secretary of Defence.
The decisions to set and vary travel allowances for meals and incidentals take into account information on reasonable rates for domestic travel allowances as provided under the Australian Public Service Commission subscription service. Rates for these allowances vary depending on the salary level of the individual and the travel destination. Rates reported in this table are those applicable for domestic travel up to 21 days duration.
Each year the Australian Taxation Office publishes, in the form of Taxation Determinations, the amounts it considers reasonable amounts for travel allowance expenses. Taxation Determinations on reasonable travel allowance amounts are available from https://www.ato.gov.au/Business/PAYG-withholding/Payments-you-need-to-withhold-from/Payments-to-employees/Allowances-and-reimbursements/Travel-allowances/

Source: ANAO from Department of Defence documents.

Appendix 3 Criteria and method for identifying travel allowances paid to Defence’s Australian Public Service employees.

Limitations of Defence travel allowance data

1. Defence does not maintain a single source of travel allowance approvals.

2. Travel allowance General Ledger (GL) codes do not distinguish between allowances paid to APS and Australian Defence Force personnel.

3. Defence accounts for travel across a number of GL accounts depending on the purpose of travel and the nature of the expense.

4. The ANAO (with Defence’s assistance), constructed an approximate population of travel allowance payment transactions from:

  1. Defence’s card management system (Defence Travel Card transactions);
  2. Defence’s payroll system; and
  3. Defence’s financial management information system.

    Identifying travel allowance transactions from Defence systems

    Defence card management system

    5. Defence provided an extract of Defence Travel Card transactions associated with APS cardholders for the period 1 July 2016 to 30 June 2018.

    6. The ANAO identified:

    1. All cash withdrawals — as these are predominately related to meals and incidentals.
    2. Non-cash transactions assigned to a GL code that included ‘allow’ in the GL code description field.

    7. Resulting data set comprised 126,783 transactions totalling $38,929,015.

    8. The ANAO subsequently found that the data set contained duplicate non-cash transactions. Duplication occurred when a transaction was coded to multiple GL accounts. For example, a transaction for $100, which included $25 for travel allowance and $75 for accommodation, would appear in the data set as 2 separate transactions for $100 against each GL account.61

    9. The ANAO removed non-cash transactions from the data set.

    10. Revised data set comprised 114,209 transactions totalling $34 million.

    Defence payroll system

    11. Defence provided an extract of motor vehicle allowance and part day travel allowance transactions made to APS employees for the period 1 July 2016 to 30 June 2018.

    12. Resulting data set comprised 8,944 transactions totalling $1.09 million.

    Defence financial management and information system

    13. Defence provided an extract of payments to APS employees for the period 1 July 2016 to 30 June 2018.

    14. ANAO identified travel allowances by GL account code.

    15. Resulting data set comprised 452 transactions totalling $293,598.

    Identifying a random sample of transactions for testing

    16. The three data sets were treated as separate populations for the purposes of selecting an audit sample. The initial sample population comprised:

    Table A.2: Initial sample population data sets

    Source system

    Transaction count

    Card Management System (Defence Travel Card transactions)

    196

    Payroll system (Defence One/PMKeyS)

    73

    Financial management information system (ROMAN)

    63

    Total

    332

       

    17. Supporting records for 332 samples, requested from Defence on 21 December 2018, were provided between 25 January 2019 and 5 June 2019.

    18. Subsequently, non-cash CMS transactions, and a number of transactions for which supporting records had been received that were not travel related, were excluded. The revised sample population comprised:

    Table A.3: Revised sample population data sets

    Source system

    Transaction count

    Card Management System (Defence Travel Card transactions)

    176

    Payroll system (Defence One/PMKeyS)

    73

    Financial management information system (ROMAN)

    47

    Total

    296

       

    Use of the sample to form a conclusion

    19. Sample sizes were originally calculated based on an expected non-compliance rate of five per cent for allowances paid through the Defence payroll system and the Defence financial management and information system, and 15 per cent for allowances paid through the Defence Travel Card. The expected rate of non-compliance was based on testing by the ANAO in its audit of Defence’s 2017–18 financial statements. The actual rate of non-compliance for the samples tested was much higher than the expected rate, meaning that a much larger sample size would have been required to form a suitably precise conclusion on the level of non-compliance in the entire population. The ANAO determined not to expand the sample size as it was not necessary to meet the audit objective. Therefore, the sample results used in this report cannot be extrapolated to the entire population. However, the results of the testing conducted, in combination with other audit evidence obtained, provides suitable evidence of the existence of material non-compliance with relevant legislation, policy and procedure.62 This approach has been adopted in this report and results reported within the sample group should only be interpreted as individual examples of non-compliance.

    Appendix 4 Defence’s reported progress against recommendations from the Review of Red Tape in Defence (2015) related to Defence’s administration of travel

    Table A.4: Defence’s reported progress against travel related recommendations from the Review of Red Tape in Defence

    No

    Recommendation

    Reported status as at 12 December 2018

    ANAO comments

    Set 1: Recommendations for the introduction of a fully-integrated electronic travel processing system to replace the current manual, largely paper-based system

     1.

    The current manual, largely paper-based system of travel processing in Defence be replaced as soon as possible by a self-administered fully-integrated electronic system for both domestic and international travel, based on SAP Concur (or equivalent) software.

    The Concur Project is reporting monthly to Defence’s Enterprise Business Committee on progress and will continue to do so until the project is complete. Implementation of Concur is being undertaken in line with the recommendations in the Red Tape Review and the recommendations are referred to in regular Project Steering Committee meetings.

    Not implemented.

    Defence ‘paused’ the Travel and Expense Management project on 5 March 2019. Defence subsequently ‘ceased’ the project.

     2.

    To facilitate full automation of the travel system as envisaged in Recommendation 1 above, Defence immediately purchase a licence for SAP Concur (or equivalent) software to enable a fully automated system for travel and Defence Travel Card management to be rolled out by no later than 1 July 2017.

    Completed 14 February 2018.

    Not implemented.

    Concur project Approved 20 December 2016.

    Defence ‘paused’ the Travel and Expense Management project on 5 March 2019. Defence subsequently ‘ceased’ the project.

     3.

    All paper-based travel processes in Defence be abolished as soon as the SAP Concur (or equivalent)-based automated system has been rolled out.

    The Concur Project is reporting monthly to the Enterprise Business Committee on progress and will continue to do so until the project is complete. Implementation of Concur is being undertaken in line with the recommendations in the Red Tape Review and the recommendations are referred to in regular Project Steering Committee meetings.

    Not implemented.

    Defence ‘paused’ the Travel and Expense Management project on 5 March 2019. Defence subsequently ‘ceased’ the project.

     4.

    The Chief Finance Officer Group card management area, in close consultation and corroboration with the Estate and Infrastructure Group, Chief Information Officer and Defence People Group Groups, oversee the design and implementation of a new travel portal on the DRN incorporating all necessary elements for a fully integrated online travel processing system for Defence, with essential features of the travel portal to include:

    end-to-end electronic processing with an interface to all relevant action areas of Defence and the Department’s travel contractor from travel request/budgeting to acquittal, including ability to extract reports of trip data;

    an online smartform for both domestic and international travel incorporating the essential components but much streamlined versions of the current Travel Request Form, Overseas Visit Authority, Trip Budget Calculators and Online Booking Tool;

    single electronic submission of completed travel form by the travelling staff member or another authorised person (for example; the Personal Assistant to an Senior Executive Service-equivalent officer);

    capacity for online approval of fare other than lowest fare of the day, when required;

    single sign-off by travel approver (Section 23 Commitment Approver);

    in the case of international travel, capacity to distinguish the approval level for different numbers of travellers, namely:

    approval by Senior Executive Service Band 2 equivalent for 2 Defence personnel or less

    approval by Group Heads/Services Chiefs for 5 Defence personnel of less

    approval by the Secretary/Chief of the Defence Force for 6 Defence personnel or more

    electronic self-acquittal by the travelling staff member or authorised person on completion of travel with capacity for checking/certification by an appropriate supervisor, if required;

    capacity for electronic referral to the original travel approver for final acquittal sign-off in the event the travelling staff member certifies there is a significant change to the approved itinerary or costs; and

    Capacity for group or delegation travel to be processed as one single travel action that identifies all members of the travelling group but does not require multiple submissions/approvals for each individual on the delegation.

    The new Defence Travel website will be launched in early 2019 to coincide with the release of the new international travel processes and smart form.

    Not implemented.

    Defence informed the ANAO on 3 April 2019 that the Defence Travel website will link to the new travel processing system once implemented.

    Defence ‘paused’ the Travel and Expense Management project on 5 March 2019. Defence subsequently ‘ceased’ the project.

     5.

    Electronic self-acquittal by the travelling staff member upon completion of travel be the normal end of the process, with further acquittal certification by the original approving officer only required in the event of significant changes to the travel itinerary or costs.

    Completed 14 February 2018.

    Implemented.

    Self-acquittal became effective 15 October 2016, without the enhanced system of audits required by recommendation 8.

    Note that this recommendation was made in the context of the introduction of a fully integrated electronic travel processing system, which has not yet occurred.

     6.

    No paper receipts be required in the acquittal process beyond the account statement of the Defence Travel Card used for the travel, except for expenditure on items other than meals and incidentals which individually cost $50 or more and for which a DTC was not used.

    Completed 14 February 2018.

    Implemented.

    Changes became effective 15 October 2016:

    ‘Receipts are not required for cash withdrawals using the Diners Card for meals and incidentals. However, where cash is withdrawn for other travel costs, receipts are required for GST redemption and verification.’

     7.

    The self-acquittal process include an explicit warning in the system that, in certifying and acquitting their travel, the travelling staff member or authorised person accepts personal responsibility and accountability for the travel undertaken and expenditure incurred.

    Completed 14 February 2018.

    Implemented.

    Warning message is included as part of the privacy statement that users must agree with when logging into the card management system.

     8.

    An enhanced system of random audits of travel be undertaken to ensure compliance and the integrity of the new system.

    Completed 14 February 2018.

    Not implemented.

    An enhanced system of random audits of travel has not been implemented.

     9.

    The new electronic travel processing system be reviewed after a period of 12 months operation with a view to assessing its effectiveness and whether any adjustments are required.

    The Concur Project is reporting monthly to the Enterprise Business Committee on progress and will continue to do so until the project is complete. Implementation of Concur is being undertaken in line with the recommendations in the Red Tape Review and the recommendations are referred to in regular Project Steering Committee meetings.

    Not implemented.

    Defence ‘paused’ the Travel and Expense Management project on 5 March 2019. Defence subsequently ‘ceased’ the project.

     10.

    Consolidate all travel processing in Defence under one work area to be known as Defence Travel and located in the card management area of the Chief Finance Officer Group, with Defence People Group continuing to be consulted on personnel policy aspects of travel. Integrated Travel Solutions to be moved from Estate and Infrastructure Group and merge with the DTC card management area of the Chief Finance Officer Group to form ‘Defence Travel ‘ from the time that the new automated system becomes operational (i.e. sometime after July 2017).

    Ongoing discussions continue between Chief Finance Officer, Deputy Secretary, Defence People and Deputy Secretary Estate and Infrastructure to determine optimal timing and transfer arrangements.

    Not implemented.

    Set 2: Recommendations for streamlining current travel processes pending rollout of the new automated travel processing system

     11.

    Replace the current Overseas Visit Authority form for international travel as soon as possible with a new streamlined electronic form.

    The new international travel processes and smart form, as agreed at the December 2017 Enterprise Business Committee meeting, will be implemented in early 2019 following the release of a new Accountable Authority Instruction for Defence Travel.

    Not implemented.

     12.

    Replace all existing multiple travel approval boxes on forms with one single sign-off box/button for the person approving travel (Section 23 Commitment Approver).

    The Concur Project is reporting monthly to the Enterprise Business Committee on progress and will continue to do so until the project is complete. Implementation of Concur is being undertaken in line with the recommendations in the Red Tape Review and the recommendations are referred to in regular Project Steering Committee meetings.

    Not implemented.

    Defence informed the ANAO that Estate and Infrastructure Group decided not to pursue this recommendation as it was due to be covered by the imminent release of Concur.

    Defence ‘paused’ the Travel and Expense Management project on 5 March 2019. Defence subsequently ‘ceased’ the project.

     13.

    Travel approvers (Section 23 Approvers) need not certify acquittals other than in exceptional circumstances (e.g. significant change of itinerary), although certification by the Card Management Supervisor may be required until the new electronic system becomes operational.

    The Concur Project is reporting monthly to the Enterprise Business Committee on progress and will continue to do so until the project is complete. Implementation of Concur is being undertaken in line with the recommendations in the Red Tape Review and the recommendations are referred to in regular Project Steering Committee meetings.

    Implemented.

    Linked to Recommendation No. 5. Effective 15 October 2016, Defence removed the requirement for travel approvers to certify acquittals, except ‘where there is a change to the approved travel plan that:

    a. increases the original budget, this requires additional financial delegate approval is required; or

    b. decreases the original budget and results in an amount needed to repaid’.

    At the same time, Defence also removed the requirement for CMS Supervisors to check and approve cardholder’s transactions on CMS.

     14.

    Accept henceforth the account statement of the Defence Travel Card as sufficient for acquittal and audit purposes and remove the need for paper receipts other than expenditure on items other than meals and incidentals which individually cost $50 or more and for which a DTC was not used.

    Completed 14 February 2018.

    Implemented.

    Related to Recommendation No. 6.

    Changes announced on 29 September 2016, effective 15 October 2016:

    ‘Receipts are not required for cash withdrawals using the Diners Card for meals and incidentals. However, where cash is withdrawn for other travel costs, receipts are required for GST redemption and verification.’

     15.

    Discontinue use of the iTravel online budget calculator tools while retaining the original Senior Leadership Group and non-Senior Leadership Group Travel Budget Calculator online tools.

    The Concur Project is reporting monthly to the Enterprise Business Committee on progress and will continue to do so until the project is complete. Implementation of Concur is being undertaken in line with the recommendations in the Red Tape Review and the recommendations are referred to in regular Project Steering Committee meetings.

    Not implemented.

    This recommendation was to be implemented prior to Concur.

    Defence informed the ANAO that the Estate and Infrastructure Group decided from a change management perspective not to pursue this recommendation, as all extant domestic and international Travel Budget Calculators, including iTravel would be replaced by the imminent release of Concur.

    Defence ‘paused’ the Travel and Expense Management project on 5 March 2019. Defence subsequently ‘ceased’ the project.

     16.

    Make the Defence Travel Card the sole vehicle to book and pay for all Official Travel, including airfares, taxis, accommodation, meals and incidentals, and that:

    • in the case of all Defence personnel, including military trainees over the age of 18, it be mandatory to have a DTC in order to undertake official travel
    • in the case of cadets and military trainees under the age of 18, the DTC of an authorised staff member of the administrative unit that oversees their pay and conditions, or another authorised Defence person, be used to pay for their travel
    • in the case of Defence dependants’ travel, the serving staff member’s DTC or the DTC of an authorised person within the serving member’s unit be used to pay for their travel
    • in the case of officially-funded travel of people not employees of Defence nor dependants of Defence staff, the DTC of an authorised staff member of the Defence Travel area or other relevant organisational unit be used to book and pay for the travel
    • all holders of a Defence Travel Card be offered simultaneously a Companion Mastercard, with Chief Finance Officer Group to explore possibilities for access to a Visa Defence Travel Card as a further alternative card for staff.

    Completed 14 February 2018.

    Not implemented.

     17.

    Abolish use of Cab Charges for all Defence personnel and require all taxi payments to be made on a Defence Travel Card, with the exception of cadets and military trainees under the age of 18 who may continue to use Cab Charges or claim reimbursement of taxi costs on presentation of a receipt.

    Completed 14 February 2018.

    Not assessed.

     18.

    Discontinue public classifications of Defence travel into ‘Business ‘, ‘Conditions of Service ‘ and other forms of travel and classify all travel funded from the Defence vote as ‘Official Travel ‘ while retaining the capacity to flag different types of travel for accounting or reporting purposes.

    Completed 14 February 2018.

    Not implemented.

    Noting that Defence People Group refers to ‘Duty travel’, Defence informed the ANAO that it will continue to classify travel as:

    • Business travel (APS and Australian Defence Force);
    • Conditions of Employment Travel (APS); and
    • Conditions of Service Travel (predominantly Australian Defence Force).

     19.

    Integrated Travel Solutions, in conjunction with CFOG and DPG, produce a single, brief policy guidance document in plain English on ‘Official Travel and the use of Defence Travel Cards ‘ for uploading onto the Defence Restricted Network and containing electronic links to more detailed policy manuals and documents as required.

    Completed 14 February 2018.

    Not implemented.

    Defence referred the ANAO to Defence Finance Instruction 2016-17/001 that relates to the use of Defence credit cards. It states that the DTC must only be used for travel related expenses.

    This does not meet the requirements of the recommendation.

     20.

    In the context of the next Defence Collective Agreement and Workplace Remuneration Arrangement negotiations, push for abolition of the current travelling allowance system in favour of a system of ‘actuals ‘, that is paying all actual ‘reasonable ‘ expenses incurred on the Defence Travel Card.

    Defence People Group has commenced work to change employment conditions for travel as part of broader travel reform. This will be phased in with the whole Senior Leadership Group coming under modernised provision in early 2019. Defence Finance Group is assisting to cost the changes and provide advice.

    Not implemented.

    Defence has directed the Senior Leadership Group as follows:

    ‘Where air travel is neither efficient nor available…consideration is to be given to using a Defence-owned vehicle or hire car before private vehicle usage is approved.’

    ‘Use Defence Travel Cards to directly purchase meals and incidentals wherever it is possible and practical to do so. Withdrawing cash should be by exception only.’

           

    Source: Defence, Review of Red Tape in Defence, 2015.
    Defence, EBC 2018/1755 — Alan Thomas Red Tape Review Closure, Attachments A and B.

    Footnotes

    1 For the purposes of this audit, Defence’s Australian Public Service employees comprise the Secretary of Defence, and Defence employees at the Senior Executive Service (SES) level, Executive Level (EL), and Australian Public Service (APS) employment categories. This audit did not include travel allowances paid to Australian Defence Force personnel.

    2 A credit card issued to individual employees to pay for Defence related travel expenses.

    3 Foreign Affairs, Defence and Trade References Committee, Department of the Senate, Department of Defence’s management of credit and other transaction cards, May 2017, available from https://www.aph.gov.au/Parliamentary_Business/Committees/Senate/Foreign_Affairs_Defence_and_Trade/Credittransactionscards [accessed 29 October 2018].

    4 For the purposes of this audit, Defence’s APS employees comprise the Secretary of Defence, Defence employees at the Senior Executive Service level, Executive Level and APS employment categories. This audit did not include travel allowances paid to Australian Defence Force personnel.

    5 This audit examined three types of travel allowance payments: meals and incidentals, motor vehicle and part day travel. The rates for each type of allowances are outlined in Appendix 2.

    6 A credit card issued to individual employees to pay for Defence related travel expenses.

    7 As at January 2019, 15,383 APS employees held a (Diners) DTC and 2,297 also held a (Mastercard) DTC.

    8 Department of Defence, Defence Annual Report 2017–18, p. 165.

    9 As at 30 June 2018, Defence employed 18,784 APS and 57,957 Australian Defence Force personnel.

    10 These figures exclude personnel related travel expenses such as training and travel for leave purposes.

    11 Incidentals are other minor expenses incidental to travel.

    12 Defence pays part day travel allowance to assist an employee with additional expenses they may incur when performing duty temporarily away from their place of work for at least 10 hours but not involving an overnight stay. Under Australian taxation legislation, part day travel allowance is considered assessable income and is paid through Defence’s payroll system.

    13 Additional areas of Defence are involved in the administration of travel for Australian Defence Force personnel. Australian Defence Force travel allowances are not included in the scope of this performance audit.

    14 Twenty of the 42 recommendations from the review related to Defence’s administration of travel. Defence’s progress with implementing these recommendations is discussed further in Chapter 3.

    15 Foreign Affairs, Defence and Trade References Committee, Department of the Senate, Department of Defence’s management of credit and other transaction cards, May 2017, available from https://www.aph.gov.au/Parliamentary_Business/Committees/Senate/Foreign_Affairs_Defence_and_Trade/Credittransactionscards [accessed 29 October 2018].

    16 Defence pays part day travel allowance to assist an employee with additional expenses they may incur when performing duty temporarily away from their place of work for at least 10 hours but not involving an overnight stay.

    17 Where performing duty temporarily away from their place of work that involves an overnight stay, and therefore no part day travel allowance is paid.

    18 Defence permits its staff to use a private vehicle to travel on official business where it can be demonstrated that there is a cost saving to Defence, or that other means of travel are impractical. In certain circumstances, motor vehicle allowances are taxable and/or reportable under Australian Taxation Office requirements. Therefore, motor vehicle allowances are accessed through Defence’s payroll system.

    19 Defence domestic travel allowance rates applicable during the period covered by this performance audit are listed in Appendix 2.

    20 Additional areas of Defence are also involved in the administration of travel for Australian Defence Force personnel.

    21 Defence People Group uses the term ‘duty travel’ when referring to official travel.

    22 See Department of Defence response to this audit (paragraph 19 and Appendix 1). The electronic travel management system is discussed further at paragraphs 3.33 to 3.39 of this audit report.

    23 iTravel is a web-based tool, available as an alternative to Defence’s travel budget calculators for approving travel and calculating allowances. The Review of Red Tape in Defence (2015) recommended that the use of iTravel be discontinued, pending the implementation of a fully automated travel management system. Defence informed the ANAO on 3 April 2019 that a decision was made not to pursue this recommendation as all travel budget calculators including iTravel would be replaced by the imminent release of the automated travel system, Concur, which was subsequently ‘ceased’ (discussed at paragraphs 3.33 to 3.39 of this report).

    24 Defence’s electronic travel planning tools (the travel budget calculators and iTravel) are pre-populated with the approved travel allowance rates and are used for documenting travel proposals and approvals for travel up to 21 days in duration. For travel longer than 21 days, Defence’s pay and administration centre calculates travel allowances following receipt of form AE325 – Reviewed rate of travel allowance. Defence updates these tools as required.

    25 Twenty of the 42 recommendations from the review related to Defence’s administration of travel. Defence’s progress with implementing these recommendations is discussed further in Chapter 3.

    26 The Enterprise Business Committee is a subordinate committee of the Defence Committee (the primary decision-making committee in Defence) and is responsible for ensuring the effective running of Defence. Its remit includes corporate planning, performance monitoring and reporting, enterprise risk management, information management and service delivery reform.

    27 During the course of this audit, Defence commenced a review of the travel guidance documentation. The volume of guidance documents has been rationalised but remains extensive.

    28 In April 2019, Defence implemented a new intranet site known as TravelConnect. The new intranet site is discussed further in paragraph 2.36.

    29 Defence advised the ANAO on 12 June 2019 that guidance regarding the use of other simplified local forms applies solely to travel by Australian Defence Force personnel. As of 14 June 2019, the department’s intranet page does not specify that the use of local forms applies solely to Australian Defence Force travel.

    30 Defence, Joint Directive by Chief of Defence Force and Secretary, Department of Defence Regarding Overseas Travel, August 2012.

    31 An after travel certification is a section of the travel approval form, which enables the traveller to record any changes to the approved travel plan. For example, if the employee returns earlier than planned, the approved travel allowance may be in excess of the correct amount and necessitate a repayment of money. Identification of such changes relies on the traveller notifying changes through the completion of the after travel certification section of the travel approval form.

    32 Defence advised the ANAO on 12 June 2019 that guidance regarding this form and travel diary applies solely to travel by Australian Defence Force personnel. As of 14 June 2019, the department’s intranet page does not specify that the form and travel diary applies solely to Australian Defence Force travel.

    33 The request was issued to Defence on 20 December 2018. Defence progressively provided records from 25 January to 5 June 2019.

    34 Defence’s Fraud Control Plan previously identified ‘risk of Defence personnel obtaining and or retaining allowances without entitlement’. On 23 January 2017, Defence revised the Plan to remove this risk on the basis that the risk rating had been reassessed as between medium and very low.

    35 The Enterprise Wide Defence Credit Card Fraud Risk Assessment is dated March 2018 and was endorsed by two senior officials in the Defence Finance Group. In June 2019, Defence informed the ANAO that the ‘endorsed formal risk assessment in effect currently is the one completed in March 2018’.

    36 See paragraph 3.3 and footnote 35.

    37 Defence requires the retention of a travel proposal document, signed and dated by an appropriate delegate, as shown in Figure 2.1.

    38 Defence informed the ANAO that 100 per cent of credit card transactions are considered in the credit card testing program. A selection of the transactions are sampled, based on a sampling methodology that includes risk weighting of transactions.

    39 The incident involved one cardholder incurring expenditure of some $86,000 from fraudulent transactions (including cash withdrawals, international travel and lifestyle expenses) on Defence credit cards over a period of almost 4 months.

    40 Auditor-General Report No.33 2015–16, Defence’s Management of Credit and other Transaction Cards, p. 18 and p. 23.

    41 Defence informed the ANAO that controls supporting this limit threshold are implemented by Diners Club.

    42 Cash withdrawal limits are applied by financial institutions and ATM networks. Defence informed the ANAO that it has set cash withdrawal limits at $1,000 per day; $3,000 per week; and $10,000 per month, but daily and weekly limits can be overridden in special circumstances.

    43 Defence informed the ANAO that 22 of these transactions were for cash withdrawals of less than $1000. However, with the addition of withdrawal fees and complexity of exchange rate fluctuations the total transaction value exceeded $1,000. The remaining 14 transactions were completed by individuals with a VIP status, allowing them to withdraw cash over the daily withdrawal limits. The VIP status was removed on 16 May 2019, in the course of this audit.

    44 That is, a travel proposal document, signed by an appropriate delegate of the Secretary prior to travel.

    45 Appendix 3 of this audit discusses the method used for selecting and testing the sample.

    46 Senate Foreign Affairs, Defence and Trade References Committee, Defence’s management of credit and other transaction cards, May 2017, available from https://www.aph.gov.au/Parliamentary_Business/Committees/ Senate/Foreign_Affairs_Defence_and_Trade/Credittransactionscards/Report [accessed 29 October 2018].

    47 Examples of transactions in breach of section 23 of the PGPA Act and Defence’s Travel and Purchasing Policy included transactions without an appropriate approval and acquittal. Some transactions had been misclassified within the expenses category. In each year reviewed, the total value of these transactions was less than $300 000. All expenses in 2016–17 were assessed as legitimate Defence expenses. In 2017–18 the majority of expenses were assessed as legitimate Defence expenses with $1,149 related to private expenses which is clearly trivial from a financial statement perspective.

    48 Five payments did not have valid approval and three exceeded credit card limits.

    49 Defence describes Concur as ‘a cloud-based system designed to improve travel and expense process automation, integration and analytics’.

    50 Defence informed the ANAO on 21 June 2019 that total expenditure associated with the Concur Project is $10.398 million.

    51 This included the removal of the requirement for credit card management system supervisors to approve Defence credit card transactions. This applies to all Defence credit cards (Defence Purchasing Card and Defence Travel Card).

    52 Defence, Compliance Review of Card Management System Controls, Final Report, September 2017.

    53 The acquittal function was not reinstated.

    54 The ANAO made a third recommendation in relation to Defence’s management of its fuel cards. Defence’s implementation of this recommendation was not considered as part of this performance audit.

    55 Defence advised the ANAO that it had reviewed its governance arrangements for credit cards during the course of the ANAO audit in response to emerging audit findings (see Appendix 3 of that audit report). The audit report noted that this work was underway at the conclusion of the audit and that it would require ongoing senior leadership attention to firmly establish it.

    56 For example, for the purposes of external scrutiny or on an ad-hoc basis to management. In June 2019, Defence advised the ANAO that:

    Defence provides quarterly reporting that provides a holistic view of travel expenditure consisting of information from the three separate systems. The report provides information in a way that is useful for decision making. It does not report travel allowances in isolation as they make up a small percentage of overall travel expense and Defence does not see a purpose for reporting travel allowance in isolation.

    57 These activities are summarised at Table 3.1 of this report.

    58 The Defence Audit and Risk Committee provides advice on governance issues within Defence to the Secretary and Chief of the Defence Force, and is accountable for oversight and reporting on the effectiveness of fraud and corruption control. The Secretary is the authority accountable for fraud control within Defence under the PGPA Act.

    59 The travel component of ‘Suppliers expenses Goods and Services’ was reported as $237 million in 2016–17 and $246 million in 2017–18. These amounts reflect expenditure by Australian Defence Force Personnel and APS employees for flights, accommodation, car hire, and the majority of travel allowances.

    60 The reported amounts were $43 million in 2016–17 and $48 million in 2017–18.

    61 Defence informed the ANAO that the duplication occurred only in the data extract generated for the purposes of this performance audit, and not in Defence systems.

    62 In this instance, material non-compliance refers to the level of non-compliance, the nature of the non-compliance and the discharge of accountability by Defence in its administration of travel entitlements.