Browse our range of reports and publications including performance and financial statement audit reports, assurance review reports, information reports and annual reports.
Public sector accountability – the ANAO’s role
The Auditor-General for Australia, Grant Hehir, delivered a keynote address to the Institute of Public Administration Australia (IPAA) on Tuesday 12 September 2023. The address was titled Public sector accountability – the ANAO’s role and it was delivered as part of IPAA's Secretary Series.
A recording of the event is now available courtesy of IPAA:
Good morning – thank you Rachel, and IPAA for inviting me to speak today.
I will talk this morning about accountability in the Australian public sector, the role that the ANAO plays and what messages can be drawn from our work.
Given that this will be an Auditor-General’s perspective on accountability, it may be best to start by quickly summarising what the Auditor-General and the ANAO are.
The Australian National Audit Office (ANAO) is a specialist public sector agency providing a full range of audit and assurance services to the Parliament. It works to support accountability and transparency in the Australian Government sector through independent reporting to the Parliament, and thereby contribute to improved public sector performance. The Auditor-General Act 1997 establishes the Auditor-General as an independent officer of the Parliament. The Auditor-General Act replaced the Audit Act, which was the fourth Act passed by the new Australian Parliament in 1901 and which created the office of Auditor-General.
The executive arm of government is accountable to the Parliament for its use and management of public resources and the administration of legislation passed by the Parliament. The Auditor-General provides independent assurance as to whether the executive is operating and accounting for its performance in accordance with the Parliament’s intent. The Auditor-General, supported by the ANAO, provides this assurance primarily through a program of financial statement audits, performance statement audits and performance audits.
The Governor-General, on the recommendation of the Parliament’s Joint Committee of Public Accounts and Audit (JCPAA) and the Prime Minister, appoints the Auditor-General for a term of 10 years. As an independent officer of the Parliament, the Auditor-General has complete discretion in performing or exercising the functions or powers under the Auditor-General Act. In particular, the Auditor-General is not subject to direction in relation to:
- whether a particular audit is to be conducted;
- the way a particular audit is to be conducted; or
- the priority given to any particular matter.
To assist in carrying out these functions, the Auditor-General and ANAO officials are supported by extensive information gathering and reporting powers, including coercive powers, set out in the Act.
The Australian public sector exists to support the three arms of government – parliament, the executive government and the judiciary – to carry out their respective functions for the benefit of the Australian people. It does this by providing advice and administering and delivering services to and for the community, in the context of accountability to the Parliament.
Accountability is often talked about but rarely defined in the public sector context. At its essence it involves:
- understanding what you are required to do and achieve;
- acknowledging responsibility for these requirements and being open and transparent about your performance against them; and
- accepting that you will be held responsible for your performance against the requirements, which will involve consequences, and being open to this in order to improve performance.
Almost everything done by the Australian public sector is established through legal frameworks. That is, expectations regarding the impact or outcomes that public sector activity should have has a legal basis. In some cases these expectations go beyond setting out the activities and outputs which should lead to the outcomes – they also go to the inputs and processes which will be used.
To ensure that these expectations are met, accountability frameworks have been established. These frameworks are required as entities and individuals will not necessarily maximise the achievement of community outcomes, unless: they clearly understand what is expected of them; and incentives are in place to maximise alignment between the interests of entities and individuals and those of the parliament and/or government. Where misalignment occurs, it is not necessarily the result of malice, but more likely because the actions of individuals will be influenced by their own experiences, biases, and perceptions of the value of what they do, along with what they perceive is in their best interest.
Accountability frameworks of some form apply to all entities and individuals in the public sector. They can apply broadly across the sector or may be focussed on a specific activity. They can be legislated or policy based, but they are all established to ensure the public sector meets expectations.
An interesting feature of the public sector accountability framework is that almost all the advice on its establishment and operation comes from those who are subject to it. This is also the case for the majority of the actions undertaken to ensure their implementation. That is, the public sector is very much self-regulated and this brings with it risks of bias which require mitigating controls, of which transparency is the most critical.
Probably the broadest accountability framework is established by the Public Governance, Performance and Accountability Act 2013, the PGPA Act. This act regulates the actions of the public sector with respect to the use and management of public resources. Amongst other things it establishes the following.
- Duties of officials, relating to: acting with care and diligence; acting honestly, in good faith and for a proper purpose; not misusing one’s position; the proper use of information; and disclosing interests.
- Duties of accountable authorities with respect to the proper use and management of public resources – which must be efficient, effective, economical and ethical.
- A framework for rules to be developed to control specific activities, such as procurement and grants administration.
- Requirements for planning and reporting on financial and non-financial performance, along with the auditing of that reporting, which are meant to provide the transparency on performance that is considered essential for effective accountability.
Other broad accountability frameworks include:
- the Archives Act, which establishes rules around the maintenance of records, which is critical for accountability, transparency and performance; and
- the FOI Act, which is designed to bolster transparency and accountability.
At a narrower level there is the Public Service Act 1999, which regulates that part of the public sector that is made up of agencies which employ APS staff. The Public Service Act establishes a framework for an apolitical public service that is efficient and effective in serving the Government, the Parliament and the Australian public. It also establishes a set of APS Values and an APS Code of Conduct to support this framework.
In addition to these and other broad frameworks, there is a multitude of frameworks which regulate public sector activities with respect to specific outcomes or activities that the parliament and/or executive government want to see achieved. These frameworks may have a legislative basis, and may address how a specific activity is to be carried out or services delivered. Many of these frameworks set out requirements intended to provide transparency over entity performance, in order to generate accountability.
Then, of course, there are the frameworks which entities themselves put in place to ensure that they maximise their potential to achieve their purposes and comply with the relevant frameworks. These include internal reporting against corporate and business plans, legislative compliance reporting, quality control systems and individual performance management systems.
It is important to have these frameworks and they place high expectations on the public sector. However, they are only of use – in the sense of incentivising people and entities to meet expectations regarding compliance, outcomes and impact – if they result in both people and entities believing they will be held to account and in actually holding them to account.
That is, for the frameworks to provide an incentive for individuals and entities to understand what is required and take responsibility in an open and transparent way for performance, there needs to be clear consequences for not doing so.
To be clear, by being held to account, I do not just mean being sacked. Being held to account begins with entities and their personnel recognising when improvement is necessary and implementing change. For example, agreeing to (or not agree to, but rarely noting) and implementing recommendations from parliamentary inquiries and audit reports.
How is the public sector held to account?
At the entity level, accountable authorities, APS agency heads, and statutory officers – depending on which part of the accountability framework you are referencing – are generally accountable directly to their ministers who are in turn accountable to parliament.
Accountability within an entity is supported by the strength of its governance frameworks. These set the expectation for performance in the entity, signalling what is more important and what is less important. It is a reasonable expectation that appropriate internal signals will be provided for matters that the parliament and executive government have indicated are important - with these matters of importance reflected in an entity’s strategic frameworks relating to planning, risk, internal control, individual performance, compliance, etc.
The best known manifestation of accountability to the Parliament is the Senate estimates process. However, you can see accountability in operation through other committee processes and in the parliamentary chambers.
In addition to accountability through its parliamentary representatives, accountability to the Australian people is facilitated by the broader discussion and debate on public sector activity occurring in the community.
Through these well-established frameworks, you would expect to see accountability having an impact. For example:
- successful programs continuing and expanding, while unsuccessful ones are reduced or terminated; or
- good governance practices are shared and more broadly adopted, while poor governance is identified and rectified; or
- poor compliance is identified and rectified, while good compliance is rewarded.
Parliamentary and public accountability critically depends on transparency.
The role of the ANAO in the accountability framework
The ANAO is in the assurance and transparency business. Largely what we do is provide assurance to Parliament to assist it carry out its role in holding the executive government to account. We do this through our three core products, financial statement audit, performance statement audit and performance audit.
Financial statements are the key way entities, through their ministers, report to parliament on their financial performance. Financial statement audits provide assurance on the financial statements of the Australian government and its controlled entities by providing independent audit opinions. The ANAO has been undertaking financial statement audits for about 120 years, and in some respects it is our core function. The audits provide assurance that the entity’s financial statement is fairly presented, that is has no material errors, and that decision makers can rely on it.
In addition to providing assurance, the ANAO uses its financial statement audit processes to review compliance with other requirements which – while not always material to the fair presentation of the individual statement – are considered by the ANAO important for the sector. Requirements of this sort include cyber security, executive remuneration, gifts and benefits, the establishment and operation of audit committees, HR controls and, this year, the use of AI type tools.
We also attempt to provide some commentary on the financial sustainability of entities. However, in the absence of any accepted indicators of financial sustainability for most public sector entities, this is challenging.
In general, we find that financial reporting is of high quality in the public sector. Entity financial statement audit reports are rarely qualified. Our findings tend to relate to cyber security, particularly user access controls. We have also identified issues related to executive remuneration, legislative compliance and the use of appropriations.
At the ANAO we see these relatively strong results as flowing from a mature and transparent system, which is itself the product of a long history of audit activity. Certainly, that is my view, informed by a career largely spent as both a preparer and auditor of financial statements.
I believe that one recent example, relating to appropriations, highlights the importance of financial statement auditing.
The appropriation framework is a fundamental part of our democratic process. It is the way in which the parliament gives the executive government access to taxpayers’ money to deliver services. In our Westminister based system the assertion of parliamentary control over public finances was central to the transfer of power from the monarch to the Parliament, and the emergence of responsible government. Appropriations are the key financial control of the Parliament over the executive.
During 2022–23, the ANAO’s financial statements audit work identified that the Department of Defence used non-operating appropriation funding, available from Appropriation Act No. 2, for an operating expense. Specifically, the termination payment for the cancelled Attack Class submarine project. Subsequent AGS legal advice and Department of Finance advice did not consider this to be inconsistent with the Appropriation Acts.
In raising the issue, the ANAO identified potential risks to the controls put in place by Parliament, given the potential precedent established in this case. In its report No. 497, Inquiry into Commonwealth Financial Statements 2021-22, the Parliament’s Joint Committee of Public Accounts and Audit stated that these funds should not have been used for an operating expense without the Parliament’s permission. The JCPAA made the following observations.
- First, that: ‘The Committee concurs with the concerns of the ANAO in this respect and is of the view that the intent of the Parliament should not have been subverted in the name of administrative expediency on the part of the executive branch.’
- Second, that: ‘The Committee would have been assisted in considering this matter if Defence and Finance had simply [acknowledged] that the incident was not appropriate, but this acknowledgement was not forthcoming. Instead agencies sought to argue that what had transpired was appropriate, while simultaneously advising that it should not happen again.’
While some may argue that the appropriation framework is not flexible enough for the current world, I think the key point is that if entities or individuals think that it is acceptable to bend or break the rules for expedience, where could that lead with regard to respect for the fundamental pillars of our democratic processes? What does it mean for the accountability of the sector?
Audit exists to identify these issues and make them transparent.
Performance statements are the primary way in which entities report to parliament on their non-financial performance. ANAO audits provide assurance on the performance statements of Australian government entities by providing independent audit opinions on whether the Parliament can rely on them.
This is the newest of our audit products. Following a two-year pilot focused on three entities, we are currently in the second year of rolling out an audit program to major entities.
Audits of performance statements focus on ensuring that their preparation meets the requirements of the PGPA Act and PGPA Rule. We provide assurance to the Parliament on whether the statements provide it with a clear link with what was originally planned, as set out in the entity portfolio budget statements and corporate plan. We also provide assurance on whether performance measures:
- are relevant and have a clear link to the entity’s purposes;
- are reliable and verifiable, supported by accurate data and specific methodologies;
- are complete and balanced, reflecting all aspects of, and fairly represent, the entity’s purposes or key activities and provide an unbiased basis for measurement and assessment; and
- are easy to understand.
It is often argued that for the public sector, non-financial information is more important than financial information. Therefore it may be reasonable to expect that the quality of non-financial performance information would be of at least the same quality as financial information, particularly against a rule that has been in place – in this iteration – for a decade. Weaknesses in the quality of performance reporting affect the Parliament’s ability to readily assess entity performance for policy outcomes and service delivery and therefore hold executive government to account.
The ANAO has made findings on performance reporting practices in both its performance statement audits and in performance audits. Performance audits have commented, for many years, on the poor quality of performance information at the program management level as well as in external reporting. Performance audits have also commented on the impact this has had on entities’ ability to effectively evaluate the effectiveness of programs. If you do not identify the measures of success early and begin collecting the relevant performance information, it is often difficult to subsequently evaluate success.
Recognition of the poor quality of performance information was a driver for changing accountability arrangements in the sector through the PGPA Act, by introducing requirements for performance statements and making provision for auditing them. The mandatory auditing of performance statements has subsequently been the subject of recommendations from both the JCPAA and the independent review into the operation of the PGPA Act and Rule.
Audit work in this area is resulting in additional focus by entities. We have observed improvements in the consideration of performance measures, the evidence to support results, and the quality of performance material presented. Our experience is that entities, when presented with evidence of weakness in their non-financial performance information frameworks, are accepting of the need for improvement and undertake the actions needed.
However, a question remains as to why, if non-financial performance information is critical to the accountability of individuals and entities, it has had such a poor focus. Why is it, when performance information is put under audit scrutiny, that we often find a lack of quality control, bias in measure selection and selective reporting?
There is a significant opportunity for auditing of entity performance statements to help drive stronger accountability in our sector. Not only through the provision of more meaningful performance reporting to parliament, but through the flow-on effect of better internal reporting for improved program design, management and evaluation.
One risk that the ANAO is well aware of, is that performance statement auditing may lead to a narrow, compliance-based and minimalist approach to reporting, both to avoid adverse audit findings and transparency and accountability.
The final product I would like to talk about, and probably our most well known, is performance audit. The ANAO has been undertaking performance audits for about 40 years. They are a review or examination of any aspect of the operations of a person or body subject to the Auditor-General’s mandate.
The ANAO undertakes over 40 performance audits every year. They are selected on a risk basis designed to give broad coverage across portfolios, activities, stages of delivery, and the four E’s of proper use – efficient, effective, economical and ethical. The audit selection process is set out in our annual audit work program published on our website. The program is developed having regard to the audit priorities of the parliament – as determined by the JCPAA – and in consultation with the sector.
Our performance audit program is largely designed to give the Parliament assurance of the sector’s performance against the requirements set out in the accountability frameworks I mentioned earlier. As an assurance activity, performance audit is not designed for merits review or to investigate identified poor performance. It is risk based, but we are not ambulance chasers. We rarely commence an audit where poor performance has previously been identified. The ANAO approaches all audits without a view as to what we are likely to find, or a thesis to be tested. What we do bring is a studied neutrality, independence of mind and audit scepticism. Our performance audits use evidence to present the facts, make findings, draw conclusions and make recommendations. Our audit reports also transparently present any alternative view of the auditee, so that the user of the report can draw their own conclusions.
When you step back and look at our performance audits over the past five years, you see that 55 per cent have found that the audited entity’s performance is either ‘fully’ effective (9 per cent) or ‘largely’ effective (46 per cent). In other words, 55 per cent of audits indicate that the audited entity was performing relatively well against the audit criteria. To put this in perspective, a fully effective audit conclusion means that there were no material deficiencies at all in the audited operations, which is a very high bar. However, that leaves the remaining 45 per cent of audits, which concluded that the audited entity performed poorly against the audit criteria. An audit conclusion of ‘partly’ effective was reported in 35 per cent of audits, and an audit conclusion of ‘ineffective’ was reported in 10 per cent.
This pattern of audit findings has been pretty consistent through time and it may reflect more on the risk-based audit selection process than provide a picture of overall performance in the sector. It is therefore useful to unpack these results.
Looking at audits according to the activity audited indicates some very large variation. For example, over 20 per cent of audits relating to grants administration and procurement in the last five years have concluded that the audited entities’ performance has been ‘ineffective’, with over 60 per cent of grants audit conclusions being either ‘ineffective’ or ‘partly’ effective. None were ‘fully’ effective. With respect to procurement, around 55 per cent of conclusions were either ‘ineffective’ or ‘partly’ effective, and less than 5 per cent were ‘fully’ effective.
This compares to audits of service delivery and governance, where ‘ineffective’ conclusions are 5 per cent or less, and the combination of ‘ineffective’ and ‘partly’ effective conclusions are less than 50 per cent for service delivery, and less than 40 per cent for governance.
It is also worth noting that in the last five years, the ANAO has made negative comments on record-keeping in over 90 per cent of performance audit reports presented to the Parliament. Good record keeping is fundamental to effective stewardship of the sector, it facilitates performance improvement, transparency and accountability.
This data supports a view that the culture of the public sector is more strongly focussed on meeting, or being seen to meet, the expectations of the impact or outcomes that public sector activity should have, than on the way that impact should be achieved. In other words, getting it done, not necessarily getting it done the right way.
In respect to achieving results, our audits indicate that there are many areas of public sector effectiveness. Audits of large mainstream service delivery activities, particularly in business-as-usual mode, mostly have positive, or largely positive, audit conclusions. Audits of the ATO would be an example of this. Audits of the public sector’s response to COVID-19 were also largely positive, with 80 per cent being ‘fully’ or ‘largely’ effective, particularly where existing processes and systems were used to deliver services, although we probably dropped the bar a little bit given the crisis nature of the implementation. That said, weaknesses in mainstream service delivery activities tend to occur when entities are asked to do something new and quickly.
Our audits indicate that service delivery through regulation can be weaker than direct service delivery, particularly where a risk based approach is taken without sufficient alignment between the risk tolerance/appetite and the compliance program implemented.
However, the most common area of poor performance identified in our audits is where there is a tension between delivering what government or senior management want and complying with the legal requirements around how it should be undertaken.
Key issues for the accountability framework arising from audit reports
This discussion of conclusions from ANAO audits raises issues relating to the effectiveness of the accountability framework.
Firstly, for the accountability framework to operate effectively, the public sector needs to clearly understand the roles and responsibilities of the players in the framework. This is particularly so when considering the relationship between the sector and the Parliament. In a system of responsible government such as ours, where the entirety of the executive is accountable to the Parliament, the public sector cannot treat the controls that Parliament has put in place as something to comply with as long as they are not inconvenient. This goes beyond the rule of law and issues like complying with controls such as the appropriations framework. It extends to how the public sector interacts with Parliament as it carries out its accountability functions, including the sector’s openness and transparency in giving evidence to parliamentary committees.
Secondly, the quality of performance information needs to improve. The accountability framework cannot operate effectively if those holding entities or individuals to account cannot rely on the transparency provided by the information made available. Auditing of performance statements will help, with improvements to external reporting hopefully also driving improvements internally. However, the position taken by system leaders, particularly in setting high expectations for performance reporting, is critical.
This starts with an expectation regarding the development of success measures when policy is being designed, and continues through to a strong evaluation framework.
Thirdly, the public sector requires an improved approach to accountability for compliance in areas such as resource use and management, procurement, grants administration, cyber security, record-keeping, freedom of information, and ethical conduct. We have made audit findings that entities do not consistently meet these requirements, which generally have a legal basis. This raises questions of whether compliance with requirements, and their intent, is embedded as part of public sector culture. This presents challenges for leaders, to ensure that they set a tone which promotes compliance with both the letter and intent of the law, along with an expectation that results are achieved. At present there appears to be a relatively high risk-tolerance for non-compliance, so long as results are achieved, rather than seeing compliance as a hallmark of integrity and essential to the craft of public administration.
Fully effective implementation of the accountability framework in the public sector remains a challenge. To achieve full implementation, the sector needs a stronger commitment to accountability and transparency than currently exists. Some indicators of a lack of focus on accountability and transparency include the following.
- The unwillingness of those responsible for the development and implementation of accountability policies to take responsibility for their effective implementation through a risk-based approach to regulation.
- The relatively low priority given to the quality of non-financial performance information and external reporting.
- Regular commentary from senior leaders suggesting that FOI (a key part of the transparency framework) impacts negatively on their willingness to provide robust advice.
- The regularity with which entities seek legal advice on the ANAO’s information access powers.
- The number of questions taken on notice by officials at hearings of parliamentary committees, often in a way which seems tactical.
- The lack of responsiveness to parliamentary committee reports and recommendations, and delays in responding to questions taken on notice.
Australia is fortunate to be served by a largely effective public sector, supported by a mature set of institutions and frameworks. That said, there is always room for improvement and a need to be vigilant to risks which may undermine its integrity. Transparency and accountability are fundamental to both. By providing independent assurance to the Parliament the ANAO plays an important role in identifying risks and areas for improvement and supporting accountability and transparency in the public sector.