Complaints handling and Ombudsman's findings
This chapter examines the ongoing management of complaints by the Australian
Federal Police (AFP), as well as an overview of the findings of the
Commonwealth Ombudsman (the Ombudsman), which has a statutory oversight role of
Examination of the Ombudsman's findings with respect to the AFP is
limited to oversight of complaints management and controlled operations,
including the use of surveillance devices.
During 2016–17, the AFP received 421 complaints, a 15 per cent
decrease on the previous reporting period (494 complaints).
Figure 1 illustrates the trend in the overall number of complaints and alleged
breaches from 2010–11 to 2016–17.
Figure 1: Number of complaints and
alleged breaches, 2010–11 to 2016–17
This figure classifies complaints according to the four categories of
conduct for AFP appointees under Part V of the Australian Federal
Police Act 1979 (AFP Act), defined as follows:
issues falling within Category 1 are the least serious and relate
principally to customer service. Category 2 complaints relate to minor
misconduct and inappropriate or unsatisfactory behaviour. Category 3 complaints
relate to serious misconduct that does not give rise to a corruption issue.
Category 4 complaints relate to corruption, and these are referred to ACLEI.
The AFP's 2016–17 annual report identifies that while the number of
overall complaints decreased, the number of serious complaints increased. Category
3 complaints increased by 45 per cent, while Category 4 complaints rose by 32
In its report, the AFP attributes the increase in the number of
corruption complaints to a 2013 realignment of the definition of corruption to
sit under the Law Enforcement Integrity Act 2006. The AFP also attributes the
increase in serious misconduct complaints to a total of 54 complaints relating
to credit card misuse.
The AFP informed the committee that a number of steps have been taken to
educate its employees about the new definition of corruption, including the
publication of the AFP Fraud Control and Anti-Corruption Plan in 2016.
This plan outlines a number of processes and procedures aimed at ensuring staff
are able to recognise fraud and take appropriate action when required,
including (but not limited to):
recruitment and induction training of all new appointees;
mandatory online Fraud and Anti-Corruption Control training to be
undertaken by all appointees;
raising managerial awareness of fraud risk at functional and
operational levels; and
reinforcement and behavioural modelling from senior management
and executive levels.
These processes are complimented by ongoing communication of integrity
issues through email and postings on the AFP intranet, as well as through early
intervention strategies when a complaint arises.
On notice, the AFP advised the committee that it has since utilised the
publication Our Culture, Our Newsletter, which is produced by the
Workplace Development and Culture Portfolio, to remind AFP staff of their
obligations relating to the use and acquittal of corporate credit cards.
The AFP stated that Category 3 or Category 4 issues are referred to the
Professional Standards Panel which comprises senior executive level staff.
This panel can determine a sanction which is commensurate with the established
behaviour and any relevant mitigating and aggravating factors.
Since June 2018, the de-identified outcomes from such investigations have been
The committee welcomes the downward trend in the number of complaints
and alleged breaches of conduct for AFP appointees. The committee is concerned
at the sharp increase in the number of serious misconduct and corruption
The committee does, however, recognise that the AFP has taken steps in
order to reduce the number of Category 3 and Category 4 complaints, and is
reassured by updated statistics provided by the AFP on notice which reflect a
decrease in both categories.
The committee will continue to monitor the number of complaints concerning all
four categories of alleged breaches of conduct, but particular attention will
be paid to Category 3 and Category 4 complaints.
Ombudsman's report—controlled operations
Section 15HS(1) of the Crimes Act 1914 (Crimes Act) provides that:
The Ombudsman must, from time to time and at least once every
12 months, inspect the records of each authorising agency to determine the
extent of compliance with this Part [Part IAB—Controlled operations] by the
agency and by law enforcement officers.
The AFP is one such authorising agency.
Section 10 of the Parliamentary Joint Committee on Law Enforcement
Act 2010 requires the Ombudsman, at least once per calendar year, to brief
the committee about the involvement of the AFP and the Australian Crime
Commission (ACC) in controlled operations under Part 1AB of the Crimes Act during
the preceding 12 months.
On 3 December 2018, the committee met with representatives from the
Ombudsman who briefed the committee in private about controlled operations,
including in respect of the Ombudsman's public report on the controlled
operations activities of ACLEI, the AFP and the ACC for the period 1 July 2016
to 30 June 2017.
A Report on the Commonwealth Ombudsman's activities in monitoring controlled
operations for the period 1 July 2016 to 30 June 2017 was published in
The report covers the Ombudsman's inspections of the AFP and other law
enforcement agencies' records over the period 1 July 2016 to 30 June 2017. Two
inspections were conducted at the AFP. These inspections examined controlled
operations authorities that expired or were cancelled during the period 1
January 2016 to 30 December 2016.
The Ombudsman found two significant non-compliance issues that had also
been raised in the previous reporting period (2015–16).
Authorities granted by the AFP that
prescribed activities that could have been authorised under other legislation
There were two controlled operations which the Ombudsman initially
considered could have required authorisation under the Telecommunications
(Interception and Access) Act 1979 (TIA Act). In the 2015–16 reporting
period, the AFP advised that they would obtain internal advice prior to
authorising controlled operations to prevent a recurrence. During the 2016–17
period, however, the AFP and Attorney-General's Department advised that the
activities could not have been authorised under the TIA Act. The Ombudsman has
now raised a policy question for the Department of Home Affairs (which now
administers Part IAB) as to whether the activities in question should be
covered by a warrant regime.
Participants and/or activities of
controlled operations that were not authorised
Six instances where participants, including civilians, and/or activities
of a controlled operation were not authorised were identified in 2016–17. This
was a reduction from the previous reporting period. The Ombudsman acknowledged
the decrease in the number of instances, and the AFP's implementation of
recommended training to address the issue.
report also made a number of other findings of note.
Standard authority granted for
operation meeting the threshold of a major controlled operation
The Ombudsman identified one instance of this, which was acknowledged as
an issue by the AFP. The AFP stated it would update its policy guidance to
prevent further instances.
Urgent authority granted for
controlled operation previously subject to formal authority
There was one instance where the AFP wrongly granted an oral authority
for an operation already granted formally. The AFP is reported to have taken
remedial action to prevent a recurrence.
Authorities not varied in
accordance with Part IAB
There were a number of instances where new authorisations were granted
rather than variations to existing authorisations. There was one instance where
the AFP varied to include conduct that targeted a different criminal offence
than what was stated on the original authority; this is not permitted under
s15GO of the Crimes Act. The effect of these non-compliant variations is that
they escape scrutiny by the Administrative Appeals Tribunal (AAT). The
Ombudsman advised the AFP not to seek new authorities where existing ones could
be varied. The AFP acknowledged the issue and amended its guidance material,
including information in relation to the AAT oversight role.
The committee thanks the Ombudsman for the private briefing it received about
the AFP's exercise of its controlled operations powers during the reporting
The committee supports the Ombudsman's findings and acknowledges that
the AFP has implemented responses in relation to the Ombudsman's earlier
recommendations in relation to controlled operations. It is of particular note
that the AFP has implemented training and professional development to ensure
greater compliance with controlled operations regulations. However, noting that
there are some ongoing issues in relation to controlled operations, the
committee will continue to pay particular attention to the AFP's performance in
Ombudsman's report—surveillance devices
Pursuant to section 55 of the Surveillance Devices Act 2004 (SD
The Ombudsman must inspect the records of a law enforcement
agency to determine the extent of compliance with this Act by the agency and
law enforcement officers of the agency.
The AFP is one such law enforcement agency.
The Report to the Attorney-General on agencies’ compliance with the
Surveillance Devices Act 2004 for the period 1 July to 31 December 2017
was published in March 2018; for the period 1 January to 30 June 2018 the
report was published in September 2018.
The most recent report was the first to be presented to the Minister for Home
Affairs, as amendments were made to the Administrative Arrangements Order in
May 2018 transferring responsibility for the administration of the SD Act from
the Attorney General to the Minister for Home Affairs.
The March 2018 report states that an inspection of the AFP's
surveillance device (SD) records was made in March 2017 for the inspection
period 1 July to 31 December 2016. The inspection covered 65 of the
496 SD warrants issued to the AFP, as well as 10 of the 21 tracking device
authorisations that had expired or been revoked during the period 1 July to 31
The Ombudsman did not make any recommendations based on its inspection
of the AFP's records. The Ombudsman did, however, identify some issues for
consideration by the AFP:
use and retrieval of SDs without proper authority; and
non-compliance with destruction and retention provisions of the
These errors were identified as being administrative in nature, and the
AFP advised that guidance material had been amended and issued.
The committee is satisfied by the Ombudsman's conclusion that the AFP
has taken appropriate remedial action to address the administrative issues
identified as a result of the inspections.
Ombudsman's report—stored communications and telecommunications data
Pursuant to s 186B of the Telecommunications (Interception and
Access) Act 1979 (TIA Act), the Ombudsman is empowered to conduct inspections
of specified law enforcement agencies that can access an individual's stored
communications and/or telecommunications data when investigating certain
The AFP is one such agency.
The Ombudsman conducted 37 inspections of agencies' access to
telecommunications during 2016-17, including the AFP. As a result of these
inspections, the Ombudsman concluded that the agencies were generally
exercising their power to access telecommunications data appropriately.
There were, however, a number of key issues identified in the course of the
3.36 One issue concerned the requirements under s 180H of the TIA Act with
respect to Journalist Information Warrants. This was the subject of the
Ombudsman's routine inspection of the AFP and a further inspection on 5 May
2017. The findings of both inspections are discussed in paragraphs 3.36 to 3.42
The Ombudsman became aware, by way of disclosure from the AFP, of
authorisations to disclose telecommunications data made by an officer within
ACT Policing who did not have the authority to do so under s 5AB(IA) of the TIA
Act. This affected 116 authorisations. The AFP attributed these errors to
administrative oversight. The Ombudsman suggested that the telecommunications
data obtained under these authorisations be quarantined, which was accepted by
the AFP but not acted on at the time. The data was subsequently further used
and communicated, but was partially quarantined in February 2018 following an
inquiry by the Ombudsman. The Ombudsman was satisfied with the prompt remedial
action which was taken following the identification of this breach, but will
continue to monitor this issue closely with the AFP.
The committee supports the Ombudsman's findings and is satisfied that
the AFP has taken appropriate remedial action to address the administrative
issues identified during the inspections and subsequently with respect to the
quarantine of information.
Ombudsman's report—Access to journalist's telecommunications data without a
Journalist Information Warrant
3.39 On 26 April 2017, the AFP advised the Ombudsman's office of a breach of
the TIA Act. The breach occurred when AFP officers accessed metadata
pertaining to a journalist without obtaining a Journalist Information Warrant
as required under
s 180H of the TIA Act.
The Ombudsman conducted an inspection on 5 May 2017. The findings that
arose out of that inspection were the subject of a report dated October 2017.
The AFP found that there were four relevant authorisations in question, one of
which was a clear breach, while the status of the remaining three alleged breaches
The Ombudsman identified four main contributing factors which led to the
at the time of the breach, there
was insufficient awareness surrounding Journalist Information Warrant
requirements within PRS
within PRS, a number of officers
did not appear to fully appreciate their responsibilities when exercising
the AFP relied heavily on manual
checks and corporate knowledge as it did not have in place strong system
controls for preventing applications that did not meet relevant thresholds from
although guidance documents were
updated prior to the commencement of the Journalist Information Warrant
provisions, they were not effective as a control to prevent this breach.
While the Ombudsman acknowledged that the AFP had 'responded
appropriately' to the breach,
it made one key recommendation:
[t]hat the Australian Federal Police immediately review its
approach to metadata awareness raising and training to ensure that all staff
involved in exercising metadata powers have a thorough understanding of the
legislative framework and their responsibilities under Chapter 4 of the Telecommunications
(Interception and Access) Act 1979.
In response, the AFP advised the Ombudsman that it was finalising a
training package that all AFP authorised officers would need to undertake as a
prerequisite to maintaining their authorised officer status each year.
The Ombudsman also made a number of suggestions in respect of
strengthening existing controls. The AFP advised that some of these had been
implemented and would turn its attention to implementing the remaining
3.45 The Ombudsman stated that it would continue to monitor the AFP's
compliance with the TIA Act and its progress on previous inspection findings
through its routine annual inspections.
The committee supports the Ombudsman's findings and recommendation. It
acknowledges that the AFP has undertaken steps to remedy the breach and to
increase its officers' awareness of the requirements of s 180H of the TIA Act
to prevent a reoccurrence. The committee is eager to hear the outcome of the
Ombudsman's ongoing monitoring of the AFP's compliance with the TIA Act, and
its implementation of the findings of the Ombudsman's report.
Mr Craig Kelly MP
Navigation: Previous Page | Contents | Next Page