Introduction
3.1
This chapter examines the issues that were raised during the Committee’s consideration of the ANAO’s audits of the Consolidated Financial Statements (Financial Statements) and the financial performance audits of Commonwealth entities. It then details the Committee’s comments, and provides its recommendations.
3.2
For the purposes of this chapter, Auditor-General’s Report No. 25 (2020-21) Audits of the Financial Statements of Australian Government Entities for the Period Ended 30 June 2020 will be referred to as the CFS, and Auditor-General’s Report No. 40 (2020-21) Interim Report on Key Financial Controls of Major Entities will be referred to as the Interim Report.
Financial Performance and Sustainability
3.3
One of the ANAO’s major focuses in conducting its analysis of the Financial Statements is the financial performance and sustainability of the Australian Government, both as a whole and of individual entities controlled by the government.
3.4
The CFS consequently reports on the financial performance of the Australian Government overall, and the financial performance of entities. This includes an examination of the sustainability of entities, including detailing sources of income and risks to financial performance.
Overall financial performance
3.5
In its overall assessment of the Australian Government’s financial performance, the ANAO stated that the Australian Government’s net operating balance was a deficit of $99.7 billion. The operating result was found to be a deficit of $133.9 billion. The comprehensive result (inclusive of changes to net worth) was a decrease of $135.6 billion.
3.6
The deficit reported in the net operating balance was rationalised by the ANAO to be a result of: a decrease in revenue of 1.5 per cent; a 15 per cent increase in operating expenses; and increased subsidy expenses and benefits increase of 27.1 per cent as a result of government responses to the
COVID-19 pandemic. The pandemic was also stated to have caused a fall in revenue due to lower taxation revenue as a result of economic activities.
Financial performance and sustainability of entities
3.7
The ANAO reported that the majority of entities were able to demonstrate that ‘key elements of internal control were operating effectively to provide reasonable assurance that the entities were able to prepare financial statements that were free from material misstatement’.
3.8
As outlined in Chapter 2, two entities were found to have significant findings identified which ‘reduced the level of confidence that could be placed on key elements of internal control and that financial statements can be prepared free from material misstatement’.
3.9
The CFS stated that forty-two per cent of not-for-profit entities and
sixty-three per cent of for-profit or quasi-commercial entities reported large average surpluses. The entities that reported large average surpluses were impacted by events in the past year which affected their balance sheets, including: the receipt of goods and donations (for cultural institutions), equity investments, additional funding, and machinery-of-government changes.
3.10
Entities recording a large average deficit were reported to consist of
twenty-seven per cent of not-for-profit entities and twenty-nine per cent of for-profit or quasi-commercial entities. The reasons for these results were varied, including: large projects in the build phase which were managed by entities, increased impairment expenses for property and equipment, and accounting treatment of concessional loans. The CFS reported that some entities recorded large average deficits due to entity-specific events during the past year, including: increases in employee benefits expenses, contractor expenditure, implementation of new accounting policies, and depreciation costs.
3.11
The CFS provided detail in relation to the impact of the COVID-19 pandemic on the financial sustainability of Commonwealth entities, reporting that eight entities were significantly affected and required additional funding in relation to the corporate restructuring of operations. Many of the entities affected were in industries such as tourism which were vulnerable to instability caused by the pandemic, including entities in the Indigenous tourism sector. The ANAO stated that the additional funding was considered to be a response to unusual circumstances and did not consider that there would be long-term problems for the affected entities, but would continue to monitor entities’ performance.
3.12
The ANAO examined the financial performance of all entities, and provided analysis in the CFS based on whether entities can manage their underlying financial positions and the extent to which they may be able to sustain their activities over time. The ANAO primarily examines entities’ liquidity and gearing in order to determine their financial position.
3.13
In the 2019-20 CFS, fifty-three per cent of entities were determined by the ANAO to be in a ‘strong’ position, forty-two per cent of entities were stated to be ‘less strong’, and five per cent of entities were found to be ‘weak’. The ‘strong’ and ‘less strong’ categories demonstrated significant changes from the previous reporting periods, where seventy per cent of entities in 2018-19 were considered ‘strong’ and twenty-five per cent of entities were considered ‘less strong’. The ANAO explained that this was due to the implementation of the revised leasing standard, AASB 16 Leases, which impacted the liquidity ratios of entities.
Financial performance ratios and benchmarks
3.14
The ANAO assesses financial performance and sustainability by examining the entity’s ability to manage its resources and its capacity to address current and future spending obligations. By examining entities’ operations, the ANAO can identify ‘an indication of financial management issues or can point to an increased risk that entities may require additional government funding’.
3.15
The CFS stated that, while the Department of Finance (Finance) has ratios available on its website to apply to data, these ratios are not explained in terms of indicating strong or weak performance. Accordingly, the ANAO has developed parameters in line with Finance’s ratios in order to interpret entity performance. The ANAO assesses the financial performance of entities in two ways:
By operating results of entities, consisting of the categories: large deficits, small deficits or surpluses, and large surpluses; and
By balance sheet analysis, which consists of the categories of strong, less strong and weak.
3.16
The ANAO explained that the ‘strong’ and ‘less strong’ categories are similar, but that the latter represents where an entity may not meet a calculation criteria or where there is a risk of a weaker balance sheet. The ANAO stated, however, that its main focus in assessing financial performance was on entities in the ‘weak’ category.
3.17
The Auditor-General further suggested that it should be Finance’s responsibility to explain whether the reported results are explainable or if problems exist where entities are not operating within usual parameters.
Follow-up of previous recommendation
3.18
In its examination of the 2016-17 Financial Statements, the Committee supported the ANAO’s recommendation that the Australian Government develop publicly reported performance targets or benchmarks in relation to financial sustainability. This was prompted by the ANAO’s observation during that inquiry that there were many benefits in the Government ‘developing publicly reported performance to enable entities to assess their own financial sustainability against agreed parameters over time and against like entities’.
3.19
In the 2016-17 report, the Committee recommended that Finance work with the ANAO in developing:
appropriate and robust performance targets or benchmarks, which can be publicly reported, to enable Commonwealth entities assess their own financial sustainability against agreed parameters over time and against like entities.
3.20
The 2019-20 CFS reported that Finance had since created an online portal for information contained in Commonwealth entities’ annual reports, transparency.gov.au. The portal enables the annual reports of entities to be uploaded collectively, and be searched against those of other entities. The website was designed to enable users to ‘compare and contract financial results and mandatory annual reporting requirements across all entities’.
3.21
Finance explained that, as a part of the creation of the portal, financial ratios ‘were established and there is an ability for users of that website to easily generate a small number of financial ratios to give some key information’. Ratios included in the database comprised of: Total Liabilities to Total Assets ratio, Financial Assets to Total Liabilities ratio, Current Ratio and Capital Turnover Ratio. Entities have been required to publish annual reports to the portal since the 2018-19 reporting cycle.
3.22
Finance advised the Committee that this website addressed the Committee’s recommendations, but that there were challenges in identifying and setting performance benchmarks. Finance representatives stated that financial ratios and performance benchmarks are primarily a tool used by private sector entities rather than those in the public sector, and that many factors influence the financial performance and sustainability of public sector entities. Further, Finance explained that public sector entities are fundamentally different in how they manage finances to private sector entities:
Another concern is that, broadly, public sector entities are funded to meet their requirements basically on a just-in-time basis, so it’s not normally the case that you would see financial positions for different agencies where they would have significant assets or cash balances, where you might see that in a different perspective for the private sector.
3.23
An additional point of concern for Finance in setting financial performance benchmarks was that public sector entities are diverse and that comparisons between entities may not fully capture differences in functions. As an example, they made the comparison between the Department of Defence (Defence) and the National Library of Australia, noting that they were extremely different entities in different industries and operating structures.
3.24
In response, the ANAO posited that financial ratios and performance benchmarking were important tools in assessing the operation of Commonwealth entities as it provided some detail for external observers to make judgements about the enemy’s performance. The Auditor-General stated:
There’s absolutely no doubt that you can’t just have a single benchmark across a whole pile of different entities that could apply to each of them, but the nature of utilising ratios and benchmarks is to try and put the user of the information into a position to make judgements with respect to how, in the case of the public sector, entities are using their resources and maintaining their sustainability—for example, the use of balance-sheet analysis to determine whether the entity is maintaining running down its assets stock, its service delivery capability.
3.25
The ANAO commented that ‘Finance has not developed and communicated guidance to assist users in assessing whether the ratios indicate strong or weak financial performance in the context of the government sector’. In the absence of guidance set by government, the ANAO created parameters based on ‘generally accepted concepts of financial sustainability’, which were applied to Commonwealth entities for the purposes of the CFS. The Auditor-General explained:
We think that it’s valuable to try and have—as we do in this report— some analysis of financial statements where you can use ratios et cetera to ask questions with respect to the sustainability and the ongoing performance of entities. Finance recently started publishing some information on that. To some extent, I would feel—because we’ve been raising this issue for a number of years—that you need to go a step further and, say, not only publish the ratios but give some indication and guidance of what they mean. And that’s what we tried to do in this report by setting some benchmarks on the ratios and then going in and trying to explain why people are outside certain parameters.
3.26
The ANAO stated that it did not consider that Finance had fully responded to the Committee’s recommendation in Report 463. The Auditor-General commented that while Finance had made the information available for users to access themselves, it had not provided users information on how to interpret results, such as aspects to look out for and what metrics are important.
Unadjusted audit differences
3.27
The CFS assesses the quality of entities’ preparation of the financial statements by ‘considering and the number and value of audit differences identified’. The ANAO reported ninety-eight unadjusted audit differences in Commonwealth entities, representing a decrease in the number of unadjusted audit differences found in comparison to the 2018-18 reporting period. The value of unadjusted audit differences, however, was reported to have increased by approximately $30 million, which resulted in a net impact of $53 million. Further, the ANAO reported that it had identified three moderate findings and eleven minor findings in regards to entities’ preparation of the financial statements themselves. Of the ninety-eight total unadjusted audit differences, sixty-one were in relation to material entities, which represented an increase from fifty-eight in the 2019-20 reporting period.
3.28
Almost all unadjusted audit differences did not result in a material misstatement to the financial statements of entities, both individually and as a whole. One entity was identified as having an unadjusted audit difference which may have resulted in a material misstatement to its financial statement, which was the National Australia Day Council (NADC). The NADC was found to have misclassified $2.66 million of revenue under the Australian Accounting Standards, which was deemed by the ANAO to be ‘considered material, but not pervasive to the financial report’.
3.29
The ANAO explained in the CFS that any audit differences identified in the process of auditing the financial statements are communicated to entities, and that entities are ‘encouraged to adjust all audit differences’. The significance of unadjusted audit differences was more fully explained by the Auditor-General:
We started reporting on these matters a bit more fulsomely a couple of years ago within this report because the number of unadjusted audit differences was of concern to us. In my view … when you identify an audit difference, which is largely saying that an item within the accounts is incorrect ‘but we’re not going to fix it’ … you’d expect people to be focusing on getting the accounts right not ‘largely right’.
3.30
The ANAO also expressed the view that entities sometimes avoid addressing audit differences due to ‘the knowledge that immaterial differences don’t lead to qualifications’, and are therefore not reported in the CFS.
3.31
The Auditor-General suggested that the accepted best practice was to ensure that financial statements were prepared as accurately as possible, and—where differences are identified—that these be corrected.
3.32
In broad concurrence with the ANAO, Finance stated that entities should be aiming for financial statements to be as free from errors as possible, but that there were occasions where audit differences may be unavoidable. During the preparation process for the financial statements, Finance prepares the Consolidated Financial Statements (which collates all agencies’ financial statements into one document) and—as part of that process—addresses any unadjusted audit differences that entities do not address themselves. Agencies are encouraged by Finance to address any unadjusted audit differences where the ANAO has identified issues.
3.33
Notwithstanding this principle, Finance stated that ‘it is a question for the individual accountable authority to determine whether they think the adjustment should be taken up’. It explained that there are a number of reasons why agencies may not address audit differences identified by the ANAO, such as:
Conflicting opinions regarding whether the adjustment would be appropriate;
Introducing risks of errors during the financial statements process if a particular difference was taken up; and
Differing applications or interpretations of auditing standards or professional judgements between the ANAO and the relevant entity.
Impact of COVID-19
3.34
In its examination of the 2019-20 Financial Statements, the ANAO took the opportunity to examine the impact of the COVID-19 pandemic on Commonwealth entities in respect of their financial management and performance. The CFS reports on a number of aspects in relation to entities’ response to the pandemic, including:
Entities’ consideration and response to increased and dynamic risk, particularly those posed from remote working arrangements and the consideration of risk by audit committees; and
Financial sustainability in the wake of COVID-19, including whether entities were significantly impacted by the pandemic and whether additional funding, letters of support, or restructuring of operations were required.
3.35
The Auditor-General stated that, in his opinion, entities overall responded well to the challenges posed by the pandemic in terms of financial reporting:
With respect to the work that entities did on financial reporting, which is what these documents are about, we think the entities did a very good job in (1) keeping the focus on the importance of financial reporting and (2) assessing the risks associated with it. We did some work looking at the extent to which entities went back and looked at their risk frameworks in taking account of COVID and we found that entities largely did that. So, from the performance audit work we’ve done on COVID measures implementation and the work we did in the financial audit space, we have quite a positive view about how entities have continued business as usual in terms of financial reporting, as well as dealing with the other risks.
3.36
Notwithstanding the overall positive findings, the ANAO identified three new Key Audit Matters (KAM) in relation to entities’ management of particular risks in relation to the COVID-19 pandemic, and five existing KAM were updated to reflect changed risk factors arising from the pandemic. The ANAO further commented that the Australian Government’s increased use of online systems and services to address demand and respond to major events will require that administrators ‘understand their information and data risks along with the need to protect critical information from malicious actors’.
Impact on the ANAO’s auditing processes
3.37
The Committee enquired into whether any issues arose during the ANAO’s examination of the CFS given COVID-19-related restrictions. Audit staff were said to encounter difficulties in physically accessing audited entities due to restrictions on building access; however, remote access facilitated the access of data and systems required for the purposes of conducting the audits. The ANAO explained that it utilised remote access in a number of ways to conduct the audits, including: remote monitoring of stocktakes, transferring large data files, using entity technology to access their systems, and organising to conduct audits remotely. Some types of entities and particular kinds of audit work, such as stocktake procedures in Defence or audits involving security agencies, were reported by the ANAO to be unable to be remotely accessed which resulted in delays to their audits being concluded.
3.38
Despite the challenges of remote access auditing, the ANAO emphasised that there was ‘minimal impact on the ANAO’s ability to develop an understanding of the entities and their processes, and identify improvements and findings’.
3.39
While remote access was considered appropriate for short-term use, the ANAO stated that:
[I]f [remote access audit work] were to continue for an extended period, we would expect a deterioration in the understanding of key processes, adequacy of documentation and information provided to support audit evidence which may in turn impact findings.
Cyber security and resilience
3.40
A high proportion of the ANAO’s findings were in relation to cyber security and resilience issues. Of the 142 total findings, eight moderate findings and 40 minor findings were identified in relation to the IT control environment. The CFS reports that IT security findings comprised of sixty-five per cent of findings and eighty-eight per cent of moderate findings. Nonetheless, these results indicate a lower number of IT-related findings in comparison with previous years, for all types of findings. Further, a number of these findings were unresolved from prior reporting periods.
3.41
Six of the eight moderate findings related to privileged user access. Privileged user access relates to account users with particularly sensitive administrative privileges, such as the ability to make significant changes to IT systems, avoid security settings and access sensitive data. The CFS notes that privileged user access represents risk to entities, and that the Information Security Manual requires that access by such users be logged, regularly reviewed and monitored.
3.42
Four of the eight moderate findings were in reference to user access management. Issues common in these findings included accounts which were no longer active or required but could be used to access systems and data. Methods that some entities used to address these findings included the implementation of new systems to share information and control access, and new functionalities to ensure automatic loss of access upon the cessation of an employee’s employment.
3.43
The ANAO also advised that, in examining what it considers to be a moderate risk finding in relation to IT security, it conducts additional assessments in reference to whether the financial statements are impacted in the circumstances.
3.44
The Interim Report also examined the implementation and compliance with the Protective Security Policy Framework (PSPF) Essential Eight mitigation strategies, and found stated that there had been ‘limited improvement in the level of compliance with PSPF mitigation strategies since the controls [were] first mandated in 2013’.
3.45
The Australian Signals Directorate (ASD) confirmed the magnitude of the ANAO’s findings, stating that ASD’s work indicated that cyber security across Commonwealth entities had ‘further deteriorated’. ASD stated that the COVID-19 pandemic had resulted in a significant shift towards remote working practices in Commonwealth entities, which posed risks such as employees not using virtual private networks (VPNs) or corporate-issued devices. In addressing this, ASD performed a scan across Commonwealth entities identifying risks, and issued a series of technical advices containing guidance for entities to improve their cyber security. The technical advices covered a range of issues such as: multifactor authentication security, implementing VPNs and patching software. ASD also confirmed that it was examining the risks associated with new technologies such as quantum computing and key encryption capabilities.
PSPF self-assessments
3.46
Findings in relation to agencies’ progress against the PSFP maturity levels were mixed, with the CFS reporting that three agencies significantly improved their maturity levels with the majority of requirements, but one agency significantly declined. The ANAO explained how this situation was reflective of agencies’ approaches to cyber security more broadly:
What we found was the entities that significantly improved their compliance with the strategies were entities that actually prioritised the implementation of the requirements. The entity that has deteriorated was receiving services from another entity and was not monitoring the requirements as closely as it should. I think the lessons that we take out of that are consistent with the views we’ve expressed previously, where, to implement the appropriate strategies and mitigations, it’s important that entities actually prioritise that as something that is critical to them.
3.47
The Interim Report found that many entities could not provide sufficient evidence to substantiate their self-reported PSPF assessments. The ANAO explained:
What we tried to identify was whether they could provide us with evidence which supported their self-assessment. We didn’t go back in where they couldn’t and test whether their self-assessment was accurate. Rather, we just went to that first level: ‘Could you evidence your assessment?’ We found limitations there.
3.48
The ANAO clarified that it did not support a particular model of a system of assurance when enforcing PSPF requirements on entities; nonetheless, the ANAO’s previous performance audits in addition to the CFS indicated that the self-assessment system ‘isn’t consistent with the risk framework that we observed in implementation’. It also observed that it had previously recommended that the Attorney-General’s Department ‘implement arrangements to obtain an appropriate level of assurance on the accuracy of entities’ PSPF Policy 10 self-assessment results’ in its report Auditor-General’s Report No. 32 (2020-21) Cyber Security Strategies of Non-Corporate Commonwealth Entities. The ANAO stated:
An assurance framework should be designed to provide an appropriate level [of] assurance. In determining the appropriate level of assurance required consideration should be given to the likelihood and impact if a risk were to eventuate, and the effectiveness of controls in place to mitigate the risk. Where risk is low, then a low level of assurance [may be] determined to be appropriate, and the nature and extent of procedures may be more limited … Where the risk is higher or there are issues with the effectiveness of controls, then the level of assurance and nature and extent of procedures should be more robust. For example, adding to a review of the control processes detailed substantive testing of the actual activity (ie whether the relevant PSPF policies are actually implemented).
3.49
Cultural issues regarding cyber security frameworks were reported by the ANAO to be widespread, as indicated by their other auditing work around the topic and as highlighted in previous reports by this Committee. The Auditor-General stated:
I think what we can observe here in the causes are the same issues that we observed in our broader cybersecurity performance auditing framework. I think I’ve said to the committee before that people know what’s required. The expectations of what’s necessary for cybersecurity are well documented. Everyone knows what they are. The key issue is about building the culture in the organisation to systematically do it over and over again in putting in the controls and implementing the controls.
3.50
The ASD stated that it had strengthened its procedures in ensuring entities were accountable for implementing the PSPF mandatory requirements, but noted that it did not have powers under its enabling legislation to enforce compliance. It observed that, in running its annual survey of Commonwealth entities assessing cyber security, many entities engaged with the ASD to request guidance in best reflecting their entity’s cyber security situation in the survey and how to improve it. Larger entities were also reported to regularly consult and engage independent assessment for assurance purposes.
Leave monitoring
3.51
In conducting the CFS, the ANAO identified two moderate findings and sixteen unresolved minor findings in relation to human resources financial processes, with a particular emphasis on the management of staff leave and leave balances. In addition, the 2019-20 CFS took a particular focus on leave monitoring in Commonwealth entities, examining the policies and processes regarding leave monitoring of three entities: the Department of Home Affairs (Home Affairs), the Department of Prime Minister and Cabinet (PMC), and the Treasury.
3.52
The CFS examined the ANAO’s findings of instances of purchased leave in situations where employees had accrued excessive leave credits. For instance, Home Affairs was found to have twenty-two employees with seventy-three total instances where they had purchased additional leave while having excessive leave credits.
3.53
The ANAO explained that, in conducting this work, it was seeking to alert entities that there may be a problem in regards to their application of public service legislation and policies, and to address it if needed.
3.54
Leave monitoring, particularly in relation to delays to leave applications, were also examined in the 2019-20 CFS, where it was identified that there were lengthy delays in some entities for employees submitting unscheduled leave applications after the period of leave had already passed. The ANAO advised that a number of entities had now requested that internal auditors examine the policies and compliance to reduce instances of lengthy delays between leave being taken and an application being submitted.
3.55
The ANAO also examined matters relating to flexible leave and identified that there were instances within Home Affairs where staff had accrued a high amount of flexible leave or had accrued it where they were not entitled to flexible leave. The ANAO explained that most Commonwealth entities have some form of flexible work to accommodate for peak periods of work, including limitations on how much can be accrued; and that its reason for auditing flexible leave in the CFS was to examine the effectiveness of the implementation of those policies.
3.56
Home Affairs, in responding to the ANAO’s findings, agreed to the audit’s recommendations and implemented a number of measures to address the concerns raised; but disagreed with the ‘moderate’ rating of the finding. Home Affairs advised that it agreed with the ANAO’s recommendations, but that ‘the Department held the view that the observations raised by the ANAO posed a low risk to the Department’. It stated that the ANAO’s observations were based on a review of leave transactions over a period of 18 months and comprising of over 374,000 transactions. Home Affairs stated:
Noting the volume and value of all transactions across this period the Department considered the identified value of the errors (approx. $436k) was immaterial to the Department’s Financial statements.
Timeliness in preparing financial statements and annual reports
3.57
Commonwealth entities are required to table an annual report in Parliament in accordance with the Public Governance, Performance and Accountability Act 2013 (PGPA Act). For the majority of entities, annual reports must be provided to their relevant minister by 15 October. The PGPA Act does not stipulate a date that entities must table their annual reports in the Parliament by, but entities are expected to make them publicly available prior to Senate Estimates hearings in October/November in order to enable parliamentary scrutiny.
3.58
The CFS identified issues for a large number of entities in relation to the timeliness in preparing financial statements and annual reports. The ANAO reported that 64 per cent of entities delivered their financial statements per the agreed timeframes. This represented a decrease in the rate of timeliness in comparison to the previous CFS reporting period in 2018-19, which reported a 69 per cent rate of timeliness within the agreed timeframes.
3.59
Only 62 per cent of entities tabled their annual reports in the Parliament prior to the Senate Supplementary Budget Estimates hearings, down from 76 per cent in the 2018-19 reporting period. Sixteen per cent of entities tabled their annual reports on the day of the relevant Senate Supplementary Budget Estimates hearing. Eight material entities across five portfolios, which either tabled an annual report after the Senate estimates hearings or had not tabled an annual report as at 24 November 2020.
3.60
Figure 3.1 provides further detail about the timing of annual reports being tabled in correlation with Senate Supplementary Budget Estimates hearings.
3.61
The CFS further reported that a number of Commonwealth entities struggled to meet internal deadlines for financial reporting, stating that 64 per cent of entities met the agreed timetable. The ANAO observed that this was a five-point drop in comparison to the previous reporting period, where 69 per cent of entities met the agreed deadlines. This was explained by the ANAO as potentially due to the COVID-19 pandemic. However, ANAO representatives stated that, while accommodating for unavoidable challenges during the financial statements process, this figure should be higher:
… [S]ometimes the delays are when we’re getting towards the end, and major issues emerge late in the piece as well. I don’t think we can all aim for 100 per cent. I don’t think that’s achievable. You’d certainly want to see something in the 80s to 90s—as better than where we are at the moment.
3.62
According to the ANAO, annual reporting deadlines for publication are comparatively later than the private sector, but that public sector annual reporting is largely driven by deadlines for audit reporting and financial statements. It observed that best practice for ASX-listed companies was approximately four months after the year’s end.
3.63
The ANAO supported the suggestion that annual reports should be provided ‘a reasonable time beforehand’ to Senate estimates hearings in October, in order for parliamentarians to read the reports and effectively scrutinise entities. The ANAO explained that Senate estimates is a significant marker which entities should be aiming for in publishing annual reports, given the primary user of annual reports is the Parliament:
The predominant use of annual reports is the parliament and the community. They’re prepared for the parliament to use. Senate estimates is one of the key vehicles by which parliament is meant to review the operations of government entities, through looking at annual reports. I think that most people involved in the preparation of annual reports probably wouldn’t be very comfortable if their staff provided them with a couple-of-hundred-page paper the day before a meeting to get ready for it. This isn’t something that we should think is reasonable for the parliament in being able to hold entities to account for their performance.
3.64
Finance broadly concurred with the ANAO, stating that most entities are required by the PGPA Rule to provide their annual report to the relevant minister by 15 October each year, and to the Parliament by 31 October according to tabling circulars as circulated by PMC. The ANAO further explained that Commonwealth companies are subject to different tabling rules, accommodating for the need to present annual reports twenty-one days prior to the next annual general meeting after the end of the relevant reporting period.
3.65
The Committee questioned whether entities are sufficiently compliant with the tabling rules regarding annual reports. Finance representatives stated that entities broadly adhere to the tabling requirements, and that ‘the vast majority of cases entities are provided well ahead of that 31 October time frame, and they are tabling ahead of estimates’. The Auditor-General, however, stated that the CFS indicated that a large proportion of entities had not provided their annual report for tabling prior to Senate estimates hearings in October 2020. Finance suggested that this was potentially due to challenges in tabling as a result of the COVID-19 pandemic, but did not further explain why the pandemic had impacted on entities’ ability to adhere to the tabling deadline.
3.66
Finance explained that it has no enforcement powers in ensuring entities provide annual reports in a timely manner. PMC is the policy owner of Parliament’s tabling guidelines, including the timeframes for annual reporting. However, Finance is responsible for monitoring compliance with the annual reporting policy via the transparency.gov.au portal’s uploading of annual reports, which must happen ‘as soon as is practicable’ after its tabling in Parliament. Finance also follows up with any entity that tables an annual report out of the timeframes set out by the PGPA Rule, as required by PMC.
3.67
The Auditor-General commented that there appeared to be an issue in relation to the reporting framework’s requirements when compared to their users’ needs, in this case the Parliament and parliamentarians preparing for Senate estimates. He stated:
[W]e have a reporting framework for annual reports which sets out a requirement for when annual reports need to be provided by the department to their minister, which is 15 October, and a requirement for when annual reports should be tabled. It seems to me that the framework that’s in place for entities may not align with the needs of the users of the reports, and the committee might want to consider whether those rules serve the purpose of ensuring that the parliament gets reports at an appropriate time for its consideration.
Follow-up on previous recommendation
3.68
The Committee has had a long-term interest in practices relating the tabling of entities’ annual reports, particularly around the issue of timing. In August 2017 during its consideration of Commonwealth financial statements, the Committee examined the issue of the timing of annual reports in the Parliament. The resulting report of this inquiry, Report 457: Development of the Commonwealth Performance Framework – Second Report, identified two important deadlines which it deemed required moving: that of the delivery of annual reports to ministers, and the tabling of annual reports in Parliament. It found:
Regarding timeframes for delivery and tabling of Annual Reports, the Committee believes that bringing forward both of these dates, and formalising the required tabling date in legislation, is both viable and valuable. If achieved, it will provide some certainty to Senate Estimates Committees in particular that the important performance information in annual reports will be made available in a timely manner to assist scrutiny.
3.69
The Report recommended that the Independent Review into the Operation of the Public Governance, Performance and Accountability Act 2013 and Rule (the Review) examine ‘bringing forward the delivery and publication of Commonwealth entity annual reports’. The preference indicated by the Committee was that annual reports be tabled by 15 October, as opposed to reports being provided to the relevant Minister by that date, in order to ensure availability for Senate Supplementary Budget Estimates hearings.
3.70
The Review, released in September 2018, consequently examined the issue of the timing of annual report tabling. It found that entities raised concerns about attempts to move up the tabling date, including the demands on entities to compile vast amounts of information, increased reporting requirements across different sources of legislation, and the ANAO’s availability to provide their financial audit reports prior to an entity providing its report to its Minister. Entities were, however, of the view that reporting deadlines could be moved with the introduction of digital reporting and reduced disclosure requirements.
3.71
Notwithstanding these considerations, the Review ultimately agreed with the view expressed by the Committee and the Auditor-General that current arrangements do not allow for sufficient time for proper consideration prior to Senate Estimates hearings. The Review states:
By the time reports are tabled, senators may only have a few days to consider content and information about the entities’ performance. There have been occasions when annual reports are tabled only after hearings are completed. There is little point in improving the quality of the performance information in annual reports, and the quality of annual reports more generally, if the Parliament does not get the information when it needs it. Timing is critical for proper accountability.
3.72
The Review supported the Committee’s view to legislate a due date for annual reports to be tabled in the Parliament, proposing that responsible ministers be provided with an entity’s annual report at least seven days prior to the tabling deadline, and that the Minister provide the annual report to Parliament by 30 September annually. In doing so, the Review suggested two prerequisite conditions:
i.
The implementation of a digital reporting platform; and
ii.
An assurance that the ANAO would be able to complete financial statements audits to enable entities to meet the deadline, suggested as mid-September.
3.73
Finance advised the Committee that the Australian Government agreed in principle to the recommendations contained in the Independent Review, including Recommendation 30. It stated that the Online Tabled Documents Project, the tool designed to address the first prerequisite condition, was under development by the Department of Parliamentary Services. No information was provided to the Committee in relation to the project’s progress. Finance stated that, once DPS had completed the project, it would seek to make changes to the PGPA Act and Rule to change the annual reporting tabling date.
Audit committee reporting
3.74
As a key theme for examination, the 2020-21 Interim Report focused on Commonwealth entities’ compliance with new audit committee reporting rules. The PGPA Act and Rule requires all Commonwealth entities to have audit committees established and their minimum requirements. The PGPA Rule was amended on 27 February 2020 which changed the annual reporting requirements for Commonwealth entities’ audit committees, which was applicable for reporting periods on or after 1 July 2020.
3.75
The Auditor-General explained that the changes to the reporting rules were intended to:
[E]nsure that in fulfilling their role in advising authorities around the preparation of financial statements and the risk framework around any noncompliance the advice that the accountable authorities are getting is from the source, which is independent from the management of the organisation.
3.76
After examining 182 of the 187 Commonwealth entities’ the 2019-20 annual reports, the ANAO determined that a number of entities did not comply with the amended reporting rules.
3.77
The ANAO stated that it found a widespread lack of understanding of what the Rule changes consisted of and how this was to be implemented across entities. Guidance was provided by Finance, but the ANAO stated that some entities experienced confusion regarding the new requirements as opposed to what was already practiced. However, the ANAO made clear that, in their opinion, the noncompliance was not intentional but a result of lack of knowledge or understanding.
3.78
In relation to the issue of guidance, Finance explained that it had attempted to provide education to entities by:
Releasing information in a newsletter that is released to interested parties;
Receiving queries to their dedicated PGPA call line and mailbox; and
Speaking to chairs of audit committees and financial officer forums.
3.79
Finance advised that it had no powers to enforce the PGPA Rule or any amendments in Commonwealth entities. It explained:
The PGPA is a devolved framework. It is a principle based framework and there is a really important concept within the PGPA that we’ll refer to: the accountable authority. The compliance with the audit committee reporting requirements under the legislation and the rule is ultimately a matter [of] responsibility for the accountable authority, but what we do there is those communications and education services … to promote adherence, particularly in the case of the new rules.
3.80
Finance stated that it was continuing to deliver educational material in order to inform entities of their obligations, such as updating their website and their Resource Management Guides to incorporate more plain-English advice, and providing direct guidance to entities.
Executive remuneration disclosure
3.81
The Committee inquired into matters relating to executive remuneration, particularly short-term incentives. The ANAO advised that it examines the processes and governance mechanisms around executive remuneration and short-term incentives, and examines whether the decision to grant short-term incentives have been reflected in the entity’s accounts. Consideration of any post-event adjustments, however, are not within the ANAO’s scope when auditing for the CFS.
3.82
Finance advised the Committee that the Australian Government had implemented new guidelines around short-term incentives for senior executives employed in the Australian Public Service. Officers from the department explained that, as the guidance had been issued by the Australian Public Service Commission , there were ‘joint accountabilities’ in relation to enforcement of the new guidelines.
Committee comment
3.83
Overall, the Committee is largely satisfied with the results of the
2019-20 CFS and the 2020-21 Interim Report examined in this report. The reduced number of significant findings amongst Commonwealth entities indicates that agencies are actively addressing concerns raised by the Auditor-General, and improving their internal controls to ensure that financial statements are made free from material misstatements. Further, the NLC, which had a significant legislative breach found, has made clear efforts to rectify the situation and has taken the ANAO’s advice on how best to achieve this. The Committee is pleased to see this progress and looks forward to the breach being rectified after a long period of its remaining open.
3.84
The Committee is pleased to note the ANAO’s finding that Commonwealth entities on the whole managed the challenges of the COVID-19 pandemic well in respect to their financial performance and management. This finding demonstrates the strong financial management across Commonwealth entities during extremely challenging times, and will inform future planning for risk and uncertainty. The Committee will continue to monitor how Commonwealth entities respond to the challenges posed by the pandemic, both in 2020 and in 2021.
3.85
The Committee notes the ANAO’s findings in relation to the IT security controls across Commonwealth entities, and expresses its disappointment and concern that entities continue to fail to meet the PSPF requirements. Cyber resilience and the culture which enables is, remain a key concern of the Committee. Related inquiries conducted by the Committee illustrate the widespread nature of the issues identified by the ANAO. The Committee remains of the opinion that Commonwealth entities should strive to meet their obligations in relation to IT security controls, particularly the PSPF mitigation strategies. The Committee will continue to monitor this matter closely and anticipates improved results in coming reporting periods.
3.86
The issue of how financial performance is measured and expressed has long been a matter of contention in the Committee’s examination of the CFS over a number of parliamentary terms. As discussed earlier in this chapter, the Committee has previously recommended that Finance implement financial performance ratios to assist readers of the Financial Statements to understand and contextualise the data provided. Finance has stated that, in its view, the transparency.gov.au portal meets the recommendation of the Committee.
3.87
The Committee concurs with the view of the ANAO that Finance has not fully implemented the Committee’s request. Although the Committee commends Finance’s work in providing a single-access portal that enables users to access all Commonwealth entities’ annual reports and financial statements, the ratios provided in the portal do not adequately illustrate how an entity is performing financially.
3.88
The Committee notes that there appears to be limited explanatory information on the transparency.gov.au portal. There is currently no guidance material in relation to what the ratios included are measuring, why the particular ratios used were included, how they relate to an entity’s financial performance, and what certain benchmarks may indicate about an entity’s current and future financial performance.
3.89
While it acknowledges Finance’s concerns regarding financial performance ratios or benchmarks as primarily a tool best suited to the private sector, the Committee is of the view that financial ratios and benchmarks provide critical information of use to both the Parliament and the broader public. Ratios or benchmarks provide guidance to the Parliament and the public about the fiscal performance and sustainability of Commonwealth entities. It further provides assurance to Parliament that Commonwealth funds are being spent appropriately, and to understand how entities are performing contextually within the Commonwealth and over time.
3.90
The Committee recommends that the Department of Finance, as part of the transparency.gov.au project, develop and publish guidance material for users of the project which explains what the included ratios measure, which ratios are most important, and what particular ratio results signify.
3.91
Timeliness of annual reporting is a topic which greatly interests the Parliament and this Committee. It is clear from the ANAO’s findings that Commonwealth entities are not all meeting the deadline for the tabling of their annual reports prior to Senate Estimates hearings in October each year. The Parliament, and particularly the Senate, cannot conduct its role effectively without the timely provision of information by Commonwealth entities. It is imperative for the oversight and accountability of the Parliament, and the maintenance of responsible government principles, that such information is available.
3.92
The Committee notes that the Australian Government has yet to formally respond to the recommendations in relation to this matter made by the Independent Review. Further, Finance has not provided any further update as to when the annual tabling date will be amended, having stated that it will be contingent on the implementation of the Online Tabled Documents Project to be completed by the Department of Parliamentary Services.
3.93
The Committee reiterates its view that the tabling date for Commonwealth entities’ annual reports should be moved to an earlier date in the year to ensure oversight can be performed with sufficient time to read the information contained in the reports. The Committee also holds concerns that entities may not take the reporting deadlines seriously given the lack of a legislated reporting date. As a consequence, Commonwealth entities may not have sufficient incentive to table their annual reports in a timely fashion without legislative enforcement of a tabling date. With this in mind, the Committee reminds entities of their commitment to their duty to the Parliament to provide accountability and transparency, which means providing annual reports in a timely fashion to enable full consideration at Senate Estimates.
3.94
The Committee recommends that the Department of Finance, with advice from the Department of Parliamentary Services, provide an update to the Committee within six months of this report’s tabling date that details:
A progress report detailing the development and implementation of the Online Tabled Documents Projects, including proposed roll-out dates; and
A timeline of the establishment of a new tabling date for Commonwealth entities, including details such as proposed legislative amendments and an anticipated date for introduction to Parliament.
Lucy Wicks MP
Chair