BASELINE AND BASELINE PLUS DUE DILIGENCE ......Due diligence operational procedures 4 BASELINE DUE...

BASELINE AND BASELINE PLUS DUE DILIGENCE OPERATIONAL PROCEDURES May 2019

Due diligence operational procedures 2

CONTENTS

INTRODUCTION 3

BASELINE DUE DILIGENCE ASSESSMENTS 4

How to conduct a baseline due diligence assessment 4

Using the due diligence assessment tool 5

Record keeping 6

Risks Identified in the Due Diligence Assessment 6

Criteria 1: Individual or Entity Details 6

Criteria 2: Past performance 9

Criteria 7: Fraud control 11

Criteria 8: Anti-Corruption 14

Criterion 9: Sanctions lists 16

Criterion 10: Counter terrorism 17

Criterion 11: Integrity systems check 19

Criterion 14: Child protection 22

Criteria 18 - Transparency 25

Criteria 19 – Branding 27

Criteria 17 - Environmental Protection Safeguards 29

Criteria 20. National Interest 31

Submitting a due diligence assessment for approval 32

Attachment A – Information Guide – due diligence baseline assessment 33

Attachment B: Multilateral Baseline Assessment Information Guide 36


INTRODUCTION

These Due Diligence Operational Procedures support the Due Diligence Framework (Framework) to provide an aid risk assessment tool that assesses potential delivery partner’s ability to deliver in line with the policy and legislative requirements of the Australian aid program. It responds to the Australian aid program’s reliance on partnerships and third party delivery mechanisms by better informing partner engagement.

This document outlines the processes required to undertake a baseline or baseline plus due diligence assessment. Key risks identified in the due diligence process need to be assessed, documented and monitored in line with the Aid Programming Guide, Chapter 7 Aid Risk Management.

GUIDING PRINCIPLES Assessments should align with the guiding principles of the Framework these are:

• Proportionality – the scope and depth of assessments are proportional to the risk and value of the proposal.

• Minimum baseline assessment – a minimum set of assessment criteria applies regardless of risk or value. Additional assessment criteria may be applied on a proportional basis.

• Evidenced based assessment - assessments will be based on the best available and most current, objective and verifiable information and where appropriate will draw on third party assessments.

• Validity – assessments will remain valid for three years.

• Centralised coordination and storage – centralised coordination and storage of assessments enables a repository of information available for DFAT.

• Delegate responsibility – the financial delegate remains responsible for ensuring appropriate due diligence activities have been undertaken, and will determine if any extra due diligence activities are required.

http://dfatintranet.titan.satin.lo/managing-aid/other-aid-management-risk-policies/due-diligence/Documents/due-diligence-framework.DOCX

http://dfatintranet.titan.satin.lo/managing-aid/aid-programming-guide/Pages/chapter-7.aspx


BASELINE DUE DILIGENCE ASSESSMENTS This guide contains guidance on 12 criteria including, eight baseline criteria and the two additional required criteria for private sector organisations and multilateral organisations as shown in the diagram below. If there is a high or very high safeguard risk for environment or displacement then the relevant additional criteria should be assessed to ensure that the provider has systems in place to manage the safeguard.

*These are the mandatory Baseline Due Diligence assessment Criteria. **In addition to the eight baseline criteria 2 additional criteria required for a Baseline for private sector entities. # In Addition to the eight baseline Criteria, 2 Additional criteria apply for a Baseline for a multilateral organisation A Comprehensive Due Diligence Assessment addresses all 20 criteria. @if there is a high or very high safeguard risks for the environment or displacement safeguard the relevant criteria should be assessed.

HOW TO CONDUCT A BASELINE DUE DILIGENCE ASSESSMENT Baseline Due Diligence Assessments consist of three stages: information collection, information consideration, and a pragmatic evaluation of evidence obtained. Assessments should always be evidence based and not subjective. As assessments are based on the best available evidence at the time if there are any substantial changes to an entity or individual’s circumstances a new due diligence assessment is required to be undertaken.

To support the assessment a range of evidence may be considered. This may include (but is not limited to) the following:

• Information already held by the Australian aid program and DFAT

• Information requested from the individual or entity

• Robust information already in the public domain such as published information or online information (e.g. annual reports, published financial statements)

Organisational Capacity

1. * Entity Details

2.* Past Performance

3.Technical / Operational

capacity

4. Financial Viability

5. Results & Performance Management

6. Value for Money

Risk Management

7. * Fraud Control

8. * Anti-Corruption

9.* Sanctions Lists

10.* Counter Terrorism

11.* Integrity Systems Check

12. Risk Management

13. Fiduciary Risk

Safeguards

14. * Child Protection

15.@ Displacement and Resettlement

16. **@Environmental Safeguards

Policy requirements

17. #Transparency

18. #Branding

19. Disability

20. **National Interest

(includes Reputation and Social Responsibility)


• Original and/or certified original documentation (or original sighted) • Verifiable information reported to other government agencies, departments and third party assessments

• Verbal information from individuals and third parties

Note: Verbal information recorded in ARMS must include the date, time, name and position of person spoken to, as well as questions asked and answers provided.

Assessing officers use their professional judgement to determine if an individual or entity satisfies each assessment criteria based on the evidence gathered. Assessing Officers may choose to seek further information from any source that may provide information relevant to the assessment. Attachment A contains a summary of information that may be considered when undertaking a baseline assessment or baseline plus – private entity. Attachment B contains a summary of information that may be considered when undertaking a baseline plus – Multilateral assessment.

Assessing officers are to return original documents using secure postage or other appropriate measures.

Outcomes and proposed risk treatment options (if any) contained in a Baseline Assessment Report can be shared with individuals or entities prior to the delegate signing off on the assessment. To streamline the process of obtaining information from the individual or entity being assessed, DFAT assessing officers are required to forward copies of the following (five) documents to the individual or entity being assessed at the commencement of the assessment:

• DFAT Fraud Policy Statement

• Baseline Assessment Information Guide (summary of what information DFAT requires from implementing partners at Attachment A)

• Due Diligence Fraud and Anti-Corruption Acknowledgement form (Note: multilateral organisations are not expected to sign this form)

• Child Protection Policy, and

• Separate Child Protection Code of Conduct form (to be signed by individuals)

For further assistance, contact the Aid Risk Management and Safeguards Section on [email protected]

USING THE DUE DILIGENCE ASSESSMENT TOOL Due Diligence assessments should be conducted using the Assurance & Risk Management System (ARMS). Logins to this system can be obtained by emailing [email protected]. ARMS can be accessed at: https://erm2.protecht.com.au/dfat/. This guide will take you through how to conduct a due diligence assessment not through how to use ARMS. Instructions for using ARMS can be found in the task cards on the due diligence page on the Intranet. These can be used in conjunction with this guide until you are familiar with the system. The tab numbers in ARMS match the criteria number for ease of use.

http://dfat.gov.au/about-us/publications/Pages/fraud-policy-statement.aspx

http://dfat.gov.au/about-us/publications/Pages/fraud-policy-statement.aspx

http://dfatintranet.titan.satin.lo/managing-aid/other-aid-management-risk-policies/due-diligence/Documents/DFAT%20Due%20Diligence%20Fraud%20and%20Anti%20Corruption%20Acknowledgement%20form.docx


http://dfatintranet.titan.satin.lo/managing-aid/other-aid-management-risk-policies/Documents/child-protection/child-protection-policy-2017.pdf

http://dfatintranet.titan.satin.lo/managing-aid/other-aid-management-risk-policies/due-diligence/Documents/DFAT%20Due%20Diligence%20Child%20Protection%20Code%20of%20Conduct%20form.docx


mailto:[email protected]


https://erm2.protecht.com.au/dfat/

http://dfatintranet.titan.satin.lo/managing-aid/other-aid-management-risk-policies/due-diligence/Pages/default.aspx


RECORD KEEPING All evidence used to undertake a due diligence assessment must be save in EDRMS.

Security classifications should be as follows:

Due diligence report - For Official Use Only Evidence that is a public document – Unclassified Personal details - Sensitive: Personal.

RISKS IDENTIFIED IN THE DUE DILIGENCE ASSESSMENT All risks identified during the due diligence assessment must be managed either through contract conditions or in the risk register for the investment or agreement.

CRITERIA 1: INDIVIDUAL OR ENTITY DETAILS Criterion 1: DFAT is required to verify implementing partner identity including legal ownership and legal structure.

Criterion 1.1: DFAT also seeks evidence of the partner’s processes and systems to verify downstream implementing partner’s identity.

Guidance When establishing the identity of an entity officers need to take a practical and pragmatic approach. When there is no previous trading history or the entity is registered overseas it can be challenging to positively confirm details. Equivalent Registration varies from country to country and in some cases there may be no equivalent or no effective equivalent. DFAT is able to consider any documentation in considering this criteria.

For a Private Sector Organisation this process may also identify subsidiaries of the organisation and the organisations structure.

Before Starting this Assessment • Note that the assessing officer may need to contact third parties (such as banks and ID issuing

authorities) to verify copies of bank documents or frequently counterfeited ID documents in some jurisdictions.

Assessment of an Individual 1. Verify identity through bank account information. Sight original bank statement (as best evidence)

showing name and address of the individual. Record these details (Bank and Branch name, address and contact details, bank account details and numbers, type of account and all names that appear on the account) in ARMS. A verification document from the bank with these details would be appropriate in the place of a bank statement. Note: DFAT does not require to sight transactions, these can be redacted.

2. Verify individual identity by sighting and /or obtaining copies of two (2) of the following identity documents: Passport, National Identity Card, Personal ID issued by government agencies such as a vehicle or other licenses. Record details of documents (name, address, document numbers, issuing


authority, date and place of issue) in ARMS. Record if the documents are photo ID documents if the photo matched the individual (if seen).

3. Obtain a current CV for the individual noting if the name and address details match details from the above checks and also if the history looks correct against age. Record these observations ARMS. Please note:

− Referees listed in the CV may be contacted under Assessment Criterion 2 Past Performance.

− The assessing officer may further test integrity of the CV under Assessment Criterion 11 Integrity Systems.

4. If individual operates in Australia, verify individual identity by checking ABN number through ABN Look Up (R1). (If based or registered overseas verify individual identity through equivalent foreign registration). Record these details in ARMS.

5. Assessing officer to determine if identity has been verified (considering evidence obtained in steps 1 to 4).

Assessment of an Entity 1. Verify identity through bank account information. Sight original bank statement (as best evidence)

showing name and address of the entity. Record these details (Bank and Branch name, address and contact details, back account details and numbers, type of account and all names that appear on the account) in ARMS. • Check publicly available information (e.g. annual reports, published financial statements) on the

entity including websites, blogs, forum, Google search, etc. 2. If the entity operates in Australia, Assessing Officers should check the following registers according to

entity status: ABN Look Up (R1), ASIC Register (R2), ACNC Register (R3). (If based or registered overseas, verify identity through equivalent foreign registration).

3. Record the details from 1-2 in ARMS. 4. Determine if identity has been verified (considering evidence obtained in steps 1 to 3). Record outcome

in ARMS.

Notes

• Establishing the identity of an entity can be challenging to positively confirm, particularly when there is no previous trading history, the entity is registered overseas and/or the information is limited to information only accessible from another third party. Equivalent Registration varies from country to country and in some cases there may be no equivalent or no effective equivalent. Again, officers need to take a practical and pragmatic approach.

• Not all charities may be registered with the Australian Charities and Not-for-profits Commission (ACNC) even though they are not for profit and there is currently a period of transition, which may result in many of the entities not being listed.

Note that companies registered by ASIC as a Company Limited by guarantee and typically not for profit, would still need to register separately with the ACNC.

References

R1 - ABN Look Up: http://abr.business.gov.au

R2 - ASIC Register: http://www.asic.gov.au/search

R3 - ACNC Register: http://www.acnc.gov.au (Note: not all not-for-profit organisations are registered with the ACNC)

http://abr.business.gov.au/


http://www.asic.gov.au/search

http://www.acnc.gov.au/


http://www.asic.gov.au/search

http://www.acnc.gov.au/


Figure 1 Entity and individual details

IndividualSight Original Bank Account Statement

Sight two (2) Identity Documents

Obtain and review current CV

Referees checked under

2. Past Performance Assessment

CV Integrity Tested under

11. Integrity Systems Assessment

Australia

ABN Look Up

Overseas

Equivalent Foreign Registration

(where exists)

Identity Verified

Entity

Type of Implementing Partner Being Assessed

Sight Original Bank Account Statement

Public Available Info (Web etc.)

Australia Overseas

ABN Look Up

ASIC Registration

Equivalent Foreign Rego if Exists

IF Not Available, Ask

for Further Details

R1

ACNC Register

R1

R2

R3


CRITERIA 2: PAST PERFORMANCE Criterion 2: DFAT is required to verify past performance

Guidance The past performance of an implementing partner is often one of the more significant indicators of future performance and the partner’s ability to deliver quality outcomes. The assessment process for individuals and entities is the same for this criterion.

Before Starting this Assessment Note that the assessment process for individuals and entities is the same for this criterion.

Assessment of an Individual and Entity: 1. Check individual or entity details against the Contractor and Adviser Performance Assessment (CAPA)

register, noting that if records exist, also check the purpose and timings of the previous assessments. 2. Assess relevant performance information provided by the individual or entity (e.g. external or

independent evaluations and reviews). • Seek other relevant Australian aid program performance information where it exists, such as

initiative or activity reviews, or other evaluations (e.g. QAI’s) which reflect directly or indirectly on performance.

• Contact relevant program areas and posts that can confirm that the individual and entity delivered the outcomes to which past performance refers

• Open source information (internet, media etc.) 3. Obtain comments from referees nominated by individuals and entities. Consider obtaining comments

from other referees not nominated by the entity (review work history and contact and seek comments from employers or associates in relation to previous assignments or projects).

4. Record the details from 1-3 in ARMS. 5. Evaluate the risk of non-performance. Assessing Officer to determine a risk rating (considering evidence

obtained in steps 1 to 3). Use table below to assist in the assigning of a risk rating. Record the risk rating in ARMS.

Risk Rating – Past Performance

Very High Risk High Risk Moderate Risk Low Risk Non-performance and/or non-existence of capabilities and no evidence of effectiveness of any practices in one or more of the assessment criteria.

Performance information obtained from multiple sources indicates that the delivery of quality outcomes and partner performance are quite varied and appear unpredictable.

Performance information was obtained from a single source and indicates that the partner delivered quality outcomes and performed as expected OR performance information was obtained from multiple sources and the quality of outcomes and partner performance was overall positive but with some variation

Performance information was obtained from multiple sources and all indicate that the partner delivered quality outcomes and performed as expected.

http://dfatintranet.titan.satin.lo/finance/procurement/advisers-contractors/Pages/contractor-performance-assessment.aspx


References R1 - Contractor and Adviser Performance Assessment Register http://dfatintranet.titan.satin.lo/finance/procurement/advisers-contractors/Pages/contractor-performance-assessment.aspx

Figure 2: Past performance

Search the Contractor and Adviser Performance Assessment (CAPA) register.

Seek other relevant Australian aid program performance information where it exist including:

Initiative or activity reviews, or other evaluations (e.g. QAI’s) which reflect directly or indirectly on performance.

Contact relevant program areas and posts if deemed necessary.

Risk Rating

Obtain comments from nominated referees. Consider obtaining comments from un-nominated referees.

EntityIndividual

R1

Assess relevant performance information provided by the individual or entity (e.g. external or independent evaluations and reviews and written

referee reports).




CRITERIA 7: FRAUD CONTROL Criterion 7. DFAT is required to verify an implementing partner’s practices, processes and systems used to mitigate and manage the risk of fraud.

Criterion 7.1. Implementing partner should provide advice of the processes, tools and systems it has in place for verifying the fraud prevention approach of its downstream partners

Guidance The Australian aid program operates in places that have a high inherent risk of fraud and corruption. Identifying implementing partner practices, processes and systems assists the Australian aid program to better understand and manage these risks.

Before Starting this Assessment • Assessing officer should read and understand the DFAT Fraud Strategy Statement, (R1), and Due

Diligence Fraud & Anti-Corruption Acknowledgement (R2).

Assessment of an Individual: 1. Provide copies of DFAT Fraud Strategy Statement (R1) and Due Diligence Fraud & Anti-Corruption

Acknowledgement form (R2) to the Individual. Where relevant list details of any current or recent (last two years) fraud or corruption related investigation by external parties in ARMS and obtain further details if necessary.

2. Establish and list in ARMS details of the Individual’s practices to mitigate the risk of fraud. (see Due Diligence Assessment Information Guide for examples)

3. Attach a copy of the signed Due Diligence Fraud & Anti-Corruption Acknowledgement form to ARMS. Attach original form to the relevant official file in your office location.

4. Assessing Officer to determine a risk rating for the entity (considering evidence obtained in steps 1 to 3).

Examples for individuals Examples of practices used to mitigate the risk of fraud by individuals:

• I am the only person with access to my work related bank account

• My financial and banking documents are secured in a locked cabinet or office

• To access my bank accounts I use stronger banking security than ‘signatures’ including PIN codes and/or electronic security tokens

• My work debit and/or credit cards have a security chip feature

• I monitor my work bank account account(s) regularly for unauthorised transactions

• My work bank account has a daily transaction limit in place

Assessment of an Entity: 1. Provide copies of the DFAT Fraud Strategy Statement (R1) and Due Diligence Fraud & Anti-Corruption

Acknowledgement form (R2) to the Chief Executive Officer (CEO), or Deputy CEO or equivalent level of

https://dfat.gov.au/about-us/corporate/fraud-control/Pages/fraud-control.aspx




office holder. List details of any current or recent (last two years) fraud or corruption investigation by external parties in ARMS and obtain further details from investigating body where possible.

2. Establish and list in ARMS details of the entity practices, policies and procedures to mitigate the risk of fraud. All available information should be considered and you will need to request the following information: • Invoice & payment Systems (Who has authority to issue payments? How are invoices received? How

goods or services provided are checked to ensure that they were delivered at agreed standards prior to payments? Who authorises invoice payment? How are payments made? Paid by Cheques, transfers, money orders etc.)

• Record keeping arrangements (Who does the bookkeeping and accounting function?) • How are above documents retained and stored (Where and how documents are stored and secured?

For how long?) • Establish audit arrangements Confirm if audited? Regularity of audits, time, place and type (financial,

performance, internal, external etc.). Obtain details of last audit and who conducted it. • Request and consider the following documents: Code of Conduct, Fraud Control Policy, Anti-

Corruption / Bribery Policy, Conflict of Interest and Procurement Policy.

3. Attach a copy of the signed Due Diligence Fraud & Anti-Corruption Acknowledgement form to ARMS. Attach original forms and copies of documents to the relevant official file in your office location.

4. Assessing Officer to determine a risk rating for the entity (considering evidence obtained in steps 1 to 3).

Risk Ratings - Fraud

Very High Risk High Risk Moderate Risk Low Risk The Individual or Entity is unwilling to sign the Fraud & Anti-Corruption Acknowledgement form and/or is under current investigation and information provided and verified with the investigating body suggests the partner has systemic internal problems have been provided.

Individual – has signed the Fraud Acknowledgement form and has not listed any practices to mitigate the risk of fraud and is under investigation and has provided details. Entity – has signed the Fraud Acknowledgement form and unable to provide all information requested OR the entity is not subject to internal or external audit OR is under investigation and has provided details.

Individual –has signed the Fraud Acknowledgement form and has not listed any practices to mitigate the risk of fraud and is not under investigation. Entity – has signed the Fraud Acknowledgement form and provided all information requested and is not under current fraud investigation but is subject to limited auditing.

Individual –has signed the Fraud Acknowledgement form and has some practices in place to mitigate the risk of fraud and is not under investigation. Entity – has signed the Fraud Acknowledgement form and has provided all information requested and is not under investigation and is subject to regular audits.


Figure 5: Fraud control


Individual Entity

Sign DFAT’s Due Diligence Fraud & Anti-Corruption Acknowledgement

Sign DFAT’s Due Diligence Fraud & Anti-Corruption Acknowledgement

Evidence Evidence

List any practices employed by the Individual to mitigate the risk of fraud.

List practices employed by an entity to mitigate the risk of fraud.

E.g. Invoice & payment system,record keeping arrangements, how documents are

retained and stored

Details of Audit Arrangements and recent audits

Risk Rating

Signed Due Diligence Fraud & Anti-Corruption Acknowledgement form

Attached

YES NO

R1 R1

R1

Obtain Policies including: Code of Conduct, Fraud Control Policy, Anti-Corruption / Bribery Policy.


CRITERIA 8: ANTI-CORRUPTION Criterion 8. DFAT is required to verify implementing partner practices, processes and systems used to mitigate and manage the risk of corruption.

Criterion 8.1. Implementing partner should provide advice of the processes, tools and systems it has in place for verifying the anti-corruption approach of its downstream partners.

Guidance This criterion is to verify that an organisation has appropriate anti-corruption processes and related management and reporting systems. DFAT seeks to confirm whether an organisation has anti-corruption policies and processes and how these are implemented within the organisation and its business processes. This analysis can include references in the Fraud Control Plan including relevant national legislation relating to foreign and domestic corrupt practices including bribery.

Possible Evidence to be considered • Anti-Corruption policies and practices • Anti-Corruption risk assessments • Corruption reporting and case resolution procedures

Assessment of an Entity Establish and list in ARMS details of the entity practices, policies and procedures to mitigate the risk of corruption. All available information should be considered and depending on partner type, you may need to obtain or sight the following:

• Anti-Corruption policies and practices • Fraud plans and risk assessments • Anti-Corruption risk assessments • Corruption reporting and case resolution procedures • Governance policies, including code of conduct/ethics, conflict of interest, and anti-bribery and

corruption • Records held by DFAT audit or fraud control areas • Awareness of National Anti-Corruption laws and/or policies

The following key assessment questions should be considered:

1. Does the organisation have anti-corruption policies and programs? 2. Are these implemented within the organisation’s business operations? 3. Is there evidence of a zero tolerance approach to corruption in the organisation? 4. Does the organisation have a code of conduct that covers the issue of anti-corruption? 5. Does the organisation conduct thorough assessments of risks particular to the operating environments

and activities they conduct? 6. Does the organisation train all employees and relevant contractors in anti-corruption as part of its fraud

awareness program? 7. Does the organisation have a reporting system that records all allegations of corruption, any subsequent

administrative or investigation action and their outcomes?


Figure 6: Anti-Corruption Process

Does the organisation have anti-corruption policies and programs?

Are these implemented within the organisation’s business operations?

Is there a zero tolerance approach to corruption in the organisation?

Code of Conduct Policy and Systems Checks

Whistle Blower & Complaint Resolution Systems

Risk Rating


CRITERION 9: SANCTIONS LISTS Criterion 9. - DFAT is required to verify that an organisation, and its downstream partners, are not included on the World Bank listing of ineligible firms or the Asian Development Bank sanctions list

The assessment should ensure that the potential partners are not listed on either the Asian Development Bank Sanctions List or World Bank Listing of Ineligible Firms and Individuals. These lists are publicly available on the internet and can be accessed via the following hyperlinks.

R1 - ADB Sanctions List.

R2 – World Bank Listing of Ineligible Firms and Individuals.

The outcome of this assessment should be recorded in ARMS.

If the individual or entity is listed on either of the World Bank or Asian Development Bank lists:

• The delegate must contact the Aid Risk Management Section immediately at [email protected]

• The delegate must not approve individual or entity until advice is received from Aid Risk Management Section

Figure 7: Sanction lists

Individual & Entity

Verification that the Individual or Entity is not Listed on the World Bank Listing of Ineligible Firms and Individuals

Verification that the Individual or Entity is not Listed on the Asian Development Bank Sanctions List

World Bank Listing

ADB Sanctions List

R1

R2

Is the Individual or Entity Listed?

1

2


Individual Identity Verified at

Assessment Criterion 1

Entity Identity Verified at


http://lnadbg4.adb.org/oga0009p.nsf/sancALLPublic?OpenView&count=999

http://www.worldbank.org/en/projects-operations/procurement/debarred-firms


CRITERION 10: COUNTER TERRORISM Criterion 10. - DFAT is required to verify that an organisation, and downstream partner, are not included on the Attorney General’s Department (AGD) or DFAT terrorism lists.

Guidance The goal of this criteria is to verify that the partner is not listed as a terrorist/organisation associated with terrorists, or listed under Australia’s autonomous sanctions list. These lists are:

• The list of proscribed terrorist organisations under the Criminal Code Act 1995 — maintained by the Australian Attorney Generals Department (AGD)

• The Consolidated List of designated terrorist individual or - maintained by the Department of Foreign Affairs and Trade (DFAT)

The Policy ‘DFAT’s Approach to Managing Terrorism Financing Risk’ provides further guidance on management of the risk of financing terrorism.

Process 1. Assess the risk of funds being diverted to terrorism for your project. Things to consider include:

The operating environment

Are downstream partners used?

Does the organisation send money or have operations in a country in relation to which sanctions have been imposed or in which listed persons or entities are known to operate?

2. Check the following lists for the entity/individual:

R1 - AGD Listing of Terrorist Organisations R2 - DFAT Terrorist List

If the individual or entity is listed on either of the AGD or DFAT Terrorism / Consolidated Sanctions lists:

• DFAT will not engage any individual or entity that appears on either the AGD or the DFAT Terrorism / Consolidated Sanctions Lists.

• The assessing officer will contact the ADG FRB Branch immediately.

• The assessing officer will report the issue to the Aid Risk Management Section at [email protected]

3. Where the risk identified at Step 1 is Medium/High/Very High in addition to Step 2 also conduct additional checks on the partners policies and processes these may include:

• What due diligence processes do they have in place to check downstream partners?

• What internal control processes are in place to ensure that DFAT funds are not being diverted to terrorism? (for example processes for recording transactions and delegations for decision making, who has control over the finances? Do they know who uses their facilities and for what purpose? Do they have the capacity and capability to deliver, track funds and resources?)

• Do they have in place processes to check the background and affiliation of board members, employees, fundraisers, volunteers and partners?

http://www.ag.gov.au/NationalSecurity/Counterterrorismlaw/Pages/Terroristorganisations.aspx

http://www.dfat.gov.au/issues/terrorism.html

http://dfatintranet.titan.satin.lo/managing-aid/other-aid-management-risk-policies/Pages/terrorism-finance-risk-policy.aspx

http://www.ag.gov.au/NationalSecurity/Counterterrorismlaw/Pages/Terroristorganisations.aspx

http://www.dfat.gov.au/issues/terrorism.html



Figure 7: Counter terrorism

Assess the risk of diversion of funds to

terrorism

Record check has occurred

NFA

Where terrorism-financing risks remain high or very high after controls are in

place, a member of DFAT’s Senior Executive Service (SES) must decide, based on residual risks and potential

benefits, whether to proceed with the expenditure. The decision and reasons

must be documented

What is the risk of diversion of funds to

terrorism?

Do not fundAdvise appropriate

financial delegate that the entity or associated entity is a listed terrorist or terrorist organisation.

Conduct enhanced terrorism risk due

diligence process. As per step 3.

Include any identified risks in risk register and any potential controls or

management strategies

Individual & Entity


Individual Identity Verified at


Entity Identity Verified at


Verification that the organisation is not listed on the Attorney General’s Department (AGD)

Terrorism ListAGD Terrorism List

Verification that the organisation is not listed on the Department of Foreign Affair and Trade

(DFAT) Consolidated Sanctions List

DFAT Consolidated Sanctions List

R1

R2

Are partnersor known

associated entitieson these lists?

1

2

Yes

low

Medium/High/Very High

no


CRITERION 11: INTEGRITY SYSTEMS CHECK Criterion 11. DFAT is required to verify that individuals have undergone integrity screening and entities have integrity systems in place.

Criterion 11.1. Evidence that the implementing partner has processes and systems in place to ensure downstream partner staff have appropriate character checking or staff screening in place including criminal records checks.

Guidance DFAT has a responsibility to ensure that all personnel engaged directly or indirectly on activities funded through the aid program, are of good fame and character at the time of their engagement, and remain so for the term of their engagement. The integrity systems approach considers a broader range of behavioural indicators than just criminal history checks and includes referee reports and CV integrity testing. It will provide greater surety of partner suitability to deliver on behalf of the Australian aid program.

Before Starting this Assessment • Note that the assessing officer may need to contact third parties (such as previous employers and

academic / tertiary institutions) to verify past employment and professional or academic qualifications.

Assessment of an Individual 1. Consider the recent CV obtained in assessment criteria 1 (Entity & Individual details) and referee

comments obtained in assessment criteria 2 (Past Performance). 2. Assessing officer to determine the need to seek information from past employers to verify claims made

in CV. Factors for deciding can include the following: Does the work history look correct for the age of the individual? Do performance referee comments raise doubt about actual work history?

3. Assessing officer to determine the need to seek information from professional associations or academic / tertiary institutions to verify claims made in CV. • Factors for deciding can include the following: Does verified performance and referee comments

raise doubt about actual qualifications held? 4. Assessing officer to determine the need to request a criminal history check from an individual.

• Factors for deciding can include the following: Information received during this assessment raises doubt about an individual’s integrity, refusal to sign DFAT’s Due Diligence Fraud & Anti-Corruption Acknowledgement or Child Protection Code of Conduct. Criminal history checks to be obtained in accordance with requirements outlined in the DFAT Child Protection Policy (R1).

5. Assessing Officer to determine a pragmatic risk rating for the individual (considering evidence obtained in steps 1 to 4).

Assessment of an Entity 1. Establish and list processes and practices the entity employs to check the integrity of staff and

contractors prior to engagement. All available information should be considered and you will need to record the following information: • How does the entity check the CV integrity of prospective employees? • How does the entity seek and consider referee reports relating to prospective employees?


• Does the entity use criminal history checks to screen prospective employees? If so, under what circumstances?

2. Establish and list processes and practices the entity employs to ensure the integrity of staff and contractors post engagement. All available information should be considered and you will need to record the following information: • Does the Code of Conduct (obtained in assessment criteria 7 & 8 (Fraud & Anti-Corruption) outline

the required behaviour of employees and contractors? • How does the entity manage and investigate complaints regard behaviour including breaches of the

code of conduct? • How does the entity receive complaints? Who investigates complaints? Where are complaints

recorded? Who makes final decision in response to complaints made? How are decisions recorded and reported?

• Request and consider the following documents: HR Policy, Code of Conduct, Complaints Handling Policy, and Whistle-blower Policy.

3. Assessing officer to determine a pragmatic risk rating for the entity (considering evidence obtained in steps 1 to 2).

Notes

DFAT has a responsibility to the Australian Government to ensure that all personnel engaged directly or indirectly on activities funded through the aid program, are of good fame and character at the time of their engagement, and remain so for the term of their engagement. The integrity systems approach considers a broader range of behavioural indicators than just criminal history checks and includes: referee report and CV integrity testing. It will provide greater surety of partner suitability to deliver on behalf of the Australian aid program.

Risk Ratings – Integrity Systems

Very High Risk High Risk Moderate Risk Low Risk Individual - There are doubts about CV information and it cannot be verified and a criminal records check returned with a criminal history. Entity – processes and practices are not in place for the questions asked and none (or few) of the documents requested have been provided.

Individual – There are doubts about CV information and it cannot be verified but a criminal records check returned clear. Entity – process and practices are in place for only a few of the questions asked and/or none of the documents requested have been provided.

Individual – CV information has not been verified by any third parties but there are no obvious reasons to doubt the information. Entity – process and practices are in place for most of the questions asked and/or only some of the documents requested have been provided.

Individual – CV information has been verified by third parties and there are no obvious reasons to doubt the information. Entity – processes and practices are in place for each of the questions asked and documents requested have been provided.


Figure 8: Integrity systems


Individual Entity

Individual Identity Verified at Assessment Criterion 1

Entity Identity Verified at Assessment Criterion 1

Verify Integrity of Individual Pre-Staff Engagement

Obtain and Consider recent CVAssessment Criterion 1

Consider Referee Comments ObtainedAssessment Criterion 2

If Unsure, Verify Past Employment

If Unsure, Verify Qualification(s) with Institutions

In Doubt, Request Criminal History Check from Individual

Does Entity Have Processes + Practices to Check the Integrity of Staff Prior to Engagement?

CV Verification

Third Party Referee Checks

Criminal History Checks

Post Staff Engagement

Does Entity Have Process / Practices to Ensure Integrity of Staff Post Engagement?

HR Policy and Complaints Handling Proceedures

Code of Conduct Assessment Criterion 7&8

Approach to Investigating Breaches of Inappropriate Conduct

Management Decision Making & Reporting

Risk Rating


CRITERION 14: CHILD PROTECTION Criterion 14. Implementing partners have appropriate child protection processes and systems in place.

Criterion 14.1. Evidence that the implementing partner has processes and systems in place to ensure it verifies its downstream implementing partners have appropriate child protection processes and systems in place if child protection safeguards are relevant to this type of partner.

Guidance The purpose of this criterion is to verify that implementing partners have child protection processes and systems in place that are appropriate to the child protection risk context.

Before Starting this Assessment Assessing officer should read and understand the DFAT Child Protection Policy and the DFAT Child Protection Guidance Note: Establishing Child Protection Risk Context.

The DFAT Child Protection Guidance Notes provide additional guidance on various investment types and their possible impacts on children. These are located on DFAT’s website: http://dfat.gov.au/about-us/publications/Pages/child-protection-policy.aspx

Assessment of an Individual: 1. Provide a copy of the DFAT Child Protection Policy to the Individual and advise them they must comply with this policy. 2. Establish and record in ARMS the details of the Individual’s ‘Level of Contact with Children’. Use the

DFAT Child Protection Guidance Note: Establishing Child Protection Risk Context to make this assessment.

3. Ensure that the Individual signs the DFAT Child Protection Code of Conduct form. 4. Attach a copy of the signed Code of Conduct form to ARMS. 5. If the Individual’s Level of Contact with Children is ‘contact with children’ or ‘working with children’, then sight the individuals criminal history check and record the details on ARMS, but do not retain.

Assessment of an Entity: 1. Establish and record in ARMS the details of the entities’ ‘Level of Contact with Children’ and risk rating. Use the DFAT Child Protection Guidance Note: Establishing Child Protection Risk Context to make this assessment.

2. Where there is working with or contact with children seek further information commensurate with the requirements of the DFAT Child Protection Policy (for contact and working with children). Establish and list in ARMS the child protection policies and practices that the entity currently uses. All available information should be considered and you will need to request the following information, if available:

• Child Protection Policy • Organisation Code of Conduct (cross reference to Assessment Criterion 7, Fraud) • Child Protection Risk Assessment policy, system or practice • Procedures for engaging staff / consultants / contractors (cross reference to Assessment Criterion

11 Integrity Systems)

http://dfat.gov.au/about-us/publications/Pages/child-protection-policy.aspx

http://dfat.gov.au/international-relations/themes/child-protection/Documents/child-protection-risk-assessment-guidance.docx








• List of Child Protection Training conducted for staff and others e.g. partners • The results of a policy compliance checks (if any) previously conducted by the DFAT Child

Protection Compliance Section. Contact [email protected] for this information. • How does the entity ensure that downstream partners meet DFAT’s child protection policy

requirements? 3. Assessing Officer to determine a risk rating for the entity using the below matrix. Attach original forms and copies of documents to the relevant official file (EDRMS). 4. If this assessment shows that the entity requires further action to comply with DFAT’s policies this should be listed on the risk register for the activity and an action plan developed with the Partner to assure their compliance.

Risk Ratings – Child Protection

Very high risk High risk Moderate risk Low risk

Entity: The partner is unwilling to comply with the DFAT Child Protection Policy or safeguards policy. Individual: is unwilling to sign the DFAT Child Protection Code of Conduct form

The partner has not been able to provide most of the information requested but is willing to comply with the DFAT Child Protection Policy

The partner has provided only some elements of the information requested and is willing to comply with the DFAT Child Protection Policy.

Individual – demonstrated that there will be no contact with children. Signed the DFAT Child Protection Code of Conduct form. Entity – demonstrated that there will be no contact with children. The partner has been able to provide all of the information requested. Clear regular communications about transparency with partners & follow-up appropriate to partner capacity & performance.

Notes: Existing Partners (Individuals and Entities): must comply with the DFAT Child Protection Policy.

Existing Partners (Entities only) If the assessing officer rates an existing partner as either very high, high or moderate risk against this criterion, they should consider requesting that the DFAT Child Protection Compliance Section conduct a Policy Compliance Check of the entity.

References DFAT Child Protection Policy DFAT Child Protection Guidance Note: Establishing Child Protection Risk Context. Child Protection Code of Conduct form







Figure 9: Child protection

Individual Entity

Risk Rating

Contact With Or working with

Children?

Low RiskNo Further Assessment

Required

YES

NO

Establish and list current child protection policies and practices that the entity currently undertakes. Are these consistent with what is required under the DFAT Child

Protection Policy?

Assess Child protection risk context using the Establish Child Protection Risk Context Guidance Note

Sight criminal history check/equivalent (Do not retain)

Sign DFAT Child Protection Code of Conduct

Working or contact with children

Has a child protection risk been

identified?

Low RiskNo Further Assessment

Required

no

yes

ADDITIONAL CRITERIA – MULTILATERAL ORGANISATIONS


CRITERIA 18 - TRANSPARENCY Criterion 18 DFAT is required to assess an implementing partner’s commitment and capacity to comply with DFAT’s transparency charter.

Criterion 18.1 Evidence that the implementing partner has processes and systems in place to ensure its downstream implementing partners have appropriate transparency processes and policies in place – if applicable.

Guidance This criterion is to assess an organisation’s compliance with the DFAT Transparency Charter. It seeks to determine whether an organisation is open and transparent about its development programs

The Australian public and the recipients of Australian aid have a right to know that Australian aid funds are spent effectively, achieve real results and help people to overcome poverty. With good information, taxpayers and aid recipients can hold governments accountable and the risk of corruption is reduced. The Australian Government is committed to improving the transparency of the Australian aid program. All DFAT funded organisations are required to be aligned with DFAT’s commitment to transparency and accountability.

Objectives of the Assessment To satisfy DFAT this assessment seeks to:

1. Adequately verify that the implementing partner has guidelines and systems to achieve alignment with DFAT’s commitment to transparency and accountability.

Adequately verify that the implementing partner has processes and systems in place through which it verifies that its downstream partners work in a manner consistent with the requirements of the DFAT commitment to transparency

Notes • The entity type will be a significant influence on the transparency of a partner. • Listed partners and government partners are significantly more transparent when compared with

proprietary limited partners.

Assessment The following should be considered:

1. Is the organisation open and transparent about its development programs? 2. Does the organisation publish detailed information on its work including policies, plans, processes

and the results of its activities including evaluations and research to explain where its funds are spent and its impact on reducing poverty?

3. Does the organisation publish information in a timely fashion and in a format that is useful and accessible?

4. Does the organisation welcome the public to improve effectiveness, efficiency and transparency of its actions to achieve better value for money?


5. Does the organisation publish local language summaries of Australian aid programs in local media and online that also acknowledge Australia’s contribution to its activities?

All available information should be considered and depending on partner type, you may need to obtain or sight the following: a) Transparency Charter, policy, or other guidelines in broad alignment with the DFAT commitment to

transparency; b) Engagement with the International Aid Transparency Initiative (IATI); c) Examples of information consistent with the Charter or policy guidance e.g. websites and publicly

released Information; Annual Reports; evaluations; policies; information in local languages; d) Local/international media Record all outcomes in ARMS.

References R1 DFAT’s commitment to transparency and accountability, and its engagement with IATI; http://www.dfat.gov.au/about- us/corporate/transparency/Pages/transparency.aspx

Risk Ratings - Transparency


No transparency commitment, policy or procedural guidelines in place i.e. no (or significantly inconsistent) evidence related to a) & b) above. No (or significantly inconsistent) track record of transparency in its operations. No (or significantly inconsistent) communications with partners and other stakeholders about transparency.

Poor quality, wide variability, inconsistency, or other significant problems in some or most of the following: • transparency policies and

procedural guidelines in place; • track record of application of

guidelines; • evidence of periodic revisiting

of transparency policy & guidelines and associated application;

• communications with partners and other stakeholders about transparency guidelines.

Reasonable quality, some variability or inconsistency or other minor problems in some of the following: • transparency policies and

procedural guidelines in place; • track record of application of

guidelines • evidence of periodic revisiting

of transparency policy & guidelines and associated application;

• communications with partners and other stakeholders about transparency guidelines.

Relevant reasonable quality policy and procedural guidelines in place i.e. evidence related to a) & b) above (or equivalent evidence) illustrate substantive commitment to transparency and engagement with IATI. • Track record of actions

consistent with the transparency policy & procedures over a period of several years.

• Periodic revisit of the transparency policy.

• Clear regular communications about transparency with partners & follow-up appropriate to partner capacity & performance.


Figure 10: Process Map - Transparency

Is the organisation open and transparent about its development programs?

Does the organisation publish information in a timely fashion and in a format that is useful

and accessible?

Does the organisation welcome the public to improve effectiveness, efficiency and

transparency of its actions?

Does the organisation publish local language summaries of Australian aid programs in local

media and on the webpages?

What is the Risk Rating for this criteria?

CRITERIA 19 – BRANDING Criterion 19 DFAT is required to assess an implementing partner’s systems, processes and commitment to comply with DFAT’s branding and attribution objectives.

Criterion 19.1 Evidence that the implementing partner has processes and systems in place to ensure it verifies its downstream implementing partners have commitment and capacity to comply with DFAT Visual Identity Guidelines 2011– if applicable.

Guidance To aim of this assessment is to adequately verify that the implementing partner has processes and systems to achieve compliance with the requirements of the DFAT visual identity guidelines 2011 (R1).

Recognising the Australian identity and the support of the Australian Government is an Australian Government requirement. Obtaining recognition through the correct use of visual identity is mandatory (unless otherwise exempt) for all DFAT activities in Australia and overseas.

Process All DFAT funded organisations are required to be compliant with the DFAT Visual Identity Guidelines 2011. The assessment should consider the following:

1. Does the organisation have a recognition policy or guidance in place? 2. Does the organisation make arrangements for DFAT and other donor recognition before any DFAT

funded activity is undertaken?


3. Are the visibility and recognition activities of the organisation upfront and obvious? 4. How effective and relevant is the monitoring and evaluation of this criteria by the partner?

Possible Evidence to be considered:

• Recognition policy or equivalent that enables entity to acknowledge and attribute support; • Standardised contracts or agreements with donors, partners and others that include provision for

acknowledging donors in public information; • Examples of acknowledgement and attribution in practice including:

o Project signage o Publications o Annual reports o Events o Websites o Sponsorship materials o Stationery o Advertisements o Clothing o Merchandise o Media releases o Marketing and promotional material o Speeches and interviews

Risk Ratings - Branding


No policies and procedural guidelines in place i.e. no (or significantly inconsistent).

No (or significantly inconsistent) track record of practice around branding, acknowledgement and attribution in key activity documents.

No (or significantly inconsistent) communications with partners and other stakeholders about attribution, branding.

Poor quality, wide variability, inconsistency, or other significant problems in some or most of the following:

• policies and procedural guidelines;

• track record of application of the guidelines;

• evidence of periodic review and revision of guidelines and associated applications;

• communications with partners and other stakeholders about branding/ acknowledgement guidelines.

Reasonable quality, some small variability or inconsistency or other minor problems in some of the following:

• policies and procedural guidelines;

• track record of application of the guidelines;

• evidence of periodic review and revision of guidelines and associated applications;

• communications with partners and other stakeholders about branding/ acknowledgement guidelines.

Relevant acknowledgement and attribution/branding/ equivalent policy and procedural guidelines in place.

Track record of application of the policy & procedures over a period of several years with a range of donors. Multiple examples in a range of media.

Evidence periodic review and revision of policy and practice e.g. to take account of specific circumstances such as security.

Clear regular communications about acknowledgement and attribution with partners & follow-up appropriate to partner capacity & performance.

References R1 DFAT Branding Policy: http://dfatintranet.titan.satin.lo/external-engagement/media-communications/publications-branding/Pages/branding-for-implementing-partners.aspx

http://dfatintranet.titan.satin.lo/external-engagement/media-communications/publications-branding/Pages/branding-for-implementing-partners.aspx

http://dfatintranet.titan.satin.lo/external-engagement/media-communications/publications-branding/Pages/branding-for-implementing-partners.aspx

ADDITIONAL CRITERIA – PRIVATE ENTITIES


CRITERIA 17 - ENVIRONMENTAL PROTECTION SAFEGUARDS Criterion 17 DFAT is required to assess an implementing partner’s capacity and performance to implement environmental safeguards.

Criterion 17.1 Evidence that the implementing partner has processes and systems in place to ensure it verifies its downstream implementing partners have appropriate environmental safeguards in place.

Guidance The aim of this assessment is to adequately verify that implementing partner has an appropriate environmental protection safeguards in place.

Process The PGPA Act delegate should consider the information obtained to make a determination of the adequacy of the implementing partner’s environmental safeguards. All available information should be considered and depending on partner type, you may need to obtain or sight the following:

• Environment Management policy and/or supporting procedural guidelines • Environmental certifications • Environmental risk assessments • Ensure Environmental Management is included in the Activity M&E framework. • Legal register for environment-related issues (i.e. list of all environmental regulations the organisation is

required to comply with); • Assessment of environmental risks or impacts associated with the DFAT funded activities (if applicable). • List of any environmental awards or certifications (e.g. ISO14001) with supporting certification and/or

reports; • Environment explicitly considered in project management cycle (or other activity cycle) stages including

planning, design, appraisal, implementation and monitoring and evaluation; • Assessment of environmental risks and impacts, and subsequent management measures associated with

DFAT funded activities;

Risk Ratings – Environmental Management


No policies and procedural guidelines in place i.e. no (or significantly inconsistent) evidence related to above.

No (or significantly inconsistent) track record of consideration of environmental protection in key activity documents.

No (or significantly inconsistent) communications with partners and other stakeholders about environmental protection.

Poor quality, wide variability, inconsistency, or other significant problems in some or most of the following:

• policies and procedural guidelines in place;

• track record of application of environment guidelines;

• evidence of periodic review and revision of environment guidelines and associated application;

Limited communications with partners and other stakeholders about environment guidelines.

Reasonable quality, some variability or inconsistency or other minor problems in some of the following:

• policies and procedural guidelines in place;

• track record of application of environment guidelines;

• evidence of periodic review and revision of environment guidelines and associated application;

Communications with partners and other stakeholders about environment guidelines.

Relevant reasonable quality policies and procedural guidelines in place. Illustrate substantive awareness of and engagement with environment as a key issue.

Track record of actions consistent with the environment policy & procedures over a period of several years.

Evidence periodic review and revision of environment policy and practice.

Clear regular communications about environmental protection with partners & follow-up appropriate to partner capacity & performance.


References

R1 Australian Environmental Protection and Biodiversity Conservation Act 1999

Figure 11: Environmental Safeguards Process Does the organisation collect and evaluate adequate and timely information regarding

the environmental impact of their activities?

Does the organisation set targets for improved environmental performance, regularly

monitor progress for environment targets?

Does the organisation assess and address in decision making, the foreseeable

environmental impact associated with the processes, goods and services of the enterprise over their full life cycle?

Does the organisation maintain contingency plans for preventing, mitigating and

controlling serious environmental damage?

Does the organisation continually seek to improve corporate environmental

performance?

What is the Risk Rating for this criteria?

http://www.austlii.edu.au/au/legis/cth/consol_act/epabca1999588/


CRITERIA 20. NATIONAL INTEREST Criterion 20 DFAT is required to assess an implementing partner’s commitment to and/or compliance with DFAT’s policy requirements (corporate image and social responsibility).

Criterion 20.1 Evidence that the implementing partner has processes and systems in place to ensure that it verifies that its downstream implementing partners have commitment and capacity to comply with DFAT’s policy requirements and corporate objectives – if applicable.

Guidance DFAT ensures that potential partners are not involved in activities, countries, governments, business sectors, or with customers that would cause a reasonable person to believe that DFAT is acting inconsistently with its own or Australian Government policy.

DFAT ensures that potential partners are not involved in activities, countries, governments, business sectors, or with customers that would cause a reasonable person to believe that DFAT is acting inconsistently with its own or Australian Government policy.

Corporate Image

This assesses whether an organisation is engaged in any activities, countries, governments, business sectors, or with customers that would cause a reasonable person to believe that engaging with this organisation is inconsistent with DFAT or Australian Government policy. For example, is the organisation engaging in a country where Australian Government sanctions apply? Has the organisation been associated with significant negative publicity or facing current law suits? Is the organisation willing to engage in a transparent manner and without expectations of an exclusive relationship? Is the organisation accepting of limitations on publicity so as to ensure DFAT is not perceived to be endorsing it or its products?

Social Responsibility

This assesses whether an organisation is engaged in any activities, countries, governments, business sectors, or with customers that would cause a reasonable person to believe that DFAT engaging with this organisation is inconsistent with DFAT or Australian Government policy. For example, is the organisation involved in tobacco or the sale or manufacture of firearms or narcotics? If so, what share of the organisation’s portfolio is this involvement? Does the organisation have a good reputation, especially in areas of corporate social responsibility? Does the organisation have policies barring child labour or forced labour? Is the organisation accepting of unions or unionisation? Does the organisation have a health and safety action plan for workers including the handling of hazardous materials and prevention of environmental accidents?

Process The following should be considered when making an assessment:

1. Is the partner involved in activities, countries, governments, business sectors, or customers that would cause a reasonable person to believe that DFAT is acting inconsistently with its own or Australian Government policy by engaging this partner? 2. Is the partner operating in regions or countries where Australian government sanctions apply? 3. Has the partner signed an undertaking to acknowledge and adhere to all Australian Government sanctions when undertaking activities under the aid program?

Record outcomes in ARMS


Possible Evidence to be Considered:

a) Development objectives outlined in strategic plan or other guiding documents. b) Publicly released Information from the entity; c) Internet searches using entity name and key words including UN and other sanctions; court cases; legal;

etc. d) Local/international media; e) Seek post/local knowledge and experience with organisation and key individuals; f) Cross reference to criteria 16-19, where assessed that also reflect DFAT policy requirements. g) Declaration from the entity confirming awareness of Australian sanctions regimes

(http://dfat.gov.au/international-relations/security/sanctions/sanctions-regimes/Pages/sanctions-regimes.aspx ) and list of country programs where sanctions apply.

Risk Ratings – National Interest


No awareness of Australian sanctions regimes.

Work in countries subject to Australian sanctions and no specific action/agreements to manage this.

Negative results from internet searches.

No apparent alignment or intersection between entity’s and DFAT’s mission, goals, values.

No (or significantly inconsistent) communications with partners and other stakeholders about the entity mission, operations etc.

Poor quality, wide variability, inconsistency, or other significant problems in some or most of the factors listed in the Low Risk column.

Reasonable quality, some variability or inconsistency or other minor problems in some of the factors listed in the Low Risk column.

Declaration from entity confirming awareness of Australian sanctions regimes, identifying work in relevant countries.

Positive references from DFAT posts & other stakeholders; positive results from internet searches.

Close alignment or intersection between entity’s mission, values, goals etc outlined in strategic plans and other guiding documents, and DFAT goals and policies.

SUBMITTING A DUE DILIGENCE ASSESSMENT FOR APPROVAL Due Diligence assessments are required to be submitted approval to the S.23 financial delegate. Any risks identified should be highlighted in the minute for approval as well as details on any management strategies for these risks.

.

http://dfat.gov.au/international-relations/security/sanctions/sanctions-regimes/Pages/sanctions-regimes.aspx



ATTACHMENT A – INFORMATION GUIDE – DUE DILIGENCE BASELINE ASSESSMENT

Due Diligence Baseline Assessment Information Guide

Summary of information generally required from implementing partners to conduct an assessment.

Assessment Criteria Assessment of an Individual Assessment of an Entity (Non –Individual)

Criterion 1.

DFAT is required to verify implementing partner identity.

• Original recent bank statement* (showing name and address of the individual)

• Showing to the DFAT assessing officer and / or providing copies of two (2) of the following identity documents: Passport, National Identity Card, Personal ID issued by government agencies such as a vehicle or other licenses.

• Current Resume or CV • Two Professional Referees • If individual operates in Australia, an Australian Business Number

(ABN) • If individual is based or registered overseas, details of equivalent

foreign registration (where it exists)

• Original recent bank statement (showing name and address of the entity) • If the entity operates in Australia registration information such as Australian

Business Number (ABN), Australian Companies Number (ACN) issued from the Australia Securities & Investments Commission (ASIC), Australian Charities and Not-for-profits Commission registration details

• If entity is based or registered overseas, details of equivalent foreign registration (where it exists)

• Relevant publicly available documents where they exist (e.g. annual reports, published financial statements)

Criterion 2. DFAT is required to verify the past performance of the individuals and entities.

• Any recent and relevant performance information that you would like the DFAT assessing officer to consider (e.g. external or independent evaluations and reviews)

• Professional Referees (not included in CV) • List of recent activities or projects

• Any recent and relevant performance information that you would like the DFAT assessing officer to consider (e.g. external or independent evaluations and reviews)

• Professional Referees (not included in CV) • List of recent activities or projects

Criteria 7 & 8. DFAT is required to verify implementing partner practices, processes and systems used to mitigate and manage the risk of fraud and corruption.

• Signed Due Diligence Fraud & Anti-Corruption Acknowledgement form

• If applicable, details of current or recent (last two years) fraud or corruption related investigations by external parties.

• Details of practices used to mitigate the risk of fraud. Examples could include:

o I am the only person with access to my work related bank account

o My financial and banking documents are secured in a locked cabinet or office

o To access my bank accounts I use stronger banking security than ‘signatures’ including PIN codes and/or electronic security tokens

o My work debit and/or credit cards have a security chip feature o I monitor my work bank account account(s) regularly for

unauthorised transactions

• Signed Due Diligence Fraud & Anti-Corruption Acknowledgement form by Chief Executive Officer (CEO), or Deputy CEO or equivalent level of office holder

• If applicable, details of current or recent (last two years) fraud or corruption related investigations by external parties on organisation or related entities

• Details of Invoice & payment Systems including: o Who has authority to issue payments? o How are invoices received? o How are goods or services were provided checked to ensure that they

were delivered at agreed standards prior to payments? o Who authorises invoice payment? o How are payments made? (Cheques, transfers, money orders etc.)

• Details of Record keeping arrangements (Who does the book keeping and accounting function?)

• Details of how above documents are retained and stored (Where and how documents are stored and secured? For how long?)


o My work bank account has a daily transaction limit in place • Audit arrangements: is the entity is subject to audit and how often? Confirm time, place and type (financial, performance, internal, external etc.) request details of last audit and who conducted it.

• Relevant entity policy documents: Code of Conduct, Fraud Control Policy, Anti-Corruption / Bribery Policy, Conflict of Interest and Procurement Policy.

Criterion 11. DFAT is required to verify that Individuals have undergone integrity screening and entities have integrity systems in place.

• If not listed in resume or CV , details of relevant professional memberships or academic / tertiary qualifications

Note: In some cases the assessing officer may request an individual’s consent to undergo a criminal records check. Checks will be conducted for each country in which the individual has lived for 12 months or longer over the last five years, and for the individual’s country of citizenship.

• Details of processes and practices the entity employs to check the integrity of staff and contractors prior to engagement.

o How does the entity check the CV integrity of prospective employees?

o How does the entity seek and consider referee reports relating to prospective employees?

o Does the entity use criminal history checks to screen prospective employees? If so under what circumstances?

• Details of processes and practices the entity employs to ensure the integrity of staff and contractors post engagement.

o How does the entity manage and investigate complaints regarding behaviour including breaches of the code of conduct?

o How does the entity receive complaints? o Who investigates complaints? o Where are complaints recorded? o Who makes final decision in response to complaints made? o How are decisions recorded and reported?

• Relevant entity policy documents: HR Policy, Code of Conduct Complaints Handling Policy and Whistleblower Policy.

Criterion 14. New implementing partners have appropriate child protection processes and systems in place Existing Partners (Individuals and Entities): must comply with the DFAT Child Protection Policy

• Details of activities currently (or will be) engaged in that involves (or may involve) ‘Contact with Children’ due to either the nature of the initiative or the work environment

• Signed DFAT Child Protection Code of Conduct form Note: In some cases the assessing officer may request an individual’s consent to undergo a criminal records check in accordance with the DFAT Child Protection Policy. Checks will be conducted for each country in which the individual has lived for 12 months or longer over the last five years, and for the individual’s country of citizenship.

Details of child protection policies and practices that the entity currently undertakes.

o Child Protection Policy o Child Protection Code of Conduct o Child Protection Risk Assessment policy, system or practice o List of Child Protection Training conducted for staff. o Where conducted, details of policy compliance checks conducted by

the DFAT Child Protection Section.

For Private Sector Baseline Plus Criteria 17 – Environmental Management

• Environmental Management policy and risk management systems • Environmental certifications • Environmental risk assessments • Ensure Environmental Management is included in the Activity M&E

framework.


• Legal register for environment-related issues (i.e. list of all environmental regulations with which the organisation is required to comply);

• Assessment of environmental risks or impacts associated with the DFAT funded activities (if applicable).

• List of any environmental awards or certifications (e.g. ISO14001) with supporting certification and/or reports;

• Environment explicitly considered in project cycle (or other activity cycle) stages including planning; design; appraisal; implementation; M & E;

• Assessment of environmental risks & mitigation measures associated with DFAT funded activities (if applicable);

For Private Sector Baseline Plus Criteria 20 – National Interest

• Development objectives outlined in strategic plan or other guiding documents.

• Publicly released Information from the entity; • Internet searches using entity name and key words including UN and

other sanctions; court cases; legal; etc. • Local/international media; • Seek post/local knowledge and experience with organisation and key

individuals; • Cross reference to criteria 16-19 that also reflect DFAT policy

requirements. • Declaration from the entity confirming awareness of Australian sanctions

regimes (http://dfat.gov.au/international-relations/security/sanctions/sanctions-regimes/Pages/sanctions-regimes.aspx ) and list of country programs where sanctions apply.





ATTACHMENT B: MULTILATERAL BASELINE ASSESSMENT INFORMATION GUIDE

Due Diligence Baseline Assessment Guide for Multilateral Organisations

To be read in conjunction with the Baseline Assessment Guidance and Tool when assessing a Multilateral Partner.

Assessment Criteria This document provides additional information that DFAT assessors must consider to assist them in assigning an appropriate risk rating

when conducting a Baseline Due Diligence Assessment on a Multilateral Organisation

Criterion 1. DFAT is required to verify implementing partner identity.

Verifying the legal identity of the partner and governance arrangements When dealing with multilateral organisations, it is important to understand:

• Who you are dealing with and whose policies and procedures apply? (For example, are funds held in trust by another organisation?) • Which parties are legal entities? • Governance arrangements: how are decisions made, who makes them, and what input or visibility do donors/stakeholders have of these decisions? • How funding flows from donors to (downstream) implementing agencies and what set standards/conditions are in place for these funding flows?

For example, it is common for some multilateral organisations to act as trustee for other multilateral organisations. In many of these arrangements, the trustee does not accept any responsibility for the way in which funds are managed, allocated or dispersed, making it difficult for donors to articulate specific standards and reporting arrangements for the expenditure of their funds.

Criterion 2. DFAT is required to verify the past performance of the individuals and entities.

Reflecting on past performance data for multilateral organisations Note that the Contractor and Adviser Performance Assessment register does not contain any data on multilateral performance.

The 2012 Australian Multilateral Assessment and 2012 Scorecards provide performance data for 42 of the Australian Aid Program’s current or prospective multilateral partners. Performance information for other multilateral organisations may be found in other donor assessment mechanisms, such as the UK’s Multilateral Aid Review, Canada’s Review of the Effectiveness of CIDA’s Multilateral Delivery Channel, and Multilateral Organization Performance Assessment Network assessments.

If you are assessing an organisation not evaluated by any of these processes, refer to the entity’s own performance information (for example: annual reports, internal and independent evaluations, etc.), as well as project reporting from the Australian Aid Program’s existing arrangements with the organisation, where applicable.

The Australian Aid Program has ear-marked funding agreements (also called non-standard grant agreements) with many of its multilateral partners. In these instances, posts will have specific and valuable information on the local performance of the organisation and capturing this knowledge (both positive and negative) in an assessment will provide a good picture of the partner’s operations.

https://www.gov.uk/government/collections/multilateral-aid-review

http://www.acdi-cida.gc.ca/acdi-cida/acdi-cida.nsf/eng/JUD-111795644-KJX

http://www.mopanonline.org/


Criteria 7 & 8. DFAT is required to verify implementing partner practices, processes and systems used to mitigate and manage the risk of fraud and corruption.

Assessing the multilateral organisation’s approach to fraud and corruption Multilateral Organisations are not expected to sign the Due Diligence Fraud and Anti-Corruption Acknowledgment Form. However, reasonable visibility of the auditing and fraud investigation processes of the multilateral organisation is needed to have confidence in the systems, policies and procedures the partner has in place to affect agreed standards. Consider the partner’s policies and processes for:

• code of conduct and conflict of interest; • fraud control, anti-corruption and bribery, including definitions; • procurement; • audit reports; • timeframes for notifying donors of fraudulent behaviour; • funds recovery; and • reporting of fraudulent behaviour to law enforcement.

Criterion 9 & 10

To ensure that multilateral organisations’ implementing partners are not listed on the World Bank and Asian Development Bank Sanctions Lists or the Attorney General’s Department and DFAT Terrorism Lists.

Assessing the organisation’s approach to counter terrorism Multilateral organisations are very unlikely to appear on sanctions or terrorism lists due to their structure and purpose.

However, implementing partners should have been checked against the relevant sanction and terrorism lists as advised in the Due Diligence Baseline Assessment Information Guide and How to Conduct a Baseline Due Diligence Assessment for both individuals and entities.

Multilateral organisations should also have an established process for informing donors if it detects funds have been used to support terrorists or terrorist organisations.

Criterion 11. DFAT is required to verify that Individuals have undergone integrity screening and entities have integrity systems in place.

The assessment criteria for integrity screening is generic for all partner types. Please refer to the Due Diligence Baseline Assessment Information Guide and How to Conduct a Baseline Due Diligence Assessment.


Criterion 14 DFAT is required to verify that new implementing partners have appropriate child protection processes and systems in place

Existing Partners (Individuals and Entities): must comply with the DFAT Child Protection Policy

The assessment criteria for child protection are generic for all partner types. Please refer to the Due Diligence Baseline Assessment Information Guide (Attachment A) and Baseline line and Baseline Plus Due Diligence Operational Procedures.

Branding • Recognition policy or equivalent that enables entity to acknowledge and attribute support; • Standardised contracts or agreements with donors, partners and others that include provision for acknowledging donors in public information; • Examples of acknowledgement and attribution in practice including:

o Project signage o Publications o Annual reports o Events o Websites o Sponsorship materials o Stationery o Advertisements o Clothing o Merchandise o Media releases o Marketing and promotional material o Speeches and interviews

Transparency All available information should be considered and depending on partner type, you may need to obtain or sight the following: • Transparency Charter, policy, or other guidelines in broad alignment with the DFAT commitment to transparency; • Engagement with the International Aid Transparency Initiative (IATI); • Examples of information consistent with the Charter or policy guidance e.g. websites and publicly released Information; Annual Reports; evaluations; policies;

information in local languages; • Local/international media

BASELINE AND BASELINE PLUS DUE DILIGENCE ......Due diligence operational procedures 4 BASELINE DUE...

Documents

Transcript of BASELINE AND BASELINE PLUS DUE DILIGENCE ......Due diligence operational procedures 4 BASELINE DUE...