Fraud and Corruption Control

Framework

TRIM 13/384765

Page | 1

TRIM: 13/377618

ContentsDirector-General’s Foreword.........................................................................................................4

Introduction........................................................................................................................................5

Purpose.................................................................................................................................5

Goals and Objectives............................................................................................................5

Our Policy...........................................................................................................................................6

What is Fraud and Corruption?.............................................................................................6

Our Policy Statement............................................................................................................7

Our Control Plan...............................................................................................................................8

Ethical Leadership and Culture.............................................................................................9

Legislation and Governance...............................................................................................10

Legislation.....................................................................................................................................10

Governance Structures...............................................................................................................10

Roles and responsibilities...........................................................................................................11

Key Control Strategies........................................................................................................12

Prevention Strategies.........................................................................................................13

Integrated Policy..........................................................................................................................13

Code of Conduct..........................................................................................................................13

Staff Education and Awareness.................................................................................................13

Client and Community Awareness............................................................................................14

Risk Assessment.........................................................................................................................14

Internal Controls...........................................................................................................................15

Detection Strategies...........................................................................................................16

Internal Reporting........................................................................................................................16

Public Interest Disclosures.........................................................................................................16

Response Strategies..........................................................................................................17

Page | 2

TRIM: 13/377618

External Reporting.......................................................................................................................17

Investigations...............................................................................................................................18

Monitoring, review and continual improvement of the Fraud and Corruption Control Framework........................................................................................................................................20

Appendices......................................................................................................................................21

Appendix 1: Legislation and other Instruments - Fraud and Corruption Control...............21

Appendix 2: Fraud and Corruption Control Roles and Responsibilities.............................22

Appendix 3: Fraud and Corruption Control Risk Assessment Plan...................................25

Appendix 4: Definitions..............................................................................................................26

Page | 3

TRIM: 13/377618

Director-General’s ForewordThe Department of Education, Training and Employment (DETE) Fraud and Corruption Control Framework 2013-2016 sets out the standard of accountability and transparency expected of the department. The aim of this framework is to control opportunities for fraudulent and/or corrupt activities and promote the department’s zero tolerance to fraud and corruption.

Thorough and effective fraud and corruption control requires commitment at all levels within the department. Effective governance arrangements, ethical leadership and, decision making, accountability and performance improvement underpin our fraud and corruption control methods. The ever changing environment in which the public sector operates increases the opportunity for fraudulent and corrupt activities. The growing convergence of the public and private sectors, and the increase in cooperative and or strategic partnerships, have emphasised the importance of accountability and sound governance structures, including in relation to fraud and corruption1.

As public sector employees, we have the responsibility to undertake our roles in a transparent and accountable way. All staff must use this framework to assist with the prevention, detection and ongoing responsiveness to fraud and corruption. This will ensure our stakeholders have ongoing confidence in the department’s commitment to deliver quality services to the community free from fraud and corruption.

Dr Jim WatterstonDirector-General

1 Fraud Control in Australian Agencies – Best Practice Guide 2004 Page | 4

TRIM: 13/377618

IntroductionPurposeAs a government agency the community expects the department to ensure its workforce acts legally, ethically and at all times in the public interest. Risk of fraud and corruption is inherently linked to the department’s activities and can undermine the achievement of the department’s objectives, damage the credibility and public confidence in the department, affect employee morale and compromise the delivery of its services to students, parents/carers, industry and community.

The Fraud and Corruption Control Framework 2013-2016 (FCC Framework) outlines the department’s policy and plan for controlling fraud and corruption risks. Implementation of the FCC Framework seeks to control the opportunities for fraud and corruption, whether committed by internal or external parties, to ensure the protection of public monies, property and information, the rights of organisations and individuals, and maintain the effectiveness of all departmental operations.

It is an integral part of the department’s Enterprise Risk Management Framework and aims to drive business integrity through strong leadership, sound corporate governance, accountability, internal control and transparency. This proactive approach enables the department to manage fraud and corruption risk at an acceptable level in an environment that is becoming increasingly complex.

All employees, contractors and third party providers need to be aware of and committed to their shared responsibilities to foster, develop and maintain a highly ethical organisational culture.

Goals and ObjectivesThe FCC Framework specifically aims to clearly articulate through the:

policy:

- definition of the term “fraud and corruption”

- the department’s commitment and attitude towards fraud and corruption

- the department’s approach to controlling fraud and corruption

control plan:

- how the fraud control structure is embedded within the department’s organisational structure

- the roles and responsibilities for fraud and corruption control

- strategies to prevent, detect and respond to fraud and corruption

- a summary of the fraud risks (internal and external) associated with the department’s functions, the controls in place to minimise the opportunity for fraud and corruption and their implementation details

- protocols on how employees, contractors, third parties or members of the public can report suspected fraud

Page | 5

TRIM: 13/377618

Our PolicyWhat is Fraud and Corruption?Fraud and corruption against the department is defined as:

Fraud: - any deliberate deceitful conduct or omission designed to gain an advantage to which a person or entity is not entitled

- the intentional use of false representations or deception to avoid an obligation, gain unjust advantage or in the context of public administration, commonly known as ‘rorting the system’.

Corruption: - dishonest behaviour that may involve the misuse of position or authority, or other acts for personal gain or advantage, or for another person or entity, which may cause loss to the department, its clients or the general community

- may also include other elements such as breaches of trust and confidentiality.

Fraudulent and corrupt conduct by public officials may fall within the category of ‘official misconduct’ under Queensland’s Crime and Misconduct Act 2001 and may also be considered a criminal offence under the Criminal Code Act 1899.

Some examples of common activities of fraud and corruption in the public sector include:

Internal External Collusion corporate card misuse, such

as payment for personal expenses

fictitious people on the payroll system or delayed terminations

abuse of position and power, including accepting or offering bribes or gifts, nepotism in staff appointments

submitting false travel claims consistently recording

incorrect hours of work on timesheet

unauthorised use of government vehicles

theft or unauthorised use of public funds or physical resources, such as office supplies, stationery

customer deliberately claiming benefit they are not eligible for

external providers making claims for services that were not provided

individuals/businesses providing false or misleading information or failing to provide it when obliged to do so

inappropriate influence over grants and subsidies applications

manipulation of a procurement process

• inappropriate involvement with suppliers, including ‘kickbacks’ such as entertainment and hospitality

unlawful or unauthorised release of information

knowingly making or using forged or falsified documentation

conflicts of interest

Page | 6

TRIM: 13/377618

Our Policy StatementThe department is committed to excellence in fulfilling public expectations of high standard of service performance and in meeting its statutory obligations. This includes the establishment of a fraud and corruption prevention culture to enhance the department’s integrity and performance, and strengthen public confidence.

The department takes a zero tolerance approach towards any fraudulent or corrupt actions by departmental staff, contractors, suppliers, third party service providers, funding recipients and clients. Instances of official misconduct are referred to the Crime and Misconduct Commission (CMC) and in some instances to the Queensland Police Service for investigation and possible prosecution. The department is committed to recovering losses incurred from fraud and corruption activities, after considering all relevant issues.

The department applies a risk management approach, supported by organisational values and culture, a hierarchy of governance and suite of effective controls to prevent, detect and respond to potential fraudulent or corrupt conduct.

The department will appropriately deal with all reported allegations of fraud and corruption or refer the matter to an applicable external agency. There is an obligation placed on all staff to report suspected fraudulent and/or corrupt activities to their supervisor or manager, Internal Audit Branch (IAB) or the Ethical Standards Unit (ESU) where the allegations will be assessed and suitably dealt with.

The department is committed to providing all staff and relevant stakeholder’s with appropriate education and training in public sector ethics and fraud awareness to ensure understanding of their respective responsibilities and obligations.

The department’s policy has been developed in accordance with the CMCs Fraud and Corruption Control – Guidelines for Best Practice 2005 and the Australian Standard AS8001-2008 Fraud and Corruption Control.

Page | 7

TRIM: 13/377618

Our Control PlanThe department’s plan to managing fraud and corruption control is based on a set of essential conditions2 to establish a sound fraud control environment (Figure 1). The essential conditions consist of an integrated response of:

Ethical leadership and culture – to develop and maintain strong ethical values and high standards of ethical behaviour

Legislation and governance – to ensure legislation and policies are operationalised in an accountable and transparent manner through robust governance structures

Key control strategies – set of interrelated actions to effectively prevent, detect and respond to fraud and corruption, which are subject to a cyclical process of review and improvement.

Figure 1: Fraud and Corruption Control Framework

2 ANAO Fraud Control in Australian Government Entities – Better Practice Guide March 2011 Page | 8

TRIM: 13/377618

Ethical Leadership and CultureEthical leadership and the implementation and ongoing maintenance of a sound ethical culture are critical to underpinning fraud and corruption control within the department.

Senior management must lead by example and behave in a manner consistent with the Code of Conduct for the Queensland Public Service and the department’s Standard of Practice. Specific lines of accountability, roles and responsibilities for senior management are further outlined in the Legislation and Governance section.

The Code of Conduct for the Queensland Public Service and the department’s Standard of Practice provide a set of ethics principles, values and standards of conduct for all employees. This ethical framework guides behaviour in the workplace and is an important corruption resistance tool to promote ethical behaviour. They work in tandem with the best practice principles outlined in the department’s Enterprise Risk Management Framework to guide how we effectively and efficiently manage fraud and corruption risks at all levels. Implementation of the Code of Conduct is outlined in the Application of Key Control Strategies section.

Page | 9

TRIM: 13/377618

Figure 2: Principles that underpin the Fraud and Corruption Control Framework

Fraud & Corruption

Control

Public Sector Ethics• Integrity and impartiality

• Promoting the public good

• Commitment to the system of government

• Accountability and transparency

Enterprise Risk Management• Creating & protecting value

• Integral part of all organisational processes

• Part of decision-making

• Explicitly addressing uncertainty

• Systematic, structured and timely

• Based on the best available information

• Tailored

• Human and cultural factors

• Transparent inclusive

• Dynamic, iterative and responsive to change

• Continual improvement

Legislation and Governance

LegislationThe department’s framework is underpinned by legislation, Australian standards and best practice guidelines. In particular:

Financial Accountability Act 2009 - commits the department to protecting its revenue, expenditure and property from fraudulent activity

Public Sector Ethics Act 1994 – sets out the ethics principles and values for public service agencies and public officials, and provides standards of conduct consistent with the ethics principles and values

Crime and Misconduct Commission Fraud and Corruption Control – Guidelines for Best Practice 2005 – provide the model for development and implementation of the fraud and corruption control policy and plan.

A full list of the applicable legislation and other instruments is outlined in Appendix 1.

Governance StructuresA rigorous governance structure within the department ensures legislative requirements are effected in an accountable, effective and transparent way.

As illustrated in figure 3, consistent with the Enterprise Risk Management Framework, the department’s governance structures support fraud and corruption control at the strategic, corporate and operational level.

Figure 3: Governance Structures

Page | 10

TRIM: 13/377618

Roles and responsibilitiesThe table below provides a summary of the roles and responsibilities for fraud and corruption control. A more comprehensive list of responsibilities is outlined in Appendix 2.

Role ResponsibilityDirector-General overall accountability for the prevention and detection of fraud and

corruption within the department and has a legislated responsibility to exercise authority on behalf of the department through the Executive Management Group (EMG) to the senior leadership team

Deputy Director-General, Corporate Services

has delegated authority as the Fraud and Corruption Control Coordinator and acts as ‘champion’ to drive the fraud and corruption control regime within the department

is the Chair to the Fraud and Corruption Control CommitteeDeputy Directors-General, Assistant Directors-General, Regional Directors, Executive Directors, Directors and Managers

be ethical leaders, promote and contribute to an accountable, transparent and ethical culture

manage risks within their area of responsibility and contribute to improvement in control effectiveness

ensure staff have a high level of fraud and corruption awareness and know how to report suspected fraudulent or corrupt behaviour

Director, Ethical Standards Unit

reports suspected official misconduct, criminal and other matters as appropriate to the relevant authorities

develop and implement the fraud and corruption control framework manage investigations into allegations of suspected official misconduct takes a proactive approach to public sector ethics by promoting an

ethical culture, practice and decision making throughout the departmentAll employees understand their role in contributing to fraud and corruption prevention

and the actions to be taken to prevent, detect and report any such activity

must attend education, training and awareness programs on a regular basis during their employment to assist them in performing their role within the department

report alleged wrongdoing in accordance with the s.1.1(d) of the Code of Conduct for the Queensland Public Service and s.4.1 of the department’s Standard of Practice

Fraud and Corruption Control Committee

advises the Audit and Risk Management Committee outlining certain risks to the department in relation to fraud and corruption matters and puts forward pertinent recommendations/actions regarding these

undertakes review and evaluation on the effectiveness of how the department monitors compliance with relevant legislation and best practice requirements for fraud and corruption control

accountable for the implementation and ongoing monitoring of the fraud and corruption program

Audit and Risk Management Committee

advises the Director-General outlining audit matters and certain risks to the department, including potential fraud and corruption matters and puts forward pertinent recommendations regarding these

Internal Audit Branch undertakes independent and objective audit activities that adds value to and improves operational capability and compliance within the department

Page | 11

TRIM: 13/377618

Key Control StrategiesThe department’s 10 key control strategies3 can be grouped into three key categories:

Prevent - as the first line of defence, to reduce the risk of fraud and corruption occurring

Detect - discover and investigate fraud and corruption when it occurs

Respond - take corrective action and remedy the harm caused by fraudulent and corrupt behaviour.

Key Control Strategy

Categories PurposePrevent Detect Respond

Integrated agency policy

demonstrate the department’s resolve to combat fraud and corruption

Communicate Intent

Code of Conduct

sets out expectations and standards of ethical behaviour within the department

Staff education and awareness

ensure a well-informed workforce with a greater capacity to recognise and respond to the risks of fraud and corruption

Client and community awareness

maintain public trust and forestall potentially unacceptable practices from external parties

Risk assessment

provide a comprehensive understanding of the department’s internal and external vulnerabilities

Limit Opportunities

Internal controls

mechanisms to eliminate or minimise risks

Internal reporting

mechanism for employees to report potential fraudulent or corrupt activities and other alleged wrongdoing

Reinforce Zero Tolerance

Public interest disclosures

responsibility for receiving and managing all allegations of wrongdoing received under Public Interest Disclosure Act 2010

Investigations process to ensure allegations of fraud and corruption are actioned appropriately and investigated competently

External reporting

mechanism for the Director-General to report any suspected fraudulent or corrupt activity to the appropriate external agency

3 The 10 elements are outlined in the Crime and Misconduct Commission’s Fraud and Corruption Control Guidelines for best practice 2005

Page | 12

TRIM: 13/377618

Application of the Key Control Strategies

Prevention Strategies

Integrated PolicyThe department is committed to improving governance arrangements through strong leadership, responsible and ethical decision making, transparency and accountability, and performance improvements. The framework should be read in conjunction with:

Legislative Framework Corporate Governance Framework Enterprise Risk Management Framework Developing Performance Framework

Code of Conduct There is an expectation of all departmental employees to make decisions ethically and with integrity. The Code of Conduct for the Queensland Public Service provides a clear set of ethics principles, values and standards of conduct for all employees that supports and guides ethical behaviour when delivering government services to the people of Queensland.

The department has developed an agency specific Standard of Practice, supplementary to the Code of Conduct, which provides a clear statement of what is expected of all staff in supporting ethical standards of conduct. The Standards of Practice also provides advice and guidance for employees in making ethical decisions, especially in circumstances where the ‘correct’ or ‘best’ course of action may not be clear.

To assist in the resolution of alleged inappropriate workplace behaviour, employees should seek advice from their supervisor or manager when appropriate, or contact the ESU.

Staff Education and AwarenessA well informed workforce will increase the department’s capacity to detect, prevent, and respond to the risks of fraud and corruption. It is the responsibility of all managers to support the implementation of the plan and the responsibility of all staff to ensure they have fulfilled the necessary training requirements under the plan.

Mandatory public sector ethics education and training is required to be completed by all new employees through the DETE induction program.  Ongoing ethics related education and training is required by all employees at regular intervals during their employment with the department.  The public sector ethics education and training module includes:

ethical decision making training and awareness, including Code of Conduct

internal controls training

fraud and corruption (public interest disclosure) training and awareness.

The public sector ethics education and training is available to employees through a variety of delivery modes:

face-to-face training

on-line ethical decision making training available on the Learning Place

train-the-trainer package Page | 13

TRIM: 13/377618

TAFE institutes, on-line, through the institutes learning management system (LMS)

ethics related resources published on the intranet site, One Portal, developed by ESU and available to all employees

DETE induction website (mandatory induction).

Client and Community AwarenessIt is important the department sends a clear message about its policy for fraud and corruption control to the wider community and external providers, who have direct dealings with the department, such as contractors, suppliers, third party providers, funding recipients and its clients.

The department emphasises its integrity and commitment to high standards of probity in all its dealings, including zero tolerance towards fraud and corruption by promoting this through:

making the fraud and corruption control framework publically available on the DETE internet

gaining P&C commitment and ensuring a documented process for reporting potential fraudulent and/or corrupt activities

provisions incorporated into the department’s standard contract arrangements

the provision of a fraud reporting hotline - 1800 727 031

publication of pertinent complaint data through the DETE Open Data Strategy.

The FCC Framework and other relevant policies and procedures are published on the department’s internet site to enable all community members’ access.

Risk AssessmentFraud and corruption risk assessment is an integral part of the department’s overall risk management framework and provides the department with an understanding of its fraud and corruption vulnerabilities and possible strategies to eliminate or minimise those risks. Fraud and corruption risk assessments are carried out in accordance with the department’s Enterprise Risk Management Framework. The department’s enterprise risk management procedure and process, risk assessment criteria, facts sheets and tools to support the completion of fraud and corruption risk assessments are located in the department’s Policy and Procedure Register.

Fraud and corruption risk assessments are to be conducted by each division on their specific functions/processes every two years. The department has identified a number of functions/processes considered to be high areas of vulnerability to fraudulent and corrupt activity. As a minimum, fraud and corruption risks are to be identified and assessed for the following areas:

accounts receivable

corporate card

purchasing

asset management

accounts payable

procurement

contract management

recruitment

payroll

timesheets

funds and grants management

information management

regulation

Potential fraud and corruption risks are identified as risks to the department’s functions/processes and as such are classified under the Enterprise Risk Management Framework as operational risks. To ensure visibility of the fraud and corruption risks across the department, they are to be recorded as operational risks in the Enterprise Risk Assessor (ERA), the department’s online risk register.

Page | 14

TRIM: 13/377618

As required under the enterprise risk management procedure:

risks are required to be assessed at the inherent (risks level without controls), controlled (level of risk with controls in place) and if required treated level (level of risks with controls and treatments in place)

unacceptable controlled risks (i.e. high or extreme) are required to be treated

unacceptable treated risks (i.e. high or extreme) must be escalated to a senior level of management for oversight

review of the risks is to be commensurate with the level of risk exposure or when there is significant change to operations, but at least biannually as part of the department’s structured operational planning and review process.

Judgement on the effectiveness of the controls is critical to assessing the controlled level of risk. Key risks and control activities identified through the fraud and corruption risk assessment are listed in Appendix 3: Fraud and Corruption Control Risk Assessment Plan.

Internal ControlsAn internal control system consists of structure, policies, procedures, processes, tasks, information systems and other tangible and intangible activities that combine to record and manage the risks of the department. The department’s internal control framework places a strong emphasis on accountability, integrity, best practice management of resources, operational performance, compliance and ‘corporate health’.

Some of the key controls the department has in place to meet the requirements of the Financial and Performance Management Standard 2009 includes:

Role Internal Control ExamplesLines of accountability Governance committees, organisational structure, delegations of

authority, Strategic Plan and annual operational plans, Annual Report, Service Delivery Statement

Resource management Budget management, Establishment Management Framework

Suitably qualified staff Position descriptions, merit based recruitment and selection processes, pre-employment screening, training, Developing Performance Framework

Information, communication and technology systems

SAP, One School (transactions, records, operating programs and systems producing ICT information), TRIM (Data collection and exchange), OnePortal intranet and DETE internet (internal and external communications), MyHR (human resources recording and reporting), information systems standards, assets registers (physical resources) and reporting mechanisms, including adequate audit trails

Policy and procedures Financial Management Practice Manual, School Accounting Manual and other procedures published in the department’s Policy and Procedure Register

Investigations into cases of fraud and corruption show strong links between the incidence of fraud and corruption and poor internal control systems. As a result the assessment of internal control effectiveness is a crucial step in the fraud and corruption risk assessment process.

The Internal Audit Branch supports the department’s efforts to establish and maintain systems integrity through an established audit program. The audit program includes periodic risk based

Page | 15

TRIM: 13/377618

assessments of the department’s business units using best practice methodologies to assess levels of compliance with existing internal controls.

Detection Strategies

Internal ReportingReporting suspected wrongdoing is vital to the integrity of the department and the Queensland public sector. Research studies and surveys consistently show that staff members form the single most compelling source in detecting fraud and corruption4. All departmental staff have an obligation to report suspicious actions or potential wrongdoing in accordance with the Code of Conduct. Students, clients, parents, caregivers, concerned members of the public or anonymous persons who do not wish to be identified can also make a complaint about fraud and corruption.

The department’s complaint management system includes policies and procedures and an information system to capture all stages of reported complaints from initial receipt, assessment, through to investigation, follow up and resolution, and notification of the outcome to the discloser. Data can be further used to provide the department with information for other reporting purposes, and facilitate continuous improvement to its fraud and corruption resistance through analysis of trends, areas of risk and control weakness.

Avenues to report suspected wrongdoing, including fraud and corruption are outlined in the following departmental procedures, located in the department’s Policy and Procedure Register:

Managing Employee Complaints

Complaints Management – state schools

Information privacy complaints

Making and Managing a Public Interest Disclosures under the Public Interest Disclosure Act 2010

Employees should report suspected wrongdoing to their immediate supervisor or manager, in the first instance. Should staff be reluctant to report any concerns immediately or feel appropriate action has not been taken by the supervisor or manager who received the complaint, alternative reporting options include:

a more senior manager

Director, Ethical Standards Unit

Executive Director, Internal Audit Branch

Fraud and Corruption Hotline 1800 727 031 directly to the CMC

Public Interest DisclosuresA public interest disclosure (PID), in general terms, is a disclosure of information of public interest, involving wrongdoing within the public sector, made to a proper authority. Under the Public Interest Disclosure Act 2010, a proper authority is defined as a public sector entity or a member of the Legislative Assembly. A PID can be made by any person whether a public officer (employee) or a member of the public. The department is dedicated to promoting the public interest by facilitating disclosures of wrongdoing and ensuring PIDs are correctly assessed and when appropriate, thoroughly investigated and dealt with in accordance with Public Interest Disclosure Act 2010.

4 CMC Fraud and Corruption Control Guidelines for Best Practice, 2005 Page | 16

TRIM: 13/377618

The department’s procedure Making and Managing a Public Interest Disclosure under the Public Interest Disclosure Act 2010 describes:

the types of information that establishes a PID;

the roles and responsibilities for making and managing a PID;

process guidelines to assist a person wanting to make a PID; and

how a PID is managed once reported.

As with all internal reporting of suspected wrongdoing, the department:

exercises due process and natural justice in its management of PID’s;

makes all attempts to preserve confidentiality;

provides appropriate protection to the person who made the PID;

maintains all necessary records securely; and

reports in an appropriate manner.

Response Strategies

External ReportingThe Queensland government’s public sector integrity framework includes three independent statutory bodies for integrity building, the Crime and Misconduct Commission, the Queensland Ombudsman’s Office, and the Queensland Audit Office, supplemented by the law enforcement role of the Queensland Police Service.

These government bodies provide a range of external channels to report suspected wrongdoing, including fraud and corruption.

In some instances external reporting is a legislative obligation placed on government agencies. The role of each of the four government bodies and the department’s legislative reporting obligations to them is as follows:

Government Body / Role Departmental Reporting ObligationsCrime and Misconduct Commission (CMC) receives complaints about possible

misconduct and determines the most appropriate action to deal with them

Director-General, or delegate notifies the CMC if the department suspects a report of wrongdoing involves official misconduct under the Crime and Misconduct Act 2001

Queensland Audit Office (QAO) provides independent audit services to

the Queensland Parliament and all state public sector entities and local governments

Director-General, or delegate reports any suspected material loss (money lost >$500; and property valued >$5000) which may have occurred as a result of official misconduct or the commission of a criminal offence in accordance with the Criminal Code Act 1899, Crime and Misconduct Act 2001, Financial and Performance Management Standard 2009, or other Act

Queensland Police Service (QPS) uphold and enforce the law in

Queensland

Director-General, or delegate reports: suspected fraud and or corruption arising out

of criminal conduct under the Criminal Code Act 1899, or other Act

any suspected material loss (money lost >$500, or property valued >$5000) which may have occurred as a result of official misconduct or the commission of a criminal

Page | 17

TRIM: 13/377618

offence in accordance with the Criminal Code Act 1899, Crime and Misconduct Act 2001, Financial and Performance Management Standard 2009, or other Act

Queensland Ombudsman oversight agency for all public

interest disclosures made to the Queensland government

Director-General is to: report on all PIDs made to the department ensure organisational commitment in

managing PID’s develop, implement and maintain a

management program under the Public Interest Disclosure Act 2010 and Public Interest Disclosure Standard No.1

The department also maintains reporting protocols with the Public Service Commission through the Director, ESU in relation to the integrity and accountability of the department.

InvestigationsInvestigations undertaken within the department may involve matters of suspected fraud, corruption, misappropriation, maladministration, theft and other matters where the conduct of an employee, if substantiated, could amount to official misconduct and may result in the initiation of disciplinary action, including dismissal.

The department has an obligation to facilitate effective and efficient initial assessment and referral of all reports of alleged wrongdoing, which could amount to official misconduct to the CMC. After the CMC’s initial assessment, they may choose to investigate, or refer the matter back to the department for investigation.

Investigations into allegations of official misconduct, including fraud and corruption, are conducted in accordance with the CMC’s Facing the Facts – A CMC guide for dealing with suspected official misconduct in Queensland public sector agencies. The adoption and application of this guide ensures processes are carried out in accordance with the CMC’s requirement for conducting administrative investigations objectively, thoroughly and without prejudice.

When an investigation into alleged official misconduct, including fraud or corruption, is deemed necessary:

all employees are obliged to respect the rights of all involved and maintain confidentiality pending a full investigation into an alleged wrongdoing

managers and supervisors must ensure due process and encourage confidentiality

any person disclosing alleged wrongdoing shall be advised of the outcome of investigation as soon as practicable

the outcome of departmental investigations may be subject of review by the CMC.

To strengthen prevention and awareness measures, designed to reduce or eliminate fraudulent and corrupt behaviour throughout the department, outcomes of investigations where complaints of alleged fraud and/ or corruption have been substantiated may be published, when appropriate to do so and when confidential records can be maintained. 

Page | 18

TRIM: 13/377618

Monitoring, review and continual improvement of the Fraud and Corruption Control FrameworkEffective monitoring and reviewing of the FCC Framework is an important part of the department’s accountability to its stakeholders and provides a mechanism for ongoing building of the department’s resilience to fraud and corruption.

Some of the processes that support the review and continuous improvement of the FCC Framework include:

review of the FCC Framework every two years (or in the event of a significant change occurring within the department) including:

- control strategies, to ensure appropriate balance between prevention and detection strategies

- control appropriateness and effectiveness of design and operation

- update of the fraud and corruption risk assessment to ensure significant existing and emerging fraud and corruption risks are captured and managed

review of individual fraud and corruption cases to identify cause, areas of control weakness, where possible measure the loss/cost of fraud and identify lessons learned.

Page | 19

TRIM: 13/377618

Appendices

Appendix 1: Legislation and other Instruments - Fraud and Corruption ControlInstrument Type Legislation and other instruments

Primary Legislation Criminal Code Act 1899Crime and Misconduct Act 2001Financial Accountability Act 2009Information Privacy Act 2009Integrity Act 2009Public Interest Disclosure Act 2010Public Sector Ethics Act 1994Public Service Act 2008Right to Information Act 2009

Whole of Government Policy

Queensland Treasury Financial Accountability Handbook 2012

Standards, guidance and better practice

Australian National Audit Office Fraud Control in Australian Government Entities – Better Practice Guide 2011Australian Standard 8001-2008 Fraud and Corruption ControlCode of Conduct for the Queensland Public Service 2011Crime and Misconduct Commission Facing the Facts 2007Crime and Misconduct Commission Fraud and Corruption control: guidelines for best practice 2005Department’s Standard of Practice Independent Commission Against Corruption Fighting Fraud: Guidelines for state and local government – Booklet 2002Queensland Treasury a guide to Risk Management 2011Queensland Treasury Financial Management Tool 2012Queensland Treasury Financial and Performance Management Standard 2009

Page | 20

TRIM: 13/377618

Appendix 2: Fraud and Corruption Control Roles and ResponsibilitiesRole ResponsibilityDirector-General overall accountability for prevention and detection of fraud and corruption

within DETE legislated responsibility to exercise authority, on behalf of the department manage the department’s operations ensuring service delivery is effective

and economical, and in the process avoids waste and extravagance manage public resources of the department efficiently, responsibly and in a

fully accountable manner define goals and objectives in accordance with its mandate and governance

framework implement policies and priorities responsibly ensure impartiality and integrity in the performance of the department’s

functions ensure accountability and transparency in the department’s operational

performance maintain accurate records and accounts, and report on these as required promote continual evaluation and improvement of department’s management

practices

Deputy Director-General, Corporate Services

delegated authority as the Fraud and Corruption Control Coordinator and acts as ‘champion’ to drive the fraud and corruption control regime

Chair of the Fraud and Corruption Control Committee oversee the implementation and management of the fraud and corruption

control framework take steps to ensure that all areas assume appropriate responsibility for fraud

and corruption control and perform their functions according to the framework and relevant legislation

ensure all areas of operation take the appropriate steps to implement effective risk management practices, including risk assessment of fraud and corruption in accordance with the enterprise risk management framework

ensure the scope and nature of the education, training and awareness programs are comprehensive and designed to assist employees, contractors and clients to recognise, detect and prevent fraud and corruption

provide advice to the Director-General and the EMG as necessary on fraud and corruption matters

provide accurate and timely advice to the Audit and Risk Management Committee through the Internal Audit Branch on any fraud and corruption matters

Deputy Directors-General, Assistant Directors-General, Regional Directors, Executive Directors, Directors and Managers

be ethical leaders and display high personal standards of behaviour consistent with the Code of Conduct for the Queensland Public Service and the department’s Standard of Practice

have a visible adherence to the department’s ethical framework and promote adherence by all employees

contribute to effective risk management strategies in accordance with the department’s enterprise risk management framework and ensure risk management practices are adhered to throughout their area of control

develop strong internal controls to assist with fraud and corruption prevention in their area of responsibility

ensure all employees are made aware of and attend appropriate education, training and awareness sessions to allow for a skilled and knowledgeable workforce, including public sector ethics education, training and awareness, internal controls and financial or procurement training

Page | 21

TRIM: 13/377618

Role Responsibility ensure effective employee communication on the process for identifying and

reporting on potential fraudulent and corrupt activities ensure where a public interest disclosure is made, the procedure for making

and managing a public interest disclosure is adhered to follow the mandatory internal or external reporting requirements for reporting

suspected official misconduct, including fraud or corruption

All employees contribute to the development of improved systems, policies and procedures to enhance the department’s resistance to fraud and corruption including: safeguarding assets and other resources under their control having a clear understanding of their obligations regarding any losses,

deficiencies and shortages that may be identified while at work ensuring all personal claims are accurate with no deliberate omissions

(recording accurate hours of work on timesheets) fulfil their obligation to report wrongdoing in accordance with section 1.1 (d) of

the Code of Conduct for the Queensland Public Service and section 4.1 of the department’s Standard of Practice

actively seek education and training to learn and maintain knowledge and skills required to undertake their duties

gain an understanding of the policies, procedures and guidelines that pertain to their role and work within the requirements of these

follow the requirements for internal reporting of suspected fraud and corruption

There is an obligation placed on all employees, contractors and anyone associated with the department to understand that managing fraud and corruption is as much a part of their responsibility as it is of the managers and senior leaders of the department.

Audit and Risk Management Committee

advises the Director-General outlining audit matters and certain risks to the department, including potential fraud and corruption matters and puts forward pertinent recommendations regarding these and reviews: governance processes to ensure all matters relating to alleged fraud and

corruption or unethical conduct are dealt with appropriately currency, comprehensiveness and relevance of the enterprise risk

management framework, policy and procedure for identifying, monitoring and managing significant business risks, including the identification and management of risks related to fraud

submit recommendations to the Director-General to approve the internal audit plan, reviewing its scope and progress and any significant changes to it, including any potential difficulties or restrictions on the scope of activities

review the internal audit plan annually to ensure it covers key fraud and corruption risks and that there is appropriate coordination with the external auditor, Queensland Audit Office

Page | 22

TRIM: 13/377618

Role ResponsibilityDirector, Ethical Standards Unit

ensure the ESU fulfils the legislative function on behalf of the Director-General to investigate all allegations of suspected official misconduct

ensure a proactive approach to public sector ethics by promoting an ethical culture, practice and decision making through education and training programs

implement, maintain and review the fraud and corruption control framework ensure the fraud and corruption control framework undergoes a biennial

review or more frequently as required develop strategies in consultation with other key areas to achieve an effective

fraud and corruption regime

as CMC liaison officer report suspected official misconduct, criminal and other matters to the appropriate external agency: Crime and Misconduct Commission Queensland Police Service Queensland Ombudsman Queensland Audit Office

Ethical Standards Unit

conduct investigations into reports of suspected official misconduct, including fraudulent or corrupt practices

manage and coordinate all public interest disclosures made to the department and ensure adequate support and certain protections are afforded the discloser in accordance with Public Interest Disclosure Act 2010

develop and maintain ethics related policies and procedures for building and sustaining integrity and accountability; for example, Standard of Practice, public interest disclosure procedure and guidelines, conflicts of interest, notification of other employment, bullying, lobbying and the fraud and corruption framework

develop public sector ethics related education and training material to promote an ethical culture and performance; such as the ethical decision making awareness, internal controls and fraud awareness

provide advice and direction to employees on the correct protocol for reporting matters to external agencies

Internal Audit Branch

provide independent appraisals, examination and evaluation of the department’s activities and assist management with the detection of suspected fraud and corrupt activities

manage the department’s ‘fraud and corruption hotline – 1800 727 031’ undertake scheduled audits, which include examining established controls to

determine if these are robust enough to reduce the risks of fraud and corruption, including the identification of work practices that may lead to fraudulent and corrupt activities

undertake targeted audit activities to specifically identify any indication that fraud may have occurred, be alert to opportunities that could allow fraudulent activities

report in writing any suspected activities of fraudulent or corrupt practices identified during an internal audit function to the Director, ESU for assessment and possible investigation or referral to the appropriate external agency

Page | 23

TRIM: 13/377618

Appendix 3: Fraud and Corruption Control Risk Assessment Plan

The fraud and corruption control risk assessment plan is being developed in consultation with key stakeholders and will be inserted upon completion.

Page | 24

TRIM: 13/377618

Appendix 4: DefinitionsTerm, abbreviations and acronyms

Definition

Code of Conduct The Code of Conduct for the Queensland Public Service outlines a set of ethics principles, values and standards of conduct all public service employees are expected to work within and how they should conduct their relationships with others

The Code applies at all time when employees are performing their official duties including when they are representing the Queensland government at conferences, training events, on business trips and attending work related social events

Corruption Dishonest behaviour that may involve the misuse of position or authority or other acts for personal gain or advantage, or for another person or entity, which may cause loss to the department, its clients or the general community

It may also include other elements such as breaches of trust and confidentiality

Employee For the purposes of this framework and in accordance with the Code of Conduct for the Queensland Public Service an employee is defined as: any Queensland public service agency employee whether

permanent, temporary, full-time, part-time or casual; any volunteer, student, contractor, consultant or anyone

who works in any other capacity for a Queensland public service agency

Fraud Any deliberate deceitful conduct or omission designed to gain an advantage to which a person or entity is not entitled

The intentional use of false representations or deception to avoid an obligation, gain unjust advantage or in the context of public administration, commonly known ‘rorting the system’

Fraudulent conduct by departmental employees may fall within the category of official misconduct under the Crime and Misconduct Act 2001

The offence of fraud is set out in section 408C of the Criminal Code Act 1899

Fraud and Corruption Risk Assessment

The application of risk management principles and techniques in the assessment of the risk of fraud and corruption

A fraud and corruption control risk management assessment guide has been developed to assist all managers to undertake an assessment of the work environment to ensure appropriate and effective identification, analysis, reporting, managing and treating of all potential acts of fraud and/or corruption

Misconduct The Public Service Act 2008, section 187 (4) defines misconduct to mean inappropriate or improper conduct in an official capacity or inappropriate or improper conduct in a private capacity that reflects seriously and adversely on the public service

Page | 25

TRIM: 13/377618

Term, abbreviations and acronyms

Definition

Official misconduct Official misconduct is defined in section 15 of the Crime and Misconduct Act 2001 as conduct that could, if proved, be: a criminal offence; or a disciplinary breach providing reasonable grounds for

terminating the person’s servicers, if the person is or was the holder of an appointment

Official misconduct is summarised as any serious misconduct relating to the performance of an employee’s duties that is dishonest or lacks impartiality, or involves a breach of trust, or misuse of officially obtained informationThe conduct must be a criminal offence or a breach of discipline serious enough to warrant dismissal

Standard of Practice The Standard of Practice is an agency-specific, supplementary document to be used in conjunction with the Code of Conduct for the Queensland Public Service and outlines standards of conduct that relate specifically to the department’s employees in the same way as the Code

Page | 26

TRIM: 13/377618