This audit assessed whether the Department of Immigration and Border Protection adopted sound contract management practices for the delivery of garrison support and welfare services for offshore processing centres in Nauru and Manus Island.
Audit objective, scope and criteria
The objective of the audit was to assess whether DIBP had appropriately established and managed the contracts for garrison support and welfare services at offshore processing centres in Nauru and Papua New Guinea (Manus Island); and whether the processes adopted met the requirements of the Commonwealth Procurement Rules (CPRs), including consideration and achievement of value for money.
The audit examined contracts entered into in 2012, when the arrangements were first put into place, through to the current contract which is due to expire in October 2017.
This is a companion audit to ANAO Performance Audit Report No.16 2016—17 Offshore Processing Centres in Nauru and Papua New Guinea: Procurement of Garrison Support and Welfare Services. As in the earlier audit, the ANAO’s review of departmental records was, due to shortcomings in DIBP’s record keeping system, based on the available records. DIBP was not able to provide the ANAO with assurance that it provided all departmental records relevant to the audit.
The Department of Immigration and Border Protection’s management of the garrison support and welfare services contracts at the offshore processing centres in Nauru and Papua New Guinea (Manus Island) has fallen well short of effective contract management practice.
The garrison support and welfare contracts were established in circumstances of great haste to give effect to government policy decisions and the department did not have a detailed view of what it wanted to purchase or the standards to apply. These are key considerations in achieving value for money. While the department took between 20 to 43 weeks (depending on the contract) to enter into final 2013 contracts, there remained significant shortcomings in the contractual framework. Many of the shortcomings persisted in the 2014 contracts, indicating that the 2014 contract consolidation process was not informed by lessons learned from the department’s management and operation of the 2013 contracts.
The department did not put in place effective mechanisms to manage the contracts. Other than the contracts, there was no documentation of the means by which the contract objectives would be achieved. In the absence of a plan, assurance processes such as the inspection and audit of services delivered, has not occurred in a systematic way and risks were not effectively managed. In addition, the department has not maintained appropriate records of decisions and actions taken in the course of its contract management. As a consequence, the department has not been well placed to assess whether its service strategies were adequate or fully met government objectives.
The department developed a comprehensive and risk based performance framework for the contracts to help it assess provider performance. However, development of the framework was delayed and in applying the framework the department was not consistent in its treatment of different providers. Performance measurement under the framework relied heavily on self-assessments by providers and the department performed limited independent checks. Delays in the department’s review of self-assessments and the provision of feedback on contractor performance eroded the link between actual performance and contract payments. Risk assessment was a key component of the performance reporting processes and while risk assessments were conducted, DIBP did not review risk ratings or determine if controls and mitigations were in place and working. Risks materialised in both the 2013 and 2014 contracts.
An appropriate framework of controls was in place for payments under the contracts, including the authorisation of actual payments by a delegate. This control was intended to provide additional assurance over payments under the contracts but did not always operate as intended. In respect to $2.3 billion in payments made between September 2012 and April 2016, delegate authorisations were not always secured or recorded: an appropriate delegate provided an authorisation for payments totalling $80 million; $1.1 billion was approved by DIBP officers who did not have the required authorisation; and for the remaining $1.1 billion there was no departmental record of who authorised the payments.
In addition, this audit highlighted further weaknesses in the department’s management of procurement. Substantial contract variations totalling over $1 billion were made without a documented assessment of value for money.
Contract management is core business for Australian Government entities, and the department has managed detention contracts since 1997. Previous ANAO audits of the department’s contract management have found that: its contracting framework had not established clear expectations of the level and quality of services to be delivered; and its ability to monitor the performance of contractors was compromised by a lack of clarity in standards and performance measures and reliance on incident reporting to determine when standards were not being met. This audit has identified a recurrence of these (and other) deficiencies, which have resulted in higher than necessary expense for taxpayers and significant reputational risks for the Australian Government and the department. The audit recommendations are intended to address the significant weaknesses observed in DIBP’s contract management practices.