(1) The purpose of the Fraud and Corruption Control Plan (the Plan) is to implement the University of New England's (UNE) Fraud and Corruption Prevention Rule (the Rule). The Plan establishes an appropriate strategic framework that defines management and staff responsibilities and facilitates the implementation of robust practices for the effective detection, investigation and prevention of fraud and corruption within UNE. (2) The Rule and this Plan apply to UNE Representatives and students of UNE and its controlled entities. (3) The potential for fraud and corruption exists in every organisation - UNE is no exception. It is the responsibility of UNE's Management to ensure an effective fraud and corruption control plan, summarising UNE's anti-fraud and anti-corruption strategies, is operating and that it identifies potential risks and takes action to mitigate such risks. (4) The success of the Plan relies heavily on the commitment and attitude of all employees and Management. UNE will not tolerate any instance of fraud or corruption. All instances of fraud and corruption will be reported to the Independent Commission Against Corruption (ICAC) and where appropriate to NSW Police and NSW Audit Office. (5) The consequences of fraud and corruption is a risk to business, and can have a similar impact on the University as other types of enterprise risk in terms of: (6) If fraud or corruption occurs the results can include the following consequences: (7) Attributes of the Fraud and Corruption Control Plan - The Plan is based on the "ten attributes of effective fraud control strategies" developed by the Audit Office of NSW. These attributes are: (8) The Fraud and Corruption Prevention Rule, sets out UNE's principles and responsibilities for fraud and corruption control. (9) The most effective means of controlling fraud and other corrupt behaviour is for Management to foster and encourage an ethical environment that is committed to preventing, detecting and reporting fraud and corruption and to implement control mechanisms which minimise the likelihood of fraud or corrupt practices occurring. (10) UNE operates on the basis that its systems and procedures reflect its core principles. (11) In line with an integrity framework approach this means the ethical values of UNE need to be clearly communicated to all employees and reflected in their behaviour and actions on a daily basis. (12) The standards of behaviour expected from all employees are provided under the following principles, as stated in the Code of Conduct: (13) For the control of potential fraud and corrupt behaviour UNE uses a risk management approach (see Corporate Risk Management Rule and Corporate Risk Management Framework and Procedures). This process identifies risks associated with the activities of UNE and designs actions that are to be undertaken to mitigate such risks. These actions are then incorporated into UNE's operating systems. (14) While overall responsibility for the fraud and corruption control plan rests with Management it needs to be very clear that all employees have an obligation to fulfil their responsibilities in implementing the Plan. This includes use of the risk ‐ based approach for fraud and corruption control, compliance with the internal control systems and reporting instances of suspected fraud and corruption. (15) The Vice-Chancellor and Chief Executive Officer has ultimate responsibility to ensure an effective fraud and corruption control plan is operating that identifies potential risks and takes action to mitigate such risks. (16) All employees of the University have a responsibility to undertake their duties in accordance with the Plan. The most important factor to ensure success of the Plan is the commitment and attitude of all employees. (17) The responsibility structure for control of fraud and corruption is depicted by: (click here for diagram) (18) Is responsible for: (19) Audit and Risk Committee gives advice to Council on: (20) Audit and Risk Committee is responsible for reviewing the University's fraud and corruption control plan and satisfying itself that the University has appropriate processes and systems in place to capture and effectively investigate fraud related information. (21) Is responsible for: (22) Is responsible for: (23) Are responsible for: (24) Are responsible for: (25) UNE uses a risk management approach for the prevention and detection of fraud and corruption and the risk management approach provides a structured and transparent method to managing risk across UNE. The Risk Management Framework provides a detailed methodology built upon the principles inherent in the risk management International Standard ISO 31000:2009, which has become an accepted and proven best practice approach to risk management. (26) This methodology provides for systematic and consistent identification, assessment and management of risk across UNE. Each business unit should evaluate the potential for risk of fraud and corruption. The Risk Management Framework also defines reporting processes to ensure exposures are managed at an appropriate level across the organisation. (27) The management of risks includes development and implementation of appropriate policies and internal control systems and communication of requirements to employees. (28) The establishment of dedicated risk responsibilities via the risk management function has a dual role of supporting the organisation's risk management framework and providing the necessary oversight and reporting on risk management practices within UNE. (29) UNE recognises that the success of the Plan relies heavily on the commitment and attitude of all employees. Employees are those who are permanent, temporary or casual and include contractors and consultants. (30) Employees have an understanding of how the University and systems operate, what is actually happening, what the weaknesses and failings are and where improvements can be made. Therefore they can make significant contributions to the control of fraud and corruption. (31) All employees have an obligation to fulfil their responsibilities in implementing the Plan. (32) The following steps have been taken to ensure employees are aware of fraud and corruption issues: (33) Students, clients and the community are made aware of UNE's attitude and strategies concerning fraud and corruption by the publication of the Fraud and Corruption Prevention Rule and Fraud and Corruption Control Plan on the UNE website and by the behaviour of employees in dealing with students, clients and the community. (34) Through employees undertaking their daily business in accordance with the principles outlined in the code of conduct it will be made clear that UNE acts in an ethical manner and will have the effect of reducing the likelihood of those outside UNE attempting to influence those within UNE. (35) The provision of information externally allows interested parties to be aware that UNE is active and serious about the control of fraud and corruption. (36) The fraud and corruption control plan includes systems that allow employees, clients and the community to report suspected fraud and corruption. (37) If an employee suspects another employee of committing a criminal offence, acting corruptly or engaging in misconduct then it is the responsibility of the employee to report such behaviour. Reports should generally be made to the employee's immediate manager or another manager in the employee's area. Managers in turn report the matter to the Director Audit and Risk. Employees are encouraged to provide a written summary of the matter. (38) Employees may have legitimate concerns about reporting to an immediate manager or another manager, even where the matter does not involve the manager. In these cases reports may be made to the Director Audit and Risk who is also the designated Public Interest Disclosures Coordinator. Other options are a Public Interest Disclosures Officer or the Vice-Chancellor and Chief Executive Officer. (39) Reports can also be made directly to ICAC (refer to the ICAC Act). (40) The reporting levels are: (41) The Director Audit and Risk will receive, record and action reports of alleged fraud and corruption. Section 11(2) of the ICAC Act 1988 requires the Vice-Chancellor and Chief Executive Officer to report to the Commission any matter where there is a reasonable suspicion that corrupt conduct has occurred or may occur. In regard to fraud, where it is considered that a criminal offence has occurred the matter is to be reported to NSW Police and the NSW Audit Office. (42) Reports should be made as soon as there is reasonable suspicion that fraudulent or corrupt conduct has occurred. (43) In all cases the employee who made the report will be advised of the eventual outcome of the review. (44) All reports will be treated confidentially and employees making genuine reports will not be prejudiced in their employment. (45) The Public Interest Disclosure Policy and Procedures explains how employees can report suspected fraud and corruption in such a way as to obtain protection under the Public Interest Disclosures Act 1994 (see section 45 below). Under the Act it is a punishable offence to take detrimental action against an employee who makes a protected disclosure. (46) Guidelines on how to lodge a complaint can be obtained from the following UNE sources: (47) In addition students can refer to the UNE Student Complaint Handling and Resolution Policy on the policy webpage. (48) Any complaints received involving fraud or corruption is to be referred to the Director Audit and Risk. (49) UNE has a clear and unequivocal commitment to supporting and protecting all employees who have acted in good faith in disclosing fraud and corruption within the University. (50) Protected disclosures can be made to: (51) Employees are encouraged to report matters that show or tend to show incidences of fraud, corrupt conduct, maladministration or serious and substantial waste. The University will take all reasonable steps to provide protection to employees from any detrimental action in reprisal for making a protected disclosure in accordance with the Act and UNE's policy and procedures. (52) Employees should familiarise themselves with the Public Interest Disclosures policy and procedures. (53) The following gives the main features of the detection system used by UNE: (54) When matters come to attention that have the potential to be investigated then UNE is required to report such matters to the appropriate external body, such as ICAC, NSW Police, Ombudsman or the NSW Audit Office. (55) It is important that reporting takes place as soon as there are reasonable grounds to suspect fraud, corruption or a criminal offence has occurred or is about to occur. (56) Employees may also make reports directly to these external bodies. (57) Under Section 11(2) of the ICAC Act 1988 the Vice-Chancellor must report to ICAC any matters that, on reasonable grounds, concerns or may concern corrupt conduct. (58) The Vice-Chancellor must report to NSW Police any matters that, on reasonable grounds, concerns or may concern a criminal offence. This includes fraud. (59) Under Section 316 of the Crimes Act 1900, it can be an offence not to report a serious criminal offence to NSW Police. (60) The Public Finance and Audit Act 1983, section 52D(1) concerning complaints about waste of public money provides that "A public official may complain to the Auditor ‐ General that there has been a serious and substantial waste of public money by an authority or an officer of an authority." (61) Serious and substantial waste is any uneconomical, inefficient or ineffective use of resources which results in a significant loss or wastage of public funds. The conduct that led to the waste may be authorised or unauthorised. It includes expenditure that should not have been incurred, that exceeded what was required or had no benefit for the organisation. (62) Audit Office of NSW may be contacted at: (63) Under Section 12(1) of the Ombudsman Act 1974 "any person may complain to the Ombudsman about the conduct of a public authority". Conduct that will be investigated is listed under Section 26(1) of the Act as being conduct that is: contrary to law; unreasonable, unjust, oppressive or improperly discriminatory; in accordance with any law or established practice but the law or practice is, or may be, unreasonable, unjust, oppressive or improperly discriminatory; based wholly or partly on improper motives, irrelevant grounds or irrelevant consideration; based wholly or partly on a mistake of law or fact; conduct for which reasons should be given but are not given; otherwise wrong. (64) The Director Audit and Risk is responsible for receiving and actioning reports of alleged fraud and corruption. This action will include coordinating investigations within UNE as per the Fraud and Corruption Protocol attached as Appendix 4 to this document. (65) The initial investigation is to establish whether there is suspicion on reasonable grounds that the matter concerns or may concern corrupt conduct. If there is such suspicion then the ICAC Act Section 11(2) requires the Vice-Chancellor and Chief Executive Officer to report the matter to ICAC. (66) ICAC have developed a checklist to assist with reporting matters under section 11 of the ICAC Act. This checklist will be utilised when reporting alleged corrupt conduct to ICAC. If during the initial investigation it appears the matter may involve fraud then the investigation is to cease and NSW Police are to be informed. Fraud is a criminal offence. It must be treated as such from the outset. ICAC and the NSW Audit Office must also be advised. (67) Once a matter has been reported to the appropriate external authority then that authority will advise whether they or UNE will complete the investigation. The Director Audit and Risk must remain in contact with the reporting authority to ensure the matter is dealt with in a timely manner and agree final reporting scope and timeframes. (68) If an investigation is to be undertaken internally then options include: (69) When an investigation is to be conducted the Director Audit and Risk as part of the planning process should consider: (70) A UNE employee who is the subject of fraud or corruption allegations is considered innocent unless and until proven guilty. (71) An employee has the right not to have details of the allegation disclosed to others or discussed by others not concerned with the matter. (72) UNE's Code of Conduct outlines the requirements and expected standards of behaviour of employees in their employment in UNE and provides guidance on resolving ethical issues that may occur in the workplace. (73) A breach of the Code may lead to performance management or disciplinary action. Such action could range from counselling to dismissal. (74) The Code applies to all persons undertaking work for UNE in either a paid or unpaid capacity. (75) (from the NSW Auditor ‐ General ' s Report to Parliament, Volume 2, March 1994, " Fraud Control: Developing an Effective Plan " ) (76) (from the NSW Auditor ‐ General ' s Report to Parliament, Volume 2, March 1994, " Fraud Control: Developing an Effective Plan " ) (77) (extract from ICAC publication "What is corrupt conduct?", located at www.icac.nsw.gov.au under "About Corruption") (78) "Corrupt conduct, as defined in the Independent Commission Against Corruption Act 1988, is deliberate or intentional wrongdoing, not negligence or a mistake. It has to involve or affect a NSW public official or public sector organisation. (79) While it can take many forms, corrupt conduct occurs when: (80) "If the ICAC is to consider investigating the matter, the conduct must also meet the conditions set out in section 9 of the ICAC Act. These conditions are that the conduct could constitute or involve: (81) "The full definition of corruption which applies to the ICAC is detailed in sections 7, 8 and 9 of the ICAC Act." (82) UNE Specific Examples of Corruption: (83) Currently the University has the following Policy and Procedures in place, which deal with the reporting of Fraud and Corruption, specifically corrupt conduct and maladministration: (84) The Public Interest Disclosures Policy, in addition to corrupt conduct and maladministration also refers to serious and substantial waste of public money and government information contravention. (85) The Fraud and Corruption Prevention Rule and Fraud and Corruption Control Plan require staff to report instances of corrupt conduct and maladministration to the Director Audit & Risk. The Director Audit & Risk is also the Disclosure Coordinator under the Public Interest Disclosure Policy and Procedures, which is the primary position to which Public Interest Disclosures can be made. (86) Upon receipt of an allegation of fraud and corruption (corrupt conduct or maladministration) the Director Audit & Risk will: (87) Bribe - The act of paying a secret commission to another individual. It is also used to describe the secret commission itself. (88) Code of Conduct - A document (variously referred to as a 'Code of Ethics', 'Code of Behaviour' and various other titles) broadly communicated within the entity setting out the entity's expected standards of behaviour. (89) Control (also 'internal control') - Processes which manage risks. (90) Corrupt Conduct - Refer to Appendix 3. (91) Entity - A corporation, government agency, not-for-profit organisation or other entity engaged in business activity or transacting with other entities in a business-like setting. (92) Fraud - means an intentional act by one or more individuals involving the use of deception to obtain an unjust or illegal advantage. (93) Fraud and corruption risk assessment - The application of risk management principles and techniques in the assessment of the risk of fraud and corruption within an entity. (94) Fraud and corruption control plan -A document summarising an entity's anti-fraud and anti-corruption strategies. (95) Investigation - A search for evidence connecting or tending to connect a person (either a natural person or a body corporate) with conduct that infringes the criminal law or the policies and standards set by the affected entity. (96) Risk - Circumstances which affect the achievement of objectives. (97) Secret commission - A payment in money or in kind which will or is intended to cause a person to act in a way that is contrary to the interests of his or her principal or employer, is contrary to the principal's or employer's policy on a given issue or is against the public interest. Secret commissions, by definition, will typically be paid without the knowledge or express or implicit agreement of the principal or employer and include payments intended to influence the outcome of a specific action or event as well as the actions generally over a period of time. (98) Senior management - Personnel associated with an entity at the senior management, Director or principal level and who have authority over the direction or management of the entity.Fraud and Corruption Control Plan
Section 1 - Overview
Section 2 - Scope
Section 3 - Plan
Introduction
The Policy
Standards of Behaviour
Risk Management
Responsibilities
Responsibility Structure
Overview
Council
Audit and Risk Committee
Audit and Risk Directorate
Vice-Chancellor
Senior Executive, Heads of Cost Centres and Managers
Employees
Fraud and Corruption Risk Assessment
Employee Awareness
Student, Client and Community Awareness
Notifications Systems
Reporting by employees
Reporting by Students, Clients and the Community
Public Interest Disclosures
Detection System
External Notification
Independent Commission Against Corruption
NSW Police
Audit Office of NSW
NSW Ombudsman
Investigation Standards
Corruption and Fraud
Conducting Investigations
Rights of Individuals
Conduct and Disciplinary Standards
Section 4 - Appendix 1: A selection of common methods and types of fraud
Top of PageSection 5 - Appendix 2: Possible indicators of the existence of fraud
Top of PageSection 6 - Appendix 3: Definition and examples of corrupt conduct
What is Corrupt Conduct?
Top of PageSection 7 - Appendix 4: - Fraud and Corruption Protocol
Background
The Protocol
Top of PageSection 8 - Definitions
View Current
This is not a current document. It has been repealed and is no longer in force.
ICAC may be contacted at:
Independent Commission Against Corruption
GPO Box 500
Sydney NSW 2001
Telephone: (02) 8281 5999
Facsimile: (02) 9264 5364
Email: icac@icac.nsw.gov.au
NSW Police may be contacted at:
New England Local Area Command
96-98 Faulkner Street
Armidale NSW 2350
Telephone: (02) 6771 0503
Facsimile: (02) 6771 0511
The Audit Office of NSW
1 Margaret Street
Sydney NSW 2000
Telephone: (02) 92757100
Facsimile: (02) 92757200
Email: mail@audit.nsw.gov.au
NSW Ombudsman may be contacted at:
Level 24
580 George Street
Sydney NSW 2000
Telephone: (02) 9286 1000
Facsimile: (02) 9283 2911
Email: nswombo@ombo.nsw.gov.au