Chapter 3 - Expenditure

  1. Expenditure
    1. In addition to the review of administration, the Intelligence Services Act 2001 (IS Act) requires the Committee to consider the expenditure, including annual financial statements, for six of the ten National Intelligence Community (NIC) agencies.
    2. Budget statements for the Australian Security Intelligence Organisation (ASIO), Australian Secret Intelligence Service (ASIS), Australian Signals Directorate (ASD) and Office of National Intelligence (ONI) are available publicly as part of the relevant Portfolio Budget Statements published every year.[1]
    3. All agencies provided a copy of their 2020-21 financial statements to the Committee, either directly in classified submissions or by reference to the publicly available statements in their annual reports. Agencies also outlined potential financial impacts or irregularities related to the ongoing effects of COVID-19 throughout the 2020-21 reporting period.
    4. The Committee reviewed the financial statements and took evidence from agencies to investigate specific points regarding financial statements, management and audit processes during classified hearings. The Committee also received a submission from the Australian National Audit Office (ANAO), outlining its audit findings for each agency over the reporting period.
    5. Much of the evidence received by the Committee is classified and has not been authorised for publication. The following is an unclassified summary of the Committee’s areas of investigation.
    6. In examining the financial circumstances of each agency over the reporting period, the Committee sought evidence on each agency’s ability to meet its objectives within its budget parameters, and the oversight mechanisms applied to budget decisions.
    7. For this report the Committee has chosen to emphasise points of interest which align with the specific terms of reference for this review, or summaries of information not already publicly available.

Budget and financial performance

3.8The Committee requested agencies make submissions addressing the following matters:

  • overall financial position of the agency;
  • the impact of any funding increases and budget measures;
  • any budget constraints;
  • the ongoing implications of the efficiency dividend (where applied) and other savings measures;
  • efficiencies and savings measures implemented within the organisation;
  • financial controls;
  • the status and key deliverables of significant capital expenditure projects, including any changes to the budget, scope or timeframe for each project; and
  • any significant changes in recurrent expenditure compared to previous years (both in total and in individual expenditure items), including the nature of and reasons for those changes.
    1. In this review the Committee focused on the mechanisms supporting financial accountability, performance and auditing processes. In evidence given during a classified hearing the ANAO described how it undertakes audits of intelligence agencies. The ANAO gave examples of the accountability mechanisms that it employs in audits of intelligence agencies, and how these compare to audits of agencies that do not attach the same sensitivities.[2]
    2. Of the intelligence agencies, ASIO and ASD had the most public scrutiny of their expenditure and financial management due to the production of public annual reports.In addition, the financial activities of DIO and AGO were comprehensively reported however this was contained within the broader Department of Defence public reporting.

ASIO

3.11ASIO provided detail to the Committee in its submission regarding its budget, allocation of resources, capital expenditure, cost of consultants, financial controls, internal audit and assurance functions, savings measures and general information regarding constraints or challenges to meeting operational capability requirements.[3]

3.12The Committee noted the increased funding provided for the ‘Countering the Espionage Threat to Defence Industry’ measure, which saw ASIO receive ‘an increase of 218 ASL, $171.5 million in total over six years and $44.2 million from 2023-24 per annum ongoing’.[4] The detail of these and other measures is classified and cannot be discussed further in this report, but the Committee was satisfied that the responses to threats are appropriate and well targeted.

3.13The Committee received information from ASIO regarding notable financial activities over the reporting period, including additional funding measures through the Joint Capability Fund, the Countering the Espionage Threat to Defence Industry measure, and reclassification of $9.98 million from operating to capital funding in relation to the Safety and Security measure.[5] Based on additional information provided, the Committee was satisfied with expenditure for these measures.

3.14The financial impact of COVID-19 on ASIO was varied across the organisation. Continuing border restrictions limited ASIO’s ability to travel and the supply of goods and services which resulted in ‘underspends in some expense categories’.[6] The pandemic also created a reduction in external revenue, particularly sensitive access checks for which the Department of Home Affairs pays ASIO a per-check fee, on a cost-recovery basis, as well as fewer physical protection security services provided by ASIO. As a consequence, external revenue fell from $43,188,000 in 2018-19, to $18,479,000 in 2020-21.[7] Aside from a decrease in external revenue, COVID-19 also imposed additional costs associated with increased cleaning.[8]

ASIS

3.15ASIS provided the Committee with a copy of its audited financial statements, together with overviews of its financial performance over the reporting period.[9]

3.16Due to the nature of ASIS’s work and the requirement for classification of financial information regarding the agency, the Committee cannot comment extensively on the information provided by ASIS in its evidence.

3.17ASIS provided the Committee with further information on some aspects of the impact of COVID-19, identifying areas both of increased and reduced expenditure.[10] ASIS provided further information to the Committee in its classified hearing on aspects of ASIS operations or logistics that contributed to these changes.[11]

ONI

3.18Consistent with the previous reporting period and its growing leadership role within the NIC, ONI received increased departmental appropriations, which grew from $59.352 million in 2018-19 and $77.723 million in 2019-20, to $91.907 million in 2020-21.[12] ONI reported that COVID had a significant downward effect on expenditure, with staff travel, conferences, training and engagements limited.[13]

3.19The majority of ONI’s operating budget was allocated to staff salary costs. ONI highlighted that expenditure on contractors and consultants supported: development of ICT to establish a NIC cloud environment; review of ONI’s implementation of recommendations from the 2017 Independent Intelligence Review; and internal audit, finance, IT security and support services.[14]

3.20ONI remained exempt from the efficiency dividend for the review period.[15]

ASD

3.21ASD outlined that in its transition from the Department of Defence to a statutory authority, it had focused on ‘improving its financial reporting and competency, and maturing financial management systems and policies’.[16]

3.22Over the reporting period, ASD received $1,030.9 million in appropriation funding, and $3.3 million in cost recovery revenue, primarily for the provision of ICT services.[17]

3.23The financial records ASD provided to the Committee remained consistent with previous reporting periods: the majority of expenses were incurred through supplier costs, at $534,185,000, followed by employee benefits of $287,667,000.[18] Revenue remained consistent with previous reporting periods.

AGO and DIO

3.24As AGO and DIO sit within the Defence portfolio, their financial information is included within Defence financial statements. However, both organisations provided the Committee with copies of their individual financial statements.

3.25The figures DIO provided to the Committee were largely consistent with the previous reporting period. However, supplier expenses were significantly higher than in previous years, particularly where they related to communications and information technology.[19] DIO reported that in 2020-21 it received $68.508 million in government revenue and $0.52 million in revenue from goods and services.[20] This was consistent with the previous DIO budget allocation from 2019-20, of $68.491 million.[21]

3.262020-21 saw AGO’s budget allocation reduce from $290.4 million to $276.8 million.[22] Similar to DIO, AGO also derived some revenue from provision of goods and services, which reduced by $0.45 million from the previous reporting period to $1.25 million.[23]

3.27Both DIO and AGO’s largest expenditure over the period was on suppliers, followed by employee expenses.[24]

Financial statement audits

3.28The Commonwealth’s financial framework is provided for under the Public Governance, Performance and Accountability Act 2013 (PGPA Act).

3.29ASIS, ASIO, ASD and ONI are each required to produce annual financial statements in accordance with section 42 of the PGPA Act, supported by the Public Governance, Performance and Accountability (Financial Reporting) Rule 2015 (the Financial Reporting Rule).[25]

3.30Under section 105D of the PGPA Act, the Minister for Finance can make determinations modifying the requirements of the Act in relation to certain functions carried out by intelligence agencies. Such determinations have been made for all of the agencies, notably allowing the omission of certain financial information from the financial statements of ASIS, ASD and ASIO, where the information may be operationally sensitive.

3.31The ANAO audits the agencies’ financial statements and reports on whether they:

  • comply with the Australian Accounting Standards and PGPA Financial Reporting Rules; and
  • present fairly the financial position of the entity and its financial performance and cash flows for the year then ended.[26]
    1. DIO and AGO were not listed entities for the purposes of the PGPA Act during 2020-21 as they are divisions within the Department of Defence, and as such the ANAO’s assessment of these divisions is considered within broader audits of the Department of Defence.[27] Unaudited financial statements for both AGO and DIO were provided to the Committee as part of this review.
    2. The ANAO conducts its audits in accordance with the ANAO’s Auditing Standards, which incorporate the Australian Auditing Standards, to ‘provide reasonable assurance as to whether the financial statements are free from material misstatement’.[28] The ANAO explained that:

A financial statements audit involves performing procedures, which in the judgement of the auditor, will obtain sufficient and appropriate audit evidence about the amounts and disclosures in the financial statements. The procedures that the ANAO perform in each audit depend on the auditor’s judgement, including the assessment of the risks of material misstatement in the financial statements, whether due to fraud or error. In planning a financial statements audit the ANAO undertakes a risk assessment of the overall risk of misstatement in the financial statements which includes consideration of the: operating environment, adoption and use of technology, changes in and complexity of the financial reporting framework and results of previous audits.[29]

3.34The ANAO reported that key elements of the governance arrangements for all intelligence agencies, designed to provide ‘reasonable assurance’ in the preparation of financial statements, continued to operate as follows:

  • a number of management committees that meet regularly to evaluate the entity’s direction and financial results;
  • a risk management and fraud control process that identifies risks and mitigation strategies;
  • an internal audit function that provides assurance on the effectiveness of internal controls;
  • guidance for officials on the Accountable Authority and delegations; and
  • an audit committee that meets quarterly and has independent members.[30]
    1. Below are short summaries of the information provided to the Committee from the ANAO regarding audits of each agency over the reporting period.

ASIS

3.36Consistent with the previous two reporting periods the ANAO assessed the risks of material misstatement associated with ASIS’s financial statements to be ‘moderate’.[31]

3.37The ANAO issued an unmodified audit report for 2020-21 for ASIS, and did not identify any ‘moderate’ or ‘significant’ audit findings.[32]

ASIO

3.38The ANAO assessed the risks of material misstatement associated with ASIO’s financial statements for both reporting periods as ‘moderate’.[33]

3.39The ANAO issued an unmodified audit report for 2020-21 for ASIO. The ANAO identified employee benefits expenses, employee leave provisions, non-financial assets and depreciation expenses, as holding a ‘moderate’ audit risk rating.[34] These did not impede the issuing of an unmodified audit report for this reporting period.

ONI

3.40Consistent with the previous two reporting periods, the ANAO assessed the risks of material misstatement associated with ONI’s financial statements as ‘low’.[35] Employee benefits, non-financial assets and grants expenses were all considered to hold a ‘low’ audit risk rating, and did not affect the ANAO’s issuing of an unmodified audit report.[36]

ASD

3.41The ANAO assessed the risk of material misstatement associated with ASD’s financial statements for both reporting periods as ‘moderate’.[37]

3.42A moderate audit finding from the 2019-20 audit of ASD, ‘identified weaknesses in ASD’s asset management and accounting framework relating to assets under construction’, was resolved during the reporting period.[38] In response to the finding, ASD undertook improvements through updated policies and procedures for project managers and asset custodians, review of the balance of assets and update of the asset register, and implementation of monthly accounting processes. As a result of these activities ANAO advised that this audit finding was resolved.[39]

3.43Three ‘moderate’ risk audit issues were identified for 2020-21 related to non-financial assets, depreciation expenses and all financial statement line items.[40] These did not, however, impact the ANAO’s issuance of an unmodified audit report of ASD’s financial statements.[41]

AGO and DIO

3.44As noted above, revenues, expenses, assets and liabilities of the AGO and DIO were included in the annual financial statements of the Department of Defence for the reporting periods, and not separately audited by the ANAO.

3.45In relation to the audit, the ANAO advised that ‘Whilst the ANAO identified audit findings in the financial statement audit of Defence and reported them to the Accountable Authority, there were no significant or moderate audit findings identified specifically related to the operations or financial management of DIO and AGO’.[42]

Committee comment

3.46The Committee expresses its appreciation to the agencies under review for providing financial summaries and statements as part of their submissions. Whilst the Committee is not able to report on specifics of expenditure, the Committee noted with interest:

  • general variations related to COVID-19 impacts;
  • opportunities for efficiencies;
  • assessment of value-for-money; and
  • outcomes of budget variances.
    1. Based on the evidence provided by agencies and the ANAO, the Committee was satisfied with the conduct of agencies, their efforts to achieve value-for-money outcomes for the Australian taxpayer, and their appropriate management of budgets and expenditure over the reporting period.
    2. The Committee examined with interest the process of financial reporting to the ANAO and the function and capability of agencies’ internal audit committees. As part of this, the Committee considered any limitations the Auditor-General may face in undertaking or publishing financial audits. While satisfied by the assurances provided by the ANAO of the Auditor-General’s ability to access all necessary evidence when undertaking audits, this did inform the Committee’s decision to recommend enhancing the ANAO’s ability to contribute to the effective oversight of agencies by providing classified reporting to the Committee (see Recommendation 1 in Chapter 2 above).
    3. The Committee also considered the detail of information released in the public domain, compared with that provided in classified submissions and hearings, and how this interacts with reporting exemptions under section 105D of the PGPA Act.
    4. The Committee notes that no significant or moderate audit issues were identified by the ANAO during the reporting period in relation to the agencies. On the basis of the evidence from the ANAO, the Committee is satisfied that the agencies appropriately reported their financial positions through their financial statements over the 2020-21 review period.

Footnotes

[1]Interested parties can access relevant Annual Reports and Portfolio Budget Statements at: www.transparency.gov.au.

[2]Parliamentary Joint Committee on Intelligence and Security (PJCIS), Committee Hansard, 14 November 2022, Canberra, pp. 53-57.

[3]ASIO, Submission 6, pp. 31-38.

[4]ASIO, Submission 6, p. 33.

[5]ASIO, Submission 6, pp. 31-33.

[6]ASIO, Annual Report 2020-21, p. 121.

[7]ASIO, Submission 6, p. 28.

[8]ASIO, Submission 6, p. 28.

[9]ASIS, Submission 7, pp. 45-51.

[10]ASIS, Submission 7, p. 51.

[11]ASIS, Submission 7, p. 51.

[12]PJCIS, Review of Administration and Expenditure No. 18 (2018-19) and No. 19 (2019-20) – Australian Intelligence Agencies, October 2021, p. 56; ONI, Submission 4.1, p. 24.

[13]ONI, Submission 4.1, p. 24.

[14]ONI, Submission 4.1, p. 25.

[15]ONI, Submission 4.1, p. 25.

[16]ASD, Submission 8, p. 64.

[17]ASD, Submission 8, p. 14.

[18]ASD, Submission 8, p. 14.

[19]Department of Defence (DIO), Submission 9, p. 26.

[20]Department of Defence (DIO), Submission 9, p. 24.

[21]Department of Defence (DIO), Submission 9, p. 24.

[22]Department of Defence (AGO), Submission 9, p. 47.

[23]Department of Defence (AGO), Submission 9, p. 52.

[24]Department of Defence (AGO), Submission 9, p. 52; Department of Defence (DIO), Submission 9, p. 24.

[25]ANAO, Submission 2, para. 15.

[26]ANAO, The audit process, www.anao.gov.au/about/audit-process, accessed 31 January 2023.

[27]ANAO, Submission 2, para. 15.

[28]ANAO, Submission 2, para. 10.

[29]ANAO, Submission 2, paras. 10-11.

[30]ANAO, Submission 2, para. 14.

[31]ANAO, Submission 2, para. 23.

[32]ANAO, Submission 2, paras. 24-25.

[33]ANAO, Submission 2, para. 27.

[34]ANAO, Submission 2, table 4, paras. 27-29.

[35]ANAO, Submission 2, para. 38.

[36]ANAO, Submission 2, table 6, para. 39.

[37]ANAO, Submission 2, para. 31.

[38]ANAO, Submission 2, para. 34

[39]ANAO, Submission 2, paras. 34-36.

[40]ANAO, Submission 2, table 5.

[41]ANAO, Submission 2, para. 32.

[42]ANAO, Submission 2, para. 43.