2016 Standing Directions
Implementation Assurance Program: Summary of Findings
A revised set of Standing Directions (2016 Directions) of the Minister for Finance were issued
commencing 1 July 2016.
The Directions include strengthened compliance, reporting and public attestation requirements.
The Department of Treasury and Finance (DTF) conducted an implementation assurance program
reviewing Victorian Public Sector (VPS) agency readiness to comply with the 2016 Directions ahead of
the 2018 public attestation.
Implementation Assurance
Program – Purpose and Process
The assurance program assessed agency readiness
for compliance with the 2016 Directions. All VPS
agencies are required to adhere to the provisions of
the 2016 Directions and Instructions from 1 July
2016, with the exception of certain provisions that are
subject to transitional arrangements.
The program surveyed Chief Executive Officers
(CEO), Chief Finance Officers (CFO), Audit
Committee Chairs and compliance managers of 60
Victorian Government agencies, including all portfolio
departments. Responses were received from 128
respondents across 58 of the selected agencies,
including responses from all portfolio departments.
The selected agencies were a representative
cross-section of the VPS in terms of size, sector,
functions and risk profiles. The surveys were
supplemented with a further 12 interviews
undertaken with selected agencies.
DTF thanks all participants for their time and valued
contributions.
A summary of findings is provided below for each
area of focus in the assurance review.
Summary of Findings
agencies yet to makes changes to behaviour or
engagement to foster greater accountability.
Eighty-four per cent of agencies considered the
transitional provisions adequate. However, many
commented that the timing of issuing the 2016
Directions did not allow agencies sufficient time to
achieve full compliance by 1 July 2016. Under the
2003 Directions, compliance was assessed as at 30
June each year, whereas the 2016 Directions require
compliance to be achieved for the full year from
1 July.
To allow time to fully implement the 2016 Directions,
the 2016-17 year is transitional. Agencies should
refer to Direction 1.4 for further information.
Portfolio relationships (Direction and
Instruction 2.3.4)
Portfolio department engagement with agencies was
inconsistent across the VPS, with 46 per cent of
agency CFOs never having meetings with their
respective portfolio department CFO.
Portfolio department CFOs should give consideration
to establishing a minimum engagement program with
their portfolio agency CFOs. Portfolio departments
should also seek feedback from their portfolio
agencies regarding the type of assistance that may
be required, the effectiveness of their relationship
and the resources required to implement and ensure
ongoing compliance with the 2016 Directions.
General readiness and awareness
All surveyed agencies were aware of the 2016
Directions and 95 per cent considered their agency at
least partially ready, with most having completed
internal briefings, gap analyses and policy and
procedure updates.
There was no evidence that portfolio department
Accountable Officers had conducted a risk
assessment of portfolio agencies. Accordingly,
portfolio departments should conduct risk
The transition focus so far appears to be
predominantly process orientated, with most
Implementation Assurance Program: Summary of Findings
Page 1
assessments and where necessary, tailor the
monitoring and reporting requirements
commensurately with any changes in an agency’s
risk environment.
Planning and managing performance
(Direction 4.1) and asset management
accountability (Direction 4.2.3)
Portfolio departments should also facilitate regular
engagement between portfolio department and
agency Audit Committee Chairs.
Not all portfolio departments had reviewed and
updated their policies and procedures against the
requirements of these specific Directions.
CFO rules (Directions 2.4, 2.4.2 and
2.4.5)
The 2016 Direction requirements on planning and
managing performance and asset management were
not perceived by interviewees to be different from
previous requirements, and the impact was
anticipated to be minimal.
Eighty per cent of CFOs reported having a direct
reporting line to Accountable Officers, or forums to
engage with them on at least a fortnightly basis.
Ninety-seven per cent of CFOs attend Audit
Committee meetings and none indicated engagement
with the Accountable Officer was insufficient.
The provision of strategic advice does not represent
a new requirement for 93 per cent of CFOs, however
their ability to provide strategic advice is often
constrained by resourcing.
Of the CFOs surveyed, 98 per cent met the
educational requirements and 96 per cent (though
not mandatory) were members of a professional
association.
Fraud, corruption and other losses
(Directions 3.5, 3.5.1 and 3.5.2)
Ninety-three per cent of agencies had mechanisms in
place to record fraud, however 25 per cent did not
have a fraud, corruption and other losses prevention
and management policy.
While agencies were able to articulate the nature and
significance of fraudulent activities that should be
disclosed to portfolio departments, they were not
able to confirm these views aligned with those of the
department.
For over half of agencies surveyed, there was
insufficient segregation between the role responsible
for maintaining fraud records and the role
responsible for reviewing them. Agencies should
review their processes to ensure an appropriate
segregation of duties. Audit Committees should
confirm this is occurring, as part of exercising their
responsibilities in relation to fraud prevention and
management.
Some agencies maintaining a moderate asset base,
but with no Asset Management Strategy, indicated it
would be unlikely they would meet this requirement
by 30 June 2017.
Financial management compliance
(Direction 5.1.1)
Eighty-seven per cent of agencies reported having
systems or frameworks in place to monitor
compliance. Systems varied from a review of the
DTF financial management and compliance checklist,
to spreadsheets and more complex applications that
incorporate reporting functionality and work flow (for
example ‘Tickit On Demand’).
Some agencies (particularly those without a
dedicated compliance officer) were finding the lack of
templates and prescription in the revised 2016
Directions challenging. They expressed concern as
to whether their interpretation would satisfy the
expectations of DTF, Internal Audit and their Audit
Committee.
Agencies should seek Internal Audit and Audit
Committee reviews and endorsement of planned
activities to meet the requirements of the 2016
Directions as soon as practicable. This should allow
for any differences to be addressed in a timely
manner. Any uncertainty over compliance with the
2016 Directions should be referred initially to the
portfolio department for clarification, and if still
unresolved, the matter should be referred to DTF.
Agencies would also benefit from sharing better
practices though departmental forums.
Implementation Assurance Program: Summary of Findings
Page 2
The four main factors identified by the agencies
surveyed that contribute to a strong culture of
compliance are the:




internal audit regime;
the approach adopted by the Accountable
Officer and Responsible Body;
incidence of past non-compliance; and
nature of some agency functions as a regulator
or central agency.
While Accountable Officers consider compliance with
the 2016 Directions as important or very important,
22 per cent do not receive any reporting and 39 per
cent of those that do, only receive an annual report.
Accordingly, Accountable Officers should review how
frequently they receive reports on compliance and
the visibility of compliance in their agency. Portfolio
departments should consider using agencies in their
portfolio that operate as regulators as models of best
practice for compliance culture.
As agencies must be compliant with any Direction for
the full year to record a ‘fully compliant’ rating, the
frequency of review of compliance frameworks may
need to be improved. Half of the agencies surveyed
only review compliance annually, which may impact
on their ability to identify and address compliance
deficiencies in a timely manner.
Agencies should review compliance frameworks as
required to allow time for:



changes to policies and procedures;
approval (for example, by the Audit
Committee); and
compliance practices to be embedded in day to
day operations, to ensure full compliance in the
subsequent year.
Audit Committees play a key role in reviewing and
monitoring compliance, and were found to be an
effective mechanism for monitoring compliance with
the 2016 Directions.
Close to 70 per cent of all respondents saw
responsibility for compliance as a significant part of
their role, despite not having direct compliance
responsibilities.
Reporting to Portfolio Departments/DTF
(Direction 5.3)
All agency Accountable Officers surveyed indicated
that they had processes in place to notify the portfolio
department or DTF of significant issues.
While the quality of agency financial information was
generally assessed as good or better, almost a
quarter of agencies never submit financial
information to their respective portfolio department
before submission to DTF.
To increase departmental review and improve the
quality and consistency of information submitted to
DTF, agencies should submit financial information
through the portfolio department before submission
to DTF. Similarly, requests by portfolio agencies
should be made through portfolio departments.
Conclusion
The assurance program notes agencies indicated
readiness at varying levels of completeness and that
it is unlikely that any agencies will record full
compliance for the current transitional year.
DTF reiterates that the purpose of the transitional
year is to allow agencies time to become ready for
full compliance from 1 July 2017.
The completion of a trial attestation during the
transition year will assist with identifying possible
compliance issues for resolution, before the first
public attestation in 2018.
DTF will continue to work with agencies and portfolio
departments to support the implementation of the
2016 Directions. This may include conducting
information sessions, providing interpretive advice
and additional guidance materials.
Implementation Assurance Program: Summary of Findings
Page 3