[ Skip to content | Skip to Table of Contents | PDF of this document | VAGO Home | VAGO Publications | Reduce Text Size | Enlarge Text Size ]
Victorian Coat of Arms

Effectiveness of Compliance Activities: Departments of Primary Industries and Sustainability and Environment

Ordered to be printed

VICTORIAN GOVERNMENT PRINTER October 2012

PP No 186, Session 2010–12

The Hon. Bruce Atkinson MLC
President
Legislative Council
Parliament House
Melbourne
The Hon. Ken Smith MP
Speaker
Legislative Assembly
Parliament House
Melbourne

Dear Presiding Officers

Under the provisions of section 16AB of the Audit Act 1994, I transmit my report on the audit Effectiveness of Compliance Activities: Departments of Primary Industries and Sustainability and Environment.

Yours faithfully

Signature of D D R PEARSON (Auditor-General)

D D R PEARSON
Auditor-General

24 October 2012

Audit summary

The overall prosperity of the state relies on a healthy environment and effectively managing natural resources and primary industries to keep them sustainable. This entails controlling or regulating high-risk aspects of their use, preserving economically important industries, meeting community expectations and protecting the environment.

Compliance with legislation means the actions of those being regulated conform to the conditions imposed by the law. Regulators use a range of activities to encourage compliance and deter noncompliance. These usually include three core elements:

Noncompliance can contribute to the loss of high-value species, ecosystems and industries. For other species and systems, the cumulative impacts of environmental crime are incremental and less obvious.

The departments of Primary Industries (DPI) and Sustainability and Environment (DSE) are responsible for sustainably managing the state’s environment, primary industries and natural resources. This includes managing compliance for such diverse sectors as fisheries, agriculture, mining, parks, forests and biodiversity protection.

DPI has compliance responsibilities and powers under 45 Acts. Sixteen of these are Acts that it administers directly and 29 are administered by other state and Australian government agencies. DSE has compliance responsibilities and powers under 16 Acts—11 that it administers directly and five that are administered by other agencies.

This audit examined the effectiveness and efficiency of DPI’s and DSE’s compliance activities under environment, natural resources and primary industries legislation. This included assessing the risk-base for their compliance approaches and examining how well they promote and monitor compliance, and respond to noncompliance.

Conclusion

Neither DPI nor DSE has a comprehensive whole-of-organisation, risk-based approach to managing their compliance responsibilities. They have not clearly identified how compliance activities contribute to achieving legislative objectives and corporate outcomes, how they measure success, or how they monitor and report compliance performance.

This limits their ability to monitor high compliance risks across the departments and to provide assurance about how well they perform their compliance role and the outcomes achieved.

As a consequence, DPI and DSE cannot be sure that their compliance activities contribute to protecting natural resources, primary industries and the environment as the legislation intended.

DPI is addressing a range of issues identified in this audit, having restructured to bring its regulators under the one group to improve central oversight, coordination and alignment, while retaining the individual focus of each.

DSE's deficiencies are substantial and require a concerted effort to address them. It has known about its poor compliance approach since at least its 2009–10 compliance review, but many of the fundamental problems with DSE’s approach to compliance remain. These include the lack of accountability, oversight and risk-based compliance planning needed to drive a robust and consistent approach across the department. DSE is now starting to make the changes needed to achieve this, including strengthening the role of its compliance steering committee and committing to improved planning.

Findings

Departmental compliance frameworks

An organisation-wide compliance framework provides a common platform of policy, principles and processes to align and guide different regulatory groups in planning and delivering risk-based, fit-for-purpose compliance work.

DPI has some of the elements of a whole-of-organisation approach to compliance but these are not sufficiently developed or applied consistently across its regulators to provide assurance that its compliance efforts are effective. Its three regulators each have many effective compliance processes and practices, but the degree to which their overall approaches are risk-based, well informed, targeted, and reviewed varies.

A lack of alignment and coordination between regulators has also reduced DPI’s efficiency and transparency in delivering its compliance function. DPI recognises the need for a more cohesive and coordinated approach and has introduced a central regulation and compliance group to strengthen its oversight and assurance.

DSE has a department-wide framework, but it is neither strategic nor comprehensive and is not being used to guide its compliance activities. This is largely because accountability for delivering the approach has not been assigned and senior management’s oversight has been inadequate.

DSE’s regulatory responsibilities lie mainly with its five regional offices, which share responsibility for a common set of Acts and regulations, including compliance responsibilities. However, there are only isolated examples of strategic, risk-based, consistent, and transparent compliance work across the regions. So while it has some good practices, DSE is not fulfilling its compliance responsibilities consistently or effectively.

Policies, responsibilities and risks

A compliance policy guides the regulator to perform its responsibilities, and communicates the regulators’ principles and approach to securing compliance to the community and staff.

Despite their considerable powers, neither department has an organisation-wide compliance policy that meets better practice principles for guiding compliance activities. DPI and DSE have not adequately communicated their objectives, principles, responsibilities or approaches in undertaking their compliance roles, including how they will use a risk-based approach to target their work. This increases the risks that their staff will not work effectively and that the community is not as well informed as it needs to be.

DSE has committed to developing and implementing a compliance policy by December 2012. DPI recently reviewed its enforcement policy, but the revised draft still does not incorporate the principles of a good compliance policy.

DSE and DPI need to effectively communicate their compliance obligations and powers to those they have authorised to undertake compliance activities. Each has delegated its responsibilities within the department, however, neither communicates what it expects of its delegates in discharging their responsibilities. Nor do they adequately review how well staff understand and use their delegations. This compromises their ability to effectively act on the delegations and make informed decisions.

Regulators also need to assess the risks that affect their ability to effectively administer their legislation, and the regulated community’s ability or willingness to comply. They should be targeting their resources and activities at high or unmanaged risks.

While both departments have corporate risk management systems in place, these are yet to adequately identify and monitor the high compliance risks across all legislation. DSE has a department-wide approach for identifying and managing compliance risks but does not use it. Only DPI’s Fisheries Victoria has a robust and transparent process for identifying its high compliance risks.

Oversight and accountability

Departments need to establish and maintain an effective framework of accountability, oversight and internal control. For regulators, this includes systems designed to assess whether they are achieving legislated objectives, and whether regulations are complied with.

DPI and DSE do not have effective whole-of-organisation oversight of, and assurance about, delivery of their compliance objectives. DPI’s poor central oversight of its compliance functions and DSE’s broader lack of good governance over its functions reduce their control and assurance over how they exercise their powers and meet their responsibilities.

DPI’s regulators have clear accountability for their compliance role. However, it has had no specific central oversight across regulators to provide assurance about the extent to which its compliance activities are being effectively and efficiently delivered.

DSE has central governance arrangements. However, its active oversight of how the compliance functions are delivered has been minimal. It is now in the process of strengthening this. DSE has not assigned accountability for achieving compliance objectives and this is limiting its ability to drive a strong and consistent compliance effort across the department, monitor its activities and improve performance.

DPI, and to a lesser extent DSE, are introducing stronger central governance and oversight to align and oversee their regulation and compliance work more efficiently, and to provide assurance about their effectiveness to secretaries and their deputies.

Although measuring compliance performance can be challenging, both departments need to be able to monitor the quality and effectiveness of their activities and report publicly on how well they have met their responsibilities.

DPI and DSE are not adequately measuring, monitoring, reporting or reviewing their compliance performance and lack appropriate performance measures, targets and benchmarks. Their departmental performance management systems do not specifically measure compliance performance, or how this contributes to achieving legislative objectives and corporate outcomes.

DPI has been improving its measures but they are not yet comprehensive or clearly linked to corporate outcomes. DSE has not defined how it will measure its compliance objectives. Inadequate data capture and information management continue to compound these difficulties, particularly in DSE.

Each department has some public compliance reporting, particularly in their annual reports. This is usually activity focused and rarely indicates the extent to which objectives were achieved, and so is not conducive to transparency or accountability.

Compliance activities

Regulators prioritise and plan their compliance work, targeting their activities and resources at the highest risks, and selecting the right mix of compliance tools to manage them. Better practice compliance programs use a mix of activities—matched to the type and significance of the compliance issue or risk being addressed—to promote and monitor compliance, and address and deter noncompliance.

Both DPI and DSE are using a range of compliance tools to actively pursue compliance. However, neither has the level of good planning, information management, quality assurance and review needed to effectively target their efforts and to deliver high standards of work. This is particularly important given the wide range of powers the departments exercise across a large number of Acts, and in diverse settings across the state.

DPI’s regulators each deliver a comprehensive program of compliance activities across their responsibilities but the quality of the risk assessment and information used to develop these programs varies across regulators.

DSE’s regions rarely use a transparent, risk-based approach or any other clear rationale to inform the decisions they make about which compliance issues they will address, and how they will do it—even though its statewide compliance strategies have included a risk-based process for doing this since 2008. Instead, it conducts a series of largely reactive, one-off investigations and operations rather than adopting a targeted approach.

DSE has committed to developing risk-based regional compliance plans, with the first due in December 2012.

Managing the quality of compliance work

Regulators need to support controlled, consistent and transparent compliance work, and the appropriate use of powers by authorised officers. This involves recruitment, training and authorisation strategies to match staff skills and experience to compliance requirements. Standards, procedures and review processes are used to support these officers in conducting their work.

DPI has comprehensive work standards, which it generally follows, to support the quality of its compliance work—such as conducting inspections and managing seized property. DSE does not have comprehensive work standards and does not consistently use those it has. Its work is poorly documented, is not reviewed in any systematic way to support continuous improvement, and does not balance planned and reactive efforts as intended.

Neither department has an agency-wide approach for recruiting compliance staff or has centrally planned, controlled and consistent training and professional development for all authorised officers. Both lack a transparent complaints management policy and central register to support good practice and to accurately monitor complaints.

Recommendations

  1. The departments of Primary Industries and Sustainability and Environment should strengthen their whole‑of‑department compliance frameworks by:
    • developing whole-of-department compliance policies and specific regulator policies, as appropriate, that meet better practice criteria—including describing education and enforcement approaches, and making relevant information publicly available
    • improving how they manage delegations—including maintaining current registers of delegations and Acts with compliance responsibilities, communicating expectations for managing delegations, and regularly assessing how well the delegations are used
    • transparently identifying and monitoring high compliance risks across all Acts and regulations, and reporting these to senior management
    • improving oversight and assurance of their compliance functions by better monitoring how they manage their compliance responsibilities—including through regular external review, and, for the Department of Sustainability and Environment, by also assigning clear accountability for its compliance functions and the statewide compliance strategy.
  2. The departments of Primary Industries and Sustainability and Environment should establish department-wide compliance performance management systems that identify:
    • a core set of compliance outcomes
    • relevant, appropriate and representative compliance performance measures of effectiveness against the outcomes and compliance objectives
    • transparent internal reporting and balanced public reporting on compliance
    • targeted and reliable compliance data and information sets relevant to the performance measures, based on a data and information gap analysis.
  3. The regulators within the departments of Primary Industries and Sustainability and Environment should:
    • rigorously and transparently prioritise and plan their compliance work under all relevant Acts
    • regularly and systematically review how consistently and objectively they conduct all types of enforcement actions.
  4. The Department of Sustainability and Environment should:
    • develop and implement regional compliance plans that are risk-based, soundly targeted, consistent and aligned with corporate priorities and the statewide compliance strategy
    • develop an achievable, detailed plan for delivering its statewide compliance strategy, and implement it.
  5. The Department of Sustainability and Environment should strengthen its management of wildlife and plant licences and permits by:
    • upgrading the wildlife and plant licence and permit systems without further delay
    • requiring staff to record all relevant information in the systems, such as licensee inspections and interviews, and periodically reviewing how they use the systems
    • accurately recording the number of licences, permits and authorisations it issues, and making this information publicly available
    • reviewing its policy on using licence conditions and sanctions as a response to noncompliance.
  6. The departments of Primary Industries and Sustainability and Environment should identify and centrally document core processes for managing the work standards, recruitment, training and authorisation of compliance officers and central systems for coordinating and reviewing these activities
  7. The departments of Primary Industries and Sustainability and Environment should each:
    • develop and implement a whole-of-department, better practice complaints management policy and training
    • publish the policy on its website
    • record all complaints in a central register(s), monitor complaints data and use this information to improve regulatory policies and processes.

Submissions and comments received

In addition to progressive engagement during the course of the audit, in accordance with section 16(3) of the Audit Act 1994, a copy of this report was provided to the departments of Primary Industries and Sustainability and Environment with a request for submissions or comments.

Agency views have been considered in reaching our audit conclusions and are represented to the extent relevant and warranted in preparing this report. Their full section 16(3) submissions and comments are included in Appendix B.

[ Contents of this report | VAGO Home | VAGO Publications ]

1. Background

1.1 Regulating the environment, natural resources and primary industries

Industries such as agriculture, coal mining and forestry are important to Victoria’s economy, providing jobs and producing food, electricity and other commodities for local use and export. Other sectors such as recreational fishing and state parks have significant social value. All of these require controls, or regulations, to manage them sustainably so that our environment, economy and social values are protected.

Without controls, unsustainable use can contribute to the loss of high-value species, ecosystems and industries, such as whales, red gum forests and the abalone fishing industry. For other species and systems, the cumulative impacts of noncompliance are incremental and less obvious.

1.1.1 Legislation and regulation

Victoria has enacted a range of legislation which, together with its associated regulation is designed to control high-risk activities to protect the environment from harm, to preserve economically important industries, and to meet community expectations.

Victoria has a number of regulators within the environment, natural resources and primary industries sector. The Department of Primary Industries (DPI) has regulators within the department, as well as two statutory authority regulators—Dairy Food Safety Victoria and PrimeSafe. Similarly, the Department of Sustainability and Environment (DSE) has its own regulatory functions as well as those delivered by its two statutory authority regulators—the Environment Protection Authority and Parks Victoria.

This audit focused on the regulatory activities conducted within the two departments. The Acts that DPI and DSE regulate govern areas such as animal and plant health, chemical use in agricultural production, fisheries, mining, public land management and wildlife and native plant protection.

DPI has compliance responsibilities and powers under 45 Acts. Sixteen of these are Acts that it administers directly and 29 are administered by other state and Australian government agencies. DSE has compliance responsibilities and powers under 16 Acts. Eleven of these are Acts that it administers directly and five are administered by other agencies. These Acts are listed in Appendix A.

Many of these Acts and their regulations contain enforcement powers that are used as needed to make sure the protections are complied with. Penalties can be significant, as Figure 1A highlights.

Figure 1A
Examples of offences under natural resources and environment legislation

Act

Offence

Maximum penalty

Fisheries Act 1995

Trafficking a commercial quantity of a priority species

10 years imprisonment

Conducting unlicensed fishing activities

200 penalty units and/or one year imprisonment

Wildlife Act 1975

Interfering with a whale

1 000 penalty units

Actions harming threatened wildlife

240 penalty units and/or two years imprisonment

Note: For 2012–13, one penalty unit is $140.84. The rate is indexed annually in line with inflation.

Source: Victorian Auditor-General’s Office.

1.2 Managing compliance

Regulators undertake a range of activities to encourage compliance and deter noncompliance. These usually encompass three core elements:

Regulators will typically target their compliance work at different sections of the community. This may include the general public, industry groups, sporting clubs or licensees. To be able to comply with regulations the regulated community needs to:

Figure 1B illustrates environment, natural resources and primary industries compliance issues in Victoria.

Figure 1B
Examples of environment, natural resources and primary industries compliance issues in Victoria

Compliance issue

Likely consequences

Illegal clearing of native vegetation

Loss of habitat; endangers the survival of plant and animal species

Illegal trade in protected wildlife

Endangers the survival of rare native animals

Introduction of animal and plant pests

Reduces farm productivity and market access; damages fisheries; kills native animals and plants

Illegal mining

Endangers health and safety; damages environment

Illegal use of crown land

Blocks public access or use; damages environment

Illegal fishing

Loss of fisheries if too many are killed or they are killed at the wrong size or time of year

Illegal firewood collection

Available firewood gets used up before it is replenished naturally; loss of habitat

Illegal duck hunting

Population declines if too many are killed or they are killed at the wrong time of year

Source: Victorian Auditor-General’s Office.

There are many examples of how regulation has effectively managed these issues in Victoria, such as by slowing the depletion of native forests and fisheries, and increasing agricultural productivity by reducing pests.

1.2.1 Better practice in managing compliance

A better practice compliance approach or framework is risk-based. This means it targets compliance activities to where they will have the greatest influence in supporting sustainable management, and in deterring and detecting activities that put the environment, primary industries and natural resources at the greatest risk of harm.

Better practice also includes setting clear policy and standards for the regulator’s compliance approach, and effectively overseeing how it is implemented, as well as measuring and reporting on what the compliance activities achieve. The activities should be coordinated, transparent and enforce the law in proportion to the potential seriousness of noncompliance.

There is a range of better practice guidance material available to regulators, which were used as assessment criteria in this audit, including:

Results of a range of inquiries and reviews have also provided guidance for regulators, such as the Victorian Competition and Efficiency Commission’s 2009 inquiry into environmental regulation; the State Services Authority’s 2009 review of the governance of regulators; and the United Kingdom’s 2005 Hampton review of effective inspection and enforcement by regulators.

DPI and DSE are also members of the Australasian Environmental Law Enforcement and Regulators Network, which supports improved compliance capacity and effectiveness across regulators.

1.3 Departmental compliance responsibilities

DPI and DSE are responsible for the sustainable management of natural resources, primary industries and the environment. This encompasses a wide range of sectors including fisheries, agriculture, mining parks and other public land, forests, and broader biodiversity protection.

In administering their legislation, DPI and DSE operate according to other Victorian legislation and guidance related to managing compliance and regulating effectively. This includes guidance from the Office of Public Prosecutions as well as fraud, privacy and freedom of information legislation and guidance.

Compliance activities are primarily undertaken by DPI and DSE authorised officers, who are empowered by the departmental secretary to inspect regulated activities, direct licensees or suspected violators, or take appropriate action to enforce law or regulation. The authorisations cover a range of activities including licensing and enforcement, and many officers have multiple authorisations.

There are currently around 400 authorised officers in DPI and 400 in DSE. Of these, DSE has 23 full-time and 85 part-time compliance officers across its five regions, whereas in DPI, Fisheries Victoria alone has around 73 full-time compliance staff.

1.3.1 Department of Primary Industries

DPI has compliance responsibilities as part of its management of fisheries, forestry, game, earth resources and the biosecurity of natural resources and primary industries. Until August 2012 it managed these through three regulatory bodies based within the department (Figure 1C):

Figure 1C
The Department of Primary Industry’s structure for delivering its compliance responsibilities prior to August 2012

Figure 1C The Department of Primary Industry’s structure for delivering its compliance responsibilities prior to August 2012

(a) The Catchment and Land Protection Act 1994 is administered by DSE but DPI is jointly responsible for, and takes the lead in, managing pest plants and animals compliance.

(b) The Wildlife Act 1975 is administered by DSE but DPI is jointly responsible for, and takes the lead in, managing game compliance.

Note: The other Acts listed are those administered by DPI that include compliance responsibilities. The Acts administered by other agencies that also give DPI compliance responsibilities and powers are listed in Appendix A.

Source: Victorian Auditor-General’s Office.

A departmental restructure in August 2012 brought these three regulators together as part of a Regulation and Compliance Group (Figure 1D).

Figure 1D
The Department of Primary Industry’s structure for delivering its compliance responsibilities from August 2012

Figure 1D The Department of Primary Industry’s structure for delivering its compliance responsibilities from August 2012

(a) The Catchment and Land Protection Act 1994 is administered by DSE but DPI is jointly responsible for, and takes the lead in, managing pest plants and animals.

(b) The Wildlife Act 1975 is administered by DSE but DPI is jointly responsible for, and takes the lead in, managing game.

Note: The other Acts listed are those administered by DPI that include compliance responsibilities. The Acts administered by other agencies that also give DPI compliance responsibilities and powers are listed in Appendix A.

Source: Victorian Auditor-General’s Office.

Responsibility for regulating game and forestry transferred from DSE to DPI in 2011 and both are included in the new Regulatory and Compliance group.

1.3.2 Department of Sustainability and Environment

DSE has compliance responsibilities as part of its management of native wildlife and plants, public land, parks and forests. While it also has responsibilities for water and national parks, these are delegated to the water authorities and Parks Victoria. It delivers its compliance activities through five regional offices and four central divisions, which each have regulatory responsibilities along with other functions (Figure 1E).

Figure 1E
The Department of Sustainability and Environment’s structure for delivering its compliance responsibilities

Figure 1E The Department of Sustainability and Environment’s structure for delivering its compliance responsibilities

(a) Compliance responsibilities under the Water Act 1989 and the Water Industries Act 1994 are delivered by the water authorities.

Note: The Acts listed are those administered by DSE that include compliance responsibilities. The Acts administered by other agencies that also give DSE compliance responsibilities and powers are listed in Appendix A.

Source: Victorian Auditor-General’s Office.

As part of a departmental restructure in 2011, wildlife and plant compliance responsibilities transferred from a central group back to each of the five regions, which had these responsibilities until 2008. The regions retained the public land, parks and forests compliance responsibilities throughout these changes.

1.4 Audit objective and scope

The audit’s objective was to determine the effectiveness and efficiency of compliance activities within the environment, primary industries and natural resources sectors.

The audit involved both DPI and DSE, and focused on whether they have sound risk‑based systems and processes to secure compliance—that is, getting Victorians to abide by environment, natural resources and primary industries laws—and whether they effectively oversee how officers use their compliance powers.

The audit examined compliance on two levels in each department:

1.5 Audit method and cost

The audit was performed in accordance with Section 15 of the Audit Act 1994 and the Australian Auditing and Assurance Standards.

The total cost was $410 000.

[ Contents of this report | VAGO Home | VAGO Publications ]

2. Departmental compliance frameworks

At a glance

Background

Regulators need a comprehensive, organisation-wide compliance framework to support fair and proportionate compliance work coverage in alignment with legislative objectives and corporate outcomes.

Conclusion

The departments of Primary Industries (DPI) and Sustainability and Environment (DSE) do not have the whole-of-department, risk-based compliance frameworks needed to secure balanced and effective actions across their compliance responsibilities. Both are now strengthening their approaches, particularly DPI.

Findings

  • DPI has some elements of a whole-of-department framework but its regulators act as separate entities, and compliance work is not uniformly strategic or risk‑based across all regulators.
  • DPI has recognised the need for a more cohesive and coordinated approach and is introducing central oversight and assurance for its compliance functions.
  • DSE has a department-wide framework but it is not strategic, risk-based or comprehensive, and accountability for compliance outcomes is unclear.
  • DSE has started to strengthen its policy and oversight.

Recommendations

The departments of Primary Industries and Sustainability and Environment should strengthen their whole-of-department compliance frameworks by:

  • developing departmental compliance policies that meet better practice criteria
  • transparently identifying and monitoring high compliance risks across all Acts
  • improving oversight and assurance of their compliance functions, and for the Department of Sustainability and Environment by also assigning clear accountability for its compliance functions
  • improving their compliance performance measures, data and reporting.

2.1 Introduction

Both the Department of Sustainability and Environment (DSE) and the Department of Primary Industries (DPI) have compliance responsibilities. Within DSE, these are delivered across its five regions and four of its divisions. Within DPI, three departmental regulators are responsible for compliance.

Given the breadth of compliance functions across each department, both need an organisation-wide framework that enables the regulators to conduct their compliance functions effectively, consistently, objectively and fairly.

An organisation-wide compliance framework provides a common platform of principles and processes to align and guide them in planning and delivering their fit-for-purpose compliance work. The framework should:

The compliance framework should be delivered through the organisation’s risk assurance and performance management processes where possible, and include compliance-specific structures, procedures, training, review, and other processes as needed.

2.2 Conclusion

Neither DPI nor DSE has a comprehensive whole-of-department, risk-based approach to manage their compliance responsibilities. They have not clearly identified how compliance activities contribute to achieving legislative objectives and corporate outcomes, how they measure success or how they monitor and report compliance performance.

This limits their ability to monitor high compliance risks across the department and to provide assurance about how well they perform their compliance role and the outcomes achieved.

2.3 Establishing compliance frameworks

A compliance framework essentially provides an umbrella of policy, guidance and organisational arrangements. It is used to align the compliance efforts of different regulatory bodies and compliance staff across the organisation. It supports them to contribute to the common goals of effectively administering legislation and achieving corporate outcomes consistently and transparently.

Neither DSE nor DPI has an effective compliance framework in place. There are weaknesses evident in their compliance policies, their understanding of their compliance risks and obligations, and weaknesses in compliance oversight and accountability.

2.3.1 Setting compliance policy

A compliance policy guides and directs a regulator to perform its responsibilities consistently and transparently, and to be accountable for its performance. It communicates the regulator’s approach to securing compliance to the community and to staff, although these different audiences may need different levels of detail. A better practice policy should describe its:

It should also outline whole-of-organisation principles and approaches for making decisions and allocating resources.

Neither department has an organisation-wide compliance policy that meets better practice principles for communicating its compliance approach to staff or to the community. Neither department has described its compliance framework or internal responsibilities. Each department also lacks sufficient detail to explain how they:

This means they have not appropriately informed the regulated community or their own staff about what their compliance responsibilities are, and how they will meet them. This potentially reduces the ability of the regulated community to understand how to comply. It also means the departments have not optimised the potential to generate a common and thorough understanding among their compliance staff of the department’s expectations and principles for its compliance roles.

DPI has a policy and procedure that are publicly available. These focus heavily on enforcement activities and do not provide enough detail to describe DPI’s risk-based approach and efforts to support voluntary compliance. DPI’s regulators have identified the need to supplement the departmental policy with regulator-specific information, but have not adequately developed their own compliance policies to achieve this.

DSE has a statewide compliance strategy that contains a number of better practice policy elements, including:

However, the strategy is not comprehensive. It does not clearly describe how DSE will measure and report on performance or encourage voluntary compliance. It mentions the ways that DSE will monitor and enforce compliance, but lacks the level of description needed to support a common understanding of its approach. Additionally the policy is not publicly available, limiting the transparency of DSE’s approach to the community—an element of better practice.

DSE has recognised the need for a departmental compliance policy and is planning to develop one by December 2012. Unlike DPI’s regulators, DSE’s regions all have the same compliance responsibilities and do not need their own additional policies.

2.3.2 Identifying and understanding compliance obligations and compliance risks

DPI has compliance responsibilities and powers under 45 Acts. Sixteen of these are Acts that it administers directly and 29 are administered by other state and Australian government agencies. DSE has compliance responsibilities and powers under 16 Acts. Eleven of these are Acts that it administers directly and five are administered by other government agencies.

Given the number of different Acts that provide for both mandatory and discretionary compliance, DSE and DPI need to have a sound understanding of their compliance obligations and powers, and they need to effectively communicate this to those they have authorised to undertake compliance activities. DSE and DPI also need to understand where the highest risks of noncompliance are to help them make the best decisions about allocating finite resources.

Understanding compliance obligations

Neither DPI nor DSE had accurate information about their compliance obligations available for their staff or those of the communities being regulated, although they are now addressing this.

On their websites, both departments list the Acts for which they have primary responsibility, and each has internal lists of the Acts with compliance responsibilities. However, some Acts were incorrectly identified by both departments as primary Acts, and neither department had identified all of the Acts giving them compliance responsibilities. DPI’s website list of its primary Acts did not match its internal list.

While the secretaries of both DSE and DPI are ultimately responsible for effectively administering legislation—including compliance functions—in practice they delegate responsibility for compliance activities to departmental officers. However, neither department has fully communicated these responsibilities or what they expect of delegates in discharging their responsibilities.

DPI and DSE inform staff of the relevant legislation and associated powers through training and operating procedures. DPI’s regulators also have a range of tools, such as information sheets and databases on the powers of authorised officers, offences and requirements of the Acts.

Neither department has defined its expectations of staff in meeting responsibilities, identified criteria for escalating decision-making, or adequately reflected the delegated responsibilities in position descriptions. They also do not have adequate reporting or review processes to assess how well staff understand and use their delegations. This compromises each department’s ability to effectively act on the delegations and make informed decisions.

DPI and DSE need to regularly assess and report on their staff’s understanding and use of their delegations. They should assign accountability for doing this. DPI is planning to assess this in 2012.

The Minister for Agriculture and Food Security has publicly stated his expectations of DPI’s regulators, including how they should manage their compliance functions. DSE does not yet have a similar statement of expectations from the Minister for Environment and Climate Change, as recommended by the Department of Premier and Cabinet in its 2010 guidance on improving the governance of regulators.

Identifying and monitoring high compliance risks under environment and primary industries legislation

Risk management involves identifying, addressing and monitoring risks to achieving legislative objectives or corporate outcomes. For regulators, this includes risks that affect their ability to administer regulation effectively, or that decrease the regulated community’s ability or willingness to comply.

Regulators use risk information to target resources and activities to unacceptable or poorly managed high risks, and monitor how well these activities reduce the level of risk. They can then address lower risks through less resource-intensive activities—such as advocacy and education approaches to promote voluntary compliance with legislation—and monitor them.

DPI and DSE do not identify and monitor their high compliance risks across all their relevant legislation. Reporting of high risks is generally only reactive, when a significant risk is identified as a result of noncompliance.

While both departments have corporate risk management systems in place, these typically identify internal compliance risks, such as poor management of finances and health and safety obligations, but not the high external or community compliance risks across all relevant Acts.

DPI’s 2009 annual review of its corporate risk management process recommended that it should identify and monitor its high compliance risks but DPI does not yet have the organisation-wide principles or approach to achieve this consistently or transparently. Its regulators have developed their own risk management approaches but not all have identified high compliance risks adequately. Nor have the high risks been collated across the department to support DPI to centrally monitor them.

DSE’s statewide compliance strategies include a method for assessing the compliance risks associated with managing the environment, but regions and divisions are not using this in their risk management and business planning activities. Nor do they have any separate processes for assessing compliance risks, except when they review the regulations—which only occurs every 10 years or more.

Neither department is adequately identifying and monitoring high compliance risks. Consequently, senior managers do not receive regular or complete information on how high compliance risks are being managed. This means they cannot be assured that departmental compliance efforts are focused on the most significant risks in meeting corporate outcomes and legislative objectives.

2.3.3 Establishing oversight and accountability

Organisations need to establish and maintain an effective framework of accountability, oversight and internal control. For regulators, this includes systems to assess whether they are achieving legislated objectives, and whether regulations are complied with.

DPI and DSE do not have effective whole-of-organisation oversight of their compliance functions. DPI’s regulators are accountable for compliance performance, whereas DSE has failed to assign any clear accountability. Given the complexity and breadth of compliance activities and the extensive powers used by authorised officers, without effective oversight and accountability, neither department can gain the assurance it needs that its compliance responsibilities are being managed well.

DPI, and to a lesser extent DSE, are introducing stronger central governance and oversight to more efficiently align and oversee their regulation and compliance work, and provide assurance about this to secretaries and their deputies.

Overseeing compliance

DPI and DSE primarily rely on the general corporate governance processes to oversee compliance, with executive management and senior leadership teams in each department overseeing performance across all responsibilities. However, the information they receive across the compliance function provides only a fragmented or selective view of performance as:

DPI’s new Regulation and Compliance group was established in July 2012 to strengthen governance and oversight across its regulators as this has been weak. Prior to this, the compliance manager’s network and offence management unit had oversight of only some aspects of the compliance function across all regulators, such as training and enforcement. Of the regulators, only Fisheries Victoria had effective oversight across all of its regulatory activities.

DSE has central governance arrangements in place across its compliance functions— through its compliance steering committee since 2008, and more recently through designating the Port Phillip Regional Director to oversee compliance. However, little effective oversight occurs:

DSE has recognised that it needs to better oversee its compliance function. The compliance steering committee will have a stronger governance role and will report directly to the senior leadership team. The committee’s responsibilities will now include endorsing, monitoring and evaluating:

The committee should also consider overseeing the identification of high compliance risks and compliance performance measures through the corporate risk and performance management processes.

Accountability for compliance

DPI’s regulators are accountable for their performance in delivering their compliance functions and meeting legislative requirements through the service group strategy, business plans and standard operating procedures. It is not clear how they are accountable for achieving department-wide compliance objectives, because these have not been set, measured or reported consistently across regulators.

DSE has unclear lines of accountability for some aspects of its compliance performance and for others has not assigned accountability at all. For example:

The lack of clear accountabilities has impeded DSE’s ability to implement the statewide compliance strategy, drive a strong and consistent compliance effort across the department, and improve performance. The department is strengthening the compliance roles of its senior leadership team and compliance steering committee, and advised it is working to clarify lines of accountability.

2.4 Establishing a performance management system

A comprehensive performance management system provides assurance about whether a regulator has done what it said it would do and how effectively it is managing compliance with legislation, and contributing to corporate outcomes. Effective performance reporting is critical for transparency and accountability to those affected by regulation and the broader community.

A compliance performance management system can be established separately or as part of an organisation-wide performance framework and should contain the following elements:

DPI and DSE are not yet effectively measuring, monitoring and reporting on their performance in relation to their compliance functions, and the extent to which their compliance programs are achieving corporate outcomes. This is compounded by inadequate data capture and information management, particularly for DSE, which does not have a culture of requiring relevant compliance information to be recorded in a timely way.

2.4.1 Measuring and reporting performance

Regulators need to be able to measure how well they perform so that they can be confident about what they do well, identify areas to improve, and provide assurance about what they achieve.

Compliance measures

Many jurisdictions have acknowledged that while it is important, it can be difficult to develop relevant and appropriate measures to assess compliance performance. Some aspects can be easier to measure, such as how the level of risk changes over time, while others are challenging, such as the level of compliance or how compliance activities contribute to achieving organisational objectives and outcomes.

A mix of both numerical and descriptive measures is normally used to capture these aspects of performance.

DPI and DSE do not have the suites of relevant, appropriate and representative performance measures and indicators they need to be able to assess how well compliance risks are managed across the legislation they administer, or their contribution to corporate outcomes. For example neither has clearly linked:

At the corporate level, DPI only has performance indicators for fisheries and forests. The regulators each have a set of indicators for compliance, however, most are quantitative and are focused on what they do, not how well they do it or how doing it delivers the outcomes required. For example, measures are focused on the numbers of inspections and audits and meeting targeted levels for compliance. They rarely measure how effective these activities are, how they contribute to meeting outcomes and whether compliance with identified issues is improving over time.

DPI has identified that its performance measures for compliance activities require significant improvement. Fisheries Victoria has undertaken work in this area to develop better practice performance measures for its compliance activities. It has been working to improve its compliance performance measures since 2010, and has revised its budget output measures for 2012–13 in an effort to better reflect its effectiveness.

DSE does not have a corporate indicator of its compliance performance. Its statewide compliance strategy identifies four outcomes for DSE’s compliance function, including more efficient use of natural resources and an improved reputation for its compliance services. These are not aligned with any regional or divisional measures:

DSE does not report on its progress in achieving these outcomes and indicators, which is not surprising given that it has not determined how it will measure them, linked them to relevant targets or benchmarks, or collected the data needed to measure them. Its Forests and Parks, and Biodiversity and Ecosystem Services divisions are developing division-wide frameworks for measuring, monitoring, reporting and evaluating performance. These will need to include measuring the contribution of compliance activities to achieving divisional objectives and outcomes.

Compliance reporting

Each department’s compliance reporting is primarily focused on the activities delivered, rather than their quality of delivery and effectiveness in achieving legislative objectives and corporate outcomes.

Public reporting on compliance by both departments is largely through their annual reports, but this is usually focused on the quantity of activities delivered and does not support transparency, accountability or adaptive approaches because:

Internal compliance reporting is fragmented across a range of reports in both DPI and DSE. There is no central collation or analysis across all reports to assure senior management about compliance performance against regulatory obligations and corporate outcomes. In both departments, reporting to senior management is ad hoc and limited to providing information on significant breaches and major compliance operations, and with no guidance for staff on deciding what needs to be reported or how it should be reported.

The new, whole-of-department performance reporting framework DPI is planning should improve the way its regulators report on compliance performance.

2.4.2 Managing compliance data

DPI and DSE do not have centralised or consistent data collection for all compliance activities and it is not collated across all regulators (DPI) or regions and divisions (DSE). This limits their ability to centrally report, review and evaluate performance.

DPI’s regulators are currently improving their data capture and management, particularly through improvements to their data management systems. Fisheries Victoria has identified a range of data gaps and needs, and it must address these to support its intelligence-based approach to compliance, which relies on accurate, targeted and comprehensive information and data. Biosecurity Victoria and Earth Resources Regulation Division have not reviewed their data and information needs, which is crucial to effectively and efficiently delivering their compliance programs.

DPI’s new central Regulation and Compliance Group will be well placed to improve the compatibility of databases and consistency of data collection within and across regulators. This will improve collation and analysis of data at the regulator, divisional and corporate levels.

DSE has few systems for capturing compliance data and those it has, such as the intelligence and wildlife licensing databases, do not have complete and accurate information. Its work to improve this includes:

A first step for both departments should be to conduct a data and information gap analysis to determine:

DPI and DSE both manage their enforcement data well. DPI’s offence management data system—also used by DSE—is robust and allows for consistent and timely central data collection and management for enforcement, and for centralised collation, analysis and reporting.

2.4.3 Improving performance

DPI has a comprehensive evaluation framework. However, its current evaluation processes by divisions and regulators are not specific enough to measure the need to improve compliance programs, so the regulators have planned to conduct their own evaluations to supplement this. Earth Resources Regulation Division only partly considers effectiveness and Fisheries Victoria and Biosecurity Victoria have not yet finalised their evaluation approaches.

DPI’s Compliance Managers Network was established in June 2011, to achieve efficient, effective and consistent compliance outcomes for DPI’s regulators. It has a number of projects underway to meet this objective, including improvements to training and the systems, processes and tools supporting compliance.

DSE reviewed its compliance services in 2009–10, and the results were used to develop the statewide compliance strategy for 2011–15. However, neither the review nor the new strategy has improved DSE’s approach to compliance.

DSE has potential review mechanisms specific to compliance through its compliance steering and operations committees but it does not use these to conduct any systemic evaluation of what its compliance efforts achieve. There is also little regular analysis of compliance trends and how they link to compliance support and monitoring activities, which would indicate effectiveness.

Recommendations

  1. The departments of Primary Industries and Sustainability and Environment should strengthen their whole-of-department compliance frameworks by:
    • developing whole-of-department compliance policies and specific regulator policies, as appropriate, that meet better practice criteria—including describing education and enforcement approaches, and making relevant information publicly available
    • improving how they manage delegations—including maintaining current registers of delegations and Acts with compliance responsibilities, communicating expectations for managing delegations, and regularly assessing how well the delegations are used
    • transparently identifying and monitoring high compliance risks across all Acts and regulations, and reporting these to senior management
    • improving oversight and assurance of their compliance functions by better monitoring how they manage their compliance responsibilities—including through regular external review and, for the Department of Sustainability and Environment, by also assigning clear accountability for its compliance functions and the statewide compliance strategy.
  2. The departments of Primary Industries and Sustainability and Environment should establish department-wide compliance performance management systems that identify:
    • a core set of compliance outcomes
    • relevant, appropriate and representative compliance performance measures of effectiveness against the outcomes and compliance objectives
    • transparent internal reporting and balanced public reporting on compliance
    • targeted and reliable compliance data and information sets relevant to the performance measures, based on a data and information gap analysis.
[ Contents of this report | VAGO Home | VAGO Publications ]

3. Compliance activities

At a glance

Background

Regulators use a range of activities to support voluntary compliance and to deter and address noncompliance by those in the community affected by the legislation. These include advocacy and education, monitoring, investigation and enforcement. These activities need to be effectively prioritised and target the areas of greater risks.

Conclusion

The departments of Primary Industries (DPI) and Sustainability and Environment (DSE) do not comprehensively or transparently prioritise their activities across all their compliance responsibilities. They also need to improve how they manage the quality of their authorised officers’ work.

Findings

  • DPI’s regulators vary in how transparently they assess risks when they prioritise and plan their compliance work—only Fisheries Victoria does this well.
  • DSE has poor compliance planning. It has a process for prioritising compliance activities, but is not using it.
  • DPI has comprehensive procedures to support the quality of its work but DSE does not.
  • Neither department has an efficient and coordinated approach to recruiting, training or authorising its compliance staff and neither can adequately monitor levels of complaints and respond to them.

Recommendations

The departments of Primary Industries and Sustainability and Environment should improve how they:

  • prioritise and plan compliance work, across the departments
  • manage the quality of their authorised officers’ work and publish better practice departmental complaints policies.

The Department of Sustainability and Environment should improve its regional compliance planning and strengthen its management of wildlife and plant licences and permits.

3.1 Introduction

Regulators have a number of tools they can use to encourage compliance and deter and address noncompliance. These include advocacy and education activities to encourage voluntary compliance, through to monitoring compliance and prosecuting serious offences to deter and address noncompliance. These are likely to involve both planned activities, such as education campaigns and targeted compliance monitoring, alongside responding to compliance breaches or other incidents.

Regulators also need to assess whether, consistent with their policies and procedures, they are delivering their programs as intended. This relies on having the necessary recruitment, training and authorising processes for selecting the right staff, and processes for reviewing their performance.

3.2 Conclusion

Both the Department of Primary Industries (DPI) and the Department of Sustainability and Environment (DSE) use a range of compliance tools to actively encourage compliance and deter noncompliance, and can demonstrate examples where their efforts increase compliance levels and contribute to achieving compliance objectives.

With the exception of Fisheries Victoria, DPI does not comprehensively or transparently prioritise, plan or monitor compliance across all regulators. This reduces its assurance that it is targeting its efforts at the compliance issues that pose the greatest risk to achieving legislative objectives and corporate outcomes.

DSE’s prioritisation and planning for its compliance work is poor. While DSE is able to respond to potential issues that come to its notice, there is little assurance that other compliance risks are being identified and managed appropriately.

DPI uses work standards and procedures effectively to support its authorised officers in carrying out their duties, but DSE does not have the procedures needed to do this. Both need to improve how they make sure they have the right staff, with the right skills for the compliance role by improving the way they recruit, train and authorise staff, and manage complaints about compliance work.

3.3 Planning to deliver compliance functions

Planning how compliance functions will be delivered is an important part of translating compliance responsibilities into effective actions. Regulators need to identify their priorities for action, and target their activities and resources to these. They also need to select the right mix of compliance tools to manage these priorities, and the best timing, frequency and locations for using the tools.

DPI and DSE deliver a broad range of compliance work, including both planned activities, such as education and audits, and reactive activities such as investigations and enforcement responses. However, DSE rarely prioritises and plans its work. DPI does but its prioritisation processes are not all transparent. This diminishes the value of the departments’ compliance work, particularly for DSE.

3.3.1 Identifying compliance priorities

DPI’s regulators use risk-based approaches to prioritise their compliance work. Fisheries Victoria has a comprehensive and transparent process that involves analysing compliance intelligence, data and information, including information from its 24-hour offence reporting line (13FISH) to help target resources. It regularly assesses and evaluates its performance which makes its approach to compliance risks and resourcing responsive and adaptive.

Biosecurity Victoria and Earth Resources Regulation Division use risk-based approaches to identify compliance priorities, but these processes are not comprehensive or documented, and are not as responsive or adaptive to changing risks and resources. It is not clear how they use data and information analyses to prioritise activities and target resources.

DSE does not have sufficiently detailed, consistent or transparent compliance prioritisation and planning. Its statewide compliance strategy indicates that regions and divisions will plan their compliance activities through the corporate business planning process and regional compliance plans, however:

3.3.2 Planning compliance work

DPI’s regulators develop compliance plans through the corporate planning processes, describing the activities they intend to deliver. Those of Fisheries Victoria and Earth Resources Regulation Division have sufficient detail to describe the nature and frequency of activities, such as education programs and inspections. Biosecurity Victoria’s are not all well documented, lack centralised planning and do not differentiate Commonwealth compliance requirements from state requirements.

However, corporate processes applying to large parts of DPI, including Fisheries Victoria and Biosecurity Victoria, produce a complex range of planning documents, which hamper the transparency of their compliance planning. For example, Fisheries Victoria’s compliance objectives and activities are detailed across four separate plans and do not clearly cascade from the corporate strategy and business planning documents.

DPI is working to improve these corporate processes, which should simplify compliance planning.

Documented compliance plans and programs are rare in DSE. It has only isolated examples where a risk-based approach or any other clear prioritisation method has informed the decisions the different regions make about which compliance issues they will address, and how. This is despite its statewide compliance strategies including a risk-based process for doing this since 2008. Further, DSE does not have comprehensive and reliable compliance data to support effective prioritisation. As a result, its compliance work does not balance planned and reactive efforts as intended, is poorly recorded and is not reviewed in any systematic way to support continuous improvement.

The regional compliance plans are critical to getting a planned and targeted compliance approach up and running in DSE. The delays in developing them, and poor implementation of the statewide compliance strategies, raise concerns that DSE will not deliver quality regional compliance plans. DSE recently assigned the responsibility for endorsing and monitoring these plans to its compliance steering committee. Adequate resourcing will also be needed to develop plans that are soundly targeted, consistent and aligned with the corporate priorities.

DSE also needs to improve planning for implementing its 2011–15 statewide compliance strategy. The implementation plan for the first year identified an ambitious set of 22 objectives and 53 actions to be delivered but did not assign responsibilities for most of them or indicate the proposed timing and resourcing. There is no plan yet for 2012–13. DSE needs to prioritise the actions, and develop an achievable plan for delivering these over the life of the strategy, including responsibilities, resourcing, time lines and review.

3.4 Delivering compliance programs

Better practice compliance programs use a combination of activities for promoting and monitoring compliance, and responding to and deterring noncompliance. The best combination of these will depend on the type and significance of the compliance issue or risk being addressed.

DPI’s regulators generally have effective systems and approaches for implementing a range of activities that encourage compliance and deter noncompliance, including identifying and responding to noncompliance. DPI is now developing a department‑wide approach to coordinate and oversee these activities.

DSE has few effective systems and approaches for delivering its compliance activities.

3.4.1 Encouraging compliance

Regulators encourage voluntary compliance, or deter noncompliance, by explaining to the regulated community why compliance is important and how it can be achieved. This usually involves a range of activities such as providing information, education, training and advice to individuals, businesses, peak bodies and the broader community as appropriate. Licensing is also a way of controlling who can conduct higher-risk activities and managing how they do this.

DPI’s regulators use a range of educational and advocacy tools. Our examination of Fisheries Victoria found it has an effective, evidence-based approach to planning and targeting its educational and advocacy compliance activities to the issues and community groups where these will be most effective. For example, it assesses where and when in Victoria certain fisheries offences are recorded and targets education at fishers at those locations and times. It regularly analyses the results of these programs.

DSE implements a compliance communications strategy each year to support consistent approaches to community education and information activities. This does not include a clear rationale for how the communication priorities were selected or an assessment of how effective these are to guide the development of future strategies. DSE rarely documents how it identifies which issues or who in the regulated community it will target this way.

Licensing

Licensing provides a way for regulators to control high-risk activities, by restricting who is allowed to conduct certain activities and how they do them.

Neither DPI nor DSE has managed its licensing effectively, primarily because of poor information management.

DPI’s regulators have different systems for approving and managing the variety of licences they issue. Until recently, these systems have been fragmented and poorly managed, with problems such as insufficient investment in maintenance, ageing technology and poor data accessibility. This weakened their ability to monitor and manage licensees and reduced their efficiency in managing the data.

Biosecurity Victoria now has a mature database and continues to improve how it records, tracks and manages licences, audits, inspections and investigations. It has also strengthened links to other information systems such as those monitoring livestock identification and pest infestations. It does this through regular review and evaluation, including regular external quality assurance reviews.

Fisheries Victoria and Earth Resources Regulation Division have identified areas for improvement and introduced a new database in July 2012 to better capture, record and monitor their licences. The database is designed to enable electronic licence processing, integrate commercial and recreational fishing licences and better track licence applications, approvals and compliance monitoring activities.

It is too early to judge whether these changes will influence the way DPI manages licensing. Compliance staff should be supported to use these systems in a timely and accurate way through appropriate quality assurance processes that are regularly audited and reviewed.

The quality and usefulness of DSE’s licence and permit databases is inadequate. DSE cannot accurately quantify and track the number of licences, permits and authorisations it issues because:

In addition, neither database meets Victorian public sector information technology standards, or can be modified or enable electronic applications and renewals. In 2006 DSE started planning to replace the licence database. The project was delayed to consider linking the upgrade to other public sector information system improvements, until the decision not to link them was made in 2011. DSE has recommenced planning to replace it and incorporate the permit database into the new wildlife licensing system.

The quality and consistency of DSE’s processes for issuing wildlife and plant licences and permits varies greatly. It is difficult to measure the consequences of this because DSE does not monitor them adequately. DSE’s wildlife licensing is managed by a central licensing team, using a central licensing database. While the process is only partially documented, the small team knows the system well and works cohesively.

In contrast, plant and wildlife permits and authorisations for killing wildlife are issued by compliance staff across the five regions. This creates significant potential for inconsistency and until recently, there has been little guidance for them on how to address this. DSE introduced a flora permits policy in June 2012, providing regions with comprehensive and detailed guidance on managing the permits. It has not yet done so for the other permits.

3.4.2 Monitoring compliance

Monitoring activities are the principal mechanisms for measuring levels of compliance and detecting noncompliance. They provide a deterrent for people who believe they might be caught if they break the law. These activities can include audit programs, planned and reactive inspections, patrols and operations, and analysis of complaints and other information.

Both departments monitor compliance through patrols, inspections, audits and other activities, which vary significantly in who they target, the areas covered, investigation approaches and personnel involved. Across both DPI’s regulators and DSE’s regions, planned and reactive inspections are the main form of compliance monitoring.

DPI’s regulators vary in the extent to which they plan their compliance monitoring activities according to identified compliance priorities and risks. Both Fisheries Victoria and Earth Resources Regulation Division have transparent approaches:

The different groups within Biosecurity Victoria did not all demonstrate a risk‑based approach to identifying compliance monitoring priorities or have examples of regular, planned and targeted monitoring.

While each of DPI’s regulators collects a range of compliance monitoring data, only Fisheries Victoria transparently analyses and uses this information to inform its future compliance monitoring work.

DSE has few examples of monitoring compliance according to identified compliance priorities and risks. For example:

In addition, its lack of strong, risk-based assessments of compliance issues and priorities weakens DSE’s ability to make informed decisions about when and how to monitor compliance.

Instead, DSE’s compliance monitoring occurs predominantly as one-off investigations or operations in response to local knowledge, complaints and intelligence about potential noncompliance. These are designed to collect evidence for an enforcement action. Its approach to planning and managing operations is uneven and its operations are rarely aligned with, or informed by, an overall strategy for a particular compliance issue.

3.4.3 Responding to noncompliance

When noncompliance is identified or suspected, DPI and DSE officers may issue an improvement letter, infringement notice or warning letter based on an observed offence. They may also conduct further investigation to gather more evidence before issuing an infringement notice or warning letter, laying charges or deciding no further action is warranted. They can also refuse, amend, suspend or cancel licences in response to serious compliance breaches.

Guiding enforcement decisions

DPI applies the Office of Public Prosecutions’ prosecution guidelines and has whole‑of‑organisation policy and guidance on making decisions about which enforcement tool it should use. However, these list, rather than describe the tools and criteria. The regulators have additional guidance that expands on this, describing the enforcement tools and providing criteria for determining the appropriate enforcement option. Neither the departmental or regulator guidance provides criteria for escalating decisions, to make sure that issues of particular significance or complexity are decided at an appropriately senior level.

DSE also applies the Office of Public Prosecutions’ prosecution guidelines and has its own protocol on prosecution responsibilities and guidance for some enforcement decisions, such as issuing infringements and official warnings. However, it does not have comprehensive guidance for compliance officers in conducting enforcement responses. For example:

Reviewing enforcement decisions

Legal advisors within DSE and DPI review the evidence and the charges proposed by authorised officers for official warnings and prosecutions. Both also manage appeals against infringement notices. This provides a check that enforcement actions are being applied proportionately and consistently. DSE has a formal and systematic approach to these reviews and while DPI has a similar approach for prosecutions, its review role for warnings and infringements is not clearly defined or systematic.

Our examination of Fisheries Victoria showed enforcement actions for major offences—commercial marine fisheries—are consistent, proportionate to the offence and appropriate to the level of risk. Enforcement decisions for minor offences related to recreational fishing are not always consistent—for example, different authorised officers make different decisions about whether to issue a warning letter or infringement notice, which carries a fine, for an identical offence. In the cases examined, there was no rationale or extenuating circumstances documented that would justify the use of different tools—warning or infringement—for the same offence, such as fishing in a marine park sanctuary or not having a recreational fishing licence.

While it is appropriate that authorised officers have discretion in enforcing less serious offences, they still need to make these decisions consistently. DPI has started developing criteria and training to guide officers in determining the most appropriate enforcement tools to be used for a range of offence scenarios.

Imposing licence sanctions

DSE has a process for amending, suspending, cancelling or refusing wildlife licences as needed in response to serious offences. The nature of the breach and history of the offender are considered and the rationale for sanction decisions is clearly documented. However:

DSE rarely uses these sanctions. Authorised officers are primarily responsible for initiating sanctions but in the six years to 2011, 18 licensees were recommended for review, with 16 receiving sanctions. This is despite the 2003 guideline identifying many offences that could warrant the minimum sanction of a three-month suspension of the licence, permit or authorisation.

DSE has a new policy for flora permits that provides clear guidance to support enforcement and sanctions. No issues have warranted permit sanctions in the past 10 years, although there are few processes for detecting issues.

Like DSE, Fisheries Victoria has the power to impose licence sanctions. It has current procedures for applying sanctions. In accordance with these procedures, it documents the rationale and evidence for its decisions. Fisheries Victoria uses these sanctions rarely—five licence sanctions were applied between 2007 and 2012. The Fisheries Act 1995 also establishes a Licensing Appeals Tribunal to adjudicate on appeals against fishery licence sanction decisions.

3.5 Managing the quality of compliance work

Regulators need to match staff skills and experience to their operational requirements, and this is usually done through a mix of recruitment, training and retention strategies. To make this effective, the regulator also needs to document the standards and procedures its staff will use in deploying their skills and experience to address high-risk aspects of their job, such as exercising compliance powers.

These mechanisms, along with review processes, are used to support the controlled, consistent and transparent application of powers across the organisation by officers who have been officially authorised to use them.

DSE, and to a lesser extent DPI, need to better manage the quality of their compliance work and address issues such as poorly coordinated training, inconsistent authorisation processes, limited review of work practices and inadequate complaints management. These reduce the efficiency, consistency and transparency of their compliance efforts.

3.5.1 Setting work standards and procedures

High-risk or high-cost activities require clear, documented work standards and operating procedures to achieve consistency, and provide a benchmark for assessing the quality of delivery. These describe how the regulator expects its compliance work to be carried out, including, for example, managing occupational health and safety during inspections, and issuing infringement notices. Better practice requires good document control and accountability for developing and maintaining the standards.

DPI’s regulators have comprehensive compliance standards, procedures and templates. Fisheries Victoria recently updated its standards procedures and templates, but Biosecurity Victoria and Earth Resources Regulation Division do not regularly review and update theirs, so there is a risk that it will not be clear to staff which practices they should be following.

For some compliance activities, such as executing search warrants and managing complaints, each regulator has separate procedures even though the activities are common to all regulators. This unnecessary duplication of processes increases the potential for inconsistent practices and should be addressed by identifying a core set of compliance standards and procedures across regulators.

In contrast to DPI, DSE has minimal standards, guidance and processes to guide its staff in fairly and effectively enforcing compliance. It has 10 business rules, with six focused on occupational health and safety. None address how to conduct inspections and operations, manage complaints or manage seized property. Regions occasionally develop their own business rules. This is undesirable, as there is no central control to check whether they meet organisational and legislative requirements.

Given that DSE has staff in five regions across the state implementing the same legislation, a comprehensive current set of compliance standards and processes is essential for fair and consistent compliance work.

3.5.2 Recruiting, training and authorising compliance staff

Authorised officers have a range of powers over citizens and their property. Given this, regulators need to authorise the right people and train them well. This requires:

Neither department has a unified approach for recruiting compliance staff or centrally planned, controlled and consistent training and professional development for all authorised officers. This threatens each department’s ability to develop the capacity and expertise of existing compliance officers, maintain a pool of officers who can respond to the diverse compliance needs, and have effective succession planning.

Recruiting and training compliance staff

DPI and DSE do not have whole-of-department approaches for recruiting compliance staff—for either internally or externally advertised positions—even though authorised officer roles have similar core skills, competencies and capabilities.

DSE requires a national police check for staff new to the organisation and DPI is planning to require this. However, only DPI’s Fisheries Victoria’s position descriptions and recruitment processes specify comprehensive suitability requirements. These include psychological, personality, physical and competency testing.

DPI and DSE need to identify the core suitability requirements for their authorised officers and include these in position descriptions and recruitment processes, similar to Fisheries Victoria’s approach.

DPI’s regulators have some comprehensive training programs but neither DPI nor DSE has planned, controlled and consistent training and professional development across all authorised officers. Deficiencies in their approaches include:

DPI is now establishing the core competencies required by authorised officers across the organisation and has recently reviewed its basic authorised officer training course.

DSE’s 2011–15 statewide compliance strategy identifies the need to continually grow the capacity and expertise of existing compliance officers. However, it has not assessed what levels of skills it requires across the department, or developed a strategy for using training and succession planning to reach and maintain these levels.

Authorising staff and reviewing work practices

DSE’s authorisation processes are centrally managed, including the authorisation sign‑off process. DPI’s are conducted by the regulators but vary in the levels of seniority delegated to sign off on authorisations, as DPI does not have a consistent position on the appropriate levels of seniority needed for different authorisations.

DSE has a register of its authorised officers and their authorisations, but does not regularly update it. DPI has recently developed a comprehensive register. Both need to review these regularly, to support accountability for exercising their legislative powers.

DPI and DSE have ineffective assessment and assurance over how well they support their authorised officers and manage their work and conduct, even though each has central compliance support groups that should be doing this. Recent internal reviews in both departments identified similar concerns that some authorised officers have insufficient understanding of the legislation, their powers and responsibilities, and the standards guiding their work. The reviews also identified that there are uneven skills across each department.

Its dearth of documented processes and systems makes it harder for DSE to assess the quality of the compliance work, and manage staff performance. DSE risks operating unfairly or ineffectively, or undermining public confidence by sending inconsistent signals about its attitude to compliance.

3.5.3 Responding to complaints

Better practice in complaints management requires a transparent and accessible complaints management process, with a publicly available policy and a central register for recording complaints and monitoring complaints data.

Neither department’s complaints management system meets the better practice guidance outlined by the Victorian Ombudsman in 2007. In particular, they do not have publicly available complaints management policies, central complaints registers or reliable complaints data.

The Ombudsman receives few complaints against DPI and DSE officers. Both DPI and DSE also indicated they receive few complaints against authorised officers or about their compliance practices but their assessment is not based on robust information, as:

Authorised officers wield considerable power. Without a clear and transparent process for capturing, addressing and reviewing complaints there is a risk of not detecting and managing consistently any inappropriate use of powers. Furthermore, there is the potential that not all complaints are reported, because without a public policy, complainants may not know how to effectively raise issues.

Recommendations

  1. The regulators within the departments of Primary Industries and Sustainability and Environment should:
    • rigorously and transparently prioritise and plan their compliance work under all relevant Acts
    • regularly and systematically review how consistently and objectively they conduct all types of enforcement actions.
  2. The Department of Sustainability and Environment should:
    • develop and implement regional compliance plans that are risk-based, soundly targeted, consistent and aligned with corporate priorities and the statewide compliance strategy
    • develop an achievable, detailed plan for delivering its statewide compliance strategy, and implement it.
  3. The Department of Sustainability and Environment should strengthen its management of wildlife and plant licences and permits by:
    • upgrading the wildlife and plant licence and permit systems without further delay
    • requiring staff to record all relevant information in the systems, such as licensee inspections and interviews, and periodically reviewing how they use the systems
    • accurately recording the number of licences, permits and authorisations it issues, and making this information publicly available
    • reviewing its policy on using licence conditions and sanctions as a response to noncompliance.
  4. The departments of Primary Industries and Sustainability and Environment should identify and centrally document core processes for managing the work standards, recruitment, training and authorisation of compliance officers and central systems for coordinating and reviewing these activities.

  5. The departments of Primary Industries and Sustainability and Environment should each:
    • develop and implement a whole-of-department, better practice complaints management policy and training
    • publish the policy on its website
    • record all complaints in a central register(s), monitor complaints data and use this information to improve regulatory policies and processes.
[ Contents of this report | VAGO Home | VAGO Publications ]

Appendix A. Acts conferring compliance responsibilities

Department of Primary Industries

Acts administered by the Department of Primary Industries that give it compliance responsibilities

Agricultural and Veterinary Chemicals (Control of Use) Act 1992

Domestic Animals Act 1994

Fisheries Act 1995

Geothermal Energy Resources Act 2005

Greenhouse Gas Geological Sequestration Act 2008

Livestock Disease Control Act 1994

Livestock Management Act 2010

Mineral Resources (Sustainable Development) Act 1990

Offshore Petroleum and Greenhouse Gas Storage Act 2010

Petroleum Act 1998

Pipelines Act 2005

Plant Biosecurity Act 2010

Prevention of Cruelty to Animals Act 1986

Stock (Seller Liability and Declarations) Act 1993

Sustainable Forests (Timber) Act 2004

Victorian Plantations Corporation Act 1993

Acts administered by the Department of Sustainability and Environment under which the Department of Primary Industries has significant compliance responsibilities

Catchment and Land Protection Act 1994

Wildlife Act 1975

Acts administered by other agencies that give the Department of Primary Industries compliance responsibilities

Alpine Resorts (Management) Act 1997

Coastal Management Act 1995

Conservation, Forests and Lands Act 1987

Crown Land (Reserves) Act 1978

Environment Protection Act 1970

Firearms Act 1996

Fisheries Management Act 1991 (Commonwealth)

Fisheries Management Act 1994 (New South Wales)

Fisheries Management Act 2007 (South Australia)

Flora and Fauna Guarantee Act 1988

Forests Act 1958

Heritage Act 1995

Heritage Rivers Act 1992

Historic Shipwrecks Act 1976 (Commonwealth)

Historic Shipwrecks Act 1981 (South Australia)

Land Act 1958

Land Conservation (Vehicle Control) Act 1972

Living Marine Resources Management Act 1995 (Tasmania)

Marine Act 1988

National Parks Act 1975

National Parks and Wildlife Act 1974 (New South Wales), under the Protection of the Environment Operations Act 1997 (New South Wales)

Reference Areas Act 1978

Road Safety Act 1986

Royal Botanic Gardens Act 1991

Safety on Public Land Act 2004

Water Industry Act 1994

Zoological Parks and Gardens Act 1995

Department of Sustainability and Environment

Acts administered by the Department of Sustainability and Environment that give it compliance responsibilities

Catchment and Land Protection Act 1994

Coastal Management Act 1995

Conservation, Forests and Lands Act 1987

Crown Land (Reserves) Act 1978

Flora and Fauna Guarantee Act 1988

Forests Act 1958

Land Act 1958

Land Conservation (Vehicle Control) Act 1972

National Parks Act 1975

Safety on Public Land Act 2004

Wildlife Act 1975

Acts administered by other agencies that give the Department of Sustainability and Environment compliance responsibilities

Environment Protection Act 1970

Environment Protection and Biodiversity Conservation Act 1999 (Commonwealth)

Firearms Act 1996

Marine Act 1988

Planning and Environment Act 1987

[ Contents of this report | VAGO Home | VAGO Publications ]

Appendix B. Audit Act 1994 section 16—submissions and comments

In accordance with section 16(3) of the Audit Act 1994 a copy of this report was provided to the departments of Primary Industries and Sustainability and Environment with a request for submissions or comments.

The submission and comments provided are not subject to audit nor the evidentiary standards required to reach an audit conclusion. Responsibility for the accuracy, fairness and balance of those comments rests solely with the agency head.

RESPONSE provided by the Secretary, Department of Primary Industries
RESPONSE provided by the Secretary, Department of Sustainability and Environment
[ Contents of this report | VAGO Home | VAGO Publications ]