A good control framework includes benchmarks for performance and mechanisms that enable CM units, regional command and executive management to understand how RSO management is working by providing visibility of performance issues and emerging risks. It also requires fit‑for‑purpose and reliable systems for staff to effectively fulfil their roles.
These governance elements are necessary to assure Victoria Police that its management of RSOs is effectively mitigating risk.
Victoria Police maintains the Sex Offenders Register across various information technology (IT) systems that do not properly support its business needs. Managing information across different systems creates considerable additional work and the risk of missing and inconsistent data. It does not let police members easily generate reports or more detailed analysis. In addition, completing trend analysis takes considerable effort.
Operational and steering committees, with membership from various parts of Victoria Police, go some way to addressing the line management gap outlined in Section 2.2. However, they do not fully overcome it. These committees track and oversee operational data but cannot mandate decisions across business units on issues like consistent governance and resourcing, which means that these risks remain.
Victoria Police's recent move towards measuring more complex information on breaches and recidivism is good, but it cannot yet compare the impact of different compliance management approaches to understand what works best. It has, however, initiated a project to improve CM resourcing and is seeking to increase the profile of RSO management across the organisation so that risks are better managed.
RSO management is complex and it is difficult to define what operational success looks like. Unless Victoria Police establishes a way to accurately measure and compare compliance management performance, it will not know how well it is managing RSOs.
3.2 Systems used to manage RSOs
A good IT system can facilitate efficient and effective RSO management by accurately recording, monitoring and reporting on related issues.
The Sex Offenders Register
Various databases and systems make up the Sex Offenders Register, as shown in Figure 1F. The SOR unit advises that the multiple systems came about because its methods for storing RSO information evolved over time to suit needs as they arose. Victoria Police advises that each of the systems it uses serves a specific purpose, but none of them have the functionality to conduct all the activities required for the management of RSOs under the Act and that the systems are not integrated with each other.
The SOR database was created to store the key RSO information that Victoria Police must collect under the Act. As staff in the SOR unit have begun to record information in other systems—such as the national system described below—they no longer need to duplicate the information in the SOR database. The incomplete fields meant we could not complete meaningful analysis on the SOR database.
The SOR unit advises that it intends to render the SOR database obsolete as it transitions to recording more information in the National Child Offender System (NCOS). However, this will require Victoria Police to arrange for sufficient reporting functionality from NCOS, which has proved difficult.
National Child Offender System
NCOS is the national system to record and share RSO information across Australian jurisdictions and is administered by the Australian Criminal Intelligence Commission (ACIC). Victoria Police began inputting its RSO information into NCOS in 2005. However, there are issues with fully transitioning from the SOR database to the NCOS system.
Despite the SOR unit's attempt to use NCOS as its primary system for recording RSO information, its structure is not ideal for Victoria. Each state has different requirements for the information it must collect, and Victoria Police has to negotiate and make formal requests to have any changes made to the functionality of its part of NCOS.
This means that NCOS does not always have a field specifically for the information that the SOR unit is required to maintain. In some instances, the SOR unit has stored information in free text fields designed for other information because it is the only place it can put it.
In its 2018 report, IBAC commented that the way that Victoria Police stores information in NCOS is not always straightforward. Regular amendments to the Act, which change RSO and police obligations, also impact Victoria Police's ability to ensure that NCOS remains fit for its specific purposes. This requires ongoing negotiation with ACIC to accommodate.
Inability to extract reports in a usable format
As ACIC administers NCOS, Victoria Police cannot extract information from the database in a format that is easy to analyse. Victoria Police is working with ACIC to develop a fit-for-purpose reporting tool that can extract data from NCOS and be interoperable with Victoria Police systems.
This project has been underway for four years. It has been difficult to finalise due to complexities with making system changes for Victoria Police while not negatively impacting interstate users. For this reason, ACIC needs to consult with those users before implementing any changes, which is a slow process.
Interpose is used across Victoria Police as an investigation case management tool. The SOR unit and CMs use Interpose to record information about the transactional management of RSOs and to store relevant documents.
CM activity needs to be accurately recorded in Interpose to give a complete picture of a CM's management of each RSO. For example, CMs should record information about any interactions with RSOs, such as home visits. They also use it to save documents such as OMPs, risk assessments, updated RSO details and information about any investigations that RSOs may be subject to.
Replacement of Interpose in 2020
IT support for the Interpose system is due to expire in 2020 and Victoria Police is yet to finalise arrangements for its replacement. Victoria Police must ensure that the system that replaces it has case management functionality to manage offenders and investigations and make recording and monitoring of compliance activities more efficient.
Impact of IT arrangements on RSO management
Time cost for data entry and checking consistency
The SOR unit is responsible for maintaining the Sex Offenders Register and for ensuring that the details are consistent across all systems. IBAC's monitoring role for the register includes a crosscheck of data consistency across systems.
Victoria Police manages RSO information across multiple systems, which impacts the quality of the information and members' ability to effectively use it. At the most basic level, CMs and the SOR unit spend a considerable amount of time manually inputting data to maintain and update the various systems. Some information is duplicated across multiple systems. In addition to being inefficient, this introduces potential for errors or inconsistencies.
A full-time staff member in the SOR unit is responsible for quality checking to ensure that the data across the different systems is consistent. This person conducts regular checks and audits of the data.
The fact that information exists across several systems increases the burden of both IBAC's monitoring role and quality checking by the SOR unit.
Inefficiencies in reporting
A significant limitation resulting from Victoria Police's use of multiple systems to record RSOs' information is its impact on reporting. Victoria Police does not currently have unrestricted access to its information stored in NCOS, despite using it as one of the main systems for storing its RSO information. The information that it can extract is not in a format that can be easily analysed. The SOR unit must manually collate NCOS data with data from the other various sources to generate the monthly ROMOC report and calculate the results for each region and division manually.
The project to negotiate with ACIC to create a reporting tool in NCOS has now reached the User Acceptance Testing phase, but has been significantly delayed, which means that the current approach to data analysis remains cumbersome and manual.
Manual case management in Interpose
Victoria Police advise that Interpose is not a well-functioning case management tool and that members must still use other means, such as spreadsheets and calendars, to track action items and case-manage RSOs.
All CM units that we visited confirmed that they use a combination of spreadsheets, calendars, diaries and whiteboard lists to keep track of required actions for their RSO files, such as scheduled visits and annual interviews. These varying practices create the risk of inconsistency, and because they are manual, they increase the chance of error.
Inconsistent usage and inefficient reviews of RSO management
Each RSO has at least one folder in Interpose, but it can be difficult to locate a specific RSO's information. Within Interpose folders, the structure for saving files varies greatly between units. Some units set up a consistent file structure to ensure documents of the same type are in the same place and information is recorded consistently, while others do not.
Inconsistent usage creates difficulty in understanding a CM's management of an RSO. This is particularly important when a CM's management is under review—for example, when an RSO reoffends and it is necessary to understand whether annual interviews had been conducted or an OMP had been properly drafted and implemented. Due to these issues, there is also no way for the SOR unit to effectively oversee or monitor the implementation of these tasks.
Inconsistent access controls
Interpose allows Victoria Police to control which members have access to specific files. However, as Victoria Police does not have a consistent way of structuring folders and access levels in Interpose, RSO files may be accessed by members who are not routinely conducting the CM role.
Effect on data quality—results of our data testing
We assessed the completeness and accuracy of RSO-related data across the SOR database and LEAP.
We worked through the results with Victoria Police and are satisfied that the data consistency between the SOR database and LEAP is good and the small amount of inconsistencies do not negatively impact RSO management, due to the use of unique identifiers. Unique identifiers are unique numbers assigned to identify each individual who has interacted with police. Through the use of these, Victoria Police can trace each individual's involvement with various incidents. Appendix B lists full results of the testing.
3.3 Monitoring and reporting
Heads of CM units report monthly to their line manager on the status of their work. These reports are brief and contain information on:
- numbers of RSOs per risk rating
- numbers of breaches and reoffending
- outstanding OMPs, annual interviews and whereabouts investigations.
'Whereabouts' is a flag that can be added to a person's records to indicate to other police that a member wants to make contact with the person. CMs may use this if they need evidence for an RSO's change of information
Some units supplement this information with their own customised reporting. The line manager must validate the information contained in the monthly reports. However, what happens to the information in these reports and how it is used beyond this step is unclear. CMs we interviewed, survey respondents, and the SOR unit were not able to provide detail on any further use of these reports—it appears that above this line manager level, the reporting process stops.
Our findings are echoed in a 2016 Victoria Police internal audit of monthly inspection reports that found that ownership and governance of station compliance has not been clearly defined and communicated across the organisation. It also found lack of clarity regarding who is responsible for monitoring and reporting on compliance across the state. The recommendations from this audit were not implemented. Instead, Victoria Police advised that another internal audit, which is currently in draft stage, has superseded the 2016 audit.
Further, the information reported in these monthly inspection reports is already recorded and reported in the ROMOC reports. The SOR unit sends the ROMOC reports to the CM units in the Regional Commands so that they can monitor performance across the regions. As such, there is an unnecessary duplication of reporting.
Monitoring and reporting by the SOR unit
Monthly reporting on operational data—ROMOC reports
The ROMOC reports contain key operational data, such as:
- numbers of RSOs
- breaches and reoffending
- outstanding RSO annual interviews and OMPs.
This information is broken down by region and division.
The reports are published as PDFs and are a snapshot of the month. As such, they contain limited analysis of performance in the various categories over time. Some categories show whether a result has increased or decreased from the previous month, but there is no detail on the degree of increase or decrease, or any trends over longer periods. As the SOR unit has collated this information over several years, it would be more useful if this data could show trends over time and whether any changes are statistically significant.
The reports are created for and discussed by ROMOC, which is how they got their name. They are also sent to the CM units in the regions, but CMs that we spoke to note that the report is already approximately two weeks old when they receive it and therefore not useful to them. Improving the timing of the report so that they are more useful to CM units could avoid the need for the duplicated reporting described above.
Analysing breach data
The SOR unit presented a brief at the December 2018 ROMOC detailing breaches over the 18-month period from 1 January 2017 to 30 June 2018 using LEAP and internal data held by the SOR unit. The brief examined the number of breaches per region and how it compared with the number and risk rating of the RSOs managed by that region. The purpose of the brief was to determine if any specific relationships across the data sets that contributed to anomalies in breach numbers between regions could be identified.
The brief stated that:
- high-risk RSOs accounted for 17 per cent of the RSO population and 34 per cent of breaches
- medium-risk RSOs accounted for 21 per cent of the RSO population and 27 per cent of breaches
- low-risk RSOs accounted for 59 per cent of the RSO population and 37 per cent of breaches
- RSOs who are not risk-assessed accounted for 3 per cent of the RSO population and 2 per cent of breaches.
Using these percentages, the brief concluded that breach rates of RSOs are in line with their risk assessment for sexual reoffending. However, it is not possible to calculate the actual breach rate by risk rating from the numbers in the report. This is because the report only shows the percentage of RSOs within each risk rating and the percentage of breaches within each risk rating and it is not possible to calculate the breach rate using only the percentage—it is necessary to have the actual number of RSOs and breaches.
It also found that:
- North West Metro region had 30 per cent of the total breaches contained within LEAP over the 18-month period; however, as of June 2018, it managed 25 per cent of RSOs in the community
- Eastern Region accounted for 21 per cent of total breaches yet managed 28 per cent of RSOs in the community
- Southern Metro accounted for 21 per cent of breaches and managed 21 per cent of RSOs
- Western Region accounted for 28 per cent of breaches and managed 26 per cent of RSOs.
The brief draws out specific units that are processing either a higher or lower percentage of breaches than the percentage of RSOs reporting in their area. While this information may be useful, it is not clear what its purpose is, or how it is to be used and analysed further.
Overall, the move towards analysing breach data is a step in the right direction, however, we are not able to draw conclusions as to the efficacy of RSO management across the different regions or units from this analysis.
After this brief, ROMOC requested further information on breaches. This analysis is currently underway, and it will compare a proposed new survey of CMs conducted by Victoria Police with analysis of Interpose data.
ROMOC monitors a reoffending spreadsheet, which is designed to provide information about the dynamic risk factors relevant to RSOs who have been charged with new sexual offences in the month prior to that ROMOC meeting. The spreadsheet details the reoffence, presence or absence of a tailored OMP, and CM engagement/proactive risk mitigation.
If an RSO reoffends, this prompts the SOR unit to review the Interpose folder. The aim is to review the offender's risk assessment and the adequacy of the OMP. However, the only capacity the SOR unit has to monitor whether the strategies in the OMP were addressed is through the comments in the Interpose folders, which sometimes do not provide a clear picture due to issues surrounding the capacity of CMs to complete this administrative step. Any information that is known about the RSO's management is included in the spreadsheet and noted for discussion and consideration at ROMOC.
In February 2019, ROMOC members identified the need to be able to identify consistent regional trends and issues inherent in the reoffending. For example, relationship breakdowns and transiency have been identified as markers for further offending, but there is no easy way to collate this information. Victoria Police advises that analysing this data is a time-consuming, manual task.
However, the SOR unit advises that it is planning to look at six months of data to get a broader overview of trends and patterns. It also notes its intent to look at the reoffending data regularly to provide updates to ROMOC.
Managing RSO reoffending risk using predictive modelling
Victoria Police has recently taken steps towards improving its ability to assess RSO risk. The SOR unit is developing a tool to further nuance the risk assessment process by considering additional factors that may influence an RSO's likelihood to reoffend in order to highlight those of highest risk. They are using a type of predictive modelling known as a random forest algorithm to predict RSOs' increased likelihood of sexual offending in the coming 12 months by analysing a range of factors captured in LEAP records, such as:
- time since the RSO's first sex offence
- time since the RSO's last sex offence
- number of distinct sex victims
- existing charges made against the RSO for any crime, both prior to and post becoming an RSO
- breaches of reporting obligations committed by the RSO
- number of addresses on LEAP and number of address moves
- LEAP warning flags that indicate previously identified medical or mental health conditions, or violent, psychotic or suicidal behaviour
- involvement in other LEAP event records such as bail, intervention orders (complainant or respondent) or family violence (perpetrator, affected family member or other involvement).
- To enable the model to look for and identify patterns that may suggest an increased risk of reoffending, it considers various subsets of the dataset, each with a different combination of factors. This allows for circumstances in which one factor may not be indicative by itself but may be so if other factors are also present. By considering different combinations an immense number of times, it creates a robust model without human preconceptions as to what might be indicative of RSO offending.
- As part of our own analysis of RSO data, we considered some variables recorded against RSOs to explore whether there were any in particular that were indicative of a higher likelihood to reoffend. Our analysis—completed with a more limited set of factors— found that a higher number of non-sexual criminal offences committed by an RSO correlated with a higher likelihood of them sexually reoffending. Criminal offending is one of the factors included in Victoria Police's model.
- The SOR unit intends to continue to add factors to their model, including data relating to an RSO's time in custody and data captured in the other systems used to record RSO information.
Tasking and coordination is the process used to determine Victoria Police's key risks and priorities for response. It begins at the statewide level and flows down to the priorities of police regions and divisions. Tasking and coordination creates accountability—priorities identified as part of the process are reported on to senior management.
The Offender Management Team is currently using the predictive modelling in conjunction with the existing risk assessment tools that determine the high, medium or low-risk ratings. These are longstanding and well-validated tools, and the predictive modelling does not replace them, but aids in the discussion around RSOs' risks at tasking and coordination meetings. The output of the predictive tool can be used to prioritise the highest risk RSOs for further discussion with the CM and additional proactive targeting. This is beneficial because it allows the SOR unit to assess—and inform the CMs of—the highest risks among the total population of high-risk rated RSOs.
The SOR unit runs the analysis across the population of RSOs every two weeks. As use of the tool is still in its initial stages, the SOR unit has yet to ascertain whether the risk levels determined by the model highly correlate with RSO reoffending in practice. If it determines over time that the correlation is high, the SOR unit intends to reconsider the use of the model in the context of its overall risk rating framework.
Central tracking of annual interviews and OMPs
The SOR unit can track whether annual interviews and OMPs are outstanding and reports this information in the ROMOC reports and communicates it to the CM units in question. However, there is no central and systematic tracking of the quality of OMPs or whether actions identified in them are implemented, as discussed in Section 2.6.
Inconsistent scrutiny of RSO management
Each region has an audit unit that conducts assessments of compliance and management practices at the work unit level to identify opportunities for improvement. They are an integral component to identify continuous improvement opportunities for operational unit managers. The regional audit units evaluate management inspection and reporting processes against legislative and policy requirements.
We asked all the regional audit units for all audit reports on RSO management from 2017, 2018 and 2019. We received the following responses:
- Western Region—nine audits in 2017; nine audits in 2018; no audits in 2019 to date
- Eastern Region—seven audits in 2017; no audits in 2018; no audits in 2019 to date
- North West Metro Region—no audits of the RSO management function since 2017; some review of RSO Interpose files as part of the overall review of Interpose files
- Southern Metro Region—no audits of the RSO management function since 2017; some review of RSO Interpose files as part of the overall review of Interpose files.
Overall, scrutiny of the RSO function by the regional audit units is very inconsistent. Not only did some audit units appear to not audit the RSO management function at all, but the reports we received varied significantly in depth and scope, with the Eastern Region's reports being more detailed than other regions.
We also asked for management responses or ways in which issues identified in these audits are tracked for implementation. No regional audit unit provided a management response because management did not provide any official management responses to the audit units. Only the Eastern Region's reports contain information on audit action plans in which unit management must detail proposed actions against compliance issues. Nevertheless, it appears the Eastern Region does not systematically verify recommendation implementation, with the audit unit providing only one example of implementation tracking for a division (through a series of emails). As such, there is an overall risk that issues identified through regional audit units are not consistently or appropriately fixed.
Improvement program by the SOR unit
The SOR unit identified this lack of consistent scrutiny and is working with regional audit units to create standardised practices. It has developed a template for use by regional audit units, which is currently being trialled by one regional audit unit. If the trial is successful, the template will be rolled out across the regions. The template includes questions such as:
- Have all CMs completed the relevant training provided by the SOR?
- Where an offender reports a change of details, is a receipt issued to the offender within seven days as required by Section 25 of the Act?
- Do RSOs with a risk rating of medium or high, or RSOs identified by the Offender Management Team as requiring an OMP, have a current OMP which is uploaded to Interpose?
- Do the OMPs contain achievable, specific and measurable intended actions?
- Have the intended OMP actions been carried out and a comment added in Interpose?
The template is a step in the right direction and should help to improve consistency. However, it could be improved by including an assessment of whether the OMPs adequately address the key risks identified by an RSO's risk assessment.
There is no guidance on the number of units to audit annually or the criteria against which to choose them. Further, the processes should include a method to identify improvement opportunities and track implementation.
Oversight by operational and governance committees
Two main operational and steering committees provide operational oversight and direction of the RSO management function. Figure 3A outlines the memberships of these committees.
These committees go some way to addressing the line management gap because they pull together relevant members from various parts of Victoria Police and track and oversee reports on key operational data. However, they cannot overcome the other deficiencies identified in the control framework. For example, the committees cannot mandate consistent practice and structures across CM units or allocate resources to the CM function. Therefore, while the stated purpose in the VPM is 'to provide a governance framework that ensures appropriate management of RSOs', the committees do not fully achieve this task.
Governance committees for managing RSOs
Source: VAGO, based on information provided by Victoria Police.
Regional Offender Management Operations Committee
ROMOC, which is attended by members of Victoria Police Executive Command, includes key members of the SOR unit, as well as the Regional Operational Support Superintendents. Its stated purpose is to:
- provide a governance framework within Victoria Police that ensures appropriate management of RSOs
- oversee the implementation and adequacy of all sex offender management training in Victoria Police
- provide operational oversight of the management of RSOs
- engage with relevant stakeholders and provide advice to Victoria Police's executive on issues relating to sex offender registration.
ROMOC reports to the Serious Offender Management Steering Committee (SOMSC) in relation to its activities and relevant operational matters. The committee meets monthly and discusses the monthly ROMOC report.
Our review of ROMOC minutes reveals active discussion and good questioning of the ROMOC report. Recently, ROMOC has also commissioned more detailed reporting on breaches.
Serious Offender Management Steering Committee
The Assistant Commissioner Intelligence and Covert Support Command and the Deputy Commissioner Specialist Operations attend SOMSC, providing the executive branch some visibility and control over RSO management and thereby partially mitigating the line management gap. SOMSC also includes members from the SOR unit and other key personnel, and the committee invites an independent senior member from the Regions to observe each meeting.
The purpose of SOMSC is to oversee ROMOC in relation to its relevant operational matters, direct action items to ROMOC and oversee project plans, budgets, risks and issues.
SOMSC meets six times a year. Our review of minutes reveals that it actively reviews the ROMOC reports. While there is evidence that SOMSC receives updates on the work to review the operational model (discussed in Section 2.8), there is no evidence that it discusses in detail key risks affecting RSO management, such as the variation in governance structures and the level of resourcing of the CM role. Given SOMSC's specific purpose is to oversee risks and issues, this is a gap in its oversight role. The committee should be fully aware of these risks and explore options to address them.
Issues in overall monitoring and management
Reactionary and ad-hoc attention to risk
We received consistent feedback in the survey results and in our discussions with CMs that Victoria Police does not consider RSO management an organisational priority. CMs spoke about how despite the general lack of resources and attention the organisation provides to RSO management, if something goes wrong, it is the CM's job that is 'on the line'.
CMs accept that scrutiny over the prior management of a reoffending RSO is appropriate and to be expected. However, they reiterated that Victoria Police knows that the CM role is under-resourced, but that this would not be considered a legitimate excuse for failing to comply with OMPs should an RSO reoffend.
Survey respondents recounted similar experiences. One CM stated that 'organisational, regional and divisional priorities prevent resources being injected into this field. The risk of RSOs reoffending is real and this is the only time some management have any interest in what the unit does/has done. The interest only comes when the offending occurs'.
RSO management identified as an organisational risk
Victoria Police cannot be sure there is sufficient staffing for the CM role.
As part of their annual planning cycle, Victoria Police produce a State-Wide Community Safety Profile, which examines the community safety environment for the upcoming year. The annual assessment identifies priorities to feed into the internal organisational risk management processes.
Only recently has Victoria Police identified the risk of inadequate CM resources and the effect this has on the quality of compliance management as a key organisational risk. In May 2018, the emerging risk was identified in Victoria Police's 2018–19 State-Wide Community Safety Profile, which stated that 'increasing numbers of registered sex offenders are impacting compliance enforcement and subsequently community safety'.
The Victoria Police Operations Committee considered the risks and emerging trends raised in the statewide profile. In response to the emerging risk for RSO management, ROMOC decided to increase the Offender Management Divisions by 48 sworn and 11 Victorian Public Service staff, from April 2018. ROMOC considered the current maturity of Victoria Police's RSO compliance regime and the incoming resources to Offender Management Divisions against the organisation's current capacity to address other key risks and government investment. ROMOC decided that the current processes and incoming resources, together with work to review the operational model, were appropriate treatments for the identified risk.
Given that inadequate CM resourcing has been identified as a community safety risk, Victoria Police advises that RSO management is now listed in the top 10 organisational risks and is an organisational priority.
No data on the efficacy of compliance management approaches
Victoria Police's information collection and analysis does not currently allow it to draw definitive conclusions as to the efficacy of compliance management, either for individual CM units or the organisation as a whole. This means Victoria Police cannot determine if it is mitigating risks as best as it can.
We acknowledge that any results that can be derived from the available breach or reoffending data can potentially lead to erroneous conclusions. For example, several possible interpretations exist for a low breach rate, which could indicate good RSO management leading to fewer breaches or the inability to discover reporting failures. Similarly, a high breach rate does not necessarily mean inadequate RSO management—it could also be a result of a more concerted effort to discover and investigate breaches.
Likewise, recidivism rates cannot be directly attributed to the style of compliance management of a particular CM unit because too many other variables are involved, including transience of the RSO population, length of time the CM model has been in operation and location of offender reporting versus the location where the crime is committed, among others.
Other information limitations also exist. For example, Victoria Police cannot easily monitor the quality of OMPs or their adequate implementation due to the limitations of Interpose.
However, while RSO management is complex and it is difficult to define what operational success looks like, Victoria Police should aim to establish meaningful key performance indicators and agreed-upon targets against which to measure and determine performance.