Go to top of page

Internal governance

Our internal governance framework and processes ensure accountability and
transparency, and promote quality leadership, effective people management and efficient and ethical use of our resources. Our internal governance structure includes our ACIC Executive and senior management committees.


On 30 June 2018, the ACIC Executive comprised the CEO, Chief Operating Officer, two Executive Directors, 10 National Managers and six State Managers.



Chief Executive Officer Michael Phelan APM

Mr Phelan was appointed as ACIC CEO and Director of the AIC in November 2017. This followed more than 30 years with the Australian Federal Police in a wide variety of fields both in Australia and overseas, most recently as the Deputy Commissioner for National Security.

Responsible for overseeing the management and administration of the ACIC, managing our relationship with ministers, working collaboratively with ACIC Board member agencies, and providing leadership, strategic direction and strong governance for our agency. Our CEO is a non-voting member of the ACIC Board.

Chief of Staff
Jeremy Johnson

Responsible for government relations and engagement, media and communication, strategy, planning and performance and strategic policy.


Chief Operating Officer
Paul Williams

Responsible for key enabling services including people, security, business and innovation, finance, property and legal services.

National Manager
People, Security and Integrity Mardi Stewart

Responsible for overseeing people management functions, security, integrity and organisational psychology.

National Manager Finance, Property and Procurement/Chief Financial Officer
Yvette Whittaker

Responsible for the financial management of the agency, procurement, the national property portfolio and business support.

National Manager
Legal Services/General Counsel
Nicole Mayo

Responsible for administrative and criminal law litigation, advice on the use of ACIC powers, policy development and legislative reform, risk and audit, agreements and our examination capability.

National Manager
Business and Innovation
Sabeena Oberoi

Responsible for business strategy, the Portfolio Management Office and the National Police Checking Service.


Executive Director Technology
Rochelle Thorne

Responsible for providing and maintaining our national information capabilities and services to support policing and law enforcement.

Acting National Manager
Business Systems Delivery
Jakub Bartkowiak

Responsible for intelligence and national policing information ICT solutions for our agency.

Chief Technology Officer Matthew Jones

Responsible for capabilities required to design, develop and operate ICT solutions to ensure connectivity between our agency’s IT systems and external systems and ongoing access to critical sources of data.


Executive Director Intelligence Operations
Col Blanch

Responsible for ACIC investigations and intelligence operations, our intelligence products development and overseeing State Managers.

Acting National Manager Operational Strategy
Michael Allsopp

Responsible for special intelligence operations, special investigations and international partnerships and deployments.

National Manager
Operational Capability
Nick Wolanin

Responsible for specialist, covert and technical operation, and compliance with statutes governing surveillance and operational activity.

National Manager
Katie Willis

Responsible for operational and strategic intelligence priorities and identifying and tracking intelligence targets.

State Manager
New South Wales
Warren Gray

Responsible for operations and stakeholder relationships in New South Wales and national physical surveillance.

State Manager
Jason Halls

Responsible for operations and stakeholder relationships in Victoria.

State Manager
Charlie Carver

Responsible for operations and stakeholder relationships in Queensland.

State Manager
Western Australia
Doug Miller

Responsible for operations and stakeholder relationships in Western Australia.

State Manager
Northern Territory and Acting State Manager
South Australia
David Richardson

Responsible for operations and stakeholder relationships in the Northern Territory and South Australia.

State Manager
Matthew Osborn

Responsible for operations and stakeholder relationships in Tasmania.


ACIC Examiners are independent statutory officers appointed by the Governor-General to exercise the coercive powers set out in the ACC Act for the purpose of ACIC Board-approved special operations and special investigations. To ensure accountability, coercive powers are only used when all legislative requirements are met, including a requirement that an ACIC Examiner is satisfied that it is reasonable in all circumstances to exercise these special statutory powers. There is currently one full-time Examiner and two part-time Examiners, all of whom have extensive experience in the legal profession.


Our committee structure comprises our Commission Executive Committee, Executive Leadership Group, Organised Crime Management Committee, Technology Governance Committee and several other committees, panels, working groups and consultative committees.

During this year we adjusted our committee structures to align with our functions and organisational structure, and we will continue to review this to ensure our governance is as effective and streamlined as possible.



The Commission Executive Committee is our agency’s peak committee to support the achievement of ACIC strategic and business objectives, effective and efficient management of ACIC resources, and management of risk. It also ensures we are accountable and meet the expectations of the ACIC Board, Australian Government and the public. It receives reporting and advice from other executive committees, makes all major resourcing decisions, and reviews submissions to the ACIC Board.

The Commission Executive Committee consists of the ACIC CEO (Chair), Chief Operating Officer and Executive Directors. This committee meets as required.


This committee supports the Commission Executive Committee in identifying and planning for future ACIC capability investments, considering all investment proposals, making recommendations on priority investments, and monitoring progress of plans to deliver on the investments.

The Strategic Investment Committee consists of the ACIC CEO (Chair), Chief Operating Officer and Executive Directors, and is supported by other officials. This committee meets quarterly.


The Executive Leadership Group comprises all members of the Senior Executive. The group meets periodically during the year to discuss the broader strategic operating environment and our strategic direction. The group considers new strategies and issues that will influence the ACIC work plan. It also considers whole-of-agency risks as they arise. Outcomes and new initiatives from the group are referred through the other executive committees for decision or action, as appropriate.


The Audit Committee includes an independent external chair and three members as well as an observer from the Australian National Audit Office. The committee meets quarterly to review internal and external audit reports, consider findings and recommendations, and oversee the internal audit program. The committee also holds an additional meeting once a year to review the financial statements. In addition, the committee monitors risk, internal controls, fraud and corruption prevention activities, and performance reporting (see further details on this committee on page 157).


The Organised Crime Management Committee makes decisions about the ACIC organised crime and intelligence work program and allocation of relevant resources to support delivery of related objectives. The committee comprises our Executive Director Intelligence Operations, Chief Operating Officer, and National Managers Intelligence, Operational Strategy, Operational Capability, as well as State Managers as voting members. Intelligence Hub Managers and other managers are non-voting members. The Organised Crime Management Committee meets monthly.

The committee receives relevant performance reporting and advice to guide decision-making about priorities and resource and capability issues, investigative activity and intelligence production. This aspect of the committee’s function is supported by the weekly Situation Report and Strategy Meeting and the Human Source Management Committee.


The Corporate Committee reviews and makes decisions on broader issues of organisational health and effective function. The committee receives relevant reporting on a broad spectrum of organisational health indicators and oversees key organisational improvement projects. This aspect of the committee function is supported by the National Consultative Committee, National Work Health Safety Committee, and Diversity and Inclusion Sub-committee.


The Technology Governance Committee oversees all technology projects and considers any technology-related risks, including information management and technology security risks. The committee meets monthly and provides advice to the Commission Executive Committee on the health and performance of the ACIC technology work program. This committee is supported by sub-committees that focus on vendor management, architecture and design, ICT operations and project/workplan management. The committee is also supported by specific program and project boards.


The Human Source Management Committee provides oversight and governance for the deployment of the ACIC human intelligence source (informants) capability. This includes reviewing compliance with policy and standard operating procedures, providing advice to Executive Directors on risk management in cases referred to the committee, overseeing the ACIC’s engagement of human sources, and evaluating submissions that propose financial rewards for covert human intelligence sources. This committee reports as required to the Organised Crime Management Committee.


The ACIC Enterprise Agreement sets out the arrangements for consultation and communication within the ACIC. We do this through the formal consultative mechanism of the National Consultative Committee and Local Consultative Committees in our offices around the country. This enables consultation between management and employees through representatives, and provides the mechanism for formal discussion of issues affecting their workplace.


The ACIC has both local Work Health Safety Committees and a National Work Health Safety Committee, which have a legislative functionality under section 77 of the Work Health and Safety Act 2011. Local committee meetings are held in our offices around the country and feed into the National Work Health Safety Committee meetings, which are held quarterly. These committees are the primary means of consultation on work health and safety matters for our staff. They support the ACIC Executive by helping to identify, develop, implement and review measures designed to manage the health and safety of our staff at work.


The Diversity and Inclusion Sub-committee oversees the ACIC’s Workplace Diversity Program and provides support and input into the development and maintenance of the ACIC’s Diversity Strategy and Action Plan. The plan incorporates all diversity and inclusion issues including culturally and linguistically diverse backgrounds, Aboriginal and Torres Strait Islanders, disability, gender equity, mature-age and intergenerational workforce. This sub-committee supports the functions of the Corporate Committee.



The Executive Health Panel oversees the ACIC Drug and Alcohol Policy, and recommends appropriate action if a confirmed presumptive positive test occurs or if other breaches of the policy require consideration.


The Management Review Board reviews and manages any risks identified by pre-employment screening and any complex staffing issues. This board is chaired by the National Manager People, Security and Integrity, supported by relevant managers and specialists.


Our planning system connects our strategic direction, work priorities approved by the ACIC Board, risk assessment, resource allocations, performance measurement and monitoring.

Our integrated planning approach links all our operational, technological and corporate work to our strategic direction to ensure we are clear on achieving our purpose.


During this year we reviewed our Strategic Plan and on 13 June 2018, the ACIC Board endorsed our ACIC Strategic Plan 2018–23, which replaced our ACIC Strategic Plan 2016–21.

The plan details our agency’s goals and the approach taken to achieve our mission. The plan captures our past, present and future on a single page. It clearly articulates our functions, how we operate and our culture. It also identifies our strategic objectives for the five years of the plan.

The approach detailed in our plan has formed the basis for, and directly links to, our performance framework: ‘We connect, discover and understand to improve the national ability to respond to crime impacting Australia’.

Our ACIC Strategic Plan 2018–23 is on our website at <www.acic.gov.au/strategicplan>.


We prepared and published our Corporate Plan as required by the Public Governance, Performance and Accountability Act 2013. The plan has a four-year outlook and aligns to the strategic direction set in our Strategic Plan. The public document describes the environment in which we operate, how we manage risks and assess performance, and the strategies we will be delivering for the year, as well as over the four-year life of the plan.

Our latest Corporate Plan is on our website at <www.acic.gov.au/corporateplan>.


Our planning translates our strategic purpose, outcome, areas of focus and delivery into annual activities. It includes:

  • Corporate Plan—This plan describes the work for the financial year and following three years. It is an organisation-wide plan to balance resourcing and effort so we achieve the aims of our special investigations and special operations, and our delivery of national policing systems, intelligence and other outputs, as well as building a sustainable future.
  • Strategic Investment Plan—This plan describes the investments our agency is making to sustain and build our capabilities.
  • Investigation and operation plans—These plans detail the financial year’s strategies and activities to deliver the ACIC Board-approved investigations and operations.
  • Program and project plans—These plans detail the intended benefit, scope, schedule and required resources, and other relevant information for programs and projects.
  • Division/Branch plans—These plans vary depending on the function of the branch and how its activities and outputs relate to other plans. Generally branch plans consider both business-as-usual and essential business improvement activities. These plans can then be used to develop individual work plans for staff as part of the Performance Development System. More information on our Performance Development System is on page 180.
  • Risk planning—We regularly assess organisational risk to inform management activities and planning. Risk assessments are a vital component of planning at all levels. More information on risk management is on page 158.


Our future planning work will continue to strengthen, integrate and consolidate our planning across our maturing organisation. A continuing focus is to strengthen the alignment of planning and risk management.



We take our performance measurement and agency reporting seriously and seek to continually improve and provide quality reporting. We are pleased that our 2016–17 annual report received a Gold Award, our fourth Gold in a row, in the 2017 Australasian Reporting Awards. These criterion-based awards were introduced 68 years ago as a means of improving accountability for, and public communication about, the activities of organisations. The awards are open to all government, private and non-profit sector organisations across the Australasian region.


Our agency performance criteria identify the intended results of our contribution to, and impact on, a shared national outcome: to make Australia safer.

As such, overall achievement against this outcome is not always within our direct control or influence.

Ultimately, ‘end of the chain’ disruption activities (such as arrests, seizures and prosecutions) and prevention activities against crime (such as policy and law reform) are usually undertaken by other agencies. However, our contribution—as measured by a range of short-term and long-term performance criteria—may have been critical or crucial in some cases or peripheral, minor or a more general strategic contribution in other cases.

The performance criteria directly link to our agency purpose and are contained within an integrated performance framework that directly aligns with our Strategic Plan vision, Corporate Plan environmental assessment, planned performance and capability plans, and our Portfolio Budget Statements.

The Public Governance, Performance and Accountability Act 2013 mandates that most Commonwealth agencies must prepare annual performance statements that assess agency performance against their Corporate Plan. This year is the second time we have prepared our annual performance statements as the ACIC, reporting on combined criteria that measure our systems, services and serious and organised crime performance.

Our performance criteria align our purpose and strategic approach, to connect, discover and understand so Australia can better respond to crime threats. We apply our performance criteria across all our activities to determine our agency’s achievement in delivering our purpose. Due to the interrelated nature of our activities, our activities can achieve multiple types of performance outcomes.

Some of our strategies are short-term and some are long-term. This means in any reporting period, to provide a true picture of our performance, we must reflect on our contribution across the performance criteria, even when some of our work to discover and understand has not yet resulted in a tangible response or outcome for the Australian community.

Each performance criterion has a number of measures for efficiency and effectiveness (incorporating a mix of quantitative and qualitative information):

  • quantitative measures are benchmarked against previous performance with accompanying analysis to provide a basis for assessment
  • qualitative measures provide evidence demonstrating our effectiveness against the intended result
  • stakeholder survey results are part of the suite of measures used to assess performance against each criterion, as our stakeholders are important to understanding the effectiveness of our performance.

Although each measure individually does not provide a definitive indicator of overall performance against the criteria, taken together they provide relevant and reliable measurement of our performance. Our performance criteria reflect our activities to achieve our purpose and collectively provide a complete picture of our performance.

During 2017–18 we continued to update and develop our performance framework to ensure it remains appropriate as our agency evolves and changes. Following this full cycle of planning and reporting with our current performance criteria, we reviewed them and made some minor improvements to streamline and reduce duplication in our reporting. Our Portfolio Budget Statement 2018–19 and Corporate Plan 2018–19 to 2021–22 reflect our updated performance criteria.

We also reviewed some of the measures used to demonstrate our performance against the criteria. As our agency is increasingly contributing intelligence to disruptive activity against offshore targets impacting Australia, we have revised our approach to capturing and measuring disruptions of criminal entities. Also, in the past we measured our discovery of previously unknown money laundering targets, and we have now expanded and standardised this across all our crime threats.


Looking forward, following our first full year cycle of the ACIC performance criteria, we have reviewed and slightly amended our performance criteria in our Portfolio Budget Statements and our Corporate Plan for the 2018–19 reporting cycle.



Make Australia safer through improved national ability to discover, understand, and respond to current and emerging crime threats and criminal justice issues, including the ability to connect police and law enforcement to essential criminal intelligence, policing knowledge and information through collaborative national information systems and services.



We help our partners by:

  • providing them with systems and services
  • sharing criminal intelligence and information, policing and other relevant information
  • connecting partners to us and each other.


We build the picture of crime impacting Australia by:

  • collecting information
  • combining information

to discover new areas of national focus.


We improve our understanding of the picture of crime impacting Australia by undertaking analysis to guide a better response.


We improve the national ability to prevent and disrupt crime and protect the community.


Existing ACIC systems and services are accessible, used and reliable.

The delivery and implementation of new and enhanced ACIC systems and services satisfies the needs of stakeholders and users.

The ACIC is sharing increasing volume, breadth and formats (mediums, platforms) of criminal intelligence and information, police information, and other relevant information.

The ACIC builds, coordinates and maintains, strong and collaborative relationships with domestic and international partners.

The picture of crime impacting Australia is improving because the ACIC is discovering crime threats, vulnerabilities and trends previously unknown.

The understanding of the national picture of Australian crime is increasingly more comprehensive, integrated and relevant.

The understanding of the picture of crime impacting Australia is increasingly used to guide strategies and responses to crime.

Prevent: The ACIC better informs and influences the hardening of the environment against crime.

Disrupt: The ACIC is conducting investigations and intelligence operations, and producing intelligence that is effective in disrupting, disabling and dismantling serious and organised crime.

Protect: ACIC partners are better informed and enabled to undertake policing and community safeguarding activities through access to national information systems and services.


Due to the shared contributions to the overall outcome, it is not appropriate or possible to have specified targets or purely quantitative key performance indicators.

The ACIC collects qualitative and quantitative performance data. The ACIC monitors and analyses trends in quantitative data against relevant performance criteria, where appropriate, which includes:

  • comparative statistics on information and intelligence systems and services availability, usage and support levels
  • demonstrated delivery and implementation of planned systems and services that satisfy stakeholders and users
  • comparative statistics on volume and breadth of intelligence shared
  • the level and types of our activities to discover and understand crime impacting Australia
  • the level, types and results of our responses to disrupting serious and organised crime
  • annual stakeholder survey results that form an overall assessment against the performance criteria.


We conducted market research this year to understand stakeholder perceptions and satisfaction with the range of services and products we provide, to help inform future planning. We also collected stakeholder views to help assess results against our performance criteria (for details of these results, see pages 24 to 56).

An external market research company conducted the research, which included an online survey of 139 stakeholders. Respondents represented a broad cross-section of agencies and classification levels. They also worked across different areas such as policy, information systems, intelligence and investigations. The survey was designed so respondents were asked questions relevant to their area of work and interaction with us.

Broadly, the research findings revealed that the ACIC is seen to have an important and unique role in law enforcement and intelligence, and there is great potential in the value we can provide to our partners. Stakeholders saw this potential as partly realised, with several areas for improvement.

Our agency’s most valuable functions were seen as:

  • providing information and intelligence services and systems, and information technology products
  • providing intelligence.

Other areas of strength include the quality of our work, well-intentioned and knowledgeable staff, agile approach, use of coercive powers, and unique role connecting information, intelligence and stakeholders. In particular, stakeholders anticipated that NCIS, when delivered, will be a significant improvement in sharing intelligence and the subsequent detection and disruption of crime.

Respondents rated our overall performance in meeting their needs at 6.6 out of 10.

We intend to work on areas for improvement including stakeholder engagement, project management and delivery, timeliness, and clearly articulating our strategic direction and role.


Our Internal Audit team has three main responsibilities:

  • auditing organisational and operational systems and processes
  • monitoring implementation of audit outcomes
  • developing business improvement opportunities to enhance effectiveness and efficiency in all ACIC business areas.

Our Internal Audit function delivers an objective advisory service, independent of the individual business areas, that provides support and assurance to the ACIC Executive regarding the responsible, effective and efficient use of ACIC powers and resources. Internal Audit is directly accountable to the CEO and the Audit Committee, with the roles, responsibilities and scope of the function set out in the ACIC Internal Audit Charter.

Key areas examined by Internal Audit during 2017–18 included:

  • management of research data and information
  • management of operational equipment and exhibits
  • compliance with record-keeping and policy requirements
  • covert arrangements.

The audits provided an evidence-based perspective on the effectiveness of policies and procedures, the efficiency of organisational resource use and whether we were achieving operating objectives.

We operate a co-sourced internal audit service and contract an external provider for a small number of our audits.


In accordance with responsibilities under section 45 of the Public Governance, Performance and Accountability Act 2013, the CEO has established and maintains an independent Audit Committee. The Audit Committee’s authority is established under its Charter, which sets out the committee’s functions and responsibilities.

The Audit Committee endorses the ACIC Internal Audit Charter, approves the annual audit plan, reviews progress against the plan and considers all audit reports. It also monitors implementation of all internal and external audit recommendations and takes a keen interest in progress of recommendations arising from other review activity, including from the Australian National Audit Office and Commonwealth Ombudsman.

The Audit Committee provides advice on matters of concern raised by internal auditors or the Auditor-General and advises the CEO on the preparation and review of the ACIC’s performance statements, financial statements and certificate of compliance.

As at 30 June 2018, the Audit Committee comprised an independent external chair and three members as well as an observer from the Australian National Audit Office. The independent audit committee members have held a range of senior roles in law enforcement, national security and financial crime, and are experienced in managing risk in these contexts.

The Audit Committee met five times during the year and reviewed areas such as agency financial performance, internal and external audit reports, progress against audit recommendations, agency planning and performance frameworks and reporting, agency compliance with legislation, risk oversight and management and Australian National Audit Office activity.


In accordance with Commonwealth, state and territory legislation, ACIC officers and supervised civilians may be authorised to acquire and use assumed identities for the purposes of conducting investigations or gathering intelligence in relation to serious and organised crime, or in associated support or training roles. In practice, the ACIC uses the Commonwealth legislation. During the reporting period, as required under the legislation, we:

  • reported to Commonwealth, state and territory ministers in accordance with relevant legislative requirements
  • reviewed the ongoing necessity for each authorised member of staff to continue to use an assumed identity
  • conducted the mandatory audits of ACIC records relating to assumed identities.


The ACIC’s risk management framework assists us to make risk-informed decisions that support our work to make Australia safer through connecting, discovering and understanding to improve the national ability to respond to crime, while also meeting our corporate and legislated accountabilities.

During 2017–18 we:

  • implemented a revised risk management policy and supporting procedures, including risk appetite statements that are appropriate to our operating context
  • completed the Comcover risk benchmarking exercise to assess the maturity of our current approach and guide further development
  • strengthened our management of work health safety risks, including the risks associated with our operational activities
  • focused on approaches to improving risk culture and understanding at all levels
  • participated in multi-agency risk forums and consulted with partner agencies on best practice approaches to managing risk.

Our Comcover Risk Benchmarking Survey results for 2017–18 evidenced a significant increase in the maturity of the ACIC’s risk management framework.

Our Risk Function is represented at the Audit Committee and continues to develop a closer working relationship with Internal Audit and the Executive team.


We are entrusted with special powers to enable us to effectively work with our partners to combat serious and organised crime in Australia. Security and integrity are critical in the use of these powers and in delivering our required outcome to Government, our partner agencies and more broadly to the public.

Our security and integrity framework outlines a defined approach to managing integrity and security risks across our agency. Our documented, agreed and understood policies, procedures and processes define how security and integrity is managed at our agency. In 2017–18, IT Security was incorporated into our Security and Integrity section, to enable a more holistic understanding of our agency’s security landscape.

The Security team continues to work towards meeting the requirements of the Government Protective Security Policy Framework. In 2017, an agency-wide security threat and risk assessment was developed, which identified operational and strategic risks and proposed measures to mitigate current and emerging security risks facing our agency. We continue to implement recommendations identified in the assessment.

Highlights of the reporting year include:

  • introducing new national security policies and procedures
  • improving agency-wide security threat and risk assessments
  • providing regular and ongoing security advice to all areas of our agency
  • developing international deployment risk assessments
  • providing covert site security advice and support
  • upgrading physical security at national headquarters and regional offices
  • providing advice on protective security related to regional office relocations
  • accrediting a number of offices and other sites for large-scale IT projects
  • upgrading the security access control system to support the move and centralisation of 24-hour national monitoring from Sydney to the national headquarters in Canberra
  • undertaking an agency-wide personnel security risk assessment, including risk workshops with key internal business areas
  • ensuring all eligible staff completed the annual integrity online training module
  • distributing the Ethics and Integrity Handbook to all staff members
  • mitigating identified fraud and corruption risks.

Integrity initiatives included:

  • detection program—Our fraud and corruption detection program was updated, with reviews programmed for throughout the year targeting high risk activities that were identified in the fraud and corruption risk assessment process
  • integrity-related policies and procedures—Integrity-related policies and procedures were reviewed and updated to reflect legislative requirements.

In addition, our approach included ongoing initiatives:

  • Personnel security—In addition to coordinating security clearance actions through the Australian Government Security Vetting Agency for all staff, we have a rigorous pre-employment screening process to ensure all potential employees are suitable to access ACIC information and systems. Our process is strengthened by a psychological evaluation, which is an additional layer of risk mitigation.
  • National induction program—Security and integrity sessions occur for all new employees to ensure understanding of the Australian Public Service values, ethics and protective security requirements.
  • Online learning—Our eLearning modules for misconduct, fraud and corruption and security awareness are compulsory for all staff on commencement and then annually.
  • Communication—Information on ethics, fraud, corruption and protective security is available to all staff through the intranet, face-to-face awareness sessions and corporate newsletters. We underpin this with policies, procedures, fact sheets and other forms of staff messaging.
  • Reporting—We encourage all staff to report about potential issues of concern. Staff can raise concerns directly with our Integrity Assurance team or Security team, or through their manager. Members of the public can make complaints through the email address on our website.
  • Conflict of interest declarations—Management of real or perceived conflicts of interest is a high priority. All staff must declare any conflicts of interest, gifts and benefits and outside paid, unpaid or voluntary work.
  • Investigation of inappropriate behaviour—We investigate alleged fraud, corruption, suspected breaches of the Australian Public Service Code of Conduct, security incidents and security breaches.
  • Corruption issues—We notify corruption issues to the Integrity Commissioner, Australian Commission for Law Enforcement Integrity and maintain regular liaison on integrity matters.

Our work also includes ongoing research and monitoring of broader national and international compliance measures and initiatives in the area of ethics, integrity and security.


In 2018, the Security team took responsibility for the development of detailed risk assessments to support international deployments. This process requires engagement with the Department of Foreign Affairs and Trade, the Australian Security Intelligence Organisation and other domestic and international partners to develop threat considerations and comprehensive security risk assessments to support our international deployments.


This year we also looked at all aspects of the Protective Security Policy Framework review, including the guidelines for security governance and physical, personnel and information security. Once the reforms are finalised, our Security team will be heavily involved in implementing and communicating the changes.


Our internal security incident reporting mechanism enables all staff to report security incidents.

A total of 85 security incidents were reported in 2017–18. This included 19 incidents within the Protective Security Policy Framework definition of a security breach, which is an accidental or unintentional failure to observe the protective security mandatory requirements.

The majority of security incidents reported were of a low level and occurred within secure ACIC premises (for example, low-level classified documents left on desks). These incidents have not significantly compromised the security of ACIC information, people or premises.


Our Integrity Assurance team contributes to effective fraud and corruption control by providing a reporting, prevention, detection and investigation function regarding suspected breaches of the Australian Public Service Code of Conduct, internal fraud and corruption in our agency.


The Integrity Assurance team investigated 19 referrals alleging staff had breached the Australian Public Service Code of Conduct. As at 30 June 2018:

  • 13 of the referrals were deemed not to require a formal investigation, following an assessment or preliminary investigation
  • six referrals were investigated under procedures established by the ACIC in accordance with section 15(3) of the Public Service Act 1999.


The ACIC’s Fraud and Corruption Control Plan 2017–19 complies with the Commonwealth Fraud Control Framework and outlines our agency’s attitude and approach to fraud and corruption control, summarises risks identified in the fraud and corruption risk assessment, and details mitigation strategies recommended to treat significant risks.

Where fraud or corruption is suspected, the matter may be subject to misconduct or criminal investigation, or both. If sufficient evidence is found to support a criminal offence, the matter may be referred to the Commonwealth Director of Public Prosecutions for consideration of criminal prosecution.

During 2017–18, the Integrity Assurance team received no allegations of fraud. The team received five allegations of corruption, three of which were referred to the Australian Commission for Law Enforcement Integrity and one allegation was referred to the New South Wales Police Force. One allegation of corruption is awaiting an ACLEI referral pending legal advice.








Externally referred





Internally referred











Addressing corruption risk and integrity remains an area of focus as we seek to understand the changing threat and risk and adapt our strategies accordingly.

We are well connected with the broader anti-corruption environment. We participate in the ACLEI Community of Practice for Corruption Prevention. This network of integrity professionals from the agencies under ACLEI’s jurisdiction shares best practice strategies in detecting and deterring corrupt conduct and participates in discussions on key or emerging issues.

We are committed to deterring and preventing corruption by organised crime wherever it occurs. Where requested and as appropriate, we assist ACLEI with its investigations. We provide specialist services including surveillance as agreed through our Memorandum of Understanding with ACLEI.

Last updated
7 December 2018