Assurance Strategy Guideline - Department of Employment

Assurance Strategy Guideline
Document change history
Version
Start date
Effective date
1.0
1 05 2015 for
jobactive Deed
2015-2020 –
Work for the
Dole
Coordinator
1 05 2015 for
jobactive Deed
2015-2020 –
Work for the
Dole
Coordinator
1 07 2015 for
the jobactive
Deed 20152020
1 07 2015 for
the jobactive
Deed 20152020
End date
Change and location
Original version of document
Explanatory Note
All capitalised terms have the same meaning as in jobactive Deed 2015–2020 (the Deed). In this document,
‘must’ means that compliance is mandatory and ‘should’ means that compliance represents best practice and
that compliance is discretionary.
Disclaimer
This guideline is not a stand-alone document and does not contain the entirety of Providers’ obligations.
It must be read in conjunction with the jobactive Deed 2015-2020 and the jobactive Deed 2015-2020 – Work for
the Dole Coordinator and any relevant Guidelines or reference material issued by Department of Employment
under or in connection with the jobactive Deed 2015-2020 and the jobactive Deed 2015-2020 – Work for the
Dole Coordinator.
Relevant Deed clause/s
This Guideline relates to the entirety of the jobactive Deed 2015–2020 (the Deed) and the jobactive Deed 20152020 – Work for the Dole Coordinator.
Relevant references
Reference documents relevant to this Guideline include:







Public Governance, Performance and Accountability Act 2013
Vacancies and Outcomes Guideline
Employment Fund Wage Subsidies Guideline
Employment Fund General Account Guideline
Assessment Guideline
Work for the Dole Guideline
Relocation Assistance to Take Up a Job Guideline
Assurance Strategy Guideline
TRIM ID: EM15/001038
Effective Date 1 July 2015
1
Summary
This document outlines the Department of Employment’s approach to assuring the integrity of the delivery of
employment services programmes
The management and assurance of employment service programmes needs to balance operational flexibility
with appropriate accountability while aiming to keep the administration burden on Providers as low as possible.
The Department uses a risk-based approach to assure the integrity of its employment services.
The Provider Assurance Strategy aims to:



inform Providers about the various ways the Department encourages Providers to voluntarily comply
with requirements
inform Providers of the range of remedial actions that can apply if they are non-compliant
target areas of risk.
Policy Intent
Providers must have in place their own governance and control frameworks that support their delivery of
quality services and performance and accuracy of payments consistent with the Deeds.
The Department acknowledges that the majority of Providers are willing, able to, and do comply with
contractual and Guideline requirements. However:

some Providers will engage in inappropriate activities that do not meet the contractual requirements or
be inadvertently non-compliant due to poor governance or procedures
in a small number of cases, Providers have consistent compliance issues.
The Department employs four strategies to provide assurance, as shown in Figure 1—Prevention, deterrence,
detection and correction strategies:




prevention—making it easier for Providers to comply
deterrence—making clear the risks and penalties of non-compliance
detection—processes are in place to identify non-compliance
correction—acting on detected non-compliance.
Assurance Strategy Guideline
TRIM ID: EM15/001038
Effective Date 1 July 2015
2
Figure 1—Prevention, deterrence, detection and correction strategies
Prevention
Correction
Risk
Management
Corrective
action as
required (e.g.
debt recovery;
policy review)
Good
programme
design
supported by IT
System
Detection
Rolling random sample
survey
Prevention
Clear Deed, Guidelines and
service delivery expectations
Targeted programme
assurance reviews
Education, information, training,
and support available
Department
of
Employment
Two-way
feedback
Industry
Prevention
Joint Charter
Detection
Ongoing desktop
monitoring
Quality Assurance Framework
Data mining
Performance feedback
Site visits
Deterrence
Results of
compliance
reviews will
impact on
performance
rating
Deterrence
Providers are aware of
how they are
monitored and
sanctions that can
apply for noncompliance
Prevention strategies
The primary focus of the Department’s assurance activities is prevention, as most Providers strive to be
compliant and the Department wants to support and encourage these organisations by making compliance as
easy as possible.
The most critical ways that the Department can help to prevent both wilful and inadvertent non-compliance are
to provide sound programme design, clear deeds and Guidelines and IT Systems that prevent ineligible claims
being made and support compliance. The goal is that:




Providers clearly understand their requirements and obligations
Providers have a clear expectation of appropriate standards of behaviour
complexity, loopholes and ambiguity are minimised
IT Systems aid compliance.
The Department will seek to raise awareness of the correct procedures and appropriate maintenance of
evidence by:



providing training materials (for example, Learning Centre training modules)
answering Provider queries as quickly and clearly as possible
communicating feedback from assurance activities to Providers, including areas for improvement.
Providers must ensure that they comply with requirements by having appropriate governance, procedures,
training and monitoring in place.
Compliance with the Third Party IT Provider Deed and full Information Security Manual accreditation will
strengthen the governance framework and provide additional controls to reduce risk.
Providers must maintain certification against the Quality Assurance Framework. The Quality Assurance
Framework has been established to help Providers to ensure they meet or exceed the minimum required
standards for Providers and deliver quality services to job seekers.
Assurance Strategy Guideline
TRIM ID: EM15/001038
Effective Date 1 July 2015
Deterrence strategies
The Department uses deterrence strategies that are designed to increase the proportion of Providers that are
voluntarily compliant. The Department’s deterrence strategies include:



making clear to Providers all of the ways in which we monitor them and what factors influence the level
of scrutiny of each organisation (see ‘Checklist—Factors that influence the level of scrutiny of Providers’
below)
making Providers aware of the range and severity of remedial actions that can be applied so that they
are fully aware of the ramifications for their business of non-compliance
making it clear that Providers’ performance rating will be affected by their level of non-compliance, as
measured using the Compliance Indicator.
The Department’s risk and compliance model (see Figure 2—Risk and compliance model) shows generally how
we will treat instances of non-compliance according to the Department’s determination of the nature, level and
causes of non-compliance and the Provider’s level of cooperation. It also shows generally our risk differentiation
approach, under which the risk rating assigned to each organisation informs the intensity and frequency of
scrutiny.
Figure 2—Risk and compliance model
Use full force of remedial actions
Actively exploit ambiguity/loopholes in
the Deed
Deter by detection, moderate degree of
remedial action
Try to comply but don’t always succeed
Help to comply, lesser degree of
remedial action
Make it easy to comply, minimal or no
remedial actions
LOWER RISK
Willing to do the right thing
Assurance Strategy Guideline
TRIM ID: EM15/001038
Effective Date 1 July 2015
more frequent monitoring and
higher likelihood of targeted review
Wilful non-compliance or manipulation
of any Records, processes or the
Services to maximise Payments.
Risk differentiation
periodic monitoring and lower
likelihood of targeted review
Compliance strategy
HIGHER RISK
Attitude to compliance
Detection strategies
The Department’s detection strategies are designed to identify practices that impact on the integrity of
employment programmes. Programme and Provider level risks will be identified using a combination of
qualitative and quantitative sources, including:








a rolling program of random sampling of claims/activity
desktop analysis of data from the Department’s IT Systems
data mining and actuarial modelling to highlight claims that are best candidates for targeted review
online verification with Department of Human Services data
complaints and feedback received from job seekers or staff (including the Department’s National
Customer Service Line and Employment Services Tip-off Line)
intelligence gathered from industry
information sourced by Department’s Account Managers and contract managers, including from
Provider visits
a Third Party IT Provider Deed with specific reference the Department’s access rights.
The Department’s risk differentiation approach (as shown in Figure 2) will determine the frequency and
intensity of scrutiny applied to each Provider and/or Site. A Provider assessed as high risk would be monitored
more frequently than others and will be more likely to be the subject of more intense and targeted programme
assurance reviews.
All Providers will be scanned using a variety of ‘risk filters’ to detect matters of concern that may indicate
potential non-compliance (for example, a high number of claims of a particular fee relative to caseload or
national benchmarks). Any findings that vary significantly from industry norms or past performance/activity may
trigger a targeted programme assurance review or a change in a Provider’s risk rating.
Checklist – Factors that influence the level of scrutiny of Providers











An assurance activity shows amount or frequency of claims that varies from industry norms or
established benchmarks.
An assurance activity shows variations in amounts or patterns of claims or in performance rating
compared with previous assessment periods.
There are high levels of claims relating to related entities relative to industry norms.
Complaints and/or poor feedback from job seekers have been received through the National Customer
Service Line.
Intelligence about manipulative or potentially fraudulent behaviour has been received through the
Employment Services Tip-off Line or other sources.
Audits indicate concerns or practices that increase risk of non-compliance.
Provider visits indicate poor record keeping or other factors that increase risk of non-compliance.
We assess that governance structures are poor, inadequate risk and fraud controls are in place or there
are other indicators that the organisation is at risk of non-compliance.
There is high staff, management or corporate board turnover.
There is a history of acting in a way that exploits ambiguity to maximise fees and/or otherwise acting in
a way that is not consistent with programme policy intent.
There is a past record of non-compliance and/or debt recoveries.
The Department may make direct contact with Employers, job seekers or other relevant parties to verify
evidence supplied by a Provider.
Correction strategies
Where activities or actions arise that are not consistent with the Deed, including the Guidelines, the Department
will undertake appropriate preventative strategies (such as working with Providers to improve their practices to
enable future compliance; or amending Guidelines and other material to ensure that requirements are as clear
as possible). The Department will also consider what, if any, correction strategies should be applied.
Assurance Strategy Guideline
TRIM ID: EM15/001038
Effective Date 1 July 2015
Correction strategies may include one or more of the following actions:


recovering payments that the Provider was not entitled to claim, consistent with the Department’s
obligations under the Public Governance, Performance and Accountability Act 2013 and/or
exercising other remedies available under the Deed, such as the reduction of the Providers’ business
share, suspension of referrals, imposition of additional conditions on payment of fees or imposition of
additional reporting requirements.
As set out in the Department’s compliance model (see Figure 2), the level of sanction(s) that are applied will be
informed by the nature and level of non-compliance that has been identified, the causes of the non-compliance
and the Provider’s level of cooperation with any review or investigation. Where a Provider undertakes a selfaudit of activity and voluntarily discloses non-compliance, the Department may elect not to apply additional
remedial actions (other than recovery of relevant fees) unless there was repeated or significant non-compliance
or where there is evidence of criminal behaviour. An appropriate level of remedial actions, commensurate with
the degree of non-compliance, will be considered in all other instances. The strictest remedial actions with the
most impact will be more likely to be applied where the Department determines that Records, processes or the
Services are wilfully manipulated.
Any cases of potentially criminal behaviour will be referred to the Department’s Investigations Branch to be
investigated.
A measure of a Provider’s compliance may also influence the Star Rating calculation. A Compliance Indicator
score may be used to adjust each Provider’s Star Rating score according to the degree of non-compliance
identified for that Provider. The rolling random sample survey will be the key means of identifying Providers’
levels of non-compliance, although the findings of other assurance activities will also be included when
calculating the Compliance Indicator score.
Subject to clause 50 of the Deed (‘Dispute Resolution’), where disputes, problems or issues arise, these will be
handled in the first instance in accordance with the Joint Charter of Deed Management.
Assurance elements
Quality Assurance Framework
In recognition of the Government’s commitment to ensuring the delivery of high-quality employment services
for job seekers and employers, the Quality Assurance Framework applies to all Employment Providers from
1 July 2015.
Within 12 months of the commencement of the Deed, Employment Providers will be required to gain
certification against the Quality Assurance Framework and maintain certification for the Term of the Deed.
The Quality Assurance Framework comprises two key elements:


Quality Principles developed by the Department against which an Employment Provider must
demonstrate conformance
certification against one of the Department-approved Quality Standards—i.e. ISO 9001, the National
Standards for Disability Services, the Employment Services Industry Standard or Investors in People.
The Department has developed the Quality Principles as a basis for measuring quality and improving service
delivery. While the Quality Standards establish a foundation of quality management, the Quality Principles
bridge the gap between the requirements of the Quality Standards and the qualitative aspects of the Deed. The
Quality Principles have been designed to cover the minimum requirements for delivering quality employment
Services. Consistent with each of the Quality Standards, there is a strong focus on continual improvement.
Employment Providers must demonstrate adherence to each of the Quality Principles as part of their Quality
Assurance Framework certification. The certification process will be undertaken by an accredited third party
auditor from a list of auditors appointed by the Department.
Work for the Dole Coordinators are subject to the Work for the Dole Coordinator Quality Framework, and are
required to complete a Self-Assessment Quality Report to demonstrate adherence to four Quality Principles:
Assurance Strategy Guideline
TRIM ID: EM15/001038
Effective Date 1 July 2015
Governance; Labour Market, Employers and Community; Operational Effectiveness; and Continual
Improvement. A Self-Assessment Quality Report must be completed and submitted to the Department within
six months of the Deed Commencement Date.
Contract monitoring
The Department will undertake contract monitoring of the full spectrum of each of the services on an ongoing
basis. Monitoring activities can include, but are not limited to, Provider visits and data interrogation; and
desktop monitoring audits, which utilise the systems information available to the Department. Results of these
activities inform ongoing programme assurance and, where results indicate more investigation is required, they
can trigger a targeted Programme Assurance Activity.
During each Performance Period, the Department’s Account Managers and contract managers will monitor
performance against any representations in the Provider’s tender response to the request for tender and assess
service delivery against the Provider’s Service Delivery Plans and the Service Guarantees.
Provider Site visits
In addition to the scheduled Provider Site visits that the Department undertakes in the normal course of the
contract management of its programmes, the Department may conduct unannounced Site visits in certain
circumstances. These circumstances include where the Department has reason to believe that a breach of the
Deed has occurred or there is suspected fraud. Where an unannounced Site visit occurs, the Provider must
cooperate with Department’s employees and must provide access and assistance in accordance with clause 40
of the Deed.
Rolling random sample survey
The Department will undertake a review of a random sample of job seekers from each Employment Provider in
each Employment Region in which they operate. Claims and other in-scope activities that occurred over the
previous 12 months will be reviewed.
In-scope claims and other activities may vary from quarter to quarter but may include such programme
elements as:







Outcome payments
Wage Subsidies
Employment Fund reimbursements
Job Seeker Classification Instrument updates resulting in the job seeker changing stream
referral of job seekers to Work for the Dole activities
Relocation Assistance to Take Up a Job
Work for the Dole.
Findings of the rolling random sample survey reviews will be incorporated into the Compliance Indicator, which
may be taken into account when assessing Providers’ performance.
Targeted Programme Assurance Activities
In addition to the rolling random sample survey, the Department will also undertake other targeted projects of
employment services. These projects will assess areas of emerging or identified risk that may arise due to the
dynamic environment in which employment services are delivered. Projects may involve only one Provider or a
smaller group of Providers; they may be restricted to a specific location or region; or they may target a specific
element of employment servicing.
Risk is assessed with reference to various factors, including but not limited to:



programme expenditure or transaction volume (higher levels of programme expenditure or frequency
of transactions are assessed as containing significantly higher levels of risk)
risk assessment of individual Providers
results of past Programme Assurance Activities.
Assurance Strategy Guideline
TRIM ID: EM15/001038
Effective Date 1 July 2015
In conducting targeted Programme Assurance Activities, the Department utilises a range of methods, including
but not limited to conducting surveys of employers or job seekers; and analysing data and examining available
information. This will include the examination of evidence uploaded at the time of claim (requested by ESS), or
any other evidence requested by the department.
Sanctions
The Department will assess the size, scope, nature (e.g. inadvertent or wilful non-compliance) and impact of any
non-compliance with the Deed (breach), determine the appropriate remedial action that should be applied as a
result of the breach, and determine whether or not sanctions should be applied as a result of any identified
non-compliance.
As part of the programme assurance activities, the Department may choose to review a sample of the Provider’s
Services when assessing the Provider’s performance in relation to that particular class of Services. Where the
Department reviews a sample of Services, the Department can apply the result from that sample to all or a
proportion of that particular class of Services. Where the Provider is taken to have invalidly claimed Payments in
relation to all or a proportion of those Services, the Department may exercise its rights under the Deed,
including requiring the Provider to repay the total amount of claims deemed to be invalid. This is a significant
disincentive for Providers to engage in invalid claiming practices.
Measurement of compliance
The Compliance Indicator will be calculated based on reviews that the Department undertakes. The Compliance
Indicator will provide a quantifiable assessment of each Employment Provider’s compliance with Deed
requirements Further details on the Compliance Indicator will be provided as an update to this strategy on the
Provider Portal.
Assurance Strategy Guideline
TRIM ID: EM15/001038
Effective Date 1 July 2015