Fraud and Corruption Management Policy

On this page

Purpose | Scope | Principles Policy statements Roles and responsibilities Definitions Approval information Version history References

1. Purpose

1.1 The Fraud and Corruption Management Policy (the policy) outlines the university’s commitment to the prevention of fraudulent, unlawful, negligent or improper conduct at UTS.

1.2 This policy:

  1. forms part of the university’s wider commitment to a culture of integrity (refer Conduct, behaviour and integrity at Policy by classification)
  2. works alongside the Whistleblowing and Public Interest Disclosures Policy, which supports the implementation of the university’s obligations under the Public Interest Disclosures Act 2022 (NSW) (PID Act).

2. Scope

2.1 This policy applies to UTS staff, students and affiliates, and staff and affiliates of UTS controlled and associated entities (hereafter staff).

3. Principles

3.1 Honesty and integrity are core values at UTS. High ethical standards and conduct are expected at all times.

3.2 This policy, along with the Equity, Inclusion and Respect Policy, the Code of Conduct and the Student Rights and Responsibilities Policy, supports UTS to:

  1. uphold UTS values and foster a culture of integrity
  2. prevent serious wrongdoing
  3. identify and detect serious wrongdoing, and
  4. continually improve fraud and corruption prevention and response strategies.

4. Policy statements

Culture, behaviour and staff responsibility

4.1 UTS takes a zero tolerance approach to fraud, corruption and serious wrongdoing. Staff must not engage in, participate in, cover up or fail to report:

  1. any fraudulent activity, corrupt conduct, serious maladministration or serious or substantial waste of public money, or government information contravention (hereafter serious wrongdoing)
  2. victimisation, bullying, harassment or any other form of reprisal against another person for reporting or intending to report serious wrongdoing or about whom a report or disclosure has been made (refer Whistleblowing and Public Interest Disclosures Policy and Equity, Inclusion and Respect Policy).

4.2 The UTS Council, the Vice-Chancellor and members of the senior executive are responsible for the following fraud prevention strategies:

  1. annual management signoffs
  2. annual internal audits
  3. a clear understanding of relevant risks, legal obligations, compliance requirements and behavioural expectations
  4. a commitment to, and role modelling of, ethical conduct
  5. compliance with Schedule G1 – Delegations Principles when exercising a delegated function (refer Delegations), and
  6. ensuring supervisors and senior leaders in each division have individual workplans that address the fraud control mechanisms listed in this policy.

4.3 Supervisors play a particularly important role in:

  1. role modelling UTS’s behavioural expectations
  2. educating staff about the requirements of this policy, the Conflicts of Interest Disclosure Policy and the Whistleblowing and Public Interest Disclosures Policy
  3. ensuring staff are aware of their responsibility to behave ethically and to comply with all conduct, behaviour and integrity policies (refer Conduct, behaviour and integrity at Policy by classification) and Schedule G1 – Delegations Principles
  4. promoting ethical behaviour and a speak up culture in their division, unit and/or team (refer Speak up at UTS)
  5. encouraging members of the UTS community to report serious wrongdoing
  6. raising awareness of fraud and corruption risks among staff through onboarding and induction activities, staff development team meetings and the workplanning process (refer Workplanning and review (Staff Connect)), and
  7. managing serious wrongdoing and any fraud and corruption risks faced by UTS by acting consistently with their responsibilities and receiving public interest disclosures (refer Whistleblowing and Public Interest Disclosures Policy).

4.4 Staff must, as part of their workplanning process:

  1. familiarise themselves with the conduct, behaviour and integrity policies (refer Conduct, behaviour and integrity at Policy by classification), requesting additional information from their supervisor where necessary
  2. discuss conflicts of interest with their supervisor and disclose any conflicts of interest in line with the Conflicts of Interest Disclosure Policy, and
  3. agree to act in line with Schedule G1 – Delegations Principles when executing a delegated authority.

4.5 Where a third party is contracted to undertake work for, or on behalf of, UTS it is a requirement that:

  1. all necessary due diligence is undertaken before any formal engagement with the third party
  2. third parties are provided with, and must abide by, all conduct, behaviour and integrity policies (refer Conduct, behaviour and integrity at Policy by classification), and
  3. third parties are made aware of this policy and the Whistleblowing and Public Interest Disclosures Policy.

4.6 Members of Council and committees of Council must act in accordance with the required terms of reference and the Governance Overview Handbook (available at UTS Council: Governance).

Fraud and corruption awareness

4.7 Fraud and corruption awareness is provided as part of UTS’s onboarding program (refer Welcome to UTS (Staff Connect)). Targeted training is provided to identified staff as part of the workplanning process (refer Workplanning and review (Staff Connect)).

4.8 Awareness and training programs must be available to:

  1. ensure continued awareness of fraud and corruption related risks
  2. enable supervisors to understand corruption risks, identify vulnerabilities and identify prevention strategies
  3. enable staff to identify serious wrongdoing or ‘red flags’ that may indicate serious wrongdoing
  4. provide clear guidance on how to report fraud and corruption in line with the Whistleblowing and Public Interest Disclosures Policy, and
  5. reinforce fraud control activities (refer Risk assessments and fraud and corruption prevention plans).

4.9 As part of the recruitment process, positions with specific responsibilities for fraud control, compliance or in an identified risk area (refer Risk areas for serious wrongdoing) must:

  1. have relevant training requirements included in the position description (informed by the relevant fraud and corruption prevention plan), and
  2. include an appropriate due diligence (or pre-screening) process in line with the Recruitment and Appointment Policy.

Risk areas for serious wrongdoing

4.10 Supervisors must ensure that appropriate fraud and corruption prevention training is available for staff undertaking the activities listed in table 4.10, which have been identified as having a risk of fraud or serious wrongdoing (refer Definitions).

Table 4.10: High risk activities for serious wrongdoing

ActivityExamples of possible serious wrongdoing
Decision-making and authorisations

Examples include:

  • making decisions that could lead to benefits for the individual
  • poorly documenting decision-making resulting in a lack of transparency
  • making decisions that are in breach of university or legislative requirements
  • turning a blind eye to breaches or maladministration
  • falsifying signatures
  • inappropriate acceptance of gifts or benefits, and
  • inappropriate management or approval of contracts, recruitment, outside work, university consulting, preferred supplier selection, admissions, exercising delegated authority.
Records, information, data and knowledge use or management

This includes intellectual property, research data, staff and student records, corporate data, governance and commercial in confidence information.

Examples include:

  • misuse or inappropriate access or disclosure of information, data, knowledge or insights that have a perceived or actual value
  • usernames and passwords being shared allowing unauthorised access
  • unauthorised deletion or alteration of records and information.
Financial management

This includes revenue and expenditure, procurement processes, payroll, grants management, tenders, investments, accounting activities, expenses and use of the corporate credit card.

Examples include:

  • management of UTS funds and accounts
  • use of UTS funds for personal gain
  • frivolous or excessive corporate credit card expenditure.
Asset and facilities management

This includes IT facilities, lab and physical campuses.

Examples include:

  • theft of valuable resources
  • misuse of IT infrastructure
  • misuse of facilities
  • unauthorised access to university resources or facilities
  • contracts for capital projects.

Risk assessments and fraud and corruption prevention plans

4.11 UTS maintains and implements internal control systems to manage fraud and corruption and may develop new controls in response to fraud and corruption risk assessments.

4.12 The Director, Risk is responsible for providing advice regarding:

  1. appropriate insurance and safeguards to protect against the risk of wrongdoing
  2. the development of prevention plans and associated risk assessments and proposed action plans
  3. the development of disclosure protection plans as outlined in the Public Interest Disclosures Management Procedure, and
  4. working with the Head, Compliance and Assurance, addressing gaps in risk management and compliance identified as part of the management of a public interest disclosure (refer Whistleblowing and Public Interest Disclosures Policy).

4.13 Deans and directors (or equivalent, hereafter directors) are responsible for developing fraud and corruption prevention plans in Risk Connect. These prevention plans must include:

  1. a fraud and corruption risk assessment for all relevant activities (including assessment of the Risk areas for serious wrongdoing), and
  2. an action plan to mitigate and manage identified risks.

4.14 Fraud and corruption risk assessments are conducted using Risk Connect. Vulnerabilities that should be considered in a fraud and corruption risk assessment are provided in the templates in Risk Connect. The outcome of the risk assessment will be the development of an action plan. Refer Risk Management Policy and Risk Management Procedure (SharePoint).

4.15 Directors must review prevention plans annually to ensure they remain current and deal effectively with new emerging risks. Prevention plans must be reported to the relevant member of the senior executive by 31 October each year (or as otherwise directed by the Director, Risk).

4.16 Fraud and corruption prevention plans are reviewed in a manner determined by the General Counsel and Executive Director, Risk and Compliance.

4.17 The Audit and Risk Committee may require action, amendment or improvement to this policy or the fraud control framework to ensure the university’s legislative requirements and obligations prescribed by the Audit Office of New South Wales are met.

Identifying and reporting serious wrongdoing

4.18 Detection of serious wrongdoing may occur through observing fraudulent or corrupt activities or by discovering information that tends to reveal fraud or corruption.

4.19 This detection process can occur through any of the following activities:

  1. Continuous monitoring and data analytics: UTS's information systems, including the use of software applications and computer-assisted audit capabilities, may provide an important source of information on serious wrongdoing (for example, by identifying suspect transactions)
  2. Internal and external reporting channels: including through the NSW Ombudsman, the Independent Commission Against Corruption and/or via the Whistleblowing and Public Interest Disclosures Policy, the Conflicts of Interest Disclosure Policy, the Gifts and Benefits Policy, the Outside Work Policy and the Staff Complaints Policy)
  3. Internal audit program: Fraud and corruption risk assessments are used to inform the development of UTS's annual program of internal audits.
  4. External audit: UTS management and the Audit and Risk Committee maintain a professional relationship with the Audit Office of New South Wales (AONSW), providing the opportunity to attend Audit and Risk Committee meetings, access to minutes of all committee meetings and addressing any AONSW requirements. UTS supports the AONSW to assist in fraud detection and response.

4.20 Public officials (including staff and affiliates) must report serious wrongdoing in line with the Whistleblowing and Public Interest Disclosures Policy. Any other person may report serious wrongdoing committed by the university, its staff, students or affiliates (refer Speak up at UTS for reporting options).

4.21 Information on how to report and manage public interest disclosures is outlined in the Whistleblowing and Public Interest Disclosures Policy and at Whistleblowing. Fraud and corruption risk management processes, reporting processes and response mechanisms will be reviewed in response to outcomes of an investigation as part of a continuous improvement process.

Records management

4.22 Information relating to fraud and corruption controls, including fraud and corruption prevention plans, must be managed in line with the Records Management Policy and the Data Governance Policy.

4.23 Information relating to the reporting of serious wrongdoing must be managed in line with the Whistleblowing and Public Interest Disclosures Policy.

Policy breaches

4.24 Breaches of this policy will be managed in line with the Code of Conduct, the Enterprise agreements and/or the Student Rights and Responsibilities Policy as appropriate.

4.25 Breaches of this policy that relate to acts of fraud or corruption will be managed in line with the Whistleblowing and Public Interest Disclosures Policy and the relevant Enterprise agreements.

5. Roles and responsibilities

5.1 Policy owner: The General Counsel and Executive Director, Risk and Compliance is responsible for:

  1. policy enforcement and compliance, ensuring that its principles and statements are observed
  2. reporting to the Audit and Risk Committee as required on fraud and corruption management activities
  3. reviewing this policy every 2 years in line with the Audit Office of New South Wales requirements, and
  4. the approval of any associated training and university level procedures.

5.2 Policy contact: The Director, Risk is responsible for:

  1. the day-to-day implementation of this policy, acting as the primary point of contact for advice
  2. advising on training requirements, and
  3. ensuring alignment with the Risk Management Policy as part of an integrated approach to the management of the university’s fraud risk profile.

5.3 Implementation and governance roles: Council, with the guidance and support of the Audit and Risk Committee, is responsible for oversight and monitoring of fraud and corruption risk management, including the implementation of this policy and assisting in its review.

Senior executive, deans, directors and supervisors are required to:

  1. understand fraud and corruption risks at UTS
  2. adopt a risk-based approach in their management, undertake fraud and corruption risk assessments and maintain fraud and corruption prevention plans
  3. lead by example in their behaviour in the workplace
  4. create and sustain a speak up culture, and
  5. report and/or manage reports of serious wrongdoing in line with the Whistleblowing and Public Interest Disclosures Policy.

Performance and commitment in these areas will form part of the performance review process for supervisors at UTS.

All staff, students and affiliates are responsible for ensuring the integrity of the university’s management and administrative practices, including by reporting serious wrongdoing.

6. Definitions

The following definitions apply for this policy and all associated procedures. Other definitions are available in the Whistleblowing and Public Interest Disclosures Policy. Definitions in the singular also include the plural meaning of the word.

Affiliate is defined in the Code of Conduct.

Integrity is defined in the Equity, Inclusion and Respect Policy.

Internal control system means systems of control, including policies, procedures, delegations, processes or systems established in order to provide reasonable assurance of:

  1. effective and efficient operations
  2. internal financial control, and
  3. compliance with laws and regulations.

Serious wrongdoing (also wrongdoing) is defined in the Public Interest Disclosures Act 2022 (NSW) and summarised in the Whistleblowing and Public Interest Disclosures Policy.

Staff is defined in the Code of Conduct.

Supervisor is defined in the Code of Conduct.

Approval information

Policy contactDirector, Risk
Approval authorityCouncil
Review date2025 (every 2 years)
File numberUR23/1137
Superseded documentsFraud and Corruption Prevention and Public Interest Disclosures Policy and Procedures (UR09/417)

Version history

VersionApproved byApproval dateEffective dateSections modified
1.0Council (COU/23-4/82)16/08/202330/09/2023New policy.

References

Code of Conduct

Conflicts of Interest Disclosure Policy

Data Governance Policy

Enterprise agreements

Equity, Inclusion and Respect Policy

Gifts and Benefits Policy

Outside Work Policy

Public Interest Disclosures Management Procedure

Records Management Policy

Recruitment and Appointment Policy

Risk Management Policy

Schedule G1 – Delegations Principles

Speak up at UTS

Staff Complaints Policy

Student Rights and Responsibilities Policy

Welcome to UTS (Staff Connect)

Workplanning and review (Staff Connect)

Whistleblowing

Whistleblowing and Public Interest Disclosures Policy

Acknowledgements

Audit Office of New South Wales

Independent Commission Against Corruption

NSW Ombudsman

Acknowledgement of Country

UTS acknowledges the Gadigal people of the Eora Nation, the Boorooberongal people of the Dharug Nation, the Bidiagal people and the Gamaygal people, upon whose ancestral lands our university stands. We would also like to pay respect to the Elders both past and present, acknowledging them as the traditional custodians of knowledge for these lands.