Cross-agency inspections

Light cover

Light cover is used by ASIO and ASIS staff to conceal their employment. Where more robust cover is required the agencies are able to use the assumed identities scheme (see below). In 2014, the IGIS conducted an inspection project on the agencies' use of light cover, focusing on advice, training and support provided to staff. The project identified four key areas of potential concern for staff using light cover: risk of penalties for impersonating a Commonwealth Officer when using alternative government departments as light cover; court appearances; dealing with police; and obtaining private insurance policies. Both agencies were aware of the issues, but the communication to staff in the form of policy, intranet advice and training varied. Since the completion of this project, ASIO has finalised a light cover policy. ASIO and ASIS have also sought to identify suitable life insurance options for their staff.

Use of assumed identities

Part 1AC of the Crimes Act 1914 and corresponding State and Territory laws, enable ASIO and ASIS officers to create and use assumed identities for the purpose of carrying out their functions. The legislation protects authorised officers from civil and criminal liability where they use an assumed identity in a circumstance that would otherwise be considered unlawful. Similarly, the legislation protects the Commonwealth, State and Territory agencies responsible for providing the evidence of an assumed identity in accordance with the Act.

The legislation also imposes reporting, administration and audit regimes on those agencies using assumed identities. This includes a requirement for ASIO and ASIS to conduct six monthly audits of assumed identity records and provide the IGIS with an annual report containing information on the assumed identities created and used during the year. The Director-General of Security and the Director-General of ASIS provided the IGIS with reports covering the activities of their respective agencies for the 2013–14 reporting period. There was nothing in the reports that caused concern.

ASIS provided the IGIS with a copy of their internal audit reporting on assumed identities during this reporting period in addition to the annual report. This was in response to our request for this information following an inspection of ASIS assumed identity records conducted during the previous reporting period. ASIO continued its past practice of providing me with a copy of its internal audits of assumed identities during the reporting period.

Access to sensitive financial information by intelligence agencies

The Anti-Money Laundering and Counter Terrorism Financing Act 2006 (the AML/CTF Act) provides a legal framework in which designated agencies are able to access and share financial intelligence information created or held by the Australian Transaction Reports and Analysis Centre (AUSTRAC). All intelligence agencies and the office of the IGIS are designated agencies for the purposes of the AML/CTF Act.

The IGIS is party to a memorandum of understanding (MOU) with AUSTRAC. This MOU establishes an agreed understanding of IGIS's role in monitoring agencies' access to, and use of, AUSTRAC information.

In oversighting the agencies' use of AUSTRAC information, we check that there is a demonstrated intelligence purpose pertinent to the agencies' functions, that access is appropriately limited, searches are focused, and information passed to both Australian agencies and foreign intelligence counterparts is correctly authorised.

During 2014–15, in accordance with the MOU, the IGIS sent an annual statement to the Attorney-General and the Minister for Foreign Affairs on the outcome of compliance monitoring activities in ASIO and ASIS respectively, concerning their access to, and use of, AUSTRAC information in the previous reporting period. AUSTRAC provided insufficient information for compliance monitoring activities to be carried out in relation to AGO, ASD, DIO and ONA concerning their access to, and use of AUSTRAC information in the 2013–2014 reporting period. This issue has been raised with AUSTRAC and the flow of information for this reporting period has improved and will be reported on in the 2015–2016 annual report.

ASIO

We conducted regular inspections of ASIO's access to AUSTRAC material. An ongoing issue that has been raised in our inspections is an inconsistency between two of ASIO's internal policies relating to setting limitations for searches of AUSTRAC databases. As at the end of the reporting period this issue was yet to be resolved, though ASIO have advised that there are changes to AUSTRAC databases and policies to be implemented in the next reporting period.

During our inspections two cases were identified where requests for AUSTRAC data were not authorised prior to the search being conducted. Another request was not authorised by an ASIO officer at the correct level as required by ASIO policies.

Our inspections also revealed one search of AUSTRAC database was conducted on a partial number and returned a large number of records unconnected to the subject of the AUSTRAC request. ASIO advised that these records were not viewed by ASIO staff.

ASIS

Inspections throughout 2014–15 did not identify any significant concerns relating to the receipt of AUSTRAC material. This is a significant improvement on previous years. ASIS has recently re-established direct access to AUSTRAC databases and information and our inspection activities are being expanded to cover this development.

Also during the reporting period ASIS advised that the AUSTRAC CEO had provided ASIS with an exemption from s.53, 55 and 59 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 dated 16 April 2015. Essentially, this exempts ASIS from reporting movements of physical currency and bearer negotiable instruments into or out of Australia, when carrying out a statutory function under section 6 of the Intelligence Services Act 2001. This was in response to issues identified by the IGIS, as noted in our previous annual report.