You are here

Cross-agency inspections

During the reporting period this office conducted inspections and projects which covered activities common to a number of agencies.

Use of assumed identities

Part 1AC of the Crimes Act 1914 and corresponding State and Territory laws enable ASIO and ASIS officers to create and use assumed identities for the purpose of performing their functions. The legislation protects authorised officers from civil and criminal liability where they use an assumed identity in a circumstance that would otherwise be considered unlawful. Similarly, the legislation protects the Commonwealth, State and Territory agencies who provide the evidence of an assumed identity in accordance with the Act.

The legislation also imposes reporting, administration and audit regimes on those agencies using assumed identities. Section 15LG of the Crimes Act 1914 requires ASIO and ASIS to conduct six monthly audits of assumed identity records and section 15LE requires that each agency provide the Inspector-General with an annual report containing information about the assumed identities created and used during the year. The Director-General of Security and the Director-General of ASIS provided the IGIS with reports covering the activities of their respective agencies for the 2015-16 reporting period. There was nothing in the ASIO report to suggest that the agency was not complying with its legislative responsibilities.

ASIS reported a breach of section 15KE where an officer returning from extended leave resumed use of an assumed identity without the formal variation being authorised at the time. A formal variation for the use of the assumed identity was subsequently authorised. No evidence of fraud or other unlawful activities was identified during the reporting period.

Access to sensitive financial information by intelligence agencies

The Anti-Money Laundering and Counter Terrorism Financing Act 2006 (the AML/CTF Act) provides a legal framework in which designated agencies are able to access and share financial intelligence information created or held by the Australian Transaction Reports and Analysis Centre (AUSTRAC). All intelligence agencies and the office of the IGIS are designated agencies for the purposes of the AML/CTF Act.

The IGIS is party to a memorandum of understanding (MOU) with AUSTRAC. This MOU establishes an agreed understanding of IGIS's role in monitoring access to, and use of, AUSTRAC information by agencies.

In overseeing an agency's use of AUSTRAC information, IGIS officers check that there is a demonstrated intelligence purpose that pertains to that agency's functions; that access is appropriately limited; searches are focused; and information passed to Australian agencies and foreign intelligence counterparts is correctly authorised. Each year the IGIS prepares a statement summarising compliance monitoring in respect of ASIO, ASIS, AGO, ASD and DIO concerning, respectively, their access to, and use of, AUSTRAC information in the previous reporting period. As required under the MOU, during 2016-17, this statement was sent to the Attorney-General, the Minister for Foreign Affairs and the Minister for Defence

Review of access to sensitive financial information by ASIS, ASD, AGO and DIO during 2016-17 did not reveal issues of any material concern. The inspections revealed that ASIS's governance and record keeping relating to this information continue to be effective, with no breaches of the ISA or non-compliance with the ASIS guidelines. This was also true of ASD, DIO and, with some scope for improvement in its record keeping, of AGO.

Review of ASIO's access to AUSTRAC material during 2016-17 raised two issues:

  • ASIO identified a breach of ASIO's memorandum of understanding with AUSTRAC regarding the provision of information to a foreign intelligence service. In this instance the requisite level of internal approval had not been sought. Once the breach was identified ASIO promptly notified this office, and took appropriate measures to reduce the likelihood of this error recurring.
  • In two instances ASIO retained AUSTRAC data which did not relate to the intended subject of a search. There are circumstances in which ASIO will require access to information in order to identify whether the person is or could be identical to the subject of the active investigation. In this instance this information was not purged or quarantined from ASIO systems once it was determined that it did not relate to the intended subject. Our office is currently liaising with ASIO, and expects to resolve this matter in the 2017-2018 reporting period.

Due to staffing changes, the IGIS office did not conduct any inspections of ONA's access to and the use of AUSTRAC information.

HTML version of this annual report converted and prepared by XiNG Digital Pty Ltd.