Investigation summaries

Operation Carlisle

07/03/2022

IBAC's Operation Carlisle investigated allegations of corrupt conduct by a Corrections Victoria employee. The investigation did not substantiate the allegations but did identify corruption vulnerabilities in Corrections Victoria practices and procedures.

  • In 2018, IBAC commenced Operation Carlisle, an own motion investigation into allegations of corrupt conduct by a Corrections Victoria (CV) employee.

    The allegations related to the unauthorised disclosure of information obtained by the CV employee in their course of their employment, to an external third party.

  • IBAC's investigation did not substantiate the allegations of corrupt conduct but did identify corruption vulnerabilities associated with CV's practices and procedures.

    The investigation found limitations in the audit capability of CV's information systems. These limitations made it difficult to determine whether the employee had improperly accessed information or contravened relevant CV policies and procedures. Strong auditing capabilities in relation to information systems and the adoption of proactive auditing programs help prevent and detect improper access to information and assist in holding employees accountable for non-compliance.  

    The investigation also found risks associated with CV's processes for the declaration and management of conflicts of interest. IBAC identified opportunities for CV to strengthen its conflict of interest procedures for high-risk roles, which had relied solely on employees making voluntary declarations. IBAC also found there was insufficient scrutiny and management of conflicts of interest, where indications of conflicts or declarable associations arose.

  • IBAC identified opportunities for DJCS and CV to address corruption vulnerabilities identified in Operation Carlisle, including more robust auditing of information systems and strengthening CV's procedures for the identification and management of conflicts of interest.

    In August 2021, DJCS wrote to IBAC outlining the actions it has taken to address the corruption vulnerabilities identified in Operation Carlisle.

    IBAC publishes responses to our investigations to inform the community about the actions agencies advise they are taking, and to share learnings that may help other agencies improve their systems and practices to prevent corruption and misconduct.

DJCS' response is as follows:

CV to review the Centurion system to ensure it can produce comprehensive audits of user access and implement a program of regular and random audits that are sufficiently detailed to allow improper information access to be identified.

The Corrections Victoria Intelligence Unit (CVIU) can complete both random and targeted audits of CV's intelligence database. Justification is required when requesting audits. There is a monthly audit of the Intelligence Division's access and use of CV's intelligence database. Other audits are conducted on a needs basis. Existing reporting capability provides sufficient detail to allow for improper information access to be identified.

As part of the Assurance-Technology Services new operating model, there are plans to have increased capacity to conduct routine system audits. DJCS is considering the viability of implementing a proactive monitoring model, which (if implemented) will include targeted and random auditing of information systems for high-risk prison roles.

While DJCS supports a more preventative and proactive model and the use of innovative and technological solutions, there are resource implications and the need to integrate any new systems within the capability of existing tools that are currently operational.

The cultural review of the adult corrections system will further consider the effectiveness and appropriateness of DJCS systems and processes.

CV to advise Australian Government Security Vetting Agency (AGSVA) of failures to provide full details of matters relevant to security clearances and of the failure of the vetting process to identify relevant associations

In May 2021, CV advised AGSVA of relevant failures to provide all relevant details in relation to security clearances.

That CV review and strengthen its processes related to the identification and management of declarable associations and conflicts of interest to ensure:

  1. declared associations and conflicts of interest are properly scrutinised and the associated risks proactively managed
  2. declarable associations and conflicts of interest and any associated management plans are recorded, and communicated to relevant supervisors, and reviewed as appropriate
  3. checks are undertaken to identify whether documented management responses have been properly implemented
  1. CV's current practice includes declaring associations and conflicts of interest so that there is transparency, any issues can be managed, and integrity risks are mitigated.
  2. CV's current practice in relation to declarable associations, conflicts of interest and any associated management plans includes this information being recorded, communicated to relevant supervisors, and reviewed as appropriate.
  3. CV holds some concerns about the powers and resources required to implement this component of the recommendation. For example, if a Manager becomes suspicious or is aware of conflicting information, they may interview staff. However, this action has the potential to compromise any investigation by integrity agencies such as IBAC and the Victorian Ombudsman or Victoria Police.

DJCS is committed to further strengthening of its practice in relation to key integrity risks such as declarable associations and conflicts of interest. This will be considered further as part of the Independent Review into the Culture of Victorian Prisons, DJCS Integrity Strategy and DJCS response to recommendations from the IBAC's June 2021 Special Report on Corrections.