Part 4: Monitoring and enforcing compliance

Department of Internal Affairs: Effectiveness of controls on non-casino gaming machines.

Maximising the funds available for authorised purposes depends on the costs incurred by operators and venues being minimised.

In this Part we discuss our findings on how effectively the Department monitors and enforces compliance with the requirements in the Act, particularly those relating to operator and venue costs. In particular we:

  • describe the compliance approach taken by the Department; and
  • assess the Department's approach against our expectations of good practice.

The main tools used by the Department to control operating and venue costs are audits, investigations, and education. We did not examine investigations as part of our audit. This is because a policy and procedure manual for investigations was being prepared by the Department at the time of our audit.

Our expectations

Risk-based approach

We expected the Department's monitoring and enforcement of compliance to be consistent with good practice for regulatory compliance activities. We adopted the same high-level expectations adopted by the United Kingdom's National Audit Office (NAO) for the United Kingdom Gaming Board.1

The NAO identified that, to give effect to the principles of good regulation, the United Kingdom Gaming Board would need to:

  • have an appeals process;
  • target its inspections to known problems;
  • tailor its routine inspections of individual operators to reflect the extent and quality of their self-regulation; and
  • introduce a range of sanctions that could be applied according to the seriousness of the offence.

These expectations can generally be described as a risk-based approach. We expected the Department to take a risk-based approach that covers the specific elements outlined in paragraph 4.5.

Effective policies and procedures

We expected the Department's policies and procedures to:

  • be documented and available to interested parties;
  • be consistent with relevant requirements in the Act;
  • be followed by the Department consistently across different locations (because this is crucial to the integrity of the regulatory process); and
  • be periodically reviewed and updated.

Training and resourcing

We expected the Department to have training and documentation in place to ensure that compliance staff can competently discharge their functions and have access to adequate resources to carry out those functions.

Our findings

Emerging voluntary compliance approach

The Department believes that enforcement activities should primarily encourage compliance and that the best results will happen when voluntary compliance with the law is high. At the time of our audit, the Department planned to develop a framework describing voluntary compliance in the context of the Department's responsibilities. Both we and the Department believe that, to be effective, voluntary compliance must be complemented by effective enforcement when breaches of the law have occurred.

A changing mix of time budgeted for various compliance activities reflects the Department's move towards a voluntary compliance approach. The Department is budgeting less time for auditing and more time for education and investigation activities. This is shown in Figure 5. The information shown is for all of the Department's compliance activities relating to non-casino gaming machines, not just those relating to operator and venue costs. As staff do not complete time sheets and the Department does not record actual allocation of staff time, we could not confirm if its intentions were reflected in practice. Information provided by the Department indicates that it undertook more investigations, presentations, and visits during the period it reduced the number of audits it carried out.

Until the Department has more information available on the level of compliance within the industry, it is not possible for us or the Department to make a quantitative assessment of whether the Department's emerging voluntary compliance approach is producing greater compliance. The Department says that this approach is producing benefits, but it was unable to demonstrate this quantitatively at the time of our audit.

Figure 5
Budgeted allocation of time resource by compliance tool 2002/03 to 2005/06

Figure 5: Budgeted allocation of time resource by compliance tool 2003/03 to 2005/06.

Inadequate outcome measurement

In our view, the Department does not systematically and on an ongoing basis monitor the level of compliance within the industry. In the Department's view, its risk-profiling activities, described later in this Part, are used on an ongoing basis to monitor the level of compliance within the industry.

We acknowledge that there is no simple measure of overall compliance. Therefore, determining compliance rates may involve estimates that use a variety of indicative information sources — for example, information on actual returns to the community obtained from operators' audited accounts.

At the time of our audit, assembling information on compliance relied heavily on staff members' awareness of information, their willingness to check multiple systems, their willingness to follow up indications that information exists in another system, and manual communication processes such as telephone and e-mail. The Department has a long-term objective of developing an interface between its licensing and intelligence databases.

The Department is charged with administering the Act. The purposes of the Act that we looked at include maximising returns to the community, and limiting opportunities for crime and dishonesty. The Department does not have outcome measures for these purposes despite the primary role of gambling inspectors being to ensure compliance with the Act. The Department has identified the aim of its regulatory strategy is to increase returns to the community.

A measure of operator compliance that the Department could use, given the information it routinely has available, is the overall level of funds being returned to authorised purposes as a percentage of gross proceeds.

We acknowledge that measuring returns to authorised purposes requires care. This is because the Department has identified three different ways in which societies calculate returns to authorised purposes. The level of returns to authorised purposes can potentially be manipulated by changing depreciation assumptions, as well as changing over time due to legitimate variations in expenses.

Existing performance measures do not provide adequate information about the level of compliance resulting from the Department's activities. For example, the 2006-09 Statement of Intent measures compliance by assessing whether "the percentage of respondents to a survey … who rate their satisfaction with how information services provided by the Department support their ability to comply with relevant laws, conditions and rules is no less than 85%". The Department acknowledges that this measure is not directly related to compliance but rather gives an indirect indication of compliance. The value of this measure is further limited by the response rate to the survey, which was just over 50%.

The Department has committed, in its 2006-09 Statement of Intent, to developing outcome measures over the next 3-5 years. It also stated in October 2002 that it intended to "develop a strong organisational output and outcome measurement system". In our view, the Department should accelerate this work, given its importance in demonstrating to stakeholders the results being achieved by the Department and for informing the Department's understanding of the effect of its work. This includes demonstrating the results of its emerging voluntary compliance approach to stakeholders and staff.

Recommendation 8
We recommend that the Department of Internal Affairs accelerate work on outcome measures relating to compliance within the non-casino gaming machine industry.

Risk-based approach in place

Although the Department's strategic approach to compliance is still emerging, the fundamental elements we expected the Department to have were in place. However, there were also significant improvements that could be made to a number of these elements, particularly on consistency of practice and compliance with the Act. The findings against each of our specific expectations are outlined below.

Appeals process in place

Operators are able to appeal the Department's decisions to the Commission. Appeals are managed on behalf of the Department by its Operational Policy and Legal Services sections. The Commission is independent of the Department. See Part 2 for more information about the Commission.

Under section 81 of the Act, the public are entitled to complain to the Department about the conduct of non-casino gaming machine operators and venues. The Department told us that it investigates all complaints, as the Act requires. If the public are unhappy with the way the Department has handled a complaint they are entitled to complain about the Department to the Commission. At the time of our audit, there had been no complaints specifically about the Department to the Commission.

Risk-based targeting

Risk profiling

The Department uses risk profiling to assess the level of risk it believes an operator poses relative to other operators. Risk profiling was introduced in the 2003/04 year. Risk profiling involves assessing the level of risk of each operator against nine different risk factors and rating this on a categorical scale for each factor. The points from each risk factor are added up to determine the total risk. This is known as an operator's risk profile.

The weightings used for societies (who generally distribute funds) are different from those used for clubs (who generally apply funds) for three of the factors (as shown in Figure 6). Clubs score out of a maximum of 75, while societies score out of a maximum of 100. This is because the Department has decided that the generally smaller number of gaming machines in clubs, and their generally less complex organisational and operating arrangements, make them lower risk. There is also a view among some Department staff that clubs will be self-regulating because any diversion of funds affects the clubs directly.

The factors and the relative weightings given to each factor are shown in Figure 6.

The approach used by the Department enables a gambling inspector or manager to make a change to the overall risk assessment for a given operator. However, a lack of guidance on how to change overall risk profiles, lack of controls over those with the ability to make changes, and the significant gaps in information about operators (as described later in this Part) present a risk to the Department's reliance on risk profiling to determine its work programme.

Figure 6
Factors and weightings used for risk profiling societies and clubs

Figure 6: Factors and weightings used for risk profiling societies and clubs.

Recommendation 9
We recommend that the Department of Internal Affairs improve its controls over gambling inspector or manager adjustment of a non-casino gaming machine operator's overall risk profile rating.

Differential scoring of clubs and societies

In our view, the Department has made a judgement on the relative risks of societies and clubs without definitive information on differences in their actual levels of compliance.

We recognise that clubs generally have lower turnover and have some incentives to maximise their returns, such as the fact that proceeds are indirectly returned to club members through club facilities and services. However, the Department's staff we talked to pointed out that clubs typically had other risks. These included a relatively high turnover of staff, and reliance on volunteers who may have limited knowledge of their non-casino gaming machine obligations. One of the Department's senior staff expressed the view that fraud or theft meant that clubs were stealing only from themselves, so the matter was for the police to investigate rather than the Department. This approach appears at odds with one of the purposes of the Act, which is to limit opportunities for crime and dishonesty, and the Department has made achieving this purpose a priority.

In our view, the Department could do more to recognise and use appropriate interventions to address the particular risks that clubs present. This is reflected in the Department's acknowledgement that its risk assessment may not match its intelligence information for selected organisations. This may include some societies as well as clubs.

A mismatch between assessed and actual risks is a known issue with semi-quantitative risk analysis approaches such as that used by the Department. The Australian/New Zealand Risk Management standard2 recognises that a semi-quantitative approach "may not differentiate properly between risks, particularly when either consequences or likelihood of [those risks] are extreme".

Missing information

Where the Department is missing current information for a given risk factor, it makes assumptions about the level of risk for an operator. We noted some inconsistencies in these assumptions in practice. We attended the moderation meeting where the national audit work programme for 2006/07 was set, and observed that various staff had different views on how to rate a risk factor when no information had been collected. Some staff suggested the risk factor should be rated high, while others said a medium or low rating should be given.

The Department's 2005 risk-profiling documentation states "the fact that a club has not been visited for a period of time should not necessarily infer that the venue compliance criteria should be rated as a high score [high risk of non-compliance]. Unless there is evidence to the contrary then the rating should be at the low end of the scale [low risk of non-compliance]." We disagree with this direction. In our view, good practice is to increase a risk rating over time in the absence of information. At least one of the Department's staff members has suggested "time since last audit" be included in the risk assessment criteria for clubs.

The lack of information about operators is a significant problem for the Department. While the Department's risk-profiling documentation suggests risk profiles will be continually updated based on complaints, licensing, audits, investigations, education visits, and other activity, we observed that the Department had little or no information on many operators available at its moderation meeting. For example, at the national moderation meeting we attended, only two out of about 94 clubs in one region had the risk-profile fields populated.

Recommendation 10
We recommend that the Department of Internal Affairs reduce the level of missing information about non-casino gaming machine operators within its risk-profiling system, and improve the consistency of assumptions about operator risk in the absence of current information about operators.

As noted above in relation to licensing, information about compliance history and licensing information was sometimes not entered in the Department's Licence Track system. Some staff told us it was very difficult to locate even the previous year's audit report for an entity, and that they had to retrieve the physical file for the operator or venue to get this information.

National audit work programme

Risk profiles are used to determine the "frequency, timing, focus and type of compliance activity undertaken" within the constraints of the available resources. The profiles are ranked and then the greatest compliance resource is allocated to the operators with the highest risks. In practice this means that operators with a risk profile above a high-risk level are included on a national audit work programme. One result of this scoring system is that few clubs get included in the national audit work programme. For example, in 2006/07 the Department proposed about three clubs out of 423 for inclusion in the national audit work programme. The Department undertook 357 audits of clubs in 2002/03. This reduced to 14 audits in 2005/06.

In our view, setting the level for inclusion in the national audit work programme is a flexible process. We observed that the definition of high risk changed from year to year. Over time, it is therefore possible for the Department to vary the level of risk that determines whether an operator is included in the national audit work programme.

Audits cannot be added or removed from the national audit work programme during a year without the agreement of the management team. Some staff complained that this system was inflexible. Investigations can be conducted during the year if prompted by a complaint or similar trigger, but are not classed as an audit.

The focus on high-risk operators, with no random audit of other operators, is the same situation we found in our 1998 review, although the Department was auditing 50% of all operators in some of the intervening period.

The Department has recognised it does not have a long-term strategy to ensure compliance of those operators not included in its national audit work programme.

While the Department has indicated that it uses the results of risk-profiling to inform its non-audit work programme, the Department has no procedural guidance on how this should happen.

Recommendation 11
We recommend that the Department of Internal Affairs improve information in its planning and accountability documents by stating the quantity of work the Department will undertake for its chosen audit risk threshold for operators, and indicate the expected contribution of this work to compliance in the non-casino gaming machine industry.

Number of audits

The number of audits included in the national audit work programme has reduced over time. This is because of the Department's approach since the introduction of the Act. In April 2001, Cabinet decided the Department should audit 50% of societies each year. The Department states this was to improve the effectiveness of audits, increase public confidence in the regime, and reduce public criticism over non-compliance. From 2002/03, the requirement was reflected in the Department's Statement of Service Performance.

The Department told us that, in practice, the requirement to audit at least 50% of operators each year resulted in a "tick and flick" approach to audits, with the emphasis on the quantity of audits rather than the quality of an operator's actual compliance. In 2003, Cabinet rescinded its 50% audit requirement, to allow a new risk-based approach to be implemented.

The risk-based approach taken by the Department has resulted in fewer audits being done by the Department than in previous years. In our view, there is a risk that, by doing fewer audits, the Department gathers less information about entities. This means that fewer meet the threshold of "high risk" to warrant an audit, which leads to a further reduction in its audit activities.

The Department has itself recognised that not regularly auditing clubs affects its risk-profiling information. A "compliance education society visit" has been suggested by Department staff as a method of obtaining information to update the risk profile for operators that have not been audited recently.

We attempted to ascertain definitive information on the number of audits, visits and sanctions applied by the Department for each of the years from 2002/03 to 2005/06. We used a variety of sources of information. These included annual reports, responses to Parliamentary Questions, and information provided directly to us by the Department. Because there were some considerable differences between the information sources, we asked the Department to provide us with a definitive set of activity information.

Because the definitive information provided also differed considerably from some of the other activity information the Department had previously supplied to us, we asked the Department to explain why. The Department then undertook an internal review of its activity reporting information. The outcomes of the review were:

  • a set of detailed definitions that the Department will use for subsequent activity reporting;
  • the Department providing us with further updated activity information for the 2004/05 and 2005/06 years;
  • the Department indicating that, in relation to activity reporting, it had "instituted a regime of independent quality assurance of the reported figures"; and
  • the Department indicating it had not reviewed data for the 2002/03 and 2003/04 years because that data was collated when the Department was developing its reporting mechanisms and definitions, and was recorded in a database that would require a large investment of staff time to extract information from.

The most recent 2004/05 and 2005/06 information provided by the Department is shown in Figure 7.

While the Department has indicated that it has improved its activity reporting process, we believe that this is an area to which the Department needs to give further attention. Reliable activity reporting information is particularly important if the Department is to understand relative use of resources within its voluntary compliance approach and the outcomes the approach is achieving. We will ask the Appointed Auditor of the Department to give extra attention to the Department's activity reporting when next auditing the Department.

Because of the considerable differences in reported levels of activity between some of the historical information sources, including between Parliamentary Questions and other sources, we asked the Department whether it was intending to review any historic information already in the public arena. At the time of our audit, the Department told us that it was undertaking further work to validate historical activity information and that it would correct any information found to be incorrect. The Department also noted that a lot of change occurred within non-casino gambling during the period covered by the historical information in question.

Figure 7
Compliance activity reported by the Department 2004/05 and 2005/06

Figure 7: Compliance activity reported by the Department 2004/05 and 2005/06.

We believe the Department's future activity reporting should be more reliable as a result of the definitions and assurance processes it has put in place in response to our audit. However, we suggest caution in using historic information about the Department's non-casino gambling related activities.

Recommendation 12
We recommend that the Department of Internal Affairs continue to closely scrutinise and improve, where necessary, its recording and reporting of the volume of activities that it has undertaken related to non-casino gaming machine operators (such as audits, investigations, and sanctions applied), and corrects any activity information already in the public arena that it determines is incorrect.

Scale and scope of audits

Audits on the national audit work programme can involve checking some items in a checklist (a targeted audit) or all items in a checklist (a full audit). The risk-profile information determines whether a targeted audit or a full audit is undertaken. However, the Department's policies and procedures do not provide guidance on how staff should determine the circumstances in which individual items from the audit checklist should be used in an audit. The Department relies on the judgement of staff using information and knowledge about a given operator, and requires staff to consult with a senior gambling inspector.

The Department's audit manual states that most audits will be targeted. For example, the Southern regional office conducted only one full audit in 2005/06. The Department's audit manual also states that the reason for a targeted audit will be documented and an audit plan prepared. We were told that targeted audits typically take between one week and two months.

Because of the flexibility the Department has over the content of audits, caution must be exercised when examining trends in the number of audits undertaken by the Department over time. Trends in the number of audits are not necessary indicative of the Department's total audit activity.

Reporting on audit activities

A summary of the Department's main compliance activity measures for 2005/06 is provided in Figure 8. The Department has reflected the main compliance activity measures from its statement of service performance in its internal business plan. The Department provided us with documentation that showed it tracked the number of different compliance interventions undertaken in each month by each regional office.

Although the Department commits to auditing high-risk operators in its 2006-09 Statement of Intent, high risk is not defined in that document. Until 2005/06, the Statement of Service Performance required some auditing of low-risk societies, but this was no longer required after 2005/06.

The Department excludes some steps in its reporting of the time taken to complete an audit. The audit starts once all requested documentation has been received, and is completed when the draft audit report is sent to the operator. The time taken to begin an audit after notifying the operator and for completing an audit once a draft report has been finished are not included in the Department's reporting of audit timeframes. We recognise that the time to complete an audit will depend in part on the conduct of the operator. However, in our view, these timeframes are largely within the Department's control and should be included in its reporting. Without including these, the reported time measure is inaccurate and can be misleading.

Figure 8
Main compliance activity performance measures 2005/06

Compliance tool Main activity performance measures 2005/06

Business Plan Statement of Forecast Service Performance
Audits Undertake audits of all gaming machine societies identified as high risk, in accordance with their risk profile. Undertake audits of all gaming machine societies identified as high risk, in accordance with their risk profile.

All non-compliant practices identified during audit processes or via complaints will be acted upon in accordance with the Enforcement Policy. All non-compliant practices identified during audit processes, intelligence gathering, or via complaints will be acted upon in accordance with the Enforcement Policy.

The number of instances of non-compliance with gambling laws that are detected during audits and investigations and not rectified during the follow up process will be no greater than 20%.

Undertake audits of other gambling activities identified as high risk. Undertake audits of other gambling activities identified as high risk.
Investigations The number of instances of non-compliance with gambling laws that are detected during audits and investigation and not rectified during the follow up process will be no greater than 20%. Undertake investigations of all gaming machine societies where serious non-compliance is identified through audit, intelligence gathering or complaints.
Education and persuasion Undertake 200 formal presentations and educative compliance venue visits to the gaming sector by 30 June 2006. Undertake 200 formal presentations and educative site visits to the gaming sector.

There is also a wide variety in the size of audits. Some audits of national societies involve multiple venues across New Zealand, while others may involve a society operating from a single venue. The Department needs to differentiate between the size of audits in its reporting.

Recommendation 13
We recommend that the Department of Internal Affairs differentiate between different sizes of audits of non-casino gaming machine operators, include the full time taken for audits in its performance recording, and reflect these in its accountability documents.

Extent and quality of self-regulation

The Department does not tailor its routine inspections of individual operators to reflect the extent and quality of their self-regulation. This was not of major concern to us, given the requirements of the Act, the state of development of the industry, and the Department's emerging voluntary compliance approach. In our view, the Department is improving its relationship and interactions with the industry such that, over time, they may support a more self-regulatory approach, should a policy decision be made to adopt such an approach.


The Department's Enforcement Policy follows the principle that the application of a sanction should relate to the seriousness of the breach identified. There are a range of sanctions available to the Department. Listed from most serious to least serious, these include:

  • initiating prosecution action;
  • cancelling or not renewing an operator's licence;
  • suspending an operator's licence;
  • cancelling a venue licence;
  • suspending a venue licence;
  • amending, revoking, or adding conditions to a licence;
  • issuing an infringement notice;
  • requesting an operator to address a problem; and
  • education.

A Sanctions Group gives advice, but does not make decisions, on which sanctions to apply. The intended purpose of the group is to assist consistency of decision-making across the Department's regional offices. The National Manager, Gambling Compliance decides what sanctions to apply.

The Sanctions Group generally meets weekly. There are no minutes from the group's meetings. Therefore, we could not judge the consistency of advice on proposed sanctions it received from gambling inspectors, consistency of the Sanction Group's advice with the Department's policies (primarily its Enforcement Policy), or consistency of the sanctions applied on the advice of the group.

The Act gives the Department the power to issue infringement notices. The Gambling (Infringement Notices) Regulations 2004 were introduced to prescribe the form of any infringement notice that will be issued. At the time of our audit, the Department did not use infringement notices because its information system could not issue them. Infringement notices enable fines to be imposed on operators for certain breaches of the Act. We were told that, because information technology resources were committed to EMS, they were not available to make infringement notice changes to the Department's Licence Track system.

We were told that the Department intended to issue infringement notices using a manual process from 1 July 2006. We were also told that approval to issue an infringement notice would be subject to review by the Sanctions Group and/or approval by the National Manager, Gambling Compliance. In our view, this process reduces the intended benefits of infringement notices, which is that they are able to be immediately issued. However, we recognise the ability to use infringement notices is a fairly significant power that needs to be exercised with discretion.

Policies and procedures


Policies and procedures exist for auditing and enforcement activities. The Department has an Enforcement Policy (the policy), an Audit Checklist (the checklist), and an Audit Reference Materials Manual (the manual). The policy provides guidance on what interventions the Department will use and when. The checklist is used by gambling inspectors to guide and record their audit activities. The manual contains detailed policies and procedures on how to conduct an audit. The checklist, policy, and various education materials are freely available on the Department's website.

The manual does not contain analytical guidance for staff on assessing what are reasonable expenses by operators. We recognise that assessing reasonable expenses is not straightforward. However, we believe the Department could do more to provide guidance on this issue. Until it does, this will remain an area where significant benefits to the community could be lost.

The Department has recognised that there are limitations to its procedural guidance on reasonable expenses. It is intending to collect information on aspects of operator costs as part of the society audits conducted in 2006/07, which it has the power to do under the Act. This information may help inform the development of procedural guidance and/or comparative material to help assess reasonable expenses.

Within the industry there is variance in operator management structures and expenses. Some operators contract almost all management and day-to-day running to a management company. Other operators might do all this work themselves. Given that all operators have the same obligation to minimise costs and maximise returns to the community and incur only actual, reasonable and necessary costs, benchmarking of the relative costs of the different management approaches would be useful.

The Department needs to exercise care to not impose additional compliance costs on the industry unless these are justified. It already has a lot of information supplied at licensing time, which it could use for benchmarking. This information could be used to help check and benchmark operators' expenses without imposing significant compliance costs on the industry. This would allow the Department to more accurately assess whether operators are minimising their expenses, and could allow it to share best practice with the industry on how to minimise expenses.

Recommendation 14
We recommend that the Department of Internal Affairs develop guidance on reasonable non-casino gaming machine expenses by making better use of the information it already collects and, where necessary, by gathering more information.

We found a lack of policies or procedures on non-audit interventions, other than educational visits.

The manual contains a venue education visit procedure. We believe the procedure does not provide enough guidance and instruction on how to conduct an educational visit. The educational visit procedure contains the same material as the audit checklist, except that in some places, instead of directly checking systems, the venue education visit checklist suggests asking the venue manager what their system is. The procedure refers to "taking the opportunity to encourage voluntary compliance" but provides no further detail on how to do that, other than providing the extract from the audit checklist. Accordingly, there is not a clear distinction between an educational visit and some audits.

The venue education visit checklist covers a range of issues. Aspects of operation, such as what information needs to be displayed at the venue, are checked as part of an educational visit. However, other more detailed record-keeping requirements are not part of the venue education visit checklist. From the information in the manual, in our view, the educational visit is like a shorter, narrower audit. This is of concern, given the Department's reliance on educational visits as a crucial part of its voluntary compliance strategy.

We also found that the application of warnings following educational visits by gambling inspectors is inconsistent with the intent of those visits and the Department's Audit Reference Materials Venue Education Visit procedure in the manual. This practice could involve gambling inspectors auditing the same organisations they have provided educational assistance to, and there being little difference between an educational visit and some audits.

The Act introduced a requirement that operators who cease operating supply certain information to the Department. The Department has a comprehensive cessation audit process for operators to complete to satisfy this requirement. Previous practice was that societies that were to be audited but ceased operating did not need to be audited, and the audit was not counted. This approach created a risk because operators who ceased operating were not audited to ensure that they had properly accounted for funds once they ceased operating. It is important that cessation audits are carried out for all operators who do not renew their licence when it expires.

Policies and procedures partially compliant

There are some inconsistencies between the checklist, the manual, and the requirements of the Act. The checklist does not fully represent the requirements of the legislation. This also affects the venue education visit procedure, which contains extracts from the checklist. In many instances, the manual does not contain enough information to allow a gambling inspector to fully assess whether the legislative requirements are met. In some places, the checklist contains a higher standard than that required by the legislation. Because of the reliance placed on the checklist, any errors or omissions directly affect compliance. These errors and omissions need to be corrected.

Recommendation 15
We recommend that the Department of Internal Affairs review its non-casino gaming machine Audit Checklist and Audit Reference Materials manual against the specific requirements of the Gambling Act 2003, review the information gambling inspectors need to meaningfully assess compliance with these requirements, and amend the checklist and manual accordingly.

Some inconsistency in practice

We examined some of the Department's files, and found certain differences in the manner in which Department staff implemented policies and procedures when conducting audits. These included differences in the:

  • use of case plans for audits (the Department's procedure requires case plans for all audits), completion of the audit checklist, and completion of the audit checklist coversheet;
  • way that reasonable expenses were examined, which is to be expected given the lack of analytical guidance available to staff on this issue — it was not clear to us that the Department's examination of reasonable expenses was on the basis of risk and/or materiality; and
  • time taken to complete audits and various stages of an audit — this variation presents a credibility risk for the Department, given that it often demands information from the industry within fixed and relatively short timeframes.

Some operators also told us that they had experienced inconsistencies in the Department's application of policies and procedures, although one industry representative told us the Department was working hard to get consistency in audits. While we saw evidence of review of audits and completed audit checklists by senior staff within a regional office, we did not see evidence of review across regional offices.

At the time of our audit, the Department planned additional training for compliance staff in 2006/07 to improve consistency of practice. This included training in:

  • writing;
  • financial analysis;
  • use of infringement notices; and
  • investigative practices.

Conflicts of interest and independence

We found no evidence of independence issues being considered during the conduct of audits beyond the Department's reliance on staff adhering to its code of conduct, including the specific impartiality and conflicts of interest requirements in the code. In our view, these requirements are not sufficiently detailed given the nature of audit work. We did not find problems with independence and conflicts of interest, but some additional practices could provide the Department, its staff, and the industry with more protection from these risks.

Given the importance of independence in conducting compliance activities, the Department could develop a specific policy on independence of compliance staff (including licensing staff), in addition to its code of conduct requirements. Such a policy could, for example, establish a mechanism (such as an interests register) for recording those types of ongoing interests that can commonly cause a conflict of interest and for updating it regularly. It could also provide avenues for training and advice, and provide a mechanism for handling complaints or breaches of the policy. Such a policy would better protect staff decisions against allegations of bias. Bias means the possibility that the decision-maker might unfairly regard, with favour or disfavour, the case of a party to the issue under consideration. The Department gave us a copy of Guidelines of Expected Behaviours for Gambling Compliance Group Staff that it produced in August 2004, but these guidelines have not yet been finalised or implemented.

Recommendation 16
We recommend that the Department of Internal Affairs enhance its management of compliance staff independence risks so gamblers, the Department of Internal Affairs, its staff, and the non-casino gaming machine industry are better protected from these risks.

Limited review and update

Given the limited time the Act has been in place and the limited compliance outcome monitoring, we did not expect the Department to have extensively reviewed its policies and procedures. We found this to be the case. Some important documentation was finalised and some was still being finalised after our audit. We note that the Department updated the audit checklist for the 2006/07 year.

The Department's audit checklist and manual will need updating when EMS is fully operational.

While the Department has limited quantitative information on its results, it is seeking feedback from some stakeholders about their perceptions of its performance. We understand that this information is being used to inform the Department's ongoing strategic development.

For each of the last three years, the Department has commissioned a survey of the wider gambling sector. One of the purposes of the survey is to assess the perceived effectiveness of the Department's activities. The feedback identified consultation, consistency of training for the sector, and timeliness as perceived issues. The feedback we received from the sector while conducting our audit included positive feedback on the Department's newsletter Gambits.

The Department also conducted a "Gaps Analysis" in June 2006 of perceptions and experiences with different sections of its Gambling Compliance Unit. The external view of the unit was that it behaves as an enforcer, and is heavy handed and process driven.

As noted earlier, the Department has a complaints procedure. The information gained from complaints is a potential form of monitoring of the Department's practices.

Training and resourcing

With the exception of the licensing function, the Department's compliance managers we spoke with did not identify resourcing as a barrier to undertaking their compliance functions.

The documentation available on operator and venue costs has been described earlier in this Part. This documentation and a "buddying" arrangement are the main means of training support available to new gambling inspectors. Compliance staff also have access to departmental legal advice for specific queries that arise during compliance work.

1: Report by the Comptroller and Auditor-General (2000), The Gaming Board: Better Regulation, London: The Stationery Office.

2: AS/NZS 4360: Risk Management (2004).

3: Section 45A of the Public Finance Act 1989 requires a statement of service performance to describe each class of outputs supplied by the Department and the standards of delivery performance for each class of outputs.

page top