Fraud, Money Laundering, Bribery & Corruption Control Policy

This policy is also available as a downloadable PDF.

Fraud, Money Laundering, Bribery and Corruption (FMLB&C) have the potential to damage the reputation of the Institute and stakeholders that it represents and has relationships with. Accordingly, the Institute has adopted zero tolerance to FMLB&C and is committed to minimising the incidence of FMLB&C through the development, implementation and regular review of prevention, detection and control strategies. Each strategy contributes to an environment where risk is managed, through sound internal controls, and ethical practices. This Control Policy reflects the commitment of the Institute to effective risk management. It also requires the commitment, cooperation and involvement of all personnel in preventing, detecting and responding to all allegations of FMLB&C.

The policy covers all Burnet employees in the course of their work and persons representing Burnet, which includes:

• members of the Burnet Board;
• all Burnet employees, including: managers and supervisors; full-time, part-time or casual, temporary or permanent staff; job candidates; student placements;
• contractors, sub-contractors; suppliers and volunteers; Burnet honorary staff and associates;
• supporters, donors and other participants on field visits organised by Burnet; Overseas partner organisations (where Burnet staff are placed); and
• partner organisations (engaged in overseas activities with Burnet programs).

Bribery means the offering, promising, giving, requesting or accepting; of a payment, inducement, reward or anything of value; for an act or omission which is illegal, unethical or a violation of our internal policies, which is given with the intention of obtaining or retaining business, or an advantage in the course of business, or with the intention that the recipient act improperly in some way.

Corruption is the misuse of office or power for private gain.

Fraud means dishonestly obtaining or attempting to obtain a benefit or advantage for any person or dishonestly causing or attempting to cause a loss to the Institute by deception or other means.

Money Laundering is defined as the process of concealing the origin, ownership and designation of illegally ordishonestly obtained money and hiding it within legitimate economic activities to make them appear legal.

The Instituteʼs attitude to FMLB&C

The Institute has a zero tolerance to FMLB&C. The Institute is committed to minimising the incidence ofFraud through the development, implementation and regular review of prevention, detection and control strategies. In addition to this Policy and where appropriate, and/or agreed, the Institute shall comply with external funding agencies policies as it applies to or involves the Institute.

The Instituteʼs approach to FMLB&C

The Institute will ensure that all personnel are aware of the Fraud reporting procedures and actively encouraged to report suspected FMLB&C through the appropriate channels. The Institute has adopted a clear framework and approach to Fraud and Money Laundering detection and prevention; the full details of which are included in this document. All information about suspected Money laundering and Fraudulent conduct will be collected, classified and handled appropriately having regard to privacy, confidentiality, legal professional privilege and the requirements of procedural fairness and natural justice. If fraud against the Institute is detected, the Chief Executive Officer (or delegate) will make all decisions on the appropriate communications protocol by nominating one person to be the authorised spokesperson. Any communications relating to a Fraud incident by a person other than the CEO authorised spokesperson will be unauthorised.

All Institute business activities must be conducted in full compliance with this Policy and all applicable Fraud, Money Laundering, anti-bribery and corruption laws including, but not limited to, the Commonwealth ofAustralia Criminal Code Act 1995, the UK Bribery Act 2010 and the US Foreign Corrupt Practices Act 1977. To the extent that laws and regulations in any countries in which Burnet operates are more rigorous or restrictive than this Policy, those laws and regulations should be followed. Where the Instituteʼs activities involve foreign jurisdictions and compliance with the fraud, bribery or corruption practices of that jurisdiction are compelled, contact the Burnet legal counsel for compliance actions:

• email: legalcounsel@burnet.edu.au.

Any instances or suspicion of fraudulent, bribery or corruption are to be immediately reported to the Chief Operating Officer:

• name: Mr Mark Tennent
• telephone: + 61 3 9282 2161
• email: mark.tennent@burnet.edu.au.

Expectations of Institute Personnel

• Institute personnel are expected to act in a professional and ethical manner, follow legal requirements, care for property, maintain and enhance the reputation of the Institute.
• Institute personnel are encouraged to remain vigilant to any suspected fraudulent behaviour that maybe occurring around them and are expected to fully cooperate with any investigations and the implementation of fraud control strategies.
• Institute personnel who become aware of suspected fraudulent conduct must report the matter in accordance with this Policy.
• Institute personnel must retain strict confidentiality on any Institute fraud incidents of which they have knowledge.
• Managers must uphold and monitor fraud control strategies within their area of responsibility. Any failure by Institute personnel to comply with this Policy may result in disciplinary action or the termination of consulting or other contracts.

All Personnel must read, understand and comply with this Policy. The prevention, detection and reporting of Fraud, Bribery and other forms of corruption are the responsibility of all those working for Burnet.All Personnel are required to avoid any activity that might lead to, or suggest, a breach of this Policy. You must notify your manager as soon as possible if you believe or suspect that a conflict with or breach of this Policy has occurred, or may occur in the future.

Institute personnel are expected to act in a professional and ethical manner, follow legal requirements, care for property, maintain and enhance the reputation of the Institute.Institute personnel are encouraged to remain vigilant to any suspected Fraudulent behaviour that may be occurring around them and are expected to fully cooperate with any investigations and the implementation of Fraud control strategies.

Personnel who breach this Policy will face disciplinary action, which could result in dismissal for gross misconduct. The Institute reserves the right to terminate its contractual relationship with other workers if they breach this Policy.

The table in Appendix A summarises the FMLB&C control responsibilities of all staff.

Examples of what constitutes Fraud

The following list, whilst not exhaustive, provides examples of the types of conduct that would be included within the Institute's definition of Fraud:

• Theft of property e.g. inventory, cash and equipment. Dishonestly falsifying invoices for goods or services.
• Knowingly making or using forged or falsified documents.
• Unlawful or unauthorised release of confidential information that is dishonest.
• Dishonestly obtaining or using property that belongs to the Institute.
• Dishonest use of intellectual property.
• Causing a loss to the Institute that is dishonest, or avoiding or creating a liability for the Institute by deception.
• Dishonestly using the Institute‘s computers, vehicles, telephones, credit cards, cab vouchers and other property or services.
• Fabrication, falsification or plagiarism of research or scholarly work.
• Dishonestly using purchase or order forms to gain a personal benefit.
• Receiving or giving kickbacks or secret commissions to or from third parties.
• Providing a reward or benefit to persons in public office or private employment in order to influence conduct that would result in that person violating an official duty of office such that the act constitutes bribery under either Australian or extra-territorial laws.
• Dishonestly assisting or enabling the unlawful or unauthorised transfer, use or allocation of Institute property and assets including moneys and/or funds held by or on trust for the Institute.
• Dishonestly using grant or research funds or sponsorships.

Examples of what constitutes Bribery

The following list, whilst not exhaustive, provides examples of the types of conduct that would be included within the Institute 's definition of Bribery.

Bribes can be given in many forms and do not necessarily involve payments of cash. A bribe could be anything of value, for example:

• Kickbacks: where a percentage from a contract is improperly returned to the person awarding that contract.
• Facilitation payments or "grease" payments: usually small, non-discretionary payments to government/public officials to speed up routine administrative processes.
• Inflated commissions: where higher than normal commissions are paid as a reward for improper behaviour.
• Political or charitable donations: can be used as bribes, e.g. making a donation to a political party in exchange for their support for legislation that is favourable to Burnet's business or to a charity which is used to funnel money to local government officials.
• Excessive or inappropriate entertainment: can be used to influence business contacts.
• Expensive gifts: can be given to influence the recipient.

It is an offence for companies or individuals to directly or indirectly bribe another person, receive a bribe or bribe a foreign government official.

To "indirectly bribe another person" involves offering or giving something of value to a third party acting on your behalf, knowing or intending that the third party will go on to bribe another. It is unlawful to offer a bribe, regardless of whether the offer is accepted or the benefit gained.

Under the UK Bribery Act, a company can be prosecuted for failing to prevent its employees, or any third party acting on the company's behalf, from paying bribes to obtain or retain business for the company, or a business advantage for the company.

Some countries have laws (e.g. the US FCPA and UK Bribery Act) which grant prosecutors authority to prosecute bribery and corruption offences whether the offence occurs within or outside their borders provided there is some link to the prosecuting jurisdiction.

Examples of what may constitute Money Laundering

The following list, whilst not exhaustive, provides examples of the types of conduct that would be included within the Institute's definition of Money Laundering:

• country offices may receive requests for unusual transactions, such as a request to pass funds through an office account, or to hold cash on behalf of a third party
• overseas programmes and partners may be subject to suspicious or unusual transactions
• donations which carry a restriction to a particular project as requested by particular individuals or organisations
• 0ffers of donations in cash, for a certain period of time, whereby the Institute is to receive the interest, but the principal is to be returned to the donor at the end of the specified period
• donations in foreign currencies, with the provision as above, but the principal to be returned to the donor in the form of an alternative currency cheque
• donors requesting unusual or over-specific restrictions on a gift, or requesting its return in whole or part.

Examples of what may constitute Corruption

The following list, whilst not exhaustive, provides examples of the types of conduct that would be included within the Institute's definition of Corruption:

• public servants demanding or taking money or favours in exchange for services
• politicians misusing public money or granting public jobs or contracts to their sponsors, friends and families
• corporations bribing officials to get lucrative deals.

The Instituteʼs FMLB&C Control framework aims to draw together its prevention and detection initiatives, and has three major components.

• Prevention: initiatives to deter and minimise the opportunities for Fraud, Bribery or Corruption.
• Detection: initiatives to detect Fraud, Bribery or Corruption as soon as possible after it occurs.
• Response: initiatives to deal with detected or suspected Fraud, Bribery or Corruption.

Prevention

To achieve its prevention objectives, the Institute will:

• identify FMLB&C risks and review and update this document every two years
• provide FMLB&C awareness training to those personnel who are considered to be in positions that require FMLB&C awareness training (Institute activities operating in identified high FMLB&C risk areas)
• ensure all personnel are aware of this Policy
• encourage and promote professional and ethical business practice
• aim to identify FMLB&C through regular review of the Instituteʼs operations (Internal Controls)
• clearly communicate how suspected instances of FMLB&C may be reported
• through the channels authorised in this Policy, investigate alleged or suspected instances of FMLB&C using qualified personnel and professionals with experience in investigation techniques
• take appropriate action to deal with actual, suspected or alleged FMLB&C, including by referral to legal and regulatory authorities
• use available avenues to recover money or property lost through Fraudulent activity.

Integrity framework

A fundamental strategy in controlling the risk of FMLB&C is the development and maintenance of a sound ethical culture, underpinned by effective and continuous communication and example-setting by management. The Instituteʼs attitude to ethical conduct is outlined in the Code of Conduct and also by the Instituteʼs commitment and compliance with ACFIDʼs (Australian Council for International Development) Code of Conduct.

FMLB&C control planning

To maintain better practice in its FMLB&C risk management practices, the Institute is committed to the following:

• consistent approaches across all activities of the Institute in Australia and International operations
• communication of management's strong commitment - to ensure there is regular communication to all personnel promoting compliance with this Policy and Procedures
• accessibility to this Policy: the Policy and Procedures will be made accessible to all personnel and will be available through the Instituteʼs intranet
• Regular review of this Policy: the Institute is committed to reviewing this Policy every two years to ensure that it remains up to date and relevant.

FMLB&C control responsibilities

The Chief Operating Officer (COO) is overall responsible for overseeing the development of FMLB&C control strategies. The COO is also the appointed FMLB&C Control Officer and is responsible for overseeing investigations of alleged FMLB&C. The COO is also the central point of contact for reporting alleged incidence of FMLB&C. As appropriate the COO may delegate his/her authority to relevant senior staff such as the Chief Financial Officer and Program managers.

FMLB&C awareness training

Generally, a significant proportion of FMLB&C goes undetected because personnel do not recognise the early warning signs of Fraudulent, Bribery and Corrupt activity or because they are unsure how, when and to whom they should report their suspicions. Accordingly, the Institute has incorporated FMLB&C awareness training to assist in raising the general level of awareness amongst its personnel.

An awareness of the risk of FMLB&C and relevant control techniques will be fostered by:

• ensuring this Policy awareness and training is a mandatory part of induction
• ensuring all personnel that are considered to be in positions requiring training attend FMLB&C awareness training
• ensuring updates and changes to FMLB&C related policies and procedures and other ethical pronouncements are effectively communicated across the Institute
• ensuring staff are aware of the ways in which they can report allegations or concerns regarding suspected FMLB&C or unethical conduct
• encouraging reports of suspected incidents of Fraud.

Training on this Policy forms part of the induction process for all new employees. All existing employees will receive regular, relevant training on how to implement and adhere to this Policy. Our zero-tolerance approach to FMLB&C must be communicated to all suppliers, contractors and business partners at the outset of our business relationship with them and as appropriate thereafter.

FMLB&C Risk assessment

The COO (or delegated officer) is responsible for monitoring the implementation of the risk assessment programs and reporting progress to the Governance, Audit & Risk Committee ("GAR") to ensure that all timetabled strategies are implemented in the time and manner prescribed.

To maximise the effectiveness of the risk assessment process, the assessment should:

• be completed by a prioritised sample (with notations of Low, Moderate, High and Very High risk areas)of the functional areas on a rotational basis
• include assessment at local levels by agreed self-assessment criteria
• be relevant and comprehensive covering, as far as possible, all potential FMLB&C risks
• comply with AS8001:2008 Fraud and Corruption Prevention
• separately consider inherent risk and internal control risk
• achieve a prioritisation of FMLB&C risks identified through a risk register.

The above is to be incorporated into the overall Risk Profile of the Institute that is maintained by the COO andCFO with regular review by the Governance, Audit & Risk Committee ("GAR").

Internal control

Internal controls are often the first line of defence against FMLB&C. The Institute will ensure the maintenanceof a strong internal control system and the promotion and monitoring of a robust internal control cultureincluding without limitation through the internal audit function.

The Institute will promote an internal control culture through a process of:

• example-setting by management
• regular communication of the importance of internal controls.

Pre-employment screening

Pre-employment screening is an effective means of preventing FMLB&C, such as falsifying qualifications or employment history. It can also identify previous criminal convictions for offences of dishonesty. The HRManager and Country Program Manager (as appropriate) should consider all appropriate checks having regard for any proposed appointment and the work area.

Detection

The Institute recognises that, despite a comprehensive approach to FMLB&C, it is possible that FMLB&C may occur. Accordingly the Institute has adopted a program aimed at detecting FMLB&C as soon as possible after it has occurred.

The key elements of this program may include:

• management accounting report reviews
• post-transaction reviews
• identification of early warning signs.

These FMLB&C detection principles apply to all operations of the Institute.

Management accounting reporting review

Using relatively straightforward techniques in analysing the Instituteʼs management accounting reports, trends can be examined and investigated which may be indicative of Fraudulent, Bribery and Corrupt conduct.

Management accounting reporting review

Using relatively straightforward techniques in analysing the Instituteʼs management accounting reports, trends can be examined and investigated which may be indicative of Fraudulent, Bribery and Corrupt conduct.

Some examples of the types of management accounting reports that can be utilised on a compare and contrast basis are:

• budget reports for each Working Group
• reports comparing expenditure against appropriate benchmarks
• reports highlighting unusual trends in bad or doubtful debts.

Post-transaction review

The Instituteʼs program of post-transaction reviews will identify a targeted sample of transactions for review with a particular focus on authorisation, adherence to guidelines on expenditure receipting, and missing documentation. This process will be conducted with direct reference to the findings of internal control reviews and risk assessments.

Identification of early warning signs

All personnel should be aware of their responsibility and are required to remain vigilant to identify and report any suspected Fraudulent, Bribery and Corrupt activity.

Possible indicators of FMLB&C include:

• overdue or delayed acquittals, reports, updates and responses
• lack of clarity
• not able to easily understand the processes and approvals of an organisation
• lack of understanding
• an organisation does not have policies, procedures or is unwilling to share them
• complaints regarding poor quality, work or service
• continued acceptance of poor quality goods or service
• unexplained or excessive delays in producing documents that should be readily available
• discrepancies in the documentation, for example, between the amounts claimed for payment and the amounts in the supporting documents, or between documents submitted by the contractor and independent persons
• the submission of copies when originals are required
• indications of changes to documents, such as backdating, erasures, white outs, or signatures that appear forged
• incomplete documentation
• unusual or inappropriate documents, e.g. unnumbered and handwritten invoices
• delays in billing clients for work rendered.

Reporting instances of FMLB&C

The Institute will ensure all Personnel are aware of the FMLB&C reporting procedures and actively encourage all Personnel to report suspected cases of FMLB&C through the appropriate channels.

It is important that all personnel tell the Chief Operating Officer as soon as possible if they are offered a bribe by a third party, are asked to make one, suspect that this may happen in the future, or believe that you are a victim of another form of unlawful activity.

Personnel who refuse to accept or offer a bribe, or those who raise concerns or report anotherʼs wrong doing, are sometimes worried about possible repercussions. The Institute aims to encourage openness and will support anyone who raises genuine concerns in good faith under this Policy, even if they turn out to be mistaken.

The Institute is committed to ensuring no one suffers any detrimental treatment as a result of refusing to take part in bribery or corruption, or because of reporting in good faith their suspicion that an actual or potential bribery or other corruption offence has taken place, or may take place in the future. However, if personnel have any concerns in relation to the direct reporting of an alleged bride, fraud or corrupt practice you can make use of the Instituteʼs independent Whistleblowing Service (see the Whistleblower Policy).

Institute personnel (country offices)

Institute staff working in-country who become aware of suspected Fraudulent, Bribery and Corrupt conduct are required to report the matter in accordance with this Policy. All personnel must be aware that they ar required to report immediately all suspected Fraudulent, Bribery and Corrupt incidents. Personnel are also required to maintain strict confidentiality on any suspected FMLB&C matter of which they have knowledge to enable an unfettered and thorough investigation of the allegations.

In the first instance, report the matter to their Country Representative/Country Program Manager or relevant line manager. If, for any reason, the staff member feels that reporting the incident through this channel would be inappropriate, he or she may report the matter directly to the Chief Operating Officer. Such reports may be made confidentially, if desired.

In the event of the allegation involving any of the above-mentioned positions, the matter should be referred directly to the Chief Executive Officer.

Any Country Representative or Line manager receiving a report of alleged FMLB&C must and immediately advise the Chief Operating Officer.The Country Program Manager must ensure that all report FMLB&C cases are advised to the Chief ExecutiveOfficer.

Contact details for the Chief Operating Officer are:

• Name: Mr Mark Tennent
• Telephone: + 61 3 9282 2161
• Email: mark.tennent@burnet.edu.au.

Institute personnel (Melbourne based)

Institute personnel who become aware of suspected Fraudulent, Bribery and Corrupt conduct are required to report the matter in accordance with this Policy. All personnel must be aware that they are required to report immediately.

The Institute has an obligation to the Australian Government to report all suspected Fraudulent, Bribery andCorrupt incidents within 5 days. Personnel are also required to maintain strict confidentiality on any suspected Fraudulent, Bribery and Corrupt matter of which they have knowledge to enable an unfettered and thorough investigation of the allegations.

In the first instance, report the matter to their Working Group Head or relevant line manager.

If, for any reason, the staff member feels that reporting the incident through this channel would be inappropriate, he or she may report the matter directly to the Chief Operation Officer who is the Instituteʼs appointed Fraud Control Officer.

Such reports may be made confidentially, if desired. However, if a staff member has any concerns in relation to the direct reporting of an alleged bride, fraud or corrupt practice, the staff member can make use of the Instituteʼs independent Whistleblowing Service (see Whistleblower-Policy.

The matter should be referred directly to the Whistleblowing Service in the event of the allegation involving any of the following positions:

• a Director
• an executive officer.

However, if the allegations are against the provider of the Whistleblowing Service, then the matter should be referred directly to the Chief Executive Officer. Any Working Group Head or other relevant line manager receiving a report of alleged FMLB&C must immediately advise the Chief Operating Officer.

Contact details for the Chief Operating Officer are:

• Name: Mr Mark Tennent
• Telephone: + 61 3 9282 2161
• Email: mark.tennent@burnet.edu.au.

By external parties

Members of the public, contractors and other stakeholders are encouraged to report any suspicions of FMLB&C direct to the Chief Operating Officer at the above contact details.

External audit

The Institute recognises that the external audit function has a role to play in the detection of FMLB&C given the responsibilities of auditors under ASA240 'The Auditors' Responsibility to Consider Fraud in an Audit of aFinancial Report'.

Internal audit

Internal Audit is an independent function that reports directly to the Governance, Audit & Risk Committee.They conduct better practice assurance activities, audits and assurance advisory services which assist in the development of efficient and effective systems of internal control, risk management and corporate governance.

The Board is responsible for the implementation and review of this Policy. The Executive through the COO is responsible for the implementation and review of this Policy.

• Delegations of Authority Policy

Appendix A: FMLB&C Control Responsibilities

The table below summarises the FMLB&C control responsibilities for staff, managers and committees.