Cashless Debit Card to be Scrapped

Background

1. The Australian Government introduced the Cashless Debit Card (CDC) Trial, later known as the CDC program, in 2016.

2. Under the CDC program, a portion of a participant’s income support payment is allocated to a restricted bank account, accessed by a debit card (the CDC). The CDC does not allow cash withdrawals; or purchase of alcohol, gambling or cash-like products. The objective of the CDC program is to assist people receiving income support to better manage their finances and encourage socially responsible behaviour.

3. The CDC is enabled under the Social Security (Administration) Act 1999. The Department of Social Services (DSS) and Services Australia are responsible for the CDC program. There are two card providers: Indue Ltd (Indue) and the Traditional Credit Union (TCU).

4. The CDC program has been implemented in Ceduna in South Australia; the East Kimberley region in Western Australia; the Goldfields region in Western Australia; the Bundaberg, Hervey Bay, and Cape York regions in Queensland; and the Northern Territory.

Rationale for undertaking the audit

5. Auditor-General Report No.1 2018–19 The Implementation and Performance of the Cashless Debit Card Trial found that while DSS largely established appropriate arrangements to implement the CDC Trial, its approach to monitoring and evaluation was inadequate. It was therefore difficult to conclude if the CDC Trial was effective in achieving its objective of reducing social harm and whether the card was a lower cost welfare quarantining approach compared to other components of Income Management such as the BasicsCard.

6. The report made six recommendations relating to risk management, procurement, contract management, performance monitoring, cost–benefit analysis, post-implementation reviews and evaluation.

7. This follow-on audit provides the Parliament with assurance as to whether:

• DSS has addressed the agreed 2018–19 Auditor-General recommendations;
• DSS’ management of the extended CDC program is effective; and
• the extended CDC program was suitably informed by a second impact evaluation of the CDC Trial.

Audit objective and criteria

8. The objective of the audit was to examine the effectiveness of DSS’ administration of the Cashless Debit Card program, including implementation of the recommendations made in Auditor-General Report No.1 2018–19, The Implementation and Performance of the Cashless Debit Card Trial.

9. To form a conclusion against the audit objective, the following criteria were applied:

• Do DSS and Services Australia have effective risk management, procurement and contract management processes in place for the CDC program?
• Has DSS implemented effective performance measurement and monitoring processes for the CDC program?
• Was the expansion of the CDC program informed by findings and lessons learned from an effective evaluation, cost–benefit analysis and post-implementation review of the CDC Trial?

Conclusion

10. DSS’ administrative oversight of the CDC program is largely effective, however, DSS has not demonstrated that the CDC program is meeting its intended objectives. DSS implemented the recommendations from Auditor-General Report No.1 2018–19 relating to risk management, procurement and contract management, partly implemented the recommendations relating to performance monitoring, and did not effectively implement the recommendations relating to cost-benefit analysis, post-implementation review and evaluation.

11. DSS and Services Australia have effective risk management processes in place for the CDC program, although DSS has not yet developed a risk-based compliance framework. DSS’ limited tender procurement processes were undertaken in accordance with Commonwealth Procurement Rules, however DSS’ due diligence over its procurement of the Traditional Credit Union could have been more thorough. Contract management arrangements with the card providers are effective. A service level agreement between DSS and Services Australia was finalised in April 2022. Recommendations from Auditor-General Report No.1 2018–19 relating to risk management, procurement and contract management were implemented.

12. Internal performance measurement and monitoring processes for the CDC program are not effective. Monitoring data exists, but it is not used to provide a clear view of program performance due to limited performance measures and no targets. DSS established external performance measures for the CDC program. These were found to be related to DSS’ purpose and key activities, but one performance indicator was not fully measurable. External public performance reporting was accurate. Recommendations from Auditor-General Report No.1 2018–19 relating to performance measurement and monitoring were partly implemented.

13. The CDC program extension and expansion was not informed by an effective second impact evaluation, cost–benefit analysis or post-implementation review. Although DSS evaluated the CDC Trial, a second impact evaluation was delivered late in the implementation of the CDC program, had similar methodological limitations to the first impact evaluation and was not independently reviewed. A cost–benefit analysis and post-implementation review on the CDC program were undertaken but not used. The recommendations from Auditor-General Report No.1 2018–19 relating to evaluation, cost–benefit analysis and post-implementation review were not effectively implemented.

Supporting findings

Risk management, procurement and contract management

14. There are fit-for-purpose risk management approaches in place in DSS and Services Australia for the CDC program although there is no risk-based compliance strategy. Risks are identified and treatments are established. DSS’ CDC risk management processes are aligned with the DSS enterprise risk framework. Services Australia has appropriate risk documentation and processes in place. Documentation of shared risk between DSS and Services Australia is developing. (Paragraphs 2.4 to 2.37)

15. The limited tender procurements for the extension and expansion of CDC services and for an additional card issuer in the Northern Territory were undertaken in a manner that is consistent with the Commonwealth Procurement Rules. Procurement processes, procurement decisions and conflict of interest declarations were documented. The conduct of procurements through limited tender was justified in reference to appropriate provisions within the Commonwealth Procurement Rules. The procurement of Indue for expanded card services was largely effective. A value for money assessment for one of the Indue procurements was not fully completed. The procurement of a second card provider (TCU) was meant to be informed by a scoping study. The scoping study, which was contracted to TCU, did not fully inform the subsequent limited tender procurement. There was limited due diligence into TCU’s ability to deliver the services. A value for money assessment was conducted during contract negotiations. (Paragraphs 2.38 to 2.67)

16. There are appropriate contract management and service delivery oversight arrangements in place for the CDC program. Effective contract management plans are in place for the contracts with the card providers. Documentation supporting the monitoring of Indue service delivery risk could be more regularly reviewed. In April 2022, DSS and Services Australia finalised a CDC service level agreement. This was established late in the relationship, which commenced in 2016. (Paragraphs 2.68 to 2.90)

Performance measurement and reporting

17. Reports of internal performance measures are not produced as required under the CDC data monitoring strategy. There are a number of data reports provided to and considered by DSS on a regular basis. These reports include some performance measures and no performance targets, and provide limited insight into program performance or impact. DSS has not implemented the recommendation from Auditor-General Report No.1 2018–19 that it fully utilise all available data to measure performance. (Paragraphs 3.5 to 3.19)

18. In 2020–21, DSS developed two external performance indicators for the CDC program. An ANAO audit of DSS’ 2020–21 Annual Performance Statement found that the two indicators were directly related to a key activity (the CDC program), that one of the performance indicators was measurable, and part of the second indicator was not measurable because it was not verifiable and was at risk of bias. A minor finding was raised. DSS reports annually against the two CDC performance measures. (Paragraphs 3.22 to 3.32)

Evaluation, cost–benefit analysis and post-implementation review

19. DSS’ management of the second impact evaluation of the CDC Trial was ineffective. Results from a second impact evaluation were delivered 18 months after the original agreed timeframe and there is limited evidence the evaluation informed policy development. The commissioned design of the second impact evaluation did not require the evaluators to address the methodological limitations that had been identified in the first impact evaluation. DSS did not undertake a legislated review of the evaluation. (Paragraphs 4.7 to 4.49)

20. A cost–benefit analysis and post-implementation review were undertaken on the CDC. Due to significant delays and methodological limitations, this work has not clearly informed the extension of the CDC or its expansion to other regions. (Paragraphs 4.50 to 4.73)

Recommendations