❓ A WA parliamentary question sought information on whether government agencies under the Treasurer's portfolio were victims of scams and what measures were in place to prevent future occurrences. All agencies reported no losses and detailed their preventative measures.
AnsweredQoN 5850Legislative Assembly
Asked
14 September 2016
Member
Portfolio
Treasurer; Minister for Energy; Citizenship and Multicultural Interests
QuestionView source ↗
I refer to the online news article published by the ABC online on 17 August 2016 in relation to scammers stealing $500,000 from West Australian businesses over the past two years as reported by the Department of Consumer Protection, and I ask: (a) have any WA Government agencies within the Minister’s
portfolio of responsibility fallen victim to these scams over the past two
years; (b) if
so which agencies have been impacted; (c) for each agency impacted, what was the nature of, and the
dollar amount lost in connection to each scam; (d) have
criminal charges been laid against any persons or entities in connection to
these scams; and (e) what
measures have you taken to ensure that public funds are not lost to scammers
via WA Government agencies?
portfolio of responsibility fallen victim to these scams over the past two
years; (b) if
so which agencies have been impacted; (c) for each agency impacted, what was the nature of, and the
dollar amount lost in connection to each scam; (d) have
criminal charges been laid against any persons or entities in connection to
these scams; and (e) what
measures have you taken to ensure that public funds are not lost to scammers
via WA Government agencies?
AnswerView source ↗
Answered
18 October 2016
Response time
34 days
Department of Treasury
(a) No.
(b-d) Not applicable.
(e) The Department of Treasury has a number of controls in place to reduce the risk that public funds are lost to scammers, including:
In addition, the Department of Treasury’s Internal Audit function conducts audits of the above mentioned controls in its periodic Accounts Payable audit.
Economic Regulation Authority
(a) No.
(b-d) Not applicable.
(e) 1. Implemented a policy of ignoring suspicious phishing e-mails, letters and false claim for payment of invoices.
2. Circulation of relevant Stay Smart Online Alerts and tips from the Federal Government.
3. Have a strict policy within our Financial Management Information System on the authorisation of payments and releasing funds from the bank.
Government Employees Superannuation Board
(a) No.
(b-d) Not applicable.
(e) All material outsourced service providers provide GESB with regular updates on their cyber risk and fraud controls and management. GESB officers regularly attend industry association seminars highlighting cyber risks and criminal practice. GESB staff members are briefed on these proceedings to maintain their awareness of these issues.
Horizon Power
(a) No.
(b-d) Not applicable.
(e) Horizon have adopted a defence in depth approach and have implemented the following technical and process controls:
• Antivirus end point protection on all desktop/laptops/servers.
• Intrusion Detection Systems deployed with 24/7, 365-day monitoring for suspicious behaviour.
• Firewalls implemented on all network segments to only allow authorised traffic.
• SPAM filtering implemented to detect and block fraudulent emails.
• Regular patching of all production systems within 30 days of patch releases.
• Internal finance process which require multiple authorisation gates before funds are released.
• Internal awareness sessions conducted to ensure staff are aware of scammer techniques.
• Regular emails to all of staff warning about scammer techniques and what not to do, particularly management of email.
Independent Market Operator
(a) No.
(b-d) Not applicable.
(e) The Independent Market Operator has robust and well-established procurement and accounts payable processes.
Insurance Commission of Western Australia
(a) No.
(b-d) Not applicable.
(e) Regular advice to staff to create awareness of potential scams, specific notice to staff when potential scams are identified and appropriate IT security and controls in place to minimise potential scams occurring. Also, processes and controls in the Finance Division have been continually enhanced to authenticate the validity of bank account change notifications for Insurance Commission creditors.
Office of Multicultural Interests
(a) No.
(b-d) Not applicable.
(e) The Department of Local Government and Communities has controls in place when supplier requests for change of details are received.
Office of the Auditor General
(a) No.
(b-d) Not applicable.
(e) The Office of the Auditor General has payment and supplier master file controls in place that have been reviewed by the Office’s internal and external auditors.
Public Utilities Office
(a) No.
(b-d) Not applicable.
(e) The Department has a verification process in place for all external requests involving public funds. All updates to financial information requested or provided by external parties are verified before use.
Synergy
(a) No.
(b-d) Not applicable.
(e) Synergy’s procurement function implements robust and system-based invoice and payment approval processes company wide.
Western Australian Treasury Corporation
(a) No.
(b-d) Not Applicable.
(c) All Western Australian Treasury Corporation employees have previously been made aware of these scams and reminded of the responsibility to adhere to and maintain established internal controls.
Western Power
(a) No.
(b-d) Not applicable.
(e) The security and control measures employed within WP includes the following:
• corporate policies, associated guidelines and standards, including;
• business processes and procedures
• reporting
• system controls, financial authorities
• audits
(a) No.
(b-d) Not applicable.
(e) The Department of Treasury has a number of controls in place to reduce the risk that public funds are lost to scammers, including:
In addition, the Department of Treasury’s Internal Audit function conducts audits of the above mentioned controls in its periodic Accounts Payable audit.
Economic Regulation Authority
(a) No.
(b-d) Not applicable.
(e) 1. Implemented a policy of ignoring suspicious phishing e-mails, letters and false claim for payment of invoices.
2. Circulation of relevant Stay Smart Online Alerts and tips from the Federal Government.
3. Have a strict policy within our Financial Management Information System on the authorisation of payments and releasing funds from the bank.
Government Employees Superannuation Board
(a) No.
(b-d) Not applicable.
(e) All material outsourced service providers provide GESB with regular updates on their cyber risk and fraud controls and management. GESB officers regularly attend industry association seminars highlighting cyber risks and criminal practice. GESB staff members are briefed on these proceedings to maintain their awareness of these issues.
Horizon Power
(a) No.
(b-d) Not applicable.
(e) Horizon have adopted a defence in depth approach and have implemented the following technical and process controls:
• Antivirus end point protection on all desktop/laptops/servers.
• Intrusion Detection Systems deployed with 24/7, 365-day monitoring for suspicious behaviour.
• Firewalls implemented on all network segments to only allow authorised traffic.
• SPAM filtering implemented to detect and block fraudulent emails.
• Regular patching of all production systems within 30 days of patch releases.
• Internal finance process which require multiple authorisation gates before funds are released.
• Internal awareness sessions conducted to ensure staff are aware of scammer techniques.
• Regular emails to all of staff warning about scammer techniques and what not to do, particularly management of email.
Independent Market Operator
(a) No.
(b-d) Not applicable.
(e) The Independent Market Operator has robust and well-established procurement and accounts payable processes.
Insurance Commission of Western Australia
(a) No.
(b-d) Not applicable.
(e) Regular advice to staff to create awareness of potential scams, specific notice to staff when potential scams are identified and appropriate IT security and controls in place to minimise potential scams occurring. Also, processes and controls in the Finance Division have been continually enhanced to authenticate the validity of bank account change notifications for Insurance Commission creditors.
Office of Multicultural Interests
(a) No.
(b-d) Not applicable.
(e) The Department of Local Government and Communities has controls in place when supplier requests for change of details are received.
Office of the Auditor General
(a) No.
(b-d) Not applicable.
(e) The Office of the Auditor General has payment and supplier master file controls in place that have been reviewed by the Office’s internal and external auditors.
Public Utilities Office
(a) No.
(b-d) Not applicable.
(e) The Department has a verification process in place for all external requests involving public funds. All updates to financial information requested or provided by external parties are verified before use.
Synergy
(a) No.
(b-d) Not applicable.
(e) Synergy’s procurement function implements robust and system-based invoice and payment approval processes company wide.
Western Australian Treasury Corporation
(a) No.
(b-d) Not Applicable.
(c) All Western Australian Treasury Corporation employees have previously been made aware of these scams and reminded of the responsibility to adhere to and maintain established internal controls.
Western Power
(a) No.
(b-d) Not applicable.
(e) The security and control measures employed within WP includes the following:
• corporate policies, associated guidelines and standards, including;
• business processes and procedures
• reporting
• system controls, financial authorities
• audits
Explore WA Government Data
Search the full archive in the free dashboard, or query programmatically via API.
Explore more
Government Gazette
Appointments, regulatory notices, planning changes.
Hansard
Debates, questions, speeches and sentiment.
Tabled Papers
Reports and documents tabled in Parliament.
Committees
Committee profiles and recent reports.
Regulations
Subsidiary legislation with filters and summaries.
Bills
Proposed laws and parliamentary progress.
Acts
Current WA legislation and summaries.
Explanatory Memoranda
Bills with EMs (text/PDF) available.
Members
MP profiles, party breakdown and rankings.
Pollie Rankings
Data-driven rankings across 19 categories.
Amendment Chains
Track how schemes and regulations evolve over time.