We use cookies to analyse traffic and to improve your browsing experience on our website. To find out more, read our privacy policy.

News Join our team Contact us
About the OAIC

Our corporate information

  • On this page

Untitled Document

Published: 29 February 2024

Statement from Agency Head

Introduction

1 The APS Code of Conduct (the Code) sets out the behavioural standards expected of APS employees. The Code is set out in section 13 of the Public Service Act 1999 (PS Act). The PS Act requires the head of each agency to establish procedures for determining whether an employee has breached the Code and what sanction, if any, is to be imposed if a breach is found.

Application of procedures

2 These procedures apply when determining whether a person who is an APS employee in the Office of the Australian Information Commissioner (OAIC), or who is a former APS employee who was employed in the OAIC at the time of the suspected misconduct, has breached the Code.

3 These procedures also apply when determining any sanction to be imposed on an employee in the OAIC who has been found to have breached the Code.

4 In these procedures, a reference to a breach of the Code includes conduct that occurred before the relevant employee was engaged as an employee that is taken to constitute a breach of the Code pursuant to subsection 15(2A) of the PS Act.

Initial Decision-Maker

5 A suspected breach of the Code may be identified in a number of ways, including through a complaint or report by a staff member or external person.

6 As soon as practical after a suspected breach of the Code is identified, the matter should be brought to the attention of Chief Operating Officer or the Assistant Commissioner, Corporate or, if that is not appropriate, the Deputy Commissioner.

7 Suspected breaches of the Code do not need to be dealt with under these procedures. However, if a suspected breach of the Code is not dealt with under these procedures, the sanctions outlined under section 15 of the PS Act cannot be imposed against the employee even if the breach of the Code is established. As such, it will generally be appropriate for a suspected breach of the Code to be dealt with under these procedures if one or more of the sanctions outlined under section 15 of the PS Act may be warranted if the suspected breach of the Code is established.

8 An Initial Decision-Maker will determine whether a suspected breach of the Code should be dealt with under these procedures or if another approach is appropriate. The Initial Decision-Maker will be any of the following positions:

  • Assistant Commissioner, Corporate
  • Chief Operating Officer
  • Deputy Commissioner
  • Accountable Authority

Determining how to deal with a suspected breach

9 To determine whether a suspected breach of the Code should be dealt with under these procedures, the Initial Decision-Maker may need to undertake an initial information gathering process to understand the nature of the alleged conduct that gives rise to the suspected breach of the Code. This may involve the Initial Decision-Maker speaking with relevant persons (such as an employee’s manager) or obtaining documents (such as emails).

10 The initial information gathering process does not need to establish whether the alleged conduct occurred and should only be undertaken to the extent necessary to enable the Initial Decision-Maker to make an informed decision about how the matter should be handled.

11 In order to determine a suitable and proportionate response to the suspected breach, the Initial Decision-Maker should consider the nature and seriousness of the concerns raised. Generally speaking, the more serious the alleged behaviour or the greater its potential impact on the public confidence in the  APS, the more likely it is that the suspected breach should be dealt with under  these procedures.

12 The  factors the Initial Decision-Maker should consider when determining how to deal  with a suspected breach of the Code include:

  1. the seniority of the employee – considerations  may include:
    1. the more senior the employee, the greater the  impact their behaviour can have on the public confidence in the integrity of  the APS;
    2. senior employees are expected to exercise a  greater degree of judgement and are held to higher standards of accountability  given their position of trust;
  2. the employee’s role – considerations may include:
    1. if the conduct, if proven, would reasonably call into questions the employee’s ability to perform their current duties including specific expectations, job requirements or ethical standards that apply to the role;
  3. the nature and extent of the conduct – considerations may include:
    1. whether a specific incident appears to form part of a pattern of behaviour or concerns about similar behaviour have previously been raised with the employee;
    2. whether the employee has shown, through their behaviour, that they are unlikely to respond constructively to administrative action;
    3. the greater the extent to which the conduct appears to fall outside expected standards of behaviour, the more likely it is to undermine public confidence in the APS.

13 If the Initial Decision-Maker requires advice on whether a suspected breach of the Code should be dealt with under these procedures or another approach is more appropriate, they may contact one of the other Initial Decision-Makers or the Australian Public Service Commission’s Ethics Advisory Service to discuss the matter. The initial decision maker may also seek external legal advice.

14 If the Initial Decision-Maker determines to deal with a suspected breach of the Code other than under these procedures, the Initial Decision-Maker will determine what approach should be taken. Potential approaches include, for example, an investigation, counselling, mediation between employees, or the provision of further training.

15 The Initial Decision-Maker should record their determination about how this matter should be handled in writing and provide reasons for their decision.

16 In performing their role, the Initial Decision-Maker should have regard to any relevant standards and guidance issued by the Australian Public Service Commissioner, including the Handling misconduct: a human resource manager’s guide published by the Australian Public Service Commissioner. The Initial Decision-Maker should consider Chapter 4 of the Handling misconduct: a human resource manager’s guide when dealing with conduct that may relate to both a suspected breach of the Code and a circumstance where the employee may not be demonstrating effective performance.

Dealing with suspected breaches by SES employees

17 SES employees have additional obligations under the PS Act to promote the APS Values, the APS Employment Principles and compliance with the Code by personal example and other appropriate means.

18 When dealing with a suspected breach of the Code by an SES employee, these additional obligations should be considered as well as the greater impact of the conduct of SES employees on the public confidence in the APS.

19 Once a decision has been made to deal with any suspected SES conduct formally under this policy, the Initial Decision-Maker will be the Information Commissioner or their delegate. The Information Commissioner or their delegate must consult with the APS Commissioner regarding the process for determining whether the employee has breached the Code before deciding how to proceed. [1]

20 If a decision is made to deal with a suspected breach of the Code by an SES employee under these procedures and after the Information Commissioner or their delegate has consulted with the APS Commissioner:

  1. the Breach Decision-Maker will be the Deputy Commissioner or, if that is not appropriate, the Chief Operating Officer or Assistant Commissioner Corporate, unless there is a conflict or that is not appropriate, whereby an external SES officer from another APS agency nominated by the APS Commissioner will undertake the role;
  2. the Breach Decision-Maker must engage an external investigator to investigate the alleged breach; and
  3. the Sanction Delegate will be the Accountable Authority, Deputy Commissioner, Chief Operating Officer or Assistant Commissioner Corporate, providing such position did not undertake the role of Breach Decision-Maker or, if there is a conflict or that is not appropriate, an SES officer from another APS agency nominated by the APS Commissioner will undertake the role.

21 If an SES employee is found to have breached the Code and a sanction is being considered, the Information Commissioner or their delegate must consult with the APS Commissioner regarding the proposed sanction before it is imposed.

The process

The process map for Procedures for Managing Suspected Breaches of the APS Code of Conduct

Breach Decision-Maker

22 Where the Initial Decision-Maker decides to initiate an inquiry under these procedures, they will select an independent person to determine in writing whether a breach of the Code has occurred (the Breach Decision-Maker).

Sanction Delegate

23The person who is to decide what, if any, sanction is to be imposed on an APS employee who is found to have breached the Code must be the Information Commissioner or hold a delegation of the powers under the PS Act to impose sanctions under section 15 of the PS Act (the Sanction Delegate).

Independence

24The Breach Decision-Maker and the Sanction Delegate must be, and must appear to a reasonable person to be, independent and unbiased.

25The Breach Decision-Maker and the Sanction Delegate must advise the Initial Decision-Maker in writing if they consider that they may not be independent and unbiased, or if they consider that they may reasonably be perceived not to be independent and unbiased; for example, if they are a witness in the matter.

Suspension and temporary reassignment of duties

26 A decision to temporarily re-assign duties or to suspend an employee suspected of breaching the Code may be made at any time prior to or during the process of determining whether a breach has occurred and what (if any) sanction(s) may be imposed.

27 Decisions regarding suspension and temporary re-assignment of duties must be made by the Information Commissioner or their delegate (Suspension Delegate).

28 An employee may be suspended, with or without remuneration, where the Suspension Delegate has formed a view on reasonable grounds that:

  1. the employee may have breached the Code; and
  2. the suspension is in the public or the OAIC’s interest.

29 An employee will not be suspended without remuneration for more than 30 days unless exceptional circumstances apply.

30 An employee will usually be advised of the reasons for a proposed suspension or temporary reassignment of duties and given an opportunity to comment before the action is taken. If urgent circumstances necessitate the suspension or reassignment to be actioned without notifying the employee, then as soon as practicable the employee will be given notice of the reasons for the decision and provided with an opportunity to make a submission if they consider the decision should be varied or set aside.

31 The suspension of an employee will be reviewed by the Suspension Delegate at reasonable intervals.

32 The suspension of an employee will immediately come to an end where a sanction is imposed for a breach of the Code, or the Suspension Delegate no longer believes on reasonable grounds that:

  1. the employee may have breached the Code; or
  2. the suspension is in the public or the OAIC’s interest.

Investigation process

33 The role of the Breach Decision-Maker is to determine in writing whether a breach of the Code has occurred.

34 The process for determining whether a person has breached the Code must be carried out with as little formality, and as much expedition, as a proper consideration of the matter allows. The process must be consistent with the principles of procedural fairness.

35 The Breach Decision-Maker may undertake an investigation themselves or seek the assistance of an investigator. The investigator may be an OAIC employee or an external investigator. The investigator may investigate the alleged breach, gather evidence and make a report of recommended factual findings to the Breach Decision-Maker and provide any other assistance requested by the Breach Decision-Maker.

36 As soon as practicable after the Breach Decision-Maker has been selected, the Breach Decision-Maker will inform the employee suspected of breaching the Code in writing that a formal investigation will be commenced. However, in some circumstances preliminary inquiries may need to be made before the employee is notified or, in exceptional circumstances, a substantive investigation may need to be undertaken before a notification is made.

37 Where there are incomplete or insufficient details of the suspected misconduct at the outset of an investigation, the notification letter to the employee will:

  1. provide a general description of the suspected misconduct to be investigated;
  2. inform the employee that they will be provided further detail about the allegations as the investigation progresses;
  3. confirm that the employee will be given an opportunity to comment on the allegations once details of the allegations have been provided before a draft finding is made as to whether the Code has been breached; and
  4. advise the employee that while they are generally bound to answer fair and reasonable questions about their conduct as an employee, they cannot be lawfully directed to answer questions which may incriminate them in relation to a criminal offence or expose them to a finding of a breach, including a possible sanction for that breach.

38 If the details of the allegations, suspected Code breaches or the investigation in general change over the course of the investigation, the employee will be informed of the changes in writing and invited to make a further statement if necessary.

39 A determination may not be made in relation to a suspected breach of the Code by a person unless reasonable steps have been taken to:

  1. inform the person, in writing, of:
    1. the details of the suspected breach of the Code (including any subsequent variation of those details); and
    2. the sanctions that may be imposed on them under section 15 of the PS Act; and
  2. give the person reasonable opportunity to make a statement in relation to the suspected breach or provide further evidence in relation to the suspected breach, within seven calendar days or any longer period that is allowed.

40 The statement may be provided in writing or verbally and should be provided within seven calendar days or any longer period that is allowed by the Breach Decision-Maker.

41 The Breach Decision-Maker (or the investigator assisting the Breach Decision-Maker, if any) may agree to a request made by the person who is suspected of breaching the Code to have a support person present in a meeting or interview they conduct. The Breach Decision-Maker should make clear that the support person cannot act as a representative for the employee.

42 A person who does not make a statement in relation to the suspected breach of the Code is not, for that reason alone, to be taken to have admitted to committing the suspected breach.

43 If the investigation into suspected breach of the Code is undertaken by an investigator, the Breach Decision-Maker should remain actively involved in the investigation process by reviewing the investigation records to ensure correct procedures have been followed. The Breach Decision-Maker must be satisfied that the investigation has been undertaken in a way that allows a fair, balanced and conscientious decision in relation to the suspected breach to be made.

44 During the course of the investigation, the Breach Decision-Maker may form the view that no breach of the Code has occurred or there is insufficient evidence to find that a breach of the Code has occurred. If the evidence obtained during the investigation does not support a finding of a breach of the Code, the Breach Decision-Maker may determine not to progress the investigation or may make a determination that the employee has not breached the Code. The Breach Decision-Maker must record their determination in writing with reasons for the decision and inform the employee of the outcome in writing.

Determining a breach

45 Where the investigation is undertaken by an investigator, the Breach Decision-Maker may request the investigator provide a recommendation as to whether it should be determined that there has been a breach of the Code. However, the Breach Decision-Maker is not obliged to agree with the investigator’s recommendation and must make their own determination as to whether the Code has been breached.

46 Findings in relation to suspected breaches of the Code must be determined on the balance of probabilities. This means that the Breach Decision-Maker must be satisfied on the evidence that it is “more likely than not” that the breach of the Code occurred. However, in the case of serious suspected breaches of the Code, a higher level of proof is required when determining on the balance of probabilities whether the breach has occurred given the adverse consequences for the employee.

47 The Breach Decision-Maker should refer to the ‘Guidelines for determining suspected breaches of the APS Code of Conduct and sanction’ for guidance on how to determine whether or not a breach of the Code has occurred.

48 The Breach Decision-Maker must provide the relevant employee with a preliminary written decision regarding whether the Code has been breached. The preliminary decision must specify the relevant elements of the Code and provide a summary of the basis for the decision. The preliminary decision should include:

  1. a summary of the evidence obtained by the investigator and any other sources of information and evidence relied upon;
  2. an analysis of the evidence, noting where the investigator’s analysis and recommendations are accepted;
  3. the key findings of fact, including where credibility of investigation participants is taken into account; and
  4. the preliminary decision as to whether a breach of the Code has occurred and if so, which elements of the Code have been breached.

49 The Breach Decision-Maker must provide the employee with the opportunity to comment on the preliminary decision regarding the suspected Code breaches before a final decision is made. The Breach Decision-Maker will:

  1. provide the employee with a copy of the investigator’s report and the Breach Decision-Maker’s preliminary decision record;
  2. provide the name of the Sanction Delegate and outline the range of possible sanction(s); and
  3. invite the employee to provide a response to the preliminary decision within seven calendar days.

50 Once any response from the employee has been received and considered, the Breach Decision-Maker will make a final decision regarding the suspected breaches of the Code. The employee will be informed of the final decision in writing and their rights of review.

Sanctions

51 The Sanction Delegate’s role will commence after a determination is made that an APS employee has breached the Code. The role of the Sanction Delegate is to determine in writing what, if any, sanction or sanctions should be imposed on an APS employee for a breach of the Code.

52 The process for imposing a sanction must be consistent with the principles of procedural fairness.

53 In determining the appropriate sanction or sanctions, if any, the following factors should be considered by the Sanction Delegate:

  1. the nature and seriousness of the breach;
  2. any mitigating factors;
  3. the degree of relevance to the employee’s duties and the reputation of the APS;
  4. the likelihood of reoccurrence; and
  5. the effect of the proposed sanction(s) on the offender.

54 A finding that the employee has breached the Code on previous occasions may be considered by the Sanction Delegate when determining sanction(s).

55 The Sanction Delegate may impose one or more of the following sanctions where an employee is found to have breached the Code:

  1. termination of employment;
  2. reduction in classification;
  3. re-assignment of duties;
  4. reduction in salary;
  5. deductions from salary, by way of fine, of no more than 2% of an employee's annual salary;
  6. a reprimand.

56 The Sanction Delegate should refer to the ‘Guidelines for determining suspected breaches of the APS Code of Conduct and sanction’ for guidance on how to determine whether a sanction should be imposed and if so, the sanction(s) that are appropriate and proportionate in the circumstances.

57 If a determination is made that an APS employee has breached the Code, a sanction may not be imposed on the employee unless reasonable steps have been taken to:

  1. inform the employee of:
    1. the determination that has been made;
    2. the sanction or sanctions that are under consideration; and
    3. the factors that are under consideration in determining any sanction to be imposed; and
  2. give the employee a reasonable opportunity to make a statement in relation to the sanction or sanctions under consideration.

58 A written or verbal statement may be made in relation to any sanction under consideration within seven calendar days, or any longer period that is allowed by the Sanction Delegate.

59 The Sanction Delegate may agree to a request made by the person determined to have breached the Code to have a support person when making an oral statement. The Sanction Delegate should make clear that the support person cannot act as a representative.

60 After any statement is provided by the employee in relation to the proposed sanction or sanctions, the Sanction Delegate will decide whether to proceed with imposing the proposed sanction or sanctions.

61 The Sanction Delegate may also decide to impose no sanction.

62 Once a final decision is made, the Sanction Delegate will inform the employee in writing of the decision and provide reasons for the decision.

63 Sanctions may not be imposed on former employees.

Record of determination and sanction

64 If a determination in relation to a suspected breach of the Code is made, a written record must be made of:

  1. the suspected breach;
  2. the determination;
  3. any sanction or sanctions imposed as a result of a determination that the employee has breached the Code; and
  4. if a statement of reasons was given to the employee in relation to the determination and/or the sanction decision — that statement of reasons.

65 Records relating to misconduct should not be placed on the employee’s personal file but kept on a separate misconduct file and held in secure storage.

Advice to complainants

66 Advice to complainants about the outcomes of investigations into suspected breaches of the Code will be consistent with the requirements of the Privacy Act and any applicable guidance from the Australian Public Service Commission.

Moving to a different agency or resignation

67 This section applies if:

  1. an ongoing APS employee in the OAIC is suspected of having breached the Code;
  2. the employee has been informed of the details of the suspected breach;
  3. the matter to which the suspected breach relates has not yet been resolved; and
  4. a decision has been made that, apart from this clause, would result in the employee moving to another Agency (including on promotion) under section 26 of the PS Act.

68 Movement between agencies (including on promotion) for employees suspected of a breach of the Code will not take effect until the matter is resolved, unless agreed by the respective Agency Heads.

69 Resolution is by:

  1. a determination being made as to whether or not the APS employee has breached the Code; or
  2. a decision that a determination is not necessary.

70 Should the Agency Heads agree to a move prior to the resolution of a suspected breach of the Code, the receiving agency may continue an investigation, determine whether or not the APS employee has breached the Code and/or impose a sanction based on the former agency’s investigation.

71 Where an employee resigns during the course of an investigation, the Information Commissioner or delegate may choose, depending on the circumstances, to discontinue or continue the process to determine whether or not the APS employee has breached the Code.

Review rights

72 Non-SES employees who have been found to have breached the Code and who wish to challenge either the determination that a breach has occurred or the sanction imposed (except in the case of termination) may lodge an application for review. Making an application for review does not stay the action.

73 An application for review of a determination that an employee has breached the Code or a sanction imposed as a result of the breach must be made to the Merit Protection Commissioner. The application must be made within 60 days of the determination that the employee has breached the Code or a sanction is imposed.

74 An employee who has been dismissed may have remedies under the Fair Work Act 2009 or other Commonwealth laws.

Criminal matters

75 Where an employee has been charged with a criminal offence (including in relation to activity occurring in a person’s private life), the Initial Decision-Maker may decide that it is appropriate to investigate the matter as a possible breach of the Code.

References

Public Service Act 1999

Public Service Regulations 2023

[1}Australian Public Service Commissioner’s Directions 2022

APS Values and Code of Conduct in Practice

Australian Public Service Commission, Handling misconduct: a human resource manager’s guide

OAIC logo
Contact us 1300 363 992

Monday to Thursday 10 am to 4 pm (AEST/AEDT)

Acknowledgement of Country

The OAIC acknowledges Traditional Custodians of Country across Australia and their continuing connection to land, waters and communities. We pay our respect to First Nations people, cultures and Elders past and present.

© Commonwealth of Australia