Dirty dealings: Suddenly, corruption is an issue in Australia’s technology sector

It’s something which nobody wants to talk about, but which everybody knows is going on. A number of very high profile cases have starkly demonstrated over the past several years that dishonest and unethical behaviour in some cases extending as far as corrupt practice is on the rise in Australia’s technology sector.

I want to be very clear at the outset of this article that not all of the conduct which will be described herein will constitute corrupt conduct. The word ‘corruption’ is not one which should be thrown around lightly, and it’s also not a concept which is easily definable. Different people have different standards for professional conduct, and there are also a thousand graduations of behaviour on a scale from “a person of complete integrity” to “corrupt”. We’re all on that scale somewhere, but very few of us are 100 percent on the right end.

However, what I do want to demonstrate in this article is that numerous examples of behaviour have arisen in Australia’s technology sector over the past several years that could clearly be described as being “unethical” or “dishonest”, and that if those cases had not been exposed and the behaviour curtailed, they could have easily led to definitively corrupt behaviour by the individuals involved. We’re talking about evidence pointing to a trend here, with the examples that are publicly known serving to give a flavour for cases that surely exist but have not been exposed.

Then too, if you look at credible definitions of corruption, what you’ll find is that the definition of the term is extremely broad.

The New South Wales Independent Commission Against Corruption, which has recently garnered an incredible level of attention nationally through its move to expose the corrupt practices of several NSW politicians, defines corruption as “deliberate or intentional wrongdoing, not negligence or a mistake”.

Some of the examples given by the Commission, which solely deals with corruption in the NSW public sector, include cases where a public official improperly uses, or tries to improperly use, the knowledge, power or resources of their position for personal gain or the advantage of others; where a public official acts dishonestly or unfairly, or breaches public trust; or where a member of the public influences, or tries to influence, a public official to use his or her position in a way that is dishonest, biased or breaches public trust.

A few specific examples given by the Commission demonstrates just how many diverse situations this definition would cover.

For example, a local councillor voting in favour of a development in which the councillor has an undisclosed financial interest may be corrupt; as may be a member of the public bribing an official to pass a driver’s licence test, or a former public official selling confidential information gained while working in an official capacity.

The Western Australian Corruption and Crime Commission, which has similarly investigated politicians in that state, defines corruption much more simply, listing its duties as investigating “misconduct”, which occurs when “a public officer abuses their authority for personal gain, causes detriment to another person, or acts contrary to the public interest”. “Corruption is included in the most serious form of misconduct,” the Commission’s website states.

If we take this concept and extend it to the private sector, we come up with a definition of corruption which looks a lot like the idea that someone is acting unprofessionally and using their position in a way that will unfairly benefit some individual or organisation.

The most public examples of corruption in Australia’s technology sector are pretty clear cut and fit this definition precisely.

For example, in October 2012, as probably the most high-profile of its nature, the NSW Independent Commission Against Corruption found an IT manager at the University of Sydney to have engaged in corrupt conduct, by using a recruitment firm that employed his wife and which later operated through a company in which he and his wife had a financial interest, to recruit contractors and staff for the university. The IT manager also employed a close friend and separately, his brother in law, to work for Sydney University.

The key issue was that the IT manager did not disclose his financial interest in the recruitment business. All in all, the activity, which took place between 2006 and 2010, netted the recruitment firm some $1.5 million.

Another example recently publicised by the NSW ICAC was similarly clear cut. It detailed how several technology security firms worked corruply with public officials for several NSW authorities such as the University of Western Sydney, the Art Gallery of New South Wales and others. In that case, for example, the Commission noted that a public official accepted a $13,000 gift from a private contractor, as a reward for helping them win a contract. Other amounts of money ranging from $20,000 to $27,500 also changed hands.

These cases are pretty much textbook examples of what an ordinary person probably thinks of when they think of the term “corruption”. In short: Mates unfairly hiring mates and passing off work to a company they have a financial interest in; public officials taking bribes for helping companies win contracts, and inside information being passed around during supposedly secure procurement processes.

And there’s also no danger in publicly labelling the individuals in these cases as being “corrupt”, given the public ruling which ICAC has made in these examples.

However, perhaps more troubling than these individual cases, especially given the small scale of the offences described, is what they illustrate about the IT sector as a whole, and its susceptibility to corrupt practice. ICAC made a point of noting, in its media release publicising the second case, that the IT sector was at risk of corrupt practices creeping in. It wrote:

“The Commission has found that procurement processes for the provision of highly specialised security and IT services pose serious corruption risks and has made 11 corruption prevention recommendations. These include that NSW government agencies ensure that overall responsibility for identified tasks associated with the selection of security integrators is maintained in-house, and that agencies explore alternatives to relying exclusively on the advice of specialist consultants when selecting security integrators through a competitive process.

NSW government agencies embarking on new large-scale security projects should also adopt a rigorous product selection process, and should ban employees directly involved in procurement activities from accepting any gifts, benefits and hospitality from potential and existing contractors and consultants.”

If you consider this statement in the light of a number of recent high-profile examples in Australia’s technology sector, they start to sound like warning bells.

Take this audit published by Victoria’s Ombudsman in October 2012 into Victorian IT shared services agency CenITex, established in 2008 through the merger of several similar agencies to provide IT shared services to various departments and agencies within the Victorian State Government. You can download the full document online in PDF format.

The Ombudsman kicked off the investigation into the troubled agency in September 2011, after it was approached by a whistleblower alleging improper conduct at CenITex with respect to the company’s contracting processes. Around the same time, The Age newspaper in Melbourne reported that Victoria Police had been asked to investigate similar allegations at the agency.

Ombudsman George Brouwer didn’t explicitly label the conduct he exposed in CenITex’s procurement practices as being “corrupt”. However, he did write that his office had discovered “numerous breaches” of government procurement guidelines at CenITex. In total, he wrote, companies and their contractors were awarded significant contracts totalling up to $4 million without competitive processes to evaluate different suppliers. “In one instance,” the report states, “a competitive process was ostensibly conducted, but in reality it was a sham.”

Brouwer added: “In some instances, nepotism and favouritism influenced procurement and recruitment practices. Often, the companies or contractors were chosen because they were associates or friends of other contractors already working at CenITex. Some appointments were made on the basis of fabricated or false documentation. Some engagements were initiated or overseen by individuals within CenITex who had a clear conflict of interest and stood to gain financially from the transactions. Such conflicts were often not declared, or declared late, inadequately or misleadingly. Even conflicts that were declared were ill-managed by CenITex. This led to opportunities for improper conduct.”

Is this corruption? Certainly the behaviour described sounds precisely the same as the behaviour of the IT manager at Sydney University. And the amounts involved were actually quite a bit more — $4 million in total. At the very least you could say that the activity was grossly unethical.

In his report, the Ombudsman wrote that most of the issues identified in the report took place in CenITex’s so-called Efficient Technology Services (ETS) program, which was set up to deliver complex, high-level projects, such as developing a whole of government network, helpdesk and hosting environment for the Victorian public sector. The ETS division was separated from CenITex’s ‘business as usual’ segment, whose job was to provide and maintain an ICT infrastructure for CenITex’s existing customers – being other departments within the Victorian Government.

Eventually, the Ombudsman wrote, the ETS program was wound down in June 2012, and a number of the individuals mentioned in the report (not by name) were dismissed, had their contracts terminated or resigned.

Now, there’s no doubt that the Ombudsman’s actions in exposing the unethical situation at CenITex was laudable, and there have been substantial implications for both the individuals involved, as well as CenITex as a whole. The report no doubt substantially contributed to the drastically overhauled future model for the agency, which is being forcibly moved away from providing IT services directly to government departments and pushed into more of a broker role in administering services outsourced to the private sector.

However, consider for a second a few salient facts. Firstly, although the unethical behaviour within CenITex was widespread and the amounts involved not insignificant, it doesn’t appear that much in the way of actual police action, or the kind of public naming and shaming which anti-corruption commissions practice, took place in this case. Most of the individuals and external organisations involved were never named and are very likely still working in Australia’s IT industry today.

Then too, one wonders whether it was only CenITex where these sorts of practices took place over the past half-decade within the Victorian Government. If this sort of thing was happening in one agency, so the thinking goes, isn’t it reasonable to assume that similar practices were happening in others?

In fact, it is. Although nowhere near the scale of the CenITex behaviour, and I certainly would not describe the examples given as being corrupt, the Victorian Police’s IT procurement unit has also been reprimanded for unethical practice in major IT contracts. Back in 2009 the Victorian Ombudsman blasted the force’s IT management for what it described as its “disregard for proper procurement and contract management”. And similar allegations were made with respect to IT management at NSW transport agency RailCorp back in 2009, although it is unclear what came of them.

But it’s not just New South Wales and Victoria where this kind of activity has taken place in recent memory.

The Queensland Government’s formal inquiry into the payroll systems upgrade debacle at Queensland Health also found damning allegations of procurement impropriety in the appointment of IBM as prime contractor for the initiative, and has concluded that Big Blue should never have won the contract in the first place.

Much of the inquiry’s report, published in August this year, focused on the activities of a former IBM staff member who was appointed by the Queensland Government to assist with appointing a prime contractor to take over the Queensland Health payroll systems upgrade. The report noted that the individual concerned displayed “a distinct partiality for IBM” and bias in its favour during the procurement process, with Burns providing IBM with information during the process which was not given to others involved in the procurement process, such as Accenture, SAP and Logica.

There was no evidence that the individual had received any kickbacks from IBM for the favouritism, the report found, but added it would be “naive” to believe that IBM did not realise that the executive “was behaving extraordinarily for a man charged with the responsibility of investigating a very substantial government IT program and guiding the procurement process for a contractor to take it over”.

There was, however, a suggestion in the report that IBM’s financial bid for the contract, which was a key factor in it being selected, may have been “fixed”, using information which IBM received about how much the Queensland Government had available to it for the project, and the former IBM staffer’s understanding that other bureaucrats involved in the purchasing process would not welcome a bid too far above that amount. The report found that, had it not been for IBM’s low bid, it would not have been appointed to the contract.

In addition, the report also explicitly found that current IBM staff had acted unethically and in breach of IBM’s own business conduct guidelines during the procurement process, misuing competitors’ confidential information and endeavouring to gain access to its rivals’ information.

The consequences, of course, for the project as a whole, were disastrous, with the project as a whole ballooning in cost to an estimated $1.2 billion to be completed and tens of thousands of public servants in Queensland’s hospitals going without pay or being overpaid for extended periods. And while there is no doubt that much of the blame for the failure of the project must go to the Queensland Government bureaucrats overseeing it, IBM must also take its share of the blame.

The company is suffering as a result, with Queensland Premier Campbell Newman in August this year outright banning Big Blue from signing new contracts with the state’s many departments and agencies as a result.

But for the purposes of this article, what is important to note that, although it does not appear that the staff involved in the Queensland Health payroll disaster — both within IBM and working for the State Government — were corrupt, it does certainly appear that there was unethical behaviour taking place in the procurement process for a major contract.

Then too, it’s not just the public sector which is suffering these kinds of problems.

The Age newspaper reported last week that managers and staff from two Leighton Holdings subsidiaries — Silcar and Visionstream — unethically collaborated during the procurement process for a major bid to deploy the 4G/LTE mobile network of Australia’s number two telco Optus. The two companies were ostensibly competing for the deal, which ended up being won by Visionstream for a value of $240 million (PDF) and announced in September this year, however the Age wrote that insiders from Visionstream, were suspected of assisting Silcar staff to steal tender files from Visionstream in an effort to better inform the Silcar bid for the contract.

Both firms issued a similar statement to Delimiter this week on the issue. It noted that at the time of the alleged unethical behaviour, Silcar was not a full subsidiary of Leighton, being a joint venture between Leighton subsidiary Thiess and German technology multinational Siemens. Thiess fully bought out Silcar in July this year.

“Upon taking full ownership, an audit revealed questions about whether Visionstream’s bid information for the Cortez project was inappropriately in the possession of Silcar employees,” the statement read. “Visionstream and Silcar separately conducted further investigations and, separately, immediately stood down staff apparently involved.”

“Silcar withdrew from the bid process. Visionstream and Silcar separately obtained legal advice. Visionstream and Silcar each separately determined that there was no collusion and that it was not a matter that required referral to the ACCC. Once they had concluded their investigations, Visionstream and Silcar notified the client. Visionstream confirmed to the client that it had not received any information about Silcar’s bid. The
client concluded that there was no requirement for Visionstream to withdraw from the bid process.”

Leighton further noted that the situation was reviewed by Leighton’s Ethics and Compliance Committee, which endorsed the manner in which the matter was dealt with by management.

“Consistent with principles outlined in its Code of Business Conduct, Leighton Holdings, its companies and its employees are contractually required to maintain confidentiality of information and not to breach obligations under the competition laws,” the company said. “Leighton Holdings condemns any form of illegal behaviour and, in the event that any individuals associated with Leighton Holdings behave improperly, we take appropriate action. In this case, the employment of the individuals was terminated. Leighton Holdings takes bid confidentiality seriously and adheres to strict information barrier protocols.”

If you look at all of these examples, what we see is a clear trend. While not all of them can be described as demonstrating technically “corrupt” behaviour, in general it is easy to see that in each case, unethical behaviour was being practiced by either government or private sector employees during the procurement process for major contracts.

And we’re not just talking about peanuts here. In each case, the amounts involved ranged into the millions of dollars, and in the most extreme cases — particularly the Silcar/Visionstream case — hundreds of millions of dollars worth of extremely lucrative contracts were involved.

There are also wider implications to be taken from these cases. If you examine the government agencies involved — from Queensland Health to CenITex — and the private corporations involved — from Silcar to Visionstream to IBM — what becomes apparent is that these organisations have an ongoing requirment to sign major contracts and that they will need to maintain constant vigilance to ensure their own internal ethical standards are followed and not breached by rogue operators within their own ranks.

So is there something intrinsic to the process of signing major technology contracts which makes it more susceptible to unethical practice?

The NSW Independent Commission Against Corruption certainly appears to believe so. In August this year, the agency released a whitepaper on this specific issue, arguing that the highly technical nature of the IT industry meant that there was a heavy dependence on specialist IT firms in major IT projects. The Commission added:

“As innovation and skill specialisation increase on a project, the traditional methods of project control are rendered less effective. As projects become more innovative in nature – “blue sky” projects – the basic project controls of budget, specifications, timeframe, cost and measurement of deliverables can become elastic. The more innovative the project, the more difficult it is to work out what technical design and deliverables are needed or even possible, how long the project might take or cost, if it has not been done before, and realistically what deliverables can be accepted as the best possible outcome. It is not surprising that the IT area is littered with cost blowouts, delays and projects that fail to meet expectations.”

“They can gain control of intellectual property (IP), making the organisation dependent on a single contractor for servicing and upgrades. Contractors may engage additional sub-contractors of lower skill, but bill them to the organisation at full price. Contractors and employees may own recruitment firms in secret through which contractors are sourced, or may have associates in the industry to whom work is directed. Position descriptions can be enhanced to include superfluous skills for a position in order to extract higher contract rates.”

In short, what we’re seeing here is that the IT industry has the motivation to engage in unethical practices in major IT contracts, because of the vast sums of money involved. It has the opportunity, because the controls around such contracts weaken due to the inherently innovative nature of the projects. And often there are a small number of individuals or firms with specialist knowledge that can actually do the work. Couple this with the historically poor project governance we’ve so often seen in the IT industry in Australia, particularly in the public sector, and bingo: You’ve got unethical practices potentially leading towards out and out corruption.

What’s to be done about the situation? That’s a lengthy topic for another article. But, as in so many areas in life, the first step is awareness. What I’ve attempted to demonstrate through this article is that unethical practice potentially leading to corruption is a problem right now for Australia’s technology sector. That may come as a wake-up call to many. Look around you. Could you state that your workplace was a bastion of integrity? Because I’m sure, like most, you’ll find examples where things could be done more ethically than they were. As I said before, everyone is somewhere in the middle on that line from pure to tainted. The question of where precisely your workplace sits in that measure may just determine whether your organisation as a whole ends up being called out in public for its actions or not.