Accounts management

The management of accounts in a public sector organisation includes functions such as accounts payable and accounts receivable as well as the general use and maintenance of the agency's financial accounts. 

The need for employees to access agency funds to perform official functions can increase the possibility of misuse, and makes the identification and management of corruption risks in this activity extremely important. False invoicing, for example, is one of the most common types of fraud.

The improper management of accounts can constitute corrupt conduct as defined by the Independent Commission Against Corruption Act 1988

Corruption risks

A risk assessment of accounts management in a public sector agency may identify some or all of the following corruption risks:

  • An employee manipulating the system to make payments to a non-existent supplier, and indirectly to their own account.
  • An employee colluding with a supplier to produce an invoice price that is higher than necessary.
  • An employee approving invoices of their private expenses or colluding to do so for others.
  • An employee creating a false payment instruction.
  • An employee submitting a false travel or petty cash claim and receiving a benefit to which he or she is not entitled.
  • An employee purchasing goods through the system for private use.
  • An employee stealing incoming cash and cheques through an account set up to look like a bona fide payee.
  • Managers inflating balance sheet asset values to cover up poor performance or corruption.
  • A supplier and an employee colluding to arrange kickbacks for the biased selection of the supplier.
  • A provider/contractor providing false invoices resulting in the payment for goods not received.
  • A provider/contractor providing a forged cheque for payment.

Managing corruption risks

As a minimum your agency should:

  • Introduce policy and procedures for accounts management that contain elements listed in the Policy Development Guide and Checklist (see Tips and tools below).
  • Include in the policy sanctions for any breach of the policy and procedures. 
  • Review the policy every two years.
  • Train all relevant employees in the policy and procedures to ensure they are aware of their responsibilities.
  • Include accounts management as a risk to be assessed in the agency's internal audit and corruption risk management processes.
  • Ensure that employees recruited to work in accounts are appropriately vetted and trained.

Risk management strategies

Following your risk assessment of accounts management you should consider these risk management strategies:  

  • Ensuring that there are appropriate supervision and approval processes for accounts management.
  • Ensuring delegating limits are specified and complied with so that there are appropriate approvals in place for each level of spending.
  • Validating invoices with supporting documentation such as requisitions and purchase orders to help ensure that all payments are for legitimate goods and services.
  • Segregating duties between the officer who incurs expenditure and the officer who authorises payment to ensure controls over purchasing.
  • Ensuring regular, accurate capture and reconciliation of all transactions to decrease the risk that inappropriate transactions occur.
  • Frequently spot checking transactions to identify anomalies.
  • Establishing an internal audit regime to regularly check transactions for authenticity.
  • Controlling electronic payments with passwords and regular audits, and using secure emails and websites.
  • Monitoring and reviewing by a finance committee, or equivalent, of the monthly financial performance, budgets and budget transfers, allocations, financing of projects and significant financial transactions to monitor accounts and identify anomalies.
  • Where possible, limiting the number of cost centres and accounts in the general ledger, so that the accounting system is clear and straightforward enough to be able to track payments.

Case studies

Case study 1: Fake invoices

In 2006 the ICAC found a public sector operations manager had colluded with a supplier to set up schemes that resulted in the supplier receiving payments he was not entitled to in exchange for payments back to the operations manager.

The operations manager and the supplier were longstanding friends. The manager was able to use his senior position to circumvent proper process and benefit himself and his friend.

The ICAC's recommendations included implementing exception reports of electronic accounts to apply to all transactions, including random audits to check paperwork related to procurement, providing training in financial processes, and including a regular and random audit to check that invoices were sent to all external parties for which the agency did work.

Case study 2: Theft of leftover funds

In 1999 the Commission found that a local departmental client manager acted corruptly with regard to the bank account of a regional development board (a ministerial committee), for which the manager acted as executive officer. 

It was found that the officer withdrew substantial sums of money from this account, at least $70,000 for the benefit of himself and his family between 1991 and 1997 after the board was disbanded. The report noted that the lack of oversight and supervision by the former chairman of the board contributed to the officer's ability to defraud the board.

In its report the Commission recommended that when agencies are abolished, appropriate controls should be put in place to wind up programs and their funding arrangements, that internal audit pay particular attention to the expenditure of small, regional offices, and that proper performance and financial reporting should be a condition of grants for boards.


Frequently asked questions

As an accounts payable officer, I am not sure I would be able to identify a potentially false invoice. Do you have any advice?

Depending on your accounting system, a first step would be to ensure that all invoices have relevant purchase orders that match. You should also check that the relevant goods or services were provided.

Warning signs for false invoices are that they are copies or faxes rather than mailed originals, their date does not match the date when the purchase order was raised or the goods delivered, the relevant identifying number (eg. the order number) is not provided or is incorrect, and that the organisation has not provided a street address on the invoice.

Accounts officers are often asked by people within an area that used a service provider to make an exception, for instance to pay on a faxed copy. It is difficult to know what to do when they are the ones who know what the purchase is, and when they are in a more senior position. What do you advise? 

 This can be difficult, particularly if the person putting pressure on you is senior to you. Having clear, standard procedures that apply to the whole organisation can help, and you may refer the person to these to explain why you cannot do as they ask. You may also wish to refer them to your supervisor to discuss the issue. 

If you continue to feel uncertain, worried or pressured, you may be able to contact an internal advice/reporting hotline for help.

I work for a really small organisation.  Should we also have these things in place? 

Small agencies need to observe the same principles in accounts management as larger agencies.  Some small agencies do this by getting external assistance or support to manage their accounts, although there are risks to consider in doing this.  If you are concerned your agency is not properly managing its accounts you should seek external advice on how best to do this – see the list of suggested websites.



  • AS8000: Corporate Governance, Standards Australia
  • Statement of Best Practice: Internal Control and Internal Audit, NSW Treasury, June 1995
  • Risk Management and Internal Controls Toolkit, NSW Treasury, September 1997
  • Treasurer's Directions, NSW Treasury.

Relevant ICAC investigations

Relevant websites


Public Finance and Audit Act 1983 (NSW)


Related topics on the ICAC website