Special reports

Special report on corrections

Currently more than 7000 people are held in custody in Victoria's publicly and privately managed prisons, overseen by Corrections Victoria, a business unit of the Department of Justice and Community Safety (DJCS). Many of these prisoners struggle with complex issues including mental health conditions, drug addiction and a history of trauma.

Corrections Victoria's primary purpose is to manage these prisoners and the corrections system in a way that keeps the Victorian community safe. Corrections Victoria is also responsible for the health and safety of prisoners and staff, prisoner rehabilitation to reduce reoffending, the building of a sustainable system, and delivering value for money for the Victorian community.

This work is occurring in a challenging environment. Victoria’s prison population grew by almost 80 per cent from 30 June 2010 to 30 June 2019, although the prison population decreased in the 12 months to 30 June 2020 due to impacts associated with the COVID-19 pandemic. To manage this growth, Victoria has increased the number and average size of prisons, recruited more corrections officers, and increased reliance on privately managed prisons.

These factors, coupled with the unique nature of prison environments, mean that the corrections sector faces significant corruption risks. These risks include excessive use of force, smuggling of contraband, inappropriate relationships and issues associated with the performance reporting of privately managed prisons.

In 2017, the Independent Broad-based Anti-corruption Commission (IBAC) issued a research report on corruption risks associated with the corrections sector. Since that report, IBAC has completed a number of investigations into allegations of corrupt conduct in corrections. This special report focuses on four of those investigations – Operations Rous, Caparra, Nisidia and Molara. However, IBAC considers that the corruption vulnerabilities and the conduct of concern highlighted in these investigations exist more broadly within the corrections sector.

  • IBAC publishes responses to our investigations to inform the community about actions agencies advise they are taking, and to share learnings that may help other agencies improve their systems and practices to prevent corruption and misconduct.

    Between July and December 2022, the Department of Justice and Community Safety (DJCS) provided IBAC with a series of updates on its work to implement recommendations 1 and 3 from the special report (recommendation 2 was not directed to DJCS). DJCS's response is outlined below.

    Recommendation 1

    That the Department of Justice and Community Safety and Corrections Victoria review and strengthen training, policies, systems and practices to address the corruption vulnerabilities identified in this report, including by ensuring:

    a. regular training is provided in relation to grooming behaviours to equip staff to identify and resist attempts to form inappropriate relationships with prisoners as well as prisoners’ family members, friends and associates

    Corrections Victoria's (CV) Learning and Development unit delivers training on professional boundaries (encompassing grooming) during Prison Officer pre-service training covering the following:

    • definition of professional boundaries and how it applies in the correctional environment
    • ability to identify how and why inappropriate officer/prisoner relationships develop and understand the consequences for both staff and prisoners
    • distinguish between boundary crossings and violations
    • note that boundary violations are serious breaches of the officer/prisoner relationship and involves the misuse of power or betrayal of trust between an officer and prisoner
    • strategies to deal with inappropriate prisoner behaviours
    • integrity risks and DJCS expectations
    • consequences of breaches and reporting requirements regarding professional boundaries and integrity risks
    • potential problem areas (relationships, friendships, familiarity, physical contact, personal gain etc)
    • need to be aware of grooming, unacceptable behaviour, comments, and actions
    • officers have a responsibility to manage professional relationships with prisoners
    • officers have a responsibility to report unethical behaviour including boundary crossings and violations at a local and departmental level.

    Prison Officer pre-service training (sometimes known as Squad training) also covers values and ethics, providing an overview of ethical decision-making, reporting requirements, and integrity expectations.

    On average, the CV Learning and Development unit delivers 35 sessions of this training each year.

    DJCS has continued to roll out department-wide integrity training and CV specific training on integrity, conflicts of interest, and declarable associations.

    DJCS's Integrity and Investigations (I&I) unit is developing a new Integrity Education and Communications Plan as part of the department’s broader Integrity Strategy. The plan sets out a strategic and coordinated approach to education and training across DJCS, supplementing core integrity training with customised education and communications packages for high-risk settings, including CV. This tailored content will include sessions focussing on professional boundaries that draw on real examples gathered from data and intelligence insights.

    CV is a focus of integrity training due to its high corruption vulnerabilities including in relation to grooming and professional boundary issues.

    I&I contributes integrity content to CV pre-service training on the importance of speaking up, integrity risks, conflicts of interest, and declarable association. Policies and processes are covered and framed in a corrections context including spotting red flags and working as a team to prevent integrity breaches.

    In addition, I&I delivers the following integrity training:

    • Integrity refresher training in CV including on creating a positive speak up culture
    • Integrity refresher training in high-risk regional locations, which can include CV staff
    • Leadership course with an integrity module
    • Three-hour Integrity in the Workplace module as part of CV leadership training that seeks to prepare prison officers, senior prison officers, and supervisors for higher duties with module also delivered at other locations as required.

    I&I works in partnership with CV Learning and Development and DJCS Learning and Development to deliver a multi-faceted approach to integrity training with a focus on areas of concern such as professional boundary issues.

    b. physical and technical security vulnerabilities that can allow corrupt conduct (including the smuggling of contraband) to continue undetected are addressed, including corrections officers failing to activate their body-worn cameras or interfering with body-worn camera recordings

    CV has invested in improved technology to address physical and technical security vulnerabilities that allow corrupt conduct (including the smuggling of contraband) to continue undetected.

    In 2020, CV procured and installed body-scanning technology at all walled correctional facilities, which includes millimetre wave and x-ray technology. This provides significantly increased detection capability.

    CV has undertaken a review of prisoner gatehouse practices and barrier control and an improvement project is underway. This will result in a governance structure for continuous improvement, ensure consistency in barrier control processes across CV, and ensure that staff are equipped with competency-based training and have ongoing support in using barrier control equipment.

    Policy updates to Commissioner's Requirement 1.4.7 Body Worn Cameras have seen the inclusion of the requirement that when an alarm or code is raised, control room staff will issue a reminder to staff to activate their body worn camera (BWC). It is also a requirement that Supervisors and Senior Prison Officers who carry cell keys at maximum-security prisons are expected to activate their BWC when attending cells after lockdown hours for non-routine matters.

    Through the random monthly use of force audits, CV's Operations Directorate note instances where BWCs should have been activated during a use of force incident and whether they were activated or not. In instances where a BWC was not activated (but should have been) this is referred back to the General Manager of the location for internal review and action as appropriate, which may include a reminder of conduct or formal action. These reviews have seen a decrease in non-compliance in recent months.

    The Security Emergency Services Group (SESG) has procured and recently received additional BWCs, which allows every operational member of the SESG to be issued a body worn camera to wear while on duty. These were issued on 29 June 2022. Previously there were only enough cameras to allow the operational supervisors to wear a camera whilst on duty. In addition, the use of BWCs in Victorian prisons has been expanded in Marngoneet Correctional Centre with the purchase of new cameras for use by their Emergency Response Group members.

    c. staff vetting is thorough and involves both an initial assessment and regular reviews so new risks are identified as they arise

    The relevant DJCS policy in relation to staff vetting is the Security and Safety Screening Guidelines and Related Policy. It sets out the security screening requirements for new and existing employees applying for positions based in prisons, youth custody centres or in roles with offender-facing requirements (frontline positions) at the department.

    As the principal government department administering the Victorian justice system, it is necessary that authorised delegates are made aware of the relevant criminal history of potential employees to minimise the risk of inappropriate appointments.

    Since the Special Report on Corrections was published in 2021, DJCS has been undertaking a significant program of work to improve its recruitment and probity processes, as outlined below.

    Security processes and policy updates

    • On 14 June 2021, new Fit2work processes were implemented.
    • Contractors are now included in DJCS's probity check processes (this function was previously undertaken by the contractors' agency).
    • Following a recent internal audit, processes have been strengthened to ensure reporting and escalation to management if security checks have not been completed within a timely manner.
    • Letters of offer/employment are not released or issued until satisfactory fit2work checks are received by the centralised team.
    • The DJCS Security and Safety Screening Guideline has been updated to reflect the fit2work processes.
    • The Criminal Record Check policy has also been updated to include security check requirements for Machinery of Government (MOG) movement into DJCS.
    • Creation and implementation of fit2work master tracker.


    • Refreshed the recruitment approvals process with the introduction of an approval validation process, a streamlined recruitment approval and advertising process, and an improved briefing spreadsheet to capture relevant data to streamline recruitment approvals and activity.
    • Enhanced the Recruitment Master Tracker to capture more relevant information and better support data for monthly and quarterly reports.
    • Developed and implemented a new Recruitment Process Guide and Hiring Manager Checklist to step out the end-to-end process for recruitment for Hiring Managers.
    • Improved the recruitment resources page on the intranet to increase user functionality and accessibility for all employees.
    • Designed and implemented new recruitment training programs Best Practice Recruitment and Selection and Recruitment Approvals 101.

    DJCS has formed a Working Group with representatives from the following areas to lead work to respond to Recommendation 1C:

    • People, Safety and Culture — owner of the relevant policy, Security Screening Guidelines and Related Policy
    • CVIU — responsible for conducting probity checks
    • CV Operations Directorate — leading action plan in relation to recommendations 8 and 9 about staff vetting in public and private prison from VO's Report on investigations into the use of force at the Metropolitan Remand Centre and the Melbourne Assessment Prison
    • I&I — leads departmental integrity reform and coordinates response to IBAC recommendations.

    The objectives of the Working Group are to consider and implement appropriate actions to:

    • strengthen and streamline probity processes in custodial environments and for high-risk roles
    • ensure probity checks occur throughout the course of employment at regular intervals
    • support a prevention and education function to ensure there is clear and widespread understanding amongst custodial staff that they will be subject to probity checks at the commencement and throughout their employment at DJCS
    • ensure responses to IBAC and VO recommendations about staff vetting align so there are consistent requirements for both public and private prisons
    • further review of the Security and Safety Screening Guidelines and Related Policy and implement any changes required.

    d. IBAC is provided with six-monthly progress reports on the development and implementation of the new drug testing regime to be rolled out in Victoria’s publicly managed prisons

    DJCS continues to provide IBAC with six-monthly progress reports on the development and implementation of the new drug testing regime.

    e. information systems are fully auditable and relevant staff are properly equipped to conduct regular and widespread database audits of employees’ system access to deter inappropriate access to and misuse of information

    DJCS is committed to strengthening its audit capability in relation to existing DJCS information systems (Centurion, PIMS and eJustice).

    This will include developing an analytics tool and business intelligence tool for random auditing, and focusing on prevention and education as part of DJCS's broader work to implement the Integrity Strategy.

    Development of an analytics tool

    I&I is currently working with the Victorian Centre for Data Insights (VCDI) to build an Artificial Intelligence analytics tool, which leverages DJCS's centralised data to identify potential unauthorised access to and misuse of CV systems and data (PIMS and e-Justice).

    This tool will draw on multiple databases including but not limited to:

    • database user activity
    • personnel data by work location, role, direct reports, and manager
    • misconduct history
    • declared associations
    • declared conflicts of interest
    • familial associations
    • intelligence drawn from open and closed sources.

    The objective is to identify entities, activity, or unauthorised access in a near-live or timely manner.

    Prevention and education

    Currently, misuse or disclosure of information is covered in CV pre-service training and I&I integrity education.

    Further work is required to communicate to all CV staff that:

    • All users of CV information systems are required to agree to the terms of use, which includes prohibiting the misuse or disclosure of information.
    • The Commissioner's Requirement (CR) 1.4.8 outlines that all CV staff are expected to maintain the confidentiality of sensitive, security and personal information relating to the operation of the correctional system, its employees, prisoners, and offenders.
    • CV staff working in public prisons are bound by the Victorian Public Sector (VPS) Code of Conduct, which requires them to act with integrity. This extends to the appropriate use of information systems.
    • Custodial staff working in private prisons must not misuse or disclose information otherwise they may be the subject of a referral of suspected corrupt conduct to IBAC under section 57(1) of the Independent Broad-based Anti-corruption Commission Act 2011 (IBAC Act) and their employer may have to notify the State of a probity event pursuant to relevant contractual arrangements with the State.
    • Any breach of the terms of use of information systems, CR 1.4.8, and/or Code of Conduct can result in suspected corrupt conduct being referred to IBAC and conduct being assessed or investigation as per the Management of Misconduct Policy under the VPS Enterprise Agreement 2020.

    f. obligations to identify, report and manage conflicts of interest and declarable associations are understood, and supervisors and senior officers understand their obligations to implement and monitor management plans

    As part of the implementation of its Integrity Strategy, DJCS is streamlining and strengthening both its conflicts of interest (COI) and declarable association processes.

    This work will centralise the collection and monitoring of these declarations and digitise processes. It will feed into broader communication and engagement work around key integrity messages around COIs and declarable associations, and focus on intelligence and detection.

    While this work is particularly important in corrections due to its high-risk profile, it will apply across DJCS as part of the department's critical integrity reform work.

    g. the risk of Service Delivery Outcomes data manipulation associated with privately managed prisons is reassessed and appropriate mitigation strategies put in place

    CV has a Contracts and Infrastructure Branch (CIB), which is responsible for the management of the private prison portfolio managing the contracts for:

    • Fulham Correctional Centre (FCC)
    • Port Phillip Prison (PPP)
    • Ravenhall Correctional Centre (RCC)
    • Prisoner Transport Services
    • Maribyrnong Residential Community Facility (MRCF).

    A dedicated Assistant Commissioner has been allocated to monitor the operational performance of the prisons alongside CIB. CIB aims to ensure private prisons comply with all requirements of CV and the State.

    The CIB Compliance and Performance Monitoring Framework is an integral part of CIB’s activity. The Compliance Framework is a rigorous compliance and validation schedule for each:

    • Service Delivery Outcome (SDO)
    • Key Performance Indicator (KPI)
    • Operating Instruction
    • Commissioner's Requirement (CR) applicable to all private prisons.

    The Compliance Framework has recently been revised to ensure that all operational procedures are appropriately carried out by the prison contractors in accordance with the level of Service Requirements defined in the Project Documents. Operating Instructions and CRs are validated by CIB according to risk ratings.

    Risk ratings for CRs are consistent across each private prison.

    Risk ratings for Operating Instructions are different across each private prison due to each location having different local operating procedures and management of the prison according to prisoner profile, layout, services, and other considerations.

    Risk ratings for CRs and Operating Instructions may change dependent on the frequency of issues identified by CIB when conducting validations and recurrence of any incidents which may have an impact.

    The CIB Compliance Framework validates and challenges the private contractor's self-reported performance and is based on criterion-specific assessment and competency-based methodology.

    CIB uses a systematic, structured, and formal methodology to determine the contractor's self-reporting and provide assurance to CV that payments claimed for services delivered are validated at a reasonable level and to the level expected by the State.

    Validations are conducted via sample assessment and analysis of the available information/data for each SDO and KPI and checked against the methodology document coordinated by CIB. Some SDOs and KPIs require validations from other subject matter experts in relation to areas such as education, health, or alcohol and other drug programs.

    Self-reported incident action plan items, and other data reported for monthly/quarterly validations are also physically checked on site at prison locations, such as urinalysis reports, master control logbooks, and other logbooks used in CRs and/or Operating Instructions.

    CIB consistently applies contractual mechanisms to manage private prison operators' poor performance and to identify any data manipulation. There is a KPI related to performance data, which ensures that private prison contractors provide the State with performance data that is accurate and easily accessible. Financial incentives are withheld if KPIs are not met. In addition to withholding payment, should private contractor staff be found deliberately manipulating data, this can be classified as either a Probity Event, or Professional Misconduct. Professional Misconduct is a Charge Event under the contracts and a financial penalty can be applied in conjunction with a Formal Notice if misconduct is found to have occurred.

    h. the new Integrity Strategy being developed by DJCS addresses the corrections-related corruption vulnerabilities identified in this report

    Integrity risk assessments are a key component of the Integrity Strategy and are being rolled out across all DJCS groups over 18 months.

    The risk assessment methodology comprises analysis of quantitative and qualitative data with a series of workshops with senior executives and subject matter experts to determine a group's particular integrity risk vulnerabilities. The analysis uses the DJCS Integrity Risk taxonomy that consists of the following core integrity risks:

    • misuse of information system
    • improper use or theft of assets
    • financial mismanagement
    • misuse of authority
    • circumventing of merit processes
    • duty failure and disrespectful behaviour
    • bullying and sexual harassment.

    Misuse of information, circumventing merit processes, and duty failure are relevant to the corruption vulnerabilities IBAC identified in its Special Report on Corrections.

    The assessments identify a baseline of current risk exposure for a specific group and a treatment plan is then developed to mitigate these risks. I&I will monitor the implementation of these plans and undertake periodic control effectiveness reviews.

    The schedule of integrity risk assessments has been determined according to the existing risk profile of groups and business units, with CV prioritised as a high risk-profile area to be completed in the coming months.

    i. corrections employees in Victorian prisons with responsibility for conducting internal investigations during or immediately after a prisoner-related incident are appropriately trained and supported.

    During and immediately following an incident, the Field Commander (usually fulfilled by a Prison Supervisor) is responsible for coordinating the response to an incident, investigating the circumstances, and reporting on it.

    To fulfil this role, Prison Supervisors are required to undertake the Field Commander Training Package, which outlines all relevant responsibilities of the role including preservation of evidence, separation of witnesses, liaison with other agencies, as well as safety and security.

    Following an incident, the Prison Supervisor responsible for the area is tasked with putting together the incident report, which includes interviewing witnesses, collecting evidence, and collating staff accounts of the incident. Depending on the seriousness of the incident, the Supervisor might convene a post incident debrief allowing for staff to elaborate on their accounts and contribute to the conversation about management of the incident.

    Supervisors new to role are required to undertake a period of shadowing an experienced supervisor. At some locations new Supervisors must complete a workbook to the satisfaction of a Prison Manager before being allowed to act in the position.

    Incident reports are reviewed by the Supervisor, Manager, and CV Head Office staff for quality assurance and to allow for the identification of any errors.

    Regular state-wide supervisor meetings are held bi-monthly, with organisational leaders delivering key messages and commentary on themes, which includes any identified issues with the investigation process.

    Any failure of duty, failure to comply with policies and process, or improper conduct in public prisons is subject to DJCS's misconduct assessment and investigation process and could result in disciplinary action. Any conduct that constitutes suspected corrupt conduct is referred to IBAC. Staff in private prisons not complying with requirements could be the subject of a Probity Event that requires notification to the State, a misconduct investigation by the private prison operator, and referral to IBAC.

    Recommendation 2

    That the Victorian Government amend section 22 of the Corrections Act 1986 (Vic) to introduce a statutory obligation on corrections officers to report to the prison governor or to IBAC if they have a reasonable belief that another officer has engaged in corrupt conduct, and that an appropriate penalty for failing to comply with section 22 be imposed.

    Amendments to the Corrections Act will be considered by Government in the context of legislative reform to the Corrections Act.

    Recommendation 3

    That the Department of Justice and Community Safety and Corrections Victoria take action to embed a culture of integrity across the corrections system, including ensuring staff across all Victorian prisons understand the importance of reporting suspected corrupt conduct and how they will be supported and protected if they do so.

    DJCS is committed to embedding and strengthening an integrity culture across all its operations.

    The Integrity Strategy provides a framework of actions to support DJCS to achieve this objective. It features work to develop a welfare risk assessment and ongoing welfare support for staff that report improper conduct and public interest disclosures.

    DJCS consistently communicates the importance of speaking up in the face of corrupt conduct in training sessions including those delivered in Victorian prisons, as well as noting supports that are available to staff who do report matters.

    This recommendation requires ongoing work and is aligned to the DJCS Integrity Strategy.