Fact sheet: Overview of misconduct investigations
Undertaking a misconduct investigation includes gathering and assessing evidence—and, in many cases, preparing an investigation report—to inform a breach determination that is sound and defensible.
Evidence can be collected from a range of sources. These can include interviews with witnesses, electronic records (for example, system logs or building access), or written statements.
In some cases, physical evidence may be sufficient to establish the facts—for example, in cases involving suspected improper access to personal information, or improper use of email or internet, the investigation is likely to be founded on records of computer use. In other cases, witness statements or other evidence will need to be collected and considered.
Where the person under investigation suggests there may be additional evidence that could corroborate their version of events, or otherwise disprove the allegations against them, this evidence should be gathered where practicable.
Such requests should be evaluated in light of the relevance of the evidence and the requirements of procedural fairness.
Reviewing and assessing evidence
The investigator’s role includes seeking out the available evidence, and then weighing that evidence, including inconsistencies in accounts, to form a view (whether as a finding of fact, or as a recommendation to a decision-maker) about what occurred, applying the standard of ‘on the balance of probabilities’.
In evaluating evidence, investigators should have regard to the impact of unconscious bias on their assessments.
In reviewing the evidence it is advisable to keep the following considerations in mind:
- Has the person under investigation been given a reasonable opportunity to respond to the evidence, including to new or conflicting evidence that has arisen during the investigation?
- Has the response of the person under investigation been genuinely and fairly considered, and have lines of inquiry suggested by that person been pursued where it is reasonable to do so?
- Have witnesses been questioned about evidence that conflicts with their witness statements?
- Is any evidence missing? Is there enough credible, relevant, and significant (i.e. logically probative) evidence to support findings of fact on which a breach determination can be made?
When making a judgement about the reliability of the evidence, investigators and decision-makers should consider the following:
- Primary sources of evidence are preferable to secondary sources. For example, hearsay evidence is of less value than a first-hand account.
- Test disputed facts, or seek corroboration from other witnesses or evidence, where possible.
- Consider the credibility of witnesses, having regard to, for example, inconsistencies in evidence, honesty, or the possibility of collaboration or improper purpose.
- A record of an event made contemporaneously is generally preferable to a record made days or weeks later.
- An opinion generally has greater weight if it is given by someone with expertise on the matter.
Standard of proof
The standard of proof applicable to findings that the APS Code of Conduct has been breached, including the findings of fact that support the breach determination, is the civil standard.
That is, findings are based on the conclusion that it is more likely than not, having regard to credible evidence, that the person under investigation has done what they were alleged to have done. This is referred to as ‘the balance of probabilities’.