14. Fraud Detection Strategies

It is incumbent on line management to be alert to the potential for fraud and to take active steps to detect any fraud that occurs.

The FCO will work with line management and internal audit in applying the department’s findings from fraud risk assessments to formulate effective fraud detection systems.

The department has implemented a number of detection strategies which are outlined below.

14.1 Fraud Reporting Mechanisms

Internal and external fraud reporting mechanisms are available on the department’s intranet and internet. A reporting hotline has been established and information is available to assist parties to understand their rights and obligations. The reporting mechanisms ensure the confidentiality of the information received from anyone wishing to report a suspected case of fraud.

14.2 Internal Audit

Internal Audit is an independent function within the department that reports directly to the Assurance and Audit Committee. They conduct better practice assurance activities, audits and assurance advisory services which assist in the development of efficient and effective systems of internal control, risk management and corporate governance.

The results of the most recent fraud risk assessment is considered when developing the Annual Audit and Assurance Plan. This is also developed with a view to the department’s stated risk appetite for fraud and corruption to ensure that areas with the highest areas of risk are considered. Internal Audit is also located within the Legal, Audit and Assurance Branch which assists with collaborating on emerging fraud risks and issues identified as part of audit activities. Further, fraud risks are considered within each audit where relevant to determine whether controls satisfactorily address these risks.

14.3 Security

The Australian Government Protective Security Policy Framework (PSPF) ensures a consistent application of security measures across all areas of government. Many of these security risks are applicable to the fraud and control environment.

The department’s key security objectives include:

  • protecting Departmental information, assets and infrastructure from unauthorised access, sabotage, wilful damage, theft and disruptions.
  • preventing unauthorised disclosure of classified information, whether deliberate or accidental.

The Fraud Control Section and Department’s security team work closely on security risks of mutual concern.

14.4 Compliance Reviews

Divisions are responsible for implementing compliance mechanisms and monitoring compliance within their programme, policy and business areas.

14.5 ICT Compliance

The department may monitor its employees to ensure that they comply with all ICT security requirements. The security of ICT systems may be reviewed regularly by the department’s IT Security Advisor.

A formal process is used when dealing with incidents affecting ICT security. Where a security breach has been committed by an employee or some other person concerning the department’s ICT systems, where it is considered that a criminal offence may have been committed, the violation shall be reported to the FCO. If required, the FCO will recommend further action. If the violation relates to a potential Code of Conduct issue, the department’s People and Planning Branch will be informed and decide on appropriate action.

Compliance with the department’s security policies and procedures coupled with the prompt reporting of security breaches, incidents and inappropriate contacts, will aid in safeguarding against identified and potential fraud events and security threats.

Share this Page