Collect accurate and relevant data
Whole-of-Government policies require us to have a high level of confidence in data when providing government services and payments. Create policies, rules, processes and systems to collect accurate and relevant data to help:
- process claims
- make decisions
- check and verify data
- analyse data to detect fraud
- investigate potential fraud
- define new indicators of fraud.
Why this countermeasure matters
Services provided to someone without accurate and relevant data being collected can lead to fraudsters:
- impersonating clients or third parties to receive fraudulent payments or gain access to information
- providing false or misleading information to support a request or claim
- using stolen identity documents to support a request or claim
- obtaining benefits or services they are not entitled too
- benefiting from incorrect decisions or payments.
Collecting accurate and relevant data can also assist in preventing and detecting fraud through data matching, especially through entities having complete sets of data and aligned data categories.
How you might apply this countermeasure
Some ways to implement this countermeasure include:
- Putting systems in place to independently check and verify the accuracy of data.
- Having clear and relevant categories of data to be collected that can be verified with relevant stakeholders.
- Having clear, simple and secure processes for clients and stakeholders to update their data.
How to check if your countermeasures are effective
Here are some ways to measure the effectiveness of this type of countermeasure:
- Review data collection controls and policies to see if they conform to national guidelines and frameworks.
- Review the information threshold for collecting data by asking what level of information is publicly available, for example, what can be found on social media?
- Confirm the existence of reference and guidance material.
- Confirm processes are consistently applied both within channels and across channels.
- Review a sample of completed transactions to confirm correct processes were undertaken.
- Ask staff about the collection of data to make sure they have a consistent and correct understanding.
- Undertake active testing or a process walk-through to confirm there is no way around processes.
- Identify how the requirement to collect accurate and relevant data is communicated to staff.
- Identify whether lack of accurate or relevant data hinders claims or data matching.
- Review identified cases of fraud involving the exploitation of inaccurate data or not having relevant data.