Conduct integrity checks and suitability assessments
Summary
Assess the integrity of new employees, contractors or third parties such as by having entry level checks, probationary periods, suitability assessments or security vetting.
Why this countermeasure matters
Fraud is committed by individuals, not organisations. Fraud can be carried out or facilitated by:
- individuals delivering a service on behalf of government
- employees operating within a service provider
- owners or directors who run a service provider
- corrupted officials within government.
How to put this countermeasure in place
Some ways to implement this countermeasure include:
- referring to Policy 12 of the PSPF
- conducting entry checks, police checks and/or ‘fit and proper person’ tests for all new staff and contractors
- undertaking suitability assessments of all vendors or service providers
- having probationary periods for all new staff, contractors, vendors or providers
- requiring staff and contractors to have and maintain security clearances for designated roles.
How to measure this countermeasure's effectiveness
Measure the effectiveness of this countermeasure by using the following methods:
- Refer to Policy 12 of the PSPF Eligibility and Suitability of Personnel.
- Review the process for undertaking integrity checks or suitability assessments for new staff, contractors, vendors or providers as required by Policy 12 and 13 of the PSPF.
- Analyse data on integrity checks or suitability assessments and confirm these are always completed.
- Review completion rates of induction training.
- Review probation results.
- Review cases of fraud and non-compliance to determine why integrity checks and suitability assessments did not work in those circumstances.
- Undertake a staff census and particularly ask questions relevant to staff integrity and performance management.
- Review APSC Census Results if you are Commonwealth entity.
- Review positions that require a security clearance and confirm staff and contractors have the required clearance.
- Where available, analyse data related to the Australian Government Security Vetting Agency declarations/notifications.
Related countermeasures
Establish governance, accountability and oversight of processes by using delegations and requiring committees and project boards to oversee critical decisions and risk. Good governance, accountability and oversight increases transparency and reduces the opportunity for fraud.
Legislation and policy can help prevent, detect and respond to fraud, such as by outlining clear rules, regulations and criteria, allowing entities to collect, use and disclose information and allowing entities to enforce penalties and recover fraud losses.
Collaborate with strategic partners such as other government entities, committees, working groups and taskforces. This allows you to share capability, information and intelligence and to prevent and disrupt fraud.
Require and support staff and third parties to self-disclose gifts, benefits, incidents, mistakes and real or perceived conflicts of interest.
Make sure requests or claims use a specific form, process or system for consistency.
Make sure to confirm the identity (an attribute or set of attributes that uniquely describe a subject within a given context) of the person making the request or claim using evidence.
Have clear and specific eligibility requirements and only approve requests or claims that meet the criteria. This can include internal requests for staff access to systems or information.
Make sure forms or system controls require mandatory information to support claims or requests.
Verify any requests or claim information you receive with an independent and credible source.
Require clients, staff and third parties to have ongoing compliance, performance and contract reviews.
Put in place processes for staff or external parties to lodge tip-offs or Public Interest Disclosures.
Coordinate disruption activities across multiple programs or entities to strengthen processes and identify serious and organised criminals targeting multiple programs. It can also include referrals to law enforcement agencies for those groups that reach the threshold for complex criminal investigations.
These are processes for ending an individual’s or entity’s engagement or involvement with an organisation or program.