Conduct internal or external audits or reviews
Conduct internal or external audits or reviews to evaluate the process, purpose and outcome of activities. Clients, public officials or contractors can take advantage of weaknesses in government programs and systems to commit fraud, act corruptly, and avoid exposure.
Why this countermeasure matters
A lack of regular audits or reviews of activities may lead to:
- fraudsters feeling more confident their actions will not be detected
- high levels of non-compliance or errors due to inconsistent and unclear processes, rules and decision-making
- fraudsters taking advantage inconsistent practices and processes to commit fraud and avoid exposure or prosecution
- less transparency over the actions and decisions of staff and third parties
- staff or contractors taking advantage of positions of trust to act corruptly, commit fraud and avoid exposure
- fraud or corrupt activity going unnoticed or unchallenged
- less action and accountability to prevent, detect and respond to fraud and corruption
- unknown and unaddressed systemic fraud or corruption.
How to put this countermeasure in place
Some ways to implement this countermeasure include:
- regular Information and Communications Technology security audits
- annual program performance audits
- random site visits for providers
- regular payment accuracy surveys
- monthly audits of staff travel expenditure
- regular reviews of grants allocations
- regular audits of credit card spending.
How to measure this countermeasure's effectiveness
Measure the effectiveness of this countermeasure using the following methods:
- Review the outcomes of audits or reviews.
- Confirm that audits or reviews are actually undertaken.
- Check how regularly audits or reviews are performed.
- Confirm that the scope of audits or reviews consider fraud risks and controls.
- Confirm that audits or reviews are independent, completed by qualified persons and are resilient to corrupting influences.
- Check that recommendations or actions resulting from audits or reviews are implemented.
- Check what other reporting occurs, such as executive review of reports during committee meetings.
This type of countermeasure is supported by: