Create penalties for fraud and non-compliance
These are penalties for customers, staff or third parties that commit fraud or do not comply with rules, processes and expectations.
Why this countermeasure matters
A lack of penalties for fraud and non-compliance may lead to:
- individuals being less deterred from committing fraud
- increasing levels of fraud over time
- repeated or endemic non-compliance or criminals reoffending.
How to put this countermeasure in place
Some ways to implement this countermeasure include creating penalties like:
- raising debts, penalties and interest payments for clients who commit fraud or do not comply with requirements
- fining, suspending or cancelling providers or third parties who commit fraud or do not comply with requirements or standards
- sanctioning, demoting or terminating staff for misconduct or fraud.
How to measure this countermeasure's effectiveness
Measure the effectiveness of this countermeasure using the following methods:
- Review the results of compliance audits or fraud investigations.
- Confirm that penalties are:
- enforced through debts, terminations, demotions, or prosecutions
- appropriate for the type of fraud
- consistent across similar cases
- recorded against the client, vendor, staff member or contractor records
- reported on (for example, to a risk committee)
- shared with other parties with a need-to-know basis (for example, other organisations are notified of serious or organised fraud or staff/contractor terminations for fraud/misconduct).
- Analyse statistics on repeated non-compliance or convicted criminals reoffending.
- Confirm that countermeasures are in place to disrupt repeated non-compliance or criminals reoffending.
This type of countermeasure is supported by: