Analyse data to:
- improve processes and controls
- increase payment accuracy
- find and prevent non-compliance, fraud and corruption.
Why this countermeasure matters
Not collecting and analysis data to improve processes and payment accuracy may lead to:
- unclear or ineffective processes, leading to unidentified risks and control vulnerabilities
- unseen and unchecked fraud and corruption
- fraudsters deliberately exploiting program weaknesses
- systemic fraud and corruption.
How you might apply this countermeasure
Some ways to implement this countermeasure include:
- automatically detect and flag indicators of fraud based on known fraud methodologies
- risk-score applications to streamline processes and direct higher-risk applications down different pathways for additional checks
- validate information supplied by applicants, such as using IP addresses to verify that claims for grant or relief payments are made in proximity to disaster affected areas
- monitor and flag high-risk transactions, such as changes to vendor bank details immediately prior to payment
- identify suspicious patterns and anomalies in bulk claim data
- identify suspicious trends, such as an increase in the amount of data being uploaded to the internet from an employee (this could indicate an insider leaking of confidential information)
- detect known fraudulent identities or bank accounts within a system
- risk rate fraud alerts or tip-offs for priority investigation
- classify populations into risk cohorts to direct compliance action, e.g. if several instances of fraud have been identified following a certain pattern, the system can “learn” which attributes are characteristic of that activity and look for those attributes across the entire customer, vendor, or employee population.
How to check if your countermeasures are effective
Here are some ways to measure the effectiveness of this type of countermeasure:
- consult subject matter experts on the data analytics that is performed
- review data analytic exercises to see if they conform to national guidelines and frameworks
- review the methods used to analyse the data
- review how data is used to analyse processes and fraud risks
- confirm sufficient data is collected to effectively analyse compliance, payment accuracy and potential fraud
- conduct a system or process walkthrough by having staff show you how data is collected and analysed
- review how often data analytics is performed
- confirm the data is:
- check if and how the results are used to improve processes and controls.
Establish governance, accountability and oversight of processes by using delegations and requiring committees and project boards to oversee critical decisions and risk. Good governance, accountability and oversight increases transparency and reduces the opportunity for fraud.
Collaborate with strategic partners such as other government entities, committees, working groups and taskforces. This allows you to share capability, information and intelligence and to prevent and disrupt fraud.
Clear eligibility requirements and only approve requests or claims that meet the criteria. This can include internal requests for staff access to systems or information.
Match data with the authoritative source and verify relevant details or supporting evidence. Services such as the Identity Matching Service can be used to verify identity credentials back to the authoritative source when the information is an Australian or state and territory government issued identity credential. This countermeasure is supported by the Office of the Australian Information Commissioner's Guidelines on data matching in Australian government administration.
Make sure sensitive or official information cannot leave your entity's network without authority or detection. The Protective Security Policy Framework articulates mandatory information security requirements to maintain the confidentiality, integrity and availability of all official information. Personal and government information is highly sought after by fraudsters and organised criminals. The way data is collected and stored can also change the scale of a potential breach.
Internal or external audits or reviews evaluate the process, purpose and outcome of activities. Clients, public officials or contractors can take advantage of weaknesses in government programs and systems to commit fraud, act corruptly, and avoid exposure.
Coordinate disruption activities across multiple programs or entities to strengthen processes and identify serious and organised criminals targeting multiple programs. It can also include referrals to law enforcement agencies for those groups that reach the threshold for complex criminal investigations.