Have processes in place to prevent, identify and correct duplicate records, identities, requests or claims.
Why this countermeasure matters
Duplicated records, identities, requests or claims can lead to:
- fraudulent payments made multiple times
- dual claiming of different payments or benefit types
- duplicate or ghost records being used to conceal activities or exploit processes
- incorrect and inconsistent reporting and decision-making
- other control weaknesses such as less effective fraud detection.
How you might apply this countermeasure
Some ways to implement this countermeasure include:
- identifying and denying duplicate claims
- flagging and reviewing potential duplicate vendor invoices
- requiring staff to undertake thorough searches of existing customer records to avoid creating duplicate records
- interrogating systems to identify, review and correct potential duplicate records.
How to check if your countermeasures are effective
Here are some ways to measure the effectiveness of this type of countermeasure:
- confirm that clear and consistent processes exist for preventing, identifying and correcting duplicates
- analyse data to confirm duplicates are being properly identified and corrected
- consult subject matter experts on processes
- conduct a system or process walkthrough by having staff show you the process for managing duplicates
- review a sample of documentation to confirm compliance with policies and processes
- review who has access to review and correct duplicates
- check if and how duplicates are reported.