Skip to main content

Report incidents or breaches for further investigation

Type of countermeasure

This is a detection countermeasure. Detection countermeasures can help to identify when fraud has occurred. They can help disrupt additional fraud and reduce the consequences.


Report on incidents or breaches to help identify if further investigation is required. Clients, public officials or contractors can take advantage of a lack of reporting and transparency to commit fraud, act corruptly and avoid exposure.

Why this countermeasure matters

A lack of reporting on incidents and breaches may result in:

  • disorganised or inconsistent practices and decision-making
  • less transparency over actions and outcomes
  • poor management of performance, decision-making and risk
  • less action and accountability to prevent, detect and respond to fraud and corruption
  • fraud or corrupt activity going unnoticed or unchallenged.

How to put this countermeasure in place

Some ways to implement this countermeasure include:

  • reporting of financial breaches such as failure of a staff member to acquit a credit card on time
  • reporting of system security incidents and breaches
  • staff reporting lost, stolen or damaged assets
  • staff reporting security incidents such as loss of classified documents.

How to measure this countermeasure's effectiveness

Measure the effectiveness of this countermeasure using the following methods:

  • Confirm that the reporting requirements for incidents are appropriate.
  • Review reporting processes to see if they align with the Australian Government Investigations Standards and other national guidelines and frameworks.
  • Confirm that reports are actually produced and used.
  • Review a sample of reports to determine if they are clear, relevant and would help someone detect fraud.
  • Confirm documents outlining the process for reporting incidents are easy to locate and use.
  • Confirm the options for reporting incidents are clearly communicated.
  • Review statistics related to reports to identify how many incidents are reported and how often.
  • Confirm that incident reports go to the most appropriate staff/team.
  • Review who has access to incident reports.
  • Check what other reporting occurs, such as if executives review reports during committee meetings.

Related countermeasures

This type of countermeasure is supported by:

Establish governance, accountability and oversight of processes by using delegations and requiring committees and project boards to oversee critical decisions and risk. Good governance, accountability and oversight increases transparency and reduces the opportunity for fraud.

Escalate non-standard requests or claims for further review or scrutiny. Non-standard requests or claims might include those that are late, do not meet normal conditions, include evidence that is difficult to verify (such as from overseas) or are for amounts that are higher than normal.

Allow clients, staff and third parties to lodge complaints about actions or decisions they disagree with. This may help identify fraud or corruption, such as failure to receive an expected payment.

Reconcile records to make sure that 2 sets of records (usually the balances of 2 accounts) match. Reconciling records and accounts can detect if something is different from what is standard, normal, or expected, which may indicate fraud.

Prepare summary reports on activities for clients, managers or responsible staff.

Establish exception reports to identify activities that are different from the standard, normal, or expected process and should be further investigated.

Capture documents and other evidence for requests, claims and activities to detect, analyse, investigate and disrupt fraudulent activity.

Related Fraudster Personas

Was this page helpful?