Rotate staff and contractors
Summary
Rotate staff and contractors in and out of roles to avoid familiarity. Staff and contractors can become too familiar with processes, customers or vendors, which can lead to insider threats.
Why this countermeasure matters
Leaving staff and contractors in positions for too long can lead to:
- less visibility of fraud and corruption risks
- staff or contractors taking advantage of positions of trust to act corruptly, commit fraud and avoid exposure
- staff and contractors getting familiar with processes and learning how to exploit weaknesses
- fraud or corruption going undetected for a long period of time
- staff being targeted and coerced to process fraudulent claims or invoices for another person or entity such as pressured to pay a fraudulent invoice.
How to put this countermeasure in place
Some ways to implement this countermeasure include:
- regularly rotating staff in high risk positions
- rotating contract managers so they do not develop a conflict of interest with vendors.
How to measure this countermeasure's effectiveness
Measure the effectiveness of this countermeasure by using the following methods:
- Confirm the existence of a rotation or mobility policy or best practice guidelines.
- Confirm that the occupation of high-risk roles is reviewed regularly.
- Review procedures or guidance to make sure it clearly specifies requirements for rotation and contractor engagement.
- Review statistics or reports on staff and contractor positions and durations.
Related countermeasures
Establish governance, accountability and oversight of processes by using delegations and requiring committees and project boards to oversee critical decisions and risk. Good governance, accountability and oversight increases transparency and reduces the opportunity for fraud.
Assess the integrity of new employees, contractors or third parties such as by having entry level checks, probationary periods, suitability assessments or security vetting.
Develop clear instructions and guidance for activities and processes, such as instructions for collecting the right information to verify eligibility or entitlements, procedures to help staff apply consistent and correct processes and guidance to help staff make correct and ethical decisions.
Make sure a manager, independent person or expert oversees actions and decisions. Involving multiple people in actions and decisions increases transparency and reduces the opportunity for fraud.
Provide staff with adequate training to increase likelihood that correct and consistent processes and decisions will be applied.
Provide help and support to customers, staff and third parties to help them follow correct processes and encourage them to comply with rules and processes and meet expectations.
Require and support staff and third parties to self-disclose gifts, benefits, incidents, mistakes and real or perceived conflicts of interest.
Train and support staff to identify red flags to detect fraud, know what to do if they suspect fraud and know how to report it. Fraudsters can take advantage if staff and contractors are not aware of what constitutes fraud and corruption.
These are processes for ending an individual’s or entity’s engagement or involvement with an organisation or program.