Skip to main content

Set up automatic notifications of high-risk events and transactions

Type of countermeasure

This is a detection countermeasure. Detection countermeasures can help to identify when fraud has occurred. They can help disrupt additional fraud and reduce the consequences.

Summary

Automatically notify clients or staff about high-risk events or transactions. This can alert them to potential fraud and avoid delays in investigating and responding to fraud.

Why this countermeasure matters

Allowing high-risk events or transactions to occur without automatically notifying clients or staff may cause:

  • fraudulent activity to go unnoticed
  • delays in investigations and responses
  • additional opportunities for fraud.

How to put this countermeasure in place

Some ways to implement this countermeasure include setting up system generated notifications of high-risk events or transactions, such as when:

  • online accounts are accessed
  • claims or requests are submitted
  • contact details are changed
  • bank accounts are changed
  • system accesses are updated
  • claims or requests are processed.

How to measure this countermeasure's effectiveness

Measure the effectiveness of this type of countermeasure using the following methods:

  • Analyse data related to automatic notifications and compare it to events or transactions.
  • Evaluate the method and destination of notifications to determine if they are sent to the best person using the best method.
  • Confirm that notifications cannot be modified, stopped, redirected or prevented from arriving and test controls if required.
  • Consider the timeliness of notifications, such as when they are sent or when they would be received and if this would provide sufficient time to respond to potential fraud.
  • Review the notification to determine if messages are clear and relevant to the receiver.
  • Test high-risk activities and transactions to confirm that notifications are sent.

Related countermeasures

Separate duties by spreading tasks and associated privileges for a business process among multiple staff. This is very important in areas such as payroll, finance, procurement, contract management and human resources. Strong separation of duties controls are enforced by systems. It is also known as segregation of duties.

Establish exception reports to identify activities that are different from the standard, normal, or expected process and should be further investigated.

Related Fraudster Personas

Was this page helpful?