Verify information you receive
Summary
Verify any requests or claim information you receive with an independent and credible source.
Why this countermeasure matters
Not verifying the information you receive may lead to:
- fraudsters providing false information or evidence to support a request or claim
- fraudsters hiding information that would affect their entitlements
- fraudsters successfully using forged documents to support a request or claim
- difficulties responding to fraud.
How to put this countermeasure in place
Some ways to implement this countermeasure include:
- verifying claim evidence though the Document Verification Service
- requiring a claim to have a valid provider number and then cross-referencing this with a provider register
- verifying claim eligibility by cross-referencing details held by another program or entity
- obtaining corresponding evidence from both a client and provider
- verifying professional qualifications with the education provider
- confirming business details through ABR Explorer.
How to measure this countermeasure's effectiveness
Measure the effectiveness of this countermeasure by using the following methods:
- Confirm the existence of reference and guidance material for manually verifying information.
- Review controls and policies to see if they conform to national guidelines and frameworks.
- Review a sample of completed requests/claims to confirm information was verified on all occasions.
- Undertake pressure testing or a process walk-through to confirm that verification processes cannot be forgotten or ignored.
- Review procedures or guidance to confirm it clearly specifies the requirements for verifying information.
- Identify how verification requirements are communicated to staff, customers and third parties.
- Ask staff about the process requirements to make sure they have a consistent and correct understanding.
- Confirm that someone cannot bypass or manipulate the verification requirements even when pressure or coercion is applied.
- Review the approvals process to find out if the decision-maker confirms that information was verified.
- Review the training staff receive to make sure it includes information about how to verify information.
Related countermeasures
This type of countermeasure is supported by:
Collaborate with strategic partners such as other government entities, committees, working groups and taskforces. This allows you to share capability, information and intelligence and to prevent and disrupt fraud.
Legislation and policy can help prevent, detect and respond to fraud, such as by outlining clear rules, regulations and criteria, allowing entities to collect, use and disclose information and allowing entities to enforce penalties and recover fraud losses.
Develop clear instructions and guidance for activities and processes, such as instructions for collecting the right information to verify eligibility or entitlements, procedures to help staff apply consistent and correct processes and guidance to help staff make correct and ethical decisions.
Provide staff with adequate training to increase likelihood that correct and consistent processes and decisions will be applied.
Make sure requests or claims use a specific form, process or system for consistency.
Have clear and specific eligibility requirements and only approve requests or claims that meet the criteria. This can include internal requests for staff access to systems or information.
Make sure forms or system controls require mandatory information to support claims or requests.
Escalate non-standard requests or claims for further review or scrutiny. Non-standard requests or claims might include those that are late, do not meet normal conditions, include evidence that is difficult to verify (such as from overseas) or are for amounts that are higher than normal.
Automatically match data with another internal or external source to obtain or verify relevant details or supporting evidence. This countermeasure is supported by the Office of the Australian Information Commissioner's Guidelines on data matching in Australian government administration.
Coordinate disruption activities across multiple programs or entities to strengthen processes and identify serious and organised criminals targeting multiple programs. It can also include referrals to law enforcement agencies for those groups that reach the threshold for complex criminal investigations.