The Concealer
The Concealer hides their actions from being seen or known about to dishonestly gain personal benefits.
This might involve deleting or hiding information or evidence to prevent it from being exposed, for personal gain.
Examples:
- a service provider deletes records to hide their fraudulent activity
- an individual conceals the true nature of their circumstances to receive payments.
Case studies
Two leaders of a criminal syndicate were stripped of over $8.7 million in assets following a decade-long AFP-led investigation into a complex gold bullion GST fraud scheme.
Six people have been sentenced to a combined maximum term of 43 years imprisonment for their part in a $10 million tax fraud and money laundering operation.
Countermeasures
Counter the Concealer using measures that support oversight and transparency:
Make sure a manager, independent person or expert oversees actions and decisions. Involving multiple people in actions and decisions increases transparency and reduces the opportunity for fraud.
Rotate staff and contractors in and out of roles to avoid familiarity. Staff and contractors can become too familiar with processes, customers or vendors, which can lead to insider threats.
Match data with the authoritative source and verify relevant details or supporting evidence.
Services such as the Identity Matching Service can be used to verify identity credentials back to the authoritative source when the information is an Australian or state and territory government issued identity credential.
This countermeasure is supported by the Office of the Australian Information Commissioner's Guidelines on data matching in Australian government administration.
Separate duties by allocating tasks and associated privileges for a business process to multiple staff. This is very important in areas such as payroll, finance, procurement, contract management and human resources. Systems help to enforce the strong separation of duties. This is also known as segregation of duties.
Use system workflows to make sure all requests, claims or activities are approved only by the appropriate decision-maker.
Conduct quality assurance activities to confirm that processes are being followed correctly and to a high standard and/or that material or goods are what they are claimed to be.
Quality assurance checks not only improve processing standards, they can also detect potentially fraudulent activity and are a significant deterrent to fraud.
Automatically notify clients or staff about high-risk events or transactions. This can alert them to potential fraud and avoid delays in investigating and responding to fraud.
Reconcile records to make sure that 2 sets of records (usually the balances of 2 accounts) match. Reconciling records and accounts can detect if something is different from what is standard, normal, or expected, which may indicate fraud.
Prepare summary reports on activities for clients, managers or responsible staff.
Internal or external audits or reviews evaluate the process, purpose and outcome of activities. Clients, public officials or contractors can take advantage of weaknesses in government programs and systems to commit fraud, act corruptly, and avoid exposure.
Fraud detection software programs automatically analyse data to detect what is different from what is standard, normal or expected and may indicate fraud or corruption.
Capture documents and other evidence for requests, claims and activities to detect, analyse, investigate and disrupt fraudulent activity.
Audit logging is system-generated audit trails of staff, client or third-party interactions that help with fraud investigations.
Capture video or other electronic evidence of activities to support a fraud investigation and prosecution.
Provide staff with the knowledge and skills required to analyse and investigate different types of fraud.