The Concealer
The Concealer hides their actions from being seen or known about to dishonestly gain personal benefits.
Examples:
- A service provider deletes records to hide their fraudulent activity.
- An individual conceals the true nature of their circumstances to receive payments.
Case studies
A former Western Australian senior public official used an elaborate fake invoicing scheme, in what has been described as Australia's largest public sector fraud.
The former general manager of Papunya Community Store Aboriginal Corporation was convicted of two criminal offences after using funding obtained for the construction of a 'Community Hub' to pay various personal debts.
Countermeasures
Counter the Concealer using measures that support oversight and transparency:
Make sure a manager, independent person or expert oversees actions and decisions. Involving multiple people in actions and decisions increases transparency and reduces the opportunity for fraud.
Rotate staff and contractors in and out of roles to avoid familiarity. Staff and contractors can become too familiar with processes, customers or vendors, which can lead to insider threats.
Automatically match data with another internal or external source to obtain or verify relevant details or supporting evidence. This countermeasure is supported by the Office of the Australian Information Commissioner's Guidelines on data matching in Australian government administration.
Separate duties by allocating tasks and associated privileges for a business process to multiple staff. This is very important in areas such as payroll, finance, procurement, contract management and human resources. Systems help to enforce the strong separation of duties. This is also known as segregation of duties.
Use system workflows to make sure all requests, claims or activities are approved only by the appropriate decision-maker.
Conduct quality assurance activities to confirm that processes are being followed correctly and to a high standard.
Automatically notify clients or staff about high-risk events or transactions. This can alert them to potential fraud and avoid delays in investigating and responding to fraud.
Reconcile records to make sure that 2 sets of records (usually the balances of 2 accounts) match. Reconciling records and accounts can detect if something is different from what is standard, normal, or expected, which may indicate fraud.
Prepare summary reports on activities for clients, managers or responsible staff.
Internal or external audits or reviews evaluate the process, purpose and outcome of activities. Clients, public officials or contractors can take advantage of weaknesses in government programs and systems to commit fraud, act corruptly, and avoid exposure.
Fraud detection software programs automatically analyse data to detect what is different from what is standard, normal or expected and may indicate fraud or corruption.
Capture documents and other evidence for requests, claims and activities to detect, analyse, investigate and disrupt fraudulent activity.
Audit logging is system-generated audit trails of staff, client or third-party interactions that help with fraud investigations.
Capture video or other electronic evidence of activities to support a fraud investigation and prosecution.
Provide staff with the knowledge and skills required to analyse and investigate different types of fraud.