The Concealer
The Concealer hides their actions from being seen or known about to dishonestly gain personal benefits.
Examples:
- A service provider deletes records to hide their fraudulent activity.
- An individual conceals the true nature of their circumstances to receive payments.
Case studies
Multiple people have been charged and convicted as part of Operation Elbrus which revealed a group of people were using payroll services companies to divert pay-as-you-go withholding tax and goods and services tax owed to the ATO. The group is alleged to have defrauded the Commonwealth of over $105 million over three years. Sixteen people have been charged, with multiple being convicted and sentenced to prison.
Two Commonwealth employees and an associate have been charged with conspiracy to defraud the Commonwealth and abuse of public office. Police allege that the trio used inside knowledge obtained in the course of their employment at the Department of Finance to direct IT contracts to ‘preferred suppliers.’ The trio then allegedly used kickbacks to buy and renovate properties. Police have frozen $7.8 million in assets as part of the investigation.
Countermeasures
Counter the Concealer using measures that support oversight and transparency:
Make sure a manager, independent person or expert oversees actions and decisions. Multiple people being involved in actions and decisions increases transparency and reduces the opportunity for fraud.
Rotate staff and contractors in and out of roles to avoid familiarity. Staff and contractors can become too familiar with processes, customers or vendors, which can lead to insider threats.
Automatically match data with another internal or external source to obtain or verify relevant details or supporting evidence. This countermeasure is supported by the Office of the Australian Information Commissioner's Guidelines on data matching in Australian government administration.
Separate duties by spreading tasks and associated privileges for a business process among multiple staff. This is very important in areas such as payroll, finance, procurement, contract management and human resources. Strong separation of duties controls are enforced by systems. It is also known as segregation of duties.
Use system workflows to make sure all requests, claims or activities are only approved by the appropriate decision-maker.
Conduct quality assurance activities to confirm that processes are being followed correctly and to a high standard.
Automatically notify clients or staff about high-risk events or transactions. This can alert them to potential fraud and avoid delays in investigating and responding to fraud.
Reconcile records to make sure that two sets of records (usually the balances of two accounts) match. Reconciling records and accounts can detect if something is different from what is standard, normal, or expected, which may indicate fraud.
Prepare summary reports on activities for clients, managers or responsible staff.
Conduct internal or external audits or reviews to evaluate the process, purpose and outcome of activities. Clients, public officials or contractors can take advantage of weaknesses in government programs and systems to commit fraud, act corruptly, and avoid exposure.
Fraud detection software programs automatically analyse data to detect what is different from what is standard, normal, or expected and may indicate fraud or corruption.
Capture documents and other evidence for requests, claims and activities to detect, analyse, investigate and disrupt fraudulent activity.
Audit logging is system-generated audit trails of staff, client or third party interactions that help with fraud investigations.
Capture video or other electronic evidence of activities to support a fraud investigation and prosecution.
Provide staff with the knowledge and skills required to analyse and investigate different types of fraud.