The Concealer
The Concealer hides their actions from being seen or known about to dishonestly gain personal benefits.
Examples:
- A service provider deletes records to hide their fraudulent activity.
- An individual conceals the true nature of their circumstances to receive payments.
Case studies
Routine checks of the Department of Defence credit card spending detected multiple incidents of Australian Defence Force (ADF) members using their Defence Travel Card for improper purposes.
An Australian Defence Force (ADF) member deliberately provided false information on numerous forms and on a statutory declaration to avoid notifying their superior or the Defence Housing Authority (DHA) of a change in their marital circumstances. As a result, they continued to receive a service residence benefit valued at $150,000, despite no longer living with a dependent.
Countermeasures
Counter the Concealer using measures that support oversight and transparency:
Make sure a manager, independent person or expert oversees actions and decisions. Multiple people being involved in actions and decisions increases transparency and reduces the opportunity for fraud.
Rotate staff and contractors in and out of roles to avoid familiarity. Staff and contractors can become too familiar with processes, customers or vendors, which can lead to insider threats.
Automatically match data with another internal or external source to obtain or verify relevant details or supporting evidence. This countermeasure is supported by the Office of the Australian Information Commissioner's Guidelines on data matching in Australian government administration.
Separate duties by spreading tasks and associated privileges for a business process among multiple staff. This is very important in areas such as payroll, finance, procurement, contract management and human resources. Strong separation of duties controls are enforced by systems. It is also known as segregation of duties.
Use system workflows to make sure all requests, claims or activities are only approved by the appropriate decision-maker.
Conduct quality assurance activities to confirm that processes are being followed correctly and to a high standard.
Automatically notify clients or staff about high-risk events or transactions. This can alert them to potential fraud and avoid delays in investigating and responding to fraud.
Reconcile records to make sure that two sets of records (usually the balances of two accounts) match. Reconciling records and accounts can detect if something is different from what is standard, normal, or expected, which may indicate fraud.
Prepare summary reports on activities for clients, managers or responsible staff.
Conduct internal or external audits or reviews to evaluate the process, purpose and outcome of activities. Clients, public officials or contractors can take advantage of weaknesses in government programs and systems to commit fraud, act corruptly, and avoid exposure.
Fraud detection software programs automatically analyse data to detect what is different from what is standard, normal, or expected and may indicate fraud or corruption.
Capture documents and other evidence for requests, claims and activities to detect, analyse, investigate and disrupt fraudulent activity.
Audit logging is system-generated audit trails of staff, client or third party interactions that help with fraud investigations.
Capture video or other electronic evidence of activities to support a fraud investigation and prosecution.
Provide staff with the knowledge and skills required to analyse and investigate different types of fraud.