The Fabricator
The Fabricator invents or produces something that is false to dishonestly gain personal benefits.
This might involve creating false invoices or other types of records for personal gain.
Examples:
- A business fabricates documents to receive a grant.
- A service provider fabricates receipts to receive a rebate.
Case studies
A Mildura woman avoided jailed time after attempting to defraud the Australian Tax Office of $115,000.
Strike Force Sainsbery investigators with assistance from the Service NSW Fraud Response Unit have laid charges against 87 people for allegedly making fraudulent grant applications against NSW Government financial relief schemes related to the COVID-19 pandemic and natural disasters.
Countermeasures
Counter the Fabricator using measures that support information sharing and verification:
Make sure requests or claims use a specific form, process or system for consistency.
Make sure forms or system controls require mandatory information to support claims or requests.
Apply limits on requests, claims or processes, such as maximum claim amounts or time periods. Enforce these limits using IT system controls.
Verify any requests or claim information you receive with an independent and credible source.
Match data with the authoritative source and verify relevant details or supporting evidence.
Services such as the Identity Matching Service can be used to verify identity credentials back to the authoritative source when the information is an Australian or state and territory government issued identity credential.
This countermeasure is supported by the Office of the Australian Information Commissioner's Guidelines on data matching in Australian government administration.
Create lists to quickly compare information to automate or require further actions.
Have processes in place to prevent, identify and correct duplicate records, identities, requests or claims.
Use system workflows to make sure all requests, claims or activities are approved only by the appropriate decision-maker.
Make sure sensitive or official information cannot leave your entity's network without authority or detection.
The Protective Security Policy Framework articulates mandatory information security requirements to maintain the confidentiality, integrity and availability of all official information. Personal and government information is highly sought after by fraudsters and organised criminals. The way data is collected and stored can also change the scale of a potential breach.
Automatically notify clients or staff about high-risk events or transactions. This can alert them to potential fraud and avoid delays in investigating and responding to fraud.
Reconcile records to make sure that 2 sets of records (usually the balances of 2 accounts) match. Reconciling records and accounts can detect if something is different from what is standard, normal, or expected, which may indicate fraud.
Establish exception reports to identify activities that are different from the standard, normal, or expected process and should be further investigated.
Internal or external audits or reviews evaluate the process, purpose and outcome of activities. Clients, public officials or contractors can take advantage of weaknesses in government programs and systems to commit fraud, act corruptly, and avoid exposure.
Fraud detection software programs automatically analyse data to detect what is different from what is standard, normal or expected and may indicate fraud or corruption.
Capture documents and other evidence for requests, claims and activities to detect, analyse, investigate and disrupt fraudulent activity.