Skip to main content

The Reckless

The Reckless acts without care, responsibility or regard to the consequences of their actions by disregarding requirements, procedures, warnings or directions to gain personal benefits.


  • A contractor accepts a contract knowing they cannot deliver the service.
  • A service provider uses grant funds for personal use.

Case studies

The Department of Defence investigated allegations of the theft of a significant number of military store items. The investigation found no evidence of criminal activity but identified significant systemic issues within the asset management of military stores.

A Sydney GP has been arrested for his alleged involvement in a “crash and earn” insurance fraud. The man allegedly created fraudulent medical records and certificates based on fabricated vehicle crashes. The man also allegedly produced false medical certificates for university students.


Counter the Reckless using measures that support clear and consistent requirements and processes:

Establish governance, accountability and oversight of processes by using delegations and requiring committees and project boards to oversee critical decisions and risk. Good governance, accountability and oversight increases transparency and reduces the opportunity for fraud.

Develop clear instructions and guidance for activities and processes, such as instructions for collecting the right information to verify eligibility or entitlements, procedures to help staff apply consistent and correct processes and guidance to help staff make correct and ethical decisions.

Clearly document decision-makers using delegations, authorisations and instructions. Clearly defined decision-making powers increase transparency and reduce the opportunity for fraud and corruption.

Provide help and support to customers, staff and third parties to help them follow correct processes and encourage them to comply with rules and processes and meet expectations.

Use declarations or acknowledgments to both communicate and confirm that a person understands their obligations and the consequences for non-compliance. The declaration could be written or verbal, and should encourage compliance and deter fraud.

Limit and control functionality within systems with user permissions. Assign permissions to users based on specific business needs, such as making high-risk functions limited to specialised users. The Protective Security Policy Framework sets out the government protective security policies that support this countermeasure.

Set up system prompts and alerts to warn users when information is inconsistent or irregular, which either requires acceptance or denies further actions.

Was this page helpful?