Skip to main content

Information Sheet Element 7 – Investigation and other responses

Publication date
May 2024
Information Sheet Element 7 – Investigation and other responses icon

This information sheet is part of a series of resources to help officials understand and implement the new Commonwealth Fraud and Corruption Control Framework. To access other information sheets, go to Learn about the Fraud and Corruption Control Framework.


Information Sheet Element 7 – Investigation and other responses

This information sheet will help Commonwealth officials understand:

  • how to prepare a fraud and corruption response plan
  • how to manage suspected fraud or corruption incidents, including decision-making criteria and conducting investigations
  • when and how to report matters to the Australian Federal Police (AFP)
  • when and how to refer matters to the National Anti-Corruption Commission (NACC) or the Inspector-General of Intelligence and Security (IGIS)
  • when to make referrals to the Commonwealth Director of Public Prosecutions (CDPP)
  • when and how to share information with other entities
  • other remedial actions to consider in response to incidents of fraud and corruption.

At a glance

Some of the key points discussed in this information sheet are:

  • Responding to incidents of fraud and corruption can involve a range of administrative, civil and criminal interventions, including containment, disruption, investigation, prosecution, financial loss and asset recovery.
  • Responding to incidents may involve mandatory referrals to the AFP, NACC or IGIS.
  • Decisions about how to respond to alleged fraudulent and corrupt conduct should be graduated and proportionate to the entity’s risk tolerance, appetite and environment, the seriousness of the suspected conduct, and other factors.
  • Entities should establish and document decision-making criteria for critical stages in the management of a suspected fraud or corruption incident.
  • Entities should consider a broad range of remedial actions when responding to suspected incidents, including addressing identified vulnerabilities, remediating compromised accounts or identity information, recovering financial losses and cancelling or reversing administrative decisions.
  • Appendix 1 outlines how this Policy Element may be applied flexibly according to the specific operating context of an entity.

Related links

Was this page helpful?