Design fraud and corruption resistant policies

Fraud and corruption risks can undermine the objectives of every Australian Government entity in all areas of their business, including policy-making, regulation, delivery of services and programs, and internal procedures.

Our guides help Australian Government officials to effectively consider fraud and corruption risks when designing and implementing new government initiatives. Counter-fraud , risk and policy officers can use the principles and tools in these guides to help strengthen integrity.

• Our Countering Fraud and Corruption by Design Toolkit has been developed for counter-fraud and risk officers to support collaboration with officials who design, implement and oversee new policy initiatives, including senior executives, policy officials, project teams and enterprise project offices. It is designed to aid decision making and enhance understanding of how to effectively manage fraud and corruption risk throughout the policy lifecycle.
• Our Fraud and Corruption: A Guide for Policy Makers has been developed for policy officers. Drawing on the APS Model for Delivering Great Policy, it gives practical advice and key principles to help you minimise the impacts of fraud and corruption on any new policy or initiative by considering and managing those risks in the design phase.

Countering fraud and corruption in new government initiatives

The Australian Government’s legislative and policy framework requires entities to take all reasonable measures to prevent, detect and respond to fraud and corruption. This includes when designing and implementing new government policies, programs or projects.

Certain factors may lead to programs being at a high risk of fraud. These include:

• The need to deliver a program quickly, such as in response to emergencies – this can often make it difficult to put in robust up-front controls. Post-event assurance activity is integral to effectively managing payments in emergency management scenarios.
• The program is managed across different government portfolios, service providers or jurisdictions – this can lead to a lack of clear governance processes, oversight and accountability for risks and controls.
• The program requires someone to verify or authenticate their identity, particularly online – if not designed well, this can lead to identity fraud and significantly harm members of the Australian public.
• The program has low thresholds for verifying eligibility or evidence for payments – these programs are susceptible to common methods used by fraudsters, such as deception and fabrication. This can lead to systemic fraud.

Developing policy and programs with fraud and corruption in mind helps prevent them from occurring before they cause harm.

Principles to follow

To counter fraud and corruption in new policy design, Australian Government entities should consider and apply the following principles:

• There will always be a risk of fraud and corruption in government programs, as there will always be people motivated by money or influence to act dishonestly.
• To fight fraud and corruption, we first need to find them. If you don’t identify the opportunities for fraud or corruption, you can’t protect your policy, program or initiative against it.
• The most cost-effective way to control fraud and corruption is always prevention.
• Fraud and corruption are ever changing. Entities must be agile to deal with these evolutions.
• There is no one solution to countering fraud and corruption. We need holistic approaches that combine influencing behaviours, primary prevention, early detection and responsive correction.

How to build risk management into new policy processes

There are steps you can take throughout the policy lifecycle to identify and minimise fraud and corruption risks.

Identify and assess fraud and corruption risks

Understand what the risks are. When officials have a clear and specific understanding of the fraud and corruption risks, they can make better decisions about how to manage those risks.

In collaboration with risk and fraud control experts, policy officials can use an Initial Fraud Risk Assessment to make a high-level assessment of the risks and potential impacts of a new policy, program or initiative.

Learn about conducting an Initial Fraud Impact Assessment.

Think like a fraudster

When people commit fraud, they take on one or more 'personas'. By exploring these personas and how they operate, officials can better understand how their new policy might be vulnerable to fraud. This understanding will help them minimise opportunities for fraud and corruption across the policy lifecycle.

Learn about the different types of fraudsters.

Understand the Australian Policy Cycle

Fraudsters, programs and the outside environment continually adapt and evolve, and therefore vigilance is needed across a policy lifecycle.

Learn about managing fraud and corruption risk across the Policy Cycle in the Countering Fraud and Corruption by Design Toolkit.

Apply a fraud and corruption lens to the APS Model for Delivering Great Policy

Policy officers can help strengthen integrity in new policy design by integrating a fraud and corruption lens to the 4 core elements of the APS Model for Delivering Great Policy:

• Be clear on intent – consider how fraud and corruption could undermine the outcome the new policy is aiming to achieve.
• Be well informed – engage with risk specialists to build the evidence base about fraud and corruption risks and learn from past fraud and corruption incidents.
• Ensure the new policy is practical to implement – work with risk specialists to explore practical solutions in the design process to proactively mitigate fraud and corruption.
• Be influential – provide compelling and evidence-based advice to decision makers about what is needed to manage fraud and corruption, gathered through your early engagement with risk specialists.  

Learn how policy officers can minimise the impacts of fraud and corruption in the Fraud and Corruption - A Guide for Policy Makers.

Introduce controls

Poor policy design can lead to the creation of significant fraud vulnerabilities. While we can’t prevent all fraud, taking fraud into account when designing and implementing Commonwealth policies can help you put appropriate controls in place to frustrate most fraudulent actions and prevent systemic fraud.

The catalogue of common fraud controls contains 70 different types of fraud controls that can help Australian Government officials prevent, detect and respond effectively to fraud and corruption.

Learn about the key controls to consider up front when designing and implementing new initiatives in the Countering Fraud and Corruption by Design Toolkit. Key controls include:

• Establish governance arrangements up front and maintain accountability and oversight over processes, decision-making and program risks.
• Provide clear public communication to help prevent citizens and businesses falling victim to scams or slipping into non-compliance, while also deterring fraud and corruption.
• Include clauses about fraud, corruption and privacy in applications, disclaimers, deeds or contracts
• Have clear, specific and verifiable eligibility requirements outlined in legislation or policy, and implement systems and processes that only approve requests or claims that meet the requirements.
• Make sure the data your entity collects and maintains is as accurate and comprehensive as possible. This will assist in decision making, data analytics, and any necessary compliance and fraud investigations.
• Verify request or claim information provided by claimants with an independent and credible source.
• If sufficient evidence cannot be collected up-front, make sure processes are in place to collect it at a later date through post-event assurance or compliance activity.
• Be aware that controls can be breached and therefore it is important to have clear response protocols as part of fraud and corruption prevention, including being able to disrupt, contain, communicate and report incidents.
• Get advice from your entity’s governance/fraud/risk area or other fraud and corruption control experts regarding relevant fraud and corruption risks.