Fraud Control Plan 2011

Executive Summary

The Australian Government has made a strong commitment across the Australian Public Service (APS) to protect revenue, expenditure and property from fraudulent activity. In response to the initiatives of the Commonwealth Government towards fraud management, all agencies are required to take a pro-active role in fraud management, prevention and detection. The 2011 Fraud Control Plan is the centrepiece of DFAT's commitment to effective management and mitigation of fraud risks.

The purpose of the DFAT Fraud Control Plan 2011 is to minimise the potential for instances of fraud on the department's programs or activities, whether conducted by employees or persons external to DFAT. It is a summary of the fraud risks to the department's operations and the controls in place, or being developed, to minimise and combat those risks. Additionally, it is intended to clearly set out prescriptive measures in response to any failures of controls to continue to limit the effects of fraud on the wider department.

The Plan is developed and maintained by the Conduct and Ethics Unit (CEU) and is reviewed by the department's Audit and Risk Committee. The plan is based upon up to date assessments of current fraud risks associated with the department. Areas of the department that manage functions more prone to fraud risks are required to review the risks of their functions and the effectiveness of the current control systems in place. This document is the outcome of this evaluation process. Relevant areas of the department were asked to complete a questionnaire. In response, a risk assessment matrix and a risk treatment matrix were developed for each of their functions (See Chapter Three).

The 2011 Plan uses the 2008 documentation as a base and employs updated methodology. The plan builds upon the 2008 plan by including new and emerging risks, which have been identified in the department's business since the previous plan was prepared. Like the 2008 plan this plan is intended to be a dynamic document that will be updated to reflect new risks as they emerge and articulate appropriate response measures.

Fraud Defined

For the purposes of Commonwealth Fraud Control, the definition of fraud is:

Dishonestly obtaining a benefit, or causing a loss, by deception or by other means

This definition covers a range of actions including:

• theft
• obtaining property, a financial advantage or any other benefit by deception
• causing a loss, or avoiding or creating a liability by deception
• providing false or misleading information to the Commonwealth, or failing to provide information where there is an obligation to do so
• making, using or possessing forged or falsified documents
• bribery, corruption or abuse of office
• unlawful use of Commonwealth computers, vehicles, telephones and other property or services
• relevant bankruptcy offences
• any offences of a like nature to those listed above.

The benefits referred to can be either tangible or intangible. Examples include:

• hacking into, or interfering with a Commonwealth computer system
• using fraudulent tertiary qualifications to gain employment or a promotion with a Commonwealth agency
• claiming hours on a timesheet that have not been worked
• using Commonwealth systems to gain access to other systems without authority
• charging the Commonwealth for goods or services that are incomplete or not delivered.

 Fraud against the Commonwealth includes:

• fraud perpetrated by an employee against an Australian Government agency or its programs
• fraud perpetrated by an agency client or external individual against such an agency or its programs
• fraud perpetrated by a contractor or service provider against an agency or its programs
• fraud can also be committed by third party providers who are non government organisations, the private sector or other levels of Government or Australian agencies.

Fraud control in the Commonwealth is based on the following principles:

• prevention, detection and investigation of fraud
• prosecution of offenders, including in routine or minor instances of fraud where appropriate
• application of appropriate civil, administrative or disciplinary penalties
• recovery of proceeds of fraudulent activity
• training of all employees in ethics and fraud awareness activities
• specialised training of employees involved in fraud control activities
• external scrutiny of fraud control activities.