Controlling fraud in the public sector - PricewaterhouseCoopers
Controlling fraud in the public sector - PricewaterhouseCoopers
Controlling fraud in the public sector - PricewaterhouseCoopers
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
7. Fraud Control Plans<br />
7.1 Fraud risk assessments must be followed by <strong>the</strong> development of a <strong>fraud</strong> control plan.<br />
Effective mechanisms should be <strong>in</strong> place to oversee <strong>the</strong> process of develop<strong>in</strong>g and implement<strong>in</strong>g <strong>the</strong><br />
7.1<br />
<strong>fraud</strong> control plan. This should emphasise prevention measures to m<strong>in</strong>imise <strong>the</strong> opportunity for <strong>fraud</strong>.<br />
7.2 Fraud control plans should be <strong>in</strong>tegrated <strong>in</strong>to <strong>the</strong> agency’s strategic, bus<strong>in</strong>ess or risk management plan.<br />
Fraud control plans must address <strong>the</strong> agency’s <strong>in</strong>dividual needs, <strong>in</strong>clud<strong>in</strong>g prevention, detection, report<strong>in</strong>g,<br />
7.3<br />
and <strong>in</strong>vestigation measures.<br />
Fraud control plans should document <strong>the</strong> agency’s approach to controll<strong>in</strong>g <strong>fraud</strong> at all levels.<br />
Prevention, detection, report<strong>in</strong>g, and <strong>in</strong>vestigation measures should <strong>in</strong>clude:<br />
• a summary of <strong>the</strong> identified <strong>fraud</strong> risks associated with <strong>the</strong> agency’s function<br />
• <strong>the</strong> treatment of strategies or controls put <strong>in</strong> place to mitigate <strong>the</strong> identified risks of <strong>fraud</strong><br />
• <strong>in</strong>formation about implementation<br />
7.3<br />
• everyone to report <strong>fraud</strong> or suspected <strong>fraud</strong><br />
• strategies to ensure <strong>the</strong> agency meets its tra<strong>in</strong><strong>in</strong>g requirements<br />
• mechanisms for collect<strong>in</strong>g, analys<strong>in</strong>g and report<strong>in</strong>g <strong>the</strong> number and nature of <strong>in</strong>cidents of <strong>fraud</strong><br />
with<strong>in</strong> or aga<strong>in</strong>st <strong>the</strong> agency<br />
• protocols sett<strong>in</strong>g out how <strong>the</strong> agency will handle suspicions of <strong>fraud</strong>.<br />
Controls and strategies outl<strong>in</strong>ed <strong>in</strong> <strong>the</strong> <strong>fraud</strong> control plans should be adequate with assessed <strong>fraud</strong> risks.<br />
7.4<br />
Controls should be reviewed on a regular basis to make sure <strong>the</strong>y rema<strong>in</strong> useful.<br />
Fraud control arrangements should reflect <strong>the</strong> <strong>fraud</strong> risk profile of an agency or particular program.<br />
7.5<br />
Small <strong>public</strong> <strong>sector</strong> agencies should adopt “fit for purpose” mechanisms to address specific <strong>fraud</strong> risks.<br />
7.6 Fraud control plans must <strong>in</strong>clude review mechanisms to regularly evaluate <strong>the</strong> <strong>fraud</strong> control strategies.<br />
7.7 Agencies must provide a copy of <strong>the</strong>ir <strong>fraud</strong> control plans to <strong>the</strong> AGD or <strong>the</strong> AFP on request.<br />
7.7 Fraud control plans should be user-friendly and available to all relevant employees.<br />
Fight<strong>in</strong>g <strong>fraud</strong> <strong>in</strong> <strong>the</strong> <strong>public</strong> <strong>sector</strong> 27