7.1. Fraud investigation
The purpose of a fraud investigation is to gather evidence relating to specific fraud allegations to determine the facts relating to the matter and to assist in deciding what, if any, action should be taken in relation to the matter(s). Under the Fraud Control Guidelines, relevant entities are required to investigate routine or minor instances of fraud against entity programs and to document the reasons for their decisions, irrespective of whether the initial assessment results in the matter being referred for a criminal investigation. ‘Routine or minor’ is defined as instances of fraud that, on an initial assessment by the entity, would be unlikely to be accepted by the Australian Federal Police (AFP) under its Case Categorisation and Prioritisation Model (see section 7.1.1).
Because the investigation process must give due consideration to a broad range of legislative, policy and practical considerations, such as sufficient evidence to support the prosecution of a criminal charge in a court of law,relevent entities must have regard to the Fraud Control Guidelines and the AGIS, which provide guidance on appropriate investigation competency standards for Commonwealth employees and investigation service providers.
7.1.1. AFP referrals and assistance
The Fraud Control Guidelines stipulate that the AFP has primary responsibility for investigating serious or complex fraud against the Commonwealth. Relevant entities must refer all instances of potential serious or complex fraud offences to the AFP in accordance with the AGIS and AFP referral process published on the AFP’s website. The AFP will review the referral in line with the AFP Case Categorisation and Prioritisation Model and may subsequently undertake an investigation into the matter, or reject the referral, undertake a joint investigation with the entity.
Under the Fraud Control Guidelines, relevant entities that have the capacity and the appropriate skills and resources needed to investigate criminal matters and meet the requirements of the Commonwealth Director of Public Prosecutions (CDPP) in gathering evidence and preparing briefs of evidence are authorised to investigate serious or complex offences against the Commonwealth.
Entities can request AFP assistance or advice in relation to an investigation being conducted by that entity into a suspected fraud matter. The AFP can assist entities with the conduct of search warrants, and can provide the following services to support an investigation:
- forensic services;
- document examination;
- fingerprint analysis;
- DNA;
- ballistic testing; and
- computer forensics.
Under the Fraud Control Guidelines, relevant entities that have the capacity and the appropriate skills and resources needed to investigate criminal matters and meet the requirements of the Commonwealth Director of Public Prosecutions (CDPP) in gathering evidence and preparing briefs of evidence are authorised to investigate serious or complex offences against the Commonwealth.
7.1.2. Australian Government Investigations Standards
All Australian Government entities that are required to comply with the Fraud Control Guidelines must also comply with the minimum standards for investigations set out in the Australian Government Investigations Standards (AGIS). The AGIS establishes the minimum standards for relevant Australian government entities when they conduct investigations. Should the AGIS be in conflict with legislation, the legislative requirement prevails.
An investigation is a project seeking information relevant to an alleged, apparent or potential breach of the law. The primary purpose of an investigation is to gather admissible evidence for any subsequent action, whether under criminal, civil penalty, civil, disciplinary or administrative sanctions. Investigations can also result in disruption or prevention action being taken by entities.
The AGIS is applicable to investigations where an entity determines there are reasonable grounds to suspect non-compliance, involve a conflict of interest or if the seriousness or complexity of the matter requires application of these standards. The term ‘investigation’ can also include intelligence processes which directly support the gathering of admissible evidence. The AGIS applies to all stages of an investigation.
According to the AGIS, the outcome of an investigation does not distinguish between administrative, criminal or civil action and is not a factor in determining the quality of the investigation. Rather, what is important are the standards applied during an investigation and the capacity of the investigative process to withstand administrative, operational and judicial review.
Relevant entities are required to comply with the AGIS to achieve a uniformly high standard of investigation by:
- having up-to-date policies and procedures relevant to their functions and programs and an investigation management system, and file management and activity recording procedures in place;
- complying with the AGIS definition of an investigation and the related primary purpose for gathering admissible evidence for subsequent action;
- documenting their policies and procedures for handling all aspects of the investigation process consistent with the AGIS, from initial consideration of an allegation through to successful prosecution of fraudulent crime and recovery of criminal proceeds; and
- clearly identifying the different investigation methodologies for administrative and criminal investigations and the decision-making in relation to the transition from regulatory / compliance functions to criminal investigation.
7.1.3. Identification of fraudulent behaviour
The Fraud Control Guidelines require relevant entities to have information systems in place, appropriate for the number and complexity of investigations undertaken, in order to manage information gathered about fraud. This not only supports sound decision-making at the management level, but also helps entities to identify and address any systemic issues that are relevant to fraud.
It is good practice for an organisation to record every allegation of fraudulent conduct that is reported to it, preferably in a central database. This enables proactive analysis of potential fraud hot spots and it can be used to direct the activities of internal audit. A central database also enables trends and analysis of fraud types to be undertaken and profiles to be developed based on systemic types of fraud cases.
According to the Australian Standard AS 8001-2008 Fraud and Corruption Control, a fraud incident register should include:
- date and time of report;
- date and time of incident detection;
- how the incident was reported to management (anonymous report, line management etc);
- nature of the incident;
- value of the loss to the entity (if any); and
- action taken following detection.
Such a register can be used to facilitate an organisation’s policy for the reporting, analysis and escalation of all detected incidences of fraud and corruption. This policy should be clear on the actions to be undertaken following the reporting of an incident.
Case Study
FaHCSIA fraud response governance model
The Department of Families, Housing, Community Services and Indigenous Affairs (FaHCSIA) recently established a working group between its Fraud and Compliance Branch and People Branch. The working group meets on a weekly basis to discuss allegations of ‘unethical conduct’, particularly in relation to fraud matters. The working group aims to ensure that all allegations are investigated by the most appropriate party within FaHCSIA to enable the best outcome for the department.
The working group also allows the two branches to identify and discuss potential hot spots and analyse trends with a view to improving education and awareness-raising for employees in the department. The two branches have also developed a complementary suite of reports in relation to matters that are considered by FaHCSIA’s Compliance and Integrity Committee.
7.1.4. Preliminary case assessment of an allegation of fraud
The AGIS outlines the standards required of relevant entities when receiving and dealing with an allegation of fraud and all investigations are to be conducted in accordance with the AGIS. Upon receiving an allegation of fraudulent conduct, a relevant entity needs to consider what should be the appropriate response.
Under the AGIS, a relevant entity must have a procedure covering the initial consideration of a fraud allegation that includes:
- recording of the allegation in an appropriately secure fraud incident register, file and/or electronic case management system, consistent with the Australian Government Protective Security Policy Framework;
- the person responsible for making the initial assessment (the decision-maker) is appropriately trained, as required by the Fraud Control Guidelines, and the entity provides an appropriate level of managerial oversight of decision-making;
- timeframes for initial consideration of the allegation;
- the obtaining of any readily accessible evidentiary information from within the entity, where the collection of such evidence would not jeopardise any future investigation, to allow an informed decision on the type of further action required; and
- the need to document the reasons for the decision and what action is intended. The decision as to how to respond to an allegation of fraud is considered to be a ‘critical decision’ in the fraud investigation process and one which needs to be appropriately documented.
An entity may also make use of a
Case Categorisation and Prioritisation Model (CCPM). This tool aids the decision-maker in making the initial assessment and helps drive transparency and consistency in decision-making. The AFP utilises a CCPM for matters referred from other organisations, and entities can consider adapting the principles in this model for their own decision-making purposes.
As provided under the AGIS, it may be that a preliminary inquiry, or ‘case assessment’, is required before a decision can be made as to how to proceed with the allegation. An initial case assessment is aimed at gaining sufficient information to be able to determine the subsequent appropriate action and could include: an interview of the complainant; some level of financial analysis to identify the potential veracity of the allegation; and such other preliminary steps as necessary to enable the decision to be made.
Relevant entities should ensure that in undertaking any preliminary inquiry, they comply with the AGIS and any entity direction or protocols relating to the handling of allegations of fraud, including those relating to the use of coercive powers to collect evidence. Agencies need to provide clear guidance to their investigators about the use of coercive powers particularly once fraudulent behaviour is suspected and the investigation becomes a criminal investigation.
It should also be noted that, irrespective of whether the decision is made to undertake a criminal or disciplinary investigation, the AGIS standards of investigation must be maintained to allow for the possibility of the allegation becoming more appropriate for criminal investigation. As such, relevent entities must have regard to the Fraud Control Guidelines and the AGIS, which provide guidance on appropriate investigation competency standards for Commonwealth employees and investigation service providers. (see section 7.1.6).
7.1.5. Conducting an investigation
Fraud investigations are conducted to determine the facts relating to specific allegations of fraud, through the collection and examination of evidence. The AGIS provides guidance and better practice investigation and case management standards for all investigations. Relevant entities must have in place processes and procedures that are consistent with, or exceed, the model procedures outlined in the AGIS modules.
For example, relevant entities must have written procedures regarding:
- the process for taking witness statements and conducting interviews with suspects;
- the handling of all physical evidence, including property seizure records, and the storage and disposal of exhibits (there should also be written procedures addressing the audit of the exhibit register as required by the Australian Government Protective Security Policy Framework);
- the conduct of surveillance, including physical and electronic;
- the management of human information sources (also referred to as informants); and
- the use of legislated powers such as the power of arrest, detention, coercion, search warrant execution, production orders and inspection orders.
Investigators must have knowledge of and the ability to apply the principles and elements of their entity’s standards and written procedures.
A fraud investigation and response decision-making process is represented at Figure 7.1. This decision tree has been developed to provide an explanation of, and guidance through, the fraud investigation and response process.
This diagram should not be used as a substitute for the AGIS but rather as a guide to better understand the critical decisions that need to be made and documented, from the initial assessment of the allegation and throughout the fraud investigation and response process.
Outsourcing investigations
In some instances, relevant entities will not be sufficiently resourced to conduct an internal investigative response to allegations of fraud. The establishment of an internal fraud investigations team can be costly and takes time to implement effectively. This will not be an issue for the larger program delivery and customer service entities, but for smaller entities (or entities which traditionally focus on policy development), the most cost-effective option will be to engage external investigations services.
In outsourcing investigation activities, relevant entities must take into account the Fraud Control Guidelines and the AGIS, which provide guidance on appropriate investigation competency standards for investigation service providers (see section 7.1.6). It is also beneficial if providers have demonstrated experience in conducting fraud investigations in an Australian government context, and are sufficiently familiar with the requirements of the Fraud Control Guidelines and the AGIS.
Notwithstanding an entity’s resource constraints with respect to internal fraud response capabilities, all serious and complex fraud matters should be referred to the AFP in the first instance. In addition, a relevant entity must consider whether it may still require support from the AFP in the form of assistance to execute search warrants or in the provision of forensic services (see section 7.1.1).
Figure 7.1: Fraud investigation and response decision tree
Source: KPMG.
[Click image above to open larger version in a new window
7.1.6. Training requirements
In deciding to undertake a fraud investigation, relevant entities must have regard to the Fraud Control Guidelines and the AGIS, which provide guidance on appropriate investigation competency standards for Commonwealth employees and investigation service providers.
The Public Services Training Package PSP04 offers the following qualifications relevant to fraud investigations:
- a Certificate IV in Government (Investigation) for employees or contractors primarily engaged in the investigation of fraud; and
- a Diploma of Government (Investigation) for employees contractors primarily engaged in the coordination and conduct of fraud control investigations.
In addition to appropriate qualifications, a robust internal investigations team should have a good mix of skills and experience. Depending on the needs of the entity an investigations team could include: ex-law enforcement officers; lawyers; intelligence operatives; forensic accountants; Information Technology experts, and subject matter experts for the types of programs and services delivered by the entity (for example, building surveyors, engineers or social workers).
Previous: Fraud Control—Response
Next: Responding effectively to fraud
