You are here: Skip breadcrumbAttorney-General's Department >> Integrity >> Counter fraud >> Fraud countermeasures >> Evidence must be provided to confirm identity

 Evidence must be provided to confirm identity

Prevention shield icon Previous page Next page


Summary - Evidence must be provided to confirm the identity of the person making the request or claim.

NB: This is a process of receiving documents to confirm a person's identity.

This control is underpinned by:

In particular, it involves policies, rules, processes and systems to ensure only known, authorised identities gain access to networks, systems and the information contained therein.


Some examples of this type of countermeasure include:

  • All programme applicants are required to provide certified copies of primary and secondary identification (passport, birth certificates, driver's licences).
  • Entry level checks to confirm the identity of staff and contractors.
  • Providers must provide evidence of identity for all Directors.

Purpose of this countermeasure

Someone can provide false or misleading information or stolen evidence of identity to support a request or claim.

Providing false or misleading information or forged documents to commit fraud are offences under the Criminal Code Act 1995.

Identity is defined as an attribute or set of attributes that uniquely describe a subject within a given context.

Accepting claims or requests without confirming the applicant's identity can lead to fraudsters:

  • impersonating customers or third parties to receive fraudulent payments or gain access to information, or
  • using false identities to receive fraudulent payments or gain access to information.

Whole-of-Government policies require us to have a high level of confidence in the identity of a customer when providing government services and payments.


This type of control is supported by:

How do I know if my countermeasures are effective?

You can apply the following methods to measure the effectiveness of these types of countermeasures:

  • Review identity confirmation controls and policies to see if they conform to legislation and the National Identity Proofing Guidelines.
  • Confirm the existence of reference and guidance material.
  • Confirm processes are consistently applied both within channels and across channels.
  • Check how evidence of identity is verified.
  • Review a sample of completed claims to confirm correct processes were undertaken.
  • Ask staff about the identity processes and systems to ensure they have a consistent and correct understanding.
  • Undertake vulnerability testing or a process walk-through to confirm that processes cannot be circumvented.
  • Identify how the requirements are communicated to staff, customers and third parties.
  • Review identified cases of fraud involving the use of a false or stolen identity.

Back to top

Previous page Next page​​

​​​​Commonwealth Fraud Prevention Centre logo​​​​​