Information is verified
Information relevant to the request or claim is manually verified with another source.
Some examples of this type of countermeasure include:
- Evidence provided with a claim is verified though the Document Verification Service.
- A valid provider number must be provided with a claim.
- Claim eligibility is verified by cross-referencing details held by another programme or agency.
- Corresponding evidence is obtained from both the customer and provider.
- Professional qualifications are verified with the education provider.
- Business details are confirmed through ABR Explorer.
Purpose of this countermeasure
Someone can provide false information or evidence to support a request or claim, or fail to disclose information that would affect their entitlement.
Providing false or misleading information or forged documents to commit fraud are offences under the Criminal Code Act 1995.
Failing to verify information other sources can allow a fraudster to successfully provide false or misleading information or forged documents to support a request or claim.
This type of control is supported by:
- Collaboration with strategic partners
- Legislation or Policy
- Procedural instructions or guidance
- Staff are trained to apply correct processes and decisions
- A specific form, process or system must be used
- Requests or claims must meet specific eligibility requirements
- Mandatory information is required to complete the request or claim
- Internal escalation procedures
- Data matching
- Coordinated disruption activity
How do I know if my countermeasures are effective?
You can apply the following methods to measure the effectiveness of these types of countermeasures:
- Confirm the existence of reference and guidance material.
- Review a sample of completed requests/claims to confirm information was verified on all occasions.
- Undertake vulnerability testing or a process walk-through to confirm that processes cannot be circumvented.
- Review procedures or guidance to confirm it clearly specifies the requirements for verifying information.
- Ask staff about the process requirements to ensure they have a consistent and correct understanding.
- Identify how verification requirements are communicated to staff, customers and third parties.
- Confirm that someone cannot bypass or manipulate the verification requirements, even when pressure or coercion is applied.
- Review the approvals process. Does the decision-maker confirm that information has been verified?
- Review the training staff receive to ensure it includes information about how to verify information.