Skip to main content

Coronavirus (COVID-19) and the Attorney-General’s Department: Find out how our services are being delivered and how you can access them. For the latest COVID-19 news, updates and advice from the Australian Government, visit

Requests, claims or processes are limited by parameters


Previous page


Next page


Requests or claims are limited by certain parameters; for example, claim periods or limits.

NB: Strong controls are enforced by systems, e.g. the system does not allow amounts to be paid above a certain limit, or particular items/payments to be claimed together.


Some examples of this type of countermeasure include:

  • Transaction limits for credit cards.
  • Claiming limits for programme payments.
  • Staff must book the cheapest available fare for work travel.
  • Only customers or nominees can change bank account details.
  • Only Australian bank accounts can be recorded for programme payments.

Purpose of this countermeasure

Someone can make fraudulent claims or requests by acting dishonestly or providing false or misleading information or evidence. Additionally, a staff member can abuse their position of trust to process fraudulent requests or claims, or access information without authority.

Acting dishonestly or providing false or misleading statements or information to commit fraud are offences under the Criminal Code Act 1995.

Not having clear parameters in place to keep requests, claims or processes within certain boundaries can lead to:

  • disorganised, inconsistent practices and decision-making, and
  • other control weaknesses.

Fraudsters can exploit dysfunctional processes to:

  • receive payments or services they are not entitled to, or
  • access information or systems without a business need.


This type of control is supported by:

How do I know if my countermeasures are effective?

You can apply the following methods to measure the effectiveness of these types of countermeasures:

  • Confirm the existence of parameters.
  • Confirm parameters are always applied.
  • Undertake quantitative analysis of outcomes to check they are within limits/boundaries.
  • Review a sample of completed requests or claims to confirm parameters were applied.
  • Ask staff about processes to ensure they have a consistent and correct understanding of the parameters.
  • Undertake vulnerability testing or a process walk-through to confirm that parameters are enforced.
  • Confirm that someone cannot override or bypass parameters, even when pressure or coercion is applied.
  • Check if reporting/reconciliation processes exist to confirm claim or request outcomes are within limit /boundaries.


Previous page


Next page



Commonwealth Fraud Prevention Centre logo