Separation and termination processes
Processes undertaken to cease or terminate a staff member’s, contractor’s or provider’s engagement or participation in a program.
- Staff or contractors are terminated for fraud or misconduct.
- Providers are expelled from participating in the programme due to fraud or misconduct.
- Suppliers are removed from a panel due to fraud or misconduct.
Purpose of this countermeasure
Failing to apply proper processes for ceasing or terminating staff and contractors can create insider threats or more broadly contribute to a dysfunctional workplace culture.
Furthermore, failing to expel providers for fraud and non-compliance can lead to persistent or greater levels of fraud within programmes.
Fraudsters can also take advantage of weakness in separation processes by being reengaged with the same or similar entity or programmes.
This type of countermeasure is supported by:
- Governance, accountability and oversight
- Integrity checks and suitability reviews
- Collaboration with strategic partners
- Procedural instructions or guidance
- Staff are trained to apply correct processes and decisions
- A specific form, process or system must be used
- End of life processes
- Blacklisting, greylisting or whitelisting
- Data protected from manipulation or misuse
- Data analytics
- Quality assurance checks
- Incident reporting
- Internal or external audits or reviews
- Documentation and evidence storage
- Fraud investigations
- Coordinated disruption activity
How do I know if my countermeasures are effective?
You can apply the following methods to measure the effectiveness of these types of countermeasures:
- Review processes/guidelines for termination/separation.
- Confirm that staff members, contractors or providers would be terminated or expelled for fraud/non-compliance.
- Confirm that data is captured and reported on for all terminations /expulsions involving fraud/misconduct.
- Identify cases where staff members, contractors or providers have been terminated/expelled for fraud/non-compliance.
- Confirm processes are adhered to and reported on. E.g. how do they ensure:
- assets are returned
- system access is revoked
- building access is revoked and passes are returned, and
- information, documentation and intellectual property is protected?
- Confirm that reasons for termination/expulsion are recorded, e.g. a permanent record is kept for the customer, staff member, contractor, provider or supplier.
- Confirm that termination/expulsion reasons are shared with other parties with a need-to-know. For example, other organisations or programmes are informed of:
- serious or organised fraud, or
- staff/contractor/vendor terminations for fraud/misconduct.