Complaints handling
Allow clients, employees and third parties to lodge complaints about actions or decisions they disagree with.
This control targets both internal and external fraud risks.
Examples
Examples of this control include:
- allowing clients, employees and external parties to make complaints or raise concerns about:
- issues with payments, e.g. unexpected delays
- issues they experience with services
- the conduct or operations of service providers or other third parties
- a procurement outcome
- a recruitment outcome
- the conduct of others in the workplace
- training employees to look for fraud and corruption, e.g. cartel behaviour, when reviewing complaints
- creating a complaints management strategy that outlines how to resolve a complaint and provide feedback to the person who made the complaint
- storing, collating and sharing complaint information for intelligence and detection purposes.
Risks from control gap
Having no clear process for making complaints can lead to:
- disgruntled employees, clients or third parties becoming motivated to commit fraud or rationalising fraudulent or corrupt behaviour
- fraud or corrupt activity going unnoticed or unchallenged
- delays in investigations and responses
- unknown systemic fraud or corruption.
Assessing effectiveness
Methods to evaluate the effectiveness of this control include:
- confirming the process for making complaints is easy to locate and use
- measuring how long it would take to receive a complaint and respond to potential fraud
- confirming that a consistent process exists for making and handling complaints
- confirming the options for lodging complaints are clearly communicated, e.g. providing a dedicated phone number
- confirming that complaints are adequately investigated
- confirming that clear processes exist for referring cases of potential fraud for investigation
- confirming that clients, employees or third parties would be able to notice changes that are different from what is standard, normal or expected.
Complementary controls
Other capability, prevention, detection and response controls that can enhance this control’s effectiveness:
Related fraudster personas
Types of behaviour this control is designed to mitigate:
The corrupt
|
The deceiver
|
The enabler
|
The exploiter
|
The fabricator
|
The impersonator
|
The organised
|
Download the complete fraud control catalogue
Explore a range of controls that can be put in place to reduce the risk of fraud happening in your organisation.
More information
- Understand the wider impacts of public sector fraud, beyond just financial
- See how a robust pre-employment screening process is one of the most effective ways to reduce the risk of employee fraud and corruption in your organisation
- Scan your organisation’s operations to identify potential areas of fraud risk and exposure
- See examples of effective, low-cost counter fraud messaging your organisation can use