Accurate information maintenance
Create policies, rules, processes and systems that check, update and verify information and data where possible.
This control targets both internal and external fraud risks.
Examples
Examples of this control include:
- regularly checking information with clients to ensure it is accurate and up to date
- flagging potentially old and outdated information
- matching information with more up-to-date records
- having processes to notify and confirm with clients when their information is updated
- having systems in place to independently check and verify the accuracy of data
- having systems in place to confirm the identity of individuals providing data
- requiring clients and stakeholders to update any changes in their circumstances
- having clear, simple and secure processes for clients and stakeholders to update their data
- having systems in place to identify and monitor changes to data
- having systems in place to secure and limit access to data.
Risks from control gap
Providing services to someone without having accurate data can lead to:
- fraudsters impersonating clients or third parties to receive fraudulent payments or gain access to information
- someone providing false or misleading information to support a request or claim
- fraudulent payments being made multiple times
- dual claiming of different payment or benefit types
- incorrect and inconsistent reporting and decision making
- other control weaknesses, e.g. less effective fraud detection.
Assessing effectiveness
Methods to evaluate the effectiveness of this control include:
- confirming that clear and consistent processes exist for checking, updating and correcting information and data
- analysing data to confirm incorrect information can be identified and corrected
- confirming the existence of reference and guidance material
- checking if and how incorrect information is reported
- identifying how the requirement to maintain accurate information and data is communicated to employees, clients and stakeholders
- identifying whether claims or data matching are hindered by not having accurate data
- surveying clients to check when and how they update information
- reviewing identified cases of fraud involving the exploitation of inaccurate data.
Complementary controls
Other capability, prevention, detection and response controls that can enhance this control’s effectiveness:
Related fraudster personas
Types of behaviour this control is designed to mitigate:
The enabler
|
The exploiter
|
The fabricator
|
Download the complete fraud control catalogue
Explore a range of controls that can be put in place to reduce the risk of fraud happening in your organisation.
More information
- Carry out a fraud risk scan to identify potential areas of fraud risk within your organisation
- Register for a range of workshops and webinars, free for public sector employees
- Find out more about what the Counter Fraud Centre offers public sector organisations to help build their counter fraud capability
- Take our online learning modules to strengthen your fraud awareness