Disclosure and reporting

This control targets internal fraud risks.

Examples

Examples of this control include: 

• requiring employees to declare conflicts of interest
• requiring employees to report gifts, benefits and hospitality
• creating a process for employees to report accidental unauthorised accesses or disclosures
• requiring employees or contractors to report when their circumstances change, e.g. to maintain a security clearance.

Risks from control gap 

Lack of disclosure and reporting processes can lead to or disguise:

• employees and third parties failing to disclose gifts, benefits, incidents, mistakes and real or perceived conflicts of interest
• fraudulent conduct, dishonest influence or corruption 
• employees and contractors being coerced to commit fraud for the benefit of another person or organisation.

Assessing effectiveness

Methods to evaluate the effectiveness of this control include:

• confirming policy and guidance material exists for disclosure or reporting
• confirming guidance material is available and easy to access
• reviewing guidance material to make sure it is clear and easy to understand
• confirming that registers for reporting exist and are easily accessible
• asking employees about the disclosure forms, processes or systems to make sure they have a consistent understanding of how to use them
• analysing the use of registers, e.g. for gifts, conflicts of interest, or incidents and mistakes.

Related fraudster personas

Types of behaviour this control is designed to mitigate:

More information

• See how a robust and well-structured procurement process is the first line of defence against procurement fraud and corruption
• Minimise the opportunities for fraudsters to exploit your government-funded initiative
• See what bespoke fraud prevention support services the Counter Fraud Centre could offer your public sector organisation
• Carry out a fraud risk scan to identify potential areas of fraud risk within your organisation