Separation and termination processes
Put in place processes to properly close an individual or organisation’s engagement or involvement with an agency or programme.
This control targets both internal and external fraud risks.
Examples
Examples of this control include:
- using checklists to ensure all access, equipment and responsibilities are closed out for former employees and contractors
- terminating staff or contractors for fraud or misconduct
- cancelling registrations if providers are found to be involved in fraud or misconduct
- removing suppliers from a procurement panel due to fraud or misconduct.
Risks from control gap
Unclear or inconsistent separation and termination processes can lead to:
- insider threats
- dysfunctional workplace cultures
- previous employees retaining access to systems
- fraudsters being reemployed
- suppliers not being properly deregistered and re-entering the system.
Assessing effectiveness
Methods to evaluate the effectiveness of this control include:
- reviewing processes and/or guidelines for termination or separation
- confirming that employees, contractors or providers would be terminated or expelled for fraud or non-compliance
- confirming that data is captured and reported for all terminations involving fraud or misconduct
- identifying cases where staff members, contractors or providers have been terminated for fraud or non-compliance
- confirming processes are adhered to and reported on when contracts end by making sure:
- assets are returned
- system access is revoked
- building access is revoked (passes are returned)
- information, documentation and intellectual property is protected
- confirming that reasons for termination are recorded by keeping a permanent record for the customer, staff member, contractor, provider or supplier
- confirming that any request for a serious misconduct disciplinary record made to a previous employer was in line with the Workforce Assurance Model Standards and Privacy Act 2020.
Complementary controls
Other capability, prevention, detection and response controls that can enhance this control’s effectiveness:
Related fraudster personas
Types of behaviour this control is designed to mitigate:
The corrupt
|
The deceiver
|
The enabler
|
The exploiter
|
The fabricator
|
The impersonator
|
The organised
|
Download the complete fraud control catalogue
Explore a range of controls that can be put in place to reduce the risk of fraud happening in your organisation.
More information
- Learn the red flags of mandate fraud, like grooming or manipulation, urgent change requests and emails from unknown senders
- Understand the wider impacts of public sector fraud, beyond just financial
- Gain insights into employees’ perceptions of your organisation’s fraud exposure and fraud management actions
- Register for counter fraud workshops and webinars, free for public sector employees