The Coercer
The Coercer influences, manipulates or bribes another person to act in a desired way to dishonestly gain personal benefits.
This might involve negative incentives such as threats or intimidation, or positive incentives such as favour or monetary kickbacks.
Examples:
- A criminal organisation threatens public officials to win government contracts.
- An individual intimidates another person to make them hand over personal or banking information to commit fraud.
Case studies
Police have arrested a high school principal and his brother in law, on charges of embezzling $1.4m of public funds earmarked for public school works.
A former Services Australia employee used their position to create a fictional identity and claim Jobseeker payments over March and April 2021 totalling $3,828.
Countermeasures
Counter the Coercer using measures that support probity, information security, oversight and deterrence:
Assess the integrity of new employees, contractors or third parties such as by having entry level checks, probationary periods, suitability assessments or security vetting.
Make sure a manager, independent person or expert oversees actions and decisions. Involving multiple people in actions and decisions increases transparency and reduces the opportunity for fraud.
Require and support staff and third parties to self-disclose gifts, benefits, incidents, mistakes and real or perceived conflicts of interest.
Limit access to systems, data, information, physical documents, offices and assets.
Limit and control functionality within systems with user permissions. Assign permissions to users based on specific business needs, such as making high-risk functions limited to specialised users. The Protective Security Policy Framework sets out the government protective security policies that support this countermeasure.
Limit access to sensitive information and records.
Separate duties by allocating tasks and associated privileges for a business process to multiple staff. This is very important in areas such as payroll, finance, procurement, contract management and human resources. Systems help to enforce the strong separation of duties. This is also known as segregation of duties.
Use system workflows to make sure all requests, claims or activities are approved only by the appropriate decision-maker.
Make sure sensitive or official information cannot leave your entity's network without authority or detection.
Personal and government information is highly sought after by fraudsters and organised criminals. The way data is collected and stored can also change the scale and impact of a potential breach.
To better protect personal information, the minimal data required for a transaction should be collected, used and retained.
Make sure sensitive or official information cannot leave your entity's network without authority or detection.
Train and support staff to identify red flags to detect fraud, know what to do if they suspect fraud and know how to report it. Fraudsters can take advantage if staff and contractors are not aware of what constitutes fraud and corruption.
Put in place processes for staff or external parties to lodge tip-offs or Public Interest Disclosures.
Internal or external audits or reviews evaluate the process, purpose and outcome of activities. Clients, public officials or contractors can take advantage of weaknesses in government programs and systems to commit fraud, act corruptly, and avoid exposure.
Capture documents and other evidence for requests, claims and activities to detect, analyse, investigate and disrupt fraudulent activity.
These are processes for ending an individual’s or entity’s engagement or involvement with an organisation or program.