Document capture and storage
Summary
Capture documents and other evidence for requests, claims and activities to detect, analyse, investigate and disrupt fraudulent activity. This control is supported by the National Archives of Australia’s Information Management Standards and the Protective Security Policy Framework.
Why this countermeasure matters
The prosecution must prove every element of an offence beyond reasonable doubt to convict someone. Poor or no capture and storage of documents and evidence may lead to:
- difficultly in detecting, analysing, investigating and disrupting fraudulent activity
- briefs of evidence being rejected by the Commonwealth Director of Public Prosecutions
- criminal, civil or administrative actions failing due to inadmissible evidence
- information not being able to be effectively shared with other entities
- information being improperly accessed or released.
How you might apply this countermeasure
Some ways to implement this countermeasure include setting up evidence and document capture and storage processes like:
- storing all claim forms on a system
- scanning and uploading all evidence for a claim into a system
- documenting decisions on a system before processing the activity
- keeping all procurement decisions and documentation on file.
How to check if your countermeasures are effective
To measure the effectiveness of this type of countermeasure:
- confirm the capture and storage of documents and evidence is in compliance with the National Archives of Australia’s Information Management Standards. In particular:
- Principle 4: Business information is suitably stored and preserved.
- Principle 7: Business information is saved in systems where it can be appropriately managed.
- Principle 8: Business information is available for use and reuse.
- confirm the capture and storage of documents and evidence is in compliance with the Australian Government Investigations Standards and other national guidelines or frameworks.
- consult with investigators about what evidence is required.
- confirm that enough evidence is captured to support an investigation.
- check the method of storage is automatic and reliable.
- check staff instructions are clearly documented and followed if processes are manual.
- confirm that documents are stored securely – test this if required.
- confirm that evidence is available to investigators.
- review who has access to documents.
- check if documents can be altered and if the original is retained.
- confirm that audit logging applies to all access/updates to documentation.
- confirm that documents are retained as per the relevant Records Authority.
- confirm that you can access evidence held by another party if using coercive powers.
Related countermeasures
This type of countermeasure is supported by:
Make sure a manager, independent person or expert oversees actions and decisions. Involving multiple people in actions and decisions increases transparency and reduces the opportunity for fraud.
Develop clear instructions and guidance for activities and processes, such as instructions for collecting the right information to verify eligibility or entitlements, procedures to help staff apply consistent and correct processes and guidance to help staff make correct and ethical decisions.
Make sure requests or claims use a specific form, process or system for consistency.
Make sure sensitive or official information cannot leave your entity's network without authority or detection.
Create lists to quickly compare information to automate or require further actions.
Audit logging is system-generated audit trails of staff, client or third-party interactions that help with fraud investigations.
Related Fraudster Personas
This countermeasure helps prevent, detect or respond to the following Fraudster Personas:
