Random allocation

Type of countermeasure

This is a prevention countermeasure. Prevention countermeasures are the most common and cost-effective way to stop fraud. They prevent or limit the size of the fraud risk by reducing the likelihood and consequences of fraud.

decorative prevention countermeasures

Summary

Randomly allocate requests or claims to staff for processing. This removes the option for staff to select which claims to process.

Why this countermeasure matters

Allowing staff to 'cherry-pick' which requests or claims to process themselves increases the risk of:

  • staff deliberately processing fraudulent requests or claims
  • staff being coerced to process fraudulent requests or claims by others.

How you might apply this countermeasure

One way to implement this countermeasure includes making sure systems or processes randomly allocate work to processing staff.

How to check if your countermeasures are effective

Here are some ways to measure the effectiveness of this type of countermeasure:

  • confirm random allocation processes are always applied
  • review workload management specifications and system requirements
  • review reports of work allocation, such as by location and staff user ID
  • undertake pressure testing or a process walk-through to confirm that allocation processes cannot be ignored even when pressure or coercion is applied
  • review approvals process and make sure there is a separation of duties
  • confirm monitoring and reporting processes exist for allocation, and confirm this would identify abnormal processing patterns.

Related countermeasures

This type of countermeasure is supported by:

Sufficient resourcing

Adequately resourced prevention and compliance areas enable entities to perform effective countermeasures.

Procedural instructions or guidance

Develop clear instructions and guidance for activities and processes, such as instructions for collecting the right information to verify eligibility or entitlements, procedures to help staff apply consistent and correct processes and guidance to help staff make correct and ethical decisions.

User permissions in systems

Limit and control functionality within systems with user permissions. Assign permissions to users based on specific business needs, such as making high-risk functions limited to specialised users. The Protective Security Policy Framework sets out the government protective security policies that support this countermeasure.

Related Fraudster Personas

This countermeasure helps prevent, detect or respond to the following Fraudster Personas:

The Organised

The Organised are groups which use a combination of methods in planned, coordinated and sophisticated ways to dishonestly gain benefits.

The Exploiter

The Exploiter uses something for a wrongful purpose to dishonestly gain personal benefits.

The Coercer

The Coercer influences, manipulates or bribes another person to act in a desired way to dishonestly gain personal benefits.

Was this page helpful?