Require mandatory information

Type of countermeasure

This is a prevention countermeasure. Prevention countermeasures are the most common and cost-effective way to stop fraud. They prevent or limit the size of the fraud risk by reducing the likelihood and consequences of fraud.

decorative prevention countermeasures

Summary

Make sure forms or system controls require mandatory information to support claims or requests.

Why this countermeasure matters

Not collecting mandatory information to support claims or requests may lead to:

  • manual follow-up and processing
  • increased opportunities for omissions and errors
  • fraudsters deliberately making false claims by omitting relevant information
  • fraudsters receiving payments or services they are not entitled to
  • fraudsters accessing information or systems without a business need
  • fraudsters providing false information or evidence to support a request or claim
  • fraudsters concealing information that would affect their entitlement.

How you might apply this countermeasure

Some ways to implement this countermeasure include requiring:

  • mandatory fields to be completed on online claim forms
  • applicants to provide income and asset statements with their claim
  • providers to provide business details such as their ABN
  • service providers, grant recipients or vendors to provide business details such as their ABN, ANZSIC code, business address, email address, phone number, authorised contact and associates. Note: you can verify these details using ABR Explorer
  • supporting evidence to be attached with the claim.

How to check if your countermeasures are effective

Here are some ways to measure the effectiveness of this type of countermeasure:

  • review policies and procedures to see if they conform to national guidelines and frameworks
  • confirm the existence of reference and guidance material
  • confirm mandatory information is consistently obtained
  • review a sample of completed requests/transactions to confirm all mandatory information was provided
  • ask staff about the mandatory requirements to make sure they have a consistent and correct understanding
  • undertake pressure testing or a process walk-through to confirm that mandatory information must be provided even when pressure or coercion is applied
  • identify how mandatory requirements are communicated to staff, clients and third parties
  • review the training staff receive to make sure it includes information about collecting and using mandatory information
  • review approvals processes and make sure mandatory information is checked.

Related countermeasures

This type of countermeasure is supported by:

Authenticate identity

Authenticate customer or third-party identities during each interaction to confirm the person owns the identity record they are trying to access.

Unique identifiers

Create and use unique and random identifiers to avoid misuse, such as: unique and random account numbers, claim references or asset numbers.

Clear and specific eligibility requirements

Clear eligibility requirements and only approve requests or claims that meet the criteria. This can include internal requests for staff access to systems or information.

Verify information

Verify any requests or claim information you receive with an independent and credible source.

Related Fraudster Personas

This countermeasure helps prevent, detect or respond to the following Fraudster Personas:

The Fabricator

The Fabricator invents or produces something that is false to dishonestly gain personal benefits.

The Organised

The Organised are groups which use a combination of methods in planned, coordinated and sophisticated ways to dishonestly gain benefits.

The Impersonator

The Impersonator pretends they are another person or entity to dishonestly gain personal benefits.

The Deceiver

The Deceiver makes others believe something that is not true to dishonestly gain personal benefits.

Was this page helpful?