AFSA Fraud Control Plan 2020 - 2022

Fraud damages public confidence in the personal insolvency and the personal property securities (PPS) systems and AFSA’s reputation as the administrator and regulator of these systems. Fraud reduces the resources available to deliver AFSA’s services and achieve AFSA’s purpose.

AFSA has zero tolerance to fraud and is committed to minimising the incidence of fraud through the identification and management of fraud risks and the development, implementation and regular review of fraud prevention and detection strategies.

We are committed to our purpose to maintain the confidence in Australia’s personal insolvency and PPS systems by delivering fair, efficient and effective trustee and registry services, and risk-based regulation. Preventing, detecting and responding to fraud and corruption is an important part of meeting that commitment.

The Fraud Control Plan (FCP) outlines our approach to managing fraud and corruption risks and complies with the Commonwealth Fraud Control Framework.

The FCP is reviewed every two years and details staff fraud control responsibilities, and our fraud prevention, detection and response strategies to fraud and corruption.

The FCP outlines the important fraud control role that everyone who works in AFSA plays. AFSA staff must report all suspected cases of fraud or corruption. The FCP outlines how to report fraud and where to get further information.

The FCP recognises that it takes the vigilance of the whole community to detect fraud and protect the trust that the public places in the personal insolvency and PPS systems. We encourage our stakeholders to engage and report concerns, working with us to maintain confidence in the personal insolvency and PPS systems.

Hamish McCormick

Chief Executive and Inspector-General in Bankruptcy

The AFSA Fraud Control Plan (FCP)

The FCP documents AFSA’s approach to controlling fraud at a strategic, operational and tactical level, and encompasses prevention, detection, investigation and reporting measures. The FCP provides an overview of how fraud and corruption risks will be managed and ensures compliance with the Commonwealth Fraud Control Framework 2017 (CFCF).

AFSA’s FCP:

  • defines fraud
  • states our attitude and approach to fraud and corruption control
  • provides a framework for preventing, detecting and responding to fraud
  • states that fraud and corruption within AFSA is everyone’s responsibility

Risk tolerance

AFSA recognises that not all fraud and corruption risks can be avoided or prevented. This means that, despite AFSA’s best monitoring and intelligence gathering activities, fraud is not easy to uncover early without the assistance of others.

AFSA maintains a ‘zero tolerance’ attitude towards fraud.  This means AFSA will:

  • assess and, where appropriate, investigate all allegations of fraud and corruption.
  • seek to recover losses caused by illegal activity through proceeds of crime and civil recovery processes.
  • criminally prosecute where appropriate
  • apply appropriate civil, administrative or disciplinary penalties including termination of employment if warranted.

Fraud defined

The CFCF defines fraud as dishonestly obtaining a benefit, or causing a loss, by deception or other means. The CFCF acknowledges that fraud requires an element of intent being more than carelessness, accident or error.

The definition includes, but is not limited to:

  • theft
  • accounting fraud (e.g. false invoices, misappropriation)
  • misuse of Commonwealth credit cards
  • unlawful use of, or unlawful obtaining of, property, equipment, material or services
  • causing a loss, or avoiding or creating a liability
  • providing false or misleading information to the Commonwealth, or failing to provide information where there is an obligation to do so
  • misuse of Commonwealth assets, equipment or facilities
  • cartel conduct
  • making, or using, false, forged or falsified documents
  • wrongfully using Commonwealth information or intellectual property

The benefits referred to can be either tangible or intangible. Examples include:

  • hacking into, or interfering with a Commonwealth computer system
  • charging the Commonwealth for goods and services that are incomplete or not delivered
  • identity fraud
  • hiding or disposing of assets by bankrupts to avoid paying creditors.

For AFSA, the definition of ‘fraud’ includes theft of, or damage to, property under the custody and control of AFSA or forfeited to the Commonwealth and in the custody of AFSA as well as regulatory fraud; being dishonesty related to:

  • offences under the Bankruptcy Act 1966 (Bankruptcy Act) by bankrupts, debtors, creditors, registered bankruptcy trustees and their staff and other administrators under the bankruptcy legislation
  • the administration of the Personal Property Securities Act 2009 (PPS Act).

Fraud can also constitute offences under the Criminal Code Act 1995 or the Crimes Act 1914 and can be perpetrated by employees (internal fraud) or by persons outside the organisation (external fraud). It can involve financial and non-financial incidents that impact upon AFSA’s operations, delivery of services, collection of revenue, and undermine public confidence in AFSA, the personal insolvency system and the Personal Property Securities Register (PPSR).

Corruption defined

AFSA defines corruption as ‘dishonest or fraudulent conduct by a Commonwealth public official’ and can typically involving bribery or the transfer of some of benefit in exchange for the dishonest conduct. 

Examples of corruption that may be occur in AFSA include:

  • abuse of position (e.g. provision of AFSA held information to facilitate external fraud committed by others, biased decision-making)
  • nepotism
  • collusion for personal gain.

Fraud and corruption risks

Regular assessments of fraud and corruption risks are critical to preventing fraud and corruption from occurring, as outlined in the Public Governance Performance and Accountability Act 2013 (PGPA Act). AFSA conducts regular risk assessments and reviews to ensure we maintain appropriate systems of fraud and corruption risk management.

There are a range of internal and external factors that influence the level of fraud risk to AFSA.  This includes external environmental drivers such as the state of the economy to internal drivers such as unethical standards of employees.

External and internal fraud risks

AFSA’s ongoing fraud risk assessment measures deal with the business as usual (BAU) operational issues focusing on areas where opportunistic fraud that can occur through:

  • undeclared real or perceived conflicts of interest
  • corruption (eg: bribery of AFSA employees)
  • exploitation of administration processes (eg: official procurement processes and procedures not adhered to)
  • unauthorised access or misuse of AFSA systems and facilities 
  • release of information; including unauthorised access to systems and data.

Regulatory fraud risks

Regulatory fraud risks relate to AFSA’s regulatory work and threats to the operation of both the personal insolvency and personal property securities systems.

The risks can be small scale dishonest conduct committed by an individual who deliberately provides the Registrar of Personal Property Securities with false information, through to a registered personal insolvency practitioner who attempts a significant fraud from a bankrupt estate, or an untrustworthy advisor who provides advice to others which may lead to fraudulent conduct.

These threats and risks are treated through AFSA’s regulatory strategy.

Insider threat

Malicious insiders are employees or contractors who are either self-motivated or may be targeted by external parties (e.g. organised crime) to take advantage of legitimate access to information, methodologies, technology assets and premises. This conduct can enable fraudulent behaviour.

Our control measures include pre-employment screening, requirements to declare conflicts of interest (real and perceived), security clearances, and the sharing of intelligence information.

Fraud and corruption control framework

AFSA’s Fraud and Corruption Control Framework (FCCF) is built around the basic principles of prevention detection, response and evaluation. The framework consists of a range of fraud control strategies, which are designed to protect both AFSA and its staff. Each strategy contributes to the effectiveness and efficiency of the overall framework, and is consistent with our culture and operations.

AFSA’s framework is consistent with the CFCF and includes the following fraud and corruption control strategies and measures:

Prevention

Fraud prevention strategies are the first line of defence and provide the most cost-effective method of controlling fraud within AFSA and within the systems AFSA regulates. To be effective, fraud prevention requires a number of contributory elements, including an effective fraud risk management approach, a robust ethical organisational culture that does not tolerate fraud, a strong awareness of fraud among staff, suppliers and clients, and an effective internal control framework.

Our fraud prevention strategies include:

  • sound fraud risk management
  • a strong fraud control framework
  • a solid awareness of what fraud is and how to deal with it
  • regular fraud awareness training and communication about updates and changes to fraud-related policies
  • an intranet page dedicated to fraud awareness
  • an ethical behaviour and culture, lead by management, and underpinned by the APS Code of Conduct and APS Values
  • robust pre-employment screening
  • robust ICT security
  • making compliance simpler for users of our systems
  • information is available to all parties participating in the personal insolvency and personal property securities systems to ensure they understand their rights, obligations and responsibilities
  • media releases highlighting the consequences of committing offences and contraventions of the Bankruptcy Act and PPS Act.

Detection

Despite AFSA’s best preventive strategies, not all fraud risks can be eliminated.  AFSA’s fraud detection actions are based on early detection and limitation to exposure where fraud does occur.  Principle detection measures include:

  • training and support to employees in identifying and reporting fraud and corruption
  • regular management reviews
  • quality assurance reviews
  • internal and external audits
  • fraud reporting mechanisms such as Tip-offs and Public Interest Disclosures (PID)
  • risk profiling of insolvency practitioners
  • disclosures about changes in circumstances and external interests (security clearance holders)
  • sharing intelligence with, and collaborating across government
  • analysis of fraud referrals to identify possible trends

Response

Any alleged fraudulent or corrupt behaviour that is reported to or detected by AFSA will be handled appropriately, including:

  • assessment of all allegations to determine an appropriate response
  • when an investigation is deemed appropriate, undertake investigations in accordance with the Australian Government Investigations Standards (AGIS)
  • pursue disciplinary, administrative, civil or criminal actions as appropriate
  • pursue recovery of fraudulently or criminally obtained benefits where appropriate
  • referral to the Australian Federal Police (AFP) or other law enforcement agency as appropriate

Evaluation

Assessing the performance of fraud control activities is an important element of AFSA’s accountability to key stakeholders, such as the Minister for Finance, the Attorney-General, clients, the Parliament and the general public. AFSA’s monitoring, evaluating and reporting includes:

  • review of fraud management practices
  • review of the FCP
  • strategic and annual internal audit plans
  • reporting to external parties as required

Monitoring, evaluating and reporting fraud

  • ongoing monitoring of all controls, coupled with an ‘as-needs-be’ adjustment of specific controls to meet new or emerging circumstances
  • continual improvement of fraud and corruption control processes and systems

All strategies are reviewed on a regular basis to ensure approaches remain appropriate, cost-effective and proportionate to relevant risks.

Reporting fraud and corruption

Fraud Reporting Mechanisms

For internal purposes, AFSA employees, as Australian public service employees, have an obligation to report incidents of suspected fraud or corruption in accordance with the APS code of conduct. Reports can be made by:

  • a staff member raising the incident with their manager
  • a submission by staff of an Fraud Incident Report from AFSA’s intranet submitted to the National Manager Regulation and Enforcement
  • email integrityteam [at] afsa.gov.au 
  • contacting the Australian Public Service Commissioner
  • making an on-line complaint to the Commonwealth Ombudsman

For external purposes, reports about fraud, being either fraud against AFSA from an external party or regulatory fraud in relation to the Bankruptcy Act or the PPS Act, can be reported to AFSA by:

  • completion of the alleged offence referral form in relation to allegations relating to the Bankruptcy Act
  • completion of the PPSR misuse form in relation to allegations relating to the Personal Property Securities Act
  • post to GPO Box 548 Sydney NSW 2001
  • email to fraud.enquiries [at] afsa.gov.au
  • phone 1300 364 785 and ask to speak to AFSA Enforcement
  • anonymous tip-offs submitted on the AFSA website

Current and former AFSA employees may also consider reporting alleged fraud and corruption under the Public Interest Disclosure Act 2013 (Cth) to pid [at] afsa.gov.au. AFSA employees are encouraged to read our internal policy about the Public Interest Disclosure Act 2013 (Cth) prior to making a disclosure. 

ASFA Fraud Reports

Regular reporting is an important part of effective governance and assurance. To ensure our fraud control arrangements are appropriate and systems remain in place to prevent, detect and respond to fraud and corruption, the following internal and external reporting occurs:

  • quarterly to the Risk and Operations Management Committee
  • quarterly to the Audit Committee
  • quarterly to the National Management Board
  • annually to the Australian Institute of Criminology
  • as required to the Commonwealth Ombudsman in accordance with the requirements of the Public Interest Disclosure scheme.

Referrals and information exchange also occur on a case by case basis to other agencies such as the Commonwealth Director of Public Prosecutions, Australian Federal Police, Australian Securities & Investments Commission, and the Phoenix Taskforce.

Key responsibilities for fraud and corruption control

While managing fraud and corruption is everyone’s responsibility, a number of bodies and positions have particular roles to play:

  • Chief Executive: as the accountable authority, is responsible for taking all reasonable measures to prevent, detect and deal with fraud relating to AFSA.
  • National Management Board: monitors the conduct of fraud risk assessments, and the maintenance of fraud risk registers in each division
  • Audit Committee: reviews and provides independent advice regarding AFSA’s fraud risk management arrangements
  • Risk and Operational Management Committee: reviews and endorses divisional fraud risk assessments prepared by Divisional Risk Coordinators
  • National Manager Regulation & Enforcement: co-ordinates the implementation of the Fraud Control Plan
  • Divisional Risk Coordinators: conducts divisional fraud risk assessments in consultation with relevant management as part of the general business risk management approach
  • Fraud Risk Control owners: for identified fraud risks within the Strategic Risk Register and the Enterprise Risk Register
  • Integrity Team: A multi-disciplinary team supporting AFSA’s ethical organisational cultural and zero tolerance approach to fraud and corruption

As well as the above, the following also have key responsibilities for reducing fraud and corruption risk:

  • Senior Executives: provide strong leadership and foster and support a culture of awareness and reporting.
  • Executive Level staff: ensure risk management is applied in the operation of their respective Divisions and Teams.
  • All AFSA employees and contractors: identify and report fraud and corruption risks which are likely to impact AFSA and/or the personal insolvency and personal property securities systems and ensure related policies and procedures are adhered to.