Chief Executive foreword
Fraud and corruption are risks that can undermine all aspects of Australian Government entities. They have the potential to seriously damage public trust and confidence in the personal insolvency and personal property securities (PPS) systems and criminal asset management, and the Australian Financial Security Authority’s (AFSA) reputation as the administrator and regulator of these systems.
AFSA has zero tolerance to fraud and corruption. We are committed to minimising the occurrence of fraud and corruption impacting the agency through early identification and effective management of fraud and corruption risks. We continue to mature our prevention, detection, and response.
We are committed to maintaining the integrity of Australia’s personal insolvency and PPS systems and criminal asset management. We strive to be a visible, modern, and contemporary regulator. The implementation of effective fraud and corruption prevention, detection and response arrangements are key to delivering on this commitment.
The Fraud and Corruption Control Plan (Plan) outlines AFSA’s approach to managing fraud and corruption risks impacting the agency. The Plan complies with the requirements of section 10 of the Public Governance, Performance and Accountability Rule 2014 and the Commonwealth Fraud and Corruption Control Framework 2024 (Framework).
The Plan provides information on what constitutes fraud and corruption in the AFSA context, how to refer this type of conduct and how AFSA responds to these referrals. All AFSA staff and contractors have a shared responsibility in mitigating the risk of fraud and corruption, and reporting incidents of suspected fraud and corruption.
In line with the requirements of the Framework, the Plan will be reviewed within two years.
I encourage all staff, contractors and stakeholders to familiarise themselves with this Plan, actively identify and report incidents of suspected fraud and corruption, and work with us to maintain trust and confidence in the personal insolvency and PPS systems and criminal asset management.
Tim Beresford
Chief Executive, Inspector-General in Bankruptcy and Registrar of Personal Property Securities
Introduction
This Plan documents the strategic and operational approach to controlling fraud and corruption impacting AFSA. It ensures compliance with the requirements of section 10 of the Public Governance, Performance and Accountability Rule 2014, the Commonwealth Fraud and Corruption Rule (Rule) and Commonwealth Fraud and Corruption Policy (Policy).
In meeting its obligations, the Plan communicates AFSA’s:
- overall commitment to managing and responding to fraud and corruption risks
- risk appetite and tolerance to fraud and corruption
- key roles and responsibilities of relevant officials and committees
- arrangements currently in place or maturing over the duration of this Plan for preventing, detecting, responding and reporting on fraud and corruption.
Risk tolerance
We acknowledge that, in our interactions with clients and service providers, and in the delivery of our services, we cannot avoid or prevent all fraud and corruption risks.
AFSA has zero tolerance to any fraudulent or corrupt behaviour that may impact the agency. Zero tolerance means AFSA takes all reasonable measures to prevent, detect and respond to fraud and corruption risks.
This means that AFSA will:
- analyse and take reasonable steps to protect the personal insolvency and personal property securities (PPS) systems and proceeds of crime through criminal assets management, by minimising the occurrence and impact of fraud, corruption and other crimes
- assess and, where appropriate, investigate all allegations of suspected fraud and corruption
- pursue criminal, civil, administrative and disciplinary penalties, including termination of employment), where appropriate
- seek to prosecute through the courts, where appropriate
- seek the recovery of funds obtained, where appropriate.
What is fraud?
Fraud is defined in the Commonwealth Fraud and Corruption Control Framework as ‘dishonestly obtaining (including attempting to obtain) a gain or benefit, or causing a loss or risk of loss, by deception or other means’. The conduct does not need to represent a breach of criminal law.
Fraud can be committed by parties internal and external to AFSA. A benefit or loss is not restricted to a material benefit or loss, and may be tangible or intangible. A benefit may also be obtained by a third party.
Internal fraud is committed by AFSA staff or contractors, and can include:
- falsely claiming employee benefits
- falsifying qualifications
- theft or misuse of information (e.g. government information and personal records)
- accounting fraud (e.g. false invoices, misappropriation)
- misuse of corporate credit cards (e.g. for personal use)
- causing a loss, avoiding or creating a liability
- accessing and disclosing sensitive information without authorisation
- using government assets (e.g. property, equipment, material or services) for personal gain.
External fraud is committed against AFSA (including programs or systems administered by AFSA) by external individuals, and can include:
- through identity fraud, take action to impact the personal insolvency / bankruptcy status of a third party for personal gain or causing a loss to a third party
- creating false registrations on the Personal Property Securities (PPSR) Register for personal gain or causing a loss to a third party
- procurement-related fraud through activities such as contractors or suppliers inflating prices, price-fixing within contractors, bid-rigging, product substitution and delivering substandard goods or services.
Fraud may also constitute offences under the Criminal Code Act 1995 or the Crimes Act 1914, and as highlighted above, can be perpetrated by staff or contractors (internal fraud) or those outside the organisation (external fraud), or by collusion of staff and outsiders. It can involve financial and non-financial incidents that impact on AFSA’s operations, delivery of services, collection of revenue, and undermine public trust and confidence in AFSA, the personal insolvency system and the Personal Property Securities Register (PPSR).
What is corruption?
The Framework defines corruption (or corrupt conduct) broadly consistently with the definition in the National Anti-Corruption Commission Act 2022, and is any conduct that does or could compromise the integrity, accountability or probity of public administration.
A person engages in corrupt conduct if they:
- as a public official and they breach public trust
- as a public official and they abuse their office as a public official
- as a public official or former public official and they misuse information they have gained in their capacity as a public official
- do something that adversely affects a public official’s honest or impartial exercise of powers or performance of official duties. Any person can engage in this type of corrupt conduct, even if they are not a public official themselves.
Examples of corruption impacting AFSA may include:
- abuse of office (e.g. provision of sensitive information to facilitate external fraud committed by others; modifying PPSR information for personal gain or benefit of others)
- biased decision-making by AFSA officials (e.g. preferential treatment during tender evaluation/ procurement process, exercising legislative powers in absence of declared conflicts of interest)
- nepotism (e.g. favouritism towards family or friends), particularly in relation to recruitment or procurement processes
- collusion for personal gain (e.g. preferential treatment to a third party, acceptance of bribes).
Key responsibilities for fraud and corruption control
All AFSA staff and contractors have a shared responsibility to mitigate the risk of fraud and corruption impacting our agency. In doing so, all our staff and contractors are expected to understand what constitutes fraudulent and corrupt conduct and know what to do if they suspect it.
The following bodies and positions have specific responsibilities in managing AFSA’s fraud and corruption control environment:
Body or position | Role in managing fraud and corruption risks |
---|---|
Chief Executive (CE) | as the accountable authority, is responsible for taking all reasonable measures to prevent, detect and respond to fraud and corruption relating to AFSA. |
Chief Operating Officer (COO) | is responsible for coordination and implementation of AFSA’s Fraud and Corruption Control Plan. |
Director, Security and Facilities | is responsible for management of AFSA’s fraud, corruption and broader integrity policies and the provision of technical advice and support to business lines. |
Executive Committee (EC) | guides the design and implementation of effective governance arrangements, including effective risk management systems and practices. |
Audit and Risk Committee | oversights and provides advice to the Chief Executive in relation to the effectiveness of the entity’s fraud control arrangements. |
AFSA Integrity Team | responsible for receiving, triaging, and actioning all allegations of suspected fraud, corruption and serious wrongdoing. |
Risk owner - Enterprise Level – Fraud and/or corruption (ER2) | the COO, as the risk owner for ER2, is responsible for ensuring a contemporary view of risk that ER2 poses to AFSA’s strategic operations; and the appropriateness of ER2 related critical controls. |
Risk Owner (Project or Program) | endorse/accept the risks (including fraud and corruption) associated with the project or program where they are the owner (risk owner). They work with Control Owners to understand risk exposure, coordinate mitigation of risk exposure where desirable, and respond to risk events. |
Critical Control Owner |
work with Verification Owners to assess the effectiveness of critical controls. The outcome of this process is provided to the Risk Owner. |
Verification Owner | undertake effective verification checks of critical controls. The outcome of this process is provided to relevant Critical Control Owner. |
Other roles and responsibilities that reduce fraud and corruption risk at AFSA.
- Senior Executives – provide strong leadership and foster a culture of integrity, awareness and reporting.
- Business line managers – ensure AFSA’s risk management policies and procedures are applied in the operation of their business line activities.
- All AFSA staff and contractors – identify and report fraud and corruption risks or suspected incidents of fraud or corrupt conduct that are likely to impact AFSA operations and/or the personal insolvency and personal property securities systems. Ensure related policies and procedures are adhered to.
Code of conduct
The APS Values, Code of Conduct and Employment Principles shape AFSA’s culture and integrity, through articulating the expectations in terms of performance and standards of behaviour expected of all AFSA employees. All staff are expected to behave in a way that upholds and meets the standards of conduct in line with APS values.
If a staff member is found to have breached the Code of Conduct, a sanction delegate may decide to impose a sanction under section 15 of the Public Service Act 1999. The sanctions available range from a reprimand through to termination of employment.
Managing fraud and corruption risks
Identifying, managing, and mitigating fraud and corruption risks is a key focus of AFSA’s approach to risk management. Through embedding fraud and corruption as one of AFSA’s enterprise level risks (ER2), we ensure that it is managed through structured and systematic processes. This risk is reviewed by AFSA staff designated as being in key roles, including the ‘Risk Owner’, who make use of relevant information to inform strategic and operational decision making. We also use opportunities to raise awareness and discussion through other risk management mechanisms, such as risk reviews, routine assessments of critical controls and staff information sessions. Further details of how this risk relates to AFSA’s enterprise risk management are described in Managing risk at AFSA.
AFSA has implemented arrangements that identify the activities, functions or programs that are at the highest risk of fraud or corruption and assesses the effectiveness of controls on an ongoing basis. The insights from these activities inform the (at least every 2 yearly) review of AFSA’s enterprise level fraud and corruption risk.
Undertaking regular risk reviews of the highest fraud and corruption risk activities, functions or programs and implementing proportionate mitigation measures is critical to reducing the likelihood of fraud and corruption from occurring. AFSA conducts risk assessments and reviews in conjunction with the respective business lines to ensure appropriate consideration of risks, implementation of effective controls and to increase fraud and corruption risk awareness across AFSA.
Fraud and corruption risk profile
There are a range of internal and external factors that influence AFSA’s fraud and corruption risk profile. Internal factors include drivers such as unethical behaviour of employees or contractors increasing the risk of circumventing internal processes for personal gain or increasing the risk of manipulation by external parties for unlawful activity. External factors include drivers such as increasing financial pressures within the economy which contribute to an increase in unethical or unlawful interactions with the personal insolvency and or personal property securities systems.
It is important that AFSA routinely monitors for internal and external factors that have the ability to influence or shift AFSA’s fraud and corruption risk profile.
Insider threat
AFSA is aware of the damage to maintaining trust and confidence in the integrity of AFSA operations and the effective administration of the personal insolvency and or personal property securities systems that could be caused by malicious insiders. The actions of malicious insiders can often be of a fraudulent or corrupt nature and commonly facilitates criminal activity by individuals or entities external to the organisation where the malicious insider works.
To mitigate the threat by malicious insiders, AFSA implements a broad range of measures, which include but is not limited to, pre-employment screening, requirements for conflict-of-interest declarations (real, potential or perceived), security clearances and the sharing of intelligence information.
Fraud and corruption control framework
AFSA’s fraud and corruption control framework is consistent with all legislative requirements of the Australian Government. AFSA implements the requirements of the Framework using the prevention, detection and response model.
- Prevention – the first line of defence, includes proactive strategies designed to help reduce the risk of fraud and corruption occurring.
- Detection – measures designed to uncover incidences of fraud and corruption when they occur.
- Response – assessment, investigation, analysis, referral, prosecution and recovery measures.
Prevention
Prevention strategies are the first line of defence against fraud and corruption. The implementation of these measures is focused towards increasing fraud and corruption awareness, encouraging reporting of suspected incidents, and implementing effective mitigation controls and as a result, reducing the occurrence of fraud and corruption.
To be effective, an agency’s fraud and corruption prevention approach requires the following elements:
- a strong ethical culture that understands that fraudulent and corrupt conduct will not be tolerated
- a high level of awareness of fraud and corruption control policies amongst staff, contractors and relevant stakeholders
- an effective fraud and corruption risk management approach
- an effective internal control framework.
Key components of AFSA’s fraud and corruption prevention approach include:
- Strong integrity culture
- promote awareness of and adherence to the APS Values and Code of Conduct
- promote awareness of and adherence to AFSA conflict of interest and probity requirements
- a high integrity culture demonstrated and led by management
- encourage and support a fraud and corruption reporting culture
- development and implementation of this Plan.
- Communications and training
- engagement and education strategies (including mandatory training modules) to build strong awareness of what fraud and corruption is and how to report it
- through training and communication material, foster an environment that support those that do report suspected fraudulent or corrupt conduct
- regular communication to raise awareness about updates and changes to fraud and corruption policies, including an intranet page dedicated to fraud and corruption awareness
- making information available to all parties participating in personal insolvency and personal property securities systems to ensure they understand their rights, obligations and responsibilities
- media releases highlighting the consequences of fraudulent or corrupt conduct and contraventions of the Bankruptcy Act 1966 and Personal Property Securities Act 2009.
- Risk management
- a contemporary risk management framework that identifies and appropriately mitigates fraud and corruption risks
- a program of regular risk assessments for highest fraud and corruption risk activities, functions or programs
- a program that regularly assesses the effectiveness of critical controls
- regular integrity reporting to raise risk awareness and visibility for risk owners
- robust recruitment and security vetting processes, including screening and onboarding processes
- review and analysis of conflict of interest declarations to identify potential risk trends.
Detection
AFSA currently employs and is committed to maturing measures that are designed to identify incidents of fraudulent or corrupt behaviour. AFSA acknowledges that not all occurrences or incidents can be detected, however, is taking all reasonable measures to detect this type of behaviour.
Measures that AFSA uses to detect fraudulent or corrupt conduct include:
- dedicated reporting mechanisms to receive both internal and external tip-off’s, including anonymous reports
- dedicated reporting channel for reporting public interest disclosures
- internal and external audits
- systematic reviews and analysis or fraud and corruption referrals to identify possible trends
- system-based monitoring of areas of highest risk
- intelligence sharing and collaboration across government.
Response
AFSA uses measures including assessment, investigation, analysis, referral and recovery to respond to suspected fraudulent or corrupt conduct.
AFSA’s response activities include:
- assessing all allegations to determine an appropriate response
- pursuing disciplinary, administrative, civil, or criminal actions as appropriate
- pursuing recovery of fraudulently or criminally obtained benefits, where appropriate
- when an investigation is deemed appropriate, ensure investigations are undertaken in accordance with the Australian Government Investigations Standards
- referring matters to the Australian Federal Police or the National Anti-Corruption Commission (in line with obligations under the National Anti- Corruption Commission Act 2022).
How to report suspected fraud or corruption at AFSA
AFSA staff and contractors must report incidents of suspected fraud and corruption. Reports remain confidential. The AFSA also provides anonymous tip-off forms and supports the public interest disclosure scheme to offer further protections and support.
The details below show the ways that suspected fraud, corruption or serious misconduct can be reported.
Internal
Integrity inbox
integrity@afsa.gov.au
Public Interest Disclosure
pid@afsa.gov.au
(current and former AFSA employees or contractors)
AFSA tip-off form
(this can be made anonymously)
External
AFSA tip-off form
Use in relation to allegations relating to the Bankruptcy Act (you can choose to remain anonymous)
Referring suspected PPSR misuse form
Use in relation to allegations relating to the Personal Property Securities Act (you can choose to remain anonymous)
AFSA Enforcement
1300 364 785
Australian Financial Security Authority
GPO Box 1550
Adelaide SA 5001
Mark all letters ‘in confidence’
When making a report of suspected fraud, corruption or serious misconduct, you are encouraged to include the following information:
- information about the AFSA employee, contractor and the relevant area that you suspect is involved in this activity
- details of the suspected activities, including what, how, when and where it occurred.
Your contact details, so we can seek more information if necessary (your contact details is optional).
Public Interest Disclosure
The Public Interest Disclosure Act 2013 seeks to promote integrity and accountability by:
- encouraging the disclosure of information about alleged serious wrongdoing
- protecting those who make such disclosures
- ensuring that disclosures are properly actioned.
AFSA will act on disclosures as appropriate, and will support and protect disclosers and witnesses from reprisal action. As required by legislation, a person must be a current or former public official to report under the Public Interest Disclosure scheme. Personal work-related conduct is not disclosable conduct unless it could constitute reprisal or is otherwise significant.
To make a public interest disclosure a person can:
- email pid@afsa.gov.au
- disclose to their manager
- speak directly to an AFSA Authorised Officer
Where a discloser believes that it is not appropriate for an agency to handle a disclosure, a disclosure can be made to the Commonwealth Ombudsman at pid@ombudsman.gov.au.
National Anti-Corruption Commission
The commencement of the National Anti-Corruption Commission (NACC) and the National Anti-Corruption Act 2022 introduces mandatory reporting obligations on agency head’s and public interest disclosure officers to refer allegations of serious or systemic corruption to the NACC.
The AFSA integrity team will support the agency head in meeting mandatory referral obligations.
Staff may choose to report serious or systemic corruption to the NACC as a voluntary referral. However, the NACC may choose not to investigate a corruption issue and, in those cases, may refer matters back to AFSA.
Reporting requirements
Regular reporting is an important part of effective governance and provides assurance over the appropriateness of AFSA’s control arrangements to prevent, detect and respond to fraud and corruption. Reporting also increases transparency and trust that AFSA is appropriately identifying and dealing with fraud and corruption.
The table below details the internal and external reporting arrangements:
Reporting to | Requirements | Timeframe |
---|---|---|
Audit and Risk Committee | Oversight of AFSA in accordance with section 45 of the Public Governance, Performance and Accountability Act 2013. | Quarterly |
Executive Committee | Report on enterprise-level Fraud and/or Corruption (ER2) and control effectiveness. | Quarterly |
Commonwealth Ombudsman | Compliance with section 76A of the Public Interest Disclosure Act 2013. | Bi-annually |
Minister | Compliance with the section 19 of the Public Interest Disclosure Act 2013; subparagraph 10(f)(iii) of Fraud and Corruption Rule. | Annually or as required |
Australian Institute of Criminology | Compliance with subparagraph 10(f)(iii) of Fraud and Corruption Rule and Element 8.5(a) of the Commonwealth Fraud and Corruption Policy. | Annually |
Annual Report | Compliance with section 17AG of the Public Governance, Performance and Accountability Rule 2014. | Annually |
Transparency in investigation activities
AFSA treats all parties involved in an investigation with respect and courtesy and makes sure all investigation activities are undertaken in accordance with relevant legislation, government policies and standards as per below.
Australian Government Investigations Standards 2022