Fraud Reporting and
Investigation
Procedure
Policy Owner
Financial Services
Record no.
22/14384
Approved by:
EMT
Approval date:
9 February 2022
Endorsed by:
Audit and Risk Committee Date endorsed:
27 May 2022
Version
E
Last review date:
December 2019
Next review date:
December 2023
Prepared by
Riana Brims, Strategic Risk and Assurance Officer
Related document/s
Fraud and Corruption Control Framework; Fraud Prevention Policy; Public
Interest Disclosures Policy; Public Interest Disclosures Procedure.
Fraud Reporting and Investigation Procedure
Page 2 of 9
1. Purpose
Members of the community must be able to rely on those in public office to conduct
themselves properly, and to use any powers they have in the service of the public.
Where there is a suggestion that public officials are breaching public trust vested in
them, misusing information or mismanaging public resources, it is vital that those who
observe or suspect such behaviour speak up and report the alleged fraud or corruption.
A report can be made about conduct that may have taken place, may still be occurring,
or is believed may occur.
Council’s Fraud Reporting and Investigation Procedure (Procedure) describes the process
for Council officers, providers and volunteers to report on, and to conduct an internal
investigation, when an incident of suspected fraud or corruption is detected.
The Procedure applies to Council officers, providers, and volunteers.
The reporting of suspected fraud and corruption is governed by the Independent Broad
based Anti-corruption Commission (IBAC), and must be complied with before any
internal investigation of a suspected incident can commence.
When a report of suspected fraud or corruption is determined to be an assessable
disclosure under the
Independent Broad-based Anti-corruption Commission Act 2011
(IBAC Act), Council officers are directed to the Public Interest Disclosures Procedure (PID
Procedure) for appropriate reporting and investigation guidelines. The PID Procedure
must first be complied with to ensure appropriate reports of suspected fraud and
corruption can qualify as a public interest disclosure.
2. Integrity Framework
In addition to this Procedure, Council has developed a:
•
Fraud and Corruption Control Framework (FCCF) describing Council’s fraud
management approach
•
Fraud Prevention Policy (FPP) outlining Council’s approach to fraud and corruption
prevention, detection and response, and its commitment to meeting legislative
obligations
•
Public Interest Disclosures Policy (PID Policy) establishing Council’s commitment
to maintaining its integrity, supporting anyone disclosing information about
improper conduct or detrimental action, and ensuring its compliance with the Act.
•
Public Interest Disclosures Procedure (PID Procedure) setting out how Council will
encourage and facilitate the making of disclosures, provide protecting and
support for disclosers and witnesses, and ensure confidentiality and appropriate
reporting of disclosures.
This Procedure is complementary to and is to be read in conjunction with the above suite
of documents, and is intrinsically linked to Council’s other key ethical guidance policies
and procedures as outlined in the following diagram.
Fraud Reporting and Investigation Procedure
Page 3 of 9
3. Roles, responsibilities and accountabilities for reporting and
investigating
It is the responsibility of Council officers, providers and volunteers to conduct Council
business in an honest and ethical manner at all times.
All Council officers, providers and volunteers have a role in detecting and reporting fraud
or misconduct.
Roles, responsibilities and accountabilities for reporting and investigating
Personnel
Accountabilities and responsibilities
Chief Executive Officer
(Principal Officer)
•
Mandatory reporting to IBAC of suspected fraud and misconduct
•
Reports to the Audit and Risk Committee confirmed fraud or corruption
(that is not a public interest disclosure).
•
Chief Executive Officer (or delegate) may request the release of
Council's surveillance footage or other data records for inspection.
•
Chief Executive Officer (or delegate) responsible for determining actions
and mitigation for suspected and confirmed fraud or corruption,
including reporting an incident to Victoria Police.
Directors and Managers
•
A Director/Manager who is informed of an instance of suspected fraud
or corruption is required to notify the Public Interest Disclosures
Coordinator (Manager Governance) for assessment of the matter as a
possible public interest disclosure.
•
If the Public Interest Disclosures Coordinator assesses the matter is not
a public interest disclosure, and refers it back to the Director/Manager,
the Director/Manager is then responsible for notification reporting to
the Chief Executive Officer, and any subsequent investigation of the
incident, and implementation of actions, as determined by the Chief
Executive Officer (or delegate).
Staff and Volunteers
•
Reports suspected fraud or corruption to their direct
supervisor/manager/director, or Public Interest Disclosures Coordinator
or a Public Interest Disclosures Officer.
Fraud Control Officer
(Manager Finance)
•
Coordinates Council’s fraud and corruption resources, in accordance
with the Fraud and Corruption Control Framework,
•
Maintains the fraud and corruption register (including monitoring
appropriate mitigation measures to be implemented).
Fraud Reporting and Investigation Procedure
Page 4 of 9
Public Interest Disclosures
Coordinator (Manager
Governance)
•
Ensures the Public Interest Disclosures Policy and Procedure are
complied with when handling public interest disclosures.
•
When informed of an instance of suspected fraud or corruption is
required to assess the information and determine if it is an assessable
disclosure in accordance with the PID Act, and Council's PID Policy and
PID Procedure.
Public Interest Disclosures
Officers (and Coordinator)
•
Handles reports of fraud and corruption by a discloser.
Investigating Officer
•
Director or Manager, or appropriate external investigator, appointed by
the Chief Executive Officer in writing is responsible for investigating
suspected fraud or corruption that is not a public interest disclosure.
Reporting Officer or Source
•
Council officer who suspects or detects the fraud or corruption, or the
'source' of the information if an external person/supplier.
•
If the matter is referred for internal investigation, a written confidential
Notification Report will be provided by the Reporting Officer or Source.
Manager People and
Performance
•
Facilitates investigations of breaches of Part 6.1 of the Employee Code
of Conduct where it is suspected a Council officer has breached the
Code of Conduct, or where the Director/Manager has determined there
is enough evidence to warrant either a warning or dismissal.
Director Organisational
Excellence
•
At the direction of the Chief Executive Officer (or delegate) must
identify, secure, and release information relating to Council's financial
systems and transactions.
Coordinator Building
Maintenance
•
At the direction of the Chief Executive Officer (or delegate) must
identify, secure, and release Council surveillance footage and/or
security access records.
Unit Manager Fleet Services
•
At the direction of the Chief Executive Officer (or delegate) must
identify, secure, and release information relating to GPS installed in
plant, equipment and fleet, where equipment is lost or stolen.
ICT Strategy and Delivery
Lead
•
At the direction of the Chief Executive Officer (or delegate) must
identify, secure, and release information relating to Council's
Information Communication and Technology systems.
Coordinator Risk
Management and Insurance
•
Repots any incidences of fraud or corruption to the appropriate insurer.
4. Internal Procedures
4.1 Reporting
4.1.1 Step 1: Public Interest Disclosure Assessment
The Reporting Officer who suspects or detects fraud or corruption is required to
immediately report (verbal or in writing) the matter to their direct supervisor/ manager/
director or directly to the Public Interest Disclosures Coordinator (PID Coordinator) or a
Public Interest Disclosures Officer (PID Officer).
Where a Reporting Officer is concerned about making a report of fraud or corruption in
the workplace, they can request a meeting at a location away from the workplace.
Where a Reporting Officer has reported their concern to a Director/Manager, it is the
responsibility of the Director/Manager, to refer the matter to the PID Coordinator for
initial assessment.
Fraud Reporting and Investigation Procedure
Page 5 of 9
If the matter relates to a Councillor, it must be reported directly to the IBAC in
accordance with Council’s Fraud Prevention Policy and Public Interest Disclosures Policy
(PID Policy).
4.1.2 Step 2: Internal Notification Reporting
The PID Coordinator will, at first instance, assess whether the report meets the criteria of
an assessable disclosure.
If the report is found to meet the criteria of an assessable disclosure the report will be
referred to IBAC for further assessment, and Council’s PID Policy and PID Procedures will
apply.
If the PID Coordinator assesses that the matter is not an assessable disclosure, they will
refer it back to the Director/ Manager for internal notification and possible investigation.
The Director/Manager will then notify the Chief Executive Officer that a suspected
incident of fraud or corruption has been raised. The Director/Manager will then arrange
for a confidential Notification Report to be prepared for the Chief Executive Officer to
determine appropriate action, including a possible internal investigation.
The Reporting Officer will be required to prepare the Notification Report of the suspected
fraud or corruption. The Notification Report should be impartial and made in writing (can
be made using the Property Damage and Loss Report Form if appropriate) and contain
the following information (where applicable):
a. Date and approximate time of suspected fraud, or corruption
b. Location of the fraud or corruption
c. Description of what the Council officer saw/heard/detected
d. Who is involved
e. Description of the suspected fraud or corruption, including equipment or property
suspected of being stolen, details of any inconsistency in finances (e.g. invoicing).
f. Any evidence - including copies of documents and photographs
g. Any other relevant information
The Reporting Officer must submit the Notification Report in confidence to their
Director/Manager. The Notification Report should be submitted as soon as possible after
the suspected fraud or corruption has been assessed by the PID Coordinator not to be an
assessable disclosure. In certain circumstances, the Director/Manager of the Reporting
Officer may prepare the Notification Report in place of the Reporting Officer, but only
after speaking to the Reporting Officer.
The Notification Report will be treated as confidential, however it may be provided to the
following:
a. The Chief Executive Officer, Director, and Manager of Reporting Officer
b. Investigating Officer/Body
c. Manager People & Performance
d. PID Coordinator/ PID Officer/ Fraud Control Officer
e. Victoria Police
f. IBAC
g. Any other person or body required or permitted by law.
Fraud Reporting and Investigation Procedure
Page 6 of 9
In addition to the Notification Report, the Director/Manager may make discrete
preliminary enquiries to determine whether to conduct an internal investigation.
The Chief Executive Officer and Director will then discuss the Notification Report and any
preliminary enquiries, and determine appropriate action. This will include whether the
Chief Executive Officer, as Principal Officer, has reasonable grounds to suspect fraud or
corruption, and report the matter to IBAC for further assessment and direction. If the
Chief Executive Officer, as Principal Officer, determines to report the matter to IBAC (in
accordance with s.57 of the IBAC Act - Mandatory Notification), no further internal
investigation will proceed at this time.
4.2 Investigation
4.2.1 Step 3: Internal Investigation
If the Chief Executive Officer (or delegate) determines not to proceed with an internal
investigation, the decision, reasoning and process will be documented, and the outcome
confidentially communicated to the Reporting Officer.
If the Chief Executive Officer (or delegate) determines that an internal investigation is
required, an Investigating Officer will be appointed (Director/Manager/external
investigator) and will investigate the suspected fraud or corruption lawfully, and with
discretion.
The Investigating Officer will consider the Reporting Officer’s Notification Report and
conduct the internal investigation - informed by the
IBAC Investigations Guide:
Conducting Internal Investigations Into Misconduct
- that may include:
a. Taking photographs or video evidence (where applicable)
b. Restricting access to the area (where applicable or practical)
c. Requesting (through the Chief Executive Officer or delegate) the Building
Maintenance Coordinator, to identify, secure, and release to them relevant
surveillance footage or security access records (where available)
d. Requesting (through the Chief Executive Officer or delegate) the Fleet Services
Unit Manager to identify, secure, and release to them relevant GPS information
for plant, equipment and fleet (where available)
e. Requesting (through the Chief Executive Officer or delegate) the Information
Communication and Technology Strategy and Delivery Lead to identify, secure,
and release to them relevant information from Council's Information
Communication and Technology systems (where available)
f. Requesting other relevant Council officers to make a report, where practical and
prudent
g. Making any other enquiries necessary or relevant to the incident, including
interviewing potential witnesses and/or affected persons
h. Auditing any systems such as Petty Cash, Purchasing Cards, Purchase
Orders/Vendors, Payroll Systems, as required
i. Notifying the Fraud Control Officer/Risk Management and Insurance Coordinator
to liaise with Council's insurers, including activating Council's cyber risk insurance
support services
j. Discussing the matters contained in the Notification Report with the person/s
suspected of fraud or corruption (at the appropriate time).
Fraud Reporting and Investigation Procedure
Page 7 of 9
4.2.2 Confidentiality
When conducting an investigation, the Investigating Officer must ensure the
confidentiality of the process - including safeguarding any evidence and keeping all
information secure and confidential, not releasing any identifying information, and not
discussing the matter with any other person other than those involved in the
investigation.
The Investigating Officer will direct the Reporting Officer and any other interviewees to
maintain confidentiality. This is important, to:
a. Safeguard evidence that may otherwise be destroyed
b. Prevent damage to reputations from as yet unproven allegations
c. If the matter subsequently becomes a Public Interest Disclosure (new evidence
submitted by a Reporting Officer), ensuring the matter remains confidential will
allow the Reporting Officer to qualify for the protections under the PID Act.
The principles of natural justice and procedural fairness will be applied during the
investigation. Support services will be offered to Council officers where appropriate.
At the completion of the internal investigation, the Investigating Officer will prepare a
confidential Investigation Report. The Investigation Report will include the process,
analysis, findings, and recommendations, and any supporting documentation or
evidence. The Investigating Officer will provide the report to the Chief Executive Officer,
for discussion and determination of appropriate action (with relevant Director).
4.3 Action
4.3.1 Step 4: Actions and Mitigation
The Chief Executive Officer (or delegate) will make a decision on how to proceed and
determine appropriate action, including advising IBAC, Victoria Police and Council's
insurers.
The Chief Executive Officer (or delegate) will also determine appropriate security or
mitigation measures to prevent similar incidences of fraud or corruption in the future.
If the internal investigation reveals that fraud or corruption has been committed by a
Council officer, the Chief Executive Officer (or delegate) in consultation with the Manager
People and Performance will direct the appropriate action to be undertaken, including any
disciplinary action in accordance with Council’s Disciplinary Policy and Procedure. The
severity of the action will depend on the circumstances of fraud or corruption, but can
include dismissal and prosecution by the relevant enforcement authorities.
The Fraud Control Officer will maintain a confidential fraud and corruption register, which
will include monitoring of actions and appropriate mitigation measures to be
implemented in response to an incident of fraud or corruption.
The Chief Executive Officer will report all confirmed incidences of fraud or corruption that
are not public interest disclosures, to Council’s Audit and Risk Committee.
4.3.2 Step 5: Reporting
The Chief Executive Officer will report:
Fraud Reporting and Investigation Procedure
Page 8 of 9
a. Any suspected corrupt conduct to IBAC (mandatory reporting)
b. Confirmed incidences of fraud or corruption to the Audit and Risk Committee (that
are not public interest disclosures)
4.4 Fraud Reporting and Investigation Procedure Flowchart
Fraud Reporting and Investigation Procedure
Page 9 of 9
5. Definitions and key terms used in this Procedure
Corruption:
dishonest activity in which a person associated with
an organisation (e.g. director, executive, manager,
employee or contractor) acts contrary to the
interests of the organisation and abuses their
position of trust in order to achieve personal
advantage or advantage for another person or
organization. This can also involve corrupt conduct
by the organisation, or a person purporting to act on
behalf of and in the interests of the organisation, in
order to secure some form of improper advantage for
the organisation either directly or indirectly.
Fraud:
Dishonest activity causing actual or potential loss or
loss to any person or organisation including theft of
moneys or other property by persons internal and/or
external to the organization and/or where deception
is used at the time, immediately before or
immediately following the activity.
Natural justice:
A principle of Common Law that says a person has
the right to be:
•
informed about the substance or the allegations
against them
•
given the opportunity to answer the allegations
before a final decision is made
•
informed about the substance of any adverse
comment that may be included in an investigation
report and have their defence fairly included in the
report.
Public interest disclosure:
Any complaint, concern, matter, allegation or
disclosure (however described) purported to be made
in accordance with Part 2 of the PID Act. A public
interest disclosure is one which is made by a natural
person or group of people who has reasonable
grounds for the belief that a public officer or public
body has engaged in, or intends to engage in
improper conduct in their official capacity, or
detrimental action.