Elements and Performance Criteria
- Identify organisational needs and obligations
- Obligations of the organisation are researched based upon the concept of fraud and corruption as both ethical and law enforcement issues that impede effective performance of the organisation's core business.
- All formal internal and external reporting requirements are identified
- Organisational data analysis and information needs for fraud and corruption detection are identified in line with privacy, confidentiality and law enforcement policy and legislative requirements.
- A strategic management approach to the prevention of corruption/fraudulent activities is reflected in the needs identification.
- Organisational responsibility for the coordination, monitoring, implementation, ongoing review and promotion of the organisation's strategy is identified and agreed in consultation with senior management.
- Organisational responsibility is identified and agreed for the protection of persons who provide information under legislation related to public interest disclosures, protected disclosures or whistleblowing legislation.
- Benchmark fraud/corruption control strategy
- Performance indicators are identified to facilitate benchmarking the fraud/corruption control strategy.
- Best practice examples are utilised in the development of benchmarks.
- Standards-setting organisations are utilised where appropriate to assist in the identification of benchmarks relative to the organisation's needs and core business.
- Assess stakeholder and environmental considerations
- Client entitlements such as right to privacy, confidentiality, freedom from reprisals, and freedom of information, are incorporated.
- Issues such as profile of clients, corporate history and culture and staffing profile are considered.
- Constraints of operating environment, such as staff shortages, geographical spread of staff and budgeting constraints, are taken into consideration.
- Client and community expectations are considered.
- Management perspectives are identified through consultations with those with relevant responsibilities in terms of the organisation's business, and those with overall responsibility for oversight and implementation of fraud/corruption control in the organisation.
- Develop organisation's fraud/corruption control strategy
- Balance between compliance requirements and operational pressures is achieved.
- Strategies are identified to enable constant updating of the fraud/corruption control strategy to incorporate changing and newly identified risks.
- Key factors such as the organisational environment and core business are incorporated within the fraud/corruption control strategy.
- Internal and external strategies are recommended based on assessment of relevant factors.
- Internal and external quality assurance is incorporated into the strategy with responsibility for maintaining quality assurance allocated in accordance with organisational policy and procedures.
- Strategy is accepted by authorities within the organisation and meets the requirements of the relevant standards-setting organisations.
- Implement fraud/corruption control strategy
- Initiatives required to minimise fraud and corruption are developed in consultation with stakeholders.
- Timeframe for implementation of strategy is identified based upon an understanding of resource ramifications.
- Areas within the organisation responsible for actions to minimise fraud and corruption are identified.
- Procedures are developed for the reporting of information and the protection of persons who provide information under public interest disclosures, protected disclosures or whistleblowing legislation.
- Consultations with relevant personnel are undertaken to facilitate a shared understanding of responsibilities.
- Analyse and review effectiveness of strategy
- Review is structured to incorporate key features of the strategy and is underpinned by the need for the strategy to be holistic and comprehensive.
- Regular reviews are undertaken to accommodate lessons learnt during application of the strategy.
- Feedback mechanisms are established.
- Reporting mechanisms are established to provide information to senior management about effectiveness of the strategy measured against objectives, and to provide advice regarding changes to management practices to enhance effectiveness of the strategy.
- Results of analysis and review are incorporated to improve fraud and corruption control.