Research by government criminologists found almost 40 per cent of Commonwealth bodies now face technological limitations to improving anti-fraud systems. Image: Shutterstock
The proportion of Australian government entities that updated their technology to help fight fraud almost halved in the 2023-24 financial year, according to a new report by government criminologists.
Fraud-focused ICT improvements occurred in only 15 per cent of 157 surveyed government entities in 2023-24 compared to 28 per cent the previous year, according to the latest Fraud against the Commonwealth report, published on Thursday by the Australian Institute of Criminology (AIC).
Almost 40 per cent of the government bodies said technological limitations had hampered their ability to implement innovative fraud control measures in the latest survey — a figure which first surpassed one-third of such entities the previous year.
The misuse of ICT remained the major cause of internal fraud against the Commonwealth in 2023-24, accounting for more than 50 per cent of such incidents, but its prevalence has dropped from around 70 per cent of such cases back in 2019-20.
The Attorney-General’s Department, which runs the Commonwealth Fraud Prevention Centre, told Information Age it “takes the findings of the census into account in performing its role developing capability across the Commonwealth to prevent and address fraud and corruption”.
“The government is committed to countering public sector fraud,” the department said.
Almost 100 non-corporate Commonwealth entities — which can include parliamentary departments and departments of state — were obliged to respond to the AIC’s latest fraud census, which it has produced annually since 2006.
Dozens of corporate Commonwealth entities and nine Commonwealth companies also took part.
What could be causing the drop in ICT updates?
Roger Darvall-Stevens, head of fraud and forensic services at consultancy firm RSM Australia, said the drop in updates to government ICT was concerning news for the fraud-preparedness of Commonwealth entities.
“Intuitively, either the status quo or really the increase in that focus or resourcing should be there to maintain the fight against cybercrime, cyberfraud, and all sorts of IT security issues,” he said.
Darvall-Stevens suggested the drop reported in the 2023-24 census could be a result of government bodies becoming less willing to outsource work — include ICT services — to consultancy firms.
He suggested the shift may have been driven by the 2022 PwC tax leak scandal, which exposed how the multinational consulting giant misused internal government information to enrich itself and its clients.
“I get the feeling that organisations who may have had annual ICT reviews in different ways did not do those — and they may not have had the internal expertise or time, with less resources, to actually do it themselves,” Darvall-Stevens said.
“So my theory is the reduction [in ICT updates] may reflect that.”
The Attorney-General’s Department says it ‘takes the findings of the census into account’ in its work preventing fraud and corruption across the Commonwealth. Image: Shutterstock
Technological limitations preventing fraud innovation
More than a third of the government entities surveyed (37 per cent) said technological limitations had hindered their ability to create innovative fraud control measures.
Such limitations were also cited by 38 per cent of entities in the previous 2022-23 census, up from 32 per cent in 2021-22.
The AIC told Information Age while more future surveys were needed to assess if there was a trend, “the data suggests an increase in entities citing technology limitations from 2021–22 as limiting their ability to implement new measures or revise current practices”.
“Adapting fraud control measures to appropriately address emerging risks is an important part of preventing and responding to fraud for Australian Government entities,” the AIC’s latest report stated.
Around half of internal fraud cases in 2023-24 were primarily detected using automatic processes such as software flags or alerts — which has remained consistent in recent years.
The only greater limitation to fraud innovation than technology was staffing constraints, which were reported by 54 per cent of entities in the latest census.
Misuse of ICT continues to decline
The misuse of ICT systems remained the main method used to commit internal Commonwealth fraud, according to the latest report — accounting for 54 per cent of such cases in 2023-24.
“This misuse includes actions such as accessing programs and systems without authorisation, falsifying information, misusing email, and committing cyberattacks,” the report said.
However, there has been a reduction in the prevalence of reported ICT misuse in internal fraud in recent years — dropping from 69 per cent of cases in 2019-20 to just over 50 per cent in the two latest reports.
“I’m kind of encouraged to think that it’s reducing,” said Darvall-Stevens, “In the sense that maybe all the very good work that Commonwealth government entities do to protect their organisations against IT security threats maybe are working well.”
This meant, he suggested, that criminals both internal and external increasingly needed to “find other avenues to commit or do their fraud”.
Commonwealth losses from internal fraud totalled almost $2.4 million in 2023-24 according to the latest research, down from almost $3 million the previous year.
External losses totalled more than $104 million, down from $158 million the previous year.
Other Articles
No Comment! Be the first one.