Skip navigation

Procedure: Fraud and Corruption Control


The purpose of this procedure is to:

  • ensure the University’s reputation, assets, revenue, expenditure and facilities are safe-guarded against fraudulent or corrupt behaviour; and
  • outline the processes and mechanisms for preventing, reporting and investigating incidents of fraudulent activity in and against the University.


AFP is the Australian Federal Police

ANAO is the Australian National Audit Office and includes any auditor contracted by the ANAO to conduct an external audit at the University

ARMC is the Audit and Risk Management Committee

Corruption is abuse of a position of trust in order to achieve personal gain for oneself or another person, and includes bribery, receiving or soliciting secret commissions, collusive tendering, and serious conflicts of interest.

CGRO is the Corporate Governance and Risk Office

Business Area is a subsection of any portfolio within the University where there is a focus on defined subject matter (e.g HR, Finance and Business Services, Facilities and Services)

Fraud is defined in the Commonwealth Fraud Control Framework to mean dishonestly obtaining a benefit, or causing a loss, by deception or other means. Benefits may be financial, such as misappropriating property and false invoicing, or non-financial, such as falsification of research results and disclosure of information for a dishonest purpose. Intent to defraud is necessary for an offence to have been committed. Offences include the fraudulent conduct offences that apply to Commonwealth entities under Chapter 7 of the Criminal Code 1995.


  1. The principles that underpin this procedure are as follows:
  • The Code of Conduct policy sets the standards of ethical behaviour expected of staff and students. Staff should abide by the principles set out in the Code of Conduct policy and students should abide by principles set out in the Student Code of Conduct policy . Staff and other individuals who enter into a range of relationships with the University (including contractors, visiting fellows and volunteers) have a responsibility to act honestly, responsibly and impartially in accordance with the Code of Conduct.
  • Fraud and corruption prevention, control and reporting is the responsibility of all staff.

Relevant Information

  1. The University faces a wide range of potential fraudulent conduct by both internal and external parties, and has put in place various mechanisms to address the risks arising from any incident of fraud.
  2. Fraud includes, but is not limited to:
  • theft;
  • obtaining property, a financial advantage or any other benefit by deception;
  • causing a loss, or avoiding or creating a liability by deception;
  • providing false or misleading information to the University, or failing to provide information where there is an obligation to do so;
  • making, using or possessing forged or falsified documents;
  • bribery, corruption or abuse of position;
  • unlawful use of University assets including computers, vehicles, telephones and other property or services;
  • divulging confidential information to outside sources;
  • subverting, or interfering with, University computer systems and devices;
  • falsification of research results;
  • falsification of qualifications;
  • fabrication of research articles;
  • identity theft; and
  • theft or leaking of examination papers.
  1. Instances of suspected research and academic fraud should be reported and will be dealt with in accordance with the Research misconduct and serious research misconduct procedure. Instances of suspected operational fraud will be handled as set out below.

Fraud prevention and control strategies

  1. The University has the following fraud prevention and control strategies in place:
  1. The Director CGRO ensures that a University fraud and corruption control framework and fraud control plan are in place and are reviewed every three years. The framework and fraud control plan are submitted to the Audit and Risk Management Committee (ARMC) for endorsement and to Council for approval.
  2. Deans of Colleges, Directors of Research Schools and Service Divisions will ensure that measures are in place to raise awareness amongst staff in their area of fraud risks and controls, including by disseminating information about fraud prevention and mechanisms for reporting suspected fraud.
  3. Online and customised training is provided to ensure that the risk of fraud is taken into account in planning and conducting activities across the University.
  4. Deans of Colleges, Research School Directors and Service Division Directors undertake fraud risk assessments to assess fraud risks and control strategies in their areas every two years. A fraud risk assessment template that should be used is available on the Fraud risk management website.
  5. A fraud risk that has been assessed as low is an acceptable risk that can be managed by routine procedures. A risk that has been assessed as moderate, high or extreme requires the responsible area to develop and implement a risk action plan with specific monitoring or response procedures.
  6. Business areas should consult with CGRO to develop robust risk action plans whenever a fraud risk is identified. CGRO will report extreme and high fraud risks and the resultant risk action plans to the ARMC.
  7. Fraud risk assessments are used to inform the development of the University’s annual internal audit program which is endorsed by the ARMC and approved by Council. Specific fraud-focused internal audits will be directed at areas where significant vulnerabilities are identified.
  8. The University will cooperate with the ANAO, including any external auditors appointed by the ANAO, and assist as required in fraud detection and response.

Reporting suspected fraud

  1. Staff or students who become aware of suspected fraud or corruption should report such suspicion to one of the following:
  • Supervisor, Line Manager, Service Division Director, College General Manager or Member of the Executive;
  • Director Corporate Governance and Risk Office (CGRO);
  • The University’s Public Interest Disclosure (PID) authorised officer email ( For further information on PID refer to the PID policy; or
  • In the instance of any suspected financial fraud, the matter must also be directly reported to the Chief Financial Officer.
  1. Suspected instances of fraud related to research misconduct should be reported in accordance with the Research Misconduct and Serious Research Misconduct procedure.
  2. Any reports of suspected fraud or corruption that are made to the University (Supervisor, Line Manager, Service Division Director, College General Manager, Member of the Executive or Authorised PID Officer) must be referred to the Director, Corporate Governance and Risk Office (CGRO). The Director CGRO will also ensure that the Chief Financial Officer has been informed of any reports of suspected financial fraud.
  3. A person who reports suspected fraud should provide as much information as possible, including details of any person they believe to be involved and the actions or activities they believe to be fraudulent, including how, when and where those actions or activities occurred. However, they should not investigate the matter themselves, as this may compromise a subsequent investigation.
  4. The Director CGRO will provide confidential and independent advice to staff and managers in relation to processes for the management and administration of instances where fraud is suspected.
  5. The University does not tolerate vexatious and frivolous reports and may initiate disciplinary proceedings where reports of this nature are found.
  6. The University may have an obligation to report an incident to another external body where there is obligation under an agreement or other legislative instrument.

Investigation of suspected incidents of fraud

  1. On the basis of the initial information supplied, the Director CGRO will assess whether the allegation of fraud:
  1. appears to be without foundation or to be not made in good faith; or
  2. warrants further investigation and/or other appropriate action, including action under the Research Misconduct procedure, referral to the Chief People Officer in relation to a Code of Conduct matter, referral to the Chief Operating Officer or referral the University’s General Counsel in relation to matters of a more complex or serious nature including possible referral to the Australian Federal Police.
  1. In deciding the appropriate action to take, the Director CGRO will take into account such factors as:
  1. the nature of the alleged fraud;
  2. the cost or value of the alleged fraud;
  3. the potential damage to the integrity or reputation of the University;
  4. the likely cost of taking action, including the cost of recovering financial losses or property;
  5. the likely benefit of taking action, including the deterrent value;
  6. whether it is likely that the fraud is systemic or targeted, rather than an isolated or opportunistic incident;
  7. the likelihood that the fraud was committed by an external party with internal assistance; and
  8. any possible ongoing risks arising from the fraudulent conduct, including any security implications.
  1. Investigations will be carried out by appointed persons within or external to the University.
  2. Where suspected fraud has been reported as a public interest disclosure, an investigation will be managed in accordance with the Public Interest Disclosure Procedure and any rules relating to fraud made under the Public Governance, Performance and Accountability Act 2013.
  3. All suspected incidents of fraud and corruption will be recorded in University records to identify any trends and measures to mitigate risks of recurrence.

Referral to police

  1. The Chief Operating Officer on advice from the Legal Office will refer instances of potential serious or complex fraud offences to the Australian Federal Police (AFP) in accordance with the Australian Government Investigation Standards and the AFP’s Case Categorisation and Prioritisation Model (see Minor or routine instances of fraud, that is, fraud that would be unlikely to be investigated by the AFP, will be investigated internally or by an external investigator appointed by the University.
  2. In determining whether a particular matter is of sufficient seriousness that it should be referred to the AFP for investigation, the following issues will be considered:
  1. the findings of the preliminary assessment and any investigation of the alleged fraud;
  2. whether there is sufficient evidence to indicate that an offence may have been committed, or attempted to be committed; and
  3. indicators of seriousness that the AFP may consider warrant acceptance of the matter for investigation. These indicators include significant monetary or property loss; damage to the security or integrity of the University or the Commonwealth; evidence of the use of sophisticated techniques or technology to avoid detection; evidence of a criminal conspiracy; bribery or corruption of a Commonwealth official; criminal activity against more than one entity; and activities that could affect wider aspects of Commonwealth law enforcement, such as cyber-crime, immigration irregularities and money laundering.
  1. When a matter has been referred to the AFP, the University will provide assistance as requested in the investigation process, including by giving access to official records.

Recovery of monies

  1. Following an investigation, the University may, at its absolute discretion, take action to recover money or property lost as a result of fraudulent conduct in accordance with the relevant delegation.

Disciplinary action

  1. If an internal or external investigation suggests that disciplinary action against a staff member may be warranted, the Director CGRO will refer the matter to the Chief People Officer.
  2. All disciplinary or misconduct investigations relating to an internal staff member will be conducted in accordance with relevant legislation, the University’s Enterprise Agreement and relevant University policy.

Review of internal controls

  1. If fraud is found to have occurred, line management in conjunction with internal audit is responsible for reviewing the internal controls in the relevant area and implementing enhanced controls where appropriate to prevent a recurrence.

Record keeping and reporting

  1. Incidents of suspected fraud reported to CGRO will be recorded and tracked by CGRO.
  2. Disclosures made to an authorised officer under the Public Interest Disclosure policy will be recorded and tracked in accordance with that procedure.
  3. Records of reports made under the Research Misconduct and Serious Research Misconduct procedure will be handled in accordance with that procedure.
  4. Records of fraud-related matters arising in a Code of Conduct investigation by the Human Resources Division will be handled by that Division.
  5. The University will report de-identified information about incidents of fraud as part of the Australian Institute of Criminology’s annual report on fraud against the Commonwealth.
  6. Final investigation reports, including any further actions recommended by the Director CGRO, will be provided to the Chief Operating Officer and the Vice-Chancellor, the head of the relevant business area, and any other relevant parties.
  7. Director CGRO will also report to the ARMC on each fraud incident during or following the completion of an investigation. The ARMC will advise Council of any significant fraudulent activities and remedial actions taken.

Fidelity guarantee insurance

  1. ANU will maintain appropriate insurance cover against losses emanating from fraudulent activity.


  1. The following table outlines responsibilities associated with this procedure:

Officer or body



  • Approve the University’s fraud control policy, procedure, framework and fraud control plan;
  • Receive reports of significant instances of fraud and remedial actions taken.

Audit and Risk Management Committee

  • Review and advise Council on the appropriateness of the University’s process for effective identification and management of fraud risks;
  • Endorse the University’s fraud control policy, procedure, framework and fraud control plan;
  • Receive reports on instances of ‘high’ and ‘extreme’ risks reported by Colleges, Research Schools and Service Division and review the remedial actions taken;


  • Foster an environment that makes active fraud and corruption control the responsibility of all staff.
  • Ensure that appropriate measures are in place in relation to fraud prevention and detection;
  • Ensure appropriate resourcing within CGRO to lead fraud control at the University.

University Executive

  • Foster an environment that makes active fraud control the responsibility of all staff;
  • Ensure that appropriate measures are in place with regard to fraud prevention and detection.

Chief Operating Officer

  • With advice from the Legal Office, refer instances of potential serious or complex fraud offences to the AFP;
  • Ensure appropriate resourcing within CGRO to lead fraud control at the University.

Director, CGRO

  • Develop and review the University’s fraud and corruption control policy, procedure, framework and plan;
  • Coordinate fraud risk assessment activity across the University;
  • Use fraud risk assessments to inform the development of the University’s annual internal audit program for endorsement by the ARMC and approval by Council;
  • Receive reports of suspected fraud and take appropriate action;
  • Arrange fraud awareness training for relevant staff.

Chief Financial Officer

  • Review, on an ongoing basis, the financial fraud controls to ensure they are effective in minimising financial fraud risks;
  • Provide assurance on the adequacy of the University’s financial fraud control arrangements to the external auditors annually, through management representation letters.

College Deans, Research School Directors, General Managers and Service Division Directors

  • Foster an environment that makes fraud control the responsibility of all staff;
  • Ensure that a fraud risk assessment for their area is conducted and reviewed at least every two years and whenever there is significant organisational change;
  • Ensure that appropriate internal controls are in place and operating effectively to minimise fraud risks (including by ensuring appropriate record keeping practices are in place);
  • Ensure that staff participate in fraud awareness education and training;
  • Ensure that agreed recommendations relating to fraud in internal and external audit reports are implemented promptly.

All staff and students

  • Act in accordance with the Code of Conduct policy and Student Code of Conduct Policy when undertaking their duties and representing the University;
  • Disclose to their supervisor any material personal interest that relates to the affairs of the University;
  • Actively participate in the implementation of fraud risk control strategies;
  • Undertake appropriate record keeping;
  • Report any suspicions of, or information relating to any instance of, fraudulent conduct to their supervisor, an authorised officer for Public Interest Disclosures or the Director, CGRO;
  • Encourage others to make such reports;
  • Deal with all reports of suspected fraud professionally and promptly.


Printable version (PDF)
Title Fraud and Corruption control
Document Type Procedure
Document Number ANUP_000626
Purpose To outline the procedures for preventing, controlling and investigating incidents of fraudulent activity in and against the University.
Audience Staff
Category Governance
Topic/ SubTopic Risk Management - Fraud
Effective Date 29 Jul 2022
Next Review Date 29 Jul 2027
Responsible Officer: Director, Corporate Governance and Risk Office
Approved By: ANU Council
Contact Area Corporate Governance and Risk Office
Authority: Public Governance, Performance and Accountability Act 2013
Public Governance, Performance and Accountability Rule 2014
Public Interest Disclosure Act 2013
Delegations 334

Information generated and received by ANU staff in the course of conducting business on behalf of ANU is a record and should be captured by an authorised recordkeeping system. To learn more about University records and recordkeeping practice at ANU, see ANU recordkeeping and Policy: Records and archives management.