Fraud and corruption undermine the integrity of and public trust in government, including by reducing funds available for government program delivery and causing financial and reputational damage to defrauded entities.

All Commonwealth entities are required to have fraud control arrangements in place to prevent, detect and respond to fraud. As a non-corporate Commonwealth entity, the Department of Health and Aged Care (the department) is obliged to meet the requirements of the Commonwealth Fraud Rule and Policy.

This audit examines fraud controls arrangements in the Department of Health and Aged Care (the department), using the Indigenous Australians’ Health Programme as a case study of how the arrangements are applied.

Key findings

• The department had partly effective fraud control arrangements in 2022–23 and  2023–24. The department undertook an organisational change process in 2023–24 that has the potential to improve governance and controls.
• In 2022–23 and 2023–24, the management and oversight of fraud risks was partly appropriate.
• Mechanisms to prevent fraud and promote a culture of integrity were largely appropriate.
• Mechanisms to detect and respond to fraud were partly appropriate.
• The department’s planning for the new 2024 Commonwealth Fraud and Corruption Control Framework was appropriate.

Key recommendations

• There were five recommendations to the department to assess fraud risks for higher risk programs; consider fraud risks in the internal audit program; test fraud controls; ensure fraud control officials attain relevant qualifications; and quantify estimated losses to fraud for all departmental programs.
• The department agreed to all five recommendations.