Fraud and Corruption Control - Procedures | UniSC | University of the Sunshine Coast, Queensland, Australia

Accessibility links

Non-production environment - editcd.usc.edu.au

Search

Pro tip: To search, just start typing - at any time, on any page.

Searching {{ model.searchType }} for returned no results.

News

More news

Staff

More

Fraud and Corruption Control - Procedures
Approval authority
Vice-Chancellor and President
Responsible Executive member
Vice-Chancellor and President
Designated officer
Director, Governance and Risk Management
First approved
20 August 2013
Last amended
22 August 2025
Review date
27 August 2026
Status
Active
Related documents
Linked documents
Related legislation / standards
  • Public Interest Disclosure Act 2010 (Qld)
  • University of the Sunshine Coast Act 1998 (Qld)
  • Criminal Code Act 1995 (Cth)
  • Financial and Performance Management Standard 2009 (Qld)
  • Financial Accountability Act 2009 (Qld)
  • Public Sector Act 1994 (Qld)
  • Crime and Corruption Act 2001 (Qld)
  • Foreign Influence Transparency Scheme Act 2018 (Cth)
  • Queensland Crime and Corruption Commission’s (CCC) Fraud and Corruption: Best Practice Guide
  • AS ISO 37301: 2023 Compliance Management Systems
  • AS ISO 31000: 2018: Risk Management Guidelines
  • AS ISO 37003: 2025 Fraud Control Management Systems

1. Purpose

1.1 These procedures support the operationalisation of the University’s approach to fraud and corruption control management including actions for preventing, detecting and responding to fraudulent and corrupt conduct.

1.2 These procedures must be read in conjunction with the linked Fraud and Corruption Control – Governing Policy and associated Fraud and Corruption Control Plan.

2. Scope and application

2.1 These procedures apply to all staff, students, contractors or consultants, strategic partners, third party service providers, controlled entities, volunteers, affiliates and members of University decision-making or advisory bodies, including Council and its committees.

2.2 The University is identified as a statutory authority under the Crime and Corruption Act 2001 (Qld) and falls under the jurisdiction of the Queensland Crime and Corruption Commission (CCC). This requires that any University conduct that could be classified as corrupt conduct is reported by the Vice-Chancellor and President, as the University’s Chief Executive Officer (or public official). The Vice-Chancellor and President has delegated this duty to the Director, People and Culture.

2.3 University activities and operations undertaken outside of Queensland can be subject to similar fraud and corruption legislation and regulation in those jurisdictions. In these cases, the requirements in those jurisdictions must be complied with in addition to any obligations under Queensland law.

2.4 These procedures do not apply to notification to the CCC regarding the conduct of the Vice-Chancellor and President, which is managed in accordance with the Complaints about the Vice-Chancellor and President (Crime and Corruption Act 2001, s 48A) – Governing Policy.

3. Definitions

3.1 Refer to the University’s Glossary of Terms for definitions as they specifically relate to policy documents.

Affiliate refers to academic title-holders, visiting academics, emeritus professors, adjunct and honorary title-holders, industry fellows and conjoint appointments.

Fraud refers to dishonest activity causing actual or potential financial loss to any person or entity including theft of monies or other property by employees or persons external to the entity and where deception is used at the time, immediately before or immediately following the activity. This also includes the deliberate falsification, concealment, destruction or use of falsified documentation used or intended for use for a normal business purpose or the improper use of information or position for personal financial benefit.

Fraud Control Management System means the set of interrelated or interacting elements of an organisation that establish policies and objectives and processes to achieve those objectives consistent with Australian Standard AS ISO 37003: 2025 Fraud Control Management Systems.

Corruption is dishonest activity in which a director, executive, manager, employee or contractor of an entity acts contrary to the interests of the entity and abuses their position of trust in order to achieve some personal gain or advantage for themself or for another person or entity. The concept of ‘corruption’ can also involve corrupt conduct by the entity or a person purporting to act on behalf of and in the interests of the entity, in order to secure some form of improper advantage for the entity either directly or indirectly.

Corrupt conduct is defined as per section 15 of the Crime and Corruption Act 2001 (Qld).

4. Fraud and corruption governance and risk assessment

4.1 The University considers that its fraud and corruption management is an integral component of its overall risk and compliance management framework and plans for and resources fraud and corruption management activities accordingly.

4.2 Diagram 1 provides and overview of the key components of fraud and corruption control.

Diagram 1 – Fraud and Corruption Control

4.3 Governance and Risk Management manages the Fraud and Corruption Control Plan, which is reviewed and amended at least biennially. The Fraud and Corruption Control Plan outlines the key strategies, actions and accountabilities for fraud and corruption control across the University. This plan is reviewed and approved by the Audit and Risk Management Committee.

4.4 In identifying and assessing fraud and corruption risk, the University’s overall approach to risk management adhered to in accordance with the University Risk and Compliance Management – Governing Policy, Risk Management – Procedures and Compliance Management – Procedures.

4.5 Senior management is committed to promoting an ethical culture where integrity is valued and consistently reinforced. Maintaining a positive organisational culture that supports effective risk and compliance management is a shared responsibility across the University.

5. Prevention

5.1 The University has multiple integrity related policy documents setting out the actions and control activities required to prevent the occurrence of fraud and corrupt conduct across the following fraud and corruption risk types:

(a) Risk Type: Internal (Staff);

(b) Risk Type: External (Admissions);

(c) Risk Type: External (Third Party Vendor/Supplier);

(d) Risk Type: Academic integrity and student misconduct;

(e) Risk Type: Research integrity and misconduct.

5.2 The prevention of fraud and corrupt conduct is dependent on maintaining adequate and effective preventative internal controls including declaration and management of conflicts of interest, outside work and consultancy activities, segregation of duties, mandatory completion of integrity training by all staff and workforce screening as part of recruitment activities.

5.3 Senior management are responsible for ensuring that their staff are trained and made aware of their obligations with respect to identifying and reporting of suspected instances of fraud or corrupt conduct. Staff are required to complete mandatory training based on their job responsibilities, as follows:

(a) all staff:

(i) Fraud and Corruption Awareness training.

(ii) Code of Conduct training.

(iii) Conflict of Interest training and declaration.

(b) staff working in curriculum, research, research management and support:

(i) Academic Integrity training

(ii) Research Integrity training

5.4 Specific types of fraud and corruption risks and the context in which these might arise at the University are identified in the Fraud and Corruption Control Plan and are updated as required by the Director, Governance and Risk Management. Responsibility for managing each identified risk is set out in the policies and procedures and related documents pertaining to each type of fraud and corruption risk identified.

5.5 Additional fraud and corruption risks are identified, evaluated and managed by organisational unit managers and maintained in organisational unit risk registers, which are updated quarterly with appropriate review of control strategies and actions required.

6. Detection

6.1 In the event that the University’s preventative controls are ineffective and fail to prevent fraud or corrupt conduct occurring, the University has implemented internal controls specifically aimed at assisting with the detection of fraud and corrupt conduct as soon as possible after an incident has occurred.

6.2 Detection controls are owned and implemented by various organisational units and are recorded in the Fraud and Corruption Control Plan.

6.3 The detection of fraud and corrupt conduct is dependent on adequate and effective detection internal controls including post-transactional review and reconciliations, analysis and review of exception reports, use of data analytics and complaints management.

6.4 Internal and external assurance also has a role in the detection of fraud and corrupt conduct and in identifying weaknesses in the internal control environment which may lead to ineffective prevention or detection of fraud and corruption risks. The University Audit and Assurance – Governing Policy provides further detail on the role of auditors.

6.5 Mechanisms for reporting and disclosing suspected fraud and corruption incidents

6.5.1 All staff must report instances of suspected fraudulent or corrupt behaviour in accordance with the Staff Code of Conduct – Governing Policy.

6.5.2 Suspected fraud or corrupt conduct can be reported either verbally or in writing to internal or external bodies, including:

(a) the Director, People and Culture;

(b) the PVC (Education);

(c) the staff member’s manager, supervisor or other senior University officer;

(d) the Chancellor (of incidents involving the Vice-Chancellor and President) in accordance with the Complaints about the Vice-Chancellor and President (Crime and Corruption Act 2001, s 48A) – Governing Policy;

(e) external bodies as applicable (such as the Queensland Crime and Corruption Commission (CCC) and the Queensland Ombudsman); or

(f) the University’s external and independent whistleblowing service provider Your Call Whistleblowing Solutions (Your Call).

6.5.3 Refer to Make a complaint (login required) for further support and guidance on reporting.

6.5.4 When the disclosure is classified as a Public Interest Disclosure (PID) under the Public Interest Disclosure Act 2010 (Qld), the University acts in accordance with the Public Interest Disclosure – Governing Policy and Procedures.

6.6 Anonymous complaints

6.6.1 Whilst there is a preference for reports where the discloser is identified, to increase the likelihood of a successful investigation and action, anonymous disclosures are also accepted and considered by the University. However, the action taken is dependent on whether sufficient information is provided to warrant further enquiries.

7. Response

7.1 The University needs to be responsive and vigilant in undertaking preliminary investigations to determine whether allegations have sufficient grounds to be taken further. Senior management must complete preliminary work to form an opinion on whether referral to the Queensland Policy Service is warranted.

7.2 Fraud and corruption can also be closely connected to corrupt conduct which is specifically dealt with under the provisions of the Crime and Corruption Act 2001 (Qld).

7.4 Investigating detected or suspected incidents

7.4.1 The University’s response to fraud and corruption allegations or matters varies according to the nature and seriousness of the alleged conduct, with:

(a) instances of student misconduct managed in accordance the Student Misconduct – Procedures;

(b) instances of research misconduct managed in accordance with the Managing and Investigating Breaches of Responsible Research Conduct – Procedures; and

(c) public interest disclosures managed in accordance with the Public Interest Disclosure – Procedures.

7.4.2 The Vice-Chancellor and President has delegated to the Director, People and Culture responsibility for the management of the alleged conduct in all other instances.

7.4.3 When the suspected incident involves the Director, People and Culture, the Vice-Chancellor and President assumes this responsibility until an appropriate investigator is appointed to deal with the matter and be subject to any monitoring or direction from the CCC or other external authorities. The outcome of the investigation is also reviewed to determine the appropriate action, which can include disciplinary action or a review of internal controls and processes.

7.4.4 All investigations must be conducted in accordance with the CCC’s “Corruption in Focus: A guide to dealing with corrupt conduct in the Queensland Public Sector” and include the following steps:

(a) determining the scope and nature of any investigation;

(b) confirming the responsibilities and powers of the investigator;

(c) conducting the investigation;

(d) gathering the evidence; and

(e) concluding the investigation.

7.5 Internal reporting and escalation

7.5.1 Significant instances of fraud and corruption are reported to the University Executive and the Audit and Risk Management Committee. As part of the investigation into the incident, a review of the control environment is undertaken to continually improve risk management practices and identify additional internal controls or treatments necessary to strengthen the management of fraud and corruption risk.

7.6 Disciplinary procedures

7.6.1 For staff covered by the Enterprise Agreement, any disciplinary action must be dealt with in accordance with the Enterprise Agreement, specifically those provisions regarding misconduct and serious misconduct.

7.6.2 Disciplinary action relating to staff not covered by the Enterprise Agreement is in accordance with the provisions of their Contract of Employment.

7.6.3 Disciplinary action relating to student misconduct is managed in accordance with Student Misconduct – Procedures.

7.6.4 Disciplinary action relating to contractors or consultants must be dealt with in accordance with the underlying agreements or contracts.

7.7 External reporting

7.7.1 Various legislation sets out the requirements for agencies, such as the University, to report matters of fraud and corrupt conduct to authorities, which can include:

(a) the Queensland Crime and Corruption Commission;

(b) Queensland Police Service;

(c) the Queensland Ombudsman;

(d) Queensland Audit Office; and

(e) relevant authorities in jurisdictions outside of Queensland in cases where the fraud or corrupt conduct occurs in activities or operations in those jurisdictions.

7.7.2 The Director, People and Culture, must refer any fraud and corruption allegations or matters, including reasonably suspected complaints of corrupt conduct to the appropriate external body.

7.7.1.3 When a reasonably suspected complaint of corrupt conduct involves the Vice-Chancellor and President, the Director, People and Culture must refer the matter to the Chancellor to report and manage the complaint in accordance with the Complaints about the Vice-Chancellor and President (Crime and Corruption Act 2001, s 48A) – Governing Policy.

7.7.3 When there is no obligation on the University to report matters of fraud and corrupt conduct to authorities the University can consider reporting the suspicion to the relevant external body.

7.8 Civil proceedings to recover the proceeds of fraud or corruption

7.8.1. When there is an instance of fraud or corruption resulting in monetary loss to the University, the University can take action to recover any lost funds. The recovery process is initiated in instances where the likely benefits of recovery are expected to exceed the funds and resources invested in the recovery action.

7.9 Review of internal controls

7.9.1 Following the detection of fraud, the organisational unit manager, in consultation with the Director, Governance and Risk Management, must reassess the adequacy of the internal control environment and identify actions to strengthen the controls.

7.10 Records management

7.10.1 Significant instances of fraud and corruption are maintained in a register within People and Culture. All records are captured in an approved management system in accordance with the Records Management – Procedures.

7.10.2 Records are classified as 'restricted’ in accordance with the Data Classification – Procedures.

8. Authorities and responsibilities

8.1 As the Approval Authority the Vice-Chancellor and President approves these procedures to operationalise the Fraud and Corruption Control – Governing Policy.

8.2 As the Responsible Executive Member the Vice-Chancellor and President is authorised to approve guidelines to further support the application of these procedures.

8.3 As the Designated Officer of this policy the Director, Governance and Risk Management can approve associated documents to support the application of these procedures.

8.4 These procedures operate from the last amended date, with all previous iterations of fraud and corruption control procedures replaced and no longer operating from this date.

8.5 All records relating to fraud and corruption control must be stored and managed in accordance with the Records Management – Procedures.

8.6 These procedures must be maintained in accordance with the University Policy Documents – Procedures and reviewed on standard 3-year policy review cycle.

8.7 Any exception to these procedures to enable a more appropriate result must be approved in accordance with the University Policy Documents – Procedures prior to deviation from the procedures.

8.8 Refer to Schedule C of the Delegations Manual in relation to the approved delegations detailed within this policy.

9. Appendices and supporting documents

Fraud and Corruption Control Plan