Where does this data come from?
Public entities detect the fraud...
Public entities are responsible for preventing and detecting fraud. They do so largely by maintaining a culture of integrity supported by strong internal controls. When public entities suspect that fraud might have been committed, they need to protect any evidence they might have and consider the most appropriate next steps – including quickly informing their auditor.
... tell their Appointed Auditor...
In turn, as part of their professional obligations (see auditing standard AG ISA (NZ) 240), the Appointed Auditors are required to tell us.
... and we report it
Because we depend on the information that public entities provide, we probably won't know the full extent of fraud in the public sector. That said, we see value in sharing what we do know, because that might help public entities to consider where their risks might lie.
Each year, we will share information on the incidents of fraud that auditors have reported to us. As the data increases, we might see trends or patterns for different types of public entities, which could also be useful in mitigating risk. We also use the data to help auditors, by identifying risk factors for their audits.
Page last updated: 1 November 2013