Growing fraud trends in Australian health care

RSM Australia
By Jayesh Kapitan and Roger Darvall-Stevens*
Wednesday, 20 March, 2024

Growing fraud trends in Australian health care

As the healthcare landscape evolves, so do the methods of fraud.

Health care is a vital sector that directly impacts the wellbeing of individuals and the broader Australian community. However, like any other industry, it is not immune to fraud risks. Healthcare fraud can have detrimental consequences, from compromising patient safety to draining valuable resources.

Healthcare fraud can take various forms, including billing for services that were never provided, falsifying patient records, kickbacks and pharmaceutical fraud. And while many organisations have internal controls in place to combat fraud or corruption perpetrated by an employee or other associates related to the organisation, it can be easy to overlook these internal controls.

Identity theft in health care is a key area of concern and can involve fraudsters stealing patient information to submit fraudulent insurance claims or obtain medical treatment, prescription medications or government benefits.

According to the Office of the Australian Information Commissioner, health care was the most targeted sector for data breaches in the January–June 2023 period, with 15% of all reported data breaches occurring in the healthcare sector1.

Why healthcare organisations are being targeted

Health care is one of the largest sectors of the Australian economy at approximately 10% of GDP2. With substantial government funding, private insurance payments and out-of-pocket expenses from patients, the vast financial resources flowing through the healthcare system present an attractive target for fraudsters. In addition, Australia’s healthcare system is a complex mix of public and private funding sources, including the government’s Medicare program and private health insurance.

This complexity creates opportunities for fraud, as the billing and reimbursement processes can be challenging to navigate and monitor effectively. Fraudsters exploit this complexity to submit inaccurate or inflated claims, engage in code manipulation schemes and engage in other fraudulent billing practices that may go undetected.

Prevention and detection of healthcare fraud

In Australia, the Australian Standard AS 8001:2021, Fraud and Corruption Control, has been the pre-eminent guide on how to prevent, detect and respond to the risks of fraud and corruption. Healthcare organisations can use AS8001:2021 as a guide to prevent and detect fraud by implementing a robust anti-fraud framework or program. This means ensuring that healthcare organisations create and regularly update policies and procedures that clearly outline their approach to fraud prevention and detection.

In addition, healthcare organisations should conduct regular risk assessments to identify areas where fraud is most likely to occur. In the healthcare sector, this may involve evaluating billing processes, financial transactions and data security.

Finally, healthcare staff should receive regular training on recognising and reporting fraud. AS8001:2021 suggests developing training programs to educate employees about the types of fraud that can occur within the healthcare industry and how to report suspicions.

Another effective detection method is for healthcare organisations to implement fit-for-purpose whistleblower reporting mechanisms. According to the Association of Certified Fraud Examiners (ACFE) Occupational Fraud 2022 A Report to the Nations report, 58% of fraud in the Asia–Pacific region is detected by a tip3. Therefore, it is imperative for healthcare organisations to provide avenues for employees, contractors and other stakeholders to report suspected fraud and corruption. This can involve implementing secure and anonymous reporting channels where individuals can safely report their concerns. These channels should be easily accessible to all stakeholders.

It is also important to ensure that healthcare organisations have a robust data analytics program that can help detect and prevent fraud. Data analytics can be used as an early detection tool as it enables healthcare organisations to identify unusual patterns and anomalies in claims, billing and patient data.

This early detection can help prevent fraudulent activities before they escalate, reducing financial losses. Data analytics can also be used for predictive modelling as it can forecast potential fraud risks based on historical data, allowing healthcare organisations to take pre-emptive measures to prevent fraud. This can include monitoring high-risk providers or regions more closely.

Finally, data analytics can be used to identify unusual patient and provider behaviour by flagging unusual activities that may indicate fraud. This can include assessing patient–doctor relationships, identifying multiple claims for the same condition or detecting providers with higher-than-average billing rates.

Overarching the prevention and detection methods listed above is governance. Governance plays a critical role in combatting fraud in the healthcare sector in Australia for a number of reasons:

  • Regulatory compliance: The healthcare sector in Australia is subject to numerous regulations, including laws related to privacy, billing and fraud prevention. Effective governance ensures that healthcare organisations adhere to these regulations. It establishes clear policies and procedures to guide employees and providers in their daily operations, reducing the likelihood of inadvertently violating laws and regulations related to fraud.
  • Ethical and cultural influence: Strong governance sets the tone for an organisation’s culture. When leaders prioritise ethical conduct, transparency and accountability, it sends a clear message to employees and providers that unethical behaviour and fraud will not be tolerated. An ethical organisational culture encourages employees to report suspicious activities, ensuring that fraud is detected and addressed promptly.
  • Risk management: Fraud in health care can result in significant financial losses, damage to an organisation’s reputation and legal liabilities. Effective governance involves implementing robust risk management strategies, such as identifying and assessing fraud risks, establishing internal controls and monitoring for signs of fraudulent activities. By proactively managing these risks, healthcare organisations can reduce the likelihood of falling victim to fraud and minimise its impact.


Healthcare fraud is a growing trend in Australia, with various areas of vulnerability. As the healthcare landscape evolves, so do the methods of fraud. Staying vigilant and implementing comprehensive strategies to prevent and combat healthcare fraud are essential to ensure the continued integrity of the healthcare system and the wellbeing of patients.

1. Office of the Australian Information Commissioner 2023, Notifiable Data Breaches Report: January to June 2023, Commonwealth of Australia, <<>>

2. Australian Institute of Health and Welfare 2023, Health expenditure Australia 2020-21, Commonwealth of Australia, <<>>

3. Association of Certified Fraud Examiners 2022, Occupational Fraud 2022: A Report to the Nations, <<>>

*Jayesh Kapitan is National Leader – Health for RSM Australia, and Roger Darvall-Stevens is Head of Fraud & Forensic Services, RSM Australia.

This article is an abridged version of a white paper originally published by RSM Australia.

Top image credit:

Related Articles

Adapting to new cybersecurity challenges: a roadmap for Australian government agencies

Given the rise in cyber threats against government networks and critical infrastructure sectors,...

Overcoming the top cybersecurity challenges faced by public agencies

With a new cybersecurity strategy out and the right approach to key challenges, the public sector...

EKA CyberLock: securing critical infrastructure in a connected world

EKA CyberLock combines the attributes of a proximity card access control system with those of a...

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd