Policing Welfare: Risk, Gender and Criminality

Over the last three decades, welfare states across the West have embraced a host of new technologies and initiatives in the name of fighting welfare abuse and fraud (see Cook 1989, 2006; Wacquant 2001, 2009). Increasingly, these practices of ‘welfare policing’ are graduated according to risk; particular welfare populations considered at greater risk of welfare fraud are subject to more intense scrutiny. Drawing on interview research with compliance staff from the Australian Department of Human Services, this paper critically explores how the rationality of risk figures in the process of welfare surveillance in Australia. It pays particular attention to the ways in which risk formulations are embedded in gender and class politics, and how this has led to the characterisation of single mothers and unemployed recipients as more ‘risky’ than the general welfare population, a point that is often overlooked in the literature. But, far from being immutable, this paper also considers how the politics of risk are open to reformulation with often unexpected results.

Informed by a governmentality analytic, this paper explores the deployment of risk rationalities by the DHS with focus on two risk-based initiatives: the data mining customer profiling program; and the introduction of tiered compliance reviews. In doing so, I draw on 12 semistructured interviews with DHS welfare compliance staff, supplemented by documentary sources. Analysis of these two projects illustrates how the rationality of risk can play out differently depending on the goals and agendas to which these rationalities are aligned. But it also makes visible the ways in which old and new meanings about gender, poverty and criminality fundamentally shape definitions of riskiness, and how welfare surveillance practices play out more generally. This is a point that is routinely overlooked in analyses of risk (Hannah-Moffat and O'Malley 2007;Henman and Marston 2008).

IJCJ&SD
115 Online version via www.crimejusticejournal.com © 2016 5(1) In this paper, I first set out the governmentality approach that I employ in this article. I then turn to an examination of the emergence and consolidation of risk rationalities in the Australian social security system. I use two case studies, the data mining customer profiling project and tiered customer reviews, to examine key assumptions underpinning risk management practices and how gender and class shape risk rationalities. Finally, this paper briefly considers the potential for rearticulating risk rationalities for more progressive ends. Whilst the empirical focus of this paper is firmly in the Australian context, I anticipate that the analysis has broader relevance for understanding the deployment of risk rationalities in the welfare arena elsewhere. This is because the analysis acts as a firm reminder that risk rationalities need to be examined in context, and in a manner that is attuned to the operation of class and gender politics.

Employing a governmentality approach
This paper utilises a governmentality framework to make sense of the emergence and implementation of risk rationalities in Australia's welfare compliance regime. Foucault (2007Foucault ( , 2008 developed the concept of governmentality during two lecture series presented at the Collège de France in 1977-78 and1978-79. To explain this concept, he revived the sixteenth century definition of 'government' in which the term referred broadly to any calculated plan to direct or manage one's self or others. From this perspective, welfare surveillance and other compliance activities can be construed as a form of governance. Foucault's understanding of government ultimately shifts the focus of analysis away from the political institutions of the state and towards an examination of specific governmental techniques; to put it more crudely, the 'how' of governing. This concept has been adopted and elaborated by scholars into a fully-fledged conceptual framework for examining specific projects of government (see Gordon 1991;Miller and Rose 2008;Rose 1999;Rose and Miller 1992). Rose and Miller (1992) analyse government in terms of the 'rationalities' that underpin calculated plans to govern people and the 'technologies' that are mobilised to carry out these plans. Where rationalities make certain forms of governing thinkable and justifiable, technologies are the 'complex of mundane programmes, calculations, techniques, apparatuses, documents and procedures through which authorities seek to embody and give effect to governmental ambition' (Rose and Miller 1992: 175).
A governmentality analytic offers a particularly fruitful approach for the present research. It provides a critical lens through which to interrogate the calculated ways in which the DHS conceive of, and govern, the problem of welfare fraud and its proponents. Importantly, it facilitates a more nuanced and precise account of the complexities of risk-based practices compared to totalising versions of state action. Through a governmentality lens, I can move beyond the condemnation of welfare compliance strategies as wholly punitive and unpack the explicit and implicit objectives that underpin risk-based welfare surveillance, including how gender and class figure in these initiatives.
I supplement this governmentality analysis with empirical research of 'actual' risk-based approaches to compliance. In doing so, I take influence from Stenson's (2005: 266; see also Lippert and Stenson 2010) 'realist governmentality' approach in which 'discourse analysis of mentalities' is combined with 'grounded, empirical, realist analysis of governing practices'. As Lippert and Stenson (2010: 486) explain, such an approach does not espouse a revival of a positivist conception of 'the real' nor indeed the realism of the critical realist movement, which they suggest tends towards 'thinly disguised Marxist materialism'. Instead, the authors 'have in mind a more plural, protean reality in relation to specific programmes and rationalities', which pays attention to context and the 'conditions of possibility and contingency' (Lippert and Stenson 2010: 486 More importantly, the articulation of governmentality with grounded, empirical analysis addresses some of the key deficiencies of a governmentality approach. In particular, it can help to overcome the tendency in governmentality studies to produce overly abstract analyses and take account of the power and impacts of the modern state. As McKee (2009: 467) contends, a realist governmentality approach can 'reveal the messiness and complexity involved in the struggles around subjectivity, and offer a more nuanced and finely grained analysis of governing in situ'.

Method
In line with this approach, I seek to bring together documentary sources as well as analysis of interview data to examine the enactment of risk rationalities within the DHS's Business Integrity Division. Specifically, I draw from 12 semi-structured interviews conducted in 2014 and 2015 with Business Integrity staff. Ten interviews were conducted with staff from the Serious Non-Compliance (SNC) section of the Business Integrity Division presently working in the areas of data mining and predictive analytics, intelligence analysis and fraud investigation. A further two interviews were conducted with Customer Compliance Branch (CCB) staff engaged in customer review work. Where the SNC section is principally concerned with suspected cases of fraud, the CCB is centred on payment integrity and overpayment detection and recovery.
These interviews were conducted with the permission of the DHS and under the terms of a Memorandum of Understanding (MoU). All but two interviews were conducted in person across four Australian jurisdictions. All interviews lasted between 45 minutes and 1.5 hours. The interviews were coded thematically, paying particular attention to issues of risk and gender, and the relationship between them. Pseudonyms replace interviewees' names in this paper to protect the anonymity of the participants. Whilst drawing on all interviews, I rely most heavily on the interviews conducted with Henry and Daniel of the SNC Section and John from the CCB, as these research participants were directly involved in the development and implementation of data mining and the tiered review system respectively.
The core of the documentary source data derives from a systematic analysis of all annual reports issued by the former Department of Social Security since 1970. I also draw more sporadically on Centrelink and DHS annual reports, past and present DHS compliance strategies, and information garnered through the Senate estimates process. From this data, I have sought to chart the emergence of the language and practice of risk management within the department. Ultimately, these data provide the broad outline with which to contextualise the interview data. Together, these data complement one another, with each providing a particular insight into the somewhat opaque practices of policing welfare.
It is however important to recognise the limitations of the data. First, the interview sample is unquestionably small and selective. This is particularly true when considering the size of the Business Integrity (BI) division, which comprises hundreds, perhaps thousands, of staff working across Australia. Consequently, it would be inappropriate to draw broad conclusions about welfare compliance practices from the data. The sample is best described as a purposive sample IJCJ&SD 117 Online version via www.crimejusticejournal.com © 2016 5(1) designed to provide important and rich insights about the workings of individual teams and initiatives in the DHS, albeit from the participant's own perspective.
Secondly, the MoU set limitations on this research. Significantly, the MoU obliges me to submit drafts of my work prior to publication to the DHS for 'clearance of departmental content'. Senior management explained that this provision was essential for verifying accuracy and identifying and redacting material that would 'compromise a fraud operation': that is, reveal specific information about an operation that is currently underway. In line with this requirement, a draft of this paper was submitted to the Department for review. Comments from a senior DHS official clarifying the scope of work of the Data Mining Team were subsequently incorporated into this revised version of this paper.
The methods employed in this research undoubtedly shape and constrain the research findings. But while the approach adopted here might prevent the making of wide-ranging and emphatic conclusions about welfare policing in Australia, this is not the paper's intent. Instead, this paper aims to offer contextualised insights into two specific risk-based strategies from the perspective of participants who have been directly involved in crafting and implementing these strategies. Ultimately, it is hoped that this approach will draw attention to some of the messy 'realities' of implementing risk-based approaches to welfare compliance, albeit a somewhat small and selective observation of them.

The rise of risk in Australian social security compliance
Western welfare states have a long history of drawing on criminal justice strategies in the name of guarding against fraud and abuse. In fact, in Australia, police officials were intimately involved in the administration of the first Invalid and Old-Age Pension schemes in the early twentieth century. According to the NSW Police Manual (1915: 90), officers were responsible for assisting claimants with pension documents, and were charged with investigating the 'truth of statements contained in claims'. From the outset, the administration of the pension in Australia assumed the dishonesty of applicants. In Henman and Marston's words (2008: 194), the 'social assistance system has a long history of highly intrusive, detailed and ongoing surveillance of claimants and recipients to minimise fraud and ensure eligibility'.
Notwithstanding this lineage, the approach to policing the problem of welfare fraud has shifted significantly in recent decades. Whereas previous forms of welfare surveillance and investigation were largely discretionary and ad hoc, since the late 1970s, welfare policing has become increasingly centralised, systematic and risk-based. Certainly, targeting more 'suspicious' or apparently underserving welfare recipients is far from new (Henman 2004). But the emergence of actuarial risk logics in the welfare arena and the concomitant rise of advanced data analytic software have made the process of identifying and targeting risky welfare populations far more systematic, even automatic.
In many respects, the rise of risk in the welfare compliance regime forms part of broader shifts in the welfare state. In the mid to late 1970s, in the context of economic crisis, welfare states across the West were increasingly under attack. By 1974, Australia, along with much of the Western world, was in the midst of recession, punctuated by growing long-term unemployment, and rising inflation and interest rates. This tumultuous economic climate produced a sense of crisis and vulnerability, inviting scrutiny of the reigning logic of Keynesianism (Archer 2009;Marston and McDonald 2007;Mendes 2008). This loss of faith in Keynesianism hinged in particular on the sharp and simultaneous rise of stagnation and inflation ('stagflation'), which could not be explained by Keynesian economic theory. This environment provided ideological space for the ascendency of New Right politics in Australia, marked by the election of the Fraser Coalition Government in 1975.
The New Right refers to a coalition of neoliberal and neoconservative rationalities. It rests on a faith in the globalised and liberalised market on the one hand, and socially conservative valorisation of traditional institutions, such as the family and retributive punishment, on the other (Mendes 2008;O'Malley 1999). Whilst there are tensions within this alliance, both neoliberals and neoconservatives reject Universalist approaches to welfare provision and share a belief in individual responsibility for unemployment. Unsurprisingly then, 'pruning' the wasteful elements of the welfare state became a core policy of the Fraser Government (Pemberton 1980).
Part of this New Right welfare reform agenda was a commitment to crackdown on 'dole cheats'. Perhaps ironically, attempts to reduce the costs of welfare coincided with a massive redeployment of state resources to scrutinise and monitor welfare recipients (Pemberton 1980). In 1977, specialist Benefit Control sections were established to investigate noncompliance and fraud. These quickly swelled from just 15 staff to 106 staff in 1979, whilst the number of Field Officers jumped from 188 to 350 in the same period (Pemberton 1980: 33-34). So-called 'saturation checks' were also introduced, in which field officers knocked on literally hundreds of thousands of claimants' doors to check their eligibility (see Benefits Checks Confirmed 1978).
The rapid increase in the numbers of welfare claimants led the Department to re-think its approach (DSS 1997). The localised and personalised policing of decades past was no longer feasible. As the 1978-79 Department of Social Security (DSS) Annual Report (1979: 58) reads: Ensuring that each individual obtains his or her correct entitlement under the relevant legislation has inevitably been made more difficult by the rapid growth in the numbers covered by income support programs administered by the Department … While the rate of identification of [false] claims can be increased by more detailed examination, a disproportionate level of resources would need to be employed … The Department believes that the problems associated with the scale of its payments, the extent of decentralisation of its functions, and the existence of fraud, can best be tackled using innovative methods.
Whilst the language of risk is not yet explicit, this statement hints at its development. This passage also suggests the Department's acceptance of the need to target surveillance on particular segments of the welfare population. Already, the Department had introduced periodic reviews of pensioners 'whose entitlements are liable to vary', again suggesting a move towards selective application of surveillance practices based on apparent likelihood of debt and fraud (DSS 1979: 58).
Whilst the sharp influx of benefit recipients undoubtedly fuelled the development of risk rationalities, it also reflects the spread of risk logics in the field of crime control more generally.
The new salience afforded to risk-based approaches has led some, notably Ulrich Beck (1992), to declare the arrival of the 'risk society.' Whilst dubious of such totalising claims, there is little doubt that risk logics have enjoyed exponential growth in recent decades. For Zedner (2007: 262), the rise of risk-based approaches is linked to the emergence of a 'pre-crime' society. The label 'pre-crime' captures the temporal shift in dominant understandings and responses to crime: no longer is crime 'conceived principally as harm or wrongdoing and the dominant ordering practices … post hoc'; now, 'crime is conceived essentially as risk or potential loss' requiring pre-emptive responses to forestall future crime (Zedner 2007: 262). In short, the rise of risk in, and pre-emptive responses to, social security fraud and compliance is but one example of a broader trend. Given the increasingly individualised explanations of disadvantage and social inequality in line with a pervasive neoliberal rationality, the governance of social problems demands a capacity to target and track subpopulations to calculate levels of individual and social risk, and in turn to regulate their behaviour.
However, as O'Malley (2001: 90) stresses, risk is not necessarily underpinned by neoliberalism: 'the politics of risk and the social are not fixed, nor is the march of neo-liberalism inexorable'. This is a theme I will return to later in this paper.
Risk approaches came to full fruition in the mid-1980s in Australia. With the implementation of the first integrated and comprehensive fraud and overpayment strategy, the DSS placed greater emphasis on developing its risk-based approaches. In 1986, the DSS (1986: 81) reported that 'Good progress has been made on the development of a risk-related approach to the investigation of new claims'. In the following year, the DSS (1987: 24) elaborated on its riskbased approach, noting: The Department believes that frequent, detailed reviews of all clients to be inappropriate because most are honest and meet their obligations under the law. Reviewing all clients also wastes resources. The Department, therefore, has developed a risk-based approach to select those cases most likely to need attention. Statistical surveys are analysed to provide an outline of people with an above average risk of incorrect payment. The computer selects clients with these characteristics and, through the National Selective Review System (NSRS), regional office staff are asked to review them.
In other words, the Department analysed recipient data using statistical methods to develop risk profiles; that is, collections of customer characteristics apparently associated with higher levels of overpayment and fraud. Recipients that fit these profiles were deemed more likely to incur a welfare overpayment or engage in fraud, and were therefore tagged for more frequent or intensive scrutiny (Henman 2004). These risk profiles provided apparently objective criteria for the selective targeting of welfare recipients. This approach to risk can be described as an actuarial risk management model. It is underpinned by a predictive logic and assumes that past data is a reliable predictor of future behaviour. As Henman (2004: 179) explains, in these risk technologies, 'the notion of a suspect is recast and inverted. Instead of being someone suspected of being responsible for a known crime, the suspect is now someone who might have done something we do not know of or may do in the future'.
With the continuing advancements in data analytic software, and the spread of data surveillance across the private and public sectors, risk-based welfare surveillance has only continued to grow. Risk technologies have become more sophisticated and large-scale. Since 2004, the DHSand Centrelink before it -has progressively increased its data mining capacity, including the establishment of a dedicated data mining team in 2009 to employ 'advanced statistical techniques' to identify high risk customers (Australian Government 2009). Yet, while the technologies and statistical approaches have advanced significantly since the mid-1980s, the IJCJ&SD 120 Online version via www.crimejusticejournal.com © 2016 5(1) present approach to risk-based surveillance resembles its earliest forms. The predominant approach is based on a calculative model in which vast bodies of customer data are translated into predictive formulae.
It is important to recognise that the emergence of risk-based welfare surveillance occurred alongside the development of a host of other tools and technologies for monitoring welfare recipients that do not rest on risk logics or at least not the same kinds of actuarial risk logics outlined above. For example, Centrelink's fraud media strategy, which centres on publicising successful fraud prosecutions, is explicitly understood as a 'deterrent measure for those customers who may consider that failing to meet their obligations carries no detrimental effects' (Centrelink 2009). It also represents a public display of the state's vigilance in the face of welfare fraud, a strategy that Garland might refer to as an 'expressive' strategy (Garland 2001). Similarly, the Centrelink fraud tip-off is not a risk tool, but instead reflects a 'responsibilizing' strategy in which the state requests the support of citizens in the fight against fraud (Garland 2001). In short, the rationality of risk is a core organising principle in the Australian welfare compliance regime, but it is not the only rationality in operation.
Indeed, during the late 1990s, the emphasis shifted from targeted risk-based surveillance to a high volume of entitlement reviews. This was driven by the establishment of quantitative review targets in which Centrelink was required to conduct a specific number of reviews. For example, in 2001, Centrelink's review benchmark was 1.1 million (Centrelink 2001: 52). Whilst the precise targets in the years that followed are not publically available, it is likely that these review benchmarks were even higher. For example, in 2005-06 Centrelink conducted over 4 million reviews, representing about two thirds of the customer population (Centrelink 2006: 9, 27). In 2009-10 there were 3.5 million reviews conducted against a population of about 7.2 million customers (Centrelink 2010: 8). The rationality of risk was still present, but the emphasis on volume reviews diluted it.
Since 2008, the DHS has sought to refocus its compliance efforts on customers most at risk of overpayments. The data mining team has been central to this process.

Data mining and customer risk profiling
In the 2009-10 budget, the Australian Government announced the establishment of an 'ongoing data mining capability in Centrelink that will help identify customers most at risk of receiving incorrect payments' (Australian Government 2009 One initiative of the Data Mining Team, undertaken whilst it was part of the CCB, was the customer risk profiling project. To put it crudely, the Data Mining Team mined ten years of customer data in the Centrelink Mainframe using decision tree methodology to identify demographic characteristics associated with welfare claimants that had been overpaid (interview with Henry, SNC; see also Bohlscheid 2013;Zhao et al. 2009). Based on the results from mining this data, the Team developed risk profiles and applied them to the current social security population to rank recipients as low, moderate, high or very high risk (Bohlscheid 2013;Cao 2012). As Henry (SNC) explains, 'let's say there's 600,000 Newstart customers, 2 which there are, we will literally rank them from most apparently non-compliant, to most compliant. A list of 600,000'.
Ultimately, the models developed by the Data Mining Team have provided the basis for making decisions about who should be subject to compliance reviews. Previously, a large volume of reviews were conducted for each payment type. As Henry explains, 'they [then Department of Family and Community Services] would insist on doing 1.1 million Newstart reviews, 500,000 Aged Pension reviews …' Now, the vast majority of reviews are the result of selections made by the Data Mining Team: '[I]nstead of doing 4 million reviews a year, we could reduce it to 1 million. You can imagine the savings attached to that'. Data mining is thus lauded as a more effective and efficient means for prioritising compliance activities.
The Data Mining Team is now housed within the SNC Section. Consequently, its work is more focused on identifying patterns and developing models to detect fraud. Differing views were presented by participants about the process of making selections from the data in the SNC, which may be the result of recent and significant changes to the team, including its shift to the SNC Section. According to Henry, speaking in 2014, 'what we do now is, we continue to meet the needs of compliance by sending them selection cases, but we cream off the top and we send them to the Intelligence Assessment Unit for investigation and that's working out extremely well'. But this is a point that senior management strongly refutes. Instead, management explained that selections in the SNC Section have always been based on precise triggers, rather than broad statistical correlations between demographic factors and apparent non-compliance. In other words, the 'cream' was never simply transferred to the SNC for investigation.
However, in a subsequent interview conducted with Daniel, a Data Miner in the SNC, he suggested that: It's [referral of customers identified as at very high risk of non-compliance to the SNC] something that was occurring earlier on. At the moment, we've moved away from that sort of approach. The indicators of somebody being non-compliant are not the same as that of someone who is behaving in a fraudulent manner. So if you build the model to target non-compliance, the top one per cent is not necessarily fraudulent. So we've moved towards building models targeting serious non-compliance more specifically.
According to Daniel (SNC), data mining activities in the SNC are usually focused on a subset of the claimant population: for example, by payment type, rather than the population as a whole. The Team uses a range of techniques to mine demographic and activity data to identity risks associated with fraud. This includes examining 'historic prosecutions data, which we can use to try to identify people that have similar characteristics'. As Daniel (SNC) explains, 'We'll usually identify between 30 and a 100 parameters that we will use as inputs into the model, which will IJCJ&SD 122 Online version via www.crimejusticejournal.com © 2016 5(1) then select the most relevant subset of these to use'. The model is then applied to the pool of customers escalated to the SNC by the CCB.
Once a selection is made this is translated into a list of customers. This list is then passed on to an intelligence team which examine potential cases, and decide whether further action is warranted. In other words, there are layers of 'human analysis' separating the identification of a customer as at risk of fraud and actually labelling that customer as 'criminally suspicious'.

Conceptualising risk in data mining
Data mining is essentially concerned with prediction. It is 'directed toward the identification of behaviour and status markers that serve as reliable indicators of a probable future' (Gandy 2006: 364). This calculative process is underpinned by a rationality of risk; individuals are reconceived as clusters of risk factors that can be calculated and developed into risk profiles. These profiles provide the basis, or least one of the bases, from which decisions are made about which customers deserve scrutiny. In this sense, data mining is a tool of social sorting in which people are placed 'into categories, assigning worth or risk, in ways that have real effects on their life chances' (Lyon 2002: 1).
The work of the Data Mining Team is considered to be a scientific and neutral exercise. In Henry's words, 'we let maths [sic] and science take over'. But as Zedner (2006: 427) contends, 'to conceive of risk assessment as a distinct apolitical calculative exercise is to ignore the extent to which the very definition of risk is context based'. Indeed, as O'Malley (2008: 453) reminds us, risk 'is always a moralized way of governing'. The assumption of neutrality in fact masks the moral judgments involved in the process of social security data mining. Significantly, it obscures the biases that may be embedded in the data. Unemployed recipients and single parent pensioners have long been more frequent targets of compliance initiatives, and this is likely to be reflected in the compliance data. The historical focus on these segments of the benefit population has not necessarily been underpinned by evidence that these recipients are more prone to fraud and/or non-compliance. Instead, it reflects entrenched moral anxieties about these payment recipients who have apparently failed to get a job (or keep a man). These segments of the welfare population have routinely been cast as less deserving than other welfare beneficiaries, such as disability pensioners that apparently need assistance due to no fault of their own (although this latter assumption itself may also be unravelling) (Mendes 2008).
It is perhaps no surprise then that, when the former Department of Social Security (DSS) introduced the National Selective Review System in the 1986 financial year, it initially only applied to sole parent pensioners and unemployment benefit recipients, although as the DSS explained, '[i]n the next couple of years the system will be expanded to cover all pension and benefit types, as well as recipients of the various forms of assistance to families'. Single parent pensioners and unemployment benefit recipients were also subject to mandatory in-office interviews and were the sole focus of Mobile Review Teams (DSS 1987: 25-6). In the late 1980s, the apparent 'campaign' against single mothers on welfare was denounced by the Australian Federation of Community Legal Centres (1988) who blamed it for the 'alarming 100% increase in the number of women jailed for social security fraud' in 1988.
In more recent years, particularly with the rise of volume reviews in the late 1990s, compliance activities have focused on all payment recipients. But single parents and the unemployed continued to attract more frequent attention. For example, in 2004-05 a special budget measure provided for Centrelink to 'undertake 20,000 face-to-face interviews each year for Parenting Payment (Single) customers who report a change of address', with the purpose of verifying recipients' relationship status (Australian Government 2004). The historical focus on single parent pensioners and the unemployed is likely to have resulted in the overrepresentation of IJCJ&SD 123 Online version via www.crimejusticejournal.com © 2016 5(1) these -and probably other 'undeserving' -claimant populations in the overpayment and fraud data. The process of data mining may simply reproduce entrenched class and gender inequalities buried in the data, re-articulating them within the neutral and scientific language of risk.
Indeed, there is some evidence to support this contention. Whilst it is not possible to gain access to current data mining models, some indication of the kinds of predictors of non-compliance can be discerned from articles published by consultants previously working for Centrelink. For example, using positive and negative sequence methodologies, Zhao et al. (2009) identified customers aged 21 to 28 years who rent, and have a partner who earns casual income, as having a high probability of incurring a welfare overpayment. On the other hand, customers who own their home who visited the same customer service centre and received regular Centrelink payments of between $400 and $800 were less likely to incur an overpayment. Where the first sequence suggests financial and perhaps housing insecurity, the latter implies someone with a more stable home situation. Ultimately, many of the risk factors identified in these papers are also indicators of social and economic disadvantage, suggesting that class politics figure in risk formulations.
Similarly, Zhao et al. (2009) identify being male as associated with incurring less debt. According to a Henry (SNC), another risk factor is: Number of children; you can almost understand. Families on a benefit are really vulnerable; not much money, large number[s] of children. There could be [a] tendency to not let us know something rather than have their payment reduced.
As a consequence of these variables, it follows that single women with young children are like to be classed as more risky than men without children. Single women have been found to be at greater risk of not repaying debts (Bohlscheid 2013). Yet, we know that single parent families, which are mostly headed by women, face disproportionate levels of financial stress (Graham and Marston 2012;Linacre 2007). It would appear that those identified as most at risk of noncompliance represent the most socially and economically disadvantaged segment of the welfare population. This aligns with Henman and Marston's (2008: 201) contention, 'that surveillance practices -as a burden and a risk of being surveilled -operate and coagulate more heavily on the more disadvantaged members of society'.
After submitting a draft version of this paper for review, senior management ran some basic demographic analysis in the Integrated Review System and found no statistically significantly over-representation of any specific demographic, including based on sex (DHS 2016). According to Daniel (SNC), none of the models 'have pulled out gender as an explanatory variable'. Gender is however '[fed] in as a matter of course as it may be relevant and is a simple piece of data that we have on the vast majority of customers'.
Regardless of whether demographic factors, such as sex, home ownership status and Indigenous status, or transactional variables, such as lodgement of change of address forms, are strong and reliable indicators of non-compliance, a more fundamental question emerges: is it appropriate to base decisions about who should be subject to surveillance on these factors? It may be undesirable in a liberal democratic society to rely on demographic variables at all, particularly if they would, in other contexts, be considered inappropriate or discriminatory. Yet, simply omitting the most sensitive or problematic variables, such as sex, race or marital status, would not necessarily answer this problem. Firstly, many other variables correlate with these sensitive variables. And omission of such variables is likely to reduce the overall accuracy of the model (Calders and Žliobaitė 2013). Ultimately, the use of customers' demographic and transactional information, at the very least, warrants a cautionary approach.
IJCJ&SD 124 Online version via www.crimejusticejournal.com © 2016 5(1) In any case, the fact remains that women are overrepresented in the prosecution statistics (Prenzler 2012). In 2013-14, the most recent statistics available, women made up approximately 62.8 per cent of convictions (Senate Standing Committee on Legal and Constitutional Affairs 2015). In the same year, women comprised approximately 57.9 per cent of the social security population (DSS 2014). Whilst women are slightly overrepresented as a proportion of the social security population, in light of Steffensmeier and Allan's (1996: 259) oft-quoted statement that '[w]omen are always and everywhere less likely than men to commit criminal acts', the overrepresentation of women in social security crime statistics is exceptional.
In light of this, I asked Henry why he thought women were overrepresented in the prosecution statistics. He explained: Well, I'll have to admit that I didn't know that. Because when I look at prosecution results and the data that comes back and forth and because I work in the Centrelink mainframe, I guess my excuse is that I've always looked at cases based on the populations they come from and I'm so analytical it's not really people. So, I look at them as Newstart cases or Parenting Payment Single cases -I guess that's a lot women, if not nearly all women.
As this comment reveals, the technologies of data mining effectively translate welfare recipients with unique needs, identities, histories and futures into clusters of potentialities and members of risk categories. It serves to distance practitioners from the outcomes of their practice.
Ultimately, the process of risk profiling reduces the complex individual and social causes of welfare debt into individualised risk factors produced by algorithms. As Henman (2004: 179) contends, in this process 'the social and systemic aspects of the differential distribution of overpayments are deflected'. Data mining does not and cannot enquire into the cause/s of this overpayment. It instead focuses on post hoc risk management, usually in the form of debt recovery and/or investigation. This framework largely forecloses prevention or systemic reform as a legitimate response to non-compliance. A number of studies indicate, for example, that simplifying complex income reporting obligations, particularly in light of the rise of precarious and casualised work, would significantly reduce overpayments (see Hughes 2008;Hui, Moerman and Rudkin 2011). Yet such opportunities are obscured by this risk technology, which is squarely focused on the post hoc management of risky welfare populations.
As a result of data mining activities in the DHS, far less people have been subject to intrusive entitlement reviews. But these activities also result in closer scrutiny of specific welfare populations just because they 'look' like past debtors or fraudsters, not because they are suspected of doing anything wrong. And, judging from the available data, it appears that these people are more likely to be the most disadvantaged welfare recipients. Actuarial risk profiling may simply further marginalise already disadvantaged populations.

Rearticulating risk: The tiered compliance review model
Elsewhere in the DHS, risk rationalities are playing out in very different ways. In the Customer Compliance Branch (CCB), which is concerned with overpayment and payment integrity as opposed to fraud, the introduction of a tiered system of compliance reviews has ultimately led to less accusatory and punitive interactions between the DHS and welfare recipients. In this setting, risk practices are informed by the goals of economic efficiency and early intervention and prevention of non-compliance. This model, albeit still very much aligned with neo-liberal goals, is resulting in better outcomes for 'risky' welfare recipients. Significant progress has been made in this transformation by establishing a riskbased business model and implementing a number of early intervention activities. This has led to new compliance interventions which educate, inform and assist people accessing payments and services (DHS 2013: 8).
Whilst compliance reviews have always been an administrative process principally concerned with ensuring payment accuracy and raising overpayments, the previous review process effectively assumed the dishonesty of payment recipients. These 'whole of payment reviews' involved a full scale examination of the person's circumstances, which often included seeking information from customers' employers and financial institutions and inquiring into customers' relationship status and living arrangements. All information provided by customers had to be verified. The process and related debt-recovery actions could be intrusive, embarrassing and cause significant distress for welfare recipients (Hughes 2008).
The new tiered model re-orients the review process to better assist and educate customers to comply with their obligations. It aims to reduce the burden on recipients and target risks. Laurie (CCB) explains the shift as follows: In years gone by, when we did a review, everyone had to provide everything irrespective of risk. Now, this is more tailored, more targeted based on risk. We want to remove the one-size fits all approach. Having been involved for 20 plus years, we've seen a real shift towards a more targeted approach … We shouldn't just bombard customers with letter after letter. Inevitably, we'll be talking to the people that want to talk to us. So I think it [moving to a risk-based approach] is a great process.
According to John (CCB) who was directly involved in the development and implementation of this new approach, the model draws explicitly on behavioural economics and psychology: Essentially, [we have been] looking to incorporate behavioural science into our approach and the theory of nudge versus shove -and nudge being SMS or letters. How can we word and construct things to get people to self-correct versus having someone having to do that for them? [This framework is also] starting to move us into an approach around how do we help customers comply, which was a big shift for our role basically within Business Integrity but more broadly within the Department.
This idea of 'nudging', which has gained currency in recent years, rests on the assumption that human behaviour can be effectively guided by organising and structuring the context in which people make decisions: that is, by 'choice architecture' (Thaler and Sunstein 2008). In this way, a nudge approach can be a corrective to fallible human behaviour (Leggett 2014). Nudge is distinguished from 'pushing': that is, direct regulatory practices in which behaviour change is achieved through regulation or prohibition. The architects of 'nudge' consider it to be a form of liberal paternalism, involving 'soft' paternalism whilst still acknowledging individual agency (Leggett 2014: 7). This approach also accords with the neoliberal goal of cost efficiency: 'nudging' behaviour is considered more efficient and effective than more costly direct intervention and this was one of the core reasons for the introduction of this model. As John put it, 'the approach we had in place, whilst effective [was] very costly, very expensive'. The tiered approach aims to 'provide the same, if not better, assurance through a more efficient compliance model'.
According to John, the approach involves three tiers. Drawing on data analytics, payment recipients are ranked by their apparent risk of non-compliance. This risk level determines the IJCJ&SD 126 Online version via www.crimejusticejournal.com © 2016 5(1) 'tier' of intervention they will be met with if they are identified as having a payment discrepancy that requires review. The first tier involves an 'indirect intervention', usually a letter or sending an SMS to remind a customer of their obligations and prompt the customer to self-correct. The second tier is referred to as 'early intervention'. As John put it: … early intervention is about having a high speed contact with a customer but recognising some of these customers may need a little bit more involvement or engagement by the Department to get their circumstances true and correct … So through that conversation, we're able to establish, if you like, whether there's a reasonable explanation as to why that anomaly exists, and if there is we're able to update their record accordingly. Again, that may result in an adjustment to their payment or a debt, but we can do that over the phone, and again we use that as an opportunity to also educate customers about their obligations. That's predominantly designed to give them the tools to not get into debt in the future.
If the customer is unable or unwilling to adequately update their circumstances or provide an explanation for their payment anomaly over the phone, their case is escalated to the 'third tier' of intervention. This involves verifying the customer's circumstances along similar lines to the former review process. However, where previously these reviews were full scale, a third tier intervention is focused only on the aspect of the customer's circumstances that has raised concerns. For example, if a payment discrepancy has arisen in respect of the customer's income, inquiries will only be made about this aspect of the customer's circumstances.
As a result of this approach, the kinds of interactions the Department has with welfare recipients are far less accusatory, intrusive and ultimately 'softer'. It also removes the general assumption that recipients are dishonest. At least in the first two tiers of the model, it takes recipients' accounts of their circumstances at face value without seeking independent verification. Furthermore, it could be argued that this model effectively rearticulates customer risks as needs. Specifically, risk of non-compliance is cast as an indicator of need of assistance and guidance to comply. In this way, risk of non-compliance is remedied with assistance and education via a variety of interventions to enable welfare recipients to navigate the complex social security system, and also avoid debt in the future. Whilst this risk-based approach is explicitly underpinned by the goal of cost efficiency and 'nudging' behavioural change, it also seeks to reduce the intrusiveness of the review process and support welfare recipients to comply with their obligations, resulting in less punitive outcomes.
This is not to say that this review model is unproblematic. It leads to many of the problems that I raised in relation to data mining. Indeed, as with the data mining program, it directs attention to the post hoc management of overpayment and fraud, and is largely unconcerned with responding to the root causes of welfare non-compliance. The politics of 'nudge' assume that welfare recipients' behaviour simply needs to be guided in the right direction. It presents recipients as lacking adequate skills, knowledge and agency to manage their lives, rather than inquiring whether the compliance system itself is legitimate and fair. The focus is still entirely on individual failings, foreclosing systemic change as a way of dealing with non-compliance. Ultimately, this technology must be still cast as a tool of surveillance and population management. Like all risk-based welfare surveillance initiatives, it reproduces the idea that welfare populations are risky and require intervention, even if the interventions that are pursued are more benign. If, like the data mining program, riskiness 'coagulates' on the most disadvantaged welfare recipients, it is the individual failings of these recipients that will come to the fore. These recipients will continue to bear the brunt of surveillance practices.
Nevertheless, the different application of risk in the tiered review model illustrates the malleability of risk logics. It affirms the arguments of scholars such as Maurutto and Hannah-IJCJ&SD 127 Online version via www.crimejusticejournal.com © 2016 5(1) Moffat (2006) and O'Malley (2001O'Malley ( , 2008O'Malley ( , 2010b) that highlight the importance of examining risk technologies in context in order to grasp the multiplicity, complexity and flexibility of risk logics.
As the examples explored in this paper suggest, there is potential for risk rationalities to be rethought and reformulated. Where compliance reviews have long acted as a system of informal punishment, through the technology of risk, they have been recast as opportunities to guide and assist recipients. This suggests that concerns about justice and fairness may be articulated alongside risk. It opens up the possibility of articulating more progressive agendas, perhaps even claims for redistribution, into the accepted language of risk. If, as the literature demonstrates, financial hardship underlies the majority social security fraud offending (see Hui, Moerman and Rudkin 2011;Walsh and Marston 2008), increasing welfare payment rates could be articulated as a fraud risk reduction strategy. It is perhaps a far-fetched proposition in the context of New Right political dominance, but it does provide a patent illustration of the malleability of risk logics.

Conclusion
Over the last 30 years, the Australian DHS and its predecessors have established an intrusive and punitive apparatus for detecting and investigating fraud and overpayment. The rationalities of risk have played a crucial role in structuring welfare compliance activities. As this paper has argued, entrenched social anxieties about single mothers and the unemployed have been translated into a pseudo-scientific language of risk. In many ways, the rationality of risk has propelled the targeting of more marginalised welfare recipients rather than spreading the burden of welfare surveillance. By employing a 'realist governmentality' approach, this article has highlighted the complexity and flexibility of risk technologies in the Australian social security system with reference to two specific risk-based initiatives: the data mining program; and the tiered review model. This close analysis of the implementation and operation of risk practices 'on the ground' demonstrates that risk is neither neutral nor immutable, and may be open to re-articulation alongside more progressive goals.