Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Ghost worker verification: what identity teams can learn from payroll fraud


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: Payroll fraud through “ghost workers” persists when payroll records are not tightly bound to verified identity, prompting Oyo State to launch a worker verification exercise using BVN, biometrics and document capture, according to Seamfix. The case shows that identity proofing and lifecycle governance must stay aligned or payment controls become easy to bypass.

NHIMG editorial — based on content published by Seamfix: ghost worker verification in Oyo State and the use of BioRegistra to reduce payroll fraud

Questions worth separating out

Q: What breaks when payroll identities are not tied to current employment status?

A: Payroll becomes a payment channel for stale or fabricated identities, which means organisations keep paying people who are no longer entitled to receive funds.

Q: Why do browser-based attacks matter to IAM and identity governance teams?

A: Browser-based attacks matter because the browser is where users authenticate, work, and move data in the same session.

Q: How can organisations tell whether identity assurance is actually working?

A: Look for consistency across onboarding, recovery, and re-verification events.

Practitioner guidance

  • Reconcile payroll to authoritative HR status Link salary eligibility to a current employment record that must be confirmed before each payment cycle.
  • Add duplicate detection to verification workflows Check BVN, biometrics, and supporting documents against existing records before approval so one person cannot appear more than once under slight variations of name or identifier.
  • Define an offboarding trigger for payment removal Remove payment eligibility immediately when resignation, retirement, suspension, or death is confirmed through the approved source of truth, and require manual exception approval for reinstatement.

What's in the full analysis

Seamfix's full article covers the operational detail this post intentionally leaves for the source:

  • The exact Oyo State verification workflow, including how workers are enrolled and checked against BVN records.
  • The Bioregistra capture model for fingerprints, portrait data, and supporting documents across desktop, mobile, and web components.
  • How the exercise is intended to detect multiple registrations and remove ghost workers from payroll.
  • The role of Sally Tibbot Consulting in the verification process and the stated implementation timeline.

👉 Read Seamfix's article on Oyo State's ghost worker verification initiative →

Ghost worker verification: what identity teams can learn from payroll fraud?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

Ghost worker fraud is a form of identity lifecycle drift: once a payroll identity becomes detached from a real employment status, the organisation is no longer paying a person, it is paying a stale record. That failure mode is closely related to entitlement sprawl in IAM, where access persists because removal processes are weaker than creation processes. The practitioner lesson is to treat payroll verification as a lifecycle control, not a one-off compliance exercise.

A few things that frame the scale:

A question worth separating out:

Q: Who should be accountable when a ghost worker remains on payroll after biometric capture?

A: Accountability should sit with the teams that own identity lifecycle, payroll reconciliation, and exception approval, not with the capture event alone. If employment status, payment status, and biometric status are split across functions, each team can assume another owns the risk. Governance only works when one process owner can trace and close the entitlement gap.

👉 Read our full editorial: Ghost worker verification shows how payroll fraud defeats identity controls



   
ReplyQuote
Share: