Several major environmental programmes require regulated entities to measure and self-report pollutant levels to state regulatory agencies. This data is used to assess compliance, but critics suggest that it could be used more effectively to detect fraud in self-reports, a criminal offense. Efforts to develop and implement fraud detection tools are restricted by a lack of knowledge regarding how regulatory and enforcement systems operate in regulatory agencies and whether/how data is used, particularly for fraud detection. To address this gap in knowledge, we conducted a case study of these issues in one state environmental agency. We triangulate interview, focus group and observational data to describe the current system and assess points in the system in which data is being used. We draw upon organisational learning theory to suggest the ways to use data more effectively in the future, particularly to improve fraud detection.