International Development Sub-Committee on the Work of the Independent Commission for Aid Impact
Oral evidence: ICAI's review on tackling fraud in UK aid through multilateral organisations, HC 151
Monday 23 May 2022
Ordered by the House of Commons to be published on 23 May 2022.
Members present: Theo Clarke (Chair); Mr Richard Bacon; Mr Ian Liddell-Grainger; Nigel Mills; Mr Virendra Sharma.
Questions 1 - 81
Witnesses
I: Tarek Rouchdy, Commissioner, Independent Commission for Aid Impact; and Stephen Blakeley, Team Leader, ICAI tackling fraud in UK aid through multilateral organisations review, Independent Commission for Aid Impact.
II: Christian Rogg, Director for Development and Parliament Directorate, Foreign, Commonwealth & Development Office; and Tim Jones, Finance Director, Foreign, Commonwealth & Development Office.
Witnesses: Tarek Rouchdy and Stephen Blakeley.
[This evidence was taken by video conference]
Q1 Chair: Welcome to our witnesses for the second part of our oral evidence on the Independent Commission for Aid Impact’s review into tackling fraud in UK aid through multilateral organisations.
I am going to start with our first panel, if I could ask you to introduce yourselves?
Stephen Blakeley: Thank you, Chair. My name is Stephen Blakeley. I was a team leader for this review for the Independent Commission for Aid Impact.
Tarek Rouchdy: Thank you, Chair. My name is Tarek Rouchdy. I am one of the two part-time commissioners on the ICAI panel.
Q2 Chair: Thank you very much for joining us. Tarek, if I could start with you, could you summarise the findings of your review?
Tarek Rouchdy: Thank you, Chair. First of all, if I can give a very small introduction as to the objective of the review, which was to look at how FCDO ensures the effective management of fraud risks within its core funding to multilaterals. That was the overall objective.
The findings of the review were several. First of all, we stated that FCDO has effective processes in place to manage fraud risks within the UK’s multilateral ODA spend. We found that multilaterals look to the UK as being a leading voice in promoting good corporate governance and good counter-fraud practices.
However, we also found that fraud, or fraud risk, was managed on an organisation-by-organisation basis, in which case we felt that the oversight of risk over the whole portfolio was not being looked at. We found significant room for improvement in the way FCDO manages fraud risk management within the European Commission, given that the European Commission is the largest recipient for ODA until 2027.
Those were the key findings in terms of fraud risk management within FCDO.
Q3 Chair: Thank you. Are you satisfied with the Government’s response to your recommendations?
Tarek Rouchdy: The Government’s responses in this particular case were light in places; they partially accepted two and accepted one. We did not find, again, sufficient detail to explain why they partially accepted, so we wait to see in our follow-up programme what were the specific recommendations or the specific actions they took to put in place our recommendations.
Q4 Chair: Thank you. Stephen, would you like to add anything on either question?
Stephen Blakeley: No, I think that is a good summary. In terms of the Government response, there is clear agreement with the recommendations we made in the most part but, as Tarek mentioned, there is not a huge amount of detail as to how the Government plan to respond to each of those recommendations. That is probably the main message.
Q5 Chair: Thank you. Stephen, what are some of the main ways through which UK ODA could be lost to fraud?
Stephen Blakeley: Fraud can happen in lots of different ways. Essentially fraud is where you deceive someone in order to make a gain. It can happen at the initial recipient level, where you might have, for example, someone pretending they are sending money somewhere and sending it somewhere else. That is a very simple type of fraud. You could have an external party pretending to be a supplier when they’re not. It can happen right at the top level but it can happen all the way down to beneficiary level, where you have someone who is essentially putting themselves out as a beneficiary when they are not eligible for that.
There are lots of different types of fraud. Some of it is very sophisticated and some of it is very, very crude and amounts to tricking someone to giving you something.
Q6 Chair: What would you say are the consequences of fraud for the Foreign, Commonwealth & Development Office, multilateral organisations and aid delivery?
Stephen Blakeley: When fraud occurs it means the money is not going where it should be going, so ultimately the beneficiaries lose out. However, there are multiple consequences because the money that should be going to beneficiaries is going to someone else who should not be receiving it. They may be using it purely to enrich themselves or they may be using it for other purposes, but it can end up perpetuating inequalities and power dynamics we do not necessarily want to perpetuate. Therefore, if it is found out, it can have a very significant impact in terms of reputation. It can also perpetuate those inequalities the FCDO is trying to tackle in the first place. There are a lot of different consequences. In terms of the taxpayer, of course, it makes aid less efficient.
Q7 Mr Liddell-Grainger: Thank you. I want to follow on with fraud, if I may, because this is interesting. There are two parts to this. First, are you happy with the way FCDO deals with fraud issues? Second, Tarek, you mentioned we are still part of the EC until 2027. Are you happy with the way the EU is tackling fraud and how it deals with the money we give it to deal with aid?
Tarek Rouchdy: Thank you. Let me answer the second part of the question: are we happy with the European Commission’s fraud risk management systems? I believe there was a review in 2016 and, unless I am mistaken, the systems were found at that point in time to be weak. That is why we cited the importance of looking at the European Commission going forward, given the UK’s exit, given obviously what we know about its systems and given the amount of spend going through until 2027.
The other thing is the Government’s response, if I can alert you to it. When we said we would like to see the same level of due diligence done on the European Commission as we do with other organisations, the answer was, “We will not do it. However, when systems do change within the European Commission then we may look at it”. The combination of that reply and what we know about the European Commission’s systems leads me to believe that the recommendation for us to look at the European Commission with a whole new eye, and to apply the central assurance level of assessments that we currently do to other organisations, has to be applied as soon as possible.
Can you remind me of the first part of the question?
Q8 Mr Liddell-Grainger: Are you happy with the way FCDO, our own beloved system, is dealing with fraud and are you happy with the way it is following up where fraud has been obvious? I think you have answered part of it but I want to explore it a bit further.
The second part, Tarek—I want to ask you while you are on it—when you were doing your study, how did you decide who you were going to use in the case studies? What was your methodology in doing it?
I suppose they run together as a question.
Tarek Rouchdy: In terms of how we felt about FCDO’s risk management process and whether it had a good system of governance over fraud risk management, as you know we did two reviews. The first review was tackling fraud in UK aid. The Government agreed to a number of the recommendations that we made. One of them was to improve the whistleblowing systems that were in place and one was to increase training for those who did not have any fraud background.
The second part of our review—which is obviously this one we are now discussing—looked at whether we can improve the fraud risk management system inside FCDO to look at multilateral systems. One of the key findings was that, where an FCDO official does a quality assurance assessment of an organisation, due diligence, that assessment is not counterchecked or counter peer reviewed by someone within FCDO. That is where you could have a potential risk of identifying a fraud risk management system within a multilateral but, because that assessment is not verified and checked by someone else, what could be a good assessment may turn out to be bad and vice versa.
In terms of how we chose the sample—maybe Stephen can complement my answer—we looked at it in terms of various parameters. One of them was obviously the amount of spend. The European Commission is one of the largest recipients of UK aid and, therefore, was one of the key sample multilaterals that we took. Other donors were based upon strategic relationships within FCDO and their importance to the UK Government.
I will end there but perhaps, Stephen, you can complement my answer if I have missed anything.
Stephen Blakeley: There are three overlapping questions there. I would like to add a bit to each of those.
First, on the selection process: yes, we looked at a number of different parameters such as the magnitude. We wanted to cover a range of different types of organisation, including some that were not the biggest but were still considered to be strategically important to the UK. We also looked at the previous assessments that are publicly available and internally about the strength of systems within those organisations. Again, we wanted to cover a range of different types of organisations. That was how we chose our selection.
This was a rapid review so we only had space and time to look at six organisations. We felt that was a good cross-section and it did help us to look at consistencies and also differences in how organisations were managed.
Q9 Mr Liddell-Grainger: I am going to ask, because this is also fairly fundamental, have the Government accepted all your recommendations on the FCDO training and also whistleblowing? In your mind, have you got what you want from Government to be able to put safeguards in place? Let’s not talk about the European Union at the moment because that is slightly different. Within our own organisations at a multilateral level, do you feel those safeguards are being taken seriously by the UK Government?
Stephen Blakeley: Yes. That relates to the overarching question of whether the FCDO is doing a good job on fraud and corruption. The previous review we undertook looked at bilateral funding and this multilateral funding. Both of those reviews found there were strong systems and processes in place in the FCDO that had been built up over time with good capacity to manage those.
In both of those reviews the areas we raised concerns about were mainly around learning between different groups and how data and intelligence were used and shared. We felt there were weaknesses there. That is really where many of the recommendations from both those reviews fall.
Q10 Mr Bacon: If I can carry on where you finished the last answer, Mr Blakeley, where you said “learning between different groups”, do you mean by that that some groups are learning but not transmitting that learning to other groups or something else? If that is what you mean, can you give an example?
Stephen Blakeley: Absolutely. Each multilateral organisation is managed by a separate team. There are some cases where there are multiple multilaterals but in most cases it is an individual team. We saw some really good practices of learning within those teams. For example, putting secondees into multilaterals who would then work with them to help them strengthen certain aspects around their fraud risk management or another aspect of the organisation. They would then come back into the team and bring a real wealth of learning from their experiences.
Q11 Mr Bacon: Can you give an example of the multilateral organisation you are talking about in this particular case?
Stephen Blakeley: We deliberately did not name multilaterals in the report because we wanted them to be able to talk quite freely about the experience.
Q12 Mr Bacon: To be clear, are we talking about only multilateral Government organisations—whether it is the EU, whether it is some emanation of the UN system, or whether it is some emanation of something else—or are we talking about NGOs as well?
Stephen Blakeley: No, we are talking about multilateral organisations.
Q13 Mr Bacon: That answers my question. I mean many NGOs are multilateral in their own right, aren’t they? Are you talking about Government organisations or non-government organisations?
Stephen Blakeley: Government organisations.
Q14 Mr Bacon: Thank you. It is things like the EU, like the World Bank or like the United Nations Food and Agriculture Organisation, or whatever?
Stephen Blakeley: Correct.
Q15 Mr Bacon: Therefore, you would exclude the Global Fund from that, which is a private foundation-sponsored fund—I think the Bill and Melinda Gates Foundation is the biggest sponsor but Governments also contribute to it—or would that be included within your definition?
Stephen Blakeley: The Global Fund is included in the FCDO.
Q16 Mr Bacon: I don’t think anybody says the Global Fund is not a NGO, do they?
Stephen Blakeley: This may be a question best directed to FCDO about how it classifies different organisations but it is often to do with the governance structure. One of the key differentiating factors between Government multilateral organisations and an international NGO is that the multilaterals will have a single audit principle applied to them. That means we cannot force them to give us information about their systems and we cannot go in and look at those organisations in the same way we can with say a NGO.
Q17 Mr Bacon: When you say “a single audit principle applied to them”, what do you mean by that? That only one body shall audit them and they will not look at you as an auditor, is that what you mean?
Stephen Blakeley: Correct.
Q18 Mr Bacon: Who would be the auditor in the case of the one we are talking about? For example, would it be—to take an EU body—the European Court of Auditors?
Stephen Blakeley: Exactly, yes.
Q19 Mr Bacon: It would then turn around and say—so I am clear, I am sorry to be labouring the point—“Because we are already audited by the European Court of Auditors we are not going to share information with you”?
Stephen Blakeley: It will share information and audit reports are published. However, it will not allow us to go and audit a programme we have with it unless we can negotiate the right to do that, which we can in some cases.
Q20 Mr Bacon: In each case where you cannot go and look at it or audit it, do you get the assurance that there is somebody going in and looking at it anyway, or not? The European Court of Auditors does not do anything like as much value-for-money audits as the supreme audit institution here does, does it?
Stephen Blakeley: That is right. One of the things FCDO—or DfID as it previously was—looked at under the multilateral development review in 2016 was to assess those systems that are already in place. Those assessments are supposed to be updated periodically to gain an understanding of any changes that have taken place in the systems.
Q21 Mr Bacon: Is this the one that was going in 2016?
Stephen Blakeley: That is a very big difference between the non-governmental organisations and the governmental multilaterals you are referring to, in that the UK FCDO conducts what it calls a central assurance assessment. It does due diligence on the overall capability of that organisation to manage fraud risk and other aspects of aid. It then manages that relationship based on what it has learnt from those reviews, which should take place every three years or so.
Q22 Mr Bacon: When you say, for a multilateral organisation, it will not let you go and do an audit because it is being audited by somebody else already, I am still not clear whether in each case where you are not allowed to go to do an audit you are already getting an assurance that the bits you would want to audit have been the subject of a value-for-money review or not?
Stephen Blakeley: It would not necessarily have been subject to the same sort of review as the FCDO would undertake.
Q23 Mr Bacon: The FCDO gives money to the multilateral organisation, which goes and spends it, does not necessarily do the kind of value-for-money review we would expect—that might happen, it might not happen—and says to you, “We are not going to let you have an audit of this”. All of that is correct, isn’t it?
Stephen Blakeley: It is, but also bear in mind the fact that the UK is a member of these organisations so it plays a part in creating the governance and has some leverage over how that governance—
Q24 Mr Bacon: Also the way the programme is set up in the first place, fair enough.
Can you say what you mean by the mixed messages about the FCDO’s risk appetite that are referenced in the review? Some multilateral organisations noted some mixed messages about FCDO’s risk appetite. What is meant by those mixed messages? They are either being told different things or they are being told the same thing and understanding it differently, which do you think it is?
Stephen Blakeley: This is a theme that has recurred in a number of ICAI reviews. Going back to the 2016 review of fiduciary risk in conflict affected states, we identified that there was not a consistent understanding about the application of what a zero tolerance to fraud meant. Some DfID staff were interpreting it as a zero tolerance to fraud occurring at all and some were interpreting it as a zero tolerance to taking any risks around fraud. What we recommended in that review was that work be done to improve consistency on that understanding. That did occur over a period of time.
In the previous review in 2021, looking at bilateral funding, we found that DfID—and then the FCDO after the merger—had a much clearer, consistent view as to what a zero tolerance to fraud meant.
Q25 Mr Bacon: I am surprised that after all this work—after many, many years of spending my constituents’ taxes overseas on international aid—that something as relatively simple as what a zero tolerance means could be the subject of such confusion. Every time you get out of bed in the morning, either domestically or internationally, you are taking a risk. When you spend Government money on anything, domestically or internationally, you are taking a risk. Why did it take such a long time to get a consistent idea of what was meant?
Stephen Blakeley: Again, this might be a question for FCDO. From the reviews ICAI has done, there has always been a desire by DfID, and later FCDO, to ensure that money is spent well. The misunderstandings are often based on a concern that money is not lost to fraud. It is often being overcautious rather than being frivolous with taxpayer money when it comes down to it.
Q26 Mr Bacon: Thank you. Mr Rouchdy, do you want to add anything before I hand back to the Chair?
Tarek Rouchdy: Thank you, Chair, and thank you, Mr Bacon. One point about your question regarding the multilateral set up and our right to audit and the fact that we cannot because of the single audit principle. Multilaterals obviously have quite an elevated corporate governance structure. It includes people in the Court of Auditors. Within the European Union itself, you also have audit teams, such as the Audit Committee of the European Investment, and you have OLAF. Therefore, you have many functions that look at that organisation.
While the single audit principle sounds a bit restrictive and a bit strange, when we say we would like to look at the programme but are told we cannot, we are a member of that organisation and through the director of that organisation we can also elicit information. Therefore, in total, we do have a good structure in place.
That is why we have mentioned the European Commission as an exception because of the withdrawal agreement and the fact that the UK has exited, which meant that the UK lost all the benefits of being in and able to audit. Therefore at the moment, when it comes to the European Commission and the European Union, it is all about self-reporting. If it is issuing a report by internal audit or by OLAF, yes, we have access to that like anyone else but we do not have the inner information one would seek through corridors or through our own work as a director of the board.
Q27 Mr Bacon: You are saying the solution in the other cases is that we have a board member of the European Investment Bank, or whatever it is. Therefore, if we needed to we could raise it at a high level. However, that is not the case in relation to the European Commission. Presumably the answer to that is the FCDO could say, “We will not give money via the European Commission”. We might do bilaterals with the Germans, or the Swiss or the Swedes, or trilaterals, or whatever.
I visited a malaria centre in Tanzania that I think was being funded jointly by the Swiss Government and the Tanzanian Government. There are lots of bilateral or trilateral things going on. Presumably most of those have their own boilerplate audit arrangements that are a condition for any big donor country to be involved at all and to hand over money. That is correct, right?
Tarek Rouchdy: That is correct. If you have a bilateral agreement through a multilateral, yes, you have the added assurance of the fact that this is quite specific. It does not represent core funding to the organisation and therefore falls in a separate place. Yes, that is absolutely correct.
Q28 Nigel Mills: Thank you. I am intrigued. How much money are we losing here as a percentage of what we give to these organisations?
Stephen Blakeley: To make it very clear upfront, we did not set out to find fraud and we did not set out to quantify how fraud is being found. That is the context in which we did our review. We looked at what the FCDO is doing to manage fraud and fraud risk.
In that context, the amount of suspected fraud that was investigated during the period we were interested in was very, very small, less than 0.1% of spend. That is consistent after recovery of any suspected fraud that has taken place for all governmental departments, not just FCDO.
What is happening in the FCDO is very similar to other Government Departments. The Cabinet Office estimates between 0.5% to 5% of Government spending across the whole of Government is lost to fraud. If we take that as a ballpark, we are not finding anywhere near as much fraud as is taking place. The concern is as much what we are not finding as what we are finding, if not more so.
When fraud is found it tends to be dealt with very effectively. We recover most of it from our partners. The residual lost fraud that is reported across the whole of government, including in the FCDO, is very, very, very low.
Q29 Nigel Mills: I am slightly intrigued. What we detect is 0.1% or less of aid spending being lost in fraud, but we think that it could be up to 5% but we do not detect it and when we do we are quite good at getting it back. Is that roughly what you are telling me?
Stephen Blakeley: Broadly speaking, yes.
Q30 Nigel Mills: Therefore in your review of how well FCDO is managing the fraud risk in its aid spending we just accept all these organisations the same as us only find 0.1% and we go, “That is fine because you are all finding the same useless amount we are”. Is that roughly what I am understanding?
Stephen Blakeley: What we are trying to identify is how we can work with those organisations to improve their fraud systems so they can prevent fraud from occurring in the first place. You can put controls in place to prevent it but also to detect it and deal with it as effectively as possible. Some of the good practices we identified were examples where, for example, we had the UK’s own internal audit experts sitting in teams in multilaterals to develop their systems so they can better identify and report that fraud.
However, you are right, the biggest challenge in dealing with fraud is identifying it in the first place.
Q31 Nigel Mills: Maybe I am naïve but we are thinking everybody involved is detecting one in 50 of every £1 that we lose in fraud, yet we all think, “These processes look quite good”. If I went to a business and was doing their audit and they were only detecting 2% of the fraud they were suffering—that is without going into bad project design, bad selection or however else money is lost, which we all accept happens—you would be scathing in a review like that, would you not, as opposed to, “It’s all fine”?
Stephen Blakeley: Businesses also lose quite a lot to fraud and they do not detect it all either. The statistics around businesses are not that different from Governments in terms of the amount they lose to fraud and the money they can detect and find.
Q32 Mr Bacon: Really? What is the evidence for that?
Stephen Blakeley: This was more in the first review that we looked at. We referenced a report by Kroll, which talked about the amount of fraud lost to both public sector and private sector bodies and there is very close alignment between the two.
Q33 Mr Bacon: I find that an extraordinary sentence, to be honest. Do you know what the fraud rate in a supermarket is, on average?
Stephen Blakeley: I don’t know that.
Q34 Mr Bacon: It is 3% and in the NHS it is 16% to 20%. The Counter Fraud and Security Agency came up with that number many years ago and it has not really moved.
Can you write to us with more information on this? I am not trying to be difficult but I find it a very difficult thing to believe, that basically it is the same in the private sector and the public sector. I don’t believe it.
Stephen Blakeley: I should point out that we did not look at those things as part of this review. I am just referring to external reports, which I am very happy to point you to.
Mr Bacon: If you could send them to us with a covering letter it will be helpful because I find that very difficult to believe. I am sorry to interrupt.
Q35 Nigel Mills: I am intrigued—maybe Tarek you want to come in—but would this not be helpful context for the report, that we are in a sector that is only detecting somewhere around 2% of the fraud that is suffered? Maybe given the fact we are dealing with high-risk countries and with high-risk individuals that is unavoidable. However, it is hard to get from there to three pretty light recommendations about slightly tweaking documentation or something.
If I went out on the streets of Heanor and said, “Do you know we only detect a 50th of the fraud in aid money that we spend?” I suspect the response would not be, “Could you go and tweak some documents?” The response might be, “What the hell are we doing spending all this money?” Does there need to be more drive in this situation to try to fix it or is it just one of those consequences of the difficult work that is being done, it is inevitable?
Stephen Blakely: It is a consequence of spending money. You are always going to take a fraud risk when you are spending money. That is inevitable. What you can do is you can work very hard to minimise that risk. We have seen some good work by FCDO, and other donors as well, to minimise the risks that they face but you will never eliminate that risk and it is a constant battle. Fraudsters continually update and amend their approaches and their tactics and you are continually having to respond to them. There will always be a fraud risk when you are spending money, frankly, whether it is in the UK or in Somalia.
Q36 Nigel Mills: Could you talk us through a couple of those examples of successes you have had? Tarek, you wanted to come in?
Tarek Rouchdy: Two points. The point is that we do have an estimate, which a lot of people bandy about, anything between 0.5% to 5%. Again, I am not trying to undermine that figure. All I am saying is that when you detect fraud it is as if you have crystallised the risk. In other words, if you think it is going to rain tomorrow and you take an umbrella and it does rain that risk has crystallised. If it does not rain, therefore, you do not need the umbrella.
There is no doubt that the fraud that is discovered and detected is a figure that is less than the amount of total fraud happening in that organisation. The problem with estimates is that nobody can prove an estimate. It is an estimate. It is a statistical figure that people give out. The only thing that FCDO and other organisations can do is to ensure that the governance structure of any organisation in which the UK is passing money through for aid is so well run and well controlled that fraud in that particular organisation will not happen.
In the first fraud review that we did, tackling fraud in UK aid, we recommended that the procurement was one of the biggest risks within FCDO or ex-DfID at the time. We felt that internal audit should be more proactive in looking at all the contracts that were being awarded rather than investigate fraud only when they heard it through a whistleblowing event or an alert.
Those are the two things I would have to say. That, on the hand, yes, we do have estimates but the beauty of the people who are making the estimates is they cannot confirm the actual figure. Therefore, we have to focus on detecting fraud through proactive internal audit measures and whistleblowing mechanisms, making sure that we focus on the areas of risk where we know fraud is more likely to happen.
Q37 Nigel Mills: When people trumpet a statistic that less than 0.1% of aid expenditure is lost to fraud, it is like saying it did not rain yesterday because I did not go outside. I did not get wet so it did not rain is just not logical, is it? Is the fact that we are not detecting more because people are not trying or because even if they tried they would not find it?
Stephen Blakely: We saw evidence of people trying and we saw evidence of people working very closely with partners to try to manage fraud risk, so we did see some very good practices. Where we were concerned and where our recommendations land is about taking that learning that happens at a multilateral level and ensuring that is shared across other multilaterals so that learning can help to reduce risk across all the multilaterals. That was where our recommendations are focused.
Q38 Nigel Mills: Do you have some examples of where we managed to achieve that? Where we have some other organisations following some successes that we have identified or delivered.
Stephen Blakely: Multilaterals or other donors?
Nigel Mills: It does not matter, I suppose.
Stephen Blakely: For example, the UK FCDO has been working with the Australian counterparts to conduct due diligence assessments together. We see that as a very positive step. It is still quite rare for that to happen but what it means is you have two fairly influential donors working together, sharing their due diligence knowledge so that they can both go with one voice to the multilateral that they are doing the due diligence of with any concerns that they have. Also making sure that within those organisations they have the same understanding of the multilateral and the risks that they are facing and that they are taking together. Of course, it also reduces the burden on the multilateral itself when we are doing that due diligence.
Q39 Nigel Mills: As a final question: could you tell me how everybody in here defines fraud? At one level that could be quite a narrow definition. However, inappropriate project selection or deliberately blurring the guidelines for the projects you are supposed to fund and then giving people some money that you know will not be successful could be called fraud or could be called bad delivery. How do you draw the line between what is fraud for this and what is just not successful project management or something?
Stephen Blakely: The key thing about fraud is there has to be an intent to deceive. It is a deliberate deception in order to make a gain or to benefit in some way. That is the key distinction between fraud and poor value for money otherwise.
Nigel Mills: I have £1 billion to spend and I am desperate for projects so I start weakening the assessment criteria a little to get rid of it. That is not fraud because I am not trying to benefit. It is just bad supervision, in effect. Even though we lose the money and it does not achieve the outcome we wanted, that is not fraud. Okay, thank you.
Chair: Thank you. I have no other questions from the Committee so I will thank the first panel and we will now move to the second panel.
Witnesses: Christian Rogg and Tim Jones.
Q40 Chair: Welcome to our witnesses for the second panel today on tackling fraud in UK aid through multilateral organisations. I will ask our witnesses to introduce themselves, starting with Christian.
Christian Rogg: Good afternoon. I am Christian Rogg, the director for development in Parliament at the FCDO and in relation to this particular review that includes the multilateral effectiveness team, which sits in my directorate as well as co-chairing the Multilateral Strategy Board in the FCDO.
Tim Jones: I am Tim Jones. I am FCDO’s finance director.
Q41 Chair: Thank you very much for joining us. If I could start with you, Christian. Out of the three recommendations given by ICAI, I note that the UK Government has only accepted one and the other two partially. Why did you only partially accept two of ICAI’s recommendations?
Christian Rogg: Yes, very happy to get started and then if I could hand over to Tim on one of the recommendations.
As you said, we fully accepted recommendation two and we partially accepted recommendation one and three. With regard to recommendation one, partial acceptance sounds stronger than what is implied by that decision. When you look at the wording of that recommendation, it distinguishes between assessing multilateral organisations and the fraud risks on an organisation by organisation basis. It says that rather than doing this we should look at multilateral organisations with a portfolio lens.
We partially accepted that recommendation because we feel we need to do both. In other words, continue with a quite in-depth assessment of individual organisations because they are very different. An organisation like the UN agency that works on refugee issues, which is one of the organisations included here, will have different risks, different operating mechanisms than, say, the World Bank. We felt that it is right to continue with in-depth assessment of these organisations but we recognise—and we value the recommendations in the review—to complement that with a portfolio approach that covers some of the issues that were discussed in the previous session, which is around learning lessons across multilaterals and for the headquarters teams that sit at the centre of this is to play a stronger role in that regard.
Q42 Chair: Thank you. Tim, do you want to add to that?
Tim Jones: Yes, on recommendation three, fundamentally we believe that we have sufficient level of oversight at present and that it would not be improved right now by doing the exercise of a CAA: the additional assurance exercise. I can go into a little more of the reasons of that. One point, though, where I think fundamentally we are aligned with ICAI on the facts and differ on the judgment. On the facts, the score that was referred to earlier, the assessment that was done in 2016 is weak. A degree of explaining around that might be helpful. That is, the scale of how that bit of work was done, so 16 questions that were then clustered and then produced an overall score.
At the detail level it scored 2.5 on a scale of 0 to 4, which was “weak plus” but then, looking at fraud in the context of the overall strengths around the controls, it was rated as “adequate” and then when looked in the context of the organisational strengths as a whole it was rated as “good”. On the totality it came out towards the top end.
What you were looking at was back in 2016 we assessed the commission as being a bit weak on fraud specifically but stronger on other areas of control. From 2016 we encouraged a degree of getting better in that specific area. Since then, we have done annual reviews and the latest annual review was done a month ago. On that, we noted that the ECM made progress in terms of getting better specifically at fraud.
Our view was that if they were to change the systems or we felt it would in any way deteriorate, we would step in and do a detailed CAA. At this point in time, it is moving in a favourable direction so investing resources and effort on doing a lengthy piece of technical work would not necessarily add to our assurance over the controls.
Q43 Chair: Tim, if I could just continue with you. I was interested to see that ICAI found your approach to tackling fraud relies so heavily on self-reporting. In fact, we heard from the earlier panel that you are very much reliant on multilaterals ensuring that fraud is being reported and you are not necessarily able to go in yourself and see those programmes as the FCDO. How are you working with those multilateral partners to make sure that fraud is being reported?
Tim Jones: Fundamentally, it is a question of our overall approach to gaining assurance. You can gain assurance by doing very detailed testing, which is pretty hard work and very labour-intensive, or you can take a controls-based assurance where you look at the systems or controls that the management and the organisation itself operates under and then assess that and draw conclusions on how successful they are. We are looking at a controls-based assurance regime by assessing very carefully how do these organisations govern themselves, gain assurance through that rather than going in and doing an old school audit approach of ticking and bashing.
Q44 Chair: Is there not a risk that some things are just not being self-reported at all? How are you able to check that?
Tim Jones: We would look in the CAA at the overall disposition of the organisation towards reporting fraud. We are assessing: is this an organisation that is likely to surface and report fraud rather than to not do so?
Q45 Chair: What are the benefits and risks of relying on self-reporting for multilaterals, particularly when conducting central assurance assessments?
Tim Jones: Fundamentally I think it is a quicker and better way of getting to a view. As we heard earlier, the alternative is doing a very labour-intensive audit. We have a single audit principle so you do not want to descend with lots of organisations on a single multilateral and audit them repeatedly. However, in the same way, the approach to assurance is fundamentally going top down rather than bottom up is going to be a better approach.
Q46 Nigel Mills: Do you accept the number that Mr Blakely quoted that the real losses to fraud are more likely between 0.5% and 5% rather than the 0.1% or less that you are detecting?
Tim Jones: That is a reference back to the piece of work done by the Cabinet Office around 2019. I have no reason to suspect there was not a thorough methodology behind that. Therefore, yes, I think there will be underreported fraud, and so our approach and disposition towards fraud is to surface more. If we look at the fundamental principles of fraud, there will always be fraud. From experience—and I think evidence will point to this—if you set a definition of zero tolerance toward fraud and don’t have fraud reported then even less gets reported. That is certainly our learning.
In the previous session we heard about how we have had to move originally in DfID, now FCDO, to reinforce the message around zero tolerance not being no reporting of fraud. There will always be fraud. Finding fraud is a good thing that you found it and uncovered it. There will be more.
Q47 Nigel Mills: Is that estimate the same for when we are doing bilateral aid rather than via multilaterals? Do you think we are about as effective as everybody else?
Tim Jones: I am not aware of any evidence base for drawing a distinction between bilateral and multilateral aid. The Cabinet Office work that was done on the 0.5% to 5% range is the totality of the public sector.
Q48 Nigel Mills: I am intrigued because during the pandemic, for good reason or bad, we have ended up effectively increasing the percentage going to multilateral organisations. Last week your Department outlined a strategy to do the reverse and move to more bilateral. Have you done any assessment of whether you think the fraud risk has gone up and then gone back down or went down and then will go back up or, actually, it is all the same anyway? Has that been part of the thinking?
Tim Jones: I think it will take a while to surface robust evidence on what has happened as a consequence of decisions made that have yet to be implemented around the split of multilateral and bilateral. On the tilt from multi to bilateral, essentially the benefit of multilateral is lots of donors tip their funds into one big pot and then you have a degree of leverage and bang for buck but what you do not have, as an individual donor country, is control.
Essentially, the shift from multi to bilateral is a trade-off between the economy of scale versus the control over the funds. On that basis, I think that more bilateral gives you more opportunity to be more direct as FCDO on how the money is used.
Q49 Nigel Mills: No one has done a risk assessment, or you have not been involved in one, which says, “To go that way it gets a lot harder. This way is a lot safer”? That work has not been done?
Tim Jones: I am not aware of that. We could take that away and check whether that has been done or not for that very specific question.
Chair: In light of the Foreign Secretary’s emphasis on moving to bilateral that would be a very important question for this Committee to know the answer to.
Q50 Nigel Mills: We heard in the previous session that the European Commission might be one of the biggest single recipients of our aid through until 2017. Is that correct? How does that fit with the desire to give less to multilateral organisations and do more bilaterally?
Tim Jones: The amounts that will go into the EU were agreed through the withdrawal agreement and they taper over time. It is a long period of time but they do taper. In the latter years it will be a lot less than it is right now. In effect, it is a multilateral relationship we are exiting from but just over a long period of time.
Q51 Nigel Mills: It is committed to that?
Tim Jones: Very committed, yes.
Q52 Nigel Mills: On the ticking and bashing, I remember doing ticking and bashing a year or two ago. As I understood it, with artificial intelligence and stuff you could go back to doing ticking and bashing but have a computer do it very quickly. Is there scope to get a better outcome of detecting fraud by using technology better going forward, so not using a zero tolerance, zero disclosure approach but trying to be more transparent and more scrutineering in trying to stop it? Or, given the difficult conditions in which people are working in the most difficult countries in the world, is there a level of fraud that we not accept but just have to recognise is going to be almost impossible to get below?
Tim Jones: I would agree with both of those, in terms of, yes, improvements in technology should enable us to be able to do exactly the sort of AI computer-based learning audit approach. That would be fantastic. However, yes, also, the context we operate in is high risk.
Q53 Nigel Mills: As a last question or comment, I am just intrigued that the context in which we received this report and the recommendations: we think we lose between 0.5% and 5% to fraud and we only detect 0.1% of it, but there is not much we can do about it and everyone has roughly the same experience even if they have tried different approaches. It seems like we think less than 0.1% sounds brilliant and everything is fine and not much to change here. Whereas, to me, that does not feel like quite the right energy or drive when we know that is a tiny proportion of it.
Tim Jones: That lies behind our approach to the first recommendation, which was essentially recommending a tilting away from individual case by case assurance with individual multilaterals through to that portfolio. As Christian said, we want to do both.
To the degree that we can within our overall finite resourcing budget for people, this is an area that we invest quite heavily in as a Department. We have a number of teams working to continually improve our approach to fraud. We set up a due diligence hub within the Department and over time, as we resourced that up, it has started to pick up more work around co-ordinating and consistency with due diligence work.
Q54 Nigel Mills: Who are we better than? With all this extra work, this extra resource, who are we better than? Are you benchmarking yourself against people so you know that, “We are going to get our risk down from 0.5% to 5% down to 0.4% to 4%, and we can measure that in this way”? Or is this just a nebulous thing that you cannot measure whether you have achieved any progress by that or not?
Christian Rogg: I don’t think it is a question of benchmarking ourselves. It is more the way it was discussed in the previous session, which is around partnering with other organisations who have experiences that are helpful for us and vice versa. Sometimes some of the stronger systems exist within the multilaterals themselves and sometimes they are within other Governments—for example, the approach to work with Australia on bringing the teams together when it comes to assessing multilateral fraud risk. It is also a question of scale. As a major funder of many of the multilaterals, the UK often has very strong representation in the board and additional staff who may be able to support individual committees in multilaterals that other smaller donors do not have.
Sometimes it is organisations outside the multilaterals that we can learn from, including ICAI in this case.
Q55 Nigel Mills: You put a business case together to say you want to invest more and have a bigger, more robust team doing all this anti-fraud but you did not have any assessment in there of how much more money you could save or how much you could improve performance and, therefore, reduce the risk. It was all, “Wouldn’t this be a great thing to do? It will be really nice.” There was no framework for how you could test whether that extra investment was saving any money.
Christian Rogg: It is very difficult to do it on that basis simply because there is also a lag effect between investing today, strengthening systems of an organisation and tracking the fraud risk there. There may be proxy indicators one can use like the number of fraud cases. Again, as was discussed previously, that may not be the best indicators because we want people to step forward proactively to report fraud cases rather than interpreting a lower number as success.
Q56 Nigel Mills: We are spending lots more money with no measurement. We have increased our percentage through multilateral and now we are going the other way and we do not have any assessment of whether that is a good thing, higher risk, lower risk, and in which direction. I am getting a bit lost as to whether we have this under control. I don’t know whether we are better or worse than anybody else. It is not a brilliantly precise picture, is it?
Christian Rogg: The decision to spend more money through multilaterals was informed by quite a number of factors. It is about the effectiveness of the institutions but it is also alignment with UK priorities. It is about overall effectiveness of delivery and, to some extent, as far as the finances are concerned, it is a consequence of the fact that when the budget reductions took place that was primarily focused on the bilateral side. Inevitably, when you look at multilateral spending decisions, they come through replenishment rounds that happen every couple of years. The reduction that one sees there shows a certain lag effect as well compared to when the initial decision was taken in terms of the 0.5%.
Q57 Nigel Mills: This is the final one; genuinely this time. If you had said, “When we were talking about the strategy to do more bilateral we flagged up the risk that we cannot rely on other people to manage the fraud. We are going to need to have proper training and specialist people in all these difficult territories. It is going to be vital we get that right before we put the bilateral thing in and we are aware of the risk”, I might have understood what the plan was but you have not articulated that. It is just, “I am not aware a risk assessment has been done or any input was given on this.” Can you see why perhaps I am a little unsure that we have thought this through or that it is uppermost in our minds?
Christian Rogg: The risk assessments are being done. That is precisely about the central assurance assessments and the due diligence assessments. It is the investigation of cases, audit processes and so on. I think that the decision of how to channel funds is informed by the risk assessment on both the multilateral and the bilateral side.
Q58 Mr Bacon: The central assurance assessments do reveal quite high risks. Of the case studies that I looked at, one was found to have major weaknesses. What is your approach to mitigating severe risks and major risks when you find them? When they are drawn to your attention.
Tim Jones: It is best to think of central assurance assessment as a start point in working with an organisation to improve it. In the case study where the overall rating was “severe”, we used that as a way of surfacing our concerns over that organisation’s control structure and capacity and then got them to get better. It is a very useful tool in terms of documenting surfacing issues and then charting a pathway to improve them.
Q59 Mr Bacon: There is a bio that we have been given of each of the witnesses. Unfortunately for you, Mr Jones, it says “bio text”, as if something is to be inserted but has not been. Can you just tell us a little about your background? I take it you are a chartered accountant?
Tim Jones: Yes.
Q60 Mr Bacon: Where did you train?
Tim Jones: I trained with PwC.
Q61 Mr Bacon: Then you moved into the public service recently, or later in life or—
Tim Jones: I did just under the first 10 years of my career with PricewaterhouseCoopers. Then I moved into a finance role in Government in 2009. I worked across a few different domestic Departments and then joined DfID in the summer of 2019.
Q62 Mr Bacon: As its finance director?
Tim Jones: Director of finance and also commercial and programme delivery.
Q63 Mr Bacon: Now, because of the merger, you have become finance director of the FCDO?
Tim Jones: Yes, my job changed a few times over the last couple of years.
Q64 Mr Bacon: That is all music to my ears. I was hoping you would say something pretty much like that. I spent a lot of time on the Public Accounts Committee so saw a lot of finance directors. I was slightly surprised when I looked up the FCDO picture because I remember Jon Thompson being finance director of the Department for Education and then moved to MoD where he was finance director. Then he became the first ever financially qualified Permanent Secretary. We used to see a lot of Mr Thompson at the Public Accounts Committee.
In each case, we were talking about at Education and at MoD of essentially a board level position, director general of finance. I understand from what I am seeing on the web, assuming it is up to date, that there is a director general of finance and corporate, who is called Juliet Chua, who is presumably the board representative responsible for finance and you are under the board and report into her, is that right?
Tim Jones: I report into Juliet who is my DG but I also sit on the board.
Q65 Mr Bacon: You do? You are a board member?
Tim Jones: I sit on the management board, which is chaired by the Permanent Under-Secretary, the Executive Committee and a number of other sub-committees of—
Q66 Mr Bacon: Are you member of the Board of the Foreign Office?
Tim Jones: I am a member of the management board.
Q67 Mr Bacon: Right, it just does not say so on here. You are a member of the management board, good. The only reason I ask is because it has been historically the case in Whitehall Departments that what years ago used to be called the principal finance officer certainly did not require one to have a financial qualification. When I started asking questions about it less than a quarter of principal finance officers were financially qualified. There has been a sea change in the last 20 years with professionalisation and workstreams and so on, all good stuff.
The question I want to get to is this: you used to be at DfID. One could understand the way in which FCO might consider the finance function relatively small as a part of its overall mission. A relatively small budget compared with most Whitehall Departments. A great deal of that is spent in—whatever it is—240 offices in 170 countries around the world. Therefore, there would not be a need for a finance director at such a high level. You would hope that would change once you became a much bigger organisation. After all, DfID had a much bigger budget than FCDO and was spending much more money in much more high risk ways. Have you seen internally a shift and a raising of the role of the finance chief since the merger or in the period leading up to the merger when the merger was being discussed?
Tim Jones: First off, a point of fact, Juliet is also financially qualified.
Mr Bacon: Yes, even better, good to know.
Tim Jones: It is hard for me to comment. As an organisation in its own right, FCDO is relatively young and I have limited visibility of how FCO operated. I know that the FCO finance director also sat on the top boards. I think one of the key live considerations at that point of merger—if you remember the merger was announced early in the summer and then we implemented it in September 2020—in that period of intense work over the summer of forming a new Department, one of the top conversations we had as an organisation was to ensure that we were going to go in as a newly merged Department with oversight of all this aid budget and do a really good job of managing the money.
When we set up our structures we put me on an awful lot of boards up and down the system. We ensured that we set up a good investment committee, which Juliet chairs and I go to, and sub-committees to look at things like the financial transactions work, which is quite technically complicated. We then developed the programme operating framework, which is based in a large part on DfID’s smart rules, which was the internal manual for how to do programmes. We invested quite a lot in that.
Q68 Mr Bacon: Sorry, on DfID smart rules, I remember “smart” from defence procurement in MoD, which a wag said stood for “same method appearing rather trendy”. Can you explain what “smart” means in FCDO?
Tim Jones: It is not a term we use in FCDO anymore. It was a DfID term and we started again as a new Department. Essentially, what we have is the programme operating framework. It is deliberately designed to be both plain English and sufficiently technical for practitioners. It is principle rate based rather than lots of technocratic rules. It is essentially the rule framework for how we do programming, which in FCDO primarily means aid programming because that is where the bulk of the money is.
Q69 Mr Bacon: As a senior financial manager, you are also by definition a risk manager. Do you feel that you have a clear line of sight to the main areas in the world where your money is being spent, whether it is multilateral or bilateral, and good dashboard systems for flagging up on a red, amber, green basis when there are things that ought to concern you so you can take your limited time and devote it in the right places? Do you have that? Are you evolving it? If you were to characterise the extent to which you feel comfortable as a financial manager, looking at it with that set of spectacles on, is there more work to do? How much more work? After all, it is a new organisation. It has quadrupled in size compared with what the FCO was. Just characterise for us where you feel you still need to push harder, what more work needs doing?
Tim Jones: In answering I will delineate between me personally as finance director and then talk about the Department as a whole. In the Department as a whole, we invested a lot on risk at the start. We have a dedicated risk team that we resourced up. We ensured that we did not simply import either the FCO’s or DfID’s risk methodology. We looked at it from first principles. We have a proper principal risk register, which we look at in the management board. It looks at the totality of risks across the Department, including financial risks. It is quite a good bit of work.
Q70 Mr Bacon: Is it public?
Tim Jones: No. Underpinning the programme risks, we have a tool within FCDO, which we inherited from DfID, which is the aid management platform, AMP. That is web-based. It is very good. It allows individual programme managers to maintain their own risk register and then it rather neatly aggregates it up. It is just a particularly good tool to use in the Department. It is rather well developed.
As an FD, I have visibility of all of that because I sit on the management board. At the point where we set FCDO up, for various reasons, we had a director general job that was for delivery. That included a range of things, including risk. Risk was a DG delivery rather than DG finance and corporate. We reorganised in the last month or so and, as part of that, the risk team is moving out. Therefore, we do not have a DG delivery job and the risk team will move to me in the next two or three weeks.
Q71 Mr Bacon: I find that all mildly reassuring, Chair. I appreciate why you might not have it in the public domain, but if the Committee wanted to come and have a briefing internally so you can show us how what you have just described works with the dashboards and the different levels and how they feed upwards, would that be possible?
Tim Jones: I think so.
Q72 Mr Liddell-Grainger: Can I ask Tim, please, again—I am sorry you seem to be in the hot seat—your timeline on reviewing and updating the existing CAAs?
Tim Jones: The rule of thumb is three years and that is to tie in with the replenishments of the multilaterals themselves, you are entering into a new agreement. For most of these multilaterals—and Christian might jump in with points of detail—essentially it is a two, three, four year deal and the CAA you would want to do fairly early on and then revisit it. Within the documentation that rule of thumb of three years will be there but it is not always hard and fast as a three-year cycle.
Q73 Mr Liddell-Grainger: Is that adequate? Given what we have just heard from Nigel and Richard, do you think that is adequate? There are issues here. They may not be serious issues but there are issues. Don’t we have to be seen to be squeaky clean on everything we do? Either of you.
Tim Jones: I will do potentially the glib version and Christian can do more detail. It is a trade-off of our limited people resources and what we put them on to. Regarding the CAAs, a thorough bit of work. They are quite thick, chunky documents. Is there merit in doing that kind of intensive work, which can take weeks if not months to complete? You have barely finished one and there is a brief pause and then you do another and then another and another. That would probably be overkill.
Christian Rogg: The CAAs take quite a long time, three to six months, a very substantive exercise. If you look at the one for the World Bank, for example, it is 100 pages. The idea is that the moment when the CAA is done is essentially a deep dive that captures all the information available. It is done very intensively around data but also engagement with the multilateral organisation that is being reviewed, with the guidance, as Tim said, for that to be done every three years.
Having said this, I think it would be wrong to think of it as one-off exercises with nothing happening in between. The senior responsible owners, the teams that are looking at the relationships with the multilaterals are maintaining oversight of those issues throughout. The FCDO also does annual reviews of all the organisations, all the spending programmes it has. That would be another opportunity to pick up any particular issue on an annual basis, which is also quite formal, like some of the other things in the public domain.
During the CAAs the UK is also involved in those multilaterals, in terms of sitting on the board where there will be reporting of fraud cases, being represented on different committees in different organisations and has an opportunity to engage on specific issues in the meantime. The guidance is also that if there is a substantive change in an organisation, for example because there is a significant fraud case, not to wait for three years but to revisit the timeline for when a bigger assessment should be done.
Q74 Mr Liddell-Grainger: What triggers that? When is a fraud big enough and, in your eyes, when is an organisation changed enough for that to trigger?
Christian Rogg: To be clear, it could be triggered by other things as well. For example, if you have a significant restructuring in an organisation to make sure that we still feel confident that the systems are strong enough after the restructuring, or it could be a fraud case. I don’t think there is any hard and fast quantifiable indicator in terms of triggering a CAA, depending on the amount. Because it may be the case, for example, that no UK funds are lost in a fraud case but we have significant concerns over the control mechanisms in that organisation. The loss to UK funds could be zero but it is a pre-emptive measure with possible future investments.
Q75 Mr Liddell-Grainger: Just for my own clarification, do you look at ODA in the same way? If you came across a fraud within the European Union, would you investigate that under CAA or how would that be done? We are still there until 2027 and I am just interested to know the mechanism.
Christian Rogg: I will let Tim respond on the EU side but, more generally, the funding sources that we are talking about here are ODA.
Q76 Mr Liddell-Grainger: They are all ODA under CAA. I thought they were both?
Christian Rogg: UK funding that is not ODA going to multilaterals would not sit in this case with the team, but on the EU it is worthwhile clarifying that particular point.
Tim Jones: In terms of the approach to the EU, we are relying on its internal structures. The nature of the withdrawal agreement means we are committed to the amount of money that we put in over that very long taper and we have less direct access and ability to influence than we did. The amount of access that we have is less but it is not completely limited. Both FCDO and the Treasury get a regular stream of reports in from the court of auditors and the anti-fraud office.
Q77 Mr Liddell-Grainger: Given that we have a few years to go until 2027, do you feel that is adequate in safeguarding the UK’s position given that you do not have the access that we would have had pre-2016? I suppose what I am saying is: are we safeguarded enough as the UK from a position where we don’t know everything? Are you happy in your own mind that we know enough to do what we are doing?
Tim Jones: I think we have a pretty good deal.
Q78 Mr Liddell-Grainger: You think it is a pretty good deal?
Tim Jones: Yes, with the visibility we have.
Q79 Mr Bacon: Just to clarify, did you say that the taper is 11 years?
Tim Jones: It is pegged to the lifetime of the inflight programmes. They could take longer but our working assumption is—
Mr Bacon: It will vary from bit to bit?
Tim Jones: —it tapers quite rapidly over the next three to four years and then there is a long tail end that is a lot smaller by the end of the decade.
Q80 Chair: Finally from me, as a Department how are you learning from multilateral organisations on the best ways to manage the risk of fraud? I am also specifically interested in how you are sharing your institutional knowledge with those partners.
Christian Rogg: The learning takes place in several ways. One is with the external partners, with the multilaterals who are being reviewed. As mentioned, the assessment exercise is done in collaboration and the joined up objective is to have the systems as strong as possible in those organisations. Then there is learning that we are doing with other funders; with other bilateral donors. There is an organisation called MOPAN, which essentially measures the effectiveness of multilaterals. Its secretariat is housed in the OECD in Paris. That looks at the effectiveness of multilaterals more generally but includes the types of issues we are discussing here around the control systems in those organisations.
That has more than a dozen donors, like the UK. It is very well-established. The UK was a founding member and is still very active in it. That is another multilateral international platform that we have. Then, lastly, there are messages that are very helpful from the ICAI review that we are discussing today, which is about the learning, the peer review and so on within the organisation to make sure that we are looking beyond the findings of individual multilaterals and we are learning across those to make sure that we have strong systems in place across the board.
Chair: Thank you. Do my colleagues have any further questions?
Q81 Mr Liddell-Grainger: Just on that final point, you talk about the adequate controls and you just said that you feel you have the adequate controls that you need. You said you review every three years, and I know it is not completely and I know there can be changes. In this world we have all dealt with this over the many years we have all been MPs, especially Richard. One of the things that always worries us is that organisations change very quickly, incredibly quickly, and sometimes the person you thought was CEO is then doing something else.
Do you think we are in a position where we are able to move quickly enough if there is a fundamental change? Suddenly on day two can you say, “We don’t like this because—” and you would give reasons, obviously? Can you make that decision that quickly if you feel there is a problem?
Christian Rogg: In the first instance those changes would be handled through the boards of the multilaterals. The UK representative sitting in the multilateral would be involved in the process of vetting and appointing—whatever the arrangement is—and if there are significant concerns about that individual, just like other hearings, that is the moment to surface those.
Mr Liddell-Grainger: Very good.
Christian Rogg: Having said this, if a problem materialises there have been cases in the past where the UK stopped funding and made the continuation of funding conditional on certain measures to be taken. Those were measures that had to do sometimes with strengthening systems; sometimes it had to do with recovering lost funds and so on. Those instances have happened in the past.
Mr Liddell-Grainger: Thank you very much, indeed.
Chair: I thank our witnesses for coming in today.