Fraud Advisory Panel Representation: Public Accounts Committee Enquiry on Fraud and Error

GENERAL COMMENTS

The Fraud Advisory Panel welcomes the opportunity to provide evidence to the Public Accounts Committee inquiry into Fraud and Error during the coronavirus pandemic, launched on 23 March 2021, ahead of its oral session on 29 April. This response has been prepared by a small group of our members.

The Fraud Advisory Panel (the ‘Panel’) is the UK’s leading counter fraud charity, working to raise awareness of fraud and financial crime and how to reduce it. We act as the collective voice of the counter fraud profession, providing practical support to almost 300 corporate and individual members. Our members come from a wide range of professions and sectors who are united in their determination to stop fraud.

Our interest in this inquiry stems directly from our work throughout the pandemic to raise awareness of COVID-19-related fraud. In March 2020 we established a cross-sector, cross-industry coalition of more than 70 trusted partners from various government departments, industry and professional bodies, law and accountancy firms, and law enforcement as an immediate response to the coronavirus pandemic to:

share information on emerging fraud threats and trends,
act as a conduit to warn the public, private and third sectors, and
provide timely and practical advice on prevention.

The coalition – called the COVID-19 Fraud Watch Group – met a total of 19 times from the end of March to the end of September. Summary proceedings were shared with partners after each meeting to cascade through their business networks to ensure the widest possible audience. These summaries are available here.

A common concern raised in these meetings was about the fraud risks within the government’s support packages and procurement processes which, in turn, gave rise to actionable intelligence being shared with the authorities about alleged instances of fraud. It also led us to write to the following ministers to voice our concerns and offer some practical solutions to overcome these risks.

The Chancellor of the Exchequer: asking for the names of companies receiving bounce-back (BBL) and business interruption (CBIL) loans to be published for the purposes of crime control and transparency (letter dated 16 June 2020, jointly prepared with Spotlight on Corruption and Transparency International).

The Minister of State for the Cabinet Office and HM Treasury, the City Minister and the Security Minister: proposing the creation of a central data repository to enable lenders to share information relating to COVID-19 loans and grants, and a cross-sector crisis committee to provide impartial, expert opinion on strategy, policy and procedures to support the safe and orderly distribution of public stimulus money (letter dated 28 August 2020).

The Chancellor of the Exchequer: outlining our ongoing concerns about perceived weaknesses in the banking system and the need for a centralised data repository to prevent and detect fraud against the government-backed coronavirus loan schemes (letter dated 22 February 2021).

We have also shared our thoughts on the lessons that can be learnt from the COVID-19 counter fraud response with colleagues from the Cabinet Office to ensure we learn from the current experience and note their support of our COVID-19 Fraud Watch Group.

As a body of counter fraud professionals with decades of knowledge and expertise in this field we are very cognisant of the heightened fraud risks that arise in the wake of emergencies and how essential it is to have appropriate plans in place before, during and after the event to protect money, people, and resources. It is our view that a balance now needs to be struck between preventing fraud within the next tranche of support funds and repairing the existing schemes so that we can pursue and recover losses.

THE INCREASE IN FRAUD AND ERROR RISK

The significant risks posed by a pandemic to the UK have been included within HM Government’s National Risk Register since 2008 (most recently updated in December 2020). Therefore, while we recognise the importance of getting money out to those in need as quickly as possible at the start of the crisis to support the economy, we believe that this was not unanticipated and could have been better planned for.

Previous experience shows us that fraudsters thrive in crises like the COVID-19 pandemic as well as in the economic difficulties that often accompany them. The Cabinet Office recognised these risks before the pandemic took hold in the UK. Only one month before the first lockdown began in March 2020, it issued guidance in collaboration with the Commonwealth Fraud Prevention Centre on fraud in emergency management and recovery: principles for effective fraud control which stated that ‘the provision of emergency relief and services has an inherently high risk of fraud, and is a prime target’ and that it would be a failure ‘for fraud to happen in an uncontrolled manner, with the responsible leaders unaware’.

On 26 March it issued supplementary guidance to leaders and fraud experts in government bodies and local authorities on fraud control in emergency management: COVID-19 UK Government guide which identified risks arising in particular from:

first party application fraud (i.e. an applicant misrepresents their circumstances to qualify for a government grant or scheme), and
third party impersonation fraud (i.e. a third party impersonates a legitimate business to obtain government grants).

Despite the availability of such guidance, it seems that the basic principles of effective proactive fraud control were not applied to some of the early government support schemes (such as the BBLs and CBILs) which has put significant taxpayer money at risk.

Risks assessments should have been undertaken at the outset involving those who were responsible for the disbursement of public funds (such as local authorities and banks) and basic controls put in place to reduce the potential for fraud and error. These stakeholders must be involved properly next time to make better use of their knowledge, skills and understanding of their sectors.

We commend the government’s establishment of its own Counter Fraud Profession to lead such work. While this is an excellent step toward professionalisation, we believe its ability to do so effectively is hindered by a lack of an entry-level qualification which means that basic counter fraud skills do not exist within every department, particularly smaller ones. Fraud prevention needs to be integrated into all staff roles and have senior level ownership of the agenda, rather than being siloed within a counter fraud team. It is also our experience that many central government departments focus on internal frauds rather than those perpetrated by external parties.

This situation has been exacerbated by the low priority given to the growing problem of fraud by successive governments and a systemic under-investment in counter fraud capability and capacity which has left the police and criminal justice system with no teeth. Recovering funds and bringing offenders to justice will be difficult.

Although we welcome the announcement of a new HMRC-led Taxpayer Protection Taskforce to combat fraud within the COVID-19 support schemes administered by them (such as furlough, eat-out to help-out and the self-employed schemes) we are disappointed that limited investment seems to have been made into other risky areas. For example, to strengthen the law enforcement response for BBL and CBIL-related fraud, health-related fraud (i.e. PPE or vaccine frauds) or COVID-19 related consumer and business fraud coming to the attention of the police. It is crucial that we do not lose sight of the fact that large sums of public money have been disbursed and some will have been obtained through fraud and error which must be recovered.

We are worried that the focus will therefore be on taking action against low level fraudsters rather than those who have intentionally set out to defraud the government schemes (including fraud by serious organised crime groups or facilitated through professional enablers). We believe there needs to be clear guidance issued by the Home Office in relation to policing priorities in this respect.

TRANSPARENCY OF GOVERNMENT BODIES IN TACKLING FRAUD AND ERROR

To maintain public trust and confidence it is imperative that government bodies are transparent and accountable for how they tackle fraud and error.

All government departments should publish annual data on their fraud losses (even where this is immaterial). Many government departments already do this (with this information published in the Cross-Government Fraud Landscape Annual Report), but we’d like to see it extended to all departments and arms-length agencies.

There also needs to be a much more joined up approach to tackling fraud across government to improve resilience across the whole of the system. We have previously advocated the need for a body with strategic oversight for fraud to improve the openness, transparency and accountability of fraud initiatives, bring people and organisations together, identify gaps, prevent duplications, and monitor outcomes.

Some government bodies with enforcement functions (such as HMRC) are not required to adhere to National Crime Recording Standards (NCRS) which results in not all fraud potentially being recorded as fraud and less transparency about the data held.
There are multiple channels available to report fraud. This includes: Action Fraud, HMRC, DWP, and the new COVID-19 Crimestoppers hotline to name a few. The extent to which information is shared between these agencies is variable which means the full extent of fraud against the public purse is unknown.
Greater data-matching across government must be encouraged and prioritised. The Digital Economy Act 2017 permits this for the purposes of fraud and error.
Each department should appoint a senior member of the management team with responsibility for fraud.

We note that HMRC has begun to publish the names of companies claiming furlough funding under the Coronavirus Job Retention Scheme. To the extent possible under the law we believe it would have been useful for a similar approach to have been taken for loan recipients. Not only could this have assisted with the early identification of potential instances of impersonation fraud, it may have also acted as an effective deterrent to some would-be fraudsters.

THE ROLE OF THE NAO IN ENSURING ACCOUNTABILITY AND TRANSPARENCY

The Fraud Advisory Panel welcomes the valuable work conducted by the National Audit Office (NAO) into the increased risk of fraud and error arising from the pandemic. We share their concerns about the various government support schemes and procurement processes.

We hope that HM Treasury will require relevant government departments to estimate the level of fraud within these schemes as part of their 2020-21 annual report and accounts. This is to ensure that fraud losses can be audited by the NAO. In addition, the NAO should be given additional resources to establish a dedicated counter fraud team.

We would also like to draw attention to other business support schemes such as the Small Business Grant Fund (SBFG) and Retail, Hospitality and Leisure Support Grant Fund (RHLG). These schemes are administered by local authorities but are paid for by the Department for Business, Energy and Industrial Strategy (BEIS). The value of these grants is high [1], the eligibility criterion very broad, and local authorities have been instructed to make payments ‘as quickly as possible’. Consequently, we believe there is a high level of fraud and error risk associated with them which might be relevant to the regularity and financial audit opinions of BEIS. As with the risks associated with BBLs and CBILs, ineligible businesses may incorrectly or falsely claim, individuals may set up shell companies purely for the purposes of making a claim, and/or duplicate payments or transposition errors may occur because of the speed at which payments are made.

We understand that the Secretary of State for BEIS has confirmed that BEIS will stand behind erroneous payments made by local authorities if local authorities can demonstrate they took reasonable steps to make payments in line with its guidance and took proportionate action to recover erroneous payments. As a result, the expenditure for accounting purposes sits within BEIS’s accounts, rather than with local authorities who act as agents. Local authorities will only have to report on payments in their accounts where BEIS have concluded that the local authorities did not follow the BEIS guidance. This means most of the fraud or error in these payments will not result in misstatements in local authority accounts and will be outside the scope of local authority financial audit opinions.

We are concerned that it will be difficult for BEIS to determine an accurate estimate of the level of fraud within the SBGF and RHLG schemes and for the NAO to audit it given that payments are handled by local authorities which will have their own post-payment assurance plans. We understand that BEIS plan to undertake a review of the assurance undertaken by local authorities, but it is likely that this will be ongoing after publication of the 2020-21 BEIS accounts, meaning that the figure may need to be revised.

April 2021

[1] The first iteration of these grants in April-June 2020 totalled £14.758bn and there has been a further c£6bn of these grants due to further restrictions in the remainder of 2020-21. The Chancellor also announced a further £5bn of similarly structured Restart Grants in the 2021 Budget.