Posted on March 3, 2016 by Richard Baynham
The taxpayer is losing billions of pounds every year to fraud and error. Increasingly complex ways of delivering public services add to the challenges. Technology brings both risks and opportunities for better data sharing and analysis, and new ways of engaging with the public. The problems are widespread, as our newly-published Fraud Landscape review demonstrates. There are, though, many lessons to be learnt from the experiences of HM Revenue & Customs (HMRC) and Department for Work and Pensions (DWP) in addressing fraud and error.
Fraud and error is a complex problem to tackle. We’ve produced a Primer to explain the different definitions and ways of measuring the problem in welfare benefits. In simple terms, fraud is an act of deception carried out for personal gain or to cause a loss to another party. Error is non-deliberate over- or under-payment to or from citizens or organisations due, typically, to mistake, misunderstanding or misapplication of rules. In the public sector, fraud and error exist in a wide spectrum of activities and can affect any organisation making or receiving payments. They can be due to the activities of workers, suppliers, contractors or citizens. There can be a fine line between fraud and error, with those trying to “get away with it” claiming an error was made. Irrespective of the behaviour, we have focused on financial loss and evaluating how government is seeking to reduce this loss.
We know there’s high value losses from fraud and error in tax, tax credit and benefit payments. In total, in 2013-14 £4.6 billion was over-paid. At the same time, £1.6 billion was also under-paid to claimants, creating unnecessary hardships. HMRC and DWP have programmes to routinely measure fraud and error in these areas to help understand the nature of the problems they face. There may be lessons to be learnt by other organisations from their approach.
The scale of losses and the potential hardships illustrate the importance of this issue. Yet our Landscape report shows that across the public sector the extent of fraud being identified is significantly less than the estimated total level of fraud taking place. This is partly because fraud is challenging, time-consuming and costly to detect and measure. And with a lack of information about the impact of counter-fraud activities, it can be hard for organisations to show the benefits of the expenditure on preventing, detecting and addressing the problems.
The lack of skills and experience in this field and, in some cases, the lack of sanctions against perpetrators, add to the challenge and can result in organisations being more reactive when a fraud is detected, rather than proactively seeking to prevent it. And the challenges are increasing. For example, the greater use of third party providers and digital channels create new opportunities for fraud. The good news is that technology offers the potential for more real time reporting, sharing of intelligence and fraud data, and improved data analytics.
Internal fraud typically relates to:
- travel and expenses;
- theft of assets;
- staff reporting absence; and
- change of supplier details for payments.
Types of external fraud (other than those relating to tax and benefits) include:
- processes or payments that people apply for, such as identity documents or student support payments;
- inappropriate grant payments; and
- external contracts or subcontracts.
Regardless of the type of fraud, based on our work with HMRC and DWP we have developed a framework setting out the factors that are key to addressing fraud and error successfully, as detailed in our recent Fraud and Error Stocktake report.
Step 1: A key part of establishing an effective strategy is developing a deep understanding of the causes of fraud and error, and how it occurs. This may include random sampling of the areas of highest risk. Bodies need to know the relative likelihood and scale of overpayments, and identify the baseline situation. A thorough assessment of risks should be undertaken for all new policies and programmes as a routine part of planning – something that many bodies reviewed in 2013 were not doing.
This assessment enables the organisation to test its controls and identify its priorities. It’s important that any strategy considers the potential to ‘design out’ or minimise fraud and error risks in the early phases of programmes.
An effective strategy should set out the long-term performance ambitions, operational targets and success measures. From this, organisations can develop targeted approaches to address their most significant risks. The organisation must also establish clear accountability arrangements for monitoring and managing the response. As data builds up, organisations’ action plans will be informed by better understanding of the effectiveness of their controls and fraud and error initiatives.
Step 2: In designing controls into core process, programmes and operations, organisations should include ways to measure and analyse how fraud and error occurs. They should look for opportunities to design processes in ways that prevent or minimise the risks, and review any tensions in the process. For example, the need to improve customer service or productivity can undermine controls. There are many ways of designing good processes, including the use of rules and information requirements for payments; or sharing data with third parties.
Step 3: Controls must then be implemented effectively, from recording fraud allegations to creating incentives for staff to improve day-to-day controls on a continuous basis. Good feedback loops should be used to refine controls and interventions in response to information and behaviours.
Step 4: The occurrence of fraud and error and evidence of the success of counter measures should be monitored continually with an eye to reviewing strategies as needed. Initiatives should be evaluated in terms of outcomes achieved and robust external reporting and auditing arrangements should be in place. It was found in 2013 that around three-quarters of organisations reviewed lacked outcome measures to assess the effectiveness of counter-fraud activities.
Organisations can do much to address their own risk of fraud and error. However, even more will be achieved by collaboration between organisations. As our Fraud landscape review details, we encourage the Cabinet Office to improve data collection and understanding of fraud risk across government, which will inform more targeted approaches to tacking fraud. We also support its leadership of initiatives to:
- improve public sector organisations’ sharing of good practice, assets and resources to increase capability and capacity;
- reduce the barriers to sharing data and intelligence on fraudsters;
- work on joint data analysis projects;
- agree consistent measures of fraud and error; and
- develop a fraud profession with appropriate training and accreditation.
Although identifying the scale of problems tends to bring unwanted criticism onto an organisation, we strongly support the Cabinet Office efforts to build a culture across government that recognises and values organisations that identify and address fraud and error.
The NAO has produced several reports covering fraud and error, as can be found on our new Fraud, error and debt management web-page. We will continue to focus on this crucially important issue in future reports. Meanwhile, we welcome your views and invite you to contact us if you would like to discuss any aspect of fraud and error.
About the authors:
Richard Baynham is an Audit Manager with extensive experience with HMRC and particularly with assessing fraud and error issues. He is responsible for building NAO’s understanding of the issues surrounding fraud and error and developing our approach to help the public sector to address them. Among various previous roles, Richard led the NAO’s Regulation Practice.
Ee-Ling Then joined the NAO in 2004 from the Australian National Audit Office. She has worked on a number of international projects and on many value or money studies and investigations. She currently works in the NAO’s investigations team and led the fraud landscape review.
4 responses to “Confronting fraud and error head-on”