Sir John Bourn, head of the National Audit Office, reported to Parliament today on the risk of fraud in property management in the Ministry of Defence.
Property management on the Defence Estate consists of maintenance work and minor new construction work up to a value of about £300,000 for each individual job, including VAT and fees. Examples of property management work include the replacement of windows, roof repairs, repairs to leaky taps, grounds maintenance, decoration and constructing extensions to buildings. The National Audit Office examined the Department’s overall approach to managing the risks of fraud; the controls the Department have in place to prevent fraud; the risks that are faced; and the Department’s arrangements for detecting, investigating and learning lessons from fraud.
Although the Department have a clear policy that fraud will not be tolerated, the National Audit Office found that the current level of control against fraud in property management is unacceptably low. Their risk model showed that some £135 million annually (15 per cent of expenditure) could be at risk from fraud. But they also noted that the Department had a number of initiatives in train to improve the situation. The main findings included:
- the Department have in place a number of practices designed to minimise the likelihood of fraud. But they have not carried out an assessment of fraud risk across the Department, and do not yet have a coherent anti-fraud strategy;
- organisational responsibilities for combating fraud have been complicated and, in the property management area, the Department recognise a fragmented approach to fraud risk management has not achieved the desired level of control. In response, they have set up a high level Fraud Prevention Steering Group to: co-ordinate anti-fraud efforts; develop and implement a strategy for fraud deterrence and detection; and to promote a greater awareness of potentially fraudulent activities;
- current formal arrangements with contractors do not make clear their responsibility to protect the Department from fraud, or provide an effective incentive to prevent, detect or report fraudulent practices. The Department have in hand changes to the contracting strategy and communications with contractors to improve this position;
- important controls, including the provision of expert advice on pricing, inspections of completed work and checks between invoices and standard contractual rates, were operated less frequently in fact than staff believed them to be, and adverse results from controls were not always followed up;
- the Department do not have a clear picture of the fraud that is potentially being perpetrated against them. Many Property Managers were unsure of reporting arrangements for fraud and had difficulty in distinguishing between fraud, poor performance and sharp practice. More generally, the Department recognise that their central information on fraud is weak and have begun to create a central database of all suspected frauds; and
- fraud investigation requires specialist skills and even then securing sufficiently strong evidence for successful prosecution is difficult. Of recent cases meriting pursuit, only half were taken forward to formal action, and there have been just five prosecutions, four of which were successful. None of the prosecutions related to property management cases.
The National Audit Office make a number of recommendations to help the Department improve their prevention, detection and response to fraud. In particular, they should:
- undertake risk assessments to inform a Department-wide fraud strategy and specific strategies for areas of expenditure including property management;
- examine ways of incentivising contractors to prevent and detect fraud, particularly under any future partnering arrangements;
- further simplify and clarify fraud reporting and investigation responsibilities;
- build on our risk assessment and risk model – as they intend to do – to improve the design of controls in property management, and then ensure that the controls are operated to the depth and frequency necessary to provide the assurance the Department need; and
- collect better data on fraud risk management activities, resources applied and outcomes, and to monitor actively the quality of fraud risk management in practice.