The Welsh audit watchdog is warning that public service leaders should give a higher priority to tackling fraud in Wales, as levels have been increasing during the Covid-19 crisis
Audit Wales published a report in June 2019, giving an overview of the scale of fraud in the Welsh public sector, together with a description of counter-fraud arrangements across the Welsh government, the NHS and local government.
At the time, the auditor general described annual losses to fraud and error as ‘significant’, and suggested they could be anywhere between £100m and £1bn.
Now a second report which examined the overall effectiveness of counter fraud arrangements at some 40 public bodies, has concluded it is clear they collectively need to raise their game and learn from others to tackle fraud in Wales more effectively.
This report warns that the disruption caused by Covid-19 has seen a spike in cases of fraud, starting with early reports of fake personal protective equipment, and moving on to phishing emails claiming to be from government departments asking for an individual’s bank details for a refund.
The report also said that as the attentions and resources of organisations were diverted to new ways of working and many staff were laid off, the incidence of cyber security attacks to steal business-sensitive and personal data increased, while with more people working from home, phishing campaigns then targeted applications that are being relied upon during remote working, in particular popular conference calling applications and parcel delivery firms.
Adrian Crompton, auditor general for Wales, said in his forward to the latest research: ‘However, some senior public sector leaders are sceptical about the levels of fraud within their organisations.
‘As a result, they are reluctant to invest in counter-fraud arrangements and assign a low priority to investigating cases of potential fraud identified to them by the National Fraud Initiative, even though there are many examples of a good return on investment in this area.’
Audit Wales said NHS Wales is clearly leading the way, but that local government bodies generally need to improve to at least the standard seen in the NHS. That said, even the best counter fraud arrangements currently operated in Wales could be strengthened, drawing on good practice elsewhere in the UK and internationally.
In public bodies where counter-fraud is currently under-resourced, the report suggested this is sometimes due to unfounded assumptions around presumed low levels of fraud activity.
Audit Wales said this shows the need for more robust fraud risk assessments, together with awareness raising and enhanced staff training. Greater use of data analytics is also needed to strengthen both the prevention and detection of fraud.
According to the report, the watchdog did not find many examples of public bodies in Wales outside the NHS pooling resources to help reduce duplication of effort and improve the efficiency and effectiveness of counter-fraud arrangements across sectors.
Audit Wales said pooled resources could also help to improve continuity and add flexibility to adapt to changing needs going forward.
Other than in the NHS there is an absence of any overarching strategic approach, guidance, coordination and oversight.
Insufficient capacity arose frequently as a key challenge faced by public bodies in their efforts to combat fraud. On the ground, capacity and skills in counter-fraud vary widely across and within public sector bodies in Wales. Most of the capacity is allocated to responsive work and investigations with any spare capacity being used in preventative counter-fraud work.
The report has identified seven key themes which it says all public bodies need to focus on in raising their game to tackle fraud more effectively.
These key themes are culture and leadership; risk management and control; policies and training; capacity and expertise; tools and data; collaboration; reporting and scrutiny.
Crompton said: ‘Investing resources in both preventing and detecting fraud is money well spent, particularly in the context of acute public sector funding pressures and the need to do more with less.
‘The Covid-19 pandemic is creating an imperative for public bodies to collaborate more effectively in responding to scammers and fraudsters.
‘Whilst individual bodies are responsible for their own arrangements, the Welsh government also needs to enhance its strategic leadership of counter-fraud activities across Wales, playing a co-ordinating role where it can.’
Alison Ring, director for public sector at ICAEW, said: ‘One of the positive outcomes of the pandemic is that fraud reports are being shared across borders and departments.
‘The Welsh government should continue to liaise with the UK Cabinet Office on improving the impact of local authority counter-fraud leads in implementing counter-fraud measures.
‘Unfortunately, fraudsters will exploit any opportunity, and public sector bodies need to identify risks, if not before, then at least at the same pace as the fraudsters.
‘This can only come about if public sector bodies take fraud seriously and work together, sharing information to reduce the amount of public money lost to fraudsters and scammers.’