Functional Standards for government organisations

The Government Functional Standard GovS 013: Counter Fraud was introduced with the aim of creating a coherent, effective, and mutually understood way of managing counter fraud, anti-bribery and anti-corruption activity across government organisations. Adherence is now a requirement for all government departments and their arm’s-length bodies. This article considers why the standard is important and looks at how you can minimise the burden of compliance.
 

Why is consistency in fraud risk management important?

Fraud is clearly a significant risk and one that is here to stay. Indeed, according to a 2021 Committee of Public Accounts report into "Fraud and Error", fraud in the public sector costs the taxpayer between £29 billion and £52 billion each year.

Changes to working patterns and the increase in agile working across government departments has also introduced new risks which should be considered, alongside the ever-increasing threat of electronic fraud such as spoofing or phishing. The extent of data and information that public sector organisations are required to publish, in the spirit of accountability and probity, is likely to further increase the threat.

It is widely recognised that the maturity and effectiveness of fraud risk management frameworks varies widely across the public sector, and, in many cases, there is no dedicated counter fraud function embedded within government organisations. The government-wide standards regime provides an opportunity to work towards eliminating this disparity and create a platform for change.

Most government organisations will by now have completed a self-assessment against the Functional Standards and will have a view on where they sit in terms of maturity of their fraud risk management framework. There is no doubt that organisations will be keen to deliver on their remit of protecting the public purse, but proportionality in the face of resource constraints is likely to be a key concern.
 

Risk based approach: focusing your efforts

The requirements of the Functional Standard are split between mandatory ("shall") elements and recommendations for best practice ("should") elements, which can guide organisations towards best practice. However, what does creating a roadmap to best practice look like in practice and how can this be achieved in a proportional way? The solution lies in a risk-based approach, and we discuss this further below.

It is not feasible to develop a robust counter fraud framework without first understanding the risks that exist within your organisation. As outlined above, government organisations are rarely blessed with unlimited resources and therefore it is crucial that efforts are focused towards the areas of greatest risk. Taking time to map out your core business areas and processes, and the related fraud risks, in the form of a Fraud Risk Register is a vital first step on the road to best practice.

Your operational teams are your biggest asset in preparing a Fraud Risk Register. We suggest holding brainstorming sessions with your core operational managers within the main departments of areas of major spend to ensure their knowledge of procedures and day-to-day operations is built into your review. Charting out the processes and areas of weakness against each fraud risk will provide the basis for scoring each risk in accordance with your existing risk management matrix. Counter fraud activities can then be targeted at the highest scoring areas.

Your risk assessment should be seen as an ongoing, iterative process, rather than a standalone exercise. It should inform, and be informed by, all other counter-fraud activities. Progress should be monitored by a senior individual and progress against assigned actions should be reported back to those charged with governance.
 

Building on the fraud risk assessment: What practical steps could your organisation take towards best practice?

We have set out below recommendations that organisations could consider as part of a roadmap to best practice, based on translating some of the 'should' elements of the Functional Standards into practical steps.

1. Be clear on what you want to achieve - focus on outcomes and be clear on how this corresponds to your risk assessment and targets areas of greatest risk
2. Do not rely on reacting to known incidents. Take a proactive approach to uncover what you do not already know by planning detection exercises in areas where your understanding of the extent of fraud exposure is limited
3. Assign responsibility for managing the risk of fraud, bribery and corruption at an organisational level to a named senior leader
4. Build counter fraud into existing training plans and incorporate ad-hoc awareness into existing team meeting schedules to maximise engagement without creating an additional burden
5. Nominate a Counter Fraud Champion to promote awareness throughout the organisation, acting as a voice for the workforce to inform process improvements and drive cultural change
6. Assess your in-house capacity to respond to incidents. If capacity does not exist in house, or it is not cost effective to appoint a full time individual or team, considering seeking support from a third party to provide the required expertise.
    

How could BDO help?

BDO has a specialist counter fraud team that provide information, advice, and training to assist organisations in developing anti-fraud cultures and frameworks, along with reactive investigation services. Our team includes Accredited Counter Fraud Specialists, experienced investigators conversant with criminal legislation, and digital specialists to help avoid loss of crucial evidence.

Our team has significant experience of working with NHS organisations to help them ensure compliance with the requirements set by the NHS Counter Fraud Authority. Each client we work with is required to comply with the same standards, now aligned to the Functional Standards, but has its own set of risks and challenges. We are therefore well versed in working with clients to develop bespoke counter fraud plans suitable to their unique circumstances and helping to ensure such plans are embedded in governance structures.

We also work closely with other public sector and commercial clients that have not previously been subject to a set counter fraud regime, but who are now facing increasing obligations in this regard. Using this experience, we could help you to map the maturity of their framework against best practice principles and work with you to implement any deficiencies identified as part of our gap analysis.

We can also provide tailored and flexible counter fraud solutions, including proactive and reactive services. We can deliver engagements under a co-source arrangement to help create a manageable solution to resource gaps within your team.
 

Contact us