Annex A

 

 

 

INTERNAL AUDIT

COUNTER FRAUD REPORT

2022/23

 

 

 

 

 

 

 

 

 

 

 

                                             

1.         Introduction

 

1.1       The Council’s Financial Regulations require all officers and members of the Council to notify the Chief Internal Auditor of any matter that involves, or is thought to involve, corruption or financial irregularity in the exercise of the functions of the Council.  Internal Audit will in turn pursue such investigations in line with the Counter Fraud Strategy and Framework.

 

1.2       Within the Orbis Internal Audit Service, the Counter Fraud partnership team provides resource and experience to support ESCC with both proactive and responsive support relating to any instances of financial irregularities and fraud related risks.

 

1.3       The annual Internal Audit Plan for 2022/23 carried within it a contingency budget for ‘Irregularity and Special Investigations’ of 120 days. This contingency covered time to investigate ‘irregularities’ (actual or alleged financial impropriety, corruption, and other similar matters) as well as time for proactive counter fraud work and to support the National Fraud Initiative (NFI), detailed in the latter part of this report.

 

1.4       Internal Audit reports following irregularity investigations typically help to provide independent evidence to support (or not) a management case against an employee under formal disciplinary procedures, to support potential criminal prosecutions and to help strengthen controls in areas where weaknesses are identified.  Irregularity audit reports are not subject to the same distribution as general audit reports due to their confidential and sensitive nature.

 

2.         Summary of Investigations between 1 April 2022 and 31 March 2023

 

Resources

 

2.1          During the 2022/23 financial year, a total of eight Internal Audit officers charged time to work on irregularity investigations amounting to 113 days.  This includes preliminary assessments, liaison with departments, fieldwork, reporting, and subsequent support for disciplinary and criminal activities.

 

2.2          The Counter Fraud team also monitors the ESCC Confidential Reporting Hotline, giving advice to members of staff on whistleblowing, and signposting to other departments where required.

 

Number and Types of Investigations

 

2.3          A total of 24 allegations were received in the financial year (13 in the first half of the year and 11 in the second half).  For comparison, 23 allegations were received in the previous financial year.

 

2.4          New allegations were brought to the attention of Internal Audit by the following methods:

 

·                     14 were raised by Council management;

·                     4 originated from an external source to the Council;

·                     6 were raised through confidential reporting.

 

2.5          Full details of the categories by which fraud and irregularity investigations are reported are attached at Appendix A.  All proven fraudulent or irregular behaviour by officers may be considered misconduct; similarly, poor controls increase the likelihood of fraud occurring.  The categories therefore reflect alleged specific types of fraud or irregularity.

 

2.6          The number of all recorded allegations across the Council’s departments is shown in Figure 1, while Figure 2 shows the categories of allegations received.

 

Figure 1. Allegations by department from 1 April 2022 to 31 March 2023

 

 

Figure 2. Summary of irregularities by type from 1 April 2022 to 31 March 2023

 

 

2.7          Of the allegations received, 2 were closed with no action taken, 2 were passed to an external body, 5 were dealt with through advice to management, 10 were taken forward for investigation by Internal Audit or support provided to a management investigation. Five were conduct or capability issues dealt with by management with support from HR where appropriate. Four investigations were still active at the time of writing this report.

 

2.8          The following paragraphs provide a summary of the investigation activity concluded by the Internal Audit Counter Fraud Team within the last 12 months.

 

2.8.1      Cash Handling – following concerns over cash banking arrangements, advice and support was provided to improve arrangements over cash handling at a care home.

 

2.8.2      Recruitment – a concern was reported that there was a potential conflict of interest in a recent recruitment exercise that had occurred in Adult Social Care. The investigation concluded that no preferential treatment had taken place and the concerns were unsubstantiated.

 

2.8.3      Bank Mandate Fraud – an investigation was undertaken following notification that ESCC had been the victim of a bank mandate fraud, totalling £206,847.53. The investigation found that, whilst ESCC had robust controls in place designed to prevent this type of fraud, the officer who had processed the change in bank mandate had not followed these procedures. Following our investigation, the officer concerned was subject to disciplinary action. Further opportunities were taken to strengthen controls and to reinforce the message to ensure correct procedures are followed at all times. Additional fraud awareness sessions were held to emphasise the current threat of bank mandate fraud.

 

2.8.4      Grant Funding – during the year, a concern was raised in relation to the administration of funding that was received from the Adoption Support Fund (ASF). The member of staff responsible for applying to the fund, tracking funding received and completing spend confirmations, had not been following the correct procedures which resulted in lengthy retrospective reconciliations being required and some grant funding having to be returned. In addition, some overpayments were also identified resulting in some financial loss to the Council. Consequently, a number of control weaknesses were identified, and these were reported to the service so that improvements could be made. The staff member concerned retired during the course of our investigation.

 

2.8.5      Data Governance Breach – the Department for Works and Pensions (DWP) informed the Council of a potential security breach of their system (Searchlight). An investigation was undertaken which resulted in the system user being issued with a formal written warning. Training was provided to all system users within the team, reminding them that they should only use the system for genuine business reasons.

 

2.8.6      Overtime Claims – following an allegation that an employee was submitting excessive overtime claims, we conducted an analysis of claim forms and rota information. However, due to poor record keeping by the service, we were unable to establish whether any overpayments had occurred. Consequently, no action was taken against the member of staff, although the managers responsible for approving claims within the team are being supported to ensure that claims are properly checked before being approved for payment. To assist with this, Human Resources have worked with the service to implement a more robust and clear rota system. Audit work is planned early in 2023/24 to confirm that proper processes and controls are in place and being complied with.

 

2.8.7      False Representation – Internal Audit investigated a referral from the Pension Service regarding a potential false claim to obtain payment of a pension. A scheme member had taken early retirement on the grounds of poor health and a request for payment of the pension had been received. However, subsequently mortality data matching indicated that the scheme member had passed away prior to the request being received. The investigation confirmed that the scheme member had passed away and payment of the pension was stopped. A reconciliation between the payments made and the death grant due confirmed that no overpayment had been made as a result of the discrepancy in the reporting of the death in service.

 

 

 

 

 

3.         Proactive fraud prevention and awareness work

 

3.1       As well as the investigation work referred to above, we continue to be proactive in the identification and prevention of potential fraud and corruption activity across the Authority and in raising awareness amongst staff. The following paragraphs outline some of the proactive work undertaken in the past year.

 

3.2       The Council has in place a Counter Fraud Strategy 2021-24 that sets out its commitment to preventing, detecting, and deterring fraud. Internal Audit has reviewed the sovereign strategy to align with best practice and to ensure a robust and consistent approach to tackling fraud. The strategy was updated to include revisions to the Fighting Fraud and Corruption Locally framework and was approved by the Audit Committee in September 2021.

 

3.3       Fraud risk assessments are regularly reviewed to ensure that the current fraud threat for the Council has been considered and appropriate mitigating actions identified. We have updated the risk assessment to include new and emerging threats. This includes potential threats to payroll, staff frauds relating to home working and the ever increasing cyber threat.

 

3.4       One of the key controls in fighting fraud is having a strong culture in place with staff vigilant to the threat of fraud. In the past year, Fraud Awareness sessions have been delivered to Business Operations, focussing on the risks to the Council of bank mandate fraud and cyber fraud. The team continue to monitor intel alerts and work closely with neighbouring councils to share intelligence and best practice.

 

National Fraud Initiative

 

3.5       The results from the biennial National Fraud Initiative exercise, overseen by the Cabinet Office, were received in late January 2023.  The exercise compared Council records relating to payroll, pensions, creditors, Blue Badges and concessionary travel passes, with data from 1,300 public and private sector organisations used to help prevent and detect fraud and error.

 

3.6       The exercise identified over 3,000 non-creditors data matches which are risk assessed and prioritised for investigation of fraud or error.

 

Partnership working

 

3.7       We meet regularly with partners across the southeast to discuss emerging threats and share intelligence. More specifically for the East Sussex area, we are working with District and Borough colleagues to explore opportunities for further developing countywide data matching capabilities for the prevention and detection of fraud.

 

 

Appendix A

Reporting categories for irregularities

 

Reporting category	Description	Examples (not an exhaustive list)	Legislation / Policies (examples)
False representation	Knowingly making an untrue or misleading representation to make gain, cause loss or expose the Council to the risk of loss	Submitting incorrect expense claims; falsely claiming to hold a qualification	Fraud Act 2006
Failure to disclose information	Intentionally withholding information to make gain, cause loss or expose the Council to the risk of loss	Failing to declare pecuniary interests, or assets as part of a means tested assessment
Abuse of position	Use of position to act against, or fail to safeguard, the interests of the Council or residents	Nepotism; financial abuse of individuals receiving social care
Theft	Misappropriation of assets (often cash) belonging to the Council or individuals under the Council’s care	Removing cash from safes; removing individuals’ personal items in care homes	Theft Act 1968
Corruption	Offering, giving, seeking or accepting any inducement or reward which may influence a person’s actions, or to gain a commercial or contractual advantage	Accepting money to ensure a contract is awarded to a particular supplier	Bribery Act 2010
False reporting	Intentional manipulation of financial or non-financial information to distort or provide misleading reports	Falsifying statistics to ensure performance targets are met; delaying payments to distort financial position	Theft Act 1968; Financial Regulations; Procurement Standing Orders
Misuse of public funds	The use of public funds for ultra vires expenditure or expenditure for purposes other than those intended	Officers misusing grant funding; individuals misusing social care direct payments
Procurement	Any matter relating to the dishonest procurement of goods and services by internal or external persons	Breach of the Procurement Standing Orders; collusive tendering; falsifying quotations
Misconduct	Failure to act in accordance with the Code of Conduct, Council policies or management instructions	Undertaking additional work during contracted hours; inappropriate use of Council assets and equipment	Code of Conduct IT Security Policy
Poor Control	Weak local or corporate arrangements that result in the loss of Council assets or a breach of Council policy	Storing a key to a safe in the immediate vicinity of the safe