This site is intended for health professionals only

Stamping out fraud

17 January 2012

Share this article

Anne Ward Platt

Management Consultancy Director

Deputy Chair, Northumberland, Tyne and Wear NHS Foundation Trust

Anne specialises in the healthcare sector and writes on health and management issues. An experienced conciliator, she is the author of Conciliation in Healthcare: managing and resolving complaints and conflict. Anne has served as an audit committee chair in her role as a non-executive director in the NHS

While economists consider the salient features of a double-dip recession and politicians debate what to do about it, some aspects of life in the UK today are incontrovertible. Corporate belt-tightening is here to stay for the foreseeable future, and reducing wasteful and unnecessary expenditure is a national priority.

Unfortunately, running alongside the economic downturn is a rise in certain types of crime, including fraud. Pay freezes, job insecurity and fear of falling living standards can provide sufficient motivation for some people to commit fraud. Since investment in audit and internal governance procedures is often reduced as part of cost-cutting initiatives, it is not difficult to see how organisational weaknesses can be exploited. This applies as much to the NHS and other public-sector bodies as it does to private-sector businesses.

Last year it was estimated that the scale of fraud against the public sector amounted to around £25bn annually (£18bn of this relates to tax fraud and £7bn to public expenditure fraud).(1) In the NHS alone, it is estimated that £263m is lost each year, which could otherwise be used to the benefit of patient care.(1) Clearly, fraud is not a victimless crime. It affects us all and ultimately we all pay for it.

What exactly is fraud? 

  • It is a crime.
  • It involves intentional/deliberate deception.
  • It is committed for personal advantage and/or material gain.
  • It results in damage or loss to individuals or organisations.

Fraud can be perpetrated by individuals from outside as well as within the health service, including those in positions of particular responsibility and trust. While the vast majority of staff are honest, successful prosecutions have been brought against chief executives and finance directors, as well as medical and nursing staff. In general practice, principals/partners and practice managers have been among those found guilty of fraudulent activity.

So how do you ‘fraud-proof’ your practice?

  • Encourage an anti-fraud culture where dishonest behaviour is regarded as unacceptable.
  • Provide regular training for staff using case studies and scenarios.
  • Create an environment in which staff have the confidence to report any suspicions or concerns.
  • Ensure you have clear policies and procedures in place and are compliant with the guidance in the Quality and Outcomes Framework (QOF) management indicator number 8 (see Box 1).
  • Minimise the risk of fraud by regularly reviewing the measures in place to prevent it, to detect it if it occurs and to investigate it promptly.
  • Recognise that the possibility of fraud occurring cannot be wholly eliminated, but its likelihood, and the severity of the impact if it does occur, can be significantly reduced.
  • Highlight the role of the counter-fraud services provided at both a national and local level, including their hotline numbers (see Resources).


You can protect your practice from fraud by identifying and managing the fraud risks that relate to key aspects of practice activity. Reviewing these on a regular basis should be an integral part of your risk management processes. Do you feel that you currently have procedures in place to manage the following common fraud risks effectively?

  • False claims relating to working hours, travel expenses or sickness and absence records.
  • Fictitious information on job applications, including false qualifications and references.
  • Forged invoices relating to goods or services.
  • Any unauthorised use of the practice’s resources or equipment.
  • Fraudulent details provided to:
    – Register with the practice.
    – Acquire prescription drugs (see Case Study 1 in Box 2).
    – Claim exemption from statutory charges.
    – Access other NHS services to which there is no entitlement.


Regular training for staff should help enforce the standards and procedures essential to the day-to-day activities that may be open to abuse, including: expenses/salary claims; time keeping and sickness/absence records; forms relating to the ordering of any goods or resources; and payment of invoices.

Clearly, any document with a financial implication for the practice should be completed meticulously in accordance with the practice’s guidance. But the existence of procedures alone is not sufficient. They must be properly implemented and appropriate checks made to ensure compliance by staff at all levels, irrespective of seniority. Case Study 3 in Box 2 illustrates the risks practices are exposed to when a member of staff is regarded as being ‘exempt’ from following required processes or is able to evade detection by a less-than-rigorous approach to auditing.

The Serious Fraud Office highlights the importance of recognising certain types of behaviour, or certain situations, which may put an organisation at increased risk of fraud.(2) These ‘red flags’ should alert you to the possibility that there may be a problem, particularly if several of them are apparent together. They include:

  • Noticeable changes in someone’s behaviour or lifestyle, which is not consistent with their known income level.
  • Known or suspected debts or financial losses incurred by an employee.
  • Suspected addictions to drugs, alcohol or gambling.
  • Financial irregularities identified through internal checks or routine audit that cannot be adequately explained.

Behaviours that may also be suspect, especially when combined with other causes for concern, include the following:

  • Over-protective attitude or unwillingness to delegate or share responsibility in relation to certain work activities.
  • Consistently arriving early at work and leaving late, so as to have time to work alone.
  • A reluctance to take holidays or sick leave that would enable scrutiny of work practices by a deputy.

Security management
Ensuring the security of the practice premises and related assets will already be one of your main priorities. But staff also need to be aware of the importance of IT security – not only to protect the confidentiality of staff and patient data, but also to reduce the possibility that such information could be used fraudulently. Information security is a key risk area, requiring robust management.(3)

Be aware, too, that fraudsters can be ingenious and plausible. A recent scam aimed at general practices involved the promotion of bogus ‘guidance’ costing several hundred pounds to support Care Quality Commission (CQC) registration. Warnings have been issued to prevent practices from being exploited by any other scams relating to CQC compliance.

Bribery Act 2010
As well as raising awareness in relation to potential fraud in your practice, staff should also be aware of the implications arising from the Bribery Act 2010, which came into force on 1 July 2011.(4) This is intended to prevent corrupt behaviour where someone is influenced by a monetary bribe or other kind of benefit to the advantage of another person or organisation.

You will need to ensure you have adequate procedures in place to prevent bribery, since the act introduces new offences relating to both individuals and organisations. As well as familiarising yourself with the guidance accompanying the act, you will find it helpful if you:

  • Analyse the areas of practice activity where bribery could present a particular risk; for example, in relation to contractors providing goods or services.
  • Review and amend, where necessary, existing policies and procedures to include references to the practice’s position on bribery; for example, employment and workforce policies.
  • Use staff training to raise awareness of the act, and to emphasise that personal responsibility includes a duty to report any instances of bribery.

Headline news is made by serious frauds often involving many thousands of pounds, but the costs of seemingly ‘low level’ frauds can mount up if individuals regularly believe they are entitled to inflate the number of hours worked or number of miles travelled.

It is only a small minority who engage in fraudulent or corrupt behaviour, but their actions divert precious resources from an already stretched healthcare sector. By encouraging fraud awareness in your practice you can help to ensure that NHS funds benefit the honest majority and that opportunities for fraudsters are significantly diminished.


  1. National Fraud Authority. A fresh approach to combating fraud in the public sector: The Report of the Smarter Government Public Sector Fraud Taskforce. London: NFA; 2010.
  2. Serious Fraud Office. Fraud in your organisation. Available from:
  3. Ward Platt A. Strictly confidential. Management in Practice 2011;25:71-4.
  4. HM Government. Bribery Act 2010. Crown copyright 2010.
  5. NHS Counter Fraud service. Guidance to GP practices on GP patient registration fraud. Available from:


NHS Protect
Leads on the provision of counter-fraud services for the NHS in England and Wales and security management services
in England:

NHS Fraud and Corruption Reporting Line: 08000 28 40 60

Deterrence and Engagement Unit: 020 7895 4500

Online fraud reporting form available at:

NHS Scotland Counter Fraud Services
Online fraud reporting at:

Fraud hotline for NHS Scotland: 08000 15 16 28

All information is treated confidentially by the above organisations, and may be given anonymously.