Counter-fraud
Audit Scotland has an important role in counter-fraud. Some of this is required by particular International Standards on Auditing while other counter-fraud activity is undertaken as part of our wider scope public audit as described in our Code of Audit Practice.
Under International Standards on Auditing, our responsibility is to assess the risk of material misstatement caused by fraud as part of the audit of the accounts. International Standards on Auditing do not place any requirements on external auditors to actively seek out and/or investigate fraud. We report on the adequacy of our audited bodies’ arrangements for preventing and detecting fraud or irregularities as part of our wider scope audit. We also report any instances of money laundering identified through our work to the National Crime Agency.
Management in our audited bodies are responsible for implementing effective systems of internal control to safeguard public assets and prevent, detect, and investigate any instances of fraud, irregularities, bribery or corruption. Our auditors are then responsible for reviewing those systems and arrangements.
Under our wider scope responsibilities in our Code of Audit Practice we report on instances of frauds identified by both audited bodies and auditors. The aim is to help prevent similar circumstance happening in other bodies by sharing details and highlighting control weaknesses.
As part of our wider scope work, we also co-ordinate the National Fraud Initiative (NFI) data matching exercise. Participants submit data and computerised techniques compare information about individuals held by different public bodies to identify anomalies that might suggest the existence of fraud or error. This exercise enables audited bodies to take action to reduce fraud.
We also publish ad-hoc counter-fraud reports, for example, Covid-19 Emerging fraud risks.
What's on this page
Raising a concern about fraud and corruption
Fraud is referred to as the deliberate use of deception or dishonesty to disadvantage or cause loss (usually financial) - in simple terms, it's a crime in which some kind of deception is used for personal gain. As information systems increase in complexity and public finances tighten there is a risk that internal controls are compromised. This increases the risk of fraud, error and corruption. Losing public money through fraud has a knock-on effect on the services that public bodies can provide to individuals and communities, as well as affecting their reputation.
If you believe that there is fraudulent activity going on in a Scottish public body, you can find out how to tell us and share your information with us here, or you may wish to report your concerns directly to the police.
Responsibilities for counter-fraud
Audited bodies are responsible for establishing arrangements for the prevention and detection of fraud, error and irregularities, and bribery and corruption. Audited bodies are responsible for ensuring that their affairs are managed in accordance with proper standards of conduct by putting proper arrangements in place.
As auditors, we make judgements and report our conclusions on how public bodies have discharged those responsibilities in accordance with our Code of audit practice and assess the specific risk of material misstatement, whether caused by fraud or error, as part of the audit of the accounts in line with International Standard on Auditing. We also have an important role in raising awareness about fraud as well as in helping to prevent, investigate and report on fraud.
National Fraud Initiative
The National Fraud Initiative (NFI) in Scotland is a counter-fraud exercise led by Audit Scotland, and overseen by the Public Sector Fraud Authority for the UK as a whole. It uses computerised techniques to compare information about individuals held by different public bodies, and on different financial systems that might suggest the existence of fraud or error. It means that public bodies can take action if any fraud or error has taken place, and it allows auditors to assess fraud prevention arrangements that those bodies have.
The principles and practices that should be adopted by those taking part in NFI and other data matching exercises in Scotland are set out in our Code of Data Matching Practice. Key aspects of the Code include examples of how individuals should be informed that their personal information will be used for data matching, and how data will be submitted by bodies, and data matches provided to them, through a secure online system.
The main NFI exercise takes place every two years and culminates with a national report on outcomes and participation. There are also a number of pilot exercises involving new bodies and / or data sets and these are reported on separately.
National Fraud Initiative reports
The National Fraud Initiative in Scotland 2024
Published in August 2024
A data matching exercise detected £21.5 million worth of fraud and payment errors across the Scottish public sector.
The National Fraud Initiative (NFI) helps detect and prevent fraud and error by matching data sets across public bodies. Savings are identified, for example, by checking eligibility for council tax discounts against the electoral register. The initiative runs every two years.
Information on the 2024/25 exercise
Self-appraisal checklist
This document contains a two-part checklist that we encourage all participating bodies to use to self-appraise their involvement in the NFI. Part A is designed to assist audit committee members and Part B is for officers involved in the NFI exercise.
Some suggestions for improving the efficiency and effectiveness of reviewing and investigating NFI matches are also included.
National Fraud Initiative - Self-appraisal checklist - PDF 210Kb
Instructions for participants 2024/25
The 2024/25 instructions include important guidance and instructions for participating bodies including data requirements, data specifications and the 2024/25 timetable. It will be regularly updated throughout the exercise.
Instructions for participants - PDF 261Kb
Privacy notice
This broader description forms part of the privacy notice for individuals whose information is submitted to Audit Scotland for the purpose of the National Fraud Initiative in Scotland.
Participants in the National Fraud Initiative 2024
This details the Scottish bodies participating in the 2024 exercise in Scotland.
2024 participants in Scotland - PDF 234Kb
Data specifications
The data set specifications for the National Fraud Initiative (NFI) 2024/25 national exercise and NFI council tax single person discount 2024/25 exercise have been set by the Cabinet Office and are as follows:
Changes for 2024/25 exercise
The NFI team in the Cabinet Office review data specifications before each exercise. Although changes have been kept to a minimum, some are necessary to improve the matching process and the quality of matches.
Changes for the 2024 to 2025 exercise
Payroll data specification
Payroll data should be provided in accordance with this data specification.
Trade creditors standing data and payments history datasets
Trade creditor’s payments history data should cover at least the last three financial years, 1 October 2021 to 30 September 2024 (or to the date of extract). Where there has been a recent change in your creditors system then, as a minimum, payments history data from 1 April 2024 to date of extract can be accepted.
Trade creditors data specifications
Pensions data specification
Data should be uploaded in 3 separate files. Please note any pensions currently in payment should be included in the 'current pensioners' file.
Electoral Register data specification
The Electoral Register data should be the 'full version' of the Electoral Register (not the commercially available 'edited version') and should be extracted and submitted after the Register is formally published.
Electoral Register data specification
Council Tax Single Person Discounts
The data should only be current/live accounts and relate to all council tax accounts, whether or not there is a discount or exemption (i.e. it should cover every domestic property where council tax applies).
Council Tax data specification
Council Tax Reduction Scheme data specification
Data should be provided in accordance with the Council Tax Reduction scheme data specification.
Council Tax Reduction Scheme data specification
Transport passes and permits data specification
This specification includes details of the data required for Blue Badges.
Transport passes and permits data specification
Housing tenants data specification
The housing data that should be uploaded includes current named tenants.
Housing tenants data specification
Housing waiting list data specification
Housing waiting list data should be provided in accordance with this data specification.
Housing waiting list data specification
Licenses data specification
This specification includes licenses for taxi drivers.
Personal budgets and social care payments data specification
ersonal budgets and social care payments data specification
Code of data matching practice
This Code of data matching practice was issued on 28 September 2018 under Section 26F of the Public Finance and Accountability (Scotland) Act 2000 (as amended).
Code of data matching practice 2018 - PDF 199Kb
Code of data matching practice 2018 (text only) - RTF 239Kb
Previous national reports and pilot exercises
The National Fraud Initiative in Scotland
Pilot exercises
National Fraud Initiative contact details
The NFI in Scotland is overseen by Audit Scotland. Our phone number for all NFI enquiries is: 0131 625 1500.
Information about the UK NFI exercise can be found on the Cabinet Office’s website at www.gov.uk/government/collections/national-fraud-initiative.
Bodies participating in NFI in Scotland should note that they can update their contact details via the 2016/17 NFI secure website or by sending an email to nfiqueries@cabinetoffice.gov.uk.
Our other Counter-fraud activity
Included in this section are one off reports relating to fraud and fraud prevention.
Fraud and irregularity
Instead of publishing an annual fraud and irregularity report, from 2023/24, we will share information where control weaknesses have contributed to fraud and irregularity on a quarterly basis in our Technical Bulletins.
Covid-19 - Emerging fraud risks
The Covid-19 pandemic has brought significant challenges across the Scottish public sector as bodies seek to deliver services for individuals, communities and businesses in an extremely difficult time.
Procurement in the public sector - how red flags can help us to stop and consider fraud
Audit Scotland and Police Scotland have developed a document that highlights some red flags in procurement activity and the controls that can help to prevent fraud. Read more in Angela Canning's blog.
Safeguarding public money: are you getting it right?
The Accounts Commission has produced this report as part of its 'How councils work' series for councillors. It includes checklists to help them make sure their councils’ money is being safeguarded.
Download the report on safeguarding public money - PDF 2.1Mb
Dundee City Council: Report on significant fraud
Our report on the 2016/17 audit of Dundee City Council found that a £1 million fraud perpetrated at Dundee City Council from 2009-2016 was the result of failures in fundamental controls within the council’s financial systems.
Download the 2016/17 audit of Dundee City Council report - PDF 390Kb
Other bodies
Scottish Government
We work closely with the Scottish Government to share counter-fraud intelligence and promote opportunities for joint working across all sectors in Scotland.
In 2015, the Scottish Government published, Protecting public resources in Scotland setting out a strategic approach to fighting fraud and error across the public sector in Scotland.
The Scottish Government's Counter-Fraud Maturity Model provides guidance on how mature your counter-fraud controls are.
Working with NHS Scotland Counter-Fraud Services
We work with NHS Scotland Counter-Fraud Services (CFS) in the deterrence, prevention and detection of fraud and other irregularities in NHS Scotland and other public bodies where CFS provides counter-fraud services. The memorandum of understanding below outlines how we work together.
NHS Scotland Counter-Fraud Services - Memorandum of understanding - PDF 182Kb
Police Scotland
The Police Scotland website includes information about different types of fraud, advice on how to avoid becoming a victim and contact details for reporting a fraud to the police.
