Audit Scotland has an important role in counter-fraud. Some of this is required by particular International Standards on Auditing while other counter-fraud activity is undertaken as part of our wider scope public audit as described in our Code of Audit Practice.

Under International Standards on Auditing, our responsibility is to assess the risk of material misstatement caused by fraud as part of the audit of the accounts. International Standards on Auditing do not place any requirements on external auditors to actively seek out and/or investigate fraud. We report on the adequacy of our audited bodies’ arrangements for preventing and detecting fraud or irregularities as part of our wider scope audit. We also report any instances of money laundering identified through our work to the National Crime Agency.

Management in our audited bodies are responsible for implementing effective systems of internal control to safeguard public assets and prevent, detect, and investigate any instances of fraud, irregularities, bribery or corruption. Our auditors are then responsible for reviewing those systems and arrangements.

Under our wider scope responsibilities in our Code of Audit Practice we report on instances of frauds identified by both audited bodies and auditors in an annual Fraud and Irregularity report. The aim is to help prevent similar circumstance happening in other bodies by sharing details and highlighting control weaknesses.

As part of our wider scope work, we also co-ordinate the National Fraud Initiative (NFI) data matching exercise. Participants submit data and computerised techniques compare information about individuals held by different public bodies to identify anomalies that might suggest the existence of fraud or error. This exercise enables audited bodies to take action to reduce fraud.

We also publish ad-hoc counter-fraud reports, for example, Covid-19 Emerging fraud risks.

Raising a concern about fraud and corruption

Fraud is referred to as the deliberate use of deception or dishonesty to disadvantage or cause loss (usually financial) - in simple terms, it's a crime in which some kind of deception is used for personal gain. As information systems increase in complexity and public finances tighten there is a risk that internal controls are compromised. This increases the risk of fraud, error and corruption. Losing public money through fraud has a knock-on effect on the services that public bodies can provide to individuals and communities, as well as affecting their reputation.

If you believe that there is fraudulent activity going on in a Scottish public body, you can find out how to tell us and share your information with us here, or you may wish to report your concerns directly to the police.

Responsibilities for counter-fraud

Audited bodies are responsible for establishing arrangements for the prevention and detection of fraud, error and irregularities, and bribery and corruption. Audited bodies are responsible for ensuring that their affairs are managed in accordance with proper standards of conduct by putting proper arrangements in place.

As auditors, we make judgements and report our conclusions on how public bodies have discharged those responsibilities in accordance with our Code of audit practice and assess the specific risk of material misstatement, whether caused by fraud or error, as part of the audit of the accounts in line with International Standard on Auditing. We also have an important role in raising awareness about fraud as well as in helping to prevent, investigate and report on fraud.

National Fraud Initiative

The National Fraud Initiative (NFI) in Scotland is a counter-fraud exercise led by Audit Scotland, and overseen by the Public Sector Fraud Authority for the UK as a whole. It uses computerised techniques to compare information about individuals held by different public bodies, and on different financial systems that might suggest the existence of fraud or error. It means that public bodies can take action if any fraud or error has taken place, and it allows auditors to assess fraud prevention arrangements that those bodies have.

The principles and practices that should be adopted by those taking part in NFI and other data matching exercises in Scotland are set out in our Code of Data Matching Practice. Key aspects of the Code include examples of how individuals should be informed that their personal information will be used for data matching, and how data will be submitted by bodies, and data matches provided to them, through a secure online system.

The main NFI exercise takes place every two years and culminates with a national report on outcomes and participation. There are also a number of pilot exercises involving new bodies and / or data sets and these are reported on separately.

National Fraud Initiative reports

The National Fraud Initiative in Scotland 2022

The National Fraud Initiative in Scotland 2022

Published in August 2022

The overall level of identified public sector fraud and error in Scotland has fallen slightly, according to the results of a national counter-fraud exercise.

Read the full report and other information
View the NFI Outcomes 2020/21 interactive report

Pilot exercises and previous national reports

National Fraud Initiative: Non-domestic rates - Small Business Bonus Scheme pilot

National Fraud Initiative: Non-domestic rates - Small Business Bonus Scheme pilot

A recent pilot used data matching techniques to match non-domestic rates Small Business Bonus Scheme (SBBS) relief data between Scottish councils. This was the second pilot exercise looking at SBBS relief. This pilot extends a previous pilot carried out in 2019/20 which looked at SBBS relief in seven councils.

The 2019/20 exercise identified 480 matches which resulted in £412,974 in incorrect SBBS awards being identified. This latest pilot exercise identified 17,578 matches which resulted in £2.15 million in incorrect SBBS relief being identified in 207 SBBS awards. Councils will now try to recover SBBS relief which was incorrectly awarded.

Given the success of this pilot, consideration is now being given as to how this data match can be repeated on a regular basis as part of the full NFI exercise.

 Download the pilot report - PDF 304Kb

National Fraud Initiative: National Entitlement Cards pilot

National Fraud Initiative: National Entitlement Cards pilot

A recent pilot used data matching techniques to help identify National Entitlement Cards (NECs) which are still in circulation for adults over 18 years of age who have died. This work focused on the use of NECs for free bus travel.

The pilot was undertaken as part of the development of the NFI. NEC data is not currently included as part of the NFI.

Audit Scotland worked with Fife Council, the National Entitlement Card Programme Office (NECPO) and Transport Scotland on this pilot.

Fife Council provided a total of 112,044 NEC records for matching against deceased person records. This resulted in 1,737 matches being cancelled as it was established that the customers had died. Thirteen matches showed cause for concern as the NECs appeared to have been used after the death of the cardholder. Two of these cards were used for journeys to the value of almost £2,300 for one, and £240 for the other. The value of the journeys for the other 11 cards varied from £3.10 to £69.00. Investigations are continuing into the individuals who used these cards.

Consideration is being given to expanding this data matching in our future NFI work.

 Download the pilot report - PDF 196Kb

The National Fraud Initiative in Scotland

Information on the 2022/23 exercise

Privacy noticeUpdated September 2022

This broader description forms part of the privacy notice for individuals whose information is submitted to Audit Scotland for the purpose of the National Fraud Initiative in Scotland.

 Privacy notice - PDF 202Kb

Participants in the National Fraud Initiative 2022/23 Published July 2022

This details the Scottish bodies participating in the 2022/23 exercise in Scotland.

 2022/23 participants in Scotland - PDF 180Kb

Instructions for participants 2022/23Published July 2022

The 2022/23 instructions include important guidance and instructions for participating bodies including data requirements, data specifications and the 2022/23 timetable. It will be regularly updated throughout the exercise.

 Instructions for participants - PDF 298Kb

Self-appraisal checklistPublished July 2022

This document contains a two-part checklist that we encourage all participating bodies to use to self-appraise their involvement in the NFI. Part A is designed to assist audit committee members and Part B is for officers involved in the NFI exercise.

Some suggestions for improving the efficiency and effectiveness of reviewing and investigating NFI matches are also included.

 National Fraud Initiative - Self-appraisal checklist  - PDF 210Kb

Data specifications

The data set specifications for the National Fraud Initiative (NFI) 2022/23 national exercise and NFI council tax single person discount 2022/23 exercise have been set by the Cabinet Office and are as follows:

Changes for 2022/23 exercise

The NFI team in the Cabinet Office review data specifications before each exercise. Although changes have been kept to a minimum, some are necessary to improve the matching process and the quality of matches.

Download Changes for 2022/23 exercise - PDF 65Kb

Electoral Register data specification

The Electoral Register data should be the 'full version' of the Electoral Register (not the commercially available 'edited version') and should be extracted and submitted after the Register is formally published.

 Electoral Register data specification - PDF 282Kb

Trade creditors data specification

Trade creditors standing data should be a snapshot of trade creditors current at the date of extraction, exclude dormant or suspended creditors and cover the period given in the data specification.

 Trade creditors standing data specification - PDF 228Kb
 Trade creditors payment history data specification - PDF 225Kb

Council Tax data specification

The data should only be current/live accounts and relate to all council tax accounts, whether or not there is a discount or exemption (i.e. it should cover every domestic property where council tax applies).

 Council Tax data specification  - PDF 325Kb

Transport passes and permits data specification

This specification includes details of the data required for Blue Badges.

 Transport passes and permits data specification - PDF 196Kb

Pensions data specification

Data should be uploaded in 3 separate files. Please note any pensions currently in payment should be included in the 'current pensioners' file.

 Pensions data specification - PDF 286Kb

Payroll data specification

Payroll data should be provided in accordance with this data specification.

 Payroll data specification - PDF248Kb

Council Tax Reduction Scheme data specification

Data should be provided in accordance with the Council Tax Reduction scheme data specification.

 Council Tax Reduction Scheme data specification- PDF 247Kb

Licenses data specification

This specification includes licenses for taxi drivers.

 Licenses data specification- PDF 236Kb

NHS Patient Exemptions (Scotland only pilot) data specification


 NHS Patient Exemptions (Scotland only pilot) data specification - PDF 217Kb

Housing waiting list data specification

Housing waiting list data should be provided in accordance with this data specification.

 Housing waiting list data specification - PDF 445Kb

Housing tenants data specification

The housing data that should be uploaded includes current named tenants.

 Housing tenants data specification - PDF 338Kb

Non domestic rates (Scotland only pilot) data specification

This data specification is in respect of a pilot for Scottish local authorities in respect to non-domestic rates relief.

 Non domestic rates (Scotland only pilot) data specification - PDF 87Kb


Business rates data specification

Business rates data should be provided in accordance with this data specification.

Business rates data specification - PDF 87Kb


Code of data matching practice

This Code of data matching practice was issued on 28 September 2018 under Section 26F of the Public Finance and Accountability (Scotland) Act 2000 (as amended).

Code of data matching practice 2018 - PDF 199Kb
 Code of data matching practice 2018 (text only) - RTF 239Kb

National Fraud Initiative contact details

The NFI in Scotland is overseen by Audit Scotland. Our phone number for all NFI enquiries is: 0131 625 1500.

Information about the UK NFI exercise can be found on the Cabinet Office’s website at

Bodies participating in NFI in Scotland should note that they can update their contact details via the 2016/17 NFI secure website or by sending an email to

Our other Counter-fraud activity

Included in this section is the latest annual report on fraud and irregularity along with a number of one off reports relating to fraud and fraud prevention

Fraud and irregularity report

Fraud and irregularity report 2022/23

A summary of the cases of fraud and other irregularities at public bodies reported by external auditors for the financial year 2022/23.

 Download fraud and irregularity report - PDF 837Kb

Covid-19 - Emerging fraud risks

Covid-19 - Emerging fraud risks

The Covid-19 pandemic has brought significant challenges across the Scottish public sector as bodies seek to deliver services for individuals, communities and businesses in an extremely difficult time.

 Download the document on emerging fraud risks - PDF 546Kb

Red flags in procurement

Procurement in the public sector - how red flags can help us to stop and consider fraud

Audit Scotland and Police Scotland have developed a document that highlights some red flags in procurement activity and the controls that can help to prevent fraud. Read more in Angela Canning's blog.

 Download the document on red flags in procurement - 2.6MB

Safeguarding public money

Safeguarding public money: are you getting it right?

The Accounts Commission has produced this report as part of its 'How councils work' series for councillors. It includes checklists to help them make sure their councils’ money is being safeguarded.

 Download the report on safeguarding public money - PDF 2.1Mb

Dundee City Council report

Dundee City Council: Report on significant fraud

Our report on the 2016/17 audit of Dundee City Council found that a £1 million fraud perpetrated at Dundee City Council from 2009-2016 was the result of failures in fundamental controls within the council’s financial systems.

 Download the 2016/17 audit of Dundee City Council report - PDF 390Kb

Other bodies

Scottish Government

We work closely with the Scottish Government to share counter-fraud intelligence and promote opportunities for joint working across all sectors in Scotland.

In 2015, the Scottish Government published, Protecting public resources in Scotland setting out a strategic approach to fighting fraud and error across the public sector in Scotland.

The Scottish Government's Counter-Fraud Maturity Model provides guidance on how mature your counter-fraud controls are.

Working with NHS Scotland Counter-Fraud Services

We work with NHS Scotland Counter-Fraud Services (CFS) in the deterrence, prevention and detection of fraud and other irregularities in NHS Scotland and other public bodies where CFS provides counter-fraud services. The memorandum of understanding below outlines how we work together.

 NHS Scotland Counter-Fraud Services - Memorandum of understanding - PDF 182Kb

Police Scotland

The Police Scotland website includes information about different types of fraud, advice on how to avoid becoming a victim and contact details for reporting a fraud to the police.

The Public Sector Fraud Authority (PSFA)

The Public Sector Fraud Authority which is part of the Cabinet Office was launched in August 2022. It is the UK Government’s Centre of Expertise for the management of fraud against the public sector. We work with the PSFA in respect to the National Fraud Initiative and other wider counter-fraud initiatives.