Public Authorities (Fraud, Error and Recovery) Bill (Third sitting)
Debate between Georgia Gould and Rebecca SmithThursday 27th February 2025
(2 days, 20 hours ago)
Public Bill CommitteesRead Full debate Public Authorities (Fraud, Error and Recovery) Bill 2024-26 View all Public Authorities (Fraud, Error and Recovery) Bill 2024-26 Debates Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: Public Bill Committee Amendments as at 27 February 2025 - (27 Feb 2025)
Georgia Gould
I welcome those probing amendments, because they give me an opportunity to provide some clarity and reassurance on those important points. I will respond to them in a second, but on the question of safeguards, as I said in my introduction, we have thought very deeply about them and we are really mindful of the responsibility of these powers, so a broad range of safeguards has been built into both sides of the Bill.
On the PSFA measures, all the use of powers will be overseen by a separate team that will be accountable to an independent chair who will transparently report their findings annually to Parliament. The use of the wider powers will be overseen and reviewed by His Majesty’s inspectorate of constabulary and fire and rescue services, which has a lot of experience in this. There are various routes of appeal and review built into the powers, as well as times when applications to court are needed, and we will deal with those in some depth as we go through the clauses. Oversight is absolutely critical, and that is why we have put such a robust oversight system in place.
On clause 3, currently any information needed from first parties or connected third parties can be asked for only if they refuse to provide it, and there is no way for the PSFA to compel the information to be produced without having to go through the civil court. The clause enables authorised officers in the PSFA to compel information to be produced that is not excluded, where it is necessary, proportionate and in line with the data protection legislation, from individuals and businesses as part of a civil fraud investigation. As we discussed on Tuesday, those authorised officers will all be highly trained and subject to professional standards and a code of conduct.
In particular, clause 3 extends the Minister’s powers to include taking copies of information and requiring the individuals to provide information in a specified form. The power includes imposing duties on an individual to retain information that they already hold for longer than they would normally be required to. For example, that might apply where the PSFA requests contractual notes as part of an investigation that a person may retain for only three years. Where the request is made just before the end of that period, the information notice would also explain that any failure to supply the specified information might result in a civil penalty being imposed.
The clause details the requirements of the information notice, including the format, the timeline for compliance and the location for submission. A similar approach is used by HMRC. In practice, authorised officers would engage, where possible, on a voluntary basis before issuing an information notice. The clause also ensures that there are restrictions on the information notice from demanding “excluded material” or “special procedure material”, as defined under the Police and Criminal Evidence Act.
I will turn to the amendments, and as I said, I am very grateful for the opportunity to explain how this clause works, which I hope will provide some reassurance. Clause 3(1)(a) and (b) set out a test for issuing an information notice. An authorised officer will have the power to compel information only when it is necessary and proportionate to do so, and only when the information being requested relates to a person whom the authorised officer has reasonable grounds to suspect has committed fraud. On that basis, PSFA authorised officers will request the information only when there are reasonable grounds to do so.
The question that amendment 10 raises is, “What is meant by ‘reasonable grounds’?” It must be objectively reasonable for them to suspect fraud, given the information available to them. An authorised officer must genuinely suspect that the fraud has been carried out by the individual, and that belief will be based on facts, information and/or intelligence. Reasonable grounds cannot be supported on the basis of personal factors such as those listed in the amendment, or a hunch. It is critical to set out that authorised officers will be using those facts and will be bound by the public sector equality duty and the Equality Act.
The reasonable grounds test is a standard, widely accepted test used by various organisations, including the DWP, the Serious Fraud Office and the police. Further to that, to ensure that the reasonableness test is applied properly in practice, the PSFA will have built in place safeguards. For example, authorised officers must consider all the facts of a case known to them at that time when they decide what is reasonable. Authorised officers must ensure that each decision made relating to the use of the powers is documented and available for checking. Management checks will ensure that those procedures are followed correctly. Information holders can also request a review of a decision to issue an information notice if they feel that there were no reasonable grounds.
As I said, there will also be independent oversight of the use of powers by an independent body such as HMICFRS or the new independent chair. I am setting out this detail on the record now, but we will also be transparent about this for those who do not leaf through Hansard. The code of practice envisioned by this legislation for the PSFA elements of the Bill relates to civil penalties. As civil penalties are the mechanism for ensuring compliance with the information gathering powers, we will also set out in the code of practice, and in further published guidance if necessary, how the information gathering powers will be used in practice, as I am doing today. We will also fulfil the commitment that we made on Tuesday to talk about what will be in the codes of practice as we reach the relevant parts of the Bill.
Let me turn to the period of compliance. Our approach in the Bill accommodates the variation in size and type of fraud investigations that the PSFA is likely to take on. As such, the Bill allows information providers a minimum, critically, of 10 working days to comply. However, in practice, the information notices will be tailored on a case-by-case basis, with each being judged on its merits and with the time period applied appropriately. Similar approaches are used in HMRC. That, in turn, protects the information holder from being asked to produce information in an unreasonable timescale.
On Tuesday, we heard from John Smart, who said:
“Some of the smaller organisations might struggle to meet that 10-day requirement”.
That is why we will be tailoring the requirement. But, he also said,
“I still think it is a reasonable starting point. If you do not start with a reasonable starting point, for the larger organisations you end up deferring decision making and action being taken. I think 10 days is reasonable.”––[Official Report, Public Authorities (Fraud, Error and Recovery) Public Bill Committee, 25 February 2025; c. 46, Q81.]
As I said before, that is the minimum.
Again, we will set out the commitment to tailoring to ensure that we are proportionate and reflect the different types of organisations and individuals who might be asked for information in the code of practice or published guidance. Alongside the time period for compliance, an information provider will have the opportunity to request a review, which would include the ability to vary the time period for compliance if it was considered that a longer timeframe was needed. The current drafting outlines a five-layered process for information holders to request a review of an information notice that they have received. I can go through that detail if Committee members want me to, but I hope that that provides some reassurance on hon. Members’ points.
Rebecca Smith (South West Devon) (Con)
I thank the Minister for those points, but I seek a bit more clarification. There are references to “the Minister” in clause 3, and I want to be clear about this, because we talked a lot about the code of practice during the evidence session on Tuesday. Is the Minister saying that the code of practice will have reference to the authorised officers? So, for Hansard, where clause 3 refers to “the Minister”, it is actually more likely, through the code of practice, to be referring to the day-to-day operation of those investigators. The Minister also mentioned that the definition of reasonableness is as per other departmental records and is widely available. Just to clarify, will that also be in the code of practice so that it is easily accessible for anybody in the public to look at what that might include? I seek more clarification on those two points.
Georgia Gould
Yes, the code of practice will be much more operational guidance that will be targeted at the authorised officers and their day-to-day operational practice. It will include the information that I have set out.
Public Authorities (Fraud, Error and Recovery) Bill (First sitting)
Debate between Georgia Gould and Rebecca SmithTuesday 25th February 2025
(4 days, 20 hours ago)
Public Bill CommitteesRead Full debate Public Authorities (Fraud, Error and Recovery) Bill 2024-26 View all Public Authorities (Fraud, Error and Recovery) Bill 2024-26 Debates Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: Public Bill Committee Amendments as at 25 February 2025 - (25 Feb 2025)
Andrew Western
Q
Dr Kassem: Personally, I would recommend a board rather than an individual, because how sustainable could that be, and who is going to audit the individual? You want an unbiased point of view. That happens when you have independent experts discussing the matter and sharing their points of view. You do not want that to be dictated by an individual, who might also take longer to look at the process. The operation is going to be slower. We do not want that from a governance perspective—if you want to oversee things in an effective way, a board would be a much better idea.
Professor Button: The only thing I would add on the DWP is that it is likely to be much more resource-intensive. There are likely to be a lot more cases. Having an appropriate capacity is important for that.
Professor Levi: I agree with that. Historically, in relation to asset forfeiture, say, the problem has been one of excessive caution rather than too much activity. A lot of legal challenges remain. I was on the Cabinet Office Committee that set that up, and there can be too much governance of that, so there is a tension between having a lot of governance in place and saying, “Look, can we get on with it?”
Rebecca Smith
Q
Professor Button: It is important to tackle those areas. I am not sure whether it is something that needs to go in the Bill. I think it is more an issue of giving the body the capacity to go after those types of individuals and to work with other relevant policing agencies— I suspect that that would need to be the case—to deal with it, rather than saying such things in law. We have the Online Safety Act 2023, which covers a lot of areas. Is that useful enough? Are the Fraud Act 2006 and the historical offence of conspiracy to engage in fraud appropriate, or do we need to create a new, specific offence of, say, promoting social security fraud online? I would not like to comment on that; it is probably something that needs more thought. The key thing is more enforcement, and disrupting forums where that kind of discussion is taking place.
Professor Levi: There is also the issue of signalling to people where the boundaries lie. This is an issue not so much for the Bill, but for enforcement practice across the board. We need some condign activities that communicate to people via social media, as well as in the old media that we may read, what is acceptable, and what is and is not legal. The National Crime Agency has been pretty good about that in the cyber-crime area, in trying to educate people and to divert them away from crime. There are some good lessons across that. It is also a question of resource and how many such things people can deal with.
Georgia Gould
Q
Professor Levi: The Americans used to be better at this than may have been the case in the past few weeks. The General Accounting Office and some of the inspectorates general in the US have been pretty active, but the US still had a huge amount of covid-19 fraud. Australia is getting better. Clearly, the head of the Public Sector Fraud Authority is part of this group of people trying to improve things, but I would say we are starting at a pretty modest level, in terms of numbers of people. In terms of the DWP, it is a struggle for everyone. We have to look at it in relation to general welfare. I remember going to a meeting and talking to some French delegates who said to me that it was about—
Rebecca Smith
Q
Helena Wood: Absolutely; the point was well made in previous evidence that the police simply do not have the resources to look at fraud against consumers, never mind to support DWP, so I think it is entirely necessary to extend those powers of search and seizure to DWP as well. Again, I keep coming back to the broader context: there are other powers. We should not assume that this Bill is the sole answer. It has taken a very civil lens, quite necessarily, on what is a huge-volume crime, which cannot be dealt with simply through a criminal justice response alone. We have to save that criminal justice response for use in a surgical way, for the really high-end cases, particularly in an organised crime sense. We should not be seeing it as an either/or.
What I would not like to see from this is the replacement of the necessary deterrent of a criminal investigation and prosecution with pure use of civil measures. We need to use that full suite of powers beyond this Bill, including those in existing legislation, such as the Proceeds of Crime Act 2002, and standard issue fraud criminal prosecutions. Something that I would like to see from the independent oversight is that we do not lose that criminal thread. We have to keep prosecuting where necessary, and providing that necessary deterrent through all the available means, not just the ones available in this Bill.
Georgia Gould
Q
Helena Wood: This is a really necessary approach. However, I would caution that we are holding off from establishing the PSFA as a statutory body for now, and I completely understand the reasons for that: we are in a very tight fiscal environment, the cost of setting up a new agency is substantial, and we need to test the competence of the PSFA in doing so. However, I think in due course we need a more fixed timeline to move the PSFA off into a statutory body, to at least remove any perception—if not actual political interference—in investigations. That is really important—we need a stronger timetable. I know that will happen when the time is right, but I would like to see a stronger timetable towards it. I think there will be at least a perceived risk of Executive overreach if the PSFA does not move in that direction more quickly.
Rebecca Smith
Q
Alex Rothwell: If we take the view that fraud has already happened—I have spoken about prevention, but once a fraud has happened and we have discovered it—there are increasingly limited opportunities to pursue criminal investigations. Although we maintain a strong investigative capability that deals with more serious types of criminality, we know about the challenges in the criminal justice system—the disclosure burden is high, it is incredibly expensive to run criminal investigations, and often they take eight years or longer to reach fruition—so we are increasingly looking at how else we can deal with fraud when it is presented to us.
In many ways, it is the low-value, high-volume cases that we see that are more challenging, where we are perhaps seeking to recover funds from someone who has taken £5,000, as I mentioned earlier. This is where I have the most interest in the Bill, because I think we would seek to use those powers extensively, and of course every penny that we recover is money that will be well spent in the NHS. I do not necessarily see any gaps in this particular legislation. There are elements of the work that we do in the national health service where we would benefit from some more powers, but the focus here is obviously on the Bill, rather than on our own ability. A lot of that would apply to how we access medical records, for example.
Georgia Gould
Q
Alex Rothwell: If we look across other international jurisdictions, we see that law enforcement agencies often have quite distinctive public sector fraud or crime functions—for example, the FBI has an extensive healthcare fraud capacity. The way policing has evolved over the last 20 or 30 years, particularly with an emphasis on drug supply, knife crime and firearms, has meant there is little capacity in policing to tackle public sector fraud, and of course there is an ever-present terrorism threat, which is changing rapidly. There is also safeguarding, with the National Crime Agency having quoted publicly the figures in terms of people who are a risk to children, for example.
One of the challenges is that even if you invest more in fraud capability, when a crisis happens, whether that is because of public order or some other form of crisis, policing has to flex more than other investigations. Inevitably, crimes like fraud are perhaps easier to put on hold for a time. Certainly since 2018 we have seen a gradual professionalisation and an increasing capability in the public sector, which I endorse. We could invest more in the police, but my concern is that there will continue to be crises that affect policing that will impact the ability of policing to support the public sector in the way that is required.
Kristin Jones: I agree with everything that Alex just said. The same applies to prosecution: if you have specialist prosecutors, where the resource is ringfenced, they do not get dragged away, but if you have them in with other prosecutors, it depends on what the pressure is at any particular time as to what resource is going to be given to fraud prosecutions.
Public Authorities (Fraud, Error and Recovery) Bill (Second sitting)
Debate between Georgia Gould and Rebecca SmithTuesday 25th February 2025
(4 days, 20 hours ago)
Public Bill CommitteesRead Full debate Public Authorities (Fraud, Error and Recovery) Bill 2024-26 View all Public Authorities (Fraud, Error and Recovery) Bill 2024-26 Debates Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: Public Bill Committee Amendments as at 25 February 2025 - (25 Feb 2025)
Rebecca Smith
Q
John Smart: An obvious example is the United States; there is an interesting case in point at the moment, which I have dealt with quite a lot. The US has whistleblower reward legislation in place, which is very effective at flushing out issues affecting payments made by Government. Their qui tam legislation, as it is called, flushes out frauds by incentivising whistleblowers to blow the whistle. It creates a lot of work for various organisations, but it encourages people to think about whether fraud is being committed against the Government in the US. That is an obvious piece of legislation that might be worth considering in this country.
Georgia Gould
Q
John Smart: That is a big question. I have been involved with the Cabinet Office for over 12 years, so the inception of the PSFA came about while I was working there. In the 18 months since it was formed, the PSFA has gone a long way to reach a better understanding of where the issues sit across Government. Clearly, it plays best outside the DWP and HMRC. My passion has been identifying where fraud is taking place, which I have worked on for the past 10 years, and trying to quantify the fraud occurring within Government. As you all know, that is very hard to quantify because it is hidden and therefore unknown. The PSFA has gone a long way and is continuing to flush out where resources should be committed to preventing, investigating and deterring fraud across Government outside HMRC and the DWP. That is critical. When I first started asking Departments where frauds were within the Departments, they replied, “There’s nothing to see here.” At least now, particularly because of the work the PSFA has been doing, there is recognition that there is a real issue to be addressed, and that it is not just expenses fraud, or whatever they used to think it was.
Rebecca Smith
Q
Daniel Cichocki: In terms of broad principles, obviously wherever there is additional legislation and regulation on the sector, we would hope that that is proportionate. We anticipate doing further work with the Government to help to support the impact assessment as a result of the more detailed work when we see the draft code of practice, when we are better able to understand the methods through which this information will be shared, the practicalities of how it works, and the scale at which the powers will be used. We therefore anticipate more work being done around the impact assessment.
We would hope and anticipate that the Government would recognise that the impact on the private sector needs to be proportionate. As well as the cost implications around resource, this is also around prioritisation. To my earlier point, many of the teams that will be complying with this legislation will currently be complying with the broader legislation and regulation that we have in place, sharing information with the Government and law enforcement, and ensuring proportionality of how that resource is deployed. Certainly from an industry perspective, as a broad principle, we would see it as appropriate and desirable for much of that resource to be focused on serious and organised crime in the round.
Eric Leenders: I have a couple of brief points. First, one consideration is congestion. There is quite a crowded mandatory change stack, as we call it. There is a sequence of changes in train that firms are already implementing. Secondly, to your specific point about the cost-benefit analysis, we recognise the challenge that the cost will be direct, as in the build costs that we have just summarised. The benefits—reducing and deterring criminality generally, and perhaps even preventing it—are perhaps more indirect. I suppose that leads to another point: the extent to which we need to be thoughtful about circumvention and how to ensure that the legislation is suitably agile, so that bad actors cannot game the system no sooner than it has been introduced.
Georgia Gould
Q
Mark Cheeseman: The Public Sector Fraud Authority has two elements to it. One is overseeing Government and how individual Departments are doing in dealing with fraud and what they are doing on it; the Bill itself says that Departments would refer cases to the PSFA and ask for them to be dealt with under it. The second is providing some of the services that support Departments around taking action on fraud where it happens.
The biggest difference we will make, alongside that, is through prevention. We heard from witnesses earlier about the use of data and analytics. We have a data and analytics service that works with public bodies to use that to find and prevent fraud up-front. We also have a risk service that works with other parts of the public sector to understand the risks they face, in order again to prevent those risks by putting in controls.
While there will always be that balance, there will also always be some element of fraud that is still committed. We will not be able to design a system where there is no fraud risk or design out fraud. There will always be cause for an efficient, effective and proportionate part of the machine to take action on those instances of fraud and to investigate them thoroughly and properly.
Rebecca Smith
Q
Mark Cheeseman: Again, I do not know whether it would need to be in the Bill; that would be for you to debate. As it gets past the authorised officer, there is a structure: there are senior leaders with deep experience in investigating fraud who are overseeing them. We have structures of senior investigation officers overseeing your investigators and the individual authorised officers. While it may feel like a big jump, there is a structure to ensure quality, to ensure the right practices, and so on. That directly compares with what happens elsewhere.
I am pretty comfortable that “authorised officers” is a term used elsewhere. I recognise what you say about the seniority of grade; I had to have a wry smile, because it took me a while to get to HEO and SEO—higher executive officer and senior executive officer—but those are still senior, experienced roles. They are experienced administrators with a high level of skillset and expertise doing those roles. Part of the reason for creating the counter-fraud profession is to show the expertise and capability that those experienced counter-fraud experts have in taking action on fraud.