FRAUD RESPONSE PLAN PROCEDURE Scope To prescribe a procedure for the conduct of all investigations where there is a suspicion that theft, fraud or corruption has taken place Purpose To define authority levels, responsibilities for action and reporting lines in conducting a fraud investigation, and to ensure that evidence gathered in fraud investigations will be admissible in any future disciplinary, criminal or civil actions Definitions and Abbreviations Fraud: the use of deception with the intention of obtaining an advantage, avoiding an obligation or causing loss to another party CIMA: The Chartered Institute of Management Accountants DFP: Department of Finance and Personnel FIT: Fraud Investigation Team FIOG: Fraud Investigation Oversight Group PACE: Police and Criminal Evidence Act Related Documents CCEA Counter-fraud Policy ISO Investigative Interview Procedure CCEA Malpractice Procedure CCEA Management Statement Managing the Risk of Fraud-A Guide for Managers (Department of Finance and Personnel September 2003) Fraud Risk Management: A Guide to Good Practice (CIMA) DAO (DFP) 22/05 Best Practice Guidance: Control and investigation issues in respect of purchasing and paying of invoices DAO (DFP) 12/06 Internal Fraud: Management Checklist DAO (DFP) 13/06 Memorandum of Understanding between the Northern Ireland Public Sector and the Police Service of Northern Ireland Managing Public Money Northern Ireland

Fraud Response Plan Procedure

Responsibilities CHIEF EXECUTIVE •

In his role as Accounting Officer to have a personal responsibility for the propriety and regularity of the public finances for which he is responsible.

•

To ensure implementation of the specific actions set out in 4.3 in the CCEA Counterfraud policy.

•

To ensure that vigorous and prompt investigations are carried out by individuals independent of the work area under investigation if fraud occurs, if there are allegations of fraud, or if there is the suspicion of fraud.

•

To ensure that there is an effective and documented system in place to manage fraud investigations, including their recording and monitoring, and that these systems are regularly reviewed.

•

To authorise appropriate legal and/or disciplinary action against those individuals found guilty of committing fraud.

•

To authorise appropriate action where supervisory failures have contributed to fraud.

•

To ensure there is compliance with the requirements of Managing Public Money Northern Ireland in reporting fraud and other relevant DFP advice.

BUSINESS ASSURANCE MANAGER (FRAUD MANAGER) •

To ensure that the internal control framework is robust which includes having effective mechanisms for the management of fraud investigations in place, specific actions of which are detailed below. •

In the event of fraud being suspected, to seek approval from the Director of Corporate Services to instigate immediate action designed to identify if actual fraud has taken place through a preliminary investigation and to then take steps to prevent further risk of fraud by the individual(s), including arranging for the suspension of individuals pending further investigations if required.

•

The preliminary investigation will consider the source of discovery of the suspected fraud; the authenticity of the information initially received; the line management’s initial assessment of the circumstances involved; and if required gathering of preliminary evidence in advance of interviewing suspects. This may include obtaining witness statements and review of documents and surveillance information including CCTV and observation if required.

Revision 9: 14 June 2013

Fraud Response Plan Procedure •

To report to the NIAO and the Department of Education any attempted or actual fraud as soon as there is suspicion fraud has been committed.

•

To seek advice from DE, PSNI and any other regulatory or legal authorities as appropriate.

•

Provided there is no conflict of interest, to manage the Fraud Investigation Team (FIT).

•

To report on the FIT’s progress to the FIOG and Management Board.

•

To ensure that proper records of each investigation undertaken by the FIT are kept, including accurate notes of when, where and from whom evidence was obtained and by whom; and to maintain a diary of events of the FIT including recording of progress of the investigation. All of this will be undertaken within PACE guidelines.

•

In preparing any case for the PSNI ensure PSNI Acceptance Criteria is met (Appendix 5) and that the Evidence Pack is in an agreed format (Appendix 6).

•

To make recommendations to the Chief Executive through the Director of Corporate Services in the light of fraud investigation findings regarding disciplinary, criminal or civil law actions.

•

To consult with the Director of Corporate Services and the Chief Executive in cases where the suspected fraud is potentially significant or where the fraud may lead to adverse publicity.

•

To advise the Communications Manager, at a time deemed appropriate, so that media management may take place, if necessary.

•

To inform the NICS Fraud Forum, NIAO and DE and other relevant parties about the outcomes of the investigation.

•

To ensure that lessons learnt are communicated across the organization

•

To maintain a log of all reported fraud suspicions, including those dismissed as minor or otherwise not investigated.

•

To present the fraud log to the Audit and Risk Committee annually for inspection.

•

To ensure the review of the Fraud Response Plan annually, in line with new guidance and/or after each application.

•

To ensure the preparation of an annual fraud report for submission to the Department of Education.

Revision 9: 14 June 2013

Fraud Response Plan Procedure

RESPONSIBLE OFFICER (usually the Director of Corporate Services) •

To determine whether or not an investigation is required and, if so, to determine whether this should be taken forward internally, internally with the assistance of outside parties or externally. This may include approval for a preliminary investigation.

•

To determine whether or not the Business Assurance Manager has a conflict of interest in respect of any fraud investigation and thereby to determine whether or not she should be a member of the Fraud Investigation Team.

•

To establish a Fraud Investigation Team, if appropriate and ensure that the team has appropriate experience and expertise.

•

To determine the terms of reference, objectives, scope, timescales and resources needed for FIT.

•

To chair the Fraud Investigation Oversight Group (FIOG).

•

To advise the Accounting Officer at the close of any investigation of any action which has been agreed by the FIOG to be taken. In instances where proposed actions are of a serious nature involving disciplinary and/or legal action, obtain authorization for the action.

•

To keep the Audit and Risk Committee and the Council informed about any investigation including progress made during the fraud investigation and the outcomes of it.

FRAUD INVESTIGATION OVERSIGHT GROUP (FIOG) Membership of the FIOG will normally comprise the Director of Corporate Services, the Financial Services Manager, the Business Assurance Manager and the People Services and Equality Manager. The FIOG may co-opt other CCEA staff to the group, as required. The role of the FIOG shall be as follows. •

To determine and record any action to be taken in respect of reported or suspected fraud.

•

To consider advice sourced by the Business Assurance Manager from DE, PSNI, insurers, regulatory authorities and legal advisors as appropriate.

•

In advance of referring any case to the PSNI, to review the evidence pack and ensure the PSNI Acceptance Criteria is met including format of the evidence pack.

•

To review the work of the FIT and approve the conduct of the investigation.

Revision 9: 14 June 2013

Fraud Response Plan Procedure

•

To consider recommendations made by the FIT and agree on appropriate action to be taken.

FRAUD INVESTIGATION TEAM The membership of the Fraud Investigation Team will depend on the nature and severity of the fraud but will normally be led by a member of the Business Assurance team and managed by the Business Assurance Manager. The team will be commissioned by the FIOG. The FIT’s role will be as follows. •

To carry out an investigation into suspected fraud.

•

To conduct investigations into suspected fraud in accordance with the ISO 9001 Investigative Interview Procedure which includes compliance with PACE.

•

To gather evidence as detailed in Appendix 3 including compliance with PACE.

•

To conduct interviews as detailed in Appendix 4 including compliance with PACE .

BUSINESS MANAGERS/FUNCTIONAL LEADS •

To comply with and implement the Counter-fraud policy (summarised in Appendix 1)

ALL STAFF •

To comply with the Counter-fraud policy (summarised in Appendix 1)

Procedure Sections 7 to 10 of the Counter-fraud policy sets out the sequence of actions which will be taken if it is suspected that fraud has happened or is taking place. If there is a suspicion that a fraud has taken place, the fraud investigation shall be managed as per Appendix 2 of this document, including the actions detailed below. •

The Responsible Officer shall consider the Business Assurance Manager’s initial assessment of the circumstances involved based on preliminary evidence gathered.

•

If the initial information appears bone-fide, the Responsible Officer shall commission a full investigation. This may be taken forward fully internally, internally with the assistance of outside parties, or externally. If required advice will be sought from PSNI and DE on the approach.

Revision 9: 14 June 2013

Fraud Response Plan Procedure •

If suspicions or reports of fraud appear well founded, the Business Assurance Manager shall report suspicions immediately to NIAO and the Department of Education.

•

Once a full investigation has been initiated, the Responsible Officer shall convene the FIOG.

•

In the event that a decision is made to take forward the investigation fully internally or internally with the assistance of outside parties, the FIOG shall establish a Fraud Investigation Team (FIT) which shall comprise staff independent from the business area where the fraud is alleged to have taken place.

•

The Business Assurance Manager shall seek advice from DE, the PSNI and other legal and regulatory bodies as appropriate in undertaking the investigation.

•

The Responsible Officer shall ensure that the FIT consists of individuals who have all necessary investigative interviewing, financial and/or audit skills including knowledge and experience of the provisions of PACE.

•

The Responsible Officer shall determine the terms of reference, including objectives, scope, timescales and resources for the FIT and an oversight/checkpoint plan for the various stages of the investigation.

•

The FIOG shall oversee the work of the FIT, ensuring that best practice guidance is applied by the FIT during the investigation including advice given in DAO (DFP) 12/06.

•

The FIT shall gather evidence as detailed in Appendix 3.

•

The FIT shall take control of any physical evidence and maintain a record of where, when and from whom it was taken. Where the evidence consists of several items these shall be tagged with a reference number which corresponds with the written record of the investigation. In the case of electronic evidence this shall be electronically logged.

•

In the event of a decision being made to interview a suspect, the arrangements for interview detailed in Appendix 4 shall be followed.

•

The suspect shall be advised that they may leave at any time.

•

The suspect shall be given the opportunity to have a friend, colleague or representative present.

•

The FIT shall ensure that where witnesses or suspects are prepared to give written statements a member of the investigation team shall take a chronological record using the witness’s or suspect’s own words.

Revision 9: 14 June 2013

Fraud Response Plan Procedure

•

•

Witnesses and suspects shall be given the opportunity to read the written record and sign each page in acknowledgement of its accuracy.

•

All other persons present shall be expected to sign and acknowledge the accuracy of the documentation.

If it is identified that there is a significant potential for criminal action, advice should be sought from the PSNI regarding legal representation of the suspect in respect of interviews before any interviews take place. Any interview with a suspect should be suspended immediately if it appears a criminal act may have taken place to seek PSNI advice on required legal representation. •

On conclusion of any internal investigation the DCS shall advise the Accounting Officer on the need for disciplinary, criminal or civil action including redress for any outstanding financial loss.

•

Any report written in respect of a fraud investigation shall include: quantification of losses; progress with recovery action; progress with disciplinary action; progress with criminal action; and recommendations for improvements to systems and procedures to minimise the risk of a recurrence.

•

The Responsible Officer shall keep the Audit and Risk Committee and the Council informed of developments during the investigation and will provide it with a full report on the investigation on its conclusion.

•

On conclusion of the investigation, the Business Assurance Manager shall ensure all necessary lessons learnt are communicated, as appropriate throughout the organization.

•

On conclusion of the investigation, the Business Assurance Manager shall inform the NICS Fraud Forum.

•

On conclusion of the investigation, the Business Assurance Manager shall notify all other relevant bodies/ groups including but not necessarily restricted to: DFP; C&AG; DE and other relevant public sector bodies.

Revision 9: 14 June 2013

Appendix 1: Reporting Fraud

You suspect fraud or other illegal act by an employee or contractor or perpetrated on the organisation by an external party

Either/Or

Discuss with your Line Manager

Discuss with any manager, the Business Assurance Manager or Chief Executive

Report to nominated Council member or Department of Education.

If suspicions appear well grounded Fraud Investigation Oversight Group (FIOG) convenes External source acts as it sees fit

BAM records details immediately in a log

Fraud and other illegal acts log

Log reviewed by Audit and Risk Committee annually Fraud investigation Team set up

Yes FIOG determines whether or not fraud appears to have taken place No

To Appendix 2

Version 9: 14 June 2013

Close investigation

Appendix 2: Managing Fraud Investigation From Appendix 1

FIOG determines terms of reference, scope, timescales etc

FIT carries out investigation

Diary of Events started

Does it appear that a criminal act has taken place?

Yes

Consult with and inform Police, Department of Education, Department of Finance & Personnel and the Comptroller and Auditor General

No

Either No case to answer

Investigate internally to decide which of the following

Or Gross Misconduct

Or CE and DCS decide what, if any, action to take

Consider possibility of making good the loss

Error of judgement/negligent conduct

No

Consider possibility of making good the loss including a civil action for recovery

Loss recovered? Yes In conjunction with Head of PSE, implement disciplinary procedures if appropriate

BAM updates the fraud log

FIT prepares written report for Audit and Risk Committee, Council and other relevant parties

Version 9: 14 June 2013

Loss recovered?

Fraud Response Plan reviewed

Initiate dismissal procedures

Appendix 3: Gathering Evidence No

Is there any physical evidence? Yes

Collect evidence as per PSNI agreed format of evidence pack

No

Are there any witnesses?

Yes Discuss events with witnesses as per Investigative Interview Procedure

Investigation manager to obtain written, signed statement(s) of the events

Yes

Are witnesses prepared to give a written statement?

No Make a written note of any discussion

Lead investigator reports findings to BAM/FIOG

BAM to consider if suspect should be interviewed following consultation with DCS

Version 9: 14 June 2013

To Appendix 4

Appendix 4: Fraud Investigative Interview Procedure From Appendix 3

No

Does matter warrant interview of suspect?

Yes Advise suspect that interview is required, context and purpose of interview, that they may have a representative present or leave at any time

Arrange a meeting at earliest practicable time, that allow suspect opportunity to have representative present

Yes

Is suspected person willing to be interviewed?

No Yes Is evidence gathered sufficient for dismissal?

No No Yes

Deploy Investigative Interview procedure

Is there a case to answer?

Consider other action to be taken

Obtain written, signed statement

Consider dismissal or other disciplinary action

Version 9: 14 June 2013

Is suspect prepared to give a written statement?

No Confer with BAM and review events

Confer with BAM, review events with Police, if appropriate

Yes

Decide which of the following

Carry out further investigation or seek advice from relevant authority

Make a written note of any discussion

Close investigation and save log

Appendix 5:

REFERRALL TO PSNI: ACCEPTANCE CRITERIA

1.

These criteria set out the conditions necessary for a suspect fraud case to be referred to the PSNI. However, the decision to accept a case for investigation rests fully with the PSNI who will provide their decision in writing. •

It must be established that there are reasonable grounds to believe that a criminal offence has been committed.

•

Deliberate criminal intent to be clearly defined. The fraud needs to be more than an error or omission.

•

The allegations should concern recent events and should not have become stale by reason of age. Incidents, which are over two years old before discovery, need to be judged individually on their merits, including availability of documentary evidence and the reliability of witness evidence.

•

To comply with the rules governing disclosure, the department/body will identify and preserve all original documents and other exhibits relating to any intended complaint.

•

The department/body should be prepared to supply all original relevant documents and exhibits to the police if an investigation is accepted and commenced. Such evidential material should be securely held, in accordance with PACE provisions, before formal hand over to the PSNI.

Version 9: 14 June 2013

Appendix 6:

PSNI AGREED FORMAT OF EVIDENCE PACK

1.

Evidence packages should contain a detailed summary of all relevant information surrounding the allegations made. This should include the nature of the allegations against the suspect, including the full name, address and date of birth of the suspect.

2.

The package should also include:•

All available details of any other parties suspected of involvement in the alleged fraud, including the reasons for the suspicions;

•

A brief summary of the allegations including estimated values of alleged crime and relevant dates;

•

A full description of the nature of the crime and the circumstances surrounding it. This should include full details of any investigations already undertaken by the department/body or anyone acting on their behalf;

•

Copies of all relevant document, each individually numbered and identified in the summary;

•

Copies of all statements obtained from suspects;

•

Names and addresses of all witnesses identified at the time of reporting to the police, including copies of any statements;

•

Any police reference numbers, which may already apply to any part of the case; and

•

A name and contact point.

Version 9: 14 June 2013