Purpose

The Board Assurance framework forms part of the governance arrangements for the NHS Counter Fraud Authority. (NHSCFA). Information about the NHSCFA, for example its basis in law, its strategies and business plans are available from https://cfa.nhs.uk/about-nhscfa/corporate-publications

he governance arrangements ensure that the NHSCFA is held accountable to its stakeholders in the key areas listed in table 1, which reflect the organisation’s operating structure, priorities and objectives.

This document specifically sets out how the NHSCFA will record, report on and provide assurance to the NHSCFA Board via the Audit, Risk & Assurance Committee, (ARAC), on the governance arrangements.

The governance arrangements will promote transparency and improve accountability, ensuring the NHSCFA satisfies its social, regulatory and legal obligations

Roles and responsibilities

he NHSCFA Board is responsible for providing strategic leadership for the organisation ensuring that it is able to account to parliament and the public on how the functions of NHSCFA are delivered.

he ARAC provides an independent view to the Board and Accounting Officer on the appropriateness and adequacy of all aspects of NHSCFA’s risk management, internal control environment, governance and assurance arrangements. Including risk management and internal controls covering all of the activities undertaken by the NHSCFA in support of achieving organisational objectives. Details are set out in the ARAC Terms of Reference.

The ARAC will:

  • approve this Board Assurance Framework (BAF)
  • review the strategic corporate risks
  • review the assurance map (at least annually)
  • review the risk appetite statement (annually)
  • review external and internal audit reports and progress to implement recommendations
  • review internal recommendations following governance and assurance exercises
  • raise matters arising from the above to the Board

The executive team are responsible for leading the organisation, developing and setting strategy and ensuring the delivery of priorities and plans. The team are accountable for the delivery of the strategic duties as set by the Board.

The Finance and Corporate Governance Division is responsible for:

  • maintaining relevant risk management policies and guidance documents
  • completing of an annual assurance map
  • producing a risk based annual internal Governance & Assurance workplan
  • tracking the implementation of audit and Governance & Assurance recommendations
  • monitoring the compliance with government counter fraud standards (Gov13)
  • attending and supporting the Performance and Assurance Panels (PAPS) to challenge on assurance and risks.

The Performance & Improvement Director is responsible for chairing of the PAPS and provisions of a quarterly assurance letter to the Accounting Officer.

Methodology

The NHSCFA adopts a risk-based approach to identify where assurance is required and effective ways of assessing the controls in place and communicating these to the ARAC in a clear, concise and timely manner.

This approach will take into account the three lines of defence model set out in HM Government The Orange Book Management of Risk – principles and concepts1.

This approach will also identify all the areas, set out at table 1, which the ARAC requires to ensure it is able to discharge its responsibilities.

The following reports will be provided to the ARAC;

  • risk register report
  • external and internal audit reports (provided by NAO/GIAA)
  • internal Governance & Assurance reports (provided by F&CG on exception only)
  • progress reports on the implementation of external and internal audit recommendations
  • progress reports on the implementation of internal Governance & Assurance recommendations
  • an annual report on other elements of assurance

Review

The Board Assurance Framework will be subject to formal review no less than annually but may be reviewed and updated at any time.

Corporate Governance Area Assurance/Controls in place
Compliance with statutory instruments and directions which set out the structure and functions of the NHSCFA Operational Board & sub committees with annually reviewed Terms of Reference G&A exercises on Statutory transfer of Functions
Delivery of the Board functions Operational Board & sub committees with annually reviewed Terms of Reference Board effectiveness reviews GIAA review completed in March 2020 (moderate rating)
Financial Management SFI/SFO reviewing annually NAO/GIAA audit reports Use of financial resources and financial management included in annual assurance map
Risk Management Suite of risk management documentation Risk register Risk register review group Performance and Assurance Panels Assurance map
Performance Management (against 2020-23 strategy & 2020-21 published KPIs) Management Reporting Tool Performance and Assurance Panels Assurance map
Performance Management (against Unit Business plan objectives and legislative requirements e.g investigation legislation, PIDA, Safety Health & Environment) Management Reporting Tool Performance and Assurance Panels Assurance map
Performance Management (against Unit Business plan objectives and legislative requirements e.g investigation legislation, PIDA, Safety Health & Environment) Management Reporting Tool Performance and Assurance Panels Assurance map
Information Governance (inc Data Protection, FOI & Equality Act ) Assurance map Annual Report
Counter Fraud, Anti Bribery, Whistleblowing & Complaints Assurance map Annual Report