Executive summary

A brief overview of the NHS’s overall vulnerability to fraud, bribery and corruption.

Published: 22/07/2022

The NHSCFA have produced an annual Strategic Intelligence Assessment (SIA) since 2017. Over the course of the last five years the response to fraud and the landscape has been constantly evolving. The NHSCFA and its partners have conducted a review of the strategic priority areas during this reporting period. As a result of the review, the strategic priorities have been realigned to the current fraud landscape.

The response to fraud within the NHS in England is now split into three categories;

  • Strategic priority: ensure that counter fraud activity is proactively pursued with threats, vulnerabilities, enablers, risk and financial vulnerability reported on an annual basis.
  • Intelligence collection: intelligence resources are assigned to improve the intelligence picture with threats, vulnerabilities, enablers, risk and financial vulnerability assessment reported on an annual basis through the strategic intelligence assessment.
  • Strategic oversight: fraudulent activity is monitored through trend analysis and horizon scanning to determine any fluctuations or depreciation in effectiveness of counter fraud functions. These areas will no longer be reported on an annual basis within the SIA, however a combined notional financial vulnerability figure will be provided for transparency.

The NHSCFA assess that the NHS is vulnerable to fraud, bribery and corruption to an estimated £1.198bn.

In addition to the changes in strategic priority areas, the timeframes for intelligence collection within the SIA has also been amended to cover financial year to financial year. This is to ensure that all intelligence assessments presented are as current as possible. However, due to the timeframe for the public release of activity and financial data, the financial vulnerability estimates are still currently one year behind based on the previous year’s spend. In order to mitigate these amendments, the intelligence assessments made for 2020 - 2021 have also informed the current assessments.

*Diagram highlighting the timeframes for collection of the intelligence and activity / financial data against publication year.
2020 - 2021 2021 - 2022


Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4
Intelligence Collection yes yes yes yes
Activity / financial data yes yes yes yes

The fraud controls within the NHS in England have improved year on year with many initiatives being implemented or evolving such as post payment verification, stronger vigilance against payment diversion fraud and patient exemption fraud. Although fraud vulnerability estimates have increased by £58m this is primarily attributed to the increase in funding allocated for the Covid-19 response. We have seen a reduction in financial vulnerability to fraud in the majority of thematic areas. However, we have seen a notable increase in Data Manipulation and Procurement and Commissioning fraud.

Data Manipulation fraud increased by £142.1m. The vulnerable funding packages with Data Manipulation fraud have increased due to changes within the allocations and formulas where it is assessed, has generated an artificially inflated financial vulnerability estimate. However, the NHSCFA and stakeholders have not yet been able to fully revise the assessment on the impact to fraud until the aforementioned allocations and formulas have matured and as such are relying on the previous financial vulnerability methodology to provide an indication of the financial vulnerability. Furthermore, the pending implementation of Integrated Care Systems has generated new intelligence gaps on what threats and vulnerabilities this will generate.

Changes to the funding envelopes for National Tariff within the Data Manipulation strategic priority area during the pandemic have generated further significant intelligence gaps on what new threats and vulnerabilities these presents. All these changes have meant resources and focus has been aligned to understanding these new emerging areas for the next reporting period. The NHSCFA will be carrying out a thorough assessment of the current threats, vulnerabilities, and enablers to increase understanding and knowledge of the existing risks.

The second area, Procurement and Commissioning fraud has seen a further increase in the assessed financial vulnerability estimate. Procurement and Commissioning has maintained a 1% estimate of total spend. Therefore, this increase is attributed to the increase in spend. Procurement and Commissioning fraud has also seen the largest increase in reporting.

Although a proportion of this is attributed to Covid-19 related reports, the NHSCFA has seen an increase in the threat from mandate fraud. This occurs when the payment for a genuine invoice is diverted into a bank account controlled by a criminal or organised crime group. The increase in the threat from mandate fraud has resulted in the NHSCFA commissioning a mandate fraud prevention project in collaboration with the wider health group.

Conversely the NHSCFA has seen notably reduction of estimated financial vulnerability to fraud in two strategic priority areas; Patient exemption fraud and Optical contractor fraud of £53m and £46.2m respectively. With the financial vulnerability assessment conducted on activity data during a global pandemic, the cause of the reduction is difficult to determine with confidence. For example, the reduction of fraudulent prescription exemption claims within Patient Exemption fraud could be attributed to the ongoing behavioural change element of the Penalty Charge Notices issued under the Prescription Exemption Checking services. Yet, national lockdown and the implementation of social isolation could have resulted in a reduction of transmission of common illness, thus reducing the need for prescribing medication. In addition, it could be an unknown or multiple factors contributing to the assessed reduction in financial vulnerability.

A similar scenario could be assessed for the reduction of financial vulnerability within Optical Contractor fraud. The financial vulnerability assessment is made on activity collating with national-wide closure of Ophthalmic practices due to COVID-19. The closure would reduce the amount of claims made, thus lowering the prospect of fraudulent behaviour. In addition, another cause could have been the ongoing post-payment verification work on claims submitted for valid activity. The presence of the post payment verification could have acted as a deterrence for the minority that could be submitting fraudulent claims.

The table below provides an overarching summary of the current financial vulnerability assessments compared to the last reporting period along with the amount of direct fraud referrals made to the NHSCFA. It is important to note that the figures presented below are assessments of the estimated financial vulnerability for fraud and not an indication of direct loss to fraud.

Strategic Priority Area 2021 – 2022 financial vulnerability estimate 2020 – 2021 financial vulnerability estimate Difference (£m) 2021 – 2022 direct referrals to NHSCFA
Procurement and Commissioning fraud £336.4m £300.4m +£36m 1193
Data Manipulation fraud £249.1m £107m +£142.1m 15
Patient Exemption fraud £214m £267m -£53m 1050
Community Pharmaceutical Contractor fraud £122m £117m +£5m 155
GP contractor fraud £101m £93.8m +£6.3m 160
Dental Contractor fraud £61m £61.3m -£0.3m 83
Optical Contractor fraud £38.7m £84.9m -£46.2m 24
NHS Staff fraud £22.6m £26.07m £3.57m 2303
Intelligence Collection
Fraudulent access to secondary care from overseas visitors £39.3m £56.7m -£17.4m 308
Reciprocal Healthcare fraud £1.94m £12.06m -£10.14m 11
Strategic Oversight
Additional area(NHS Bursaries and NHS Pension fraud) £12.7m £14.9m -£2.2m
Total £1.198bn £1.14bn +£58m

A breakdown of the four-year financial vulnerability per thematic area is depicted below. Where a measurement exercise has not taken place or a comparative assessment is not available, the baseline financial vulnerability percentage is 1% of the funding allocation or expenditure. Therefore, areas such as Procurement and Commissioning fraud, Community Pharmaceutical Contractor fraud and GP Contractor fraud have the financial vulnerability assessment of 1% of the total funding or expenditure. Increases in financial vulnerabilities within these three areas are an indication of increase in funding or expenditure and not an assessed increase to fraud.

Year Procurement & Commissioning Patient Exemption fraud Pharmaceutical Contractor Data Manipulation GP contractor Optical Contractor Dental Contractor Fraudulent access to secondary care NHS Staff Reciprocal Healthcare Additional
2019 351 251.7 108 114 88 82.4 93.5 35 94.6 21.7 14.4
2020 291.4 259.5 114 136 91 82.9 65.9 35 98.2 20.8 10.9
2021 300.4 267.7 117 107 93.8 84.9 61.3 56.7 26.07 12.05 14.9
2022 336.4 214 122 269.6 101 38.7 61 39.3 21.9 1.95 12.7

It is important to note that fraud is only committed by a minority of people. As more and more people become aware of how fraud impacts on the NHS, it is expected that more reports will be submitted to the NHSCFA. Through this increase in transparency, the NHSCFA and its stakeholders are better informed of the landscape and as such; more capable to direct resources to mitigate against potential vulnerabilities.