MoU - General Pharmaceutical Council (GPhC)

Information Sharing Agreement between the NHS Counter Fraud Authority and General Pharmaceutical Council



The memorandum of understanding (MoU) outlines the basis of cooperation between NHS Counter Fraud Authority (NHSCFA) and the General Pharmaceutical Council ( GPhC ), and supports the GPhC's role as the principal regulator responsible for inspections of registered pharmacies , and regulating pharmacy professionals .

The aims of this MoU are to:

  • Reduce fraud, corruption and theft within pharmacy services to an absolute minimum
  • Free up pharmacy service resources for the best possible patient care
  • Maintain patient safety and confidence in pharmacy services
  • Support the sharing of information, intelligence, expertise and experience
  • Contribute to improving the regulatory oversight of pharmacy activities
  • Create the potential for reducing the burden of inspection activities in pharmacies
  • Define the circumstances in which the two organisations will act independently.

This MoU is a statement of principle; more detailed operational protocols and guidance will be developed, as these are required.

This MoU applies to England and Wales only and is intended to provide a framework to assist the joint working of the two organisations to ensure maximum effectiveness and efficiency when carrying out investigations. The MoU includes practical arrangements designed to ensure the relationship is effective and that together both organisations meet their aims and objectives, particularly when there are overlapping interests and responsibilities.

Although NHSCFA and the GPhC agree to adhere to the contents of this MoU, it is not intended to be a legally binding document. It does not override the organisations' statutory responsibilities or functions, nor infringe the autonomy and accountability of NHSCFA and the GPhC.

B oth organisations agree to abide by the Information Commissioner ' s Office data sharing code of practice, and recognise their respective responsibilities as data controllers under the General Data Protection Regulation 2016, Data Protection Act 2018 and public bodies under the Freedom of Information Act 2000.

Roles and responsibilities

NHS Counter Fraud Authority (CFA) is an independent Special Health Authority established in November 2017. The organisation was created using the existing professional resources and staff from NHS Protect. NHSCFA leads on work to identify and tackle crime across the NHS. Its purpose is to safeguard NHS resources so that the NHS is better equipped to care for the nation's health, providing support, guidance and direction to the NHS. This work enables effective prevention, detection and enforcement action to take place against criminals and criminal activity. NHSCFA also manages improved criminal intelligence and information flows across the health service.

NHSCFA has duties and enforcement powers under the NHS Act 2006, the Health and Social Care Act 2012, and the NHSCFA (Establishment, Constitution and Staff and other Transfer Provisions) Order 2017, issued by the Secretary of State for Health. NHSCFA is responsible for:

  • leading on work to protect NHS staff, patients and resources from crime, including fraud, bribery and corruption, educating and informing those who work for, who are contracted to, or who use the NHS about crime in the health service and how to tackle it;
  • preventing and deterring crime in the NHS by reducing it to a minimum and removing opportunities for it to occur or to re-occur; and
  • holding to account those who have committed crime against the NHS by detecting and prosecuting offenders and seeking redress where viable.

The General Pharmaceutical Council ( GPhC ) is the independent regulator for pharmacists, pharmacy technicians and pharmacy premises in England, Scotland and Wales. Its role is to protect, promote and maintain the health, safety and wellbeing of patients and the public who use pharmacy services in England, Scotland and Wales by upholding standards and public trust in pharmacy.

The principle functions of the GPhC are:

  • setting standards for the education and training of pharmacists and pharmacy technicians and approving and accrediting their qualifications and training
  • maintaining a register of pharmacists, pharmacy technicians and pharmacies
  • setting the standards of conduct, ethics and performance that pharmacy professionals have to meet throughout their careers
  • setting the standards of continuing professional development that pharmacy professionals have to achieve throughout their careers
  • investigating concerns that pharmacy professionals are not meeting the GPhC's standards, and taking action to restrict their ability to practise when this is necessary to protect patients and the public
  • setting standards for registered pharmacies which require them to provide a safe and effective service to patients
  • inspecting registered pharmacies to check if they are meeting our standards

Principles of co-operation

NHSCFA and the GPhC intend that their working relationship will be characterised by:

  • Taking action within their respective statutory frameworks to reduce fraud, corruption and theft within pharmacy services
  • Making decisions that promote patient and public safety
  • Sharing information, intelligence, expertise and experience
  • Addressing overlaps and gaps in the regulatory framework
  • Cooperating openly and transparently with the other organisation
  • Respecting each other's independent status
  • Using resources effectively and efficiently.

As signatories to this MoU, both organisations agree to a joint professional approach in support of the following commitments:

  • To support and facilitate the development of a real anti-crime culture within the health service, where fraud, corruption and theft are regarded by everyone as unacceptable and where everyone understands the role they can play in eliminating such offences.
  • To support and where possible facilitate the initiative to ensure that fraud, corruption and theft can be measured accurately.
  • To revise policies, procedures and systems, so as to minimise the risk of fraud, corruption and theft being perpetrated and to ensure that, where necessary, they clearly distinguish between deliberate crime and unintentional error.
  • To support the establishment of arrangements to maximise transparency and minimise conflicts of interest.
  • To ensure, through compliance with relevant guidance, that all cases of suspected fraud, corruption or theft are examined in a fair, objective, expert, timely and professional way, to demonstrate the truth or otherwise of the suspicion, and that where fraud, corruption or theft is proved press for appropriate sanctions to be imposed.
  • In recognition of the reality that it is only through access to information that the truth or otherwise of a suspicion of fraud, corruption or theft can be determined, to cooperate in sharing ways of accessing information where this is in the public interest.
  • To support each other in the consistent development and application of appropriate disciplinary processes and the imposition of sanctions proportionate to the facts in each case where fraud, corruption or theft is proven.
  • To work together to ensure that an anti-fraud anti-corruption anti-theft strategy is effective and this MoU remains meaningful, relevant and subject to review.

Key contacts

Details of key contacts within NHSCFA and the GPhC are contained in appendix A.

Areas of cooperation

Both organisations acknowledge that intelligence can be received by way of whistleblowing, concerns raised by members of the public, referrals from other public bodies (including overseas regulators or investigatory bodies), or by information received from other sources (including from press monitoring or during the course of routine inspections to registered pharmacy premises).

If either organisation receives intelligence or information which:

  • Indicates a significant risk to the health and wellbeing of the public, particularly in relation to the safety of pharmacy services or the conduct of a pharmacist or pharmacy technician
  • Indicates a significant risk of criminal activity against the NHS
  • Requires a coordinated multi-agency response

this information will be shared in confidence with the contact specified below within the other organisation at the earliest possible opportunity.

NHSCFA has a duty, under Schedule 2 Part 4 Para 23 (1) (a) of the NHS (Pharmaceutical and Local Pharmaceutical Services) Regulations 2013, to respond to enquiries from persons, bodies or agencies considering applications from individuals or body corporates for inclusion in a pharmaceutical list, whether the individuals or directors of the body corporates have any record of, or are under investigation for, fraud. To facilitate these checks, it is important that intelligence held by the GPhC relating to fraud offences by registrants is shared with NHSCFA on a timely basis.

NHSCFA has a responsibility to protect NHS staff, patients and resources from crime, including fraud, bribery, corruption, detection and enforcement action against criminals and criminal activity. To facilitate this work, it is important that intelligence held by the GPhC relating to registrants' fitness to practise is shared with NHSCFA on a timely basis.

The GPhC has duty to protect the public who use pharmacy services and the services provided by pharmacy professionals. To facilitate this work, it is important that intelligence held by NHSCFA that could indicate that a pharmacy professional's fitness to practise is impaired or that a pharmacy's service(s) pose a risk to the people using pharmacy services and the public, is shared with the GPhC on a timely basis.

Sharing information

Both organisations hold and use sensitive information about organisations and individuals in order to perform their core functions. It is vital that such information is on occasion shared between the organisations if they are to perform their functions effectively. The organisations recognise that this exchange of information needs to be carried out responsibly and within the guidelines set out in this MoU.

Both organisations are subject to the duty of confidentiality owed to those who provide them with confidential information and the confidentiality and security of this information will be respected. It is understood by both organisations that statutory and other constraints on the exchange of information will be fully respected, including the requirements of the General Data Protection Regulation 2016, Data Protection Act 2018, the Human Rights Act 1998 and the common law duty of confidentiality.

Both organisations are committed to the principle of using information more effectively as a means to reducing the burden of administration and regulation.

Where it supports the effective delivery of their respective roles and responsibilities, and the aims of this MoU, both organisations will explore systematically and routinely sharing specific data sets to the extent possible by law. Where such data sets are identified, both organisations agree to develop a formal information sharing agreement.

The GPhC routinely publishes information about the sanctions it has imposed when pharmacists and pharmacy technicians are not fit to practise, and intends to publish its assessment of registered pharmacies' compliance with its standards.

The GPhC agrees to share more detailed information supporting its assessments where this is requested. Requests for information should be sent to the contact specified below.


Where the GPhC becomes aware of allegations against a pharmacist and/or pharmacy technician working in or for the NHS (or indeed, where there are misdirected allegations against other NHS staff) NHSCFA will be informed (if it is not clear that they are already aware) if there are clear allegations of fraud, corruption or theft.

In cases where there are other allegations of dishonesty or criminality, the GPhC will disclose relevant information and documentation to NHSCFA where such allegations are relevant to NHSCFA's core functions. However, whether such disclosure takes place will depend on the circumstances of the case and the seriousness of the allegations.

In cases where GPhC staff are in doubt as to whether a case should be disclosed to NHSCFA, they will make contact with the point of contact specified below in order to discuss the matter. Any discussions at this stage will be anonymised. GPhC staff will be able to rely on the fact that if the specified NHSCFA contact indicates that they wish to receive full disclosure, this will be on the basis that it is essential for NHSCFA's core purpose or is in the public interest.

Where NHSCFA is aware that during or following an investigation, evidence exists that a pharmacist or pharmacy technician has been involved in fraud, corruption, theft or that a pharmacy professional's fitness to practise may be impaired, the GPhC will be informed of such matters. The GPhC will consider whether any further investigation needs to be carried out and/or whether the matter should be referred to the Fitness to Practise Committee.

In cases where NHSCFA staff are in doubt as to whether a case should be disclosed to the GPhC , they will make contact with the point of contact specified below in order to discuss the matter. Any discussions at this stage will be anonymised. NHSCFA staff will be able to rely on the fact that if the specified GPhC staff indicate that they wish to receive full disclosure, this will be on the basis that that is essential for the GPhC's core purpose or is in the public interest.

In cases where an investigation has concluded that there was no criminal activity, but indicates there may be concerns about the activities of a pharmacist or a pharmacy technician, the information will be passed to the GPhC to enable staff to make an assessment of whether the concerns meet the GPhC's threshold criteria for referral.

When information is disclosed to the GPhC there will be a discussion in advance about the timing of any action that the GPhC may consider appropriate, including disclosure of the case to the employer and individual involved. The GPhC will consider any request to delay action which may compromise any current NHSCFA investigation. However, NHSCFA recognises that action may need to be taken by the GPhC where it is in the public interest to do so.

In cases where NHSCFA becomes aware of allegations or evidence that an individual may be posing as a registered (or licensed) or competent pharmacist or pharmacy technician, either through a stolen identity, fraudulently acquired registration or through falsified qualifications, NHSCFA will immediately contact the GPhC via the point of contact specified below. NHSCFA will provide all available information that might suggest that an individual is falsely posing as a qualified, competent or registered (or licensed) member of the GPhC . In these cases, the primary concern for both organisations will be patient safety. The GPhC will take whatever action is appropriate in the interests of protecting patients.

There may be occasions when the organisations need to undertake concurrent investigations. When this occurs both organisations will take steps to ensure that they do not undermine the progress and/or success of each other's investigation. This may include allowing criminal investigations to take place as a priority. There may, however, be occasions when the GPhC will need to act swiftly to take steps to protect public safety and would do so with due regard for other known ongoing investigations.

Where either organisation intends to undertake an investigation (over and above any routine inspection activity) the contact in the other organisation specified below should be alerted, in confidence, at the earliest possible opportunity.

Outcomes arising from any relevant investigations actioned by either organisation will be shared with the contact specified below at the earliest possible opportunity.

Where joint or parallel investigations are required, preliminary discussions should resolve any potential areas of conflict or overlap, arising from each organisation's respective powers.

The GPhC and NHSCFA will work towards developing a joint investigation framework for working together to help ensure efficient and effective joint investigations.


Where either organisation has taken or intends to take enforcement action, the outcome of which is relevant to the other organisation, details will be shared at the earliest possible opportunity.


Areas of communication between the organisations include, but are not limited to:

  • Sharing of expertise and experience
  • Discussions about strategy and policy
  • Discussions about individual pharmacists and pharmacy technicians
  • Sharing experiences of investigations or trends
  • Sharing information about potential media interest, or when the media have actively shown an interest, on an issue of relevance to both organisations
  • Sharing views and information about how improved performance might be encouraged.

Disclosures from either organisation to the other will be regularly monitored to ensure that arrangements are working effectively. To facilitate the sharing of information and intelligence, both organisations agree to develop a formal information sharing agreement.


The effectiveness of the working relationship between NHSCFA and the GPhC will be ensured through regular contact, both formally and informally, at all levels up to and including senior executives of the respective organisations.

The GPhC and NHSCFA will monitor and review information shared and the impact of the MoU on a regular basis. In future, this may include the production of periodic monitoring reports that cover the frequency, or number, of interactions, the nature of the shared information and joint working and the impact that the cooperation of the two organisations has had.

Should any difficulties arise between NHSCFA and the GPhC these will normally be resolved at the operational level. If this is not possible, unresolved issues may be referred upwards through those responsible for operating this MoU, up to and including the chief executive / managing director of each organisation, who will be jointly responsible for ensuring a mutually satisfactory resolution.

Duration and review

This MoU is not time-limited and will continue to have effect until the principles described need to be altered or cease to be relevant. The MoU may be reviewed more urgently at any time at the request of either party.

Both organisations have identified a person responsible for the management of this MoU in Appendix A. They will liaise as required to ensure this MoU is kept up to date, identify any emerging issues and resolve any questions that arise in the working relationship between the two organisations.