Objective, Scope and Limitations

This section provides an overview of NHSCFA’s Covid-19 Post Event Assurance project object, its scope and limitations

Objective

The objective of this exercise was to provide assurance on the effectiveness of controls and processes implemented across NHS provider organisations; in particular to manage operational and financial fraud risks during an emergency management scenario such as the pandemic.

Scope and limitations

All NHS provider organisations in England and Wales were considered in scope for this exercise. The organisations’ Directors of Finance, Audit Committee Chairs and LCFSs were all written to asking for their participation and support of the exercise. The LCFS would be pivotal to the exercise in their review of NHS organisation’s records.

The PEA was designed to obtain information of NHS spending behaviours during the pandemic therefore the exercise focused on contract cancellations and three PPNs sent out at the beginning of the pandemic: PPNs 01/20, 02/20 and 04/20. PPN 01/20 was on direct award, and PPN 02/20 and PPN 04/20 provided guidance on supplier relief payments.

The scope of this review included:

  • Assessing the compliance and effectiveness of the application of Government guidance across NHS provider organisations during the pandemic.
  • Assessing new suppliers that were in the process of being onboarded, but had contracts cancelled and/or payments clawed back due to identified risk (following information relating to suspicious financial transactions and/or concerns around company liquidity and activities).
  • Reviewing the number and value of contracts that were directly awarded with extreme urgency (Covid-19 related) under PCR 2015 regulation 32(2)(c), as stipulated under PPN 01/20.
  • Reviewing in relation to the period between 20 March and 30 June 2020, the number and value of ‘at risk’ suppliers that were paid as normal when service delivery was disrupted or suspended as per PPN 02/20.
  • Reviewing how effectively risks were identified and managed by NHS provider organisations.
  • Assessing the compliance of NHS provider organisations in adhering to SFIs, SOPs and internal processes.

Exclusion from the scope

We did not examine any areas that are not specifically outlined above.

Download this report

Help us improve cfa.nhs.uk

Tell us what's happened so we can fix the problem. Please do not provide any personal, identifiable or sensitive information.

Close

Thanks for the feedback!

Close