GovS 013 component 5: Annual action plan

Have an annual action plan that summarises key actions to improve capability, activity and resilience in that year. GovS 013 ref: 4.3.1

Published: 8 February 2022

Updated: 9 October 2025

Version: 2.0

NHS Requirement 5

The organisation maintains an annual work plan that is informed by national and local fraud, bribery and corruption risk assessment identifying activities to improve capability and resilience. This includes (but is not limited to) defined objectives, milestones for the delivery of each activity and measurable areas for improvement in line with strategic aims and objectives. The plan is agreed, and progress monitored by the audit committee (or equivalent body).

Organisation meets the requirement

Risk-based objectives of the work plan are adequately resourced to carry out the work.

Risk-based work plan objectives are demonstrably achieved.

Progress is continuously monitored at a senior level to ensure that work plan objectives are progressed and that resources remain suitable for this purpose.

Note

This requirement directly relates to the organisation's defence in respect of the failure to prevent fraud offence as introduced by the Economic Crime and Corporate Transparency Act 2023. Guidance focusing on the failure to prevent fraud offence has been produced by the Home Office, with supplementary guidance produced by NHSCFA.

As the Counter Fraud Functional Standard Return (CFFSR) is a self-assessment, a GREEN rating does not in itself provide any assurance of the organisation’s defence in respect of the offence. The NHS Requirements and CFFSR can be used as tools to indicate the organisation’s preparedness for a defence; however, value is directly linked to the accuracy with which the organisation’s counter fraud position has been reflected and standard of procedures and other evidence available.

Organisation partially meets the requirement

The annual work plan has been agreed by the audit committee (or equivalent body).

Adequate resources have been assigned to specific areas of activity.

The objectives in the work plan are measurable, however there is no evidence that the effectiveness of activities carried out under it has been measured.

Organisation does not meet the requirement

There is no evidence of the annual work plan being agreed by the audit committee (or equivalent body).

Where an organisational work plan has been developed, it is not fit for purpose. For example, the work plan is not based on national and locally assessed risks or may not cover the required key areas of counter fraud, bribery and corruption work in line with the strategic aims and objectives.

Resources may be inadequate to perform identified activities.

The objectives in the work plan are not measurable.

Guidance, supporting documentation and evidence

Organisations should consider the following (the list is not exhaustive):

  • Organisations should consider the following (the list is not exhaustive):
  • Counter fraud, bribery and corruption work plan
  • Audit committee minutes
  • National and locally based risk assessments
  • NHS Audit Committee Handbook (relevant sections)
  • Other evaluation materials such as reports on proactive exercises
  • Evaluation materials resulting from participation in national exercises
  • A measured reduction in risk or expenditure
  • Documentation arising from any NHSCFA engagement
  • Evidence of the implementation of any recommendations made by the NHSCFA as part of any engagement
  • Internal audit reports
  • Increased compliance with policies and procedures
  • Examples of where findings have been suggested for policy development
  • Examples of where findings have influenced policy development

Help us improve cfa.nhs.uk

Tell us what's happened so we can fix the problem. Please do not provide any personal, identifiable or sensitive information.

Close

Thanks for the feedback!

Close