Post by: Adele Rilstone.

Fraud in a pandemic

Internal Fraud

It is abundantly clear that the NHS is facing one of the toughest challenges in its history responding to the COVID-19 pandemic. Ensuring supplies and services are being delivered to patients who are most in need is pushing NHS staff to the max. Whilst the NHS’s incredible workforce will be dedicated to helping patients, there are some who will be taking advantage of the pandemic to commit fraud. As COVID-19 is being tackled, the usual policies and practises, systems and controls will unsurprisingly take second place to supporting service delivery and ultimately, saving lives. These pressures may result in the usually well adhered to controls, particularly around procurement/recruitment, taking second place to focus on patient care. 


In light of the COVID-19 crisis, we would urge organisations to constantly have the serious threat of fraud in their minds.


All business continuity plans such as procurement, agency staffing and DBS checks must have due consideration to potential fraud risks. We recognise that priorities are focussed on defeating the virus, however, fraud poses a real risk to valuable NHS resources and we must act now to mitigate that risk.


Threats to the NHS and staff

In financial terms the highest threats are from payment diversion frauds. These can result in a significant loss to the NHS and stopping these attempts relies heavily on staff being trained to follow procedures.


Staff returning to the NHS, volunteers and redeployment of staff is all taking place at an exponential rate. Recruitment fraud risks are significant and can only be controlled when the appropriate systems of review are in place and time taken to check identity, qualifications and references.


Significant increases in the number of people working remotely mean that significantly more people will be vulnerable to online fraud. Criminals will try and convince people to divulge their logon details and passwords. Furthermore, there has been a surge in phishing scams and calls claiming to be from government departments offering grants, tax rebates, or compensation in relation to the pandemic.


Criminals are also targeting individuals looking to buy medical supplies online and emails offering fake medical support. Scams are also targeting vulnerable and increasingly isolated people at home. These frauds try to lure people in with offers that look too good to be true, such as profitable investments and opportunities, or appeals to support bogus charities.*


Reports from the public include online shopping scams where people have ordered protective face masks, hand sanitiser, and other products as well as fake testing kits being offered for sale. Criminals are also using Government branding to try to trick people, including using HMRC branding to make bogus offers of financial support through emails, phone calls and text messages. This situation is likely to continue, with criminals looking to exploit further consequences of the pandemic.



The NHS Counter Fraud Authority (NHSCFA) is continuously liaising with law enforcement and public sector colleagues and is continuously monitoring reports of fraud against the NHS. The Government Counter Fraud Function advice on 'Fraud Control in Emergency Management: COVID-19 UK Government Guidance' details imminent threats to the public sector and the various principles for effective fraud control.


Finance, procurement and recruitment teams must ensure they remain vigilant to fraud risks during these difficult and highly pressurised circumstances. Staff are encouraged to read the CFA fraud prevention advice on Buying goods and services, Due Diligence and the Suppliers code of practice: preventing fraud, bribery and corruption available as guidance on the 'NHS Counter Fraud Authority website'.**






*Beware fraud and scams during Covid-19 pandemic fraud – National Crime Agency website


**Threats related to Covid-19 – NHS CFA n.d.


Audit South West Assurance
Audit South West Assurance