Anti Fraud privacy notice
The council is under a duty to protect the public funds it administers and will use the personal data we hold about you for the prevention and detection of fraud.
It is our policy to commit to a programme of zero tolerance and appropriately investigate all allegations of fraud and associated criminal activity that are reported to us. We will ensure all cases are appropriately sanctioned and this means that you could be prosecuted if you commit fraud. We will always take steps to recover any losses incurred.
The personal information we collect from you will be shared with bodies responsible for auditing or administering public funds, and fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused services, finance, or employment.
CIFAS Fraud Database
The council participates in the CIFAS National Fraud Database. CIFAS is an independent, not-for profit company trusted by the UK government. It runs a national fraud prevention network where personal information from public and private sector organisations like local authorities, police, utility companies and banks is kept and shared. These organisations record and share details of internal and external fraud attempted against their business.
The information is stored in secure databases and CIFAS members use this data and related intelligence in their processes for activities like verifying applications, preventing money laundering or screening staff.
More information can be found on the CIFAS website.
National Fraud Initiative
We provide information to the Cabinet Office for the National Fraud Initiative This is a data matching exercise to assist in the prevention and detection of fraud and the use of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under its powers in Part 6 of the Local Audit and Accountability Act 2014. We are required to take part and provide personal data to the Cabinet Officer for data matching.
All bodies participating in the Cabinet Office’s data matching exercises receive a report of matches that they should investigate, so they can detect instances of fraud, over- or under-payments and other errors, to take remedial action and update their records accordingly.
From 1 April 2015 the National Fraud Initiative has been conducted using the data matching powers bestowed on the Minister for the Cabinet Office by Part 6 of the Local Audit and Accountability Act 2014 (LAAA). Previous exercises were conducted by the Audit Commission under Part IIA of the Audit Commission Act 1998.
Data matching by the Cabinet Office is subject to a code of practice
Personal information collected
- Address & contact details
- Financial information
- Equalities Information
- Property and housing information
- Criminal/Prosecution Information
- Health/Medical Information
- Human Resources and Employment Records
- Other Agencies Involved
- Information from the Local Authority from where you live and previously lived
- Family/Relationship Information
- Images in photographs or film/CCTV
Who we share the information with
- Judicial Agencies eg Courts
- Legal representatives
- Expert Witnesses
- Council services, dependent on the type of fraud
- Professional regulatory bodies
- Probation/Prison Services
- UK Border Agency
- Council legal service
- Insurance companies
- Other local authorities
- Voluntary Agencies /Third Sector
- Housing providers
- Home Office
- Credit Reference Agencies
Legislation that applies
Public bodies such as local authorities derive their powers from statute (law), and must not act outside these powers.
Section 1 of the Localism Act 2011 gives local authorities a power to do anything that individuals may generally do which could include sharing information.
Section 111(1) of the Local Government Act (LGA) 1972 gives local authorities the express permission to do anything which is calculated to facilitate, or contribute to the discharge of any of their functions.
In most cases these means that the local authorities can do what is necessary to protect their finances, assets and interests.
Section 68 (1)(2) of the Serious Crime Act 2007 states that ‘A public authority may, for the purposes of preventing fraud or a particular kind of fraud, disclose information as a member of a specified anti-fraud organisation or otherwise in accordance with any arrangements made by such an organisation’ The information may be information of any kind; and may be disclosed to the specified anti-fraud organisation, any members of it or any other person to whom disclosure is permitted by the arrangements concerned.
All data obtained through these actions is subject to compliance with relevant legislation such as the Data Protection Act 2018.
Section 151, Local Government Act 1972 gives the local authority powers to investigate any offence that has a detrimental effect on the public finances in its charge. Other legislations that empower local authorities to investigate and prosecute offenders include but is not restricted to:
- The Council Tax Reduction Schemes (Detection of Fraud and Enforcement) (England) Regulations 2013
- Local Audit and Accountability Act 2014 (Part 6)
- Section 68 of the Serious Crime Act 2007
- Prevention of Social Housing Fraud Act 2013
- Housing Act 1985
- The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017
- Fraud Act 2006
- Theft Act 1968
- Forgery and Counterfeiting Act 1981
- Investigatory Powers Act 2016
- Regulation of Investigatory Powers Act 2000
- Proceeds of Crime act 2002
- Criminal Finances Act 2017
- Road Traffic Regulation Act 1984
- Disabled Persons' Parking Badges Act 2013
- Chronically Sick and Disabled Persons Act 1970
- The authority’s Constitution
All criminal investigations conducted by a local authority are governed by and compliant with the:
- Criminal Procedures and Investigations Act 1996
- Police and Criminal Evidence Act 1984
- Human Right Act 1998
How long we keep your information
Information is kept for the for the minimum period as is deemed necessary and in line with the council’s data retention policies.
The default standard retention period for anti-fraud records is 6 years plus current, otherwise known as 6 years + 1. This is defined as 6 years after the last entry in a record followed by first review or destruction to be carried out in the additional current (+ 1) accounting year.
Records must only be retained beyond the default retention period if their retention can be justified for statutory, regulatory, legal or security reasons or for their historic value.
In cases where criminal prosecutions have taken place data may be kept for a longer period to cater for appeals and retrials etc.