Feature / Bank job

06 March 2012

Login to access this content

LoginRegister

NHS Protect is alerting finance staff in NHS bodies to a spate of invoice frauds that are taking place across the country. Zoë Porton explains what action can be taken to prevent these frauds from occurring – and what to do if your trust is targeted.

Through the use of forged documents or even a simple telephone call, fraudsters have been diverting precious NHS funds from legitimate suppliers by providing new bank account details. If unchallenged, payments for services provided by recognised suppliers are unknowingly paid into the accounts of fraudsters such as Romario Gordon.

In February 2011, Mr Gordon used forged documents to divert more than £250,000 from Heatherwood and Wexham Park Hospital NHS Foundation Trust to his bank account.

The money was diverted from a legitimate supplier, which raised the alarm when it was not paid. NHS Protect was alerted and the account was frozen. Mr Gordon, the sole authorised signatory, confirmed that the account was his company’s and that he was the sole director. The trust had never awarded a contract to his company.

It was subsequently discovered that Mr Gordon had spent some of the money on luxuries such as a Porsche Cayman and a holiday in the Caribbean.

Following an NHS Protect investigation, Mr Gordon pleaded guilty to two offences of money laundering and was sentenced to 18 months imprisonment.

Furthermore, NHS Protect used powers under the Proceeds of Crime Act 2002 to seize the Porsche along with other assets including a laptop, phones and jewellery bought with NHS money. More than £135,000 was handed back to the trust and financial recovery on other items seized continues.

Since May 2011, NHS Protect has also sent out three alerts to trusts through the national network of NHS local counter fraud specialists. Intelligence gathered and analysed by NHS Protect puts potential NHS losses from this type of fraud at £7.1m, based on detailed analysis by its intelligence unit of information reported to NHS Protect by NHS bodies.

More than half of these fraudulent attempts were spotted by vigilant NHS staff and successfully stopped before payment. However, it is believed £3.3m has been diverted to criminals’ bank accounts. Following work by law enforcement agencies, including NHS Protect, £2.2m of this money has been restrained  and is in the process of being returned to the correct bank accounts.

Taking action

So what action can you take to stop this type of fraud from taking place within your organisation? There are around 300 NHS local counterfraud specialists working in health bodies throughout the country, who report to their local NHS organisation’s director of finance. These specialists are employed directly by the health bodies and professionally trained and accredited by NHS Protect, the national body leading on tackling crime against the NHS (see box below).

NHS Protect tackles crimes against the NHS that would otherwise undermine the effectiveness and ability of the health service to meet the needs of patients and professionals. The organisation has a responsibility for tackling fraud, bribery, violence, corruption, criminal damage, theft and other unlawful action such as market fixing.

NHS Protect’s National Investigation Service leads investigations into serious, organised and/or complex financial risks as well as losses including fraud, bribery and corruption within a clear professional and ethical framework.

Proceeds of Crime Act (POCA) powers allow for the recovery of property obtained through unlawful conduct. NHS Protect employs a small team of POCA-accredited financial investigators who devote their time to dealing with the recovery of funds that had previously been lost to the NHS.

By optimising the current legislation, NHS Protect can ensure the maximum financial redress to the NHS. It has issued guidance to all health bodies regarding administration procedures for changing bank account details on payment systems.

It also urges finance staff to follow this guidance and to regularly review their systems. Trusts are also advised to be particularly vigilant just before public holidays, when this type of fraud is more likely to be perpetrated.


Anti-fraud steps

The organisation recommends a series of steps trusts can take to protect themselves:

  • Ensure the trust is adhering to stringent procedures for changing supplier bank account details on payment systems, including adequate verification, separation of duties and appropriate levels of access to the payment system.
  • Find out whether the trust has received any requests to change supplier or contractor bank details within the past six months.
  • Establish whether the requests were made by the legitimate supplier or contractor. If the requests are bogus, identify any invoices received or payments made as a result.
  • Any information relating to successful or unsuccessful suspected criminal attempts to alter bank details should be reported to NHS Protect at [email protected].

This guidance is recognised as best practice and fraud prevention measures have subsequently been circulated to a number of government departments.

Even where a bogus request has led to funds being diverted, prompt action can result in a recovery of funds – as was the case in a recent NHS Protect case (see box starting on page 23). But the bottom line is that trusts should never just accept any phone call or fax that asks them to change the payment details of a supplier.

Account switch

The finance director of one mental health trust describes how his trust was recently targeted by fraudsters.

What happened at your trust?

Our financial services are outsourced to a shared services provider. In November, the shared services provider received a fax purporting to come from a construction company that had a contract to build a £6m unit for the trust.

This genuine contractor had done nothing wrong, but third-party fraudsters had managed to open a bank account using the company name. They then instructed our shared service provider to change the banking details.

Early in December 2011 our estates people signed off an £897,000 interim certificate for payment. When the payment was released on 29 December that sum went into the fraudsters’ bank account.

How did such a large amount get diverted?

On large capital schemes, it is normal to send significant amounts of money via staged payments. The fraudsters sat back and waited for the next staged payment to the construction company to arrive in their new account. 

How was it spotted so quickly?

Neither my trust’s finance nor estates departments had any idea that the bank account details had been changed by our shared supplier, we just knew payment was due on 20 December. So we were very fortunate when the contractor called the shared services provider on that very day to ask: ‘Where is our money?’.

What action did you take?

Having received the call form the genuine contractor, the shared services provider immediately contacted NHS Protect. NHS Protect responded decisively and they have good contacts with the banks and knew exactly who to call and what to do. The money had already left the account by the time the recipient bank was informed – a matter of hours.

Luckily, the bank managed to trace some of the funds into overseas banks and £537,000 of the £897,000 was returned to our bank account a few days later. That was thanks to NHS Protect and the bank.

How does this experience affect you and your trust?

We have lost a lot of money. We were embarrassed at falling prey to such a simple fraud. We also felt the pain that this was public money for patient care, stolen by fraudsters. It spoiled mine and many others’ Christmas last year.

We asked ourselves a lot of questions. Why did we miss this control weakness?

Why did the shared service provider miss things? Why was that fax trusted? But we are relieved that, thanks to NHS Protect, so much money has been recovered already.

Could it happen again?

We have to learn from this. Our shared provider has more than 10,000 suppliers and 17 NHS customers. It could have happened to anyone at any time. However, we have now adopted NHS Protect guidance and tightened up controls.


What is your advice to other health bodies to avoid the same happening to them?

I cannot overstate how important it is for NHS organisations to sit up and take notice of alerts when they are circulated by NHS Protect – including the guidance on the correct way to process and check change of payment details requests. It is not until it happens that you wish you’d taken notice. Don’t be complacent.

Basic controls should be in place. Never ever just accept a phone call, email or fax asking you to change the payment details of a supplier. Always ensure the old bank account details are provided too. What’s the worst that could happen if you pay the old bank account, while you wait for a supplier to provide all of the relevant information in hard copy?


About NHS Protect


NHS Protect has national responsibility for tackling fraud, violence, corruption, criminal damage, theft and other unlawful activity such as market-fixing. Services such as those provided by NHS Protect's National Investigation Service and the Forensic Computing Unit (FCU) are provided free of charge to trusts that encounter serious or complex cases of fraud. 

The FCU provides a comprehensive and professional forensic computing service to recover digital evidence for use in criminal, civil and disciplinary proceedings.

Related content