Indicators for potential fraud: a generic checklist for education providers
Updated 30 June 2025
Applies to England
Introduction
This is a generic list of red flags that could indicate fraudulent activity in your organisation, including bribery and corruption.
We’ve categorised them into:
- personal motives for fraud
- organisational motives for fraud
- weaknesses in internal controls
- transactional indicators
- possible methods used to commit or conceal fraud
- recordkeeping, banking and other
Due to the nature of fraud, red flags may not be exclusive to just one area.
This document is not exhaustive and is a guide only. It may be helpful as a checklist if you have concerns that fraudulent activity might be taking place.
Not all indicators may be relevant to all organisations.
Personal motives for fraud
Consider if any of these red flags are present in your organisation.
- Do personnel believe they receive inadequate compensation and rewards (such as recognition, job security, annual leave or promotion)?
- Does anyone have evidence of an expensive lifestyle (such as cars or trips) that seems disproportionate to their income?
- Is anyone experiencing personal problems (such as with gambling, alcohol, drugs or debt)?
- Is there an unusually high degree of competition or peer pressure?
- Are there related-party transactions (business activities with personal friends, relatives or their companies)?
- Are there any unrecorded or unmanaged conflicts of interest?
- Are there any disgruntled employees (such as those who have recently been demoted or reprimanded)?
- Has there been a recent failure associated with a specific individual?
- Is there any personal animosity or professional jealousy?
Organisational motives for fraud
Consider if any of these red flags are present in your organisation.
- Is the organisation experiencing financial difficulty?
- Is the commercial arm experiencing financial difficulty?
- Are deadlines to achieve outputs particularly tight?
- Does the organisational governance lack clarity, direction or substance?
- Is the organisation closely identified with or dominated by one individual?
- Is the organisation under pressure to show results (such as budgetary matters or exam results)?
- Has the organisation recently suffered disappointment or negative consequences as the result of bad decisions?
- Does the organisation want to expand its scope or obtain additional funding?
- Are funding awards or contracts for services up for renewal or continuation?
- Is the organisation due for a site visit by auditors, Ofsted or others?
- Does the organisation have a for-profit component?
- Has the organisation recently been affected by new or changing conditions (such as regulatory, economic or environmental)?
- Is the organisation facing pressure to use or lose funds to sustain future funding levels?
- Is there a record of previous failures by one or more organisational areas, associated businesses or key personnel?
- Have there been sudden changes in organisational practice or the usual pattern of behaviour?
Weaknesses in internal controls
Consider if any of these red flags are present in your organisation.
- Is there a general lack of transparency about how the organisation works and implements procedures and controls?
- Does management demonstrate a lack of:
- attention to ethical values, including a lack of communication regarding the importance of integrity and ethics?
- concern about the presence of temptations and inducements to commit fraud?
- concern regarding instances of fraud?
- Is there a clear fraud response plan or investigation policy?
- Does management fail to specify or require appropriate levels of qualification, experience or competence for employees?
- Does management display a tendency to take risks?
- Is there a lack of appropriate organisational and governance structure, with defined lines of authority and reporting responsibilities?
- Does the organisation lack policies and communication relating to individual accountability and best practice (for example, related to procurement, travel and subsistence, use of alcohol, or declarations of interest)?
- Is there a lack of human resources policies and recruitment practices?
- Does the organisation lack employee performance appraisal measures or practices?
- Does management display a lack of commitment towards the identification and management of risks relevant to the preparation of financial statements (that is, they do not consider the significance of risks, the likelihood of occurrence or how they should be managed)?
- Is there inadequate comparison of budgets with actual performance and costs, forecasts and prior performance? Is there no regular reconciliation of control records and a lack of proper reporting to a governing body?
- Is the management of information systems inadequate (such as having no policy on information technology security, computer use and access, verification of data accuracy, or completeness or authorisation of transactions)?
- Is there insufficient physical security over facilities, assets, records, computers, data files and cash? Is there a failure to compare existing assets with related records at reasonable intervals?
- Is there inadequate or inappropriate segregation of duties regarding initiation, authorisation and recording of transactions, maintaining custody of assets and the like?
- Are accounting systems inadequate (that is, there is an ineffective method for identifying and recording transactions, no tracking of time periods during which transactions occur, insufficient descriptions of transactions and which account they should be allocated to, no easy way to know the status of funds on a timely basis, no adequate procedure to prevent duplicate payments or prevent missing payment dates)?
- Are the purchasing systems and procedures inadequate (such as poor or incomplete documentation to support procurement, purchase, payment or receipt of goods and services, and poor internal controls for authorisation and segregation of duties)?
- Do subcontractor records and systems reflect inadequate internal controls?
- Is there a lack of internal, ongoing monitoring of the controls that are in place or failure to take any corrective actions, if needed?
- Is management unaware of, or does it display a lack of concern about applicable laws and regulations (for example, companies acts, charities acts, child protection, funding agreement, contract for services)?
- Are there specific problems or reportable conditions that were identified by prior audits or other means of oversight that have not been corrected (such as a history of problems, a slow response to past findings or problems, or unresolved present findings)?
- Is there no mechanism to inform management, directors, trustees or governors of possible fraud?
- Is there a general lack of management oversight?
Transactional indicators
Consider if any of these red flags are present in your organisation.
- Are there related-party transactions with inadequate, inaccurate or incomplete documentation or internal controls (such as business or research activities with friends, family members or their companies)?
- Does the not-for-profit entity have a for-profit counterpart with linked infrastructure (such as a shared board of trustees, governors or other shared functions and personnel)?
- Are there specific transactions that typically receive minimal oversight?
- Are there previous audits with findings of:
- questioned costs?
- evidence of non-compliance with applicable laws or regulations?
- weak internal controls?
- a qualified audit opinion?
- inadequate management response to any of the above?
- Are transactions or accounts difficult to audit or subject to management judgement and estimates?
- Are there multiple sources of funding with inadequate, incomplete or poor tracking, failure to segregate funds or the existence of pooled funds?
- Are there unusual, complex or new transactions, particularly if they occur at year end, or the end of a reporting period?
- Are there transactions and accounts operating under time constraints?
- Are there travel accounts with inadequate, inaccurate or incomplete documentation or poor internal controls such as:
- appropriate authorisation and review?
- variances between budgeted amounts and actual costs?
- claims in excess of actual expenses?
- reimbursement for personal expenses?
- claims for non-existent travel or collecting duplicate payments?
- Are there credit card accounts with inadequate, inaccurate or incomplete documentation or internal controls (such as appropriate authorisation and review)?
- Are there accounts in which activities, transactions or events involve handling of cash or wire transfers, or are there high cash deposits maintained with banks?
- Are there assets that are easily converted to cash, such as items that are:
- small size, high value, high marketability or lack of ownership identification?
- easily diverted to personal use, such as cars, houses, equestrian centres or villas?
- Are there accounts with large or frequent shifting of budgeted costs from one cost centre to another without adequate justification?
- Does the payroll (including fringe benefits) system have inadequate controls to prevent an individual being:
- paid twice?
- paid for non-delivery or non-existence?
- outsourced but with poor oversight of starters, leavers and payments?
- Are consultant agreements vague about work carried out, the time period covered, the rate of pay or the product expected, or is there a lack of proof that the product or service has actually been delivered?
- Are sub-contractor agreements vague about work carried out, the time period covered, the rate of pay or the product expected, or is there a lack of proof that the product or service has actually been delivered?
- Is there a sudden or rapid growth of newly contracted or existing education providers, for example:
- a rapid or significant increase in learner numbers for newly contracted providers?
- providers with large cohorts of newly recruited learners in occupational areas where the provider has minimal or no previous experience?
- concerns that a provider’s infrastructure or staffing is insufficient to manage the increase in learners?
Methods used to commit or conceal fraud
Consider if any of these red flags are present in your organisation.
- Are there employee indicators such as:
- an eagerness to work unusual hours?
- access to or use of computers at unusual hours?
- a reluctance to take leave or seek support?
- an insistence on doing tasks alone?
- the refusal of a promotion or a reluctance to change job?
- Are there employee issues with auditors such as:
- a refusal or reluctance to provide information or hand over documents?
- unreasonable explanations, annoyance or aggressive responses to questions or requests in an attempt to deter the auditors?
- an attempt to control the audit process (such as its timetables, access or scope)?
- the auditee or employee blaming a mistake on a lack of experience with financial requirements or regulations governing funding
- promises of co-operation followed by subsequent excuses to limit or truncate co-operation?
- subtle resistance?
- answering a question that was not asked?
- offering more information than was asked for?
- providing a wealth of information in some areas but little in others?
- explaining a problem by saying, “We’ve always done it that way” or “Someone at DfE [or elsewhere] told us to do it that way” or “Mr X said he’d take care of it”?
- a tendency to avoid personal responsibility (indicated by the overuse of “we” and “our” rather than “I”)?
- blaming someone else?
- too much forgetfulness?
- trying to rush the audit process?
- an uncharacteristic willingness to settle questioned costs in an attempt to deter further investigation or analysis?
- Is there a general lack of transparency about how the organisation works, and about its procedures and controls?
- Are explanations fabricated to support an inability or unwillingness to provide evidence for transactions or assets (such as stated computer failure, loss of electronic data or theft of business records or assets)?
Recordkeeping, banking and other red flags
Consider if any of these red flags are present in your organisation.
- Are documents missing, copies rather than originals, in pencil or altered, or do they contain false signatures, the signature of an incorrect person or no authorisation where it would be expected?
- Is there deviation from standard procedures (for example, all files but one having been handled a particular way or all documents but one having been included in a file)?
- Are there excessive or poorly evidenced journal entries, or a lack of explanation for journal entries?
- Are there transfers to or from any type of holding or suspension account?
- Are there inter-fund company loans to other linked organisations?
- Are there records that are inadequate or have not been updated or reconciled?
- Are several different banks or bank accounts being used, or have there been frequent changes of bank?
- Has there been a failure to disclose unusual accounting practices or transactions?
- Are there unusual accounting practices or transactions, such as:
- an uncharacteristic willingness to settle questioned costs?
- non-serial-numbered transactions or out-of-sequence invoices or other documents?
- the creation of fictitious accounts, transactions, employees or charges?
- the writing of large cheques to cash or repeatedly for a particular individual?
- excessive or large cash transactions?
- payroll checks with unusual or questionable endorsements?
- payees who have similar names or addresses?
- non-payroll checks written to an employee?
- Have delivery needs been defined in ways that can only be met by one source or individual?
- Is there continued reliance on a person or entity despite poor performance?
- Have non-business or personal goods or services been treated as business transactions in financial records (such as goods and services purchased for trustees, directors or their family members)?
- Has the directors’ loan account facility been misused (for example, deliberately miscoding transactions to gain personal advantage)?
- Are material goods or services fictitiously or erroneously reported as having been purchased, with evidence fabricated to support the claim, so they can be used as a conduit to remove funds from the organisation? Potential evidence could include:
- repeated purchases of the same items
- identical items purchased in different quantities within a short time period
- invoices and statements used as evidence for purchases facilitating duplicate transactions or payments
- anomalies in the format of purchase invoices
- goods and equipment not being used as promised, or that do not work or do not exist
- Are legitimate business assets being used for non-business or private use?