Information for bodies working with the National Fraud Initiative, including the process, obligations around data and contact details.
The National Fraud Initiative (NFI) matches electronic data within and between public and private sector bodies to prevent and detect fraud. These bodies include police authorities, local probation boards, fire and rescue authorities as well as local councils and a number of private sector bodies.
Public sector bodies are required to submit data to National Fraud Initiative on a regular basis. View data requirements and data specifications for the public sector. NFI also provides additional services for the public sector.
The NFI offers a number of services that are available to all types of private sector organisations. View National Fraud Initiative: private sector services to see how the NFI could help your organisation and how to get involved. You can also read case studies.
If you already have access, log in to the secure National Fraud Initiative web application to:
- watch training videos
- update contact details
- upload data
- submit confirmation of fair processing notifications
- receive the data matches
View National Fraud Initiative: timetables for information about important deadlines and milestones.
Fair processing and the Data Protection Act
The Data Protection Act 1998 requires NFI participants to tell individuals that their data will be processed. Providing this information is known as a fair processing notice. The key contact for each body also needs to submit a declaration via the secure NFI application confirming that they are following fair processing notification requirements.
For data processing to be fair, data controllers should give individuals whose data is to be processed:
- the identity of the data controller
- the purpose or purposes for which the data may be processed
- any further information which is necessary to enable the processing to be fair
This lets people know that their data is being used in order to prevent or detect fraud. They can then take appropriate steps if they consider the use is unjustified, or unlawful in their particular case.
View guidance and examples of fair processing notices. These are available with different levels of information to suit different audiences. Participants should decide the content and means of issue of fair processing notices for themselves, but notices should:
- clearly set out an explanation that data may be disclosed for the purpose of preventing and detecting fraud
- state that the data will be provided to the Commission for this purpose
- contain details of how individuals can find out more information about the processing of their data
If certain exemptions within the Data Protection Act 1998 apply, data controllers are not required to provide fair processing information. An example is the section 34 exemption, where there is a statutory requirement to make personal information available to the public.
Contact nominations and responsibilities
Director of finance role
The director of finance, or equivalent senior responsible officer, is responsible for ensuring that the body taking part in the NFI meets the statutory requirements. They should:
- nominate a key contact
- ensure the key contact has access to the matches, via the secure NFI web application, when they become available
- ensure that the key contact fulfils all data protection requirements
Key contact role
The key contact is responsible for:
- fulfilling data protection requirements – they should be in direct communication with their organisation’s data protection officer or equivalent
- ensuring that the data formats guidance and data specifications are followed
- nominating appropriate users to upload data submissions, investigate the matches and act as the point of contact for other bodies about a match (preferred dataset contact)
- coordinating and monitoring the overall exercise
- ensuring that outcomes from the investigation of matches are recorded on the web application promptly and accurately
Watch training videos within the NFI web application for more information.
The user responsible for submission of the data should ensure that
- the data meets the specifications, contains a header row and is in the correct format
- they submit the data via the data file upload facility (DFU)
- the data is received by the required deadline(s)
Investigating the matches
The key contact will set up a user or number of users with access to the NFI web application so that they can review and investigate the matches. They may also be responsible for responding to enquiries from other matched bodies if this role is delegated to them by the key contact.
Once the data-matching process for each exercise is completed, the NFI will make the output available to the relevant participating body for consideration and investigation via the secure NFI software. Participating bodies are then responsible for investigating any matches.
The NFI will provide guidance with the data matching output: it’s essential to consider this as it will help with prioritising reports and the matches within them.
Making the process more efficient
There are a number of measures that the senior responsible officer/key contact can take to make the process more efficient. These include:
- making sure participants access the relevant training videos via the secure NFI application
- ensuring that all contact details are up to date
- reviewing the data quality reports from the previous year to identify any improvements that can be made for the next data submission
- making sure that appropriate staff review all documentation before submitting data
- planning in advance what investigative resources are needed, based on specific expertise and knowledge – this means matches can be dealt with promptly (eg it may be best for a nominated person in Internal Audit or Accounts Payable to deal with trade creditor duplicate matches)
Read details of the statutory framework under which Cabinet Office carries out data matching exercises.
External auditors (where applicable) will continue to be involved in the NFI. They will be able to use the output from the exercise to help them assess the arrangements that audited bodies have in place to prevent and detect fraud.
To discuss your requirements or sign up to take part please email email@example.com or call 0845 345 8019.
Published: 2 March 2015
Updated: 16 June 2016
- Updated guidance on taking part in the National Fraud Initiative.
- First published.