Data Matching and the Role of Auditors
A Paper by the Public Audit Forum
Data matching - the comparison of separate sets of personal data in order to identify unwarranted differences and duplications - can be a powerful means of assisting a variety of management and audit purposes. One important use is the identification of potential fraud. But there needs to be a balance between protecting the public purse and the individual's right to privacy. These tensions are recognised in a consultation paper published today by the Public Audit Forum.
Sir John Bourn, chairman of the Public Audit Forum said,
"This paper is the first step in developing specific guidance to public sector auditors on the use of data matching. It is important that we receive the views of auditors, managers and the public on its content."
The paper sets out important issues relating to the use of data matching by auditors in the public sector:
- the proper role of the auditor;
- powers to transfer data, where data is matched between organisations;
- compliance with privacy legislation - the Data Protection Act 1998 and the Human Rights Act 1998.
It also explores the cost-effectiveness of data matching, and, in doing so, looks at the example of the Audit Commission's 1998 National Fraud Initiative, which identified some £42 million of fraud.
The primary responsibility for the prevention and detection of fraud rests with the management of audited bodies. But auditors have a function in reviewing management's arrangements for the prevention and detection of fraud, and can find data matching useful for audit testing. There is some uncertainty regarding the effect of the introduction of the Human Rights Act on data matching, and the Data Protection Commissioner is working on producing authoritative advice on when it may be used.
The Forum's paper concludes that the auditor's decision to use data matching should be made on a case by case basis. But it also sees a need for specific guidance to auditors on the use of data matching, building on the Data Protection Commissioner's work.
Bob Black, Auditor General for Scotland and chairman of the working group that prepared this paper, said,
"Data matching is a powerful technique that can help ensure public money meets its intended recipients. But as inappropriate use can infringe people's rights to privacy, the Public Audit Forum is working to clarify how and when it may be used."
NOTES TO EDITORS:
Comments on the consultation paper should be sent, by 10th November 2000 to Robert W Black, Auditor General for Scotland, Audit Scotland, 110 George Street, Edinburgh EH2 4LH. Alternatively, comments may be emailed to martin.peters@nao.gsi.gov.uk.
Data Matching is the comparison of different personal data sets in order to identify anomalies that may indicate fraud or other problems. For example, local authorities may compare their lists of people receiving housing benefit against lists of people in receipt of student awards in order to identify housing benefit fraud (receipt of both is not normally permissible).
The Public Audit Forum was established in 1998 by the heads of the four national audit agencies: Sir John Bourn, Comptroller & Auditor General and Auditor General for Wales; Andrew Foster, Controller of the Audit Commission; Bob Black, Auditor General for Scotland, and John Dowdall, Comptroller & Auditor General, Northern Ireland. The Forum's overall aim is to provide a focus for developmental thinking about public audit. The Public Audit Forum has a remit to build on the existing co-operation between the national audit agencies, to enhance the efficiency and effectiveness of public audit, to provide a strategic focus on issues cutting across their work and to develop common standards for public audit. This paper was prepared by a consultative forum that draws on the experience and expertise of public auditors, the bodies they audit, the auditing profession and the wider community.
This paper, and other information about the Forum, is available on its web site at www.public-audit-forum.gov.uk.
Press Enquiries to Tanya Croft on 020 7838 4848
