Source · Select Committees · Public Accounts Committee
Recommendation 6
6
Rejected
Ensure one body is responsible for fraud prevention and detection in future schemes.
Recommendation
The Department did not give the risk of fraud appropriate priority, and it is likely that the known levels of fraud are a significant under-statement of the true level of fraud. No single organisation has overall responsibility for preventing and detecting fraud on ECO4 and GBIS. The Department did not carry out a fraud risk assessment during the design of ECO4 and the ownership of some known fraud risks was agreed only in October 2025. Ofgem’s role in relation to fraud is limited to progressing counter-fraud investigations where allegations have been made. Yet no organisation is responsible for pro-actively looking for fraud, nor holds all the data it would require to do so effectively. Ofgem has identified installations worth 1.75% of the scheme value as fraudulent but, given the above, we suspect the true level of fraud to be much higher and above the Departments tolerance threshold of 2%. If the Department had paid more attention to preventing and detecting fraud, it would likely have avoided some of the poor quality installations too. We suggest that the Serious Fraud Office should look at this case. recommendation a. Given the likely role of fraud in the poor quality installations, the Department should refer the issue to the Serious Fraud Office to investigate the extent of fraud across ECO and bring criminals to justice. b. HM Treasury should extend its requirement in Managing Public Money for a Fraud Risk Assessment on all new major areas of public spend to include levy-funded schemes instigated by the government, such as ECO. c. In future schemes, the Department should ensure that one body is responsible for fraud prevention and detection at the system level, enabled by counter-fraud activities of and data from other organisations in the system. d. HM Treasury should amend its guidance in Managing Public Money to recommend public bodies design fraud out of all new schemes as far as is sensible, and have one body responsible for fraud prevention and detecti
Government Response Summary
The government rejected the recommendation to work with the Serious Fraud Office, stating that investigating suspected fraud is already Ofgem's responsibility and referrals have been made. For the other points about fraud risk assessment and prevention, the government agreed that existing standards and guidance already cover these.
Government Response
Rejected
HM Government
Rejected
The government agrees with the Committee’s recommendation. responsible for fraud prevention and detection at the system level for government-run schemes. The Warm Homes Plan outlines the department’s commitment to reform the consumer protection system for government retrofit programmes. This system will be simpler with stronger government oversight. The department expects to consult on the details of these plans and therefore does not wish to prejudice that consultation. The Warm Homes Agency is stated as having oversight of this future reformed consumer protection system, enabled by data-led insights and analysis. Data sharing and exchange between relevant bodies will be fundamental to verifying the details of all retrofit work, assuring that standards have been met, and detecting any possible fraud. By having data joined up across the system, fraud may be detected at any point, and potentially by a number of different bodies, and shared with the relevant body responsible for investigation or enforcement. As set out in the Warm Homes Plan, the department’s strategy is to reduce fraud in government retrofit schemes throughout, from the initial scheme design through all aspects of operational delivery and oversight. It is not enough to rely on retrospective enforcement. The department will prioritise deterrence and prevention, before harm is done. The department also recognises the need for consumer protection for the wider market that does not necessarily benefit from government subsidy but is still contributing towards net zero and energy efficiency outcomes. When future schemes are designed, the department will incorporate lessons learned from ECO4 which include having clearly assigned owners for fraud risks and strong system oversight. 6d. PAC recommendation: HM Treasury should amend its guidance in Managing Public Money to recommend public bodies design fraud out of all new schemes as far as is sensible, and have one body responsible for fraud prevention and detection at the system level, enabled by counter-fraud activities of and data from other organisations in the system. The government agree with the Committee’s recommendation. standards and guidance for fraud risk assessment in government both already set out that Accounting Officers are responsible for managing public sector organisation’s risks, including fraud. Where a central government department (including its arm’s length bodies) is the scheme owner (that is, sets policy intent, scheme design and is accountable to Ministers and Parliament), it owns the fraud risk assessment, even if some or all of the scheme is delivered through other bodies. As well as designing out fraud at the early stages of scheme design, the accountability and ownership of fraud risk assessment should be agreed at the outset and align to Managing Public Money. The Initial Fraud Impact Assessment (IFIA) should capture how many different organisations are involved in the spend activity, which should encourage departments to think about how fraud risk assessment is going to be managed when multiple bodies are involved. HM Treasury will issue updated guidance before summer 2026 to clarify and expand the existing principles on accountability and fraud risk management when multiple bodies are involved.