Taxpayer losing tens of billions to fraud as government still lacks modernising ambition to fight it - PAC report
|
- Public bodies fail to embrace opportunity to deploy new data
analytics technology - Report warns issues of legacy tech and a
lack of digital leadership still persist as PAC sceptical of
government's ability to improve without a robust plan The
use of data analytics to tackle fraud and error is underdeveloped
across government. In a new report, the Public Accounts Committee
(PAC) has found that, while the public purse is losing c.£55-£81bn
a year to fraud and...Request free
trial
- Public bodies fail to embrace opportunity to deploy new data analytics technology - Report warns issues of legacy tech and a lack of digital leadership still persist as PAC sceptical of government's ability to improve without a robust plan
The use of data analytics to tackle fraud and error is underdeveloped across government. In a new report, the Public Accounts Committee (PAC) has found that, while the public purse is losing c.£55-£81bn a year to fraud and error, there has been a lack of ambition and activity to deploy new technology widely. While government says using data analytics to tackle error and fraud could save taxpayers up to c.£6bn/yr, the PAC lacks confidence all public bodies are set up to achieve such savings. Little detail exists on how and when such a saving will be achieved, as government's digital and counter-fraud experts do not have a robust plan to support public bodies to make fraud and error savings through data analytics. The delayed roadmap for modern digital government published in January says government will embrace AI and replace outdated tech – but contains little detail on how and when this will be done, and nothing on how it will help tackle fraud and error. This lack of detailed planning exists against a backdrop of longstanding issues with legacy IT and a lack of digital leadership. The PAC found last year that c.28% of central government systems were out of date in 2024, and its 2023 recommendation for all departments to have a digital expert on their boards has not yet been achieved, despite being accepted by government. A further failing identified in leadership in this area is the Department for Science, Innovation and Technology's (DSIT) decision to not go ahead with appointing a Government Chief Digital Officer (CDO). The PAC believes this is a serious shortcoming, as a CDO would have given DSIT much greater clout across the whole of government to make the massive digital transformation that is necessary. The PAC's report reiterates its warnings from March 2025 about a lack of transparency on algorithm-assisted decision-making from government. At that time, only 33 records had been published on the government website set up to provide that transparency. At the time of this report's publication there were still only 125, and DSIT told the PAC that it knows that not all the expected cases have been recorded. Only 11 records at Feb '26 mentioned ‘fraud'. Departments are not doing enough to be transparent or build public trust in government's use of data analytics to tackle fraud, and DSIT should ensure that all government bodies record their use of algorithms for transparency, so that all relevant uses of AI and machine learning are captured. The PAC's report has further identified a limitation in current legislation in how government can deploy modern data analytics techniques to fight fraud. The law does not allow for individual profiling, meaning that government is not allowed to flag known fraudsters as an indicator for future fraud detection work, while National Fraud Initiative data can only be retained for two years. The report recommends the Public Sector Fraud Authority should tell Parliament where it believes additional powers or a change to the law would be helpful. Sir Geoffrey Clifton-Brown, Chair of the Public Accounts Committee, said: “Our Committee has long identified a failing in digital leadership and fragmented data across government as one of the main blockers in government's ability to deliver. Our evidence suggests that government has a lot of data, but no information. One of the most obvious areas in which new technology could protect the taxpayer's pound is in error and fraud. But while this government has talked a big game on embracing new technology, its delayed roadmap on modern digital government fails to even mention how this will tackle fraud and error, and it continues to struggle with the dead weight of legacy technology. We are not convinced that the government is making best use of fast-moving technology such as AI to tackle the difficult subject of fraud. “There are specific actions which this Committee will continue to raise which government could take to back up its loud ambitions. It could enable better information sharing across Departments; DSIT could gain the heft a small department with such a big responsibility needs by appointing a Government Chief Digital Officer; and it could move with more speed to place digital experts at the top decision-making table of each Department (a PAC recommendation Government has already accepted.) We hope to see a robust plan from government in this area. Without one, government will only be able to mouth its disapproval as billions in public money continue to roll out of the door into the hands of fraudsters.” PAC report conclusions and recommendations Public bodies are not yet fully embracing the opportunity to save billions in fraud and error by using data analytics. Losses through fraud and error cost the taxpayer an estimated £55 billion to £81 billion each year. While there are few direct comparators, the PSFA told us this represents a similar level of losses as in the US and EU. While the bulk of losses are in the tax and welfare systems, the rest of government still accounts for between £5 billion and £31 billion of fraud and error losses per year. DSIT knows that data analytics are vital to tackling this loss and has estimated they could save up to £6 billion per year. But we do not have confidence all public bodies share the ambition or are set up to achieve such savings, with only modest savings being achieved so far. The PSFA agrees annual targets for fraud and error savings with all central government departments and tracks how they perform against these, but these departmental targets and savings are not made public. Recommendation 1.
Government's digital and counter-fraud experts know what government needs to do to make fraud and error savings through data analytics, but do not have a robust plan to support public bodies to do so. There are several barriers preventing the wider use of data analytics to fight fraud and error across government, including: the continued use of legacy systems; poor quality data; difficulties in sharing data; and a lack of digital skills in central government. However, while government knows what the barriers are, it lacks a detailed action plan to address them. DSIT published its delayed Roadmap for modern digital government in January 2026. While this strategy sets out the government's ambition to embrace AI and replace legacy IT systems, it contains little detail on how and when this will be done and nothing on how this will help tackle fraud and error losses or what DSIT's responsibilities will be in this area. Recommendation 2. The Government Digital Service, Public Sector Fraud Authority and Government Finance Function should set out how they will work together to deliver the reduction in fraud losses that data analytics can achieve, with clear targets and milestones. This should include how government intends to move from a system of detecting and recovering fraud, to one more focused on preventing fraud in the first place. We are concerned that government has not built the digital capability or senior digital leadership it needs to achieve change and bring fraud savings from data analytics. Digital transformation will require strong leadership. The government accepted the previous Committee's September 2023 recommendation that all departments should have a non-executive director with relevant digital, data and technology transformation expertise on their Boards. While DSIT assured us that this is now the case at several key departments, this ambition has not yet been achieved across government. GDS intends for at least 10% of the civil service to be digital, data and cyber professionals, but in April 2025 only 5.5% of the civil service met this criteria, and GDS is concerned that civil service pay rates make it difficult to retain digital leaders and achieve the upskilling it needs. We were also disappointed to hear that DSIT is not proceeding with the appointment of a permanent secretary-level Government Chief Digital Officer. It is instead choosing a structure where two directors-general will report into the DSIT permanent secretary, with responsibility for supporting digital transformation across government and the digital products GDS builds and runs. We believe this is a shortcoming, and that a Chief Digital Officer of appropriate seniority would give DSIT much greater clout across the whole of government to make the massive digital transformation that is necessary. Recommendation 3.
Government is not doing enough to promote the effective sharing of data, which is stopping departments from maximising the savings they could make from data analytics. Government bodies have legal frameworks through which to share data, such as those established by the Digital Economy Act 2017, but find it time-consuming and difficult to do in practice. The PSFA told us it is taking steps to make this process simpler and quicker. The PSFA also told us it is building a library of counter-fraud controls to encourage and enable better data sharing and to make it easier for government bodies to know what datasets and tools are already available. GDS said it was building a single data platform for use across government that will enable government bodies to find and use data assets. But government does not make full use of the other data-sharing tools available to it. For example, the National Fraud Initiative tool (NFI), which local authorities must use and through which they save millions of pounds by matching their own data with that of other local authorities, is not mandatory for central government. This means the NFI does not benefit from much of central governments data to help flag more potential fraud, and that central government itself does not realise some of the potential savings. Recommendation 4
Departments are not doing enough to be transparent or build public trust on the use of data analytics to tackle fraud. In tackling fraud, government must balance maintaining public trust by being transparent about what it is doing, with not providing so much information that it helps fraudsters. We are concerned that government is not doing enough to assure the public that its use of data analytics is appropriate and does not disadvantage sections of the population. As an example, government bodies are required to disclose publicly any use of algorithms, AI and machine learning in decision making through the Algorithmic Transparency Recording Standard. DSIT told us that, while it believes it has captured most such uses, it knows that not all the expected cases have been recorded. As of February 2026, the Algorithmic Transparency Recording Standard repository held 11 records that mentioned 'fraud', and none of the good practice examples of data analytics case studies the NAO reported on were present on the register. Recommendation 5. The Department for Science, Innovation and Technology should ensure that all government bodies comply with the Algorithmic Transparency Recording Standard so that the Hub captures all relevant uses of AI and machine learning. It should continuously monitor, update and ensure compliance with guidance around data analytics transparency to ensure that it maximises transparency without assisting fraudsters. Current legislation limits government's ability to deploy data analytics to tackle fraud and error. Some existing legislation, such as the Digital Economy Act, support the use of data analytics to fight fraud and error by enabling data sharing across departments. However, there are also instances where legislation, written some time ago, does not fully support the effective deployment of modern data analytics techniques. For instance, the Local Audit and Accountability Act, introduced in 2014, does not allow for profiling of individuals' behaviours. In practice, this means that it does not allow government to flag individuals who have committed fraud before as an indicator for future fraud detection work, as would be done in other industries. Moreover, the data collected as part of the National Fraud Initiative, enabled by the Act, can only be retained for two years. This limits the ability to look at historical fraud trends and the range of data that can be used when trying to identify fraud. Recommendation 6.
|
