National Fraud Initiative Privacy Notice

Last updated on 1 Oct 2024

We are required to protect the public funds we administer. We may share information provided with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud.

The Cabinet Office is responsible for carrying out data matching exercises.

Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match.

This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.

We participate in the Cabinet Office’s National Fraud Initiative: a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the Cabinet Office for matching for each exercise.

The gov.uk privacy notice guidance sets out how we will use your personal data as part of the Cabinet Office’s National Fraud Initiative (NFI) data matching exercise to aid in the prevention and detection of fraud.

The processing of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under data protection legislation or the General Data Protection Regulation (GDPR).

Data matching by the Cabinet Office is subject to a Code of Practice. Should you wish to know more information on how we will use your personal data, and your rights, visit the NFI privacy notice at gov.uk.

The relevant lawful basis for processing this information is Article 6(1)(e) of the UK General Data Protection Regulation: Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

Back to privacy notice