Social security: independent analyst's report on consultation on the investigation of offences regulations

Impact Assessments

As part of the development of the Social Security (Scotland) Bill, a number of impact assessments were published. A commitment was made that all secondary legislation emanating from that Bill would also be accompanied by appropriate impact assessments.

The final part of the consultation sought views on both the business related and equalities impacts which the Scottish Government considered may result from the implementation of the Investigation of Offences regulations and the Code of Practice for Investigations.

Responses to this part of the consultation would be used to develop and publish full impact assessments.

Business Impacts

Comments were invited on the Business and Regulatory Impact Assessment (BRIA) by means of a single open-ended question.

Q18. Have we identified all of the business-related impacts?

Half of respondents gave no response to this question and most of those who did indicated that all business-related impacts has been appropriately identified.

Five suggestions were made for business related impacts which may have been overlooked, including that no data protection impact assessment had been mentioned, as defined under DPA 2018. A suggestion was made that this should be considered further:

"It seems likely that processing personal data as part of a fraud investigation would lead to a high risk to the rights and freedoms of individuals. As such, we would have expected to see at least a draft data protection impact assessment (DPIA) published with this consultation. We expect Social Security Scotland either to conduct a DPIA prior to the investigation of any offences or to document its rationale as to why a DPIA is not necessary."

Similarly, the same organisation suggested that, as part of its preparations, Social Security Scotland should consider what it will provide to any other person from whom it requires personal data to assist that individual in evidencing their compliance with data protection law when disclosing personal data relevant to a particular investigation.

Specifically in relation to business impacts, one organisation also commented that the regulations would, in general, severely and negatively impact on the way in which support organisations carry out their work and this had not been addressed as part of the business-related impacts. Another support organisation endorsed this view and commented that the new regulations would, in particular, result in an increase in requests for information and support from existing services. Another organisation highlighted that fines arising from organisations' non-compliance to share what they perceived to be confidential data regarding their clients was also a relevant business impact:

"…we would like to object again to powers to fine being used to threaten or force NGOs to comply with information requests which would breach their duty of confidentiality towards clients and damage or destroy the trust that must be established between clients and Third Sector agencies."

Overall, the impacts of requirements on the workloads for support organisations (including the requirement to share client information) had not been given sufficient thought, it was suggested.

Equalities Impacts

Comments on the Equality Impact Assessment (EQIA) were also sought by means of a single open-ended question.

Q19. Are you aware of any equality issues we have not identified in terms of introduction of the Investigation of Offences regulations and fraud investigations more generally?

Again, most respondents either gave no response to this question or indicated that there were no equality issues which had been overlooked.

Among the four who felt that specific equalities issues had not been identified, one suggested that disabled people were likely to be disproportionately affected by the proposals and that insufficient attention had been given to this group in the equality impact assessment:

"The vast bulk of the spending in the benefits/assistance budget will be on disabled people and their carers (i.e. Children's DLA, PIP, AA and Carer's Allowance). Thus, we would expect that there would be a recognition in the Equality Impact Assessment that there might also be a disproportionate impact on individuals and organisations supporting disabled people and carers as the bulk of fraud investigations are also likely to be conducted on disabled people and their carers."

Additional safeguards could be built into the regulations and Code of Practice to support and protect this group, it was felt. Disabled women experiencing domestic abuse were considered to be a particularly at-risk group to whom further consideration of impacts should be given.

While two organisations explicitly highlighted and supported the acknowledgement of the potential impact of coercive control within the Equality Impact Assessment, another felt that this acknowledgement did not go far enough:

"We believe the EQIA does not fully consider the impacts on women that the regulations as drafted will present. The consultation notes that some organisations have highlighted that gender may be an important aspect of some benefit fraud, due to aspects of coercive control and domestic abuse. However, this is not reflected within the EQIA assessment which states that there will not be any particular impact on groups who share protected characteristics as the principal interaction will be between officers of the agency and organisations… We recommend that a more detailed EQIA is carried out to fully understand and address the implications of the policy on women's equality."

Finally, two organisations again encouraged the routine monitoring of investigations and public sharing of activities for accountability/transparency purposes. This was especially important to test the assumption that there would be no impact on groups who share protected characteristics.