NWRC is required by law to protect the public funds it administers. It may share information provided to it with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud. The Comptroller and Auditor General(C&AG) audits the accounts of NWRC. The C&AG is also responsible for carrying out data matching exercises.
Data matching involves comparing sets of data, such as the payroll or benefits records of a body against other records held by the same or another body, to see how far they match. The data is usually personal information. The data matching allows potentially fraudulent claims and payments to be identified. Where a match is found, it may indicate that there is an inconsistency that requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.
The C&AG currently requires NWRC to participate in a data matching exercise to assist in the prevention and detection of fraud. NWRC are required to provide particular sets of data to the C&AG. Details are set out in the Northern Ireland Audit Office’s website,
The processing of data by the C&AG (in practice the processing is undertaken by the Cabinet Office on the C&AG’s behalf) in a data matching exercise is carried out with statutory authority under his powers in Articles 4A to 4G of the Audit and Accountability (Northern Ireland) Order 2003. It does not require the consent of the individuals concerned under the Data Protection Act 2018 or the General Data Protection Regulation (GDPR).
Further information can be found at www.niauditoffice.gov.uk/national-fraud-initative