The National Fraud Database is the UK’s largest repository of fraud risk information: information that can be used by our members to reduce exposure to fraud and financial crime and inform decisions according to your organisation’s risk appetite.
To use the database, a Cifas member must operate within the terms of the National Fraud Database Handbook – a guide that sets out eight Principles of use with accompanying guidance. These Principles and guidance describe the controls in place to protect the data on the database, and ensure that the highest possible level of fairness and transparency are observed.
The Handbook allows you and your organisation an appropriate degree of flexibility – there will be many ways for you to achieve the outcomes it describes. It also helps you maintain the quality and integrity of the data for the benefit of all members. By observing the Handbook and engaging with our compliance process your organisation will be compliant and can enjoy the benefits of the database.
The National Fraud Database is a reciprocal data sharing arrangement where members commit to provide data and file cases of fraud. In return, members receive the benefit of searching the database.
Both Cifas and its members have equal responsibility for the quality, protection and lawful use of the data submitted to and held on the National Fraud Database. Every member is responsible for the accuracy of the cases filed, and for the proportionate use of the data returned from a search.
We want the data we hold on behalf of our members to be used to the maximum benefit in protecting themselves from fraud and financial crime. We also have a responsibility to ensure that the rights of the citizen are balanced with the legitimate interests of our members; therefore the National Fraud Database Principles are closely aligned to data protection legislation.
The Principles are as follows:
The National Fraud Database relies on member data. Members must contribute their own cases to receive benefit from the data shared by other members.
Data from the National Fraud Database can be used in a wide range of situations for the purpose of the prevention, detection and investigation of fraud and financial crime.
Subjects have a right to know how data will be used and how any decisions related to them have been made.
Subjects must only be searched and filed if they have been legally informed of how their data may be used via a Fair Processing Notice.
Cases filed to the National Fraud Database must be supported by evidence and meet the ‘four pillars’ of the Standard of Proof. The Standard of Proof is:
All Subjects involved that meet the Standard of Proof, must be filed to the National Fraud Database.
Members must ensure that the data is interpreted in a proportional manner according to their own risk appetite and the product being assessed.
Innocent parties should be filed to the National Fraud Database for their own protection and be clearly distinguished from any other Subject involved in the Case.
All data that is captured must be accurate and loaded within one business day of the Standard of Proof being met.
Access to the National Fraud Database is restricted and all members must have adequate policies, procedures and technical measures in place to protect the data.
Members must be able to retrieve the evidence to support a case filed to the National Fraud Database but they must not hold data indefinitely. Once it’s served its purpose, it must be deleted securely and permanently.
Contact our Engagement team for more information.