HomeinvestigationsGavin Heaton talks to SecNews about the imprisonment of the IT Manager, ...

Gavin Heaton about the imprisonment of IT Manager, Barry Stannard

Gavin Heaton, Fraud Investigation Lead, National Investigation Service (South 1) NHSCFAexclusively answers at questions of SecNewsthe recent imprisonment of Essex IT Manager Barry Stannard for defrauding the NHS and HMRC of more than of 929,816.00 € (800,000 £).

Last month, Barry Stannard pleaded guilty to fraudulently representing and defrauding public revenue. The total amount he managed to steal in seven years was 806.229,80.

See also: REvil ransomware Kaseya- Russians attacked 200 American companies

Stannard committed the offenses when he was Head of Unified Communications at Mid Essex Hospital Services NHS Trust (MEHT). Concerns first arose after the trust ran a data matching exercise on its payroll and accounts payable records, alongside Companies House records.

 The hundreds of invoices submitted by his own companies to MEHT were all individually for relatively modest amounts – meaning Stannard was authorised to sign them off without further checks. The payments came from MEHT’s IT budget, which inevitably meant there was less to spend on genuine IT.

Gavin Heaton about the imprisonment of IT Manager, Barry Stannard

Gavin Heaton have worked as an NHS fraud investigator for twelve years. The NHS Counter Fraud Authority is responsible for gathering intelligence on fraud, bribery and corruption, and, wherever possible, preventing these crimes before they happen.

Before joining the NHS, he was an investigator at the Department for Work and Pensions for 15 years. In his many years of work experience he has encountered almost everything, from individuals claiming extra benefit money for themselves, to organised gangs defrauding the system with forged cheques and hundreds of fake identities.

See also: QNAP NAS - The company fixes a vulnerability in the NAS disaster recovery app

Over the years, the NHS Counter Fraud Authority has dealt with,for instance, the case of the dentist who wasn’t really a dentist. She had failed her exams overseas then purchased fake degree papers. To prosecute, we flew in witnesses who could testify she had lied. Then there was the senior manager who tricked her hospital into paying for animal sperm for her private business, a stud farm, by disguising them as legitimate payments for NHS items including a “titanium skull plate”.

Among the biggest scams that the Authority managed to bring to justice is the one with the ITManager, Barry Stannard, which Gavin Heaton comments on SecNews.

An interview with Mr. Gavin Heaton, Fraud Investigation Lead, National Investigation Service (South 1) of the NHSCFA follows:

NHSCFA firstly found out about Mr. Barry Stannard fraud by data matching exercise on its payroll and accounts payable records, alongside Companies House records. Apart from the financial records, where there any other digital footprints like email threads?  

The data matching exercise was carried out as part of a government lead national fraud initiative.

As part of the NHSCFA investigation, Stannard’s NHS emails were examined. His personal and business bank account records were also obtained by production orders.

See also: Pegatron - Will assemble the Apple iPhone 13 mini

Apart from the NHS and HMRC, where there any other organizations damaged financially by his act?

No, there was no other government agency damaged by the fraud.

According to reports, was Mr. Barry Stannard was acting on his own, or did he have any partners in crime?

The investigation found no evidence of anyone else being involved. Stannard maintained throughout that he had acted alone.

See also: Cybersecurity in Japan - Enhanced with 800 hires

Did the court decided Mr. Barry Stannard to return the stolen money to NHS and HMRC so that to decrease his sentence?

The sentence judge commented that he reduced the sentence from 8 years to 5 years 4 months in recognition of the early guilty plea, in line with sentencing guidelines.

Steps are being taken to recover some of the stolen money from Stannard’s assets, but he has not entered into any agreement to return any money and this was not a factor in his sentencing. A restraint is in place on Barry Stannard’s known assets and the Proceeds of Crime hearing is due to take place at Chelmsford crown Court in October 2021.

Gavin Heaton about the imprisonment of IT Manager, Barry Stannard

Do you think that the law frame for events like that specific fraud, need to be strengthen with more laws and abilities for the investigators? What additions you think need to be done so that to prevent events like that in the future?

NHSCFA does not generally comment on the UK justice system as a whole.

We do work closely with the UK Cabinet Office, which recognises that fraud can pose a serious problem for the UK economy and public finances.

NHSCFA(which is accountable to the Department of Health and Social Care) has shared best practice in tackling fraud with other government departments for many years.

NHSCFA recently rolled out the new Government Functional Standard 013 Counter Fraud across the NHS:

Introduction and overview of the new Government Functional Standard 013 for counter fraud | Government Functional Standard | NHS Counter Fraud Authority (cfa.nhs.uk)

Counter-Fraud Standards and Profession - GOV.UK (www.gov.uk)

For every possible future fraudster that will try to siphon money like the fraudster Barry Stannard did, can you please tell us if NHSCFA is ready with people, tools and equipment to prevent similar incidents in the future?

With the resources allocated to us, NHSCFA strives to make the best possible use of its people, tools and equipment. Prevention is better than cure with fraud. We are very focused on gathering intelligence and using it to refine our guidance to NHS bodies and our fraud prevention projects. We also seek to innovate and use the latest tools – data analysis of large datasets is one important aspect of our work.

Our corporate publications page tells you more about our strategies and business plans:

Corporate publications | NHSCFA

We have a sophisticated, fully accredited Forensic Computing Unit:

About the NHSCFA Forensic Computing Unit | Forensic Computing Unit (FCU) | NHS Counter Fraud Authority

Gavin Heaton about the imprisonment of IT Manager, Barry Stannard

The NHS healthcare systems NHS are one of the most systematic, effective, and transparent health systems in the world. Is adapting the new technologies in healthcare a way to succeed that?

Technology and innovation certainly has a very important role to play in the UK’s healthcare system and counter fraud systems, alongside human intelligence, skills and experience.

See also: Windows Update bug blocks Azure Virtual Desktop security updates

Hacking attacks to healthcare systems and especially ransomware all around the word are jeopardizing the security of institutions. Can you please tell us if NHS is taking all appropriate measures needed to avoid any kind of cyber-attacks and especially ransomware attacks?

NHSCFA works closely with the NHS and UK government bodies who lead on cyber security.

We also recently launched a new cyber fraud awareness resource to help NHS bodies:

NHSCFA launches new cyber fraud awareness resource | NHS Counter Fraud Authority | NHSCFA

SecNews warmly thanks Mr. Gavin Heaton, Mr. Gavin Heaton, Fraud Investigation Lead, National Investigation Service (South 1) NHSCFA for the exclusive interview and the answers he provided regarding the IT Manager financial fraud incident. Barry Stannard.