Select Committee on Home Affairs Appendices to the Minutes of Evidence


APPENDIX 1

Memorandum by the Home Office

CRIMINAL RECORDS BUREAU

  This memorandum briefly outlines the background to the establishment of the Criminal Records Bureau, and describes recent developments and current plans for establishing the Bureau.

BACKGROUND

  2.  In 1990, the Home Affairs Committee inquired into various issues with regard to criminal records, including complaints that records were inaccurate, and that there were difficulties in obtaining criminal records for the courts and the Probation Service. The recommendations in the Committee's report included the creation of a statutory agency independent of the police to maintain the National Collection of Criminal Records, which would be responsible for providing criminal records for vetting purposes, in accordance with prescribed principles as to who might have access to such information, and in what circumstances[1].

  3.  The Committee's report further recommended that the police should pay for the service that it received from the new agency, and Government Departments and other users should also contribute towards the cost, according to their use of the records[2].

  4.  In its reply, the then Government said that it was not yet persuaded of the need to establish a statutory agency. But it did accept that, before the National Collection was computerised, arrangements for the collection, recording and provision of criminal records should be reviewed, to ensure that the needs of the police, courts and others were adequately served. It was already the stated intention of the Home Office to examine the arrangements for the maintenance of, and disclosure from, the national collection of criminal records, and the outcome of this would inform consideration of where responsibility should lie. The funding of any new arrangements would be among the issues examined[3].

  5.  A 1991 report of an Efficiency Scrutiny similarly concluded that the disclosure of criminal records should be extended, within limits and subject to safeguards. Again, the report recommended that an agency should be responsible for maintenance of criminal records and for disclosure, and that this should be self-financed by means of charges made of its customers[4].

  6.  The then Government welcomed the report. It noted that a great deal of more detailed work needed to be done and announced its intention to publish a consultation paper on disclosure arrangements[5].

  7.  The subsequent consultation paper set out a package of proposals for wider disclosure of information from criminal records[6]. Referring back to the Home Affairs Committee report and the Efficiency Scrutiny, the paper envisaged that an independent agency would be responsible for disclosure, self-financed by payments by those requiring checks. Applications would be made by individuals rather than by employers, in the interests of confidentiality.

  8.  Finally, firm Government proposals were published in a White Paper[7]. The main elements were again the establishment of an agency to be responsible for disclosure of information in a wider range of circumstances. The agency would be self-financed by means of charges made for checks.

THE POLICE ACT 1997

  9.  Part V of the Act defines the framework for disclosures to be made, on application by the individual subject of a check. It provides for three levels of disclosure, according to the circumstances of the case:

    —  criminal conviction certificates are appropriate in the generality of cases in which no special circumstances arise. Such certificates will contain details of convictions which are held centrally on the Police National Computer (PNC) and which are not "spent" under the terms of the Rehabilitation of Offenders Act 1974;

    —  criminal record certificates relate principally to people in professions (such as barristers and accountants) and in sensitive posts (such as working with young people under 18 and other vulnerable persons). Such positions are covered by the Exceptions Order under the Rehabilitation of Offenders Act and employers are entitled to ask for information about spent convictions. These certificates will therefore show both spent and unspent convictions, as well as cautions, reprimands and warnings, recorded centrally on the PNC.

    In addition, where an application concerns a position working with young people under 18 or vulnerable adults, then, by virtue of subsequent amendments made by the Protection of Children Act 1999 and the Care Standards Act 2000, these certificates will also show whether the applicant appears on lists maintained by the Department for Education and Employment, of people barred from working in schools, or by the Department of Health, of people considered unsuitable to work with children or with vulnerable adults. These checks will be carried out under a "one-stop shop" arrangement; and

    —  enhanced criminal record certificates relate to a subset of people covered by the Exceptions Order who are in positions of special sensitivity. These include judicial appointments, certain licensing functions in relation to gaming and lotteries, and persons who are regularly involved in caring for, training, supervising or being in sole charge of young people under the age of 18, or of vulnerable adults. In these cases, in addition to information available on criminal record certificates, enhanced criminal record certificates will include relevant information held in local police records.

  10.  In the case of criminal conviction certificates, the individual will be able to apply direct. But, as regards the other levels of certificate, an application must be countersigned by a person who is registered for this purpose. The registered person must confirm that the application meets the relevant criteria for the level of certificate requested. The registered person is to be provided with a duplicate copy of a criminal record certificate or an enhanced criminal record certificate, as issued to the individual applicant.

  11.  Regulations are to be made to prescribe such matters as the form of application, the details to be shown in certificates, the maintenance of the register of persons authorised to countersign applications for higher-level certificates, and the levels of fees to be charged.

  12.  Provision is made for the publication of a code of practice in connection with the use of information provided to registered persons. The code is to be laid before Parliament as soon as practicable after publication.

  13.  Provision is made for a range of offences concerned with the falsification, alteration or misuse of certificates, with the making of false statements, and with the disclosure of information except to prescribed persons.

DEVELOPMENTS FOLLOWING THE 1997 ACT

  14.  On 14 December 1998, the Government announced that it had decided to implement Part V of the 1997 Act by establishing the Criminal Records Bureau[8]. The Bureau was to be under the management of the United Kingdom Passport Agency, and was to be set up under public private partnership arrangements.

  15.  On 16 December 1999, the Government made a further announcement following a review of the timetable and the management arrangements for the CRB[9]. This stated that the Bureau would operate as a separate business unit, with its own Business Plan and Annual Report. The Chief Executive of the Passport Agency would be the Chief Executive of the Bureau also, and some administrative support functions would be provided by the Passport Agency. The Bureau would operate within the framework of a Public Private Partnership. The target was to award a contract to the private sector partner around the middle of 2000, and to begin issuing higher level certificates around July 2001 and to be issuing all three levels of certificates by around July 2002.

  16.  The contract with the private sector partner, Capita, was signed on 4 August 2000. This followed a rigorous tender process.

  17.  The CRB's operations will be heavily reliant on IT. Although it is probably inevitable that, initially, many applications will be in paper form, the aim will be to move as quickly as possible towards electronic processes.

  18.  Capita's role will be to deliver, manage and own the technical solution, and eventually to operate a large proportion of the application process. The latter will include running a call centre to deal with applicants' queries and to initiate the application procedure itself; receiving and processing applications and handling the associated fees; and, at the end, printing and despatching the disclosure document.

  19.  Alongside, a core staff of civil servants will handle more sensitive enquiries, and cases that throw up policy issues or other problems needing judgement and resolution, and will be responsible for managing and monitoring the overall service.

  20.  Accommodation for the CRB has been identified in Liverpool and a lease has been signed. Capita staff and the core CRB team of civil servants will be co-located.

  21.  The next major milestone in the programme is the commencement of registration, in April.

  22.  It remains the aim to begin issuing higher level certificates—both criminal record certificates and enhanced criminal record certificates—in the summer.

  23.  Work on developing the CRB is being undertaken under PRINCE principles for project management. The work is steered, supported and monitored by a committee structure. The Programme Board, chaired by the Chief Executive, is the senior executive committee responsible for planning the establishment of the Bureau. The Management Board, alongside it and also chaired by the Chief Executive, is responsible for matters concerning the staffing of the Bureau, and for finance, and will become the executive board responsible for the CRB once it becomes operational. An Advisory Board, on which are represented key stake-holders including the police, the DfEE, the DoH and the voluntary sector, and which includes two non-executive members from the private sector, is responsible for overseeing and advising Ministers on the programme as a whole.

  24.  Other committees include a regular liaison group with the police; and a Customer Forum, on which are represented a wide range of interested organisations and which provides a bridge between the CRB and its future clients.

  25.  Information and marketing are important facets of the process of establishing the Bureau—ensuring that future users of the CRB's services, potential registered persons, and other interested parties are kept fully informed of progress. Information leaflets have been produced—specimens of a corporate brochure, and a brochure targeted more specifically at potential registered persons, are at annex A and annex B respectively. Two series of a total of twenty seminars will be held throughout England and Wales between February and June, to inform, and raise awareness among, potential registered bodies about the registration process. A major introductory event to launch this programme was held in London on 11 January. The aim is that as many relevant bodies as possible will have been registered in time for the process of issuing certificates to begin.

  26.  Most registered bodies will be employers and voluntary organisations. But for many smaller employers and organisations, registering in their own right will not be the most appropriate course. Discussions have therefore been held designed to initiate the establishment of a network of organisations prepared to act as registered bodies on behalf of smaller users of the CRB's services. It is hoped that local authorities, and lead organisations identified within the voluntary sector, will be able to undertake this role.

  27.  The CRB's service will operate under the "brand name" Disclosure. This has been arrived at on the advice of marketing specialists. Most applicants for the CRB's service will have no criminal convictions, and no other information recorded against them. In the circumstances, it has been considered preferable to avoid the use of the word "criminal", and to adopt Disclosure as a term which, while capturing the essence of the service, appears less judgmental.

  28.  In turn, alternative terminology has been adopted for the documents that the CRB will issue:

    —  criminal conviction certificates will be known as Basic Disclosures;

    —  criminal record certificates will be known as Standard Disclosures; and

    —  enhanced criminal record certificates will be known as Enhanced Disclosures.

  But the documents will make it clear that they are being issued under the terms of the Police Act 1997.

RESOURCING

  29.  The start-up costs of implementing the Bureau are being funded partly through the Home Office vote and partly by Capita.

  30.  The Department has planned provision across the three financial years 1999-2002 for expenditure of around 10 million.

  31.  Capita are responsible for funding all their set-up costs (including capital investment) as well as on-going operating costs, and will be paid a fee per disclosure processed.

  32.  The Bureau is funding the start-up costs of police forces, in order to ensure that they can provide an effective searching service on behalf of the CRB.

  33.  Fees will be set to recover the costs of providing the services, once the processing of applications commences. These will need to cover the costs of Capita, of data sources (such as police forces, PNC, DfEE and DoH), core CRB staffing, accommodation, IT and other costs. Demand is expected to be at a low level initially and to build up; and basic disclosures will not begin to be issued before 2002. Consideration is being given to the fees regime and the length of time before full cost recovery can be achieved given that income will build up progressively from a low level initially. Discussions are also in progress with Treasury over a "net" funding regime for CRB that will enable receipts to be appropriated in aid of expenditure in a way that will support the demand-led nature of the business.

  34.  Service levels have been set in the contract with Capita, and are being set in service level agreements with police forces and other data sources, in support of the overall targets set out in the 5-year Corporate & Business Plans. The Bureau's core resourcing will similarly be set at levels which support the achievement of targets.

  35.  The level at which fees are set will need to take into account continuing work to determine the Bureau's costs. It is hoped to make an announcement about fee levels shortly.

  36.  As will be clear from the background information earlier in this memorandum, it has always been intended that the cost of arrangements for increased disclosure from police records should not be an added burden on the taxpayer, but should be met by charges made of those making use of the service. Concerns about charges for the voluntary sector are well recognised and are being considered. However, waiving or reducing fees for the voluntary sector would inevitably mean imposing an additional burden on the taxpayer, or on other users of the Bureau's services.

  37.  The Department noted with interest the announcement in December that, in Scotland, volunteers working with children in voluntary organisations will not be charged for Standard and Enhanced disclosures, which, as explained later in this paper, will be made by the Scottish Criminal Record Office rather than the CRB. It is open to devolved administrations to take a different view from the Government in Westminster. Decisions in England and Wales must be taken in the light of circumstances here.

  38.  Some volunteers and voluntary organisations are used to being charged for police checks. It is understood that some organisations which have arranged checks through local authorities have been charged a fee by the local authority. Some organisations have taken advantage of the subject access provisions under the Data Protection Act, under which a person can obtain a printout showing spent and unspent convictions on police records, for a fee of £10. Such enforced use of subject access provisions will no longer be permissible once the full service is available from the CRB since it can lead to inappropriate disclosure of spent convictions.

  39.  The Government has made clear its determination that fees should be set no higher than the minimum level necessary to recoup costs.

REGULATORY IMPACT ASSESSMENT

  40.  The Department has made clear that, before regulations are made which, amongst other things, will set the level of fees to be charged by the CRB, a regulatory impact assessment will be conducted. This will address the implications for voluntary organisations and others using the Bureau's services.

  41.  The initial stage in this process was to circulate questionnaires to a cross-section of voluntary organisations and others, in order to obtain detailed information about their circumstances. A list is given at annex C of organisations contacted directly. Some of these have cascaded the questionnaire form to others who have completed and returned it.

  42.  The information in these returns will be drawn upon in preparing the regulatory impact assessment. Work on this is underway and the aim is to have the main document ready for issue for wider consultation by around the middle of February.

CONSULTATION WITH USER GROUPS

  43.  The Department has attached particular importance to consulting voluntary organisations and others who will be users of the CRB's services, or who have a wider interest in the service that the CRB provides.

  44.  The main channel of communication has been the Customer Forum. This brings together representatives of a wide range of interests, including the voluntary sector (such as the National Council for Voluntary Organisations, the National Council for Voluntary Child Care Organisations, and the National Council for Voluntary Youth Services), childcare organisations (the National Society for the Prevention of Cruelty to Children, and NCH Action for Children), the statutory sector (the Local Government Association, the NHS Executive), the TUC, sports bodies (represented by Sport England and the Amateur Swimming Association), NACRO, the Chartered Institute for Personnel and Development, the Financial Services Authority, and Liberty.

  45.  Meetings of the Forum provide an opportunity to update the members on recent and forthcoming developments and to obtain their reactions. The Forum has met on six occasions since its inaugural meeting in October 1999. In addition, members are encouraged to feed in written comments on papers.

  46.  The Forum has been consulted on a number of issues such as service standards for the Bureau, the contents of disclosure documents, the acceptability and portability of such documents, and guidance for employers.

  47.  The draft code of practice for registered bodies (see, further, paragraphs 64-65 below) and the definition of the term "vulnerable" in relation to enhanced level disclosures have been the subject of wide consultation, with over 500 organisations invited to comment.

  48.  As already noted, a number of organisations including the Local Government Association and the National Council for Voluntary Organisations have been consulted about the development of a network of registered bodies to meet the needs of smaller users of the CRB's service.

  49.  There is continuing dialogue with NACRO, the Chartered Institute for Personnel and Development, the APEX Trust and others, about the development of guidance for employers about the use of the CRB's services in the recruitment process.

  50.  In addition, there have been ad hoc meetings at both Ministerial and official levels with the National Council for Voluntary Organisations, and with individual bodies such as the Central Council for Physical Recreation, the Scout Association, the Guide Association, and the National Association of Clubs for Young People. The NCVO represents the voluntary sector on the Advisory Board which oversees and advises Ministers on the CRB programme as a whole.

  51.  Consultation is also undertaken by other departments. For example, the DfEE regularly consults teacher unions and representatives of employers in the education service about the new arrangements and progress towards implementing the CRB. The DfEE is also consulting groups representing school governors and teacher training institutions.

POLICE NATIONAL COMPUTER

  52.  The PNC will be the main source of data upon which the CRB will draw. The principal source will be Phoenix, the national criminal records database, which is an application of the PNC and which contains personal data about offenders and details of convictions.

  53.  The Department is fully aware of concerns that have been expressed about delays in inputting data onto the PNC, and about possible inaccuracies. Indeed, Home Office reports have drawn attention to this. The Department welcomes action that has been initiated by the Association of Police Officers to address these issues.

  54.  In the light of a report by the then Police Research Group[10], the ACPO Standing Sub-Committee on Records set up a working group to examine the issue. This produced a Compliance Strategy designed to improve data quality on the PNC. It includes quantified performance indicators as to both timeliness and accuracy. For example, the standard is for the police to enter all court case results within 72 hours of the information reaching the police. Hitherto, performance on such aspects by individual police forces has varied considerably.

  55.  The Strategy has since been ratified within ACPO and it was distributed to all forces in June 2000. It was quoted with approval in a subsequent report of a thematic inspection carried out by HM Inspectorate of Constabulary[11], which also contained examples of good practice in the operation and management of IT systems. All forces have been required to submit, by February, position statements and action plans for implementing the ACPO Compliance Strategy.

PREVENTING FRAUD AND FORGERY

  56.  This raises two issues—namely, the measures to be taken to authenticate an applicant's true identity to avoid fraud by misrepresentation, and the security measures of the Disclosure document itself to prevent forgery and tampering.

    (a)  Measures to authenticate an applicant's true identity.

  57.  As to the first, the aim is to put in place arrangements for identity authentication which will provide a high level of confidence that an applicant is who he or she purports to be, in order to reduce vulnerability to fraud through misrepresentation. The arrangements need to be viable for a service that will handle high volumes of transactions, and strike an appropriate balance between the needs of security, data protection and privacy.

  58.  The CRB's arrangements are primarily based upon electronic sources of data, and aim to deliver a level of confidence through both width of information (ie, how many other data sources also record this identity?) and depth (ie, how far back is it possible to confirm this identity?). The CRB will access data held within the public domain, such as the electoral roll, as well as private sources of data through a commercial relationship with a company which provides similar services to the credit and retail industries

  59.  For high-level Disclosures (Enhanced and Standard), employers will be able to assist in the process. It is reasonable to expect that employers engaging staff for sensitive positions such as working closely with children or vulnerable adults will wish to seek corroborative evidence of identity, such as passport or driving licence.

  60.  The CRB has also recognised the problems associated with the re-direction of mail (so-called "piggy backing of identity") and is designing processes to reduce the risk of this type of fraud.

  61.  The CRB is keeping in touch with the Office of the Data Protection Commissioner, and draws on the expertise there in designing arrangements to detect and prevent identity fraud.

    (b)  Security of the Disclosure document

  62.  The Disclosure document is designed as a secure document and incorporates a number of security features to combat forgery and tampering. The advice of private and public sector experts has been taken in determining the security features of the Disclosure document.

PROTECTING CIVIL LIBERTIES AND THE RIGHTS OF EX-OFFENDERS

  63.  Fundamentally important aspects of the arrangements that will operate under the CRB, compared to those that apply under current arrangements for police checks, are that:

    —  it is the individual to be checked who must initiate an application to the CRB. Employers, voluntary organisations and others have no right to do so; and

    —  the individual applicants will receive the Disclosure document and will thus know exactly what information the document contains in relation to them. If an error has occurred, they will be able to challenge it at once, and the CRB is putting in place arrangements to enable such disputes to be resolved speedily.

  64.  It is important that conviction and other sensitive personal information in the possession of registered bodies or employers is handled, stored and used sensibly, and is only seen by those people who are entitled to see it. Employers wishing to receive information in Standard and Enhanced Disclosures will need to register with the Bureau in advance, or use the services of another body which is registered. Those registering with the CRB will be expected to comply with the code of practice that is currently being prepared by the Bureau.

  65.  The most recent version of the draft code, and accompanying explanatory notes, has been the subject of extensive consultation, with copies circulated to some 500 interested parties. A copy of the consultation documents is attached at annex D. The draft code places a number of obligations upon employers or registered bodies in connection with the use of information released by the Bureau. Employers are required to:

    —  observe guidance issued by the Bureau to weigh carefully the relevance of conviction or other details provided in making recruitment decisions;

    —  have a written policy on the recruitment of ex-offenders;

    —  guide recruitment staff on the provisions of the Rehabilitation of Offenders Act;

    —  satisfy themselves about the identity of job applicants;

    —  have a written policy on the security and handling of Disclosure information; and

    —  destroy copies of Disclosure documents once the recruitment process has been completed.

  The responses to the consultation exercise are currently being considered.

  66.  The Government is firmly committed to a policy that no-one should be unfairly discriminated against, in terms of employment, the provision of services, and amenities because they have been convicted in the past. This policy underpins the approach followed by the CRB. The Department maintains close contact with the DfEE, the Employment Service, the Probation Service, the Prison Service and other interested parties in this matter. The DfEE has commissioned research by the National Institute for Economic and Social Research into barriers to employment for offenders and ex-offenders. The study will be published in the summer. The DfEE, in partnership with others, will use the results of the research to help minimise any unfair discrimination against ex-offenders. The Department will keep in close touch with this work, with initiatives by the Prison Service and the Probation Service, and with work which organisations such as NACRO, the Chartered Institute for Personnel and Development and the APEX Trust have in hand to prepare guidance for employers, in order to inform policy and practice on the CRB.

RELATIONS WITH OTHER ADMINISTRATIONS

  67.  The CRB will operate in England and Wales. In Scotland, broadly equivalent arrangements are being put in place by the Scottish Executive through the Scottish Criminal Record Office (SCRO). Consideration is being given to the arrangements to be made in Northern Ireland.

  68.  Arrangements are being made for the CRB to be able to capture information in respect of the UK as a whole to avoid the need for someone who has been resident in different jurisdictions to make more than one application. The CRB and the SCRO implementation projects are maintaining close contact to ensure a commonality and consistency of approach and customer interface wherever practicable. This includes collaboration with regard to guidance, and the content and format of both application forms and Disclosure documents. But there will inevitably be differences of detail in the implementation arrangements.

  69.  Arrangements under which people can obtain information for employment purposes operate in many other countries—often through the police or a local civic authority. The CRB is not empowered under Part V to conduct enquiries of authorities outside the United Kingdom. However, work will be undertaken to build up information about contact points in other countries, for the benefit of the CRB's own clients.

Risk assessment

RISK ASSESSMENT

  70.  From a very early stage in the programme, risk management arrangements have been in operation. A risk register has been drawn up, risk review meetings have been held regularly, and information has been submitted to the Programme Board.

  71.  The detailed arrangements have been kept under review in the light of developments. For example, soon after the contract was awarded to the private sector partner, a new risk register was compiled which covered both the Agency and Capita.

  72.  In the light of advice from PA Consultants, new risk management procedures have taken effect this month under which Project Managers are more clearly responsible for risk management within their projects. There are now 10 projects within the CRB Implementation Programme. Each project will have a Project Board, which will meet twice monthly, focusing on risks to the project concerned. Each project will produce risk and issues registers, which will be reviewed regularly. (Most projects have such documents already in place, but they require refinement.) Programme checkpoint meetings will be held monthly to review programme risks. An Implementation Management Board will meet weekly and will include within its remit a high level review of programme risks and the management of these risks.

  73.  The Programme Risk Register focuses on:

    —  risks that cannot be managed within a specific project;

    —  cross-project risks/interdependencies;

    —  significant project risks that will impact upon the programme as a whole; and

    —  risks in exception (ie not managed, running late, etc).

  74.  Mitigation actions and contingency measures to address significant risks are under continuous review and development. Mitigation actions are included within project and programme plans.

  75.  A document has been produced to provide a basis for development of Operational Business Continuity and Programme Contingency Plans. This will be developed within a dedicated project involving core CRB and Capita personnel.

  76.  Every effort is being made to ensure that the CRB becomes operational on time. But it has always been recognised that, in a complex programme of this type, delay is possible. In broad terms, the consequences would be that the police would have to continue to provide their current service to those who are entitled to receive it. Those not currently able to gain access to criminal record data would have to wait until the CRB went live. There would also be financial consequences.

  77.  Delay is clearly undesirable. However, the CRB service cannot and will not be allowed to go live until systems have been fully developed and tested and there is a high degree of confidence in the service being delivered to appropriately high standards.

24 January 2001


1   Third Report, Session 1989-90, HC 285, paragraphs 39-41. Back

2   Paragraph 42. Back

3   Criminal Records, Cm 1163, July 1990, pp 6-7. Back

4   The National Collection of Criminal Records, report of an Efficiency Scrutiny, Home Office, 1991. Back

5   Hansard, 22 October 1991, cols 531-532W. Back

6   Disclosure of Criminal Records for Employment Vetting Purposes, September 1993, Cm 2319. Back

7   On the record, June 1996, Cm 3308. Back

8   Hansard, col 356W. Back

9   Hansard, cols 271-272W. Back

10   Phoenix Data Quality, Home Office, 1998. Back

11   On the Record, Home Office, July 2000. Back


 
previous page contents next page

House of Commons home page Parliament home page House of Lords home page search page enquiries index

© Parliamentary copyright 2001
Prepared 28 March 2001