Preparedness for online safety regulation

This is a House of Commons Committee report, with recommendations to government. The Government has two months to respond.

Thirteenth Report of Session 2023–24

Author: Committee of Public Accounts

Related inquiry: Preparedness for online safety regulation

Date Published: 21 February 2024

Download and Share



People are increasingly living their lives online, with UK adults spending, on average, just under four hours online a day. There are challenges to this online activity. Of internet users in the UK, 68% of child users (aged 13–17), and 62% of adult users (aged 18+), indicated in 2022 that they had experienced at least one potential online harm in the last four weeks. Harmful content can vary in nature, from child sexual abuse material and terrorist content to online fraud and the encouragement of self-harm.

The government has set itself an objective of making the UK the safest place in the world to go online. The Department for Science, Innovation and Technology (the Department) was responsible for delivering the Online Safety Bill and in October 2023 the Online Safety Act (the Act) became law. The Act introduces new duties on search engines, firms which host user-generated content, and providers of pornographic content, to minimise the extent of illegal content and content that is harmful to children experienced by their users. Providers failing to meet these duties will be accountable to Ofcom, the UK’s existing communications regulator, in its new role as the UK’s online safety regulator.

The Act requires Ofcom to secure the adequate protection of citizens from harm arising from content on regulated services, through the appropriate use by service providers of systems and processes designed to reduce the risk of such harm. Ofcom has been preparing for its new regulatory role since 2020 when the government confirmed its decision to appoint Ofcom as the regulator for online safety.

Conclusions and recommendations

1. It will take a long time for Ofcom to implement the regulatory regime in full and it is therefore crucial that it meets its interim deadlines on the priority areas of illegal harms and protecting children. Ofcom prepared well for its new role as online safety regulator and, following the Online Safety Bill becoming law in October 2023, moved swiftly to begin implementation. By the start of December 2023, it had begun consultation in two key areas (illegal harms and protecting children from pornography) and is planning to consult on another key area (protecting children more widely) early in the New Year. It has issued an updated roadmap, showing key stages for the regime’s implementation. However, Ofcom still has a lot to do to implement the regime in full and achieve the government’s aim of making the UK the safest place in the world to be online. At the time we took evidence last December, Ofcom had only issued approximately 10 of the 54 documents it needs to produce to implement the regime, and full implementation has slipped by a year from 2025 to 2026. The Act requires Ofcom to have its regulatory regime in place for two key areas (illegal harms and protecting children) within 18 months of the Bill becoming law (that is, by April 2025). While Ofcom thinks this timeframe is achievable, it considers it the bare minimum time required to deliver this regulation, so there are risks.

Recommendation 1: Ofcom must meet its deadline to introduce codes of practice in the two priority areas of illegal harms and protecting children within 18 months of the Online Safety Bill becoming law.

2. The public may be disappointed with the new regime if people cannot quickly see improvements to their online experience or understand how their complaints are acted on. As the regulatory regime will not be fully implemented until 2026, there is a risk that public confidence in the regime will be undermined if it does not quickly bring about tangible changes to people’s online experience. A key mechanism for instilling confidence would be if people could see that their complaints were acted on. Individuals must complain in the first instance to service providers. Ofcom will set out how it expects service providers to handle complaints, including communicating effectively with the user, but it has no powers to require providers to act on the complaints. Individuals can then complain to Ofcom if they remain concerned. Ofcom has set up a contact centre to receive such complaints, but it is not able to act on them individually. Instead, Ofcom will review complaints alongside its normal monitoring data to decide if it needs to take further action where there are systemic concerns about a service provider. Where Ofcom does act, it does not currently have a mechanism for feeding back directly to individuals on what impact their complaint has had.

Recommendation 2: Ofcom needs to develop mechanisms to provide feedback to complainants, particularly where this has contributed to Ofcom taking action against a service provider.

3. Ofcom lacks clarity about how it will identify and respond to non-compliance and when to use its enforcement powers. Ofcom estimates that there could be 100,000 or more service providers subject to regulation, with most of these being small businesses and / or based overseas. Ofcom will rely on automated processes to identify and collect monitoring data on the compliance of the vast majority of service providers, but does not have these processes in place yet. Where non-compliance issues arise, Ofcom will engage with service providers to encourage their compliance. This approach has already had some success, when, following recent news stories about a website promoting suicide, Ofcom contacted its overseas provider which then agreed to block access to the site for UK users. However, Ofcom recognises some providers may choose not to engage, and it may prove difficult to contact the many smaller, overseas companies. Where engagement fails, Ofcom has a range of enforcement powers, including fines of up to 10% of a company’s global revenue and business disruption measures. These enforcement powers will only come into effect in stages as the regime is implemented, and Ofcom has already begun to consult on its approach to using these powers.

Recommendation 3: Ofcom should urgently finalise its automated compliance monitoring systems and clarify its enforcement approach with service providers where engagement has not proved possible.

4. Ofcom has yet to work through the detail of how fees levied on industry will work, including how it will recover the set-up costs and cover the ongoing costs of the regime. Delays to the Online Safety Bill’s passage through parliament mean that introduction of the fee regime has been pushed back from 2025–26. Fees will begin in 2026–27, covering Ofcom’s ongoing costs, with recovery of set-up costs starting in 2027–28. Until the fee regime starts, Ofcom’s costs for online safety will be met from existing arrangements whereby costs are funded from Wireless Telegraphy Act 2006 receipts which would have otherwise gone to the Exchequer. Ofcom has yet to establish the details of how the fee regime will operate, such as the payment thresholds, fee structure and period for recovery of set-up costs. Establishing details of the regime is set to take some time and Ofcom may not recover all its set-up costs until 2032–33. In establishing the fee regime, Ofcom aims to balance competing objectives of fairness and proportionality, administrative efficiency, and recovery of costs-only. It also plans to provide transparency to industry about the annual fees.

Recommendation 4: As part of its Treasury Minute response to this report, Ofcom should set out:

  • The modelling it plans to undertake on the fee regime;
  • How it will transparently report on its approach to the fee regime; and
  • How it will transition from the current funding regime to a self-financing model.

5. Effective regulation will require Ofcom and the Department to sustain the skills and people they need in a fast-moving and highly technical sector. To date, Ofcom has successfully recruited the skills it requires, recruiting people from industry and a wide variety of other sources. This has increased Ofcom’s headcount by nearly 50%. Ofcom has taken the opportunity to reshape itself more widely and is recruiting non-executive directors to ensure its board is appropriately diverse with relevant technical and online safety expertise to provide effective oversight and challenge. Ofcom has already experienced staff turnover, with some staff returning to industry, but is confident in its ability to attract the necessary talent. The Department recognises that it also needs staff with the right skills in this area, and that it needs to be constantly evolving its own capabilities to deal with the risks and opportunities arising from the fast-changing landscape of online harms.

Recommendation 5: Both the Department and Ofcom need to determine how often they should undertake regular skills audits to identify gaps, including at senior and board level, to ensure that they continue to have the right people with the right skills in place. They should complete an initial audit within the first year following the Online Safety Bill becoming law.

6. The long-term success of the regime depends on Ofcom continuing to learn from international engagement and regular evaluation. No other country has introduced online safety regulation of an equivalent scale. Ofcom has engaged with UK and overseas regulators, and it sees the development of these relationships as crucial to the regime’s future success. In 2022, for example, Ofcom helped establish a global network of online safety regulators, which has helped it better understand and respond to the emerging harm of sextortion (sex-based blackmail). The Department and Ofcom also recognise the role evaluation will play in ensuring the regime’s future success. They both have evaluation plans in place (Ofcom reviewing the effectiveness of its measures and the Department assessing the effectiveness of the regime) and are working together to implement these. However, Ofcom has yet to finalise its metrics to measure performance and the Department has key gaps in its evidence base. Evaluation will also be challenging owing to the nature of the regulated harms, the fast-changing technology landscape and the lack of equivalent regimes in other countries.

Recommendation 6: Ofcom and the Department should accelerate their work on evaluating the regime and collaborating with other regulators (both UK- and overseas-based), so they can identify emerging risks and better understand how regulation is working, including identifying the most effective solutions.

1 Delivering the full regulatory regime

1. On the basis of a report by the Comptroller and Auditor General, we took evidence from the Department for Science, Innovation and Technology (the Department) and Ofcom about preparedness for online safety regulation.1

2. People are increasingly living their lives online, with UK adults spending, on average, just under four hours online a day in 2022. There are challenges from such online activity. Of internet users in the UK, 68% of child users (aged 13–17), and 62% of adult users (aged 18+), indicated in 2022 that they had experienced at least one potential online harm in the last four weeks. Harmful content can vary in nature, from child sexual abuse material and terrorist content to online fraud and the encouragement of self-harm.2

3. The government has set itself an objective of making the UK the safest place in the world to go online. The Department was responsible for delivering the Online Safety Bill and in October 2023 the Online Safety Act (the Act) became law. The Act introduces new duties on search engines, firms which host user-generated content, and providers of pornographic content, to minimise the extent of illegal content and content that is harmful to children experienced by their users. Providers failing to meet these duties will be accountable to Ofcom, the UK’s existing communications regulator, in its new role as the UK’s online safety regulator.3

4. The Act requires Ofcom to secure the adequate protection of citizens from harm arising from content on regulated services, through the appropriate use by service providers of systems and processes designed to reduce the risk of such harm. Ofcom has been preparing for its new regulatory role since 2020 when the government confirmed its decision to appoint Ofcom as the regulator for online safety.4

Timelines for introducing the full regulatory regime

5. The Online Safety Bill (the Bill) became law in October 2023, but the detailed regulatory regime will take effect in phases over the coming years. On the day the Bill became law, Ofcom published a roadmap that set out the sequencing of these different phases. According to this, delivery of the full regime is not expected until 2026. Ofcom had previously expected to deliver the full regime by 2025.5

6. The Act commits Ofcom to have in place codes of practice on illegal harms and protecting children by 18 months after the Act became law. Ofcom told us that 18 months was the bare minimum needed to consult on proposed codes, to reflect on the results of the consultations, and then pass the final proposed codes to the Secretary of State. It also said that it plans to stick to this 18 month commitment.6 By December 2023, it had already launched consultations on illegal harms and protecting children from pornography.7 Ofcom stated that, provided that the consultation responses did not turn its work upside down in a way that it was not predicting, the illegal harms codes could be in place within 12 months, but that was about as quick as it could be.8

7. As part of its implementation of the regime, and before the regime can take real effect, Ofcom will have to produce 54 documents setting out different parts of the regulations, including formal codes of practice and guidance for regulated service providers, risk registers and pieces of research. At the time we took evidence Ofcom had so far produced 10 of these documents.9

8. Ofcom has been preparing for its new regulatory role since 2020 when the government confirmed its decision to appoint Ofcom as the regulator for online safety.10 Ofcom told us that there was no regulation of comparable scale and ambition, and that it therefore had to start from scratch in 2020. Both the scope and the timetable of the Bill changed significantly during its passage through Parliament.11 For example, in March 2022, the government removed previously core duties to tackle legal but harmful content.12 We questioned Ofcom about the impact the changes in scope and delays to the expected Bill timetable had on its preparation. Ofcom responded that, although it had been challenging for it to stay on track, the extra time had been quite helpful as it enabled it to progress its preparations and to move swiftly after the Bill became law. The Department and Ofcom both told us that they had had a close and collaborative relationship during this set-up period in order to be as ready as they could be on the day after the Bill received Royal Assent.13

Handling complaints

9. The Act requires all regulated service providers to put procedures in place for handling complaints from users and affected people about potentially harmful content.14 Ofcom will set out, through its codes of practice, how it expects service providers to handle such individual complaints. Its expectations include that it is easy for people to complain about particular pieces of content, and that service providers communicate effectively with the complainant and take action when the complaint is justified.15

10. Ofcom itself is only required to consider complaints from organisations about systemic issues arising from a service provider and impacting on online safety. It has no specific powers to take action, or compel regulated service providers to take action, on individual pieces of content or to get providers to offer redress to individual users on a case-by-case basis.16 Ofcom explained that the scale of potentially harmful, online material would make it impossible for it to respond to individual complaints and it must, instead, rely on service providers to have appropriate systems and processes to take action on complaints. It told us that Facebook alone moderates hundreds of thousands of items every hour.17

11. Ofcom told us that, while it is not able or resourced to act on individual complaints, its contact centre will be set up so people are able to submit complaints to Ofcom. Ofcom explained that this would provide a valuable source of data for itself, alongside other data, informing its triage process of harmful websites and helping it to identify emerging harms and to determine whether action would be taken.18

12. In other areas of Ofcom’s regulation, such as broadcasting, Ofcom can take action over complaints about individual programmes. We asked Ofcom how it will manage public expectation, including the risk of disappointment that people cannot complain to Ofcom about individual pieces of online content and the risk of frustration people might feel if they cannot see action being taken. Ofcom told us that it will be transparent about its work, including, where appropriate, publishing updates on compliance and enforcement action.19 Ofcom has also developed a communications strategy for managing people’s expectations and addressing misunderstandings about its roles.20 However, Ofcom stated that it did not currently have a system for relating action it subsequently took back to individual complaints from the public and did not think this would be straightforward to implement. Ofcom recognised the importance of a feedback loop to the public and said it would think about explaining how its work relates to public concerns.21

Monitoring and enforcing compliance

13. As the regulator for online safety, Ofcom will need to monitor the compliance of over 100,000 service providers, who target the UK market or have a significant number of UK users, and that fall within the scope of the regulation. The majority of regulated service providers will be based overseas and will not have been regulated by Ofcom before. The largest and riskiest service providers will be subject to detailed, one-to-one supervision.22 Ofcom expects around 40 companies will be supervised in this way and it has established a supervision team for this purpose.23 It also said that it had information-gathering powers and would issue requests for information to service providers, co-ordinating these requests carefully to prioritise the information required and take account of the burden on providers.24

14. For the non-supervised service providers, Ofcom will monitor their compliance through automated data collection and analysis processes, supported by information from partner organisations that deal with the various harms. Ofcom told us that it has yet to develop the automated systems, but that it hopes the systems will provide an early warning system and enable it to spot emerging risks.25 Ofcom did not plan to ask large numbers of smaller companies for information at this stage, because it considered that would not be proportionate.26 It recognised that, in an area where there has not been regulation before, this change is going to increase costs overall across the industry, and said it would therefore do everything it could to make the burden of compliance manageable and proportionate.27 It was also conscious of the need for it to manage carefully the risk that its regulation could prohibit the emergence of new players and innovation.28

15. Ofcom explained that, where non-compliance issues arise, it will approach services with an engagement-first attitude and would not normally move straight to enforcement. It described a recent example of its engagement with an overseas-based website about how to commit suicide.29 Following Ofcom’s engagement, UK users are now blocked from the website. Nonetheless, Ofcom recognised that it might be difficult to work with small, overseas companies that do not engage, and that, in these circumstances, and if there was a serious risk, it would probably need to take enforcement action.30

16. Ofcom cannot undertake enforcement action until the codes of practice are published and, in some instances, set before parliament.31 Ofcom plans to publish its first codes, on illegal harms and protecting children, within 18 months of the Bill becoming law (April 2025).32 We asked Ofcom how it plans to reduce online harms and prepare service providers for regulation before the codes become enforceable.33 Ofcom responded that the consultation documents on its various codes of practice and guidance for service providers will set out practical steps which providers can take now to protect users before their duties become fully enforceable .34 It had also set up its supervision team and begun engaging with the supervised service providers to encourage these to start to comply in the short- to medium- term before their statutory duties become enforceable, and to make its expectations very clear.35

17. Ofcom told us that it had undertaken a similar approach in its regulation of video-sharing platforms from November 2020. It had worked with pornography providers, some of whom had, as a result, introduced age estimation techniques. However, there had been a cluster of smaller companies that had not been so compliant, and Ofcom had therefore started a compliance programme on these at the beginning of 2023. As a result, these too were now moving to put in place the kinds of age verification Ofcom was asking for. Ofcom noted that, even when its powers are enforceable, it does take time to achieve change as some companies will move faster than others.36

18. The enforcement action Ofcom can take on online safety regulation includes: fines of up to 10% of global revenues; requirements on the service provider to make changes; business disruption measures that prevent them from accessing the UK market; and criminal sanctions.37 Ofcom explained that any action it takes can be judicially reviewed if a company feels that Ofcom has gone too far or does not have the right evidence. Its enforcement decisions will therefore need to be clearly evidenced, proportionate and risk-based, such that any action it takes has an impact and stands up in court.38

2 Financing the regime and ensuring excellence

Financing the regime

19. Ofcom’s expenditure is subject to an overall budget cap set by HM Treasury. Treasury agreed to increase this cap to fund the upfront costs of the online safety regime, with the costs funded from Ofcom’s retention of Wireless Telegraphy Act 2006 receipts, which it would have otherwise handed to the Exchequer.39 The Department told us that this arrangement will continue until the fee regime is in place.40 As at April 2023, Ofcom estimated that its cumulative costs in preparing for and implementing the regime could total £169 million over five years by the end of 2024–25.41 As part of this, the Department and Treasury agreed to provide Ofcom with £63 million for 2024–25, which was £3 million less than Ofcom had requested.42

20. The online safety regime is expected to be self-financing, once it is fully operational, with both ongoing costs of the regime and the costs of its set-up covered by fees levied on industry.43 However, Ofcom will not start charging fees until 2026–27 and will not begin recouping the set-up costs until 2027–28, with it taking three to five years for these costs to be fully recovered.44 The start of the fee regime is later than Ofcom originally expected. In June 2023, Ofcom had expected that it would start to recover costs in 2025–26, which was already a year later than originally expected. These delays are due to changes to the timetable and scope of the Bill during its passage through parliament, as well as a recommendation by a parliamentary Committee to introduce additional scrutiny to the legislative process required to introduce the fees.45 Ofcom recognised that it will be a long time before the costs are recovered, but told us that they do not score as public expenditure.46

21. Ofcom has yet to determine many of the details of the fee regime, including the period over which set-up costs will be recovered; the revenue threshold at which firms start to pay fees; and the fee rates payable. It had also yet to undertake financial modelling to inform the design of the fee regime.47 Ofcom explained that, before it sets up the fee regime, the Act requires it to produce advice for the Secretary of State on revenue thresholds, which will require consultation, and to publish a statement of charging principles that sets out how Ofcom has calculated the fees for each year. Ofcom expects that the fees are likely to be index-linked, but is still working out the details.48

22. We asked Ofcom whether it has been able to give industry any indication about the likely scale of fees. Ofcom was unable to comment but did highlight that it will run a consultation during which industry can provide input and that ultimately the Government will have a role in deciding on some of the trade-offs involved in setting up the fee regime.49 Ofcom recognised the challenge that more time may be spent regulating smaller and risky companies, which is paid for by larger and more compliant companies. It stated that it will aim to be proportionate, fair and administratively effective with how it sets the fees across the industry.50 Ofcom also told us that it will be completely transparent with industry at the start of each financial year about the fees it will be charging.51

Capacity and skill requirements

23. To deliver its online safety work, Ofcom reported that it has increased its headcount, from around 950 people to what will probably be around 1,500, an increase of about 50%.52 Progress in meeting its staffing requirements has been broadly to schedule.53 Ofcom described such a major recruitment programme as both a challenge and an opportunity to improve the overall shape and make-up of the organisation. It had been able to grow its expertise in technology and data, and now had a workforce that was more spread across the country.54 Ofcom has, so far, recruited from a variety of relevant bodies, including civil society bodies such as the National Society for the Prevention of Cruelty to Children (NSPCC) and Internet Watch Foundation, law enforcement agencies, such as the National Crime Agency, other regulators, and online service providers such as Google and Meta.55

24. Ofcom told us that some recruits have returned to industry, but that retention generally is not an issue at the moment.56 It told us that it is confident in its ability to attract the necessary talent, with people attracted by Ofcom’s mission and the opportunity to achieve change to online safety. We asked Ofcom about the salaries it is offering. As an independent regulator, Ofcom is able to set its own salaries. Ofcom told us that the salaries it offers are what is required to attract the necessary skills, but that they are not that much higher than elsewhere in the public sector.57

25. Ofcom has undertaken extensive organisational design work to prepare for and operate the new regulatory regime.58 Ofcom explained that, to improve accountability and organisational clarity, it re-organised around four groups of work, of which online safety is one. Accountability for delivering Ofcom’s online safety responsibilities sits within this online safety group.59 Ofcom is confident that this new structure will enable it to respond quickly to new and emerging harms but acknowledged that more work is needed to embed more responsive ways of working.60 The Department told us that, at the time of our evidence session, it was at the very late stages of recruiting three non-executive directors to the Ofcom board to provide knowledge and experience across the full suite of Ofcom’s activities, including online safety.61

26. The Department also recognised that it needs to be constantly evolving its own capabilities so that it has the right resources to deal with the new risks and opportunities arising in a rapidly changing environment. It cited as examples the work it had done since its own creation in response to the rapid developments in generative AI, such as the emergence of ChatGPT. However, the challenge it faced was making that ability to evolve and respond quickly to change part of its DNA.62

Evaluating and learning

27. The government considers that, with the Online Safety Act, the UK will be the first country to regulate such a comprehensive range of online harms, and the Department told us that a lot of what it described as ‘nascent legislation in this space’, particularly around Europe and elsewhere, looked a lot like the Act.63 In developing the legislation and regulatory regime established by the Act, both the Department and Ofcom have engaged with overseas regulators as they recognise that online safety is a global problem and that hardly any of the companies subject to regulation are based in the UK. Ofcom has also liaised with other UK regulators.64

28. Both the Department and Ofcom see collaboration, both nationally and internationally, as crucial to achieving change on behalf of the British public in line with the Act. Working in partnership with other regulators will help them be alert to the next set of issues arising and how they might be addressed.65 For example, the Global Online Safety Regulators Network, which Ofcom helped launch in November 2022, has enabled Ofcom to get to grips with the emerging harm of sextortion (sex-based blackmail) and talk to law enforcement agencies about this more quickly than it would otherwise have done.66 The Act also requires Ofcom power to tackle fraudulent advertising. Ofcom told us that it is recommending that larger platforms should use trusted flaggers, organisations like HMRC, the Financial Conduct Authority, and other civil society organisations that are well-placed to know that something is fraudulent. It is also recommending that the services have in place a tougher flagger system so that they can act more quickly against criminals who use whichever loophole has opened up.67

29. The Department and Ofcom also recognise the role evaluation will play in ensuring the regulatory regime’s future success. For example, Ofcom is developing evaluations and key metrics to make sure that its proposals are being acted on and are having the effect that it intended, while the Online Safety Act requires the Department to undertake an evaluation of regulatory effectiveness within two to five years after the Act received Royal Assent. The Department has been working with Ofcom to ensure their evaluation activities complement each other. However, Ofcom has yet to finalise the performance metrics it will use to evaluate the impact of its different interventions, and the Department has important gaps in its evidence base. Evaluation will also be challenging owing to the nature of the regulated harms, the fast-changing landscape, the novelty of the regulatory regime and the lack of international precedents, and the lack of relevant data and metrics.68

Formal minutes

Monday 5 February 2024

Members present

Dame Meg Hillier, in the Chair

Paula Barker

Sir Geoffrey Clifton-Brown

Mr Jonathan Djanogly

Mrs Flick Drummond

Mr Mark Francois

Peter Grant

Ms Marie Rimmer

Preparedness for online safety

Draft Report (Preparedness for online safety regulation), proposed by the Chair, brought up and read.

Ordered, That the draft Report be read a second time, paragraph by paragraph.

Paragraphs 1 to 29 read and agreed to.

Summary agreed to.

Introduction agreed to.

Conclusions and recommendations agreed to.

Resolved, That the Report be the Thirteenth Report of the Committee to the House.

Ordered, That the Chair make the Report to the House.

Ordered, That embargoed copies of the Report be made available (Standing Order No. 134).


Adjourned till Wednesday 7 February at 1.00 p.m.


The following witnesses gave evidence. Transcripts can be viewed on the inquiry publications page of the Committee’s website.

Wednesday 6 December 2023

Sarah Munby, Permanent Secretary, Department for Science, Innovation and Technology; Sarah Connolly, Director for Security and Online Harms, Department for Science, Innovation and Technology; Dame Melanie Dawes, Chief Executive, Ofcom; Jessica Smith, Principal for Online Safety, OfcomQ1–89

Published written evidence

The following written evidence was received and can be viewed on the inquiry publications page of the Committee’s website.

POSR numbers are generated by the evidence processing system and so may not be complete.

1 Balfour, Dr Lindsay (Coventry University); Evans, Dr Adrienne (Coventry University); Maloney, Dr Marcus (Coventry University); and Merry, Dr Sarah Kate (Coventry University) (POSR0006)

2 Careful Industries (POSR0008)

3 Carnegie UK; and Reset (POSR0002)

4 Christian Action Research and Education (CARE) (POSR0003)

5 Doodnath, Dianne (Dianne Doodnath, UK Finance) (POSR0012)

6 Match Group (POSR0011)

7 Ofcom (POSR0009)

8 Regulatory Institute (POSR0001)

9 Royal College of Psychiatrists (POSR0014)

10 The Age Verification Providers Association (POSR0015)

11 The Christian Institute (POSR0010)

12 The University of Manchester (POSR0007)

13 Urrestarazu, Dr Andres Roman (University of Cambridge); Fineberg, Professor Naomi (University of Hertfordshire); Larrain, Dr Blanca (University of Cambridge); Van Kessel, Dr Robin (London School of Economics and Political Science); Bowden-Jones, Professor Henrietta (University College London); and Corazza, Professor Ornella (University of Hertfordshire) (POSR0005)

List of Reports from the Committee during the current Parliament

All publications from the Committee are available on the publications page of the Committee’s website.

Session 2023–24





The New Hospital Programme

HC 77


The condition of school buildings

HC 78


Revising health assessments for disability benefits

HC 79


The Department for Work & Pensions Annual Report and Accounts 2022–23

HC 290


Government’s programme of waste reforms

HC 333


Competition in public procurement

HC 385


Resilience to flooding

HC 71


Improving Defence Inventory Management

HC 66


Whole of Government Accounts 2020–21

HC 65


HS2 and Euston

HC 67


Reducing the harm from illegal drugs

HC 72


Cross-government working

HC 75

Session 2022–23





Department for Business, Energy & Industrial Strategy Annual Report and Accounts 2020–21

HC 59


Lessons from implementing IR35 reforms

HC 60


The future of the Advanced Gas-cooled Reactors

HC 118


Use of evaluation and modelling in government

HC 254


Local economic growth

HC 252


Department of Health and Social Care 2020–21 Annual Report and Accounts

HC 253


Armoured Vehicles: the Ajax programme

HC 259


Financial sustainability of the higher education sector in England

HC 257


Child Maintenance

HC 255


Restoration and Renewal of Parliament

HC 49


The rollout of the COVID-19 vaccine programme in England

HC 258


Management of PPE contracts

HC 260


Secure training centres and secure schools

HC 30


Investigation into the British Steel Pension Scheme

HC 251


The Police Uplift Programme

HC 261


Managing cross-border travel during the COVID-19 pandemic

HC 29


Government’s contracts with Randox Laboratories Ltd

HC 28


Government actions to combat waste crime

HC 33


Regulating after EU Exit

HC 32


Whole of Government Accounts 2019–20

HC 31


Transforming electronic monitoring services

HC 34


Tackling local air quality breaches

HC 37


Measuring and reporting public sector greenhouse gas emissions

HC 39


Redevelopment of Defra’s animal health infrastructure

HC 42


Regulation of energy suppliers

HC 41


The Department for Work and Pensions’ Accounts 2021–22 – Fraud and error in the benefits system

HC 44


Evaluating innovation projects in children’s social care

HC 38


Improving the Accounting Officer Assessment process

HC 43


The Affordable Homes Programme since 2015

HC 684


Developing workforce skills for a strong economy

HC 685


Managing central government property

HC 48


Grassroots participation in sport and physical activity

HC 46


HMRC performance in 2021–22

HC 686


The Creation of the UK Infrastructure Bank

HC 45


Introducing Integrated Care Systems

HC 47


The Defence digital strategy

HC 727


Support for vulnerable adolescents

HC 730


Managing NHS backlogs and waiting times in England

HC 729


Excess Votes 2021–22

HC 1132


COVID employment support schemes

HC 810


Driving licence backlogs at the DVLA

HC 735


The Restart Scheme for long-term unemployed people

HC 733


Progress combatting fraud

HC 40


The Digital Services Tax

HC 732


Department for Business, Energy & Industrial Strategy Annual Report and Accounts 2021–22

HC 1254


BBC Digital

HC 736


Investigation into the UK Passport Office

HC 738


MoD Equipment Plan 2022–2032

HC 731


Managing tax compliance following the pandemic

HC 739


Government Shared Services

HC 734


Tackling Defra’s ageing digital services

HC 737


Restoration & Renewal of the Palace of Westminster – 2023 Recall

HC 1021


The performance of UK Security Vetting

HC 994


Alcohol treatment services

HC 1001


Education recovery in schools in England

HC 998


Supporting investment into the UK

HC 996


AEA Technology Pension Case

HC 1005


Energy bills support

HC 1074


Decarbonising the power sector

HC 1003


Timeliness of local auditor reporting

HC 995


Progress on the courts and tribunals reform programme

HC 1002


Department of Health and Social Care 2021–22 Annual Report and Accounts

HC 997


HS2 Euston

HC 1004


The Emergency Services Network

HC 1006


Progress in improving NHS mental health services

HC 1000


PPE Medpro: awarding of contracts during the pandemic

HC 1590


Child Trust Funds

HC 1231


Local authority administered COVID support schemes in England

HC 1234


Tackling fraud and corruption against government

HC 1230


Digital transformation in government: addressing the barriers to efficiency

HC 1229


Resetting government programmes

HC 1231


Update on the rollout of smart meters

HC 1332


Access to urgent and emergency care

HC 1336


Bulb Energy

HC 1232


Active travel in England

HC 1335


The Asylum Transformation Programme

HC 1334


Supported housing

HC 1330


Resettlement support for prison leavers

HC 1329


Support for innovation to deliver net zero

HC 1331


Progress with Making Tax Digital

HC 1333

1st Special Report

Sixth Annual Report of the Chair of the Committee of Public Accounts

HC 50

2nd Special Report

Seventh Annual Report of the Chair of the Committee of Public Accounts

HC 1055

Session 2021–22





Low emission cars

HC 186


BBC strategic financial management

HC 187


COVID-19: Support for children’s education

HC 240


COVID-19: Local government finance

HC 239


COVID-19: Government Support for Charities

HC 250


Public Sector Pensions

HC 289


Adult Social Care Markets

HC 252


COVID 19: Culture Recovery Fund

HC 340


Fraud and Error

HC 253


Overview of the English rail system

HC 170


Local auditor reporting on local government in England

HC 171


COVID 19: Cost Tracker Update

HC 173


Initial lessons from the government’s response to the COVID-19 pandemic

HC 175


Windrush Compensation Scheme

HC 174


DWP Employment support

HC 177


Principles of effective regulation

HC 176


High Speed 2: Progress at Summer 2021

HC 329


Government’s delivery through arm’s-length bodies

HC 181


Protecting consumers from unsafe products

HC 180


Optimising the defence estate

HC 179


School Funding

HC 183


Improving the performance of major defence equipment contracts

HC 185


Test and Trace update

HC 182


Crossrail: A progress update

HC 184


The Department for Work and Pensions’ Accounts 2020–21 – Fraud and error in the benefits system

HC 633


Lessons from Greensill Capital: accreditation to business support schemes

HC 169


Green Homes Grant Voucher Scheme

HC 635


Efficiency in government

HC 636


The National Law Enforcement Data Programme

HC 638


Challenges in implementing digital change

HC 637


Environmental Land Management Scheme

HC 639


Delivering gigabitcapable broadband

HC 743


Underpayments of the State Pension

HC 654


Local Government Finance System: Overview and Challenges

HC 646


The pharmacy early payment and salary advance schemes in the NHS

HC 745


EU Exit: UK Border post transition

HC 746


HMRC Performance in 2020–21

HC 641


COVID-19 cost tracker update

HC 640


DWP Employment Support: Kickstart Scheme

HC 655


Excess votes 2020–21: Serious Fraud Office

HC 1099


Achieving Net Zero: Follow up

HC 642


Financial sustainability of schools in England

HC 650


Reducing the backlog in criminal courts

HC 643


NHS backlogs and waiting times in England

HC 747


Progress with trade negotiations

HC 993


Government preparedness for the COVID-19 pandemic: lessons for government on risk

HC 952


Academies Sector Annual Report and Accounts 2019/20

HC 994


HMRC’s management of tax debt

HC 953


Regulation of private renting

HC 996


Bounce Back Loans Scheme: Follow-up

HC 951


Improving outcomes for women in the criminal justice system

HC 997


Ministry of Defence Equipment Plan 2021–31

HC 1164

1st Special Report

Fifth Annual Report of the Chair of the Committee of Public Accounts

HC 222

Session 2019–21





Support for children with special educational needs and disabilities

HC 85


Defence Nuclear Infrastructure

HC 86


High Speed 2: Spring 2020 Update

HC 84


EU Exit: Get ready for Brexit Campaign

HC 131


University technical colleges

HC 87


Excess votes 2018–19

HC 243


Gambling regulation: problem gambling and protecting vulnerable people

HC 134


NHS capital expenditure and financial management

HC 344


Water supply and demand management

HC 378


Defence capability and the Equipment Plan

HC 247


Local authority investment in commercial property

HC 312


Management of tax reliefs

HC 379


Whole of Government Response to COVID-19

HC 404


Readying the NHS and social care for the COVID-19 peak

HC 405


Improving the prison estate

HC 244


Progress in remediating dangerous cladding

HC 406


Immigration enforcement

HC 407


NHS nursing workforce

HC 408


Restoration and renewal of the Palace of Westminster

HC 549


Tackling the tax gap

HC 650


Government support for UK exporters

HC 679


Digital transformation in the NHS

HC 680


Delivering carrier strike

HC 684


Selecting towns for the Towns Fund

HC 651


Asylum accommodation and support transformation programme

HC 683


Department of Work and Pensions Accounts 2019–20

HC 681


Covid-19: Supply of ventilators

HC 685


The Nuclear Decommissioning Authority’s management of the Magnox contract

HC 653


Whitehall preparations for EU Exit

HC 682


The production and distribution of cash

HC 654


Starter Homes

HC 88


Specialist Skills in the civil service

HC 686


Covid-19: Bounce Back Loan Scheme

HC 687


Covid-19: Support for jobs

HC 920


Improving Broadband

HC 688


HMRC performance 2019–20

HC 690


Whole of Government Accounts 2018–19

HC 655


Managing colleges’ financial sustainability

HC 692


Lessons from major projects and programmes

HC 694


Achieving government’s long-term environmental goals

HC 927


COVID 19: the free school meals voucher scheme

HC 689


COVID-19: Government procurement and supply of Personal Protective Equipment

HC 928


COVID-19: Planning for a vaccine Part 1

HC 930


Excess Votes 2019–20

HC 1205


Managing flood risk

HC 931


Achieving Net Zero

HC 935


COVID-19: Test, track and trace (part 1)

HC 932


Digital Services at the Border

HC 936


COVID-19: housing people sleeping rough

HC 934


Defence Equipment Plan 2020–2030

HC 693


Managing the expiry of PFI contracts

HC 1114


Key challenges facing the Ministry of Justice

HC 1190


Covid 19: supporting the vulnerable during lockdown

HC 938


Improving single living accommodation for service personnel

HC 940


Environmental tax measures

HC 937


Industrial Strategy Challenge Fund

HC 941


1 C&AG’s Report, Preparedness for online safety regulation, Session 2022–23, HC 1660, 12 July 2023

2 C&AG’s Report, para 1

3 C&AG’s Report, para 2

4 C&AG’s Report, para 3

5 Qq 9, 42; C&AG’s Report, para 1.10

6 Q 9

7 Q 4

8 Q 9

9 Q 42; C&AG’s Report, para 1.12

10 C&AG’s Report, para 3

11 Q 4; C&AG’s Report, para 1.8

12 C&AG’s Report, para 1.8, figure 4

13 Qq 4, 6

14 C&AG’s Report, para 1.16

15 Q 26

16 Q 26; C&AG’s Report, para 1.16

17 Q 28

18 Qq 26–28

19 Qq 28, 30, 31, 68

20 C&AG’s Report, para 1.16

21 Q 31

22 Q 16; C&AG’s Report, paras 14, 3.11

23 Q 44

24 Q 15

25 Qq 23, 48, 49: C&AG’s Report, para 3.12

26 Q 15

27 Qq 19, 20

28 Q 72; C&AG’s Report, para 3.16

29 Q 25

30 Qq 25, 27, 55

31 Q 51; C&AG’s Report, para 1.14

32 Qq 24, 44, 51

33 Qq 44, 51

34 Qq 24, 52

35 Qq 44, 52

36 Q 47

37 Q 53; C&AG’s Report, figure 3

38 Qq 54–56

39 Q 58; C&AG’s Report, para 2.6

40 Q 66

41 C&AG’s Report, para 2.7

42 Q 59

43 Q 59; C&AG’s Report, para 2.6

44 Q 61

45 Q 63; C&AG’s Report, paras 2.6, 2.7

46 Q 62

47 C&AG’s Report, para 2.9

48 Qq 80–82

49 Qq 85–86

50 Q 84

51 Q 81

52 Q 8

53 C&AG’s Report, para 2.13

54 Q 8

55 C&AG’s Report, para 2.16

56 Qq 88–89

57 Qq 60, 87–89

58 C&AG’s Report, para 2.10

59 Qq 70–71

60 C&AG’s Report, para 2.11

61 Q 69

62 Q 36

63 Q 17; C&AG’s Report para 1.3

64 Qq 17, 75, 77; C&AG’s Report paras 3.5–3.7

65 Qq 74, 75, 77

66 Qq 23, 75, 77; C&AG’s Report para 3.7

67 Q 67

68 Qq 23, 73, 78; C&AG’s Report paras 3.13–3.15