Planning

NHS Counter Fraud Authority (CFA) - Case Management System

NHS COUNTER FRAUD AUTHORITY

This public procurement record has 1 release in its history.

Planning

21 Apr 2026 at 13:23

UK2 - Preliminary Market Engagement Notice
Summary of the contracting process

The NHS Counter Fraud Authority is initiating a procurement process for a Case Management System designed to serve 450 users across health and government organisations. The project is currently in the planning stage, with a market engagement deadline set for 8th May 2026. The procurement is classified under the "security software package" industry category, with a focus on goods. This initiative is managed by NHS Shared Business Services, located in London, offering strategic procurement delivery. The procurement process aims to commence on 1st April 2027 and conclude by 31st March 2032, involving a budget of £1,000,000 with a gross amount of £1,200,000. The contract will be executed across the United Kingdom, facilitating a broad spectrum of functionalities related to investigation, case management, and data handling within fraud and crime scenarios.

This tender provides significant growth opportunities for businesses specialising in security software packages, particularly those with capabilities in scalable licensing solutions, investigative data management, and disclosure handling. Companies experienced in delivering comprehensive case management systems, equipped with customisable configurations and secure data exchange functionalities, would be well-suited for this contract. The NHS Counter Fraud Authority’s focus on robust interaction with the Crown Prosecution Service, alongside detailed intelligence reporting and financial investigation capabilities, necessitates vendors adept in offering sophisticated software solutions that align with specific governmental guidelines and operational requirements. Enterprises that can assure compliance with the Government Security Classifications Policy and demonstrate expertise in secure, adaptable software development should consider engaging in this procurement process to expand their footprint within the public sector.

Find more tenders on our Open Data Platform.
How relevant is this notice?

Notice Information

Notice Title

NHS Counter Fraud Authority (CFA) - Case Management System

Notice Description

The NHS Counter Fraud Authority (NHSCFA) requires a solution that will be used by 450 users who work for different health and government organisations with the appropriate access and control permissions. It needs to be able to: * Increase scalability of licences should there be a business need. The Licences must include the ability to collect and then disseminate data to third parties. * Create fraud/crime allegation reports that can be developed by users and then be promoted to investigations and the ability to create investigations and add allegation report and intelligence. * Capture investigative activity undertaken as part of criminal investigations: record, retain, review, reveal activity notes, tasks, reasonable lines of enquiry, key investigative events (arrests, searches, interviews, court appearances etc) decision making, outcomes (criminal offences, internal and external disciplinary, financial outcomes), nominal data (people, subjects, addresses, telephone number, emails, bank accounts, organisations and vehicles), statements, exhibits, unused material, financial investigation and intelligence and risk assessment/checklists. * Have assessment, sanitisation and actioning functionality that allows for the management of an investigation or case from the beginning of the process, including the ability to have them endorsed at or by tasking with rationale and then transfer to operational teams with all relevant intelligence and evidence. * To manage disclosure (CPIA) and create and update prosecution bundles submitted to Crown Prosecution Service. MG9 witness list and statement bundle; MG12 exhibit list and exhibit bundle; MG6 disclosure schedules can be generated and submitted; other MG forms can form part of a prosecution file submission to Crown Prosecution Service by direct a Two Way Interface or similar integration, or export functionality. Functionality to populate other forms in the MG suite. * Information exchange with the CPS by exporting case files and exhibits to their systems, support email notifications from system disclosure. * Issue and manage task workflows, data requests, assigned lines of enquiries, updates via a local tasking and coordination process. Should have information and activity recording, to illustrate new tasking and to highlight when actions have, or indeed have not, been completed by target date. * Record, sanitise, manage, and disseminate 3x5x2 intelligence (including financial intelligence) reports to internal, external users and third-party intelligence organisations. Manage confidential sources and ability to capture pieces of information from external sources. * The solution should be able to record Financial Investigation activity in terms of Proceeds of Crime (2002) investigations and proceedings as well as manage disclosure (CPIA) and create and update prosecution bundles submitted to Crown Prosecution Service. Centrally it needs to capture Fraud Risk (Prevention) Assessments with the ability to disseminate across users to communication fraud risks across the NHS. Information management reporting needs to have capability for all record data, including time, resource, and cost management. * Different levels of configuration and customisation are required that are available to admin users within the system. It should have the ability to easily change the status of a person from subject to witness and vice versa. The solution must allow users to delete or archive data in accordance with NHSCFA internal retention schedule. The solution should facilitate marking records following the Government Security Classifications Policy. * The solution must incorporate into the design the ability to hold any forms required during managing cases, such as investigations plans, disclosure strategy and any associated documents, and allow their searchability.) * The solution should have the ability to RAG rate operational fraud risk activity as part of the ongoing review process. The system must have the ability to rapidly allocate and report upon a risk for any assessment recorded, this could for example be a person, an organisation, or a particular investigation.

Planning Information

The engagement process is through online submission of a Market Engagement Questionnaire (MEQ) by the engagement deadline. Interested Suppliers can access the MEQ and a truncated version of the Specification of requirements via the SAP Ariba Platform link published below. Please download the MEQ, read and complete by the deadline above. Please also download and read the Specification for details of the service required by NHSCFA. Link below https://portal.us.bn.cloud.ariba.com/dashboard/public/appext/comsapsbncdiscoveryui#/RfxEvent/preview/1110010821?anId=ANONYMOUS

Notice Details

Publication & Lifecycle

Open Contracting ID
ocds-h6vhtk-06877e
Publication Source
Find A Tender Service
Latest Notice
https://www.find-tender.service.gov.uk/Notice/036143-2026
Current Stage
Planning
All Stages
Planning

Procurement Classification

Notice Type
UK2 - Preliminary Market Engagement Notice
Procurement Type
Standard
Procurement Category
Goods
Procurement Method
Not Specified
Procurement Method Details
Not specified
Tender Suitability
Not specified
Awardee Scale
Not specified

Common Procurement Vocabulary (CPV)

CPV Divisions

48 - Software package and information systems

CPV Codes

48730000 - Security software package

Notice Value(s)

Tender Value
£1,000,000 £1M-£10M
Lots Value
Not specified
Awards Value
Not specified
Contracts Value
Not specified

Notice Dates

Publication Date
21 Apr 20263 days ago
Submission Deadline
Not specified
Future Notice Date
8 May 20262 weeks to go
Award Date
Not specified
Contract Period
31 Mar 2027 - 31 Mar 2032 Over 5 years
Recurrence
Not specified

Notice Status

Tender Status
Planning
Lots Status
Planning
Awards Status
Not Specified
Contracts Status
Not Specified

Buyer & Supplier

Contracting Authority (Buyer)

Main Buyer
NHS COUNTER FRAUD AUTHORITY
Additional Buyers

NHS SHARED BUSINESS SERVICES

Contact Name
Available with D3 Tenders Premium →
Contact Email
Available with D3 Tenders Premium →
Contact Phone
Available with D3 Tenders Premium →

Buyer Location

Locality
LONDON
Postcode
E14 4PU
Post Town
East London
Country
England
Major Region (ITL 1)
TLI London
Basic Region (ITL 2)
TLI3 Inner London - West
Small Region (ITL 3)
TLI35 Westminster and City of London
Delivery Location
Not specified
Local Authority
City of London
Electoral Ward
Farringdon Within
Westminster Constituency
Cities of London and Westminster

Further Information

Notice Documents

Open Contracting Data Standard (OCDS)

View full OCDS Record for this contracting process

Download

The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts. 

{
    "tag": [
        "compiled"
    ],
    "id": "ocds-h6vhtk-06877e-2026-04-21T14:23:34+01:00",
    "date": "2026-04-21T14:23:34+01:00",
    "ocid": "ocds-h6vhtk-06877e",
    "initiationType": "tender",
    "parties": [
        {
            "id": "GB-PPON-PZYP-1949-WBBQ",
            "name": "NHS Counter Fraud Authority",
            "identifier": {
                "scheme": "GB-PPON",
                "id": "PZYP-1949-WBBQ"
            },
            "address": {
                "streetAddress": "7th Floor, HM Government Hub, 10 South Colonnade, Canary Wharf",
                "locality": "London",
                "postalCode": "E14 4PU",
                "country": "GB",
                "countryName": "United Kingdom",
                "region": "UKI42"
            },
            "contactPoint": {
                "email": "stephen.lough@nhscfa.gov.uk"
            },
            "roles": [
                "buyer"
            ],
            "details": {
                "classifications": [
                    {
                        "id": "publicAuthoritySubCentralGovernment",
                        "scheme": "UK_CA_TYPE",
                        "description": "Public authority - sub-central government"
                    }
                ]
            }
        },
        {
            "id": "GB-COH-5280446",
            "name": "NHS Shared Business Services",
            "identifier": {
                "scheme": "GB-COH",
                "id": "5280446"
            },
            "additionalIdentifiers": [
                {
                    "scheme": "GB-PPON",
                    "id": "PLML-1365-ZXZM"
                }
            ],
            "address": {
                "streetAddress": "1 Bartholomew Close",
                "locality": "London , England",
                "postalCode": "EC1A 7BL",
                "country": "GB",
                "countryName": "United Kingdom",
                "region": "UKI31"
            },
            "contactPoint": {
                "email": "lloyd.richardson3@nhs.net"
            },
            "roles": [
                "procuringEntity",
                "processContactPoint"
            ],
            "roleDetails": "Strategic Procurement Delivery",
            "details": {
                "url": "https://www.sbs.nhs.uk/"
            }
        }
    ],
    "buyer": {
        "id": "GB-PPON-PZYP-1949-WBBQ",
        "name": "NHS Counter Fraud Authority"
    },
    "planning": {
        "milestones": [
            {
                "id": "engagement",
                "type": "engagement",
                "description": "The engagement process is through online submission of a Market Engagement Questionnaire (MEQ) by the engagement deadline. Interested Suppliers can access the MEQ and a truncated version of the Specification of requirements via the SAP Ariba Platform link published below. Please download the MEQ, read and complete by the deadline above. Please also download and read the Specification for details of the service required by NHSCFA. Link below https://portal.us.bn.cloud.ariba.com/dashboard/public/appext/comsapsbncdiscoveryui#/RfxEvent/preview/1110010821?anId=ANONYMOUS",
                "dueDate": "2026-05-08T23:59:59+01:00",
                "status": "scheduled"
            }
        ],
        "documents": [
            {
                "id": "036143-2026",
                "documentType": "marketEngagementNotice",
                "noticeType": "UK2",
                "description": "Preliminary market engagement notice on Find a Tender",
                "url": "https://www.find-tender.service.gov.uk/Notice/036143-2026",
                "datePublished": "2026-04-21T14:23:34+01:00",
                "format": "text/html"
            }
        ]
    },
    "tender": {
        "id": "ocds-h6vhtk-06877e",
        "legalBasis": {
            "id": "2023/54",
            "scheme": "UKPGA",
            "uri": "https://www.legislation.gov.uk/ukpga/2023/54/contents"
        },
        "title": "NHS Counter Fraud Authority (CFA) - Case Management System",
        "description": "The NHS Counter Fraud Authority (NHSCFA) requires a solution that will be used by 450 users who work for different health and government organisations with the appropriate access and control permissions. It needs to be able to: * Increase scalability of licences should there be a business need. The Licences must include the ability to collect and then disseminate data to third parties. * Create fraud/crime allegation reports that can be developed by users and then be promoted to investigations and the ability to create investigations and add allegation report and intelligence. * Capture investigative activity undertaken as part of criminal investigations: record, retain, review, reveal activity notes, tasks, reasonable lines of enquiry, key investigative events (arrests, searches, interviews, court appearances etc) decision making, outcomes (criminal offences, internal and external disciplinary, financial outcomes), nominal data (people, subjects, addresses, telephone number, emails, bank accounts, organisations and vehicles), statements, exhibits, unused material, financial investigation and intelligence and risk assessment/checklists. * Have assessment, sanitisation and actioning functionality that allows for the management of an investigation or case from the beginning of the process, including the ability to have them endorsed at or by tasking with rationale and then transfer to operational teams with all relevant intelligence and evidence. * To manage disclosure (CPIA) and create and update prosecution bundles submitted to Crown Prosecution Service. MG9 witness list and statement bundle; MG12 exhibit list and exhibit bundle; MG6 disclosure schedules can be generated and submitted; other MG forms can form part of a prosecution file submission to Crown Prosecution Service by direct a Two Way Interface or similar integration, or export functionality. Functionality to populate other forms in the MG suite. * Information exchange with the CPS by exporting case files and exhibits to their systems, support email notifications from system disclosure. * Issue and manage task workflows, data requests, assigned lines of enquiries, updates via a local tasking and coordination process. Should have information and activity recording, to illustrate new tasking and to highlight when actions have, or indeed have not, been completed by target date. * Record, sanitise, manage, and disseminate 3x5x2 intelligence (including financial intelligence) reports to internal, external users and third-party intelligence organisations. Manage confidential sources and ability to capture pieces of information from external sources. * The solution should be able to record Financial Investigation activity in terms of Proceeds of Crime (2002) investigations and proceedings as well as manage disclosure (CPIA) and create and update prosecution bundles submitted to Crown Prosecution Service. Centrally it needs to capture Fraud Risk (Prevention) Assessments with the ability to disseminate across users to communication fraud risks across the NHS. Information management reporting needs to have capability for all record data, including time, resource, and cost management. * Different levels of configuration and customisation are required that are available to admin users within the system. It should have the ability to easily change the status of a person from subject to witness and vice versa. The solution must allow users to delete or archive data in accordance with NHSCFA internal retention schedule. The solution should facilitate marking records following the Government Security Classifications Policy. * The solution must incorporate into the design the ability to hold any forms required during managing cases, such as investigations plans, disclosure strategy and any associated documents, and allow their searchability.) * The solution should have the ability to RAG rate operational fraud risk activity as part of the ongoing review process. The system must have the ability to rapidly allocate and report upon a risk for any assessment recorded, this could for example be a person, an organisation, or a particular investigation.",
        "items": [
            {
                "id": "1",
                "additionalClassifications": [
                    {
                        "scheme": "CPV",
                        "id": "48730000",
                        "description": "Security software package"
                    }
                ],
                "deliveryAddresses": [
                    {
                        "region": "UK",
                        "country": "GB",
                        "countryName": "United Kingdom"
                    }
                ],
                "relatedLot": "1"
            }
        ],
        "value": {
            "amountGross": 1200000,
            "amount": 1000000,
            "currency": "GBP"
        },
        "mainProcurementCategory": "goods",
        "lots": [
            {
                "id": "1",
                "contractPeriod": {
                    "startDate": "2027-04-01T00:00:00+01:00",
                    "endDate": "2032-03-31T23:59:59+01:00"
                },
                "status": "planning"
            }
        ],
        "status": "planning"
    },
    "language": "en"
}