Anti-Fraud policy

1) Introduction

The NPG requires all staff at all times to act honestly and with integrity and to safeguard the public resources for which they are responsible. The Gallery is committed to ensuring that opportunities for fraud and corruption are reduced to the lowest reasonable level of risk. This paper sets out the policy on the control of fraud and suspected fraud within the NPG. The policy can be found on the staff network.

2) Scope

This policy applies to all the Gallery’s activities, wherever they are undertaken, to all individuals who work for the Gallery and the National Portrait Gallery Company Ltd, including contract staff, volunteers and freelancers and to individuals in a commercial relationship with the Gallery e.g. the employees of suppliers. The aim of the policy is to minimise the risk of any fraud being perpetrated against the Gallery and the Company, thereby depriving the Gallery and Company of assets and resources and potentially damaging the Gallery’s reputation.

3) Definitions

Fraud is used to describe such acts as deception, bribery, forgery, extortion, corruption, theft, conspiracy, embezzlement, misappropriation, false representation, concealment of material facts and collusion.

For practical purposes fraud may be defined as the use of deception with the intention of obtaining an advantage, avoiding an obligation or causing loss to another party. Obviously fraud can be perpetrated by persons outside as well as inside an organisation. The criminal act is the attempt to deceive and attempted fraud is therefore treated as seriously as accomplished fraud.

The Fraud Act 2006 replaced parts of the Theft Acts of 1968 and 1978 which until then covered the offences of fraud. The 2006 Act introduced provisions for the general offence of fraud which broadened the interpretation of fraud. This is covered under 3 sections:-
Section 2 – Fraud by false representation
Section 3 – Fraud by failing to disclose information
Section 4 – Fraud by abuse of position

False representation includes dishonestly making a false representation, and intending - by making the representation – to make a gain for oneself or another, or cause loss to another or to expose another to a risk of loss. A representation is false if it is untrue or misleading, and the person making it knows that it is, or might be, untrue or misleading.

A person is considered to have committed a fraud through abuse of position if he:

• occupies a position in which he is expected to safeguard, or not to act against, the financial interests of another person,
• dishonestly abuses that position, and
• intends, by means of the abuse of that position to make a gain for himself or another, or to cause loss to another or to expose another to a risk of loss.

An ‘associated person’ is a person who performs services for or on behalf of an organisation, e.g. employees, agents, contractors and subsidiaries.

A ‘corporate company’ is a corporate company failing to prevent bribery. The Fraud Act 2006 also created new offences of:

• Processing, making and supporting articles for use in fraud;
• Fraudulent trading and;
• Obtaining services

The Bribery Act 2010 replaced much older legislation which had become out of date. The new Act introduced four new criminal offences:

• Active Bribery – promising or giving a bribe,
• Passive Bribery – requesting, agreeing to receive or accepting a bribe,
• Bribing a foreign public official – to obtain or retain business, and
• Corporate offence – of failure of a “relevant commercial organisation” to prevent bribery by a person “associated” with that

Offences under both the Fraud and Bribery Acts are covered in this policy, as bribery is included within the definition of “fraud”. Fraud can cover a wide variety of misdemeanours and criminal culpability is not necessary for an act to be fraudulent, as the offence can be civil in nature.

The Bribery Act 2010 introduces a new offence for organisations. An organisation can be deemed guilty of 'failing to prevent bribery' if an 'associated person', carrying out activities on its behalf, bribes another person. There is no requirement of ‘fault’ on the part of the commercial organisation. It does not matter therefore that senior management did not participate in, know about or even suspect that persons associated with the business were giving bribes.

Frauds can be attempted or carried out in a number of ways, including:

• The theft of cash, cheques, equipment or items from the collections;
• The falsification of travel and subsistence or other expense claims;
• False claims for overtime (or flexible working);
• Irregularities in the tendering for, and execution and pricing of, supplies to the Gallery by contractors of: property, goods, services, works and consultancy;
• Corruption, including the receipt of payment or other material advantage as an inducement to the award of contracts by the Gallery or the offer of inducements by Gallery staff to secure a commercial or other advantage for the Gallery; and
• Forging works of art or documents relating to them.

Computer fraud is where information technology equipment has been used to manipulate programmes or data dishonestly (e.g. by altering, substituting or destroying records or creating spurious records), or where the use of an IT system was a material factor in the perpetration of fraud. Theft or fraudulent use of computer time and resources is included in this definition.

4) Legal Basis

The NPG’s responsibilities in relation to fraud are set out in Annex 4.9 of Managing Public Money(available on the UK government website) and the Gallery’s Management Agreement with the DCMS.

5) Statement of Principles

The Gallery will not accept any level of fraud or corruption; consequently any case will be promptly and thoroughly investigated and dealt with appropriately. Any member of staff found to be involved in theft, fraudulent action or conspiracy to defraud can expect to be dealt with in accordance with the agreed disciplinary procedures. Staff should draw attention to circumstances when they believe that there is improper behaviour by other Gallery staff or external contacts of the Gallery in accordance with the Whistleblowing Procedure (Appendix 2). All matters will be dealt with in confidence and in strict accordance with the terms of the Public Interest Disclosure Act 1998, which protects the legitimate personal interests of staff.

6) Responsibilities

Director (Accounting Officer)

• The Director is the Accounting Officer of the Gallery. The four essential accounting officer standards set out in Managing Public Money are:
  • Regularity
  • Propriety
  • Value for Money
  • Feasibility

Managing fraud risk is seen in the context of the management of this wider range of risks.

Chief Financial Officer

• Overall responsibility for managing the risk of fraud has been delegated to the Chief Financial Officer. The CFO’s responsibilities include:
• Undertaking a regular review of the fraud risks associated with each of the key organisational
• Establishing an effective anti-fraud policy and fraud response plan, commensurate to the level of fraud risk
• Assisting in the design of an effective control environment to prevent
• Establishing appropriate mechanisms for:
  • reporting fraud risk issues
  • reporting significant incidents of fraud or attempted fraud to the Director;
  • reporting to DCMS and HM Treasury in accordance with Managing Public Money Annex 4.9 (https://www.gov.uk/government/uploads/system/uploads/attachment_data/fil e/454191/Managing_Public_Money_AA_v2_-jan15.pdf ) and the Management Agreement.
  • Co-ordinating assurances about the effectiveness of the Anti-Fraud Policy to support the annual Governance
• Reporting to the Audit and Risk
• Making sure that all staff are aware of the organisation’s Anti-Fraud Policy and know what their responsibilities are in relation to combating fraud;
• Ensuring that appropriate anti-fraud training is made available to all staff on a regular basis; and
• Ensuring that appropriate action is taken to minimise the risk of previous frauds occurring in future.

Directors

Directors are responsible for:

• Reporting fraud to the CFO and Director
• Ensuring that vigorous and prompt investigations are carried out if fraud occurs or is suspected within their department;
• Taking appropriate legal and or/disciplinary action against perpetrators of fraud;
• Taking appropriate disciplinary action against supervisors where supervisory failures have contributed to the commission of fraud;
• Taking appropriate disciplinary action against staff who fail to report fraud; and
• Taking appropriate action to recover

Line Managers

The prevention and detection of fraud lies primarily with Line Managers as they are responsible for many of the processes and controls operated by the Gallery. In particular they are responsible for:

• Ensuring that an adequate system of internal control exists within their areas of responsibility and that controls operate effectively;
• Preventing and detecting fraud as far as possible;
• Assessing the types of risk involved in the operations for which they are responsible;
• Reviewing regularly and testing the control systems for which they are responsible ;
• Ensuring that controls are being complied with and their systems continue to operate effectively, (this is key as most frauds occur because controls have not been enforced); and
• Implementing new controls to reduce the risk of similar fraud occurring where frauds have taken place.

Internal Audit

The prevention and detection of fraud within the Gallery is a management and staff responsibility however, Internal Audit can assist by:

• Delivering an opinion (as part of the internal audit three year cycle) to the Director and the Trustees on the adequacy of arrangements for managing the risk of fraud and advising the Gallery on how to promote an anti-fraud culture;
• Assisting in the deterrence and prevention of fraud by examining and evaluating the effectiveness of control commensurate with the extent of the potential exposure/risk in the various segments of the Gallery’s operations;
• Ensuring that management has reviewed its risk exposures and identified the possibility of fraud as a business risk;

Staff

Every member of staff is responsible for:

• Acting with propriety in the use of Gallery’s resources and the handling and use of Gallery funds whether they are involved with cash, receipts, payments, stock or dealing with contractors and suppliers;
• Conducting themselves in accordance with the seven principles of public life set out in the first report of the Nolan Committee “Standards in Public Life”. They are: selflessness, integrity, objectivity, accountability, openness, honesty and leadership;
• Being alert to the possibility that unusual events or transactions could be indicators of fraud;
• Being alert to the fact that certain work which staff undertake may expose them or their colleagues to a greater risk from corruption, and that they should seek guidance from senior management if they or their colleagues are offered any form of inducement;
• Alerting their line manager when they believe the opportunity for fraud exists e.g. because of poor procedures or lack of effective oversight;
• Reporting immediately, in accordance with the Fraud Response Plan (Appendix 1), if they suspect that fraud or corruption has been committed or see any suspicious acts or events; and
• Cooperating fully with whoever is conducting internal checks or reviews or fraud

7. Procedures

The Gallery has a Fraud Response Plan (Appendix 1) that sets out how to report suspicions and how investigations will be conducted and concluded.

8. Breach of the Policy

The Gallery views fraud and corruption extremely seriously. After proper investigation, the Gallery will take legal and/or disciplinary action in all cases where it is considered appropriate. Where a case is referred to the police, the Gallery will co-operate fully with police enquiries and these may result in the offender(s) being prosecuted. In all cases the Gallery will seek to recover assets where it can.

The consequences of breaching the Anti-Fraud Policy are set out in more detail in the Fraud Response Plan (Appendix 1).

9. Review

The Anti-Fraud Policy will be reviewed every three years or after any occasion of fraud has been identified. The next review is due April 2024.

10. Date of Approval

This updated Anti-Fraud Policy was reviewed and approved by Audit & Compliance Committee on 28 April 2021.

Appendices

• Fraud Response Plan
• Whistleblowing Procedure

APPENDIX 1

NATIONAL PORTRAIT GALLERY FRAUD RESPONSE PLAN

1) REPORTING SUSPECTED FRAUD

Where any member of staff suspects a fraudulent act has been or is being committed, s/he should immediately report it to the CFO. Staff should not confront the individual(s) they suspect of committing a fraud and should not discuss it with anyone before reporting their suspicions to the CFO. Staff may report directly or via the employee’s line manager or the Head of Human Resources. This disclosure may be made verbally or in writing and must be dealt with in accordance with the Gallery’s Whistleblowing Procedure (Appendix 2). Following this procedure will ensure that the matter is properly investigated and dealt with promptly and confidentially. It will also protect the employee from any recriminations that may arise from making the disclosure.

Should an employee feel that it would be inappropriate to report suspected fraud to the CFO then s/he may report it in writing to the Director or the Chair of the Audit & Compliance Committee, who will then arrange for an investigation to be carried out.

Failure by an employee to report a suspected or actual fraud may be construed as a disciplinary offence. In certain circumstances not reporting a suspected or actual fraud may be treated by the organisation as conspiracy to defraud even if the individual does not benefit directly from the fraud. If staff feel uneasy about using the reporting channels mentioned above, they may report their concerns to one of those individuals mentioned in the Whistleblowing Procedure (enclosed at Appendix 2), or contact the charity Public Concern at Work (on 020 7404 6609) who can offer impartial advice on how to proceed).

2) INVESTIGATING SUSPECTED FRAUD

Once a suspected fraud has been reported as above, it is the responsibility of the CFO to arrange for a thorough investigation to take place and to take the appropriate action. The CFO must discuss the report with the Director and then decide upon the appropriate investigative action to be taken. The CFO must immediately notify the Director about the allegation of fraud. The CFO is responsible for reporting all frauds to the Department for Culture, Media and Sport and to the Chair of Audit & Compliance Committee, and the NAO if appropriate.

If the suspected fraudulent activity is considered to be of a serious nature the CFO must call for the assistance of the local police. In such cases no attempt must be made by Gallery line managers or staff to question the employee(s) or third parties involved as this could prejudice future police investigations and subsequent prosecutions. If, after consideration of the allegations, the police decide to either arrest or question under caution the individual(s) concerned, then the employee(s) must be interviewed by the CFO and, after consultation with the Head of HR, formally suspended from duty (on full pay) for the period of the police investigations. Once the police have completed their investigations the employee(s) should be contacted as soon as possible and advised as to whether or not they are required to attend a formal disciplinary interview under the Gallery’s Disciplinary Procedure.

If the CFO decides, after consultation with the Director, that it is unnecessary to involve the local police s/he will arrange for the employee(s) line manager to hold a formal investigation and disciplinary interview with the individual(s) concerned in accordance with the Gallery’s Disciplinary Procedure, which includes the right of an employee to be accompanied by a trade union representative or work colleague at meetings and the procedure for appeal after a decision is made. If necessary another director can be requested to assist in investigating the allegations.

Where an allegation of fraud against an employee is substantiated, either by a police or internal investigation, the CFO should follow the disciplinary process as laid down in the Gallery’s Disciplinary Procedure. It is not necessary for the CFO to wait for the outcome of a police investigation or prosecution before taking action under the Disciplinary Procedure.

3) CIVIL RECOVERY PROCEDURES

Where an allegation of fraud is substantiated, the CFO will initiate legal action against the individual concerned (whether the individual is an employee or not) to recover, if appropriate, any losses sustained by the organisation. This course of action may be a requirement if the Gallery is seeking to cover the loss through insurance, as some claims may be invalidated if legal action has not been taken.

Where a bribe or other inducement has been paid by Gallery staff to an external party, the Gallery will seek to recover the bribe from the external party, if it is in the form of cash, or other asset with a monetary value, belonging to the Gallery. Gallery staff who have received bribes or inducements from an external party will be required to return them to the external party.

4) POST-INCIDENT INVESTIGATION

Once all disciplinary action has been completed the CFO will arrange for Internal Audit to carry out a post- incident investigation, if it is deemed appropriate. This will focus on identifying any specific areas or procedures that need to be improved or re-designed in order to prevent any further occurrence of the particular fraudulent activity. The CFO is then responsible for completing and submitting a final report on the fraudulent activity to the Director and the Audit & Risk Committee. This report should include the following points:

1. Details of the fraud, the loss to the organisation, how it was detected and the likely causes of the fraud;
2. Action taken to deal with the persons involved in the fraud;
3. Action taken to recover lost assets and funds; and
4. Lessons learned and actions taken to prevent recurrence of the fraud.

Any losses arising from the fraud must be recorded in the Losses Register held by the CFO. Individual losses over £250k will need to be reported in the Gallery’s annual report and accounts, in accordance with Annex.

APPENDIX 2

National Portrait Gallery Whistleblowing Policy

1. Introduction

Whistleblowing is when an individual knows, or suspects, that there is some wrongdoing occurring within an organisation and alerts the employer or the relevant authority accordingly.

The National Portrait Gallery (the Gallery) aims to conduct its business at all times with the highest standards of integrity and honesty. We expect all employees and workers to maintain the same standards in everything they do.

Everyone who works for us is encouraged to report any perceived wrongdoing by the organisation or its employees, workers, contractors or agents that falls short of these principles.

The Public Interest Disclosures Act 1998 protects employees and workers who report serious wrongdoings within the workplace. For a disclosure to be protected it must reasonably appear to the individual that it is in the "public interest¹".

This policy should not be used to question legitimate financial or business decisions taken by us, nor as a means of reconsidering any matters that have already been addressed under our grievance, disciplinary or other procedures.

This policy is not contractual but sets out the way in which we plan to manage such issues. We reserve the right to vary, amend or withdraw it at any time.

2. Scope of this policy

We encourage all who interact with us, including self-employed contractors and volunteers, to make use of the policy when necessary. The protections under the Public Interest Disclosure Act only apply to employees and officers of the Gallery including casual or agency workers, but we will aim to treat all reports to us in a confidential and appropriate manner. In this way we aim to make sure that concerns raised can be appropriately investigated.

3. Aims of this policy

This policy aims to assist us in the early identification of any inappropriate behaviour or practices within the Gallery and to provide a clear procedure for individuals to report to us any wrongdoing at work which they believe has occurred, or is likely to occur.

It aims to ensure everyone feels confident and able to raise any reasonable concern in the knowledge that it will be taken seriously, through offering protection to those who make a protected disclosure either during their employment (or duration of the contract/agreement) and also after this has ended, and enable them to take action in respect of any victimisation.

4. Responsibilities

The overall responsibility for implementing and monitoring the effectiveness of this policy rests with the Trustee Board.

Managers have a crucial role to play in encouraging individuals under their supervision to report any concerns they may have.

1 i.e. good decision-making by public bodies, in upholding standards of integrity, in ensuring justice and fair treatment for all, in securing the best use of public resources and in ensuring fair commercial competition in a mixed economy. This is not a complete list; the public interest can take many forms. (ICO)

Any individual who has knowledge of, or reasonably suspects, any fraud, theft or other suspicious or unlawful act taking place within the Gallery is required to report this using the procedure set out below.

Everyone, irrespective of their job or seniority, is required not to subject any other employee or worker to any detrimental treatment, nor harass or bully such an individual on the basis that they have raised a concern under this policy. They are also required not to encourage others to do so nor to tolerate such behaviour. Disciplinary action, including dismissal, may be taken against any employee found guilty of such behaviour. In addition, any individual who has victimised a colleague may be personally liable for any such victimisation.

5. Reporting concerns

Individuals are encouraged to use the procedure set out below if they have a concern about any of the following:

• wrongdoing at work, including any criminal offence
• a failure to comply with legal obligations or breach of any statutory Code of Practice (however, note that any complaint relating to an alleged breach of an employee's individual contract should be raised under our Grievance Procedure)
• a miscarriage of justice
• a breach, or potential breach, of health and safety legislation
• damage to the environment, or
• deliberate concealment of any of

This list is not exhaustive but indicates the types of concerns that should be raised:

• misuse of assets (including stock, equipment, buildings, computer hardware and software)
• failure to comply with appropriate professional standards
• bribery, corruption or fraud including the receiving or giving of gifts or hospitality in breach of our procedures
• falsifying records
• failure to take reasonable steps to report and rectify any situation which is likely to give rise to a significant avoidable cost, or loss of income to the organisation or would otherwise seriously prejudice the organisation
• abuse of authority
• using the power and authority of the Gallery for any unauthorised or ulterior purpose
• causing damage to the

The individual does not have to be able to prove the allegations, but should have a reasonable and genuine belief that the information being disclosed is true: some allegations may prove to be unfounded, but we would prefer the issue or concern to be raised, rather than run the risk of not detecting a problem early on.

A member of staff may choose to be accompanied by a trade union representative or a work place colleague at any stage of the procedure outlined in this policy.

The individual should discuss the matter with their Head of department in the first instance, providing as much information as possible about the concern. However, should they prefer (perhaps because the Head of department is unavailable, or indeed might be the cause of the concern), then a departmental Director (DG member) may be approached.

If there are appropriate reasons that the matter cannot be raised with Gallery management i.e. because they feel that senior Gallery staff are implicated in the matter, they may write in confidence to the Chair of the Audit and Risk Committee or the Chair of the Board of Trustees. Contact details are listed below.

Where requested, we will respect (so far as we can legally) the confidentiality of any whistleblowing complaint received, but cannot guarantee that the investigation process will not result in colleagues speculating on the identity of the whistle-blower.

It must be appreciated that it will be easier to follow up and verify complaints if the individual is prepared to give their name; unsupported anonymous complaints and allegations are much less powerful and therefore will be treated with caution.

We recognise there may be matters that cannot be dealt with internally and external authorities (such as the Police, the Health and Safety Executive or internal or external auditors) may need to become involved. Where this is necessary, we reserve the right to make such a referral without the individual’s consent.

If the matter requires further investigation, this will be carried out and the individual raising the concern will be informed of the outcome of the investigation and what action, if any, has been taken. Where such investigation involves outside agencies (e.g. the Police), this may cause some delay in the investigation and individual will be kept updated on the timescale within which it is expected that a response to the complaint will be provided.

The individual will be provided with a written response of the outcome of their complaint/the investigation.

If the individual raising the concern remains unhappy about the speed or conduct of the investigation, or the way in which the matter has been resolved, they should refer the matter to:

Dr Nicholas Cullinan, NPG Director

When an individual continues to feel that there has not been a satisfactory response by Gallery management or if they wish to raise the matter with someone independent of senior Gallery staff, they may write in confidence to one of the following:

Chair of the Audit and Risk Committee
Mr Roger Blundell FCA, Grosvenor Limited, 70 Grosvenor Street, London, W1K 3JP [email protected]

Chair of the Board of Trustees
Mr David Ross, 10 St James’s Place, London, SW1A 1NP [email protected]

Individuals can also contact Protect for confidential and independent advice about whistleblowing. Their details are Tel: 020 3117 2520, Email: [email protected], Website: https://protect-advice.org.uk

Please note that whomever the individual raises the whistleblowing complaint to, the Gallery has statutory duties that need to be compiled with and all whistleblowing incidents are reported to the Audit & Risk Committee.

6. Alerting outside bodies to a potential wrongdoing

The individual should always, in the first instance, raise a concern about a wrongdoing or potential wrongdoing by following the procedure outlined above. If the individual has exhausted the internal procedure however, and is still not satisfied with the response, they are entitled to contact a relevant external body to express their concerns. In doing this, the individual should:

• have a reasonable belief that the allegation is based on correct facts
• make the disclosure to a relevant body, and
• have a reasonable belief it is in the public interest to make the

A “relevant body” is likely to be a regulatory body, e.g. the Health and Safety Executive, Financial Services Authority or:

The Comptroller and Auditor General, National Audit Office
Gareth Davies, Comptroller and Auditor General, National Audit Office, 151 Buckingham Palace Road, London, SW1W 9SS

There is also a National Audit Office whistleblowing helpline on 020 7798 7999

The Permanent Secretary at DCMS
Ms Sarah Healey, Permanent Secretary, Department for Digital, Culture, Media & Sport (4th Floor), 100 Parliament Street, London, SW1A 2BQ

Naturally, matters referred to any of the above should not be trivial, and referrals to the Permanent Secretary should be a last resort.

The media, including social media, is not a relevant external body, and individuals should not contact the media regarding concerns about the organisation.

7. Protection against detriment

We aim to ensure that no-one who makes a bona fide report under this policy will be subjected to any detriment as a result. If any individual feels that they are being subjected to detrimental treatment, bullying or harassment by any person within the organisation (including their colleagues and co-workers) as a result of the decision to invoke this policy, they must inform HR immediately and appropriate action will be taken to protect them from any reprisals.

However, if it should become clear that the policy has been invoked for malicious reasons or to pursue a personal grudge, this will constitute misconduct and will be managed in accordance with our Disciplinary Policy.

Furthermore, if the individual does not follow the procedure set out above, the protection against detriment will not apply. Disclosing information in an inappropriate way (e.g. by contacting the media) could result in disciplinary action being taken, which could include dismissal.

8. Ex-employees and workers

Any protected disclosures made by ex-employees or workers after the termination of their employment/contract will be dealt with under this policy. In such cases, we would normally ask that the individual sets out the details of their concern in writing and we will then respond in writing, having undertaken such investigation as we deem to be appropriate.

9. Data protection

When an individual makes a disclosure, the Gallery will process any personal data collected in accordance with our Data Protection Policy. Data collected from the point at which the individual makes the report is held securely and accessed by, and disclosed to, individuals only for the purposes of dealing with the disclosure.

Inappropriate access or disclosure of employee data constitutes a data breach and should be reported in accordance with our Data Protection Policy immediately. It may also constitute a disciplinary offence, which will be dealt with under our Disciplinary Procedure.

10. Implementation, monitoring and review of this policy

This policy was reviewed and approved by the Audit and Risk Committee on 21 June 2021. The policy will take effect from 1 July 2021. It will be reviewed on a regular basis following its implementation and may be changed from time to time.

The nature of any whistle blowing allegation and the result of any investigation will be reported to the Audit and Risk Committee annually in order for the Committee to consider the impact on the Gallery.

Any queries or comments about this policy should be addressed to HR.

Appendix 1 – Flowchart showing reporting concerns process

Discuss concerns in first instance with Head of Department

If unable to discuss with Head of Department, raise concerns with a Departmental Director

↓

If the matter requires further investigation under the threshold of the policy, this will be carried out and the individual raising the concern will be informed of the outcome of the investigation and what action, if any, has been taken.

The individual will be provided with a written response of the outcome of their complaint/the investigation. This step will be followed at every level, for example when a concern is raised with internally or with the Chair of the Audit and Risk Committee or Chair of the Board of Trustees.

↓

If the individual raising the concern remains unhappy about the speed or conduct of the investigation, or the way in which the matter has been resolved, they should refer the matter to:

Dr Nicholas Cullinan, NPG Director

↓

When an individual continues to feel that there has not been a satisfactory response by Gallery
management or that there are appropriate reasons that the matter cannot be raised with Gallery
management i.e. because they feel that senior Gallery staff are implicated in the matter, they may write in confidence to one of the following:

Chair of the Audit and Risk Committee
Mr Roger Blundell FCA, Grosvenor Limited, 70 Grosvenor Street, London, W1K 3JP
[email protected]

Chair of the Board of Trustees
Mr David Ross, 10 St James s Place, London, SW1A 1NP
[email protected]

↓

If the individual has exhausted the internal procedure and is still not satisfied with the response , they are entitled to contact a relevant external body to express their concerns.

A relevant body is likely to be a regulatory body, e.g. the Health and Safety Executive, Financial Services
Authority or:

The Comptroller and Auditor General, National Audit Office
Gareth Davies, Comptroller and Auditor General, National Audit Office, 151 Buckingham Palace Road, London, SW1W 9SS

There is also a National Audit Office whistleblowing helpline on 020 7798 7999

The Permanent Secretary at DCMS
Ms Sarah Healey, Permanent Secretary, Department for Digital, Culture, Media & Sport (4th Floor), 100 Parliament Street, London, SW1A 2BQ