Enforcement decision tree

Page last updated: 22 February 2024

Downloads

Stage 1: Initial assessment

We can become aware of incidents and events that could warrant civil and/or criminal enforcement action from several sources. Some examples can include:

  • information gathered through our assessment process and/or in notifications from providers.
  • safeguarding alerts
  • instances of whistleblowing
  • RIDDOR or coroners’ reports
  • complaints
  • information from the public.

When this happens, the first stage of the process is to conduct an initial assessment to consider what response is appropriate from the full set of options available.

The options at this stage include:

  • gathering more information
  • referring the concern or sharing the information of concern with another public body
  • progressing to Stage 2 of the decision tree and considering what enforcement action to take.

During the initial assessment stage, we need to ensure that we respond properly to information about a possible breach of a legal requirement. We recognise that each case is different, so we can use a wide range of options where there are potential breaches. It is not feasible or proportionate to follow up every potential breach of a legal requirement. However, information about every potential breach should prompt some action. For example:

  • all safeguarding alerts should be reviewed
  • notifications and/or incident reports should be reviewed by the appropriate colleague
  • any concerns identified should be assessed in more detail before deciding.

Where initial enquiries do not provide assurance that people using regulated services are reasonably protected from harm – and when they suggest that a provider or individual may need to be held to account for a breach – escalation to enforcement and Stage 2 of the decision tree should be considered.

Where a matter is escalated, a Decision-Making Meeting (DMM) or Management Review Meeting (MRM) should be convened to decide on the most appropriate next step.

The DMM or MRM follows a defined decision-making structure that includes mandatory steps and a quality framework to help drive consistency. The process continually reviews decisions about what enforcement action we should take – if any – until we reach a decision. The CQC decision-maker is identified in the appropriate decision-making methodology. This may be either the Scheme of Delegation or the Framework of Operational Delegations and Assurance (FODA). Each process has a defined structure that includes mandatory steps and a quality framework to define consistency. It also prompts us to document the rationale for all decisions, which in turn provides a clear audit trail.

The DMM/MRM will consider the full range of possible responses. We expect that relatively few cases will move from initial assessment straight to Stage 2, as we will need to make further enquiries for most concerns.

In making the decision to move to Stage 2:

  • We will bear in mind the importance of working co-operatively with registered persons.
  • We will be mindful of our limited enforcement resources.
  • We will have regard to criteria set out at Stages 2 and 3.
  • We will have regard to any enforcement priorities in our business plan
  • We will check whether the facts as we understand them support a case where:
  • there has been a serious breach of the provider’s legal duties.
  • where we are best placed to take the lead
  • where it is feasible to collect evidence.