Public Sector Buyers · DESNZ · Major Projects · MSPs · RM6310 · OPRaaS Platform
The National Audit Office’s report on Sizewell C is not only a judgement on one nuclear programme. It is a reminder of how public-sector value for money is tested when risk, cost, delivery and accountability sit across a long chain of suppliers.
Sizewell C is exceptional in scale, but not in governance principle. The NAO’s scrutiny of the programme, including its £38 billion-plus cost profile, long delivery horizon and risks to taxpayers and billpayers, shows the standard now expected of major public programmes: not simply that a delivery model exists, but that it can be evidenced, challenged and defended after the fact.
For public-sector buyers, major project boards, MSPs and framework-led procurement teams, that value-for-money question now reaches directly into the labour supply chain. Where is the dated evidence that the chain was mapped? Where is the proof that suppliers were checked? Where is the record of what was found, what was challenged, what was remediated and what decisions were taken?
That is the operating space OPRaaS has been building around for public-sector buyers: PAYE and Labour Supply Chain Assurance as a continuous evidence discipline, not a once-a-year compliance exercise.
Why Sizewell C matters beyond nuclear
The Sizewell C programme is a major public infrastructure project with exceptional political, financial and energy-security significance. The NAO noted that DESNZ will need to monitor risks to taxpayers and billpayers closely, while the Public Accounts Committee chair warned that the risks are immediate, substantial and borne by the public.
But the wider lesson is not limited to nuclear power.
The same value-for-money test applies across major public-sector programmes: energy, defence, transport, NHS estates, digital transformation, education estates, housing, infrastructure and local-government delivery.
The question is always the same: did the public body understand the risks in the delivery model, price those risks properly, manage the supplier chain actively, and evidence the decisions it made when challenged later by the NAO, the Public Accounts Committee, HMRC, internal audit or another oversight body?
For large programmes, the labour supply chain is part of that answer. It is not a side issue. It is often one of the largest, most dynamic and least visible cost-and-risk lines in the operating model.
The hidden value-for-money question: who is really in the labour chain?
Major public programmes rarely run on simple employment structures.
They rely on a mixture of permanent teams, consultants, specialist contractors, interim leaders, recruitment agencies, MSPs, umbrella companies, professional employer arrangements, subcontractors and project-specific delivery partners.
On paper, the procurement route may look controlled. In practice, the labour chain may include:
- framework-appointed recruitment agencies;
- second-tier and third-tier suppliers;
- MSP-orchestrated supplier panels;
- umbrella companies handling PAYE for agency workers;
- CIS-engaged subcontractor chains on construction-heavy programmes;
- direct-engagement arrangements for specialist interim roles;
- consultancy-style statements of work;
- off-payroll workers requiring IR35 assessment;
- worker populations moving between projects, suppliers and engagement models.
That is where public-sector risk becomes difficult.
The buyer may have procured through an approved framework. The MSP may have a supplier list. The agency may have terms in place. The umbrella may state that PAYE is being operated correctly. But in 2026, that is not enough.
HMRC’s GfC12 guidance is explicit that organisations should strengthen assurance practices and identify, mitigate and reduce labour supply chain risks. It also explains HMRC’s focus on tax risks and illegal working practices across labour supply chains.
The public-sector question is therefore no longer:
“Did we appoint the right supplier?”
It is:
“Can we evidence how the labour chain was governed, tier by tier, throughout the life of the programme?”
Value for money now depends on evidence, not reassurance
Supplier reassurance is not the same as supplier assurance.
A public-sector buyer can ask an MSP whether its agencies are compliant. An MSP can ask an agency whether its umbrellas are compliant. An agency can ask an umbrella whether PAYE, Right to Work, identity and worker-payment checks are in place.
But a value-for-money review, an HMRC enquiry or a supplier challenge will not be satisfied by the fact that questions were asked.
The test is evidence.
What was checked?
When was it checked?
Who checked it?
What exceptions were found?
What changed as a result?
Which suppliers were escalated, remediated, suspended or exited?
This is where the public-sector labour supply chain becomes a board-level issue. The risk does not sit neatly in procurement, HR, finance, tax, legal or contract management. It sits across all of them.
The same dated evidence record may need to satisfy multiple scrutiny points:
- NAO value-for-money review;
- Public Accounts Committee scrutiny;
- HMRC GfC12 expectations;
- Joint and Several Liability exposure;
- Procurement Act 2023 supplier oversight and exclusion decisions;
- RM6310 audit and assurance requirements;
- internal audit;
- departmental governance;
- programme board assurance.
Different lenses. Same facts. One evidence discipline.
Why RM6310 buyers need a stronger labour supply chain evidence model
RM6310, Audit and Assurance Services Two, gives central government and the wider public sector access to audit and assurance services across four lots, including external audit and other independent assurance.
That matters because RM6310 sits directly in the world of evidenced oversight.
For public-sector buyers, the issue is not only whether assurance can be bought. It is whether the organisation has a live enough evidence base for assurance to mean anything.
A labour supply chain audit cannot be built from fragments, screenshots and supplier promises after an issue has already surfaced. It needs a structured record.
A public-sector buyer needs to know which suppliers are in the chain, which workers are in scope, which umbrellas are operating PAYE, which engagements carry IR35 risk, where CIS applies, where Right to Work and identity checks sit, where RTI and payslip evidence is sampled, and how exceptions are handled.
That is the difference between a framework-led procurement process and a defensible Labour Supply Chain Assurance model.
What Labour Supply Chain Assurance should look like on a major public programme
For a major public-sector programme, a credible Labour Supply Chain Assurance record should capture:
- a tier-by-tier map of the labour supply chain;
- agencies, sub-agencies, MSPs, umbrellas, PEOs and subcontract chains;
- worker-level onboarding evidence;
- Right to Work, identity, National Insurance and bank-detail checks;
- IR35 status-determination records where relevant;
- CIS verification and deduction evidence on construction tiers;
- umbrella PAYE assurance;
- RTI and payslip sampling;
- bank-payment reconciliation;
- duplicate National Insurance, bank-detail clustering and synthetic-identity risk indicators;
- supplier red flags;
- remediation actions;
- escalation decisions;
- supplier suspension or exit decisions;
- dated evidence capable of being produced to HMRC, internal audit, a framework authority, the NAO or a programme board.
This is not bureaucracy for its own sake. It is the operating record that shows the public-sector buyer understood the labour chain, governed it actively and responded when the evidence required action.
The OPRaaS Virtual Compliance Director for public-sector buyers
The OPRaaS Virtual Compliance Director was built to operationalise Labour Supply Chain Assurance for organisations that rely on temporary, contractor and contingent labour.
OPRaaS, On-Pay-Roll-as-a-Service, is a systemised governance and workforce management partner for buyers, agencies, umbrellas, MSPs and major programme teams that need to evidence control across PAYE, JSL, IR35, CIS, GLAA, modern slavery and wider HMRC labour supply chain expectations.
For public-sector buyers, the OPRaaS VCD platform brings the labour chain into an evidence-led governance model. It gives the buyer, MSP, agency and umbrella a structured way to move beyond reassurance and into active assurance.
The operating model is simple:
Map. Train. Audit. Evidence.
In public-sector practice, that means:
- mapping every tier of the contingent labour chain;
- identifying agencies, MSPs, umbrellas, PEOs, subcontractors and worker populations;
- training procurement, contract-management, HR, finance and programme teams on JSL and GfC12 signals;
- auditing agencies and umbrellas against the Labour Supply Chain Assurance standard;
- sampling worker, PAYE, RTI, payslip, bank-payment, IR35 and CIS evidence;
- recording exceptions and remediation actions;
- producing a continuous, audit-ready OPRaaS VCD evidence file for PAYE and Labour Supply Chain Assurance.
What the OPRaaS VCD evidence system records
The OPRaaS VCD evidence system is designed to give public-sector buyers a dated, structured record of how the labour supply chain was governed, tier by tier, over time.
For example, every agency and umbrella on a programme’s supplier list can be audited against the GfC12 standard at defined intervals. Right to Work, identity, bank-detail and National Insurance checks can be captured and reviewed. Material changes and pay-run anomalies can trigger re-checks.
RTI submissions, payslips and CIS verification records can be sampled monthly and reconciled against bank payments. Duplicate National Insurance numbers, bank-detail clustering, unexplained worker patterns, phoenix risk and other indicators of synthetic-identity or payroll non-compliance can be escalated.
Where issues arise, the OPRaaS VCD evidence system records the anomaly, the decision, the remediation action and the supplier-level outcome.
The purpose is not to claim immunity from Joint and Several Liability. There is no statutory safe harbour under Chapter 11 of ITEPA 2003.
The purpose is to reduce the likelihood and impact of exposure, improve programme control, and evidence the public-sector buyer’s due diligence on the day HMRC, internal audit, a framework authority, the NAO, the Public Accounts Committee or another oversight body asks:
“What did you know, when did you know it, and what did you do about it?”
Why this is now a board-level conversation
For public-sector buyers, central-government departments, NHS bodies, NDPBs, local authorities, major project boards and tier-one MSPs, the labour supply chain is no longer only a resourcing mechanism.
It is part of the value-for-money case. It is part of the supplier-risk model. It is part of the tax-risk environment. It is part of the audit file. It is part of the evidence that determines whether a major programme can withstand scrutiny after the fact.
The Sizewell C report is a high-profile reminder of the scrutiny now applied to public-sector delivery models. The lesson for other programmes is not that every project is Sizewell C. It is that public-sector buyers need to evidence how risk was understood, governed and controlled across the chain.
For labour supply chains, that evidence cannot be assembled retrospectively.
It has to be built every day.
Talk to OPRaaS about your public-sector labour supply chain
A thirty-minute scoping call will show how the OPRaaS VCD platform applies the GfC12 assurance standard to your public-sector labour supply chain and produces a continuous, audit-ready evidence file for PAYE and Labour Supply Chain Assurance.
For public-sector buyers, MSPs, recruitment agencies, umbrella companies and major programme teams, the goal is clear:
Own your compliance as an asset. Evidenced, every day.
Use the contact form in the sidebar to the right of this article, or email info@opraas.co.uk.
Read next
Sources and references
Drawing on the National Audit Office report on Sizewell C, published 20 May 2026; reporting by The Guardian and Financial Times on the report’s cost, risk and consumer-benefit findings; HMRC Guidelines for Compliance GfC12; HMRC’s guidance on labour supply chain risks; the Finance Act 2026 section 24 inserting Chapter 11 of Part 2 of ITEPA 2003; the Procurement Act 2023; UK Government Commercial Agency framework information for RM6310; and ONS temporary employment data where relevant.
Talk to OPRaaS about your supply chain.
Use the contact form in the sidebar to the right of this article, or email info@opraas.co.uk.
This article is published for general information and educational purposes only. It is believed to be accurate at the time of publication and reflects the legislation, HMRC guidance, and market practice referenced. It is not legal, tax, employment, accounting, or regulatory advice and should not be relied upon as such. Compliance obligations vary by organisation, supply chain, and engagement type; please consult your own qualified legal, tax, or compliance advisor before acting on any point covered here. Any images, screenshots, dashboards, or platform displays shown are for illustration and reference purposes only and do not necessarily depict the live OPRaaS platform, live customer data, or actual on-screen output. Trademarks, framework names, and statutory references remain the property of their respective owners. While we take every care, errors can occur; if you spot an inaccuracy, please let us know at info@opraas.co.uk.