Director Briefing - The UK’s Fraud Risk Regulatory Landscape

As the scale of fraud in the UK continues to increase rapidly, the Home Office has said it will continue to work intensively with partners across government, law enforcement and industry to protect the public and businesses. In implementing the national economic crime plan, UK governmental agencies are forming closer intelligence sharing relationships and changing their focus from Pursue to Prevent. Fraud also remains high on the FCA’s agenda and we expect to see an associated increase in scrutiny of firms’ systems and controls, around fraud prevention and detection.

In line with these objectives, we touch on three reforms currently passing through parliament which will place greater obligation on organisations to prevent fraud.

1) Directors’ Material Fraud Statement

A requirement for directors to present in their Directors Report, a statement identifying material fraud risks, their approach to fraud risk assessment and preventative measures.

Under proposed amendments to the Companies Act 2006, directors of UK-incorporated companies with more than 750 employees and turnover of greater than £750m will be required to publish a material fraud statement in their Directors Report, describing the steps they have taken to prevent and detect material fraud. The material fraud statement will need to summarise the directors’ assessment of material fraud risks relevant to the company’s business, including how the directors have assessed the company’s susceptibility to fraud and the types of fraud considered. They will also be required to describe the measures put in place to prevent and detect the occurrence of material fraud and any new measures taken during the year or planned for the next year.

Materiality is expected to be by reference to influencing the decisions of shareholders and the requirement will be effective for periods commencing on or after 1 January 2025 for listed companies and a year later for other companies.

This requirement is expected to present a challenge for companies in formalising their fraud risk assessments and associated controls in order to support the directors statement and for their statements to withstand scrutiny.

2) The “Failure to Prevent Fraud” Offence

The new Offence may increase corporates’ exposure to severe financial and reputational damage.

Until now, prosecutions for fraud were mostly against individuals - this Offence makes it easier for authorities to prosecute organisations. The Offence is introduced as an amendment to the Economic Crime and Corporate Transparency Bill which captures a broad range of dishonest acts, including fraud, bribery, money laundering and false accounting.

The Bill outlines that once a fraud is uncovered, if it is determined that the fraudulent act was intended to benefit the organisation and that it was perpetrated by an ‘associated person’ (someone acting for the company), then that organisation will have committed an offence. The penalty is potentially unlimited fines, however as a defence, the organisation must be able to demonstrate it had reasonable procedures in place to prevent the fraud from occurring, or demonstrate it was not reasonable to expect the company to have any relevant prevention procedures in place. Guidance on 'reasonable prevention measures’ will be published in due course and the Offence will not be enforced until that guidance is made available.

The Offence is in addition to existing criminal offences and intends to make it easier to prosecute corporates, even if the fraud was unknown to senior management.

3) The Online Safety Bill

The Bill will now require the largest social media platforms and search engines to tackle fraudulent advertising.

This Bill represents a wide reform of online advertising regulations, including greater powers for regulators to tackle user harm, including fraudulent advertising. Under the current draft of the Bill, search engines and online platforms, such as Facebook, Google and X (formerly Twitter), will have a duty of care to protect users from both user-generated scams and paid fraudulent adverts (amongst other types of user harm). These fraud offences will include unlicensed financial promotions, impersonation of legitimate businesses, as well as the offences defined in several other existing Acts of Parliament.

These platforms will be required to put in place proportionate systems and processes to prevent fraudulent advertising. Considerations for proportionality will include the nature, and severity of potential harm to individuals. Breaches may result in fines of up to £18m or 10 percent of annual global turnover and criminal action might also be taken against senior managers who fail to comply with information requests from Ofcom.

Actions Firms Should Consider

Whilst these Bills progress through Parliament, companies should start considering the actions they need to take to prepare for the challenges posed in demonstrating reasonable and proportionate fraud prevention measures, rooted in a formalised fraud risk management framework.

Please get in touch if you would like to discuss any of these topics and what it means for your organisation.