By James Hardy, Forensic Analyst at Milsted Langdon
According to government statistics, it is estimated that fraud was the most common crime in 2022, accounting for 41 per cent of all offences. However, typically fraud has been underreported so this figure may well be higher.
In a bid to tackle fraud, the Government has introduced the Economic Crime and Corporate Transparency Act 2023, which received Royal Assent in October 2023 and is expected to come into force in 2024.
The Act brings in the biggest changes to Companies House since corporate registrations were established in 1844.
As well as enhancing the role of Companies House in fraud prevention, the Act has created a new offence, known as “failure to prevent fraud”, aimed at encouraging businesses to identify and prevent fraudulent transactions at the source.
What does this mean for businesses?
This Act means that businesses are required to take reasonable steps to prevent fraud from occurring.
Whilst many businesses will already have procedures in place, with new regulations, the Government is seeking to tackle those who do not seek to prevent fraud and expose their customers and suppliers to undue risk.
In practice, it may mean that businesses need to reevaluate their approach to fraud prevention and asses their operations for weaknesses. At the very least, it will require them to review and assess their procedures on a regular basis to ensure that they are still fit for purpose.
Who can be convicted?
In its current form, the Act states that only large organisations fall into the scope of the offence. “Large” is defined as having two of the following; more than 250 employees, £36 million or more in turnover and more than £18 million in total assets.
This will also apply to a parent company if the parents and its subsidiaries in aggregate meet at least two of the criteria.
If convicted of the offence, an organisation could receive an unlimited fine, which will decided by the Court.
One important note is that, while individuals can already be prosecuted for committing or assisting fraud, they cannot be prosecuted for failing to prevent fraud under the new law.
Taking steps to prevent fraud
New legislation requires all large businesses – including charities and other organisations – to have reasonable fraud prevention measures in place. These might include:
- Using secure authentication methods
- Implementing secure payment methods
- Encrypting sensitive information
- Staff training on common types of fraud
- Random inventory and financial checks
- Education for customers on how fraudsters may target them
If the risk of fraud is very low or non-existent, then it may also be considered reasonable to have no measures in place.
However, it is difficult to identify which organisations would match these criteria but, if they do, it will be key to document the thought process in reaching that conclusion in case the organisation is subject to fraud at some point in the future.
Leadership and training will be key. Policies and procedures indicating best practices are important but will not work unless fraud prevention forms part of the culture of the business.
Protecting your business
We’re likely going to see an increase in corporate responsibility when it comes to preventing fraud, particularly for larger businesses. As this happens, business owners and decision-makers may well need to turn to expert support.
This legislation cannot be ignored by any business. Whilst it is aimed at large businesses, fraud prevention is likely to be inserted into contracts with suppliers as such companies will be deemed to be “associated” with the organisation in question.