Are current fraud-detection processes failing? 43% of fraud detection comes from tips not tech and fraudulent activity typically runs for 12 months before detection. As a result, the Association of Certified Fraud Examiners finds that organisations can lose 5% of revenue to fraud every year (ACFE[1]).

This suggests that current systems are not up to scratch. Technology should be better at spotting fraud and unusual activity. This can help to improve efficiencies and the culture of integrity throughout the organisation. It’s time for your technology to step up.

Transparency and Fraud Prevention are in the Spotlight.

The UK government and regulatory bodies are focusing on economic crime. New legislation will come into effect in the next twelve months that will mean organisations need to review their anti-fraud systems and preventative measures. This is in response to an increased prevalence and complexity of fraud and economic crime.

The new legislation includes the ECCTA and changes to the UK Corporate Governance Code, informally known as UK SOx. What does your organisation need to do to ensure it not only complies with the new changes, but turns this into an opportunity to improve efficiency?

The Economic Crime & Transparency Act (ECCTA) Comes Into Force in 2025

In September, the ECCT Act will introduce the new corporate offence of failure to prevent fraud. It aligns with two previous Acts; the Bribery Act 2010 and the Criminal Finances Act 2017, which introduced similar failure-to-prevent offences. Under this new provision, an organisation will be held criminally liable if a person associated with it (such as an employee, agent, or subsidiary) commits fraud for the organisation’s benefit, and if the organisation failed to implement reasonable fraud prevention procedures.

This will have an impact on senior teams. The ECCTA legislation aims to reduce economic crime by strengthening corporate accountability. Senior teams will no longer be able claim that they didn’t know fraud was happening. The offence applies even if senior management was unaware of the fraudulent activity. So, from September 2025, companies will need to demonstrate that they have put processes in place that detect risks and errors, even across large, multi-national accounting systems.

Organisations that fail to implement what the Act describes as ‘reasonable fraud prevention measures’ could face significant penalties. These can include; unlimited fines, reputational damage and legal actions. If a case reaches court, proof that “reasonable” measures were in place provides the senior team with a  defence.

For corporates, this marks a shift in liability. Although all large organisations will have anti-fraud systems in place, these must be reviewed and likely improved, to ensure they are structured, automated, documented and auditable. Failure to do so could result in severe legal, reputational and financial consequences. (Large organisations are those which have two of these three criteria: over 250 employees, more than £36m turnover, more than £18m in total assets).

Changes to the UK Corporate Governance Code Apply from 2026 (UK SOx)

The Financial Reporting Council (FRC) is tightening up its guidance under the UK Corporate Governance Code. It will look to further enhance audit controls, increase shareholder transparency and ensure accurate reporting. Developments include an explicit declaration requirement for material controls covering financial, operational, reporting and compliance sections of the organisation. The definition of material controls is to be set by the organisation.

This update is informally known as UK SOx, a reference to the American Sarbanes Oxley Act. In the USA, the SOx Act resulted in almost 80% of US-listed companies improving the overall quality of information in the audited financial statements[2]. The FRC is presumably looking for a similar improvement, although it is not suggesting a direct copy of US SOx. Amongst other differences, the UK changes to the Corporate Governance Code will not just focus on internal controls on financial reporting, but also cover operational, reporting and compliance controls.

What Does this Focus on Fraud Prevention Mean for Leadership Teams?

All large organisations will have anti-fraud systems in place. Now is the time to check that these are up to the new standards.

Compliance and senior leadership teams need to ask:

• Are the existing processes structured, automated, documented and auditable?
• Are they robust enough to stand behind when faced with the new corporate offence of failure to prevent fraud?
• Do they cover operations, compliance and reporting, not just the financial side?
• What needs to change in order to ensure you have ‘reasonable measures’

Compliance is also an opportunity. Reviewing systems and process is a chance to improve efficiencies and bring in new technology that does more than just ensure compliance with new regulation. It should drive the whole business forwards too. Compliance can lead a culture of integrity, by re-establishing fraud prevention methods and standards across the organisation.

The UK government has outlined six key principles to help. These form the foundation of an effective fraud prevention framework. Senior teams could work through these to establish their risk criteria and build a method to install reasonable processes.

• Top-level commitment: Establishing a strong anti-fraud culture starts at the top.
• Risk Assessment: identify types of people in the business and consider them alongside the three elements of the fraud triangle: opportunity, motive, rationalisation.
• Proportionate risk-based prevention: Check that policies are regularly updated, and supported by an audit trail.
• Third-party due diligence: The ECCT Act will require companies to screen and monitor business partners, suppliers, and intermediaries to ensure adherence to ethical standards.
• Communication and training: Regular training sessions should educate employees, contractors, and partners on fraud risks and reporting procedures.
• Monitoring and review: When was the last time the controls were reviewed and updated?

The ECCTA and UK SOx are an opportunity. Complying with the new regulation that is coming is also a chance to improve systems and processes across the organisation. It can revitalise the business, bring a renewed focus on anti-fraud methods and focus on integrity.

There are many gains to be had. With ECCTA coming and more legislation following, now is the time to review your compliance systems and processes.

Olivier Cornet is UK Country Manager at geoficiency

References:

[1] Association of Certified Fraud Examiners. Report to the Nations 2024 https://www.acfe.com/-/media/files/acfe/pdfs/rttn/2024/2024-report-to-the-nations.pdf

[2] According to a poll by the Center for Audit Quality in 2017