Fraud risk management

The Economic Crime and Corporate Transparency Act 2023 (ECCTA 2023) introduced a corporate offence of failure to prevent fraud, in force from 1 September 2025.

Practice Note: How to manage fraud risk summarises the main elements of the failure to prevent fraud offence introduced through ECCTA 2023 and covers government expectations of the procedures organisations should have in place to prevent fraud and resulting compliance issues.

Failure to have such procedures in place can leave the organisation exposed to criminal offences, but you should also consider how to prevent your organisation falling victim to fraud. While these are different elements of fraud prevention, the risk management steps and preventative measures taken by commercial organisations are likely to be very similar. For this reason, both aspects of fraud risk management are covered in our content.

There are various ways fraud can occur internally and externally. In view of the ever changing tactics and increasing sophistication of frauds, you should ensure you and your staff and associates keep fraud risk management knowledge up to date.

Awareness is often the best defence against fraud.

The failure to prevent

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

TAKE A FREE TRIAL

Latest Practice Compliance News

Commission issues Guidelines on prohibited AI practices under AI Act

The European Commission has published Guidelines on prohibited artificial intelligence practices as defined by Regulation (EU) 2024/1689 (AI Act). These non-binding guidelines aim to ensure consistent application of the Act across the EU by providing legal explanations and practical examples of unacceptable AI practices. The document covers areas such as harmful manipulation, social scoring, and real-time remote biometric identification. Whilst approved, the guidelines await formal adoption and emphasise that authoritative interpretations remain the purview of the Court of Justice of the European Union.

ICO launches direct marketing advice generator to help organisations comply with the law

The Information Commissioner's Office (ICO) has introduced a free online tool called the direct marketing advice generator to assist organisations in ensuring their direct marketing activities comply with the Privacy and Electronic Communication Regulations (PECR) and UK GDPR. This tool, primarily designed for small organisations, provides tailored compliance advice covering various marketing channels including email, SMS, direct mail, social media, and telemarketing. The tool aims to simplify data protection compliance, enabling organisations to efficiently access relevant guidance and avoid potential complaints and financial penalties.

Despite divisive political rhetoric, DEI is alive and well

Law360: DEI is dead. Long live DEI. Findings in the World Economic Forum report published in January 2025 raise the question of whether reports of the death of diversity, equity and inclusion (DEI) are, in fact, exaggerated. Christine Young, partner and Joshua Peters, associate at Herbert Smith Freehills LLP discuss the current position of DEI initiatives and the possible direction of travel in 2025 in the UK and US, and set out some tips for employers in light of the EU Pay Transparency Directive and the UK government’s proposed Equality (Race and Disability) Bill.

DSIT publishes response to call for views on AI cyber security

The Department for Science, Innovation and Technology (DSIT) has published its response to the call for views on the cyber security of artificial intelligence (AI). The response outlines strong support for the proposed two-part intervention: a voluntary Code of Practice and development of a global standard. DSIT has updated the Code based on feedback, including adding a new principle on end of life and updating stakeholder groups. An implementation guide has been created to support organisations, particularly SMEs, in adopting the Code. The government will now take the updated Code and guide to the European Telecommunications Standards Institute (ETSI) to develop a new global standard for AI cyber security.

View Practice Compliance by content type :

News