Let’s start with a question: Was fraud prevention ever just a finance function?
After 27 years working in fraud prevention across the private, public, and third sectors, I can confidently say the answer is no.
Throughout my career, I’ve seen fraud fall under the remit of Audit, Risk, Legal, Compliance, Governance, Security, the Chief Information Security Officer (CISO), and, yes, Finance. But wherever it sits, the most important thing is this: fraud prevention must be a collaborative effort, and ultimate responsibility should lie with the Senior Leadership Team and the Executive Board. This is what’s known as “tone from the top,” and it matters more now than ever.
Fraud is a cultural issue, not just a department
Why is this leadership-level commitment so critical? Because without a top-down approach to promoting a counter-fraud culture, how can we expect employees, suppliers, contractors, or clients to take fraud prevention seriously?
When people see colleagues committing fraud and quietly exiting the business on a Friday afternoon with no real consequences, it sends the wrong message. It tells others that fraud isn’t a big deal, and that’s a dangerous precedent.
Fraud prevention isn’t just about processes and checklists. It’s about accountability, consequences, and culture.
So, where should fraud sit?
In truth, it no longer matters where fraud “sits” within your organisation. What matters is that everyone, from the boardroom to the frontline, is aware of their role in prevention.
This brings us to a vital piece of legislation: the Economic Crime and Corporate Transparency (ECCT) Act 2023, and in particular, the new Failure to Prevent Fraud offence, which comes into force on 1 September 2025.
With fewer than four months to go (and much of that overlapping with school holidays), time is short to ensure your organisation is prepared.
Will your organisation be affected?
The legislation doesn’t apply to all organisations, but many will fall within its scope. If your business meets two or more of the following criteria, you will be required to comply:
- 250 or more employees
- £36 million or more in turnover
- £18 million or more in total assets
If that’s you, it’s time to act. And even if it’s not, it’s still worth considering the wider risks.
What’s at stake?
Under the new offence, organisations can face prosecution and significant fines if an employee (or anyone acting on their behalf) commits fraud and the business benefits from it.
The only defence is to have “reasonable procedures” in place to prevent fraud. These procedures don’t just tick a compliance box, they demonstrate that your organisation is taking fraud prevention seriously.
What are “reasonable procedures”?
While guidance is still evolving, there are six key areas that every organisation should focus on, taking a proportionate, risk-based approach:
- Top-level commitment
- Fraud risk assessments
- Proportionate, risk-based prevention procedures
- Due diligence
- Communication, education, and training
- Ongoing monitoring and review
These principles should form the foundation of your organisation’s fraud prevention strategy.
This is everyone’s responsibility, starting at the top
Whether or not your business meets the ECCT criteria, the message is clear: fraud is no longer a “finance problem.” It’s a business-wide responsibility, and leadership must set the tone.
Ask yourself:
- Do you know what procedures your organisation has in place to prevent fraud?
- Are your suppliers and partners equally prepared?
- If one of them suffered a major fraud loss, would your operations be affected?
These are the questions every organisation, regardless of size, should be asking. Because fraud doesn’t discriminate by turnover or headcount. And when it happens, the consequences can be far-reaching.
Now is the time to act.
Rob Brooker, Director, Opus Forensic Accounting
If you are seeking professional advice for your business, Opus is here to help. You can speak to one of the members from our Opus Forensic Accounting team, who can discuss options with you. We have offices nationwide and by contacting us on 0203 995 6380, you will be able to get immediate assistance from our Partner-led team.