I am one of those folks using the incoming legislation to sell their services and products. People like me, I guess. Fraud Specialists who can provide fraud reviews and advice to help you comply and stay on the right side of the law.
However, I feel a need to avoid the 2018 feeding frenzy of GDPR, with band wagon jumpers buying a book and running ineffective training courses and vendors claiming that their product can save you paying unlimited fines. The best privacy folks were there before 2018 and are around now.
In the interests of integrity, I am going to provide you with some key points that will help you decide whether it is an urgent matter for you or even something you don't need to do anything about - unless you want to improve your fraud defences anyway.
Who does it apply to?
Businesses and organisations that meet two of the following three criteria:
- More than 250 employees
- More than GBP36m turnover
- More than GBP18m of assets
If you have one out of three or none out of three, you are not covered by this legislation although the Fraud Act 2006, Money Laundering, etc. all apply.
What does it cover?
Organisations will be held to account if they profit from fraud committed by their employees and they do not have reasonable fraud prevention procedures in place. If an employee commits fraud and it does not benefit the organisation then there may be repercussions under other laws but not this one.
What is the penalty?
Unlimited fines for the organisation.
When does it come into force?
The latest amendments in the House of Lords were tabled on 11 July 2023 but the essential shape of the law is settled. Once those Amendments have been dealt with, the Bill will receive Royal Assent and will become an Act. But in line with current vogue the passing of an Act is a prelude: it will only come into force when the government has issued guidance on reasonable fraud prevention procedures.
What offences are covered?
The main offences under the Fraud Act 2006 and their equivalents in Scotland and Northern Ireland. It also includes the Theft Act 1968 such as false statements, false accounting as well as fraudulent trading and cheating public revenue.
This is part of a wide reaching fraud strategy and a sea change in how fraud is dealt with. It will also have a knock on effect for those organisations not directly covered under the new Act.
It will not be about buying credit checking services, software or lip service. It is about a proper strategy, tactics, system to detect all fraud not just fraud by employees that organisations gain from.
So, I have told you why you might not need me or others like me. I hope reverse psychology works. Fraud reviews and compliance with regulation are my thing.