The UK failure to prevent fraud offence has been long awaited. We are receiving a number of queries from clients about when the UK government’s “reasonable procedures” guidance is due to be published, when the offence will come into force and what they should be doing now to prepare.

In short:

  • we expect the “reasonable procedures” guidance to be published between October and December 2024 (it was originally due to be published early this year). UK Finance is also due to publish guidance for financial institutions in respect of the same;
  • the offence will then likely come into force after a six-month implementation period i.e. April or June 2025; and
  • it is important that organisations take steps now to conduct a risk assessment in relation to the new offence, assess what relevant policies and procedures they already have in place and consider what enhancements need to be made.

We have published a series of articles summarising the offence, how to approach risk assessments, putting in place policies and procedures, and considerations in relation to tone from the top and training

Many organisations have already started their preparation for the new offence, recognising that the reasonable procedures guidance will be high level, and that the procedures need to be tailored to the risks faced by each organisation.

We have summarised below some key considerations based on our experience of advising clients. Let us know if you would like help with understanding the new offence, how it might apply to your organisation or how to approach programme enhancement and training.

  1. Ownership and the scope of risk assessments and procedures enhancement needs to be determined: many of our international clients have put in place a cross-functional working group and global anti-fraud procedures (given that the new offence has broad jurisdictional scope).
  2. Senior management sign-off is likely to be expected: we expect the reasonable procedures guidance to set an expectation that senior management, the board or a designated individual sign off on the risk assessment and the procedures – it is important to involve them from the outset.
  3. Organisations need to understand the details of how the offences operate in practice and conduct a detailed risk assessment: assessing how the underlying offences could arise in your organisation is crucial in order to put in place effective anti-fraud procedures. This is a detailed process which is likely to require a detailed summary of the offences and input from Finance, Sales, Legal etc. (a UK government factsheet estimates this will take between 100 and 130 hours). See further our article on conducting risk assessments.
  4. Most organisations do not have comprehensive anti-fraud policies and controls which address fraud for the organisation’s benefit: many clients have in place anti-fraud policies and procedures however in most cases, these focus on protecting the organisation from becoming a victim of fraud rather than preventing fraud for the organisation’s benefit. As a starting point, it is worth checking fraud policies, financial crime contractual provisions and third party due diligence and monitoring processes.  
  5. Fraud training is complicated: the underlying offences are complex and to a large extent turn on whether there has been dishonesty. This means there are a lot of grey areas (particularly compared to bribery, where the principles are generally easier to understand). In our experience scenario-based training which helps employees spot and escalate issues is crucial. Messaging from senior and middle management is also very important. See further our article on training and tone from the top (and middle).