How organisations can prepare for the new fraud prevention measures

The new measures are part of a trend towards more transparency in business

This is having a global, as well as a local effect for companies, accounts teams and their advisors. The EU has reinforced laws for financial and non-financial organisations to cover areas such as whistle-blower protection and anti-money laundering.

In France, the Sapin II law is a good example. It obliged certain French companies to adopt corporate compliance programmes with the aim of deterring corruption.  

In the UK there will be​​​​ two new ​developments ​in the coming 12 months that we think are meaningful; the ECCTA and the so-called ​“​UK SOx​”​. Both will increase the levels of transparency required.  

• The Economic Crime & Corporate Transparency Act (ECCTA) comes into effect in September 2025 and aligns with two previous Acts; the Bribery Act 2010 and the Criminal Finances Act 2017.​​​​  
• The new 2024 Corporate Governance Code (​“​UK SOx​”​) is already live. Provision 29 is set to take effect in the financial period starting on or after 1st January 2026. 

For large corporates this is about a shift in responsibility

The ECCTA will bring in a new corporate offence of failure to prevent fraud. Under this new provision, an organisation will be held criminally liable if a person associated with it (such as an employee, agent, or subsidiary) commits fraud for the organisation’s benefit, and if the organisation fails to implement reasonable fraud prevention procedures. (A large organisation is defined as one which has two of these three criteria: over 250 employees, more than £36m turnover, more than £18m in total assets). 

The ​​​​new 2024 Corporate Governance Code (​“​UK SOx​”​) measures will hold company directors personally responsible for the effectiveness of their material internal controls.

This will require an ‘explicit declaration requirement’ in the 2026 annual reporting. This is part of changes to increase the focus on risk management, internal controls and procedures, which should in turn boost investor confidence. 

These changes will have an impact across the organisation. The aim is to bring together departments such as compliance, risk, finance, operations and reporting.

However, it is likely that the workload for ECCTA compliance and changes to the Corporate Governance Code will largely fall on accountants and finance professionals.  

Fraud is often referred to as a silent threat

It takes a large fraud to make it to national news level. However, recent research from the Association of Certified Fraud Examiners (ACFE) shows that fraud can have a profound effect on companies.

It estimates that organisations lose 5% of revenue to fraud each year and a typical case lasts 12 months before detection. When fraud is finally revealed, 43% of alerts come from tip-offs, not technology.  

These figures show the importance of not just complying, but securing efficiency benefits too. ​​All global companies have processes in place, but are they fit for purpose? ECCTA and “UK SOx” are opportunities to improve efficiencies and increase confidence.

In a survey of French small/medium enterprises, 96% considered a risk management and internal control system to be useful, but only 24% were satisfied with their own system1.

We expect that UK companies will have similar responses, from the smaller entities through to large corporates.  

Preventing fraud is also​​​​ an opportunity to generate efficiencies 

All departments will need to be involved in complying with these new developments, but the accounts department is where much of the work will happen.

C​​​​omplying with the ECCTA and other changes should also be an opportunity to drive value. It should give accounts teams the chance to lead improvements in the control environment and therefore drive quality, efficiency and insight across the organisation.  

​​​How can accountants and finance professionals improve on the 24% who are satisfied with their own system?

Compliance with the ECCTA and “UK SOx” will need investment, but there will also be benefits to be had, if organisations go about it in the right way. To generate satisfaction and maximum return start by considering these areas:  

• Executive awareness. Raise the visibility of the organisation’s exposure to risk with the senior team.  
• Deepen knowledge of controls. Companies can improve accountability with better management information  
• Highlight manual manipulation. Reducing occurrences of manual activities will increase the robustness of controls and functions.  
• Corporate culture. Create a culture of integrity throughout the organisation.  

This is an opportunity for the accounts team to lead adoption of new technologies and practices. Done well, compliance will lead to greater efficiencies, which will have a positive effect on revenue.  

What should organisations do to both comply and generate ​​​​efficiencies

Organisations can take a reactive (compliance) and proactive (efficiencies) approach. It’s easy to think the current processes​​​​ will provide enough protection for the senior team.

However, there are actions organisations can take now, which will set them up for the new era of corporate transparency. Here’s what we recommend for accounting teams and finance professionals:  

• Audit your processes. This is the best way to generate return-on-investment from your compliance process. It’s an opportunity to make sure you meet the new regulatory requirements, and drive the business forward with better, standardised processes.  
• Find your technology. You’re going to need some, and it’s going to need to be able to cope with different ERPs, a range of currencies and perhaps a billion movements per financial year.  
• Map out your collaborations. ECCTA and “UK SOx” will involve more than just the accounting team. The changes will need to involve operations, controlling, governance, risk and reporting. How will this team work together? How will you retain collaboration after the risk analysis and then through the implementation? 
• Upskill your team and communicate. Too often the smaller entities of a global organisation are just ticking the box of compliance. It’s important to get the local benefits as well as the global ones. This needs communication about why the changes are useful to the organisation.  
• Implement. This goes hand-in-hand with technology. You get the most benefit from a supplier that will guide you through the process and stay on hand post-implementation. Large organisations need a technology partner, not a vendor that supplies a toolbox with no ongoing support.  

Make a start on ECCTA and UK SOx regulation now

There is time to get this underway by September, when the ECCTA comes into effect. That will also set up the organisation for the changes the New 2024 Corporate Governance Code will bring in next year (​“​UK SOx​”​).

Begin with your risk analysis, so that the change management process can benefit the company as a whole. That way, it won’t make life more complicated in the long term, for the organisation or for the accounting team.

There is a global trend towards greater transparency in corporate reporting. Now is the time to get ahead of the curve.