Follow TopicFollow Contributor Share Feedback
How

How "Failure to Prevent" Changes Risk Management

by Starling Insights

Starling Insights Editorial Board

Nov 27, 2024

Observations

In a recent article, Deloitte examines how the new "failure to prevent fraud" (FTP) offense in the UK may require a new approach to risk management.

The FTP was introduced by the Economic Crime and Corporate Transparency Act (ECCTA), which will take effect on September 1, 2025. This legislation presents a significant shift in corporate accountability by requiring organizations to implement "reasonable fraud prevention procedures." Under the new rules, companies will risk prosecution if fraud committed by employees or associates was intended to benefit the organization.

Unlike traditional anti-fraud frameworks focused on protecting the company as a victim, the FTP offense compels organizations to address situations where they might indirectly benefit from fraudulent actions by employees, agents, contractors, and international branches. The FTP offense only applies to companies meeting the "large organization" criteria under the Companies Act. However, Deloitte warns, smaller entities may need to align their fraud-prevention practices to continue working with in-scope companies.

Deloitte offers guidance as to how firms can prepare for their new obligations, featuring six principles for designing and implementing reasonable procedures. The authors also stress that a tailored anti-fraud strategy is essential. Deloitte emphasizes the importance of continuous training and testing fraud-prevention plans by impartial team members, noting that standard audits alone are insufficient for an FTP defense. Companies may also consider undertaking external reviews of whistleblowing systems and fraud frameworks as an added precaution, Deloitte explains.

However, as Starling Founder & CEO Stephen Scott argues in a recent Weekend Reading article, a focus on policy, process, and training alone is unlikely to change the culture driving employee misconduct. Rather, if companies wish to actually prevent misconduct, as the new FTP standards require, they must attend to the cultural factors that will allow them to bring about meaningful change: their people, presumptions, and practices. ▸ Read More

Join The Discussion

See something that doesn't look quite right?

We strive to provide high quality and accurate content at all times. With that said, we realize that sometimes links break, new information becomes available, or there is something that you feel we may have missed.

If you see something that you think we should be aware of, we would love to hear from you. Feel free to drop us a note below and leave your name and contact info if you'd like to hear back from us.

Thank you for being a key part of the Starling Insights community!