Understanding the new 'Failure to Prevent Fraud' Offence in a Public Sector context

Fraud is currently the most common crime in the UK, and this new offence is designed to drive a cultural shift, encouraging organisations to improve their prevention procedures and reduce instances of fraud. It strengthens existing powers to fine and prosecute organisations for fraud committed by their employees and agents, closing loopholes that have allowed organisations to avoid prosecution in the past.

This new offence holds large organisations, both in the public and private sectors, accountable for fraudulent activities committed by their employees or agents.

What is the 'Failure to Prevent Fraud' Offence?

This new offence makes a public sector organisation meeting the ‘large’ criteria liable if it fails to prevent a specified fraud offence from being committed by an employee or agent, and the fraud is intended to benefit the organisation. For example, an employee that has targets to meet may commit fraud to meet these targets, and as a result of meeting the targets, the organisation benefits.

The offence is committed where the organisation did not have reasonable fraud prevention procedures in place - it does not need to be demonstrated that organisation leadership encouraged or knew about the fraud.

In the current climate of tight public sector finances, public and social sector organisations cannot risk falling foul of this new offence and being faced with an unlimited fine, when straightforward fraud prevention measures and due diligence procedures can be implemented.

Reasonable fraud prevention procedures for Public Sector organisations

This new legislation means that public and social sector organisations are effectively required to review and enhance their anti-fraud systems and controls to cover fraud committed for their benefit by employees or agents. Full guidance on the new offence for public sector organisations from the Home Office is expected later in 2024.

The Government launched the Counter Fraud Functional Standard in 2018, which applies to all government departments and their arms-length bodies (for example the NHS), and is designed to provide guidance in relation to the management of counter fraud, bribery, and corruption. Other public sector organisations are not required to adopt this standard. However, they may be familiar with or already be complying with it on a voluntary basis, and should therefore understand and already have reasonable procedures in place to combat fraud.

Many public sector organisations at current may not have adequate measures in place in preparation for the failure to prevent fraud offence. The good news is that there is still time to rectify this and here are some reasonable procedures that public sector organisations can take:

1. Fraud Risk Assessment: Conduct a thorough fraud risk assessment to understand and address the potential fraud risks within the organisation. Traditionally fraud risk assessments have been inward-looking, aiming to prevent fraud to the detriment of the organisation from employees or agents. But these now need to encompass the risk of employees or agents engaging in fraud which benefits the organisation.
2. Policies and Procedures: Develop and implement robust policies and procedures to mitigate the fraud risks identified in risk assessments.
3. Third Party Management: Third party companies supplying goods and services to and on behalf of an organisation may likely be considered agents in the context of failure to prevent. Therefore, they may be considered within the scope of the offence for the period they are engaged by a 'large' organisation, even if they themselves do not meet the 'large' criteria. Due diligence procedures need to be assessed to ensure that reasonable policies are in place to mitigate the risk that these agents commit fraud for the benefit of the 'large' organisation by which they are engaged.
4. Training and Communication: Provide organisation-wide communications and regular mandatory training for employees about fraud, fraud risks, and the importance of fraud prevention.
5. Monitoring and Review: Regularly review the effectiveness of the fraud prevention procedures, monitoring performance, and make necessary adjustments.
6. Reporting Mechanisms: Establish clear mechanisms within the organisation and for external parties for the reporting of suspected fraudulent activities.
7. Investigation and Enforcement: Ensure that reports of suspected fraud cases are adequately recorded, thoroughly investigated, and appropriate actions taken.
8. Governance: Ensure that an appropriate governance structure is established to oversee fraud prevention programs. Identify accountability for oversight of the development and implementation of such programs by Board Members and Audit and Risk Committees. 

How can we help?

Mazars has a team of counter fraud specialists who can provide services to assess your organisation’s level of readiness for the new failure to prevent fraud offence, as well as assisting with in-depth reviews of current arrangements and assistance with the implementation of new policies and procedures related to fraud prevention.

In addition to this, Mazars through its internal audit services can help provide assurance and support in areas considered to be a high fraud risk (such as procurement, government grants and funding, payroll), as well as undertaking validation of existing self-assessments and policy/governance reviews.