Large UK corporations and their subsidiaries have until September 1, 2025, to conduct risk assessments and appropriately strengthen policies and procedures, systems and controls to detect and prevent fraud.
An organization will be guilty of a FTPF offense if an employee, agent or subsidiary commits fraud that directly or indirectly benefits the organization or its clients. Lines of defense are having in place “reasonable preventative procedures” or if it would have been unreasonable to have expected the preventative measures to be in place.
The law applies to UK large businesses, defined as meeting at least two of the three criteria of more than 250 employees, more than £36 million in turnover (gross revenue) or more than £18 million in total assets. It also extends to subsidiaries if an employee of a subsidiary commits fraud that benefits the parent entity, or if an employee of the parent entity commits fraud that benefits a subsidiary.
Reasonable preventative procedures include:
- Top level commitment
- Regular risk assessments
- Effective risk-prevention procedures enforced
- Due diligence on those performing services for the organization
- Communications and training
- Monitoring and review
Read the Punter Southall article here.