Many Firms Still Aren't Ready For UK's Fraud Prevention Regime – Dentons

Tom Burroughes

2 September 2025

A new UK “failure to prevent fraud” (FTP) law kicked in yesterday – potentially covering even firms outside the country that have UK links, such as wealth managers.

However, it appears that many organisations are not fully prepared, leaving them open to punishments from the (SFO) which has signalled that it is keen to flex its muscles.

said in a statement that as of June this year, just under a third (30 per cent) of firms it has spoken to hadn’t appointed anyone to watch over FTP compliance; of the 70 per cent who had taken measures, most gave such responsibilities to compliance teams already stretched by other tasks. Worryingly, Dentons said, 78 per cent had not completed or even started fraud risk assessment, which is part of the “reasonable procedures” set out in government guidance.

The new offence has been brought in as part of the Economic Crime and Corporate Transparency Act, which received Royal Assent on 26 October 2023 under the previous Conservative government. Like the UK Bribery Act of 2010, there is an extra-territorial aspect to this law – meaning that firms above a certain size which have activities overseas cannot assume that these are out of bounds. (See a detailed outline by WealthBriefing compliance expert and writer Chris Hamblin.)

There is a lot at stake. In a recent presentation, Moody's said that £1.17 billion ($1.6 billion) was lost in 2024 to unauthorised and authorised fraud; some 3.13 million cases of unauthorised fraud were reported last year, rising 14 per cent from 2023. Fraud makes up 40 per cent of all crime in the UK. (See an article here.)

For definition purposes, "authorised fraud" is typically a scam whereby a fraudster manipulates a victim into voluntarily sending a payment from their own account to a fraudulent account.

Toolkit
Responding to the findings of its own fact-finding, Dentons has launched a “FTP Toolkit” to help organisations assess and address gaps in their fraud prevention measures.

FTP creates a strict liability criminal offence for in-scope companies that fail to prevent fraud by individuals associated with them, where the fraud benefits the organisation or its customers. The only defence is to demonstrate that reasonable and proportionate fraud controls were in place.

SFO director Nick Ephgrave has made no secret of his desire to go after wrongdoers to prove such laws apply. Dentons quoted him as saying: "I'm very, very keen to prosecute someone for kept these under review. They should continually enhance their controls to reflect any new and emerging fraud risks, as this could help in securing a defence. Financial crime is high on the Financial Conduct Authority’s (FCA) agenda so failures to prevent fraud could lead to civil fines and other serious consequences for regulated firms, as well as members of their senior management teams."

The Personal Investment Management & Financial Advice Association, or , the UK wealth management body representing firms, noted that the FTP offence will make it easier for authorities to go after offenders.

“While PIMFA welcomes the new offence, which will encourage investment in internal governance processes and improve transparency, increased levels of accountability naturally create new challenges for firms to navigate,” Alexandra Roberts, head of regulatory policy and compliance at PIMFA, said in a statement emailed to WealthBriefing. “At the same time, to help firms avoid falling foul of the new offence, there is a need for the government to provide greater clarity around what constitutes reasonable procedures.”

“The offence marks a significant shift in emphasis around fraud, firmly placing responsibility on the shoulders of firms. The onus is now on firms to demonstrate they have robust internal systems and staff training in place to prevent fraud. The days where firms could deal with fraud on a purely reactive basis are now long gone, as the new offence compels firms to take a proactive approach to mitigating fraud risk within their organisations. The offence also forces firms to consider outward fraud, where the firm is the beneficiary, as well as inward fraud, where the firm is the victim,” Roberts said.