Blog

This is the fourth instalment in our 10-part series on unmasking insider fraud and implementing effective risk mitigation strategies.

The UK government's Economic Crime and Corporate Transparency Bill represents a significant step towards strengthening the country's defences against economic crime. For HR professionals and compliance officers, understanding this legislation is crucial. In this post, we'll break down the bill's key points and implications, offering guidance on how businesses can comply.

Background of the Bill

The Economic Crime and Corporate Transparency Bill aims to enhance corporate transparency and empower law enforcement agencies to tackle economic crime effectively. It builds upon previous legislation, such as the Economic Crime (Transparency and Enforcement) Act 2022, to address gaps and introduce new measures against illicit activities.

Key Points of the Bill

1. Strengthening Company Registration Processes

   The bill proposes reforms to the way companies are registered and verified at Companies House:

   • Identity Verification: Mandatory identity verification for all new and existing company directors, People with Significant Control (PSCs), and those filing information on behalf of a company.

   • Enhanced Powers for Companies House: The Registrar gains additional powers to query and reject information that appears erroneous, false, or suspicious.

2. Transparency Over Ownership and Control

   Improving transparency around who owns and controls companies to prevent them from being used for illicit purposes:

   • Updating PSC Regime: Tightening rules around the disclosure of individuals who have significant control over a company.

   • Register of Overseas Entities: Expanding requirements for foreign entities owning UK property to disclose their beneficial owners.

3. Tackling the Abuse of Limited Partnerships

   The bill introduces measures to prevent limited partnerships from being used for money laundering and other criminal activities:

   • Registration Requirements: New obligations for limited partnerships to maintain a connection to the UK.

   • Compliance and Enforcement: Enhanced powers to deregister partnerships that fail to comply with legal requirements.

4. Enhancing Powers to Seize and Recover Assets

   Law enforcement agencies are granted stronger powers to tackle criminal finances:

   • Seizure of Cryptoassets: Allowing the seizure and recovery of cryptoassets used in or intended for criminal activities.

   • Unexplained Wealth Orders (UWOs): Simplifying the process for obtaining UWOs to investigate suspicious wealth.

5. Strengthening Anti-Money Laundering (AML) Regulations

   The bill seeks to tighten AML regulations to prevent the flow of illicit funds:

   • Information Sharing: Facilitating greater sharing of information between regulated entities and law enforcement.

   • Sanctions Enforcement: Enhancing the ability to enforce sanctions against individuals and entities involved in economic crime.

Implications for Businesses

The bill introduces several obligations that businesses must adhere to, impacting how they operate and report information:

1. Mandatory Identity Verification

   Companies must ensure that all directors and PSCs undergo identity verification. This places responsibility on businesses to:

   • Verify the identities of key individuals accurately.
   • Maintain up-to-date records of verified individuals.
   • Ensure compliance with data protection regulations during the verification process.

2. Enhanced Due Diligence

   Businesses are expected to perform thorough due diligence to prevent their entities from being used for illicit activities:

   • Implement robust Know Your Customer (KYC) processes.
   • Regularly update and monitor records for changes in ownership or control.
   • Report suspicious activities to the relevant authorities.

3. Compliance with AML Regulations

   Companies must align with strengthened AML regulations:

   • Provide training to employees on AML policies and procedures.
   • Establish internal controls to detect and prevent money laundering activities.
   • Cooperate with law enforcement and regulatory bodies when required.

4. Transparency Obligations

   Businesses are required to increase transparency regarding their structures and operations:

   • Disclose accurate information to Companies House and keep it updated.
   • Ensure that any overseas entities associated with the business comply with disclosure requirements.

Guidance on How Businesses Can Comply

1. Review and Update Internal Policies

   Businesses should assess their current policies to ensure alignment with the new requirements:

   • Update Compliance Programs: Incorporate changes into existing compliance and risk management frameworks.

   • Document Procedures: Clearly outline steps for identity verification and reporting obligations.

2. Implement Robust Identity Verification Processes

   Adopt reliable methods for verifying the identities of directors, PSCs, and other key individuals:

   • Utilise Trusted Services: Engage with accredited identity verification providers like Verifile.

   • Maintain Records: Keep detailed records of verification processes and outcomes.

3. Enhance Due Diligence Measures

   Strengthen KYC and due diligence practices:

   • Risk Assessment: Conduct thorough risk assessments of clients, suppliers, and partners.

   • Continuous Monitoring: Implement ongoing monitoring of relationships and transactions.

4. Train Employees

   Ensure staff are aware of the new regulations and their responsibilities:

   • Provide Training: Offer regular training sessions on compliance obligations and fraud prevention.

   • Promote a Compliance Culture: Encourage a company-wide commitment to ethical practices.

5. Engage Legal and Compliance Experts

   Consult with professionals to navigate complex regulatory requirements:

   • Legal Advice: Obtain guidance on specific obligations and how they apply to your business.

   • Compliance Support: Work with compliance consultants to implement effective controls.

Potential Challenges and How to Overcome Them

Implementing the requirements of the bill may present challenges:

Data Protection Concerns

Balancing identity verification with data privacy obligations can be complex.

• Solution: Ensure compliance with the UK GDPR by implementing secure data handling practices.

Resource Constraints

Small and medium-sized enterprises (SMEs) may face resource limitations.

• Solution: Prioritise key areas of compliance and consider outsourcing to specialist providers.

Keeping Up with Regulatory Changes

The regulatory landscape is continually evolving.

• Solution: Stay informed through industry associations, legal updates, and by subscribing to regulatory newsletters.

Conclusion

The Economic Crime and Corporate Transparency Bill introduces significant changes that will impact how businesses operate in the UK. By understanding the key points and proactively implementing compliance measures, organisations can not only avoid legal repercussions but also contribute to the broader effort of combating economic crime.

HR professionals and compliance officers play a crucial role in this transition. By fostering a culture of transparency and due diligence, they can help their organisations navigate these changes effectively.

In our next post, we'll explore how leveraging CIFAS can aid in fraud prevention and enhance your organisation's defences against insider threats.

Stay tuned for Part 5: "Leveraging CIFAS for Fraud Prevention" coming soon.

In June 2024, Japan enacted a landmark law to protect children from sexual predators by requiring mandatory background checks for individuals working in child-focused roles.
Inspired by the UK's Disclosure and Barring Service (DBS), this legislation marks a major shift in safeguarding children across Japan.

Historical Context: Why Was This Law Created?

Japan's legislative move follows several high-profile cases of sexual abuse in schools and childcare institutions. Before this law, employers had no legal means to verify the criminal backgrounds of potential hires, exposing children to potential risks.
Globally, similar measures have been adopted in countries like the UK, where the DBS has been in place since 2002. These systems were developed after public outrage over failures to protect children from individuals with known criminal histories. Japan’s adoption of such a system highlights growing international alignment in child protection policies.

Key Features of the Legislation

1. Mandatory Background Checks
   • All government-supervised institutions (e.g., schools, nurseries) must verify sexual offence histories of current employees and job applicants.
   • Background checks will cover crimes under the Penal Code and local ordinances, including offences like groping and flashing.
2. Record Access Timeframes
   • Records for crimes involving imprisonment are accessible for 20 years after sentence completion.
   • For fines or lesser penalties, records are accessible for 10 years.
3. Voluntary Compliance for Private Institutions
   • Private organisations, such as cram schools and sports clubs, can choose to adopt the system.
   • A certification programme allows these organisations to advertise their compliance as a mark of commitment to child safety.
4. Reassignment or Dismissal
   • ​​​​Employers must reassign employees with histories of sexual offences to roles that minimise contact with children or terminate their employment.

Implementation Challenges

1. Employer Preparedness
   • Many institutions, especially smaller ones, may lack the resources or knowledge to comply with the new law. The government has committed to offering guidance and training, but logistical challenges remain.
2. Data Privacy Concerns
   • Critics argue that granting access to criminal records risks violating individual privacy, especially for those who have already served their sentences.
3. Voluntary Participation
   • Private institutions may hesitate to opt into the system, potentially creating uneven protection standards across different types of organisations.

Global Comparisons and Lessons

Japan's legislation mirrors the UK's DBS, which has proven effective in safeguarding children. However, challenges in the UK’s implementation offer valuable lessons:

• Administrative Delays: Employers often experience delays in obtaining background checks, which could disrupt hiring processes.
• Public Awareness: The success of the DBS relies on public understanding of its purpose and scope, something Japan must prioritise.
• Balancing Rights: The UK has faced criticism for its broad application of checks. Japan could avoid similar backlash by ensuring checks are targeted and fair.

Criticisms and Controversies

The law has sparked debate over:

• Employment Rehabilitation: Opponents argue that individuals who have served their sentences should not face lifelong discrimination in the workplace.
• Scope of Records: Some critics suggest that the inclusion of minor offences, like groping, may unfairly impact employment opportunities.

Anticipated Benefits

1. Enhanced Child Safety
   • Mandatory background checks create an additional layer of protection, ensuring that individuals with histories of sexual offences are kept away from roles involving children.
2. Increased Employer Accountability
   • By requiring employers to verify backgrounds, the law promotes a culture of responsibility and vigilance.
3. Public Confidence
   • Certification for private institutions can reassure parents and communities that child safety is a priority.

Conclusion

Japan’s adoption of DBS-style legislation is a crucial step forward in protecting children from harm. While implementation challenges and privacy concerns remain, this system has the potential to create safer environments across educational and childcare sectors.

Key Sources

1. "Cabinet approves bill requiring schools to screen for sex offenders" – The Asahi Shimbun, March 19, 2024. 
   Read here
2. "Diet passes bill requiring schools to screen for sex offenders" – The Asahi Shimbun, June 20, 2024. Read here
3. "Japan approved bill for background checks for work" – HR Asia, March 22, 2024. 
   Read here
4. "Sexual Crimes Against Children: Strictly Check Candidates’ Suitability to Work as Education Professionals" – The Japan News, March 23, 2024.
   Read here

This is the third instalment in our 10-part series on unmasking insider fraud and implementing effective risk mitigation strategies.

In our previous posts, we explored the concept of insider fraud and delved into its various types. Today, we focus on why it's imperative for businesses to proactively manage these risks. The financial repercussions of insider fraud can be devastating, and compliance obligations are becoming increasingly stringent. HR professionals and compliance officers must understand the significance of risk mitigation strategies to protect their organisations.

Why Proactive Risk Management Is Essential

Proactive risk management involves identifying potential threats before they materialise and implementing measures to prevent them. This approach is crucial for several reasons:

• Financial Protection:

  Insider fraud can lead to substantial financial losses. By managing risks proactively, businesses can safeguard their assets and revenue streams.

• Regulatory Compliance:

  With regulations like the Economic Crime and Corporate Transparency Bill, companies are legally obligated to prevent fraud. Non-compliance can result in severe penalties.

• Reputational Integrity:

  Fraud scandals can tarnish a company's reputation, leading to loss of customer trust and market share.

• Operational Efficiency:

  Preventing fraud ensures smoother operations and reduces disruptions caused by investigations or legal proceedings.

Financial Repercussions of Insider Fraud

The financial impact of insider fraud extends beyond the immediate loss of funds or assets. Here are some of the broader financial consequences:

Pursuing legal action against fraudulent employees incurs significant costs, including legal fees, court expenses, and potential settlements.

1. Direct Financial Losses

   As highlighted in the webinar, cases like Lesley Stewart and Lorna Porter resulted in losses of £300,000 and £634,000 respectively. These funds could have been invested back into the business for growth and development.

2. Legal Costs

   Pursuing legal action against fraudulent employees incurs significant costs, including legal fees, court expenses, and potential settlements.

3. Regulatory Penalties

   Under the Economic Crime and Corporate Transparency Bill, companies can face unlimited fines and criminal convictions for failing to prevent fraud. Directors and senior managers may also be held personally liable.

4. Increased Insurance Premiums

   Insurance companies may raise premiums for businesses that have experienced fraud, considering them higher risk.

5. Loss of Investment Opportunities

   Investors may be wary of injecting capital into organisations with a history of fraud, limiting access to funding.

Compliance Obligations

Compliance with legal and regulatory frameworks is not just a best practice—it's a necessity. Failing to meet these obligations can have severe consequences.

The Economic Crime and Corporate Transparency Bill

This legislation aims to enhance corporate transparency and combat economic crime. Key points include:

• Failure to Prevent Fraud Offences: Companies can be prosecuted if they fail to prevent fraud committed by an employee or agent.
• Liability: Directors and senior managers can face criminal charges and unlimited fines.
• Reporting Requirements: Companies must provide detailed reports on their anti-fraud measures.

Data Protection Regulations

Regulations like the UK General Data Protection Regulation (UK GDPR) require businesses to protect personal data. Insider fraud involving data breaches can lead to hefty fines from the Information Commissioner's Office (ICO).

Industry-Specific Compliance

Certain industries have additional obligations:

• Services: Regulated by the Financial Conduct Authority (FCA), requiring stringent anti-fraud measures.
• Healthcare: Must comply with NHS Counter Fraud Authority guidelines.
• Education: Subject to safeguarding requirements to protect vulnerable individuals.

Real-Life Consequences of Non-Compliance

Failure to implement effective risk mitigation strategies can lead to catastrophic outcomes, as seen in high-profile cases:

Carl Stokes and the Grenfell Tower Tragedy

Carl Stokes misrepresented his qualifications as a fire safety assessor. His inadequate assessments contributed to the tragic Grenfell Tower fire. This incident not only led to loss of life but also resulted in significant legal and financial repercussions for the organisations involved.

Brandon Leung's Employment Without Proper Checks

Brandon Leung secured a position despite previous convictions. His fraudulent activities could have been prevented with thorough background screening, highlighting the importance of compliance with hiring regulations.

Benefits of Implementing Risk Mitigation Strategies

Beyond avoiding negative consequences, proactive risk management offers several advantages:

• Enhanced Security Processes

  Implementing robust security measures protects sensitive information and reduces the likelihood of breaches, both intentional and accidental.

• Attracting a Transparent Workforce

  A strong emphasis on ethics and compliance attracts employees who value integrity, fostering a positive organisational culture.

• Competitive Advantage

  Companies known for their robust risk management are more attractive to clients, partners, and investors, providing a competitive edge.

• Operational Resilience

  Preparedness for potential risks ensures that businesses can respond effectively to incidents, minimising disruption.

Key Strategies for Risk Mitigation

HR professionals and compliance officers can implement the following strategies:

1. Comprehensive Background Screening

   Utilise thorough pre-employment checks, including criminal records, credit history, and reference verification. Services like those offered by Verifile provide valuable support.

2. Regular Training and Awareness

   Educate employees about fraud risks, ethical standards, and compliance requirements. Awareness reduces the likelihood of inadvertent breaches.

3. Robust Policies and Procedures

   Develop clear policies regarding fraud prevention, data protection, and reporting mechanisms. Ensure these are communicated effectively across the organisation.

4. Continuous Monitoring

   Implement ongoing monitoring of employee activities where appropriate, and conduct regular audits to detect potential issues early.

5. Leveraging Technology

   Use advanced tools for identity verification, access control, and anomaly detection to enhance security measures.

Conclusion

Proactively managing risks associated with insider fraud is not just a protective measure—it's a strategic imperative. Financial repercussions and compliance obligations necessitate a robust approach to risk mitigation. By implementing effective strategies, organisations can safeguard their assets, uphold their reputations, and ensure long-term success.

In our next post, we'll delve into the Economic Crime and Corporate Transparency Bill, exploring its implications and how businesses can align with its requirements.