Note:
This guidance is advisory only. The guidance is not a substitute for reading the legislation or obtaining professional legal advice where appropriate or necessary.
Statutory guidance in relation to fraud prevention procedures is published by the Home Office at Economic Crime and Corporate Transparency Act 2023: Guidance to organisations on the offence of failure to prevent fraud (accessible version) - GOV.UK. All organisations should review the Home Office Guidance when establishing and reviewing their fraud prevention procedures.
See Section 1.4 of the Home Office Guidance for any conflict between alternative sources of guidance.
Statutory Guidance
The Home Office published the guidance, Economic Crime and Corporate Transparency Act: Guidance to organisations on the offence of failure to prevent fraud on 06 November 2024. The guidance has been written to provide organisations with important advice on the offence of ‘failure to prevent fraud’, to ensure they are taking the correct preventative action.
The guidance is written under section 204 of the Economic Crime and Corporate Transparency Act 2023 (ECCTA). This guidance sets out procedures that relevant bodies can put in place to prevent persons associated with them from committing fraud offences.
The guidance provides an overview of the offence, illustrated by some theoretical examples in different contexts. It describes the general principles for organisations in developing or enhancing procedures to prevent fraud. When a court is considering a case, adherence to these principles will be taken into account. Each section includes examples of good practice, but, given the large range of organisations subject to the offence, the guidance is not prescriptive about all possible scenarios.
As some organisations in scope of the offence are also subject to other legislation, the guidance discusses how they should approach any potential overlap between the offence and existing regulatory requirements.
Use of the guidance
The NHSCFA recommend that all relevant healthcare organisations read the Home Office Guidance when planning their fraud prevention approach and ensure they thoroughly understand and implement the principles outlined. This should be read alongside NHSCFA’s guidance. We also recommend that legal advice is sought where appropriate or necessary.
Sector specific guidance
The Home Office Guidance makes clear that whilst individual sector-specific guidance can be created to provide more detail on prevention measures commensurate to the specific risks in that sector, there is no mechanism in ECCTA for statutory guidance to be issued by representative or membership bodies. Therefore, any sector-specific guidance will be advisory only.
References to NHSCFA
The Home Office Guidance makes several important references to NHSCFA throughout including that NHS organisations should follow advice on the NHSCFA website when developing fraud prevention measures. In particular, these references can be found in the introduction to Chapter 3 (Application of the recommendations of the Public Sector Fraud Authority in in the NHS); Section 3.2 (Risk assessments); and Section 3.3.5 (Sources of information for developing fraud prevention measures).
Chapter 3 – Reasonable fraud prevention procedures
Chapter 3 of the Home Office Guidance describes the reasonable fraud prevention procedures that relevant bodies can put in place to prevent persons associated with them from committing fraud offences.
In relation to public sector organisations, the guidance outlines how relevant bodies are already required to implement the recommendations of the Public Sector Fraud Authority (PSFA) and the Government Counter Fraud Profession. It states how, for NHS organisations, the NHSCFA’s website provides detailed information on the Government Functional Standard 013 Counter Fraud and how the requirements are to be applied across the NHS and wider health group.
The guidance suggests that NHS organisations review relevant sector-specific information when developing fraud prevention measures and that public sector organisations in scope should follow advice on the NHSCFA website when doing this.
What do these references mean in terms of application of reasonable procedures?
As the statutory guidance is referring NHS organisations to the existing recommendations of the NHSCFA in relation to establishing fraud prevention measures, NHS organisations should continue to refer to those materials in establishing and reviewing their fraud prevention measures.
Nevertheless, organisations will need to review measures that they have in place to consider the extent to which any extension or addition to their existing measures is required as a result of the scope of the ‘failure to prevent’ offence in ECCTA.
For further information, see sections on Reasonable fraud prevention procedures and Next steps – how to comply.