At our recent financial crime breakfast briefing, we looked at two incoming pieces of legislation surrounding UK fraud prevention – and how ready firms are for these changes. Tom Townson reviews the insights.
In June, we welcomed guests from the financial services industry and beyond to our London office to talk about the UK fraud landscape at the first of our 2023 in-person financial crime breakfast briefings. We focused on two of the legislative changes that form part of the UK government’s Economic Crime Plan 2 and Fraud Strategy, which will impact both regulated and non-regulated firms. Our session included some live polling on participants’ state of readiness for these changes.
Firstly, we talked about the new Contingent Reimbursement Model (CRM) for authorised push payment or APP fraud, which substantially expands the depth and breadth of customer reimbursement. The new CRM will be a compulsory scheme, overseen by Pay. Uk and the Payment Systems Regulator (PSR). It will include all payment services providers (PSPs) who use the Faster Payments platform, and the costs of reimbursement will be shared equally between remitting and receiving PSPs.
Even some established players are sceptical of the proposed launch timeframe of Q1 2024 set out in the PSR’s policy statement, and feelings in the room on readiness were mixed. In our live poll, half indicated that they'd need more than six months to be ready for the CRM. This is unsurprising given the sizeable changes that newly affected PSPs will need to make, and it suggests that the industry as a whole is unlikely to be ready in time.
Secondly, we talked about the development of the new corporate offence of failure to prevent fraud, which is to be inserted into the Economic Crime and Corporate Transparency Bill. For some in civil society, this piece of draft legislation is a missed opportunity for a more broadly defined offence that would cover economic crime as a whole, rather than just fraud.
It's notable, however, that the legislation has got as far as it has, given that it didn't originally command government support despite the Law Commission’s recommendations. The draft offence is similar in structure to other UK ‘failure to prevent’ offences covering bribery and tax evasion. It's a ‘strict liability’ offence, meaning that if certain conditions are met, you're guilty unless you can prove the statutory defence – in this case having “reasonable” procedures in place.
For the offence to be made out you need to be an organisation that counts as a “relevant body”, a fraud offence must be committed by an “associated person” to your organisation while acting “for or on your behalf”, and there must be an “intended benefit” accruing to your organisation or to anyone else receiving the services provided on your behalf. Initially, the offence was intended to apply to larger firms only – those meeting two out of three thresholds on number of employees, turnover and profit – to avoid capturing smaller organisations. The latest iteration of the Bill has removed size limits for firms, however. We discussed possible scenarios in which this legislation might apply to financial services firms, including product mis-selling and accounting misstatement; there will doubtless be others.
Are firms ready for the legislation? In our live poll, 90% said that they were mostly or partly prepared for the introduction of the new offence, but 44% said they still might need more than six months to be ready. In the meantime, and in the absence of industry guidance which has yet to be provided, prudent firms will no doubt be preparing a risk assessment to understand their potential exposure.
For more insight and guidance on the UK financial crime landscape, get in touch with Tom Townson.
We look forward to more lively discussion at our next in-person breakfast briefing on ‘Cash, coins and financial crime’, where we'll consider the comparative financial crime profile of fiat and digital currencies, to be held on 20 September.
Our in-person briefings – held in June, September and October – will be held at our London office. You can also register to access the recap on our July virtual event briefing on ‘Sanctions – the new normal’.
