Continuous fraud risk auditing: a necessity for UK businesses in light of new legislation

In the wake of the upcoming 'failure to prevent fraud' legislation set to take effect on 1 September 2025, UK businesses must prioritise continuous fraud risk review. This new offence, part of the Economic Crime and Corporate Transparency Act 2023, will hold large organisations criminally liable if they fail to prevent fraud committed by employees, agents, or other associated persons for the company's benefit.

Why is continuous review crucial? Consider these sobering statistics:

• Fraud accounts for approximately 40% of all crime in England and Wales.
• Large enterprises typically receive between 1.00 and 3.08 fraud reports per 100 employees.
• 45% of companies in highly regulated industries saw an increase in whistleblowing reports over the past year.

To help businesses stay ahead of fraud risks, here's a comprehensive checklist for continuous fraud risk review using data commonly found in accounting tools:

Data Integrity and Access Controls

• Regularly verify user access rights and segregation of duties
• Monitor for unauthorised changes to master data
• Review audit logs for suspicious activities or reconciliations

Transaction Analysis

• Set up alerts for unusual or large transactions, especially near period-end
• Implement automated checks for duplicate transactions or invoices
• Flag round-sum transactions or those just below approval thresholds

Account Reconciliations

• Ensure timely and accurate bank reconciliations
• Set up automated reviews of reconciling items for unusual patterns
• Monitor for unauthorised journal entries or adjustments

Vendor and Payment Analysis

• Implement controls for new vendor additions
• Set up alerts for multiple payments to the same vendor on the same day
• Cross-check payments against employee addresses or bank accounts

Revenue Recognition

• Regularly review for premature revenue recognition or "channel stuffing"
• Monitor for unusual sales returns or credit memos
• Set up automated checks for inconsistencies between revenue, accounts receivable, and cash receipts

Expense Analysis

• Implement alerts for unusual spikes in expenses or cost categories
• Regularly review expenses for proper supporting documentation
• Set up checks for personal expenses charged to the company

Journal Entry Review

• Implement controls for manual journal entries, especially those made by senior management
• Set up alerts for journal entries made outside of normal business hours
• Regularly review journal entries for vague or missing descriptions

Asset Management

• Conduct regular physical inventory counts and reconcile with system records
• Set up alerts for unusual write-offs or disposals of assets
• Implement automated checks for discrepancies in asset valuation

Payroll Analysis

• Regularly review employee records for ghost employees or unusual changes
• Set up alerts for excessive overtime or bonus payments
• Implement automated checks for inconsistencies between payroll expenses and headcount

Financial Statement Analysis

• Utilise AI and machine learning for ratio analysis to identify unusual trends
• Set up automated comparisons of financial data across periods
• Regularly review management's estimates and judgments for potential bias

By implementing these continuous review processes, businesses can not only mitigate fraud risks but also demonstrate their commitment to having "reasonable procedures in place to prevent fraud". This proactive approach is crucial, as the new legislation puts the onus on organisations to prove they had adequate preventive measures in place.

Remember, fraud prevention is not a one-time effort but an ongoing process. As Lord David Hanson, Minister with Responsibility for Fraud, stated, "This guidance marks the first steps towards a corporate culture shift around fraud prevention". By embracing continuous fraud risk review, UK businesses can stay ahead of evolving fraud threats and ensure compliance with the new legislation.

‍

References:

https://www.gov.uk/government/news/new-failure-to-prevent-fraud-guidance-published

https://www.osborneclarke.com/insights/failure-prevent-fraud-steps-take-september-2025

‍