Fraud is one of the highest reported crimes in England and Wales and risks to organisation are significant and growing: the Economic Crime Survey 2024 found that 1 in 4 UK businesses with more than one employee experienced fraud in the previous twelve months. The economic and social cost is substantial and the impact of fraud on businesses and individuals can go beyond economic loss, causing reputational harm and damage as well. With the proliferation of AI-driven schemes, deepfakes and increasingly sophisticated online fraud (which we have discussed here), these risks show no sign of abating and attacks are becoming harder to detect.
In response to this increasing risk, the Government has announced its Fraud Strategy 2026 - 2029 which will see it commit over £250 million to tackling fraud. The Strategy sets out a system-wide approach built on collaboration between the Government, regulators, law enforcement, the intelligence community and the private sector. It is built around three pillars: Disrupt, Safeguard and Respond. This article explores just some of the key takeaways from the Strategy.
Pillar 1: Disrupt
Preventing Fraud Before It Happens
A centrepiece of the Disrupt pillar is the new Online Crime Centre (OCC), backed by £31 million in Government funding and set to launch in April 2026. Led by the Home Office and National Crime Agency, the OCC will unite law enforcement, the intelligence community and private sector partners to coordinate responses to online crime and accelerate response times.
The Strategy also targets the abuse of corporate structures. Reforms under the Economic Crime and Corporate Transparency Act 2023 (ECCTA) have introduced mandatory identity verification for directors and persons with significant control and enhanced the power for the Companies House Registrar to check, remove and decline information, share data and take enforcement action.
The Government also plans to set up a new Abusive Phoenixism Taskforce within the Insolvency Service, to investigate phoenixism, where individuals use companies, and transferring assets between them, repeatedly to evade debts or for fraudulent purposes.
Failure to Prevent Fraud
Organisation should remain mindful of the corporate offence of “failure to prevent fraud” which was introduced by the ECCTA and became effective from September 2025. Large organisations must now have “reasonable procedures” in place to prevent fraud by “associated persons”, which include employees, agents, and service providers. Businesses should be reviewing their compliance frameworks and internal controls to ensure they meet these standards, as a failure to do so could expose them to criminal liability.
Mandatory Electronic Invoicing
The Government will mandate electronic invoicing for all VAT invoices from April 2029. This is designed to reduce the risk of invoice interception and payment diversion fraud where criminals intercept legitimate emails and send fake invoices. Businesses will need to prepare for this transition well in advance and should consider the operational changes that may be required.
Pillar 2: Safeguard
Building Resilience
The Safeguard pillar recognises that not all fraud can be prevented at the source and individuals and businesses require the tools and knowledge to recognise and avoid it. Safeguard is concerned with building resilience through public education and targeted support for those most vulnerable to fraud. Key measures include the expansion of the Stop! Think Fraud campaign to cover a broader range of types of fraud. The campaign will continue working with industry to encourage protective behaviours.
Pillar 3: Respond
Civil Penalties
The Strategy signals a notable shift toward using civil enforcement powers alongside traditional criminal prosecution. The aim is for civil enforcement to complement criminal sanctions. The Home Office will continue to consider whether introducing civil penalties for fraud and facilitating money laundering will produce an effective alternative to criminal law. It may draw on models such as the Public Authorities (Fraud Error and Recovery) Act 2025, giving power to the Public Sector Fraud Authority to issue civil penalties for fraud and attempted fraud. If adopted, this could significantly expand the range of enforcement tools available and the exposure of businesses to non-criminal liability.
Business-Funded Enforcement Units
The Strategy acknowledges a need to develop sector-specific expertise to tackle fraud in industry. The Home Office will develop proposals for new business-funded units in the most affected sectors, with the first expected to be fully operational in 2028/9, initially focusing on the retail sector. These bespoke units will build on already established and proven models and will aim to provide additional specialist expertise in combatting and responding to fraud in the target industry. The Insurance Fraud Enforcement Department which specialises in combatting insurance fraud, is an example of this type of industry-funded model. Businesses in affected sectors should anticipate increased engagement with, and potential funding obligations towards, specialist enforcement.
Other Key Takeaways
The Strategy contains a number of other developments to be aware of:
- The Government will introduce judge-only trials for the most complex criminal fraud cases. This could materially impact litigation strategy for defendants in major fraud proceedings.
- The regulatory landscape for cryptoassets is expanding, From October 2027, a full financial service regulatory framework comes into force requiring cryptoasset firms to obtain FCA authorisation.
- The Home Office is launching a call for evidence on economic crime information sharing to address barriers to cross-border and private sector data sharing.
What’s next?
The Strategy carries a number of clear and practical implications. First and foremost, organisations should ensure their compliance frameworks meet the standards required (in particular as required by the ECCTA) and should begin planning for operational changes, such as electronic invoicing.
Interestingly, the Strategy emphasises the importance of civil enforcement complementing criminal sanctions, highlighting the role of private civil action as a means of obtaining redress. It therefore marks a step-change in the Government’s approach to fraud, with a clear emphasis on prevention, cross-sector collaboration, an expanded enforcement toolkit, and the use of civil law remedies. As such, whilst criminal enforcement is undoubtedly vital for obvious societal reasons, victims should look to the civil law to obtain compensation from the fraudsters.
