Introduction to this document

Internal fraud policy

It's definitely worth having an internal fraud policy statement to communicate your zero-tolerance attitude and approach to the threat of fraud and that this is likely to involve reporting fraudsters to the police. It can even help you to invoke the statutory defence to the corporate criminal offence of failing to prevent the facilitation of tax evasion. Such a policy should be short, simple and focused so that your employees can easily understand it.

Public interest disclosure

We’ve drafted our Internal Fraud Policy so that it will sit alongside our Whistleblowing Policy in terms of the reporting procedure to be followed by employees where they want to raise their reasonable suspicions of fraud. In almost all instances a disclosure about suspected fraud will be a qualifying disclosure under the Public Interest Disclosure Act 1998 as it will be a disclosure about either a criminal offence or the breach of a legal obligation and therefore it’s appropriate for that policy - and the reporting procedure under it - to also apply. Indeed, that policy says that it applies to disclosures about fraud.

Fraud defined

Our policy sets out a detailed list of actions that constitute fraud and these essentially focus around an employee using theft or deception to gain an unjust or illegal financial advantage or gain, for example, falsification of expense claims and timesheets, misappropriation of company funds or assets, false accounting, knowingly generating or paying false claims, payrolls or invoices, forgery, etc. It also includes tax evasion and the criminal facilitation of tax evasion. However, our list isn't exhaustive so you can add to it as appropriate.

Policy statement

Our policy contains a commitment to combating and eliminating fraud in the workplace and includes provisions setting out your determination to:

  • take appropriate measures to minimise the risk of, and detect, fraud
  • adopt formal procedures to investigate suspected fraud
  • provide appropriate mechanisms for employees to immediately report their genuine suspicions of fraud and deter them from making malicious allegations
  • report cases of suspected fraud to the police and co-operate with the police and other appropriate authorities as regards the investigation and prosecution of offenders
  • take appropriate disciplinary action against employees who are perpetrators of fraud
  • recover wrongfully obtained monies and assets from fraudsters.

What’s also important is that you put in place sufficiently rigorous procedures, systems and controls to minimise the opportunity for fraud, for example proper authorisation procedures, independent monitoring and checking of data and robust auditing processes.  An internal fraud policy statement should also make clear that all employees have a responsibility for fraud prevention and detection - our policy statement provides that employees are expected to play an active part in anti-fraud activity.

Failing to prevent the facilitation of tax evasion

Under the Criminal Finances Act 2017, a company or a partnership (including limited liability partnerships) (“X”), can be guilty of a criminal offence if someone commits a tax evasion facilitation offence when acting in the capacity of a person associated with X. A person is associated with X if they’re an employee acting in that capacity, an agent acting in that capacity or any other person who performs services for and on behalf of X, such as a contractor. The corporate offence is punishable by an unlimited fine. In practice, if, say, one of your clients or customers has themselves committed criminal tax evasion and a person associated with your business, such as one of your employees acting in that capacity, acts deliberately and dishonestly to aid that client or customer in their tax evasion, your business can be guilty of the corporate offence. Although it’s a strict liability offence, there is a statutory defence available. It’s a defence for X to prove that, when the tax evasion facilitation offence was committed, it had reasonable prevention procedures in place, i.e. procedures designed to prevent associated persons from committing tax evasion facilitation offences. So, if you can show that your business has put in place a system of reasonable prevention procedures that identify and mitigate your tax evasion facilitation risks, you should have a defence to the criminal offence. What reasonable procedures you need to put in place will be proportionate to your level of risk, and this is likely to be lower for small businesses. As our policy statement specifically includes tax evasion and the criminal facilitation of tax evasion within the definition of fraud, this will help towards invoking the statutory defence should you ever need to do so.