Knowledge Hub

  Risk Governance, legal and compliance Fraud Economy and policy Accounting and reporting

Economic Crime and Corporate Transparency Bill and internal controls

New laws to prevent fraud have now come into effect. Helena Wilkinson from Price Bailey looks at what they mean for charities and shares an overview of updated Charity Commission guidance.


The Bill received Royal assent on 26 October 2023 and has now come into effect, with unlimited fines.

It includes a new corporate criminal offence of ‘failure to prevent fraud, false accounting or money laundering’.

The Secretary of State will issue guidance next year on procedures that relevant bodies (to which this part of the Act applies) can put in place to prevent persons associated with them from committing fraud offences.

It will mean that the onus will be on the organisations to demonstrate that they have documented potential fraud, false accounting and money laundering opportunities and how these will be managed through preventative measures.

In addition, there is a new identification principle which generally means that if a senior manager acting within the actual or apparent scope of their authority commits a relevant offence than the organisation is also guilty of the offence.

Relevant bodies are defined (using the standard Companies Act 2006 definition) as organisations meeting two out of three of the following criteria: more than 250 employees, more than £36 million turnover and more than £18 million in total assets.

Organisations should therefore consider their exposure and consider their fraud prevention and detection policies and procedures in risk areas, especially against the new guidance expected to be published by the Government soon.

CC8: Internal controls

In this regard it worth considering The Charity Commission updated guidance on internal controls. It has been significantly updated to look at more detailed financial controls that a charity should be expected to have, including advice and practical guidance, as well as details of changes to the law.

The guidance now references fraud and cybercrime, risk of operating overseas and risks of corruption and bribery as specific operational risks to consider.

As expected, there is detailed guidance on expenditure, which not only covers authorisation of invoices but also considers purchase ledger reconciliations, authority limits, purchase orders and whether invoices are paid on time, as well as the need to have appropriate controls for any reimbursed expenses.

For payroll, a reminder that this is not only around the payroll costs controls but also with regards to starters, leavers and changes to employees’ data from their contract to their bank details.

The guidance is also considering modern methods and issues such as cryptoassets and payment methods like Apple or Google Pay, bank mandates and use of credit cards, as well the basics of undertaking bank reconciliations.

There are now sections, which cover the following:

  • Internal financial controls for banking
  • Internal financial controls for income
  • Internal financial controls for expenditure
  • Internal financial controls for payments to related parties
  • Internal financial controls for assets and investments
  • Internal financial controls for loans
  • Internal financial controls for hospitality, including gifts

There is an internal control checklist at the back which follows the sections and guidance of CC8 making it easier to hone in on specific areas of internal control risk. Read the guidance and checklist.


For more guidance and information, visit the Topics section on CFG's website.


« Back to the Knowledge Hub