Mandate Fraud Prevention
September 23, 2021
Bank Mandate fraud occurs when someone requests you to change the bank transfer mandate, by purporting to represent an organisation you make regular payments to, for example business supplier, membership or subscription.
Fraudsters will look to identify suppliers of services your organisation use on a regular basis. They may obtain these details from contract award notices published online, or information published on your company website.
SAFE have produced a mandate fraud prevention quick guide to help organisation identify and implement preventative actions.
Bank mandate fraud is seen by organised crime groups (OCG’s) as a low risk, high reward enterprise and whilst specific techniques are constantly evolving bank mandate fraud can often be cyber enabled.
This means that in order to protect your organisation you need to look to your supply chain to ensure that your suppliers understand the risks; such as poor password security and phishing attacks leading to business email compromise and bank mandate fraud.
The National Cyber Security Centre (NCSC) have produced useful guides on
password security and dealing with
targeted phishing emails. SAFE have developed a mandate fraud prevention webinar which brings the subject to life with real-life examples and experiences from our experienced counter fraud professionals.
Share this news story...
Section 199 of the Economic Crime and Corporate Transparency Act 2023 (ECCTA) introduced a new corporate offence that significantly raises the bar on fraud risk management. Large organisations can now be criminally liable if an employee, agent, or other associated person commits fraud for the organisation’s benefit—and the organisation did not have reasonable fraud prevention procedures in place. This is a strict liability offence. Prosecutors do not need to prove senior management knowledge or intent. If fraud occurs and the organisation cannot demonstrate an adequate prevention framework, liability follows. The only defence: reasonable procedures The sole statutory defence is that the organisation had reasonable procedures in place to prevent fraud, or that it was reasonable not to have such procedures. In practice, regulators have made clear that “reasonable” will be interpreted robustly. Organisations should be acting now to: Conduct a documented fraud risk assessment covering business models, revenue streams, incentive structures, third-party exposure, and jurisdictional risk. Design proportionate prevention controls aligned to identified risks, including financial controls, approval thresholds, segregation of duties, and oversight of agents and intermediaries. Set the tone from the top , with clear board ownership, senior accountability, and demonstrable commitment to fraud prevention. Implement targeted training and communications so employees and associated persons understand fraud risks, red flags, and reporting routes. Maintain monitoring, reporting, and review mechanisms , including whistleblowing channels, audits, and periodic reassessment as the business evolves. Evidence everything . Policies without implementation, or controls without records, will not support a defence.
Thank you to everyone who attended one of our fraud prevention webinars in 2025. For those who missed them, you can now watch all the recordings at your convenience on the SAFE YouTube channel. Whether you want to find out more about the drivers of fraud, or explore strategies for preventing emerging threats such as dual employment and imposter fraud, we've got a webinar for you. All the links you need are below, and we've included links to additional resources available elsewhere on the SAFE website.
SAFE – Security and Fraud Experts and Dorset HealthCare University NHS Foundation Trust are proud to be part of Project WISE (Workforce Integrity and System Efficiency), a proactive initiative using data and advanced analytics to strengthen fraud detection across the NHS. The NHSCFA estimates that £1.346 billion of NHS funding is vulnerable to loss through fraud, bribery and corruption in England. With fraud posing a significant risk to NHS resources each year, we’ve joined forces with the NHS Counter Fraud Authority and four other NHS organisations across the South East and South West to pilot this first-of-its-kind initiative. The pilot is helping to identify emerging fraud risks and patterns, turning complex data into actionable intelligence that supports local and regional counter fraud teams.
