Guidance

Building a Counter Fraud Strategy Practice Note

Published 3 March 2025

© Crown copyright 2025

This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.

Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.

This publication is available at https://www.gov.uk/government/publications/building-a-counter-fraud-strategy-practice-note/building-a-counter-fraud-strategy-practice-note

Purpose and Scope

This guide is produced to support the development of your Counter Fraud Strategy. It is an organisational decision whether you have a standalone strategy for counter fraud, or if a combined approach is taken in which it also considers risks of wider economic crime, bribery and corruption. Either approach is reasonable as long as the scope and purpose is clearly defined.

This guide has been developed by the Government Counter Fraud Profession (GCFP) Centre of Learning, which is a function of the Public Sector Fraud Authority. All steps and advice align to agreed standards for professionals in the Leadership, Management and Strategy Standard, produced by GCFP

Counter Fraud Strategy

A Counter Fraud Strategy is a mid to long-term plan of action considering current and future strengths, weaknesses, opportunities and threats and looks to build toward a defined future state.

Benefits of a Counter Fraud Strategy

A counter fraud strategy is about establishing a clear set of focus areas by which an organisation is going to change how it deals with fraud. It is not merely a plan for responding to fraud incidents as they occur, but a forward-looking approach aimed at shaping how an organisation prevents, detects, and responds to fraud. The essence of any counter fraud strategy is the ‘what’ and ‘how’ the organisation will, at a strategic level, do to manage the fraud threat and risk based on the threat assessment and fraud risk appetite. This will look to minimise the risks and threats the organisation faces from fraud.

A successful counter fraud strategy is based upon fraud risk and threat assessments, identifying the challenges that lie ahead and the opportunities to strengthen and coordinate its defences against fraud. By understanding where current vulnerabilities exist, the strategy can detail how the organisation will deal with these.

When developing a counter fraud strategy, it is crucial to think about challenges and opportunities faced now and, in the future, and how the organisation will change to meet these. This may include evolving fraud tactics, emerging technologies, regulatory changes, or economic shifts. The strategy should anticipate these developments, identifying the challenges and opportunities that may arise, and planning proactive measures to deliver organisational objectives. By thoroughly assessing the current context, the organisation can establish clear, actionable milestones, ensuring progress is consistently aligned with long-term objectives. This process is not static and should be continuously reviewed and refined.

A counter fraud strategy:

  • Gives a structured and co-ordinated approach
  • Provides background and context
  • Sets aims and objectives
  • Meets regulatory requirements if applicable
  • Describes the focus areas ensuring these are engaging

To keep the counter fraud strategy focused and actionable, it is essential to categorise the primary elements that will drive the strategic direction of the organisation to deter and respond to the fraud threats. By prioritising 3, 5 or 7 main focus areas for example, efforts would be streamlined and organised. Each focus area should serve as an anchor for targeted actions, helping to maintain clarity and momentum.

Examples of focus areas might include:

  • Enhancing Fraud Detection Capabilities
  • Investing in technology and analytics to improve early frauddetection
  • Building a Fraud-Resilient Culture
  • Promoting awareness, training, and the risk appetite to fraud across all levels of the organisation
  • Leveraging Data and Intelligence
  • Using data and AI insights to predict, prevent and detect fraud risks

By concentrating on key focus areas, the counter fraud strategy ensures that every action taken directly contributes to the overarching goal. The process of driving change is then embedded into the culture, leading to sustained and proactive fraud prevention effort.

The Government Functional Standard for Counter Fraud states ‘Organisations should have a counter fraud, bribery and corruption strategy, which should be approved by the organisation’s board or executive risk committee. The strategy may consist of a single overarching strategy or separate strategies (counter fraud as one, bribery and corruption as the other) depending on how the organisation is structured’.

The strategy should set the direction and desired outcomes relating to counter fraud, bribery and corruption over the next 2 to 5 years, including:

  • Assessment of the main risks and challenges facing the organisation
  • An assessment of how the fraud, bribery and corruption landscape may change
  • Where the organisation wants to be in the next two to five years
  • How it intends to actively counter fraud, bribery and corruption and develop its response
  • Objectives for the period of the strategy The strategy should be informed by a fraud, bribery and corruption risk assessment and be updated to take account of changes in the internal and external environment.

This government functional standard sets the expectations for the management of fraud, bribery and corruption risk in government organisations.

Building a Counter Fraud Strategy

Tactical and Strategic Threat Insights

An organisation may face a high number of competing tactical and strategic fraud challenges at one time. These may be identified through its risk assessments, threat assessments, robust intelligence flows, previous cases, audit reports, fraud measurement or policy evaluation.

In addition, there will be competing operational, structural, reputational, current and future challenges for example.

Operational

  • Access to capability
  • Access to infrastructure for example secure systems
  • Cultural resistance to talking about fraud Structural
  • Flow of intelligence into investigations for example

Reputational

  • The organisation has a bad reputation because of publicised issues with fraud management
  • Organisation is seen as a target for fraudsters

Current

  • Do not have fraud investigators

Future

  • Legislation will change which will bring new opportunities/requests

It is important to keep up to date with these challenges, as well as being able to make sense of what the priorities should be for the defined period of time that the counter fraud strategy will cover. It is advised to work with stakeholders in identifying and documenting the current challenges and opportunities, whilst also thinking about the future for the strategy. This is best achieved by working with a range of internal and external stakeholders who understand and are familiar with your organisation, payment and spend areas or programmes of activity.

Key questions to prompt discussion

What are the wider societal, economic, legislative, and technological challenges that may increase or impact on known fraud risks?

How may these manifest or develop over time and what challenges and opportunities arise as a result?

Horizon Scanning

A counter fraud strategy is more likely to be successful if it is developed with an informed understanding of the wider fraud landscape both across government and other sectors, including the private sector, and in particular those where the organisation typically engages. A key part of building a strategy is horizon scanning and understanding the current and future term challenges and opportunities of the context you operate in.

Strategic thinking tools such as PESTLE analysis can be used to assist this process.

PESTLE Analysis

A PESTLE analysis studies the key external factors that influence an organisation. It can be used in a range of different scenarios, and can guide leaders in strategic decision-making.

PESTLE stands for:

  • Political
  • Economic
  • Sociological
  • Technological
  • Legal
  • Environmental

SWOT Analysis

You will often find that alongside PESTLE it is helpful to use a SWOT analysis to support the targeting of your findings. SWOT stands for:

  • Strengths
  • Weaknesses
  • Opportunities
  • Threats

A SWOT analysis is a technique for assessing these four aspects of your fraud function. The tool that can help you to analyse what you do best now, and to devise a successful counter fraud strategy for the future.

How to Be Successful in Building a Counter Fraud Strategy

Strategy Management Cycle

A strategy should be specific to the organisation, the context it operates in, and informed by knowledge of threats the organisation faces from fraud. Failure to follow these simple first steps will result in a generic strategy that will hold the organisation back in achieving the outcomes and the change you are trying to realise.

The Strategy Management Cycle outlines the key considerations and steps necessary for developing an effective counter fraud strategy. By following the stages of the cycle, organisations can create a comprehensive approach to prevent, detect, and respond to fraud, while also ensuring that the strategy remains adaptive to emerging risks.

Strategy Management Cycle:

  • Decide how the Fraud Risk Assessment(s) feed into the Strategy
  • Analyse and define the current (tactical) and future (strategic) challenges the fraud function is facing
  • Horizon scan and assess the wider environment (threats/risks)
  • Business operations, financial and strategic challenges and issues evaluated and prioritised
  • Define/Redefine the organisation’s Counter Fraud Maturity
  • Strategy Development (Define scope and time frame/Consult stakeholders/Optimum future state discussed, agreed and presented simply/Define key activities that will be undertaken/Investment and resources analysed and agreed)
  • Fraud Responsibilities Matrix discussed and agreed (organisation to determine roles this covers)
  • Define how progress against the Counter Fraud Strategy will be monitored (key metrics for success)
  • Strategy continually communicated and progress monitored

Stage 1

This stage focuses on problem definition and horizon scanning in order to clearly define the counter fraud strategy. This approach ensures that your counter fraud strategy is both comprehensive and responsive to evolving risks and operational realities.

Problem Definition and Horizon Scanning:

  • Incorporate Fraud Risk Insights. Use insights from the fraud risk assessment to inform and shape your overall counter fraud strategy
  • Analyse Tactical and Strategic Challenges. Define the current tactical challenges the fraud function and organisation face, including operational, structural, reputational, and internal or external factors. Also, identify future strategic challenges that may arise
  • Horizon Scanning. Assess the broader environment, scanning for emerging risks, threats, and trends that could impact your organisation and its fraud function now and in the future
  • Evaluate and Prioritise Challenges. Identify and prioritise business, operational, financial, and strategic challenges. This helps to focus resources on the most critical areas. Use insights from the fraud risk assessment to inform and shape your overall counter fraud strategy
  • Assess Counter Fraud Maturity. Define or redefine the organisation’s current level of counter fraud maturity, determining how well-equipped the fraud function is to handle existing and future challenges
  • Scope of the Coutner Fraud Strategy. Clearly define the scope of the counter fraud strategy, specifying which parts of the organisation are covered
  • Use Environmental Analysis Tools. Utilise tools like PESTLE analysis to understand the wider operational environment, including sector-specific risks, associated industries, and governance that impact fraud risks

Stage 2

This stage focuses on the building of the counter fraud strategy and defining the key activities to be undertaken to achieve the strategy aims. This tructured approach ensures the counter fraud strategy is well defined, stakeholder driven, and properly resourced for effective implementation.

Building the Counter Fraud Strategy:

  • Define Scope and Time Frame. Establish the boundaries of the counter fraud strategy, including which areas of the organisation and its operations are covered, and set a clear time frame for implementation
  • Consult Stakeholders. Engage with both internal and external stakeholders to gather insights, ensure alignment, and secure buy-in for the counter fraud strategy
  • Optimum Future State Discussed, Agreed and Presented Simply. Collaboratively define the desired future state of the organisation’s counter fraud capabilities, ensuring it aligns with overall business goals. Present this vision clearly and concisely

Fraud Responsibilities Matrix

As part of strategy development, or as an activity in the strategy, you may wish to explore a Fraud Responsibilities Matrix. It is good practice to produce and maintain a Fraud Responsibilities Matrix that sets out the roles and responsibilities for key activities in the organisation and for managing the organisation’s fraud risk and its response.

The detail will vary from one organisation to another depending on the size and complexity of the department and the remit of its fraud function.

The Fraud Responsibilities Matrix can feed into, or form part of, the fraud policy and response plan i.e. setting out who has responsibility for what area/activity.

  • Define Key Activities That Will Be Undertaken. Identify and agree upon the main actions required to implement the strategy effectively, ensuring that they address both current and future fraud challenges
  • Investment and Resources Analysed and Agreed. Evaluate the necessary resources, and ensure the required investments are agreed upon and allocated

Consideration should be given to the following:

  • The matrix should be easy to follow and be an accessible and available document.
  • The matrix sets out which parts of the organisation and/or what the individual roles are.

The matrix should include:

  • Primary
  • Secondary
  • Or shared responsibility, for individual payment areas and organisational activities, areas of fraud risk management and areas of delivery of the counter fraud strategy

The matrix should include:

  • name of the part of the organisation
  • specific individual who holds responsibility
  • a description of the extent or limitations of their responsibility

The matrix should include a description of the extent, and limit, of the responsibilities of the fraud function and the functional lead within the organisation.

The matrix should include agreed board level responsibilities for counter fraud.

The matrix may be included as part of the fraud policy and response plan.

It is good practice to produce and maintain a Fraud Responsibilities Matrix

Stage 3

This stage defines how progress against the counter fraud strategy will be monitored and communicated. By delivering the strategy through an actionable plan, continuously monitoring progress through key metrics, and promoting awareness both internally and externally, the organisation can ensure a robust approach to countering fraud. Regular reviews and communication ensure the counter fraud strategy evolves with emerging risks and maintains effectiveness.

Deliver, Monitor and Promote

Deliver

The delivery of a counter fraud strategy is structured around an actionable plan. In most cases, this plan will be found in an Annual Action Plan, which outlines the steps necessary to implement the strategy. This ensures that delivery is aligned with the overall objectives of the organisation and includes specific milestones, tasks, and responsibilities.

  • Location of Delivery Plan. The Annual Action Plan will, in most cases, serve as the document that tracks deliverables and timelines
  • Task Allocation. Ensure all relevant departments or teams are assigned specific responsibilities related to fraud prevention, detection, and response
  • Resource Allocation. Confirm that sufficient resources for example, staffing, technology, funding, are in place to deliver on the strategy

Monitor

Monitoring progress against the counter fraud strategy is critical for ensuring success. This involves setting key metrics and defining how these will be measured.

Key Metrics For Success Might Include:

  • Increase in Reported Fraud Incidents. Tracking the number of detected or reported fraud cases over time
  • Prevented Fraud and Error. Measuring year on year fraud to track reduction over time
  • Speed of Response to Fraud. The time taken to respond to fraud cases, from detection to resolution
  • Recovery Rates. The percentage of fraudulently lost funds recovered
  • Training Compliance. The number of staff trained in fraud awareness and prevention measures
  • Implementation of Controls. Measuring the percentage of fraud control measures implemented from the action plan and the effectiveness of these controls.

Monitoring Mechanism May Include:

  • Regular progress reports should be prepared, detailing achievements against the annual action plan
  • Data analytics can help detect anomalies and assess the effectiveness of fraud controls
  • Internal audits can review compliance with anti-fraud measures
  • Performance reviews, quarterly or biannual, of the fraud strategy with oversight committees to discuss progress, challenges, and changes

Promote

Once the strategy has been agreed (in a counter fraud context in the public sector, this will include being signed off and agreed by the accountable individual(s) at board level) the next step is to develop plans to monitor progress against it and promote it both internally and externally. Promoting the strategy ensures its visibility both internally and externally, while also encouraging compliance and commitment from stakeholders.

Internal Promotion May Include:

  • Communicating the counter fraud strategy regularly through a number of channels including staff newsletters or internal emails
  • Engaging with all levels of staff through training sessions and awareness campaigns to ensure understanding of their roles in the fraud prevention framework
  • Including updates on the counter fraud strategy’s progress in executive briefings to the board or senior leadership

External Promotion May Include:

  • Publicly sharing the organisation’s commitment to fraud prevention for example, through press releases or annual reports
  • Maintaining transparency about the organisation’s stance on fraud by publishing relevant metrics and case studies (where appropriate)

Review and Update:

  • The counter fraud strategy should be continually reviewed to ensure it remains relevant and effective
  • Updates should be communicated to stakeholders, with any necessary revisions incorporated into the Annual Action Plan

As a minimum the strategy should be available internally in your organisation.

A good strategy is one where anyone in the organisation can tell you what the main focus areas are.

Counter Fraud Strategy and Understanding Risk

The Government Fraud Management Model developed by the GCFP for their Leadership Management and Strategy Standard breaks down how to effectively lead and manage a counter fraud function into three cycles that should form a continuous process.

Fraud Risk Management Strategy Management Operational Management

The counter fraud strategy should be informed by an understanding of risk. By understanding the risk and control environment and organisational landscape, the development of the counter fraud strategy can be targeted to respond to these risks and to attain the desired future state.

Preparation is key and this is driven by understanding your fraud risks. To do this in an informed way, completion of a fraud risk assessment will be beneficial, which can be completed at an organisational (enterprise) level, as well as at group (thematic) or programme level (full fraud risk assessment FRA).

Fraud risk assessments should be viewed as a continuous cycle of activity to ensure that new risks and emerging threats are considered, evaluated and prioritised.

To best inform knowledge a combination of these levels should be completed, depending on your organisation resources/capabilities in fraud risk assessment.

The Organisational (Enterprise) level gives an overview of the main fraud risks the organisation faces.

The Thematic (Grouped) level focuses on areas of spend or various programmes across the organisation, depending on its operations and structure.

Initial Fraud Impact Assessment (IFIA) An IFIA provides an initial upfront focus of the main fraud impacts and challenges facing a new spend activity.

Full Fraud Risk Assessment (FRA) A full fraud risk assessment would focus on, and provide detailed analysis of, specific fraud risks within an individual spend activity, business unit or programme.

While there are common fraud risks, the detail of how these risks occur in, and impact every organisation will differ. Organisations must understand the importance of fraud risk management. Developing fraud risk assessments which meet the Fraud Risk Assessment standard will help an organisation to identify, assess and respond to the fraud risks faced by the organisation.

Effective and up to date fraud risk assessments provide the foundations to organisations developing an effective counter fraud strategy.

Once the organisation understands its fraud risks it can begin to consider what the strategic response should be, in order to manage and reduce these fraud risks, in line with the agreed fraud risk appetite.

Effective fraud management is compulsory for all central government and public sector organisations. HM Treasury, in their publication ‘Managing Public Money’ advised ‘each organisation should identify, itemise and assess how it might be vulnerable to fraud covering the risks in some detail.’

Action Plans

Action plans play a critical role in delivering a counter fraud strategy by breaking down broad goals into specific, manageable tasks with clear timelines and responsibilities.

They provide a roadmap that outlines the steps necessary to achieve strategic objectives, ensuring that progress is measurable and focused. By assigning accountability and setting deadlines, action plans help keep the organisation on track, align resources effectively, and enable teams to respond proactively to challenges, ultimately increasing the likelihood of a successful strategy. Once the counter fraud strategy has been developed and approved, effective fraud management is best achieved by an organisation by setting out clearly how the objectives in the strategy will be delivered and by when. It is recommended that this is achieved through the development of an Annual Action Plan, that summarises key actions to improve capability, activity and resilience in that year.

Annual Action Plans

In accordance with the Government Functional Standard: GovS 013, government organisations should develop and maintain an annual action plan to show how their counter fraud, bribery and corruption strategy is to be implemented. Agreement of these and quarterly progress updates submitted to the Public Sector Fraud Authority (PSFA) are mandatory for all ministerial and public bodies, as set out in the PSFA Mandate.

The GCFP Leadership, Management and Strategy Standard sets out a product guide to help shape your action plan.

The Annual Action Plan should be linked to the counter fraud strategy, in that the actions within it will take the organisation towards their strategy and help deliver it.

Functional leads should be prepared to adapt the annual action plan during the year to take account of emerging fraud risks.

An action plan should include:

Introduction which sets out the rationale behind the plan, linking it to the counter fraud strategy and set the scene.

A section which may take the form of a matrix or table that sets out the key actions/objectives to be completed in the forthcoming year. These actions could be towards a variety of goals, for example:

  • increasing counter fraud capability
  • reviews of key areas of the organisation including fraud risk assessment
  • the introduction of key new controls to reduce risk or loss, any proactive detection activity including fraud loss measurement, which will be undertaken to find more fraud
  • any new powers or legislation that will be pursued
  • the testing or implementation of any new data sharing or analytics tools

A matrix should have:

  • actions that are SMART (Specific, Measurable, Achievable, Realistic and Timely)
  • a framework divided by specialism, payment stream, or area of the business
  • each action assigned to an individual and/or team
  • flags if there is/maybe the requirement for specialist resources and any budget impact
  • agreed and realistic deadlines and should set out high-level success/performance criteria for each action

The Annual Action Plan should be transparent at board level. The Functional Lead is responsible for overseeing and driving the achievement of the Annual Action Plan.

The Annual Action Plan may include actions undertaken by the counter fraud function and actions undertaken by the wider business or its partners.

Challenges to Consider

The counter fraud strategy should be a clear and accessible document, which sets out the prioritised activities that will be undertaken to manage and reduce fraud challenges in a defined period. It is good practice to ensure the counter fraud strategy is updated regularly or when the business faces environmental change, for example when introducing a new service that is judged to have a high susceptibility to fraud.

Governance Reminder

For those working across the HMG Fraud Function when the counter fraud strategy is developed it should be available for submission to the PSFA as part of Functional Standard Assurance for GOVs013 Counter Fraud. You may also wish to retain evidence of the board level sign off for assurance purposes.

Further Reading

Government Functional Standard GovS 013: Counter Fraud (https://www.gov.uk/government/publications/government-functional-standard-govs-013-counter-fraud)

Government Counter Fraud Profession Strategy 2023-2025 (https://www.gov.uk/government/publications/government-counter-fraud-profession-strategy-2023-2025)

The Government Counter Fraud Functional Strategy 2024-2027 (https://assets.publishing.service.gov.uk/media/65f01d1f9812270011f61283/Cross_Government_Counter_Fraud_Functional_Strategy_2024-2027.pdf)

Government Counter Fraud Professional Standards and Guidance - Leadership, Management and Strategy - Available on request from gcfp@cabinetoffice.gov.uk

Professional Standards and Guidance for Fraud Risk Assessment in Government (https://www.gov.uk/government/publications/professional-standards-and-guidance-for-fraud-risk-assessment-in-government)

Enterprise Fraud Risk Assessment - Practice Note (https://www.gov.uk/government/publications/enterprise-fraud-risk-assessment-practice-note)

Initial Fraud Impact Assessment - Practice Note (https://www.gov.uk/government/publications/initial-fraud-impact-assessment-practice-note)

Back to top