Corporate report

Companies House counter fraud strategy 2025 to 2028

Published 12 January 2026

1. Foreword: Charlie Boundy, Chief Data Officer and executive board member accountable for countering fraud

I am pleased to share the Companies House Counter Fraud Strategy 2025 to 2028, setting out our key priorities for the coming years, and detailing how they will be delivered.

As the accountable board member for counter fraud at Companies House, I am committed to ensuring that our organisation upholds the highest standards of honesty, transparency, and accountability.

Protecting public trust is vital to our mission, and that means addressing not only economic crime, but the wide spectrum of fraud risks that threaten our operations. This strategy sets out our approach to mitigating fraud against Companies House and includes insider threats, risks within our commercial dealings, and vulnerabilities in internal systems and processes.

Our counter fraud vision is to ensure a resilient, trustworthy Companies House that is free from fraud, where all staff, partners, and stakeholders act with integrity and vigilance. We aspire to cultivate a culture in which fraud is neither tolerated nor ignored, empowering our people and processes to proactively identify and address fraud risks.

2. Scope

This counter fraud strategy sets outs a proactive and structured approach to identifying, preventing and responding to fraud, bribery and corruption across the organisation. It is designed to safeguard public resources, uphold integrity and promote a culture of accountability.

The strategy will provide a focused framework for tackling the non-economic fraud risks facing Companies House. While economic crime is of critical concern, this strategy deliberately excludes it where it is perpetrated by the companies and their filers. This strategy instead focusses on insider threats, commercial operations, and internal systems and processes.

The work to tackle abuse of the register by companies is not considered counter fraud in this context, as it does not equate to monetary savings for Companies House. This is because in this role we share intelligence of patterns of suspicious behaviour on the register with partners who may be victims of fraud losses themselves. Whether that results in fraud or other threats taking place in other organisations is not always visible to Companies House.

We also use our new compliance and enforcement powers as laid out in the Economic Crime and Corporate Transparency Act (2023) to prevent companies and others from either carrying out unlawful activities or facilitating the carrying out by others of unlawful activities. To learn more about our work to combat economic crime, please read our strategic intelligence assessment.

3. Context

Companies House is an executive agency, sponsored by the Department for Business and Trade (DBT). We hold the UK’s registers of companies and Register of Overseas Entities. 

Companies House is responsible for:

• incorporating, maintaining and dissolving limited companies
• examining and publishing company information
• holding and maintaining the Register of Overseas Entities
• promoting corporate transparency

Our data informs everyday business and consumer decisions and helps disrupt economic crime. The nature of our operations exposes us to various fraud risks that have the potential to undermine the integrity of our services and public confidence.

Our vision (as per the Companies House strategy 2025 to 2030) is that ‘by 2030, Companies House will be the trusted guardian of corporate transparency, acting as a catalyst for economic growth, while protecting business and people from harm.’

The Economic Crime and Corporate Transparency Act 2023 has had a profound impact on Companies House, introducing new powers to disrupt economic crime and reforms to drive greater transparency and accountability through the UK’s corporate registers. This includes mandatory identity verification, which means integrating GOV.UK One Login and launching a new service for Authorised Corporate Service Providers (ACSPs).

Our largest area of spend in Companies House is our people costs. Public Sector Fraud Authority (PSFA) estimates that, for two thirds of government expenditure, where it does not have specific estimates the level of fraud and error is somewhere between 0.5% and 5% of expenditure. We therefore must be vigilant with regards to insider fraud risks such as flexi abuse and expense claim fraud.

The NAO report An overview of the impact of fraud and error on public funds for 2023 - 2024 lists payroll fraud (including timecard falsification and dual working) in the top 3 emerging fraud risks against the taxpayer. It’s vital that we stay vigilant to these insider risks and have robust preventative internal controls in place.

According to the PSFA it is estimated that the levels of fraud and error in public spending is between £33 billion and £59 billion. 

Mark Cheeseman, Chief Executive Officer of PSFA, stated in the Government Counter Fraud Functional Strategy 2024 to 2027: 

We know that fraud and economic crime are complex, diverse and quickly changing. The International Public Sector Fraud Forum’s (IPSFF) principles state ‘there will always be fraud’ and ‘fraud and corruption are ever changing’ - and our experience shows the truth of these. The advent of the digital economy has brought great advances to our society, but the agile and innovative tools and channels have also been used by fraudsters to attack individuals, businesses and the public sector.

The ever-evolving landscape of financial crime and digital deception has brought about significant fraud risks that threaten the operational robustness and reputation of wider government and Companies House. As a result of this moving landscape, we will commit to reviewing this strategy in 12 months’ time to ensure it is still fit for purpose.

We are committed to working together to detect, prevent, and deter fraud and error, ensuring public funds are protected. Minimising opportunities for fraud and error will enhance customer experience, increase trust in our systems, and help deter fraudulent activity.

4. Our commitment

We will continue to improve our compliance with the Government Functional Standards and will use the standards to strengthen efforts against fraud now and in the future. We aim to support an effective, consistent response to fraud within the organisation and across the public sector. 

We mandate all our people (such as employees, contractors and agency workers) and those we do business with to act honestly, with integrity and safeguard public resources for which they are responsible. Any case, suspected or identified, will be investigated thoroughly and dealt with firmly and appropriately and could involve criminal action.

We will adhere to Fraud Risk Assessment (FRA) standards and have an Organisational (Enterprise) FRA, along with thematic and detailed full FRAs. These will help identify high risk areas across the organisation, enabling economies of scale in provision of controls for the risks identified. 

This strategy applies to all directorates, employees, contractors, and third-party partners at Companies House.

It covers fraud risks that do not fall under the remit of economic crime, including:

• insider threat: unauthorised access, manipulation or misuse of information, misappropriation of assets, theft of assets and misuse of purchasing card (by employees, contingent labour, suppliers and delivery partners) and risks associated with our joiners, leavers and mover internal processes
• failure to declare or disclose and false representation: abuse of working hours, expense claim fraud, falsified job application and mandate fraud
• commercial fraud: collusion, bribery, or manipulation within procurement, supplier management, and commercial relationships
• internal systems and processes: process circumvention, document falsification, or conflicts of interest within internal operations
• cyber-attacks related to attempts to compromise our teams: including phishing, spear phishing, whaling, vishing and smishing

This is not a complete list.

5. Working together and collaboration 

This strategy was formulated in collaboration with staff throughout the agency and aligns with organisational priorities, while thoughtfully assessing Companies House’s ‘averse’ risk tolerance to fraud. 

We will collaborate with key stakeholders on meeting Counter Fraud Functional Standards, Consolidated Data Return (CDR) submissions to Public Sector Fraud Authority, and Initial Fraud Impact Assessments. We will also work with other government departments and public bodies to better understand and manage fraud risks. 

Companies House will promote a counter fraud culture, enhance controls, and share best practices.

6. Key principles

The IPSFF is a group that brings together experts working to combat public sector fraud from across the Five Eyes countries (Australia, Canada, New Zealand, the UK and the USA).

The collective aim is to come together to share best in fraud management and controls across public borders. It was brought together by the Centre of Counter Fraud Function and continues to work under the PSFA.

The forum has established 5 principles for public sector fraud which Companies House has adopted.

6.1 There is always going to be fraud

It is a fact that some individuals will look to make gains where there is opportunity, and organisations need robust processes in place to prevent, detect and respond to fraud and corruption.

6.2 Finding fraud is a good thing

If you don’t find fraud you can’t fight it. This requires a change in perspective so the identification of fraud is viewed as a positive and proactive achievement.

6.3 There is no one solution

Addressing fraud needs a holistic response incorporating detection, prevention and redress, underpinned by a strong understanding of risk. It also requires cooperation between organisations under a spirit of collaboration.

6.4 Fraud and corruption are ever changing

Fraud, and counter fraud practices, evolve very quickly and organisations must be agile and change their approach to deal with these evolutions.

6.5 Prevention is the most effective way to address fraud and corruption

Preventing fraud through effective counter fraud practices reduces loss and reputational damage. It also requires less resources than an approach focused on detection and recovery.

7. Priorities      

We have identified 3 key priority areas for the next 3 years (2025 to 2028). They are tailored specifically to Companies House and are designed to fulfil our strategic vision.

7.1 To better understand our fraud landscape

Current position

There have been a number of FRAs undertaken in Companies House. More FRAs are required to inform the overall organisational fraud risk assessment.

Where we want to be

Fraud is complex and criminals are constantly finding new ways to exploit vulnerabilities. The counter fraud function will collaborate closely with colleagues across the organisation to identify fraud risks, the internal controls we have in place to minimise the risk and any limitations in those controls. Through completing a variety of full and thematic fraud risk assessments, we will be able to better inform an overall Organisational Fraud Risk Assessment and be in a position to articulate the residual fraud risk facing Companies House. For every business area we will assess the vulnerabilities of our existing internal controls and identify where additional preventative, detective and corrective controls are required.

7.2 To promote a culture of integrity, which prioritises fraud and error prevention

Current position

There is an open and honest culture in Companies House and we trust and value our people. However, there will always be a minority who seek to abuse that trust. Our conflict of interest policy and the supporting processes have not been reviewed for some time. We have recently relaunched our revised ‘raising a concern’ policy (including whistleblowing).

Where we want to be

We want to ensure we have the right balance between trusting our people and issuing communications which actively deter instances of fraud and insider threat. We will review our conflict of interest policy and processes to ensure our people are clear on their responsibilities, protecting both individuals and our organisation.

7.3 Improve our detection and reporting of fraud and error

Current position

We were previously not reporting any instances of fraud and error in our quarterly CDR submissions. We have recently started to report on pay errors and flexi abuse.

Where we want to be

We want to be more proactive in the detection of fraud and error across all areas of our business. We will take part in the next National Fraud Initiative (NFI) which will actively match our data against that of other government departments and local authorities. We will seek out opportunities to harness technology, such as AI to detect instances of fraud and error especially through new capabilities in our security operations centre and cloud data platform.

Find more detail on what action we will take to achieve our priorities, the desired outcomes and how we will measure success in Annex A.

8. Monitoring and reporting

Progress against these priorities and key deliverables will be reported quarterly to the executive board, and our accountable board member whose responsibility it is to monitor progress. We will continue to engage regularly with the PSFA and our parent department, DBT. 

9. Annex A: Our counter fraud priorities

9.1 Priority: better understand our fraud risk landscape

Action we will take

1. Develop a prioritised plan of fraud risk assessments (FRAs) to be undertaken.
2. Undertake a range of detailed full FRAs, thematic FRAs and initial fraud impact assessments (IFIAs) as per the plan above.
3. Develop an organisational FRA.

Desired outcome

We will develop an inventory of internal controls which assesses their effectiveness and any limitations. Residual risks, outside of tolerance, will be owned by a senior leader and mitigation plans will be put in place.

How we will measure this (key metrics)

1. The FRA plan will be agreed and progress monitored by the executive board.
2. Through the number of IFIA/FRAs drafted.
3. Through the quality of IFIA/FRAs submitted to PSFA .

9.2 Priority: promote a culture of Integrity which prioritises fraud and error prevention

Action we will take

1. Plan and deliver counter fraud, bribery and corruption awareness training across all levels. Embed into induction of new joiners.
2. Encourage whistleblowing, which we will implement through secure and anonymous channels.
3. Celebrate ethical behaviour and reinforce accountability.

Desired outcome

There is an increase in engagement from non-counter fraud professionals with the counter fraud function. Our people know what fraud, bribery and corruption is and how to report it. There are consistent and regular internal communications regarding the counter fraud activity that is being undertaken.

How we will measure this (key metrics)

1. Management information to capture staff engagement on essential learning. 
2. Attendance of courses delivered either internally or externally and the feedback on effectiveness. 

9.3 Priority: improve our detection and reporting of fraud and error

Action we will take

1. Work with business areas across the organisation to build capability to identify, manage and report fraud and error.
2. Explore options for data and technology (such as AI) to improve the detection of fraud and error.
3. We will join the NFI to identify any anomalies that may be an indicator of fraud.

Desired outcome

Business areas will actively detect instances of fraud and error and report to the counter fraud function. We will utilise data and technology to increase our detection rates.

How we will measure this (key metrics)

1. Increase in the amount of fraud and error reported in the CDR.
2. We will successfully upload the relevant data to the NFI for the next data matching exercise in 2026.