BSI: How ISO 37003 will help you fight fraud

In light of growing global concern over rising fraud cases and the evolving tactics of fraudsters, David Fatscher, Interim Head of Standards Development (Sustainability & ESG) at BSI, will be discussing the significance of a newly published standard. He will explore how this standard provides a proactive framework for organizations to identify and respond to fraud risks, foster a culture of integrity, and build long-term resilience in an increasingly complex digital landscape.

As digital connectivity grows and the global marketplace evolves, fraud has surged in both complexity and scale. In response to this rising threat, BSI, the UK’s national standards body has published a new international guidance standard designed to help organizations strengthen their ability to combat fraud: Fraud Control Management Systems – Guidance for Organizations Managing the Risk of Fraud (ISO 37003).

Fraud on the rise

Fraud affects every sector, from finance and government to manufacturing and non-profits. In 2024, the UK banking sector reported a 16% increase in fraud cases, translating into more than £3 million stolen daily¹. This alarming figure may only scratch the surface of a broader crisis, as fraudsters become increasingly innovative, adapting their tactics to exploit emerging technologies and societal vulnerabilities.

BSI’s 2024 Supply Chain Risks Report highlighted cases of companies and individuals staging hijackings of their own delivery vehicles to secure fraudulent insurance payouts. Geopolitical tensions, extreme weather events, and economic pressures have all played a role in fuelling such deceptive practices.

Introducing a proactive framework, ISO 37003

To address this evolving threat, ISO 37003 provides comprehensive guidance to organizations on implementing a Fraud Control Management System (FCMS). It offers a structured, strategic approach for identifying, assessing, and managing fraud risks. Whether the threat arises from internal actors, external perpetrators, or collusion between the two, this new standard aims to deliver the tools to monitor vulnerabilities and respond effectively.

The standard can be used by organizations of all sizes and sectors, as it offers a flexible framework that can be adapted to diverse risk environments. It outlines key components of a fraud control management system, including methods for identifying and monitoring early signs of fraudulent activity, strategies for building resilience through robust internal controls and procedural safeguards, and mechanisms for detecting illicit behaviour that may bypass preventive measures. Additionally, it provides guidance on how to effectively respond to fraud incidents, helping organizations mitigate financial losses, repair reputational damage, and integrate lessons learned into future controls to strengthen long-term resilience.

In an increasingly interconnected world, the publication of ISO 37003 helps lay the groundwork for collaborative global efforts to reduce fraud risk and promote ethical governance.

Building a culture of integrity

ISO 37003 is about more than operational controls, it is designed to promote a culture of transparency, accountability, and integrity throughout the organization.

The guidance marks a significant milestone in global efforts to combat fraud. Crucially, the focus is on proactive anti-fraud practices, providing organizations with a clear, adaptable framework to foster a culture of integrity, transparency, and accountability.

By championing ethical conduct and robust governance, organizations can increase stakeholder trust, reduce exposure to reputational harm, and safeguard long-term value.

Complementary tools for combatting economic crime

ISO 37003 complements another key standard, Anti-bribery Management Systems (ISO 37001) which offers a framework for preventing, detecting, and responding to bribery and corruption. Together, the two standards present a coherent strategy for fighting integrity-related risks, allowing organizations to align fraud control with broader compliance and governance objectives.

This integrated approach reflects BSI’s commitment to strengthening public confidence in institutions and supporting long-term economic resilience through the responsible application of global standards.

A global effort rooted in consultation

The development of ISO 37003 was led by ISO/TC 309 – Governance of Organizations, following comprehensive global consultation and a survey of organizations from 22 countries across sectors such as finance, government, mining, forestry and non-profits. The findings revealed a pressing need for standardized guidance to improve fraud prevention and control systems globally.

The international nature of this guidance ensures it is globally applicable and sector-agnostic, allowing organizations to benchmark their fraud control efforts against an internationally recognized standard. This is especially vital in cross-border operations, where varying regulatory landscapes can pose additional challenges.

The call to action

With fraud cases escalating and new threats surfacing every day, the launch of ISO 37003 arrives at a critical moment. It is intended to serve as a rallying point for organizations to shift from reactive approaches to proactive fraud management. By implementing the guidance, organizations can better safeguard their financial and physical assets, foster a culture of ethical conduct across their workforce, and enhance their capacity to respond swiftly and effectively to incidents.

Additionally, they can turn past breaches into learning opportunities that strengthen future defences, while building and maintaining trust among customers, employees, and stakeholders.

The fight against fraud is not won with isolated actions, it requires a systemic, sustained approach, and ISO 37003 has the potential to be a vital piece of that puzzle.

‍

About BSI

BSI is a business improvement and standards company that partners with more than 77,500 clients globally across multiple industry sectors. BSI provides organizations with the confidence to grow by working with them to tackle society’s critical issues – from climate change to building trust in AI and everything in between - to accelerate progress towards a fair society and a sustainable world.