The arrival of the Economic Crime and Corporate Transparency Act 2023 (ECCTA) marks a significant step in the UK’s effort to tackle financial crime. The Act introduces new requirements for transparency, accountability and corporate responsibility.
While not aimed specifically at pensions, the Act - which came into force on 1 September 2025 - has clear implications for schemes and trustees, with the new “failure to prevent fraud” offence and enhanced corporate reporting rules bringing trustees under closer scrutiny.
The Act reinforces the need for transparency, identity assurance and demonstrable controls, areas where digital tools can help schemes modernise, close process gaps and build member trust.
Fraud now accounts for over 40 per cent of all recorded crime in the UK, with total losses exceeding £2.3 billion in the last year according to the National Fraud Intelligence Bureau. The Money and Pensions Service reports that one in six UK savers has been targeted by pension fraud and many more have received phishing or scam communications related to their schemes.
While external cyber-attacks have attracted headlines in recent months, with high profile breaches reported at M&S and Co-op amongst others, internal vulnerabilities are just as concerning.
Data accuracy, manual data handling, reliance on paper forms and unverified member communications all create points of failure. If a fraudster intercepts a bank change form or impersonates a member using outdated ID checks, the loss can be immediate.
The Pensions Regulator has repeatedly warned that accurate and verified data is essential to protecting members. Data errors not only weaken a scheme’s fraud defences but also undermine its ability to comply with ECCTA and other governance expectations.
Fraud thrives where data is incomplete or out of date. Errors in member records make it harder for administrators to verify identities and spot anomalies, leaving schemes more vulnerable to fraudulent activity.
Findings from Heywood’s Pension Pulse report highlight the scale of the challenge. Analysis of over three million member records showed that nearly one in ten addresses were inaccurate and over one in fifty pensionable members were deceased but unreported. These discrepancies create real financial exposure, from continued payments to deceased members to the risk of fraud and data misuse.
Regular data cleansing and mortality screening are critical steps in closing these gaps. Cleansing improves the reliability of identity checks, ensures communications reach the right people and reduces opportunities for fraudsters to exploit inactive or misdirected records.
A clean data set strengthens every subsequent security measure, from ID verification to member communications, by ensuring the information those systems rely on is trustworthy.
Once data integrity is assured, digital verification tools and secure communication channels add essential layers of protection.
Electronic ID verification (EIDV) and bank account validation allow schemes to confirm a member’s identity and financial details in real time, removing the need for manual verification. Photo ID, biometric checks and live database cross-references help confirm that each transaction request is genuine.
Heywood Engage integrates these tools like EIDV directly into member interactions, verifying details automatically whenever a change of address, transfer request, or payment instruction is made. This creates stronger barriers to fraud and provides an auditable record that demonstrates compliance with ECCTA’s “reasonable procedures” requirement.
Equally important is how schemes communicate with members. Email is becoming an increasingly popular and effective channel for secure engagement, provided it’s managed within a controlled, verified environment.
Meanwhile, Heywood Video Engage offers an additional layer of security by delivering personalised financial updates and statements within a secure portal. This ensures members access information safely, without relying on potentially compromised email attachments or postal correspondence. Clear, transparent communication protects data and helps members recognise and trust official messages.
Fraud prevention in pensions requires joined-up thinking. Verification, validation and secure communication must all work together within a single digital framework.
Schemes that take this holistic approach are far better equipped to demonstrate compliance with the Economic Crime and Corporate Transparency Act and to safeguard members from harm.
With the Act now in force, the onus is on schemes to improve data accuracy, streamline processes and strengthen member relationships.
Schemes that adopt secure digital tools and clear communication practices will not only meet their legal obligations but will also reinforce trust.
As pensions turn increasingly digital, preventing fraud is both a duty and a differentiator.
The schemes that succeed will be those that embed verification, validation and secure communication at the heart of their digital strategy and protect members, their data and their reputation in the process.