The UK's Fraud Act became law in mid-January, but experts are not convinced it will prove effective. "The Fraud Act 2006, while welcome, is likely to have little immediate effect on businesses, because its main purpose is to speed fraud cases through the courts," said John Smart, fraud partner at Ernst & Young. "It does not address the major bottleneck - a lack of police investigation resources."
However, the mechanics of the new act should make prosecuting cyberfraud easier. Previously, a victim of any alleged fraud would have to beidentified, and the value of their loss estimated. Now the intent andability of the accused to commit fraud is the central issue. The Actalso makes it illegal to possess phishing kits or any other equipmentdesigned to commit fraud - this, in theory, would include emails. Itstates that writing software "knowing that it is designed or adapted foruse in ... connection with fraud" can result in a sentence of up to tenyears.
Susan Mann, counsel, Reed Smith Richards Butler, said: "This will have abig impact on online fraud. The act is very broad and gives prosecutorsa lot of latitude. this should enable much easier prosecutions."However, Jonathan Middup, fraud director at Ernst & Young, sounds a noteof caution: "Businesses should establish fraud policies and proceduresto deal with such an event, not simply expect this new act to do the jobfor them. Very few businesses I encounter have all the pieces of thejigsaw in place, and this is part of the reason that 19 out of 20 fraudsgo unpunished."