UK plans laws to protect company directors from ID theft

Company directors are among the most targeted groups for identity theft, prompting the UK to introduce laws aimed at protecting them from this growing problem in the digital era.

The laws will make it easier for directors to remove their personal addresses from the company register while ensuring transparency at Companies House, the UK registrar of companies. Directors will still be required to provide their business address.

Research has shown that company directors are twice as likely to be victims of identity fraud than any other group of individuals, according to research by fraud prevention organisation Cifas. The research shows that one in every five fraud cases involves a company director.

In 2013, Cifas identified the fraudulent use of stolen or fictitious identity details as one of the biggest fraud threats, and in 2017 it reported that identity fraud had increased at a record rate in the first half of the year, reaching “epidemic” levels.

Cyber criminals routinely use publicly available information to pose as company directors to commit fraud and other crimes. The government has also raised concerns that as long as directors’ home addresses are available publicly, they could by exposed to violence and intimidation.

The vast majority of identity fraud happens when a fraudster pretends to be an individual to buy a product or take out a loan in their name. Often, victims do not even realise they have been targeted until a bill arrives for something they did not buy or their credit rating falls, said Cifas.

The government said the planned protection is aimed at helping to ensure that people feel safe when setting up a new business and that the UK continues to be one of the best places in the world to start a business, which is a key part of the government’s Industrial Strategy.

The laws to help protect company directors from identity fraud and personal harm are being introduced by the government today (22 February) and are expected to come into force by the end of the third quarter.

Business minister Andrew Griffiths said the new laws will protect new and existing business owners from potential harm and identity fraud, while ensuring the UK maintains high standards of corporate transparency.

“Under the new laws, directors can replace their personal addresses with an alternative one, such as a company address, where they can be contacted to ensure companies meet their legal requirements,” he said.

Currently, personal addresses can be removed only when Companies House and the relevant authorities judge that there is a serious risk of violence or intimidation because of the company’s work.

The new laws will also ensure transparency in legal information as public authorities such as the police, the Insolvency Service and the Pensions Regulator will still be able to access directors’ information.

The new laws coincide with the publication of a PwC report that shows UK organisations are facing increasingly complex and costly incidents of fraud partly because of increasing cyber fraud, yet few are making use of the anti-fraud technologies available.