New AS 8001 Fraud and Corruption Control standard in the pipeline

Australian Standard AS 8001 Fraud and Corruption Control has been accepted as the benchmark for best practice in fraud and corruption control in Australia since 2003. For many Australian organisations across all sectors, AS 8001 is their primary source of guidance for preventing and detecting fraud and corruption, and for responding to incidents if and when they occur.   

A ‘Public Comment’ draft for a revised AS 8001 was issued by Standards Australia on 27 May and will be open to public comment for nine weeks. The new standard will replace the current iteration that was released in 2008. Major changes to the current version include:

  • Introduction of the concept for minimum ‘requirements’ – the new standard, as drafted, stipulates that organisations ‘shall’ do certain things in order to comply with the standard rather than the currently used expression ‘should’.
  • Introduction of ‘normative references’ – other Standards issued by Standards Australia, ISO or IEC must be complied with in order to comply with AS 8001.
  • Updated definitions for fraud / corruption – notably to include conduct that is not necessary illegal
  • Updated guidance – relating to preventing, detecting and responding to external attack particular cyber-born attack.
  • Inclusion of a requirement for an ‘Information Security Management System’ – consistent with ISO / IEC 27001 Information technology – Security techniques – Information Security Management Systems – Requirements.
  • Upgraded guidance on – the role of ‘Governing Body’ and ‘Top Management’ of organisations in controlling the risks of fraud and corruption.
  • Introduction of the concept – ‘pressure testing’ for internal control systems.
  • Upgraded guidance – relating to whistleblower protection and misconduct reporting channels.

Following the completion of the public comment period on 29 July 2020, the standard will proceed to working group adjudication of public comments, final editing and Standards Australia quality assurance. The revised standard would likely be released in either late 2020 or early 2021. A copy of the standard is available at: 

Comments on the draft standard can be posted on the same site via the ‘make a comment’ button.  Public comments will close on 29 July 2020.

McGrathNicol will host an ‘FCX’ webinar on the public comment draft on Wednesday 17 June 2020. If you would like to register in advance, please contact McGrathNicol Financial Crime Exchange at