Fraud poses significant legal, financial, and reputational risks for organizations. The FBI’s 2025 Internet Crime Report highlights over $16 billion in losses due to internet-related crimes, including phishing, extortion, and personal data breaches. ISO 37003, published in May 2025, provides guidelines for managing fraud risks through prevention, detection, response, and evaluation. Effective fraud control systems help organizations comply with legal standards and mitigate liability. ISO 37003 can integrate with other ISO standards to create a comprehensive Governance, Risk, and Compliance framework, aiding organizations in safeguarding against both internal and external fraud.

On 24 April 2025, the revised version of UNE 19601 Standard on Management System for Criminal Compliance was published, replacing the previous version from 2017. UNE 19601 is the reference standard in Spain for implementing a criminal compliance management system and it covers the requirements of the Spanish Penal Code as well as international standards in the field.
The general approach of the initial version is maintained, although modifications have been introduced to adapt it to regulatory changes (primarily, those in the Spanish Penal Code and whistleblowing management standards) and international standards of recent years (such as ISO 37301:2021 or ISO 37002:2021).