At Nicholls Law, we offer a holistic range of services to help your business combat the threats of occupational fraud and cybercrime, including improved training, IT security, detection methods and insurance.

Offering a bespoke package of services for each client, we help lower the risks to your organisation, leaving your business safer and you with greater peace of mind.

To discuss any of our services or to find out how we can help you and your business combat economic crime, please contact us.


Nicholls Law will carry out a full assessment of possible weaknesses within your organisation. We will Review, Recognise and Recommend your next steps.

  • Review: A full overview of your companies internal processes both for staff and IT.
  • Recognise: We will pinpoint areas of vulnerability and risk that your company may have, whether internally or in the supply chain of third-party partners that you may have.
  • Recommend: A full set of recommendations will be presented to you, to help you combat the threat of a breach.

The threat of fraud is a constantly increasing headache for businesses. Nicholls Law will help steer you through the complicated landscape to ensure the safety of your business, with the knowledge that you are being guided by an established and professional law firm.


The rapid growth of economic crime – aided by the speed of technological advances – poses an increasing problem for businesses, as does the problem of fighting it.

By finding and preventing problems before they happen, businesses not only respond effectively to the challenge of economic crime but also show they are taking IT security and compliance seriously.

Nicholls Law will work with you to ensure that strategies are in place to help prevent and detect economic crime in your organisation. Although it is not possible to completely eradicate risk, with the help of the newest technology and prevention policies in place, you will be alerted to potential fraudulent activities, whether internal or external. This will help protect your business from the costs and often damaging side effects of undetected fraud.


One of the easiest ways a business can defend itself against economic crime – and particularly cybercrime – is to be fully informed of the potential risks and strategies. This is why we offer three elements of cyber security training for our clients:

1) Cyber Essentials Accreditation: The government-recommended Cyber Essentials has been developed to help businesses combat cyber threats by implementing a minimum level of technical security, with official accreditation soon to be a mandatory requirement for doing business.

Nicholls Law will help you become Cyber Essentials-accredited, showing your customers and suppliers the responsible steps you have taken to reduce cyber threats in your business.

2) Risks and Responses Training: By fully understanding the potential risks leading to a cyber attack, ranging from the technical to the human factors, you can keep your business better protected against a cyber criminal. We can help you learn about those potential risks, as well as the possible responses you can follow if an attack does occur, leaving you more aware of best practice and your business more secure.

3) Cybercrime Awareness Training: When it comes to cybercrime, the better informed your employees, the lower the risk to your business.

Nicholls Law provides an in-house awareness programme for you and your staff, encouraging best practice both in the workplace and at home. Our training helps attendees understand:

  • How cyber attacks happen
  • Why your business is a target
  • How to spot social engineering
  • Basic dos and don’ts to follow at work, home and when travelling.


When a cyber breach or fraud is discovered in your business, you must act quickly and comprehensively to avoid exposure to greater liability.

We will work with you to create an Incident Response Plan to follow in the aftermath of the discovery, helping you to:

  • Mobilise the Incident Response Team
  • Secure your systems and ensure business continuity
  • Conduct a thorough investigation
  • Manage public relations
  • Address any necessary legal and regulatory requirements
  • Address potential liability

With our assistance, you can be sure that your business is fully prepared to mitigate any risk of further damage or loss of data, and deal with any legal or regulatory consequences of the incident.


Just as important as the initial implementation of your procedures against economic crime, periodic reviews test your systems to ensure that your business continues to remain secure and compliant with regulation.

Nicholls Law can administer a periodic review of your procedures, providing your senior management with the independent assurance that security controls are in place and functioning correctly.

Our periodic review will also highlight any controls that are not working, helping you to improve them and eliminate security weaknesses from your system.


Upon detecting a fraud or a breach of your IT systems, it is vital to act quickly in order to prevent further loss. The period immediately following an incident is referred to as the “Golden Hour”, during which anything that happens will have a significant impact on the prospects of recovering money or stolen data.

An incident response plan is vital for a business to take immediate action following an incident. Without one in place, management will not know what to do or which way to turn, losing both vital time and the opportunity to minimise losses.

Nicholls Law will provide your organisation with urgent practical advice on what to do if you experience a fraud, as well as guidance in investigating the incident effectively. These strategies will help:

  • Prevent further loss and recover losses that have been made
  • Establish and secure evidence necessary for criminal and disciplinary action
  • Notify the relevant authority, funding body and/or Police (if applicable)
  • Establish circumstances in which external specialists will be involved
  • Punish the culprits
  • Review the causes of the incident, the measures to prevent a recurrence and strengthen future responses to fraud and cybercrime
  • Keep all relevant personnel suitably informed of both the incident and your organisation’s response.


Every business needs to be fully insured against the potential financial, legal and reputation damages that come from falling victim to economic crime. This cover is vital to your organisation, as:

  • Cyber crime is the most common global crime, yet most standard business insurances will not cover losses following an attack
  • Data (one of the most important assets for a business or individual) is not covered by a standard business insurance policy
  • If any third party data is lost or destroyed, you or your business could be held liable
  • If credit card data is lost, you could face severe penalties, as well as time and money spent complying with breach notification laws
  • Standard business interruption insurance does not cover the downtime of systems which are critical to your daily business
  • Your organisation’s public image is enhanced if it is insured, and damaged if it is not
  • Social media now plays a key role in exposing uninsured businesses, causing untold reputation damage
  • The use of portable devices has increased data loss and theft, with small businesses facing the same risk as large corporations when it comes to hacker attacks.