Academies Plus – April 2025

17 April 2025 / Insight posted in Academies Plus

Welcome to our April 2025 edition of Academies Plus (A+), Moore Kingston Smith’s newsletter specifically created for academies and multi-academy trusts.

In the weeks leading up to this new edition of Academies Plus, news had been filtering out that sector leaders were highlighting significant financial concerns around the 2025/26 school year. Funding allocation letters had been dropping through letterboxes (probably metaphorically these days), containing increases that won’t cover the forecast cost increases for 2025/26 – and therefore, more deficit budgets are likely.

Crude numbers are that a 2.2% increase will be applied to school funding at the same time as costs are anticipated to increase by 3.6%. But a very large fly in the ointment is that over half of that 2.2% increase applies to pay increases before 2025/26, so the funding gap for next year is even larger.

Then, on 26 March, the Chancellor held a Spring Statement – much trailed, but still, by and large, a disappointment to most in the education sector, as it included little directly aimed at school funding and plenty to suggest belt-tightening measures for government departments are on the horizon.

At the same time, the education sector is dealing with cost pressures from unrelenting growth in demand for SEND provision, a new Ofsted regime, an impending Schools Bill, lagging building maintenance, challenging school discipline, ever expanding safety and security concerns, and high staff turnover levels.

It is particularly worrying from a social perspective to see reports of class inequality widening, high levels of unexplained pupil absences and increasing concerns over pupil behaviour. Schools have found themselves dragged into social issues that should, by rights, be nothing to do with children – and yet the issue of mobile phones in schools, concerns over male toxic culture, and divisive debates over trans rights are all presenting many school leaders with daily problems to deal with and wider policy approaches to manage.

All of these ‘non-financial’ matters of course, do end up having an impact on the pounds and pence, and it is no surprise that, in having to do more with less, the overall financial impact on the academies sector has been negative. It is disconcerting from a financial perspective to see that the most recent sector figures show that more trusts moved into deficit in the most recent reporting period (although there is a perverse extra statistic at play, in that the small number of better-off trusts at the other end of the scale appear to have become even more better off).

It is also a grave concern as an auditor, to see the education sector targeted by cybercriminals and fraudsters. Schools and academies hold sensitive data and are generally short of time and resources to ensure the most current and effective antifraud measures are in place. This means that they are consistently in the higher-risk category of organisations targeted by cybercriminals – and when you factor in the astonishing pace of change in cybercrime, this becomes an issue that must feature at the top of every trust’s risk register and demand (unfortunately) a high degree of attention.

There is also significant press coverage around rising senior pay in the sector, with articles in the mainstream and national media, as well as sector specialists criticising what is portrayed as excessive senior remuneration. Particularly illuminating are the statistics published by Schools Week in a March 2025 article, where they pro-rated CEO pay on a per pupil basis – this revealed that the figure varied from less than £5 to over £180 per pupil. In one outlier case, the figure reached a staggering £320 per pupil. For many familiar with extreme executive pay levels in the commercial sector, the growing gap between CEO pay and ‘the rest’ — along with commentary including phrases like “gravy train”, is an unwelcome development.

As an auditor looking in from the outside, the numbers in the academy sector just aren’t adding up. Less money for schools – much, much less money – with increasing costs and pupil numbers becoming more challenging to manage (since they are both increasing from the independent sector and decreasing from a declining birth rate) is making life very difficult for academy leaders. We have been saying for some years that the 2024/25 financial year for academies was going to be challenging and in the event, it was quite difficult, but honestly, 2025/26 looks excruciating.

Please get in touch if you would like to discuss any of the articles in more detail.

Back to top

Academies Accounts Direction 2024 to 2025

The Academy Accounts Direction (AAD) 2024-25 will apply to accounting periods ending on 31 August 2025 and was published on 26 March 2025 in line with last year’s timeline and as planned by the Department for Education (DfE). The AAD is used by academy trusts, their auditors and reporting accountants to prepare and audit financial statements for the accounting period ending on 31 August and is updated annually.

Read about the changes

Employment law changes: Are you ready?

By Donal Moon, Employment Law Adviser, Moore Kingston Smith HR Consultancy

The coming 24 months will bring significant employment law changes that will have a major impact on academies, trusts, and the education sector as a whole. These changes will encompass various aspects of employment, including wages, working conditions and employee rights.

Below is a list of key areas with various law changes.

Prevention of sexual harassment

From 26 October 2024, employers have been required to take reasonable steps to prevent sexual harassment, including by third parties. The government intends to make this obligation even stronger, making it a duty to take ‘all’ reasonable steps to prevent sexual harassment, and expressly adding third-party harassment on the basis of any protected characteristic into the statute. It is being predicted by some commentators that the reintroduction of the third-party harassment provisions will happen as earlyas October 2025.

The remaining changes are currently not expected to happen until 2026, although employers should watch for developments. Employers will be required to protect staff from a range of individuals.

For academy trusts, this will include parents, pupils, contractors, and visitors. They will need to ensure that they take action to prevent and deal with alleged harassment in line with safeguarding procedures.

National Minimum Wage

The National Minimum Wage for workers over 21 rose to £12.21 in April 2025, with larger increases for lower age groups as the government begins the process of creating one National Minimum Wage for all.

Employers must pay the new rates and may experience upward pressure on wages across lower-paid salary bands as wages are raised across the economy, while also experiencing further cost pressure from other factors such as rising employer National Insurance costs.

Neonatal leave and pay

From April 2025, employees are entitled to:

  • up to 12 weeks of neonatal leave from day one of employment if their newborn requires hospital care for at least seven days, and;
  • neonatal pay after 26 weeks continuous service.

Trusts should update contracts, handbooks, and policies to accommodate the new rules and have robust workforce planning in place. Accommodating these new rights without compromising the teaching curriculum will be a challenge.

The Employment Rights Bill

The Employment Rights Bill was introduced to Parliament on 10 October 2024 and contains some 28 worker-friendly changes to employment law.

The majority of changes within the Employment Rights Bill are expected to take effect in 2026. However, the Bill is progressing quickly, and, on 12 March 2025, the House of Commons passed the Bill and sent it to the House of Lords for debate and potential amendment. Given the speed at which the Bill is progressing, some commentators are predicting that certain elements may come into force as early as October 2025 – particularly the ban on fire and rehire, the reintroduction of employer liability for third-party harassment, and the extension to tribunal time limits.

This article provides a summary of the key changes employers should be aware of.

Extension to tribunal time limits

The time limit for bringing most tribunal claims is three months. This will rise to six months, which may lead to a heightened risk of tribunal claims as employees will have more time to prepare, seek legal advice, and plan for litigation.

Day one rights to claim unfair dismissal

The law will change that allow employees to make a claim from day one of their employment. Employers will therefore need to ensure redundancies are genuine and follow fair processes for all staff, including employees with less than two years’ service, which is not currently the case.

Employers will be able to use fair and transparent probationary periods to assess the suitability of new hires. However, the government has indicated a preference for a nine-month statutory probation period, including clear, and communicated objectives and the ability to appeal decisions made during probationary periods. During the probationary period, it is envisaged that a lighter touch approach to dismissal can be adopted.

Day one family rights

Paternity leave and unpaid parental leave will become day-one rights. Pregnant employees and those returning from family leave will receive additional protection against redundancy for six months post-return. Trusts should update policies and prepare for increased leave requests.

Other key areas with changes to the law

Changes to Statutory Sick Pay (SSP)

SSP will be available from the first day of sickness, and the lower earnings limit will be abolished. Academies should review sickness absence policies and budget for increased SSP costs.

When this provision is enacted, the government will ensure SSP is available to approximately 1.3 million low-wage workers, who will receive 80% of their average weekly earnings or the current SSP rate, whichever is lower.

Flexible working

Employees will continue to have the right to request flexible working, and employers will continue to have the right to reject requests for reasons allowed by statute. However, employers must be able to show that it was not practicable to allow a request if they wish to reject it. They will also need to include flexible working options in job adverts where appropriate to the role.

Trusts should consider how they will manage increased requests for atypical working arrangements while ensuring that curriculum delivery is not compromised.

Zero-hours contract

Employers will need to offer staff on zero-hours or low-hours contracts a more stable arrangement based on actual hours worked over a reference period, expected to be 12 weeks. To avoid the emergence of any potential loophole, agency workers engaged on zero-hours contracts will also have the right to be offered guaranteed hours by the end user (e.g. the school or trust) to reflect the hours worked during a reference period. There will be provisions requiring employers to provide reasonable notice of shifts, changes, or cancellations and compensation for cancelled shifts.

Trusts using casual staff, such as exam invigilators or cover supervisors, should consider the impact that these changes may have on their business model in preparation for the changes.

Tackling non-compliance in the umbrella company market

Responding to a consultation by the previous government, the current government has said that it intends to amend the Employment Rights Bill to ensure that workers will have comparable rights and protections when working through umbrella companies as they would with direct recruitment agencies. Enforcement action will be taken against non-compliant umbrella companies.

Strengthened trade union rights

The Employment Rights Bill will enhance trade union rights, potentially leading to increased union activity and industrial action in academies. The previous government’s anti-union laws will be repealed and the legislative framework for trade unions will be updated to make it easier for unions to be recognised, organised, recruit and represent members.

Trusts should prepare to deal with increased requests for Union recognition and, where unions are recognised, establish clear communication channels with staff and unions.

Collective redundancy consultation

The threshold for collective redundancy consultation (20 employees) will change to apply across an entire workforce rather than each workplace location. The government will increase the maximum period of the protective award from 90 days to 180 days and issue further guidance for employers on consultation processes for collective redundancies. This aims to deter employers from ignoring consultation obligations and ensure it is not financially beneficial to do so.

Fire and rehire restrictions

Employers will need to prove that firing and rehiring on less favourable terms is essential for future financial viability and that they conducted a fair consultation prior to firing and rehiring. The penalty for failure to inform and consult will double from 13 weeks gross pay per affected employee to 26 weeks gross pay per affected employee.

Plans to introduce the right to apply to tribunals for interim relief have been abandoned – at least for the time being.

Equality

Employers will need to prove that firing and rehiring on less favourable terms is essential for future financial viability and that they conducted a fair consultation prior to firing and rehiring. The penalty for failure to inform and consult will double from 13 weeks gross pay per affected employee to 26 weeks gross pay per affected employee. Plans to introduce the right to apply to tribunals for interim relief have been abandoned – at least for the time being.

School Support Staff Negotiating Body (SSSNB)

The restoration of this body, which aims to improve terms and conditions for school support staff, may lead to increased pressure on trusts – financial and otherwise – to offer better terms in order to retain staff, while experiencing pressure on wages and benefits budgets due to rising costs.

Other changes outside of the Employment Rights Bill

Additional developments include a new statutory code of practice giving employees the right to disconnect, although recent news indicates that this may not now proceed. Other areas for consideration include a review of worker status with a view to merging the statuses of worker and employee into one status of worker, which would carry all employment rights.

Preparing for change

By keeping up to date, planning ahead, and making necessary changes, academies can navigate these fast-moving legal developments effectively.

Academies that are part of multi-academy trusts should consider whether these legal challenges should be addressed by a central HR team or on a school-by-school basis.

AI landscape and investment: What does this mean for schools?

By Jared Goodrich, Senior Manager, Digital Transformation, Moore Kingston Smith

The field of Generative AI is advancing at an unprecedented pace. While progress once unfolded over months or even years, new techniques and models are now being released in a matter of days. Assumptions made about AI just one year ago are quickly becoming outdated.

Enormous sums of money are being invested in Generative AI, from governments to companies funding nuclear power stations and data centres. Leading sector players including OpenAI, Google, and Anthropic, are now joined by a growing opensource community. Notably, DeepSeek-R1 is one such model from the open-source community that has been making waves in the news in recent weeks, matching the performance of frontier models.

AI systems are now outperforming highly trained professionals, PhD students, and even doctors, at their own game. For instance, a recent medical diagnostics study, Large Language Model Influence on Diagnostic Reasoning: A Randomized Clinical Trial, found that an AI model achieved 92% accuracy in complex case evaluations, compared to 74% by a doctor. While this study was limited to only one aspect of the job, the implications are clear: with the right framework, AI can handle data-intensive tasks better than human experts. In schools, AI could help finance teams and administrators analyse large volumes of financial, attendance, and scheduling data to support decision-making.

Despite these impressive advancements, integrating AI into daily workflows has been slower than many anticipated. For most users, especially in school settings, AI functions primarily as a simple copilot, rather than a fully autonomous intelligent agent. Whilst there is largely a consensus that AI represents the future of work, a recent RAND report, The Root Causes of Failure for Artificial Intelligence Projects and How They Can Succeed: Avoiding the Anti-Patterns of AI, shows that more than 80% of AI projects fail. This demonstrates the need for robust frameworks and realistic implementation strategies.

Reasons for limited impact

The most prominent limitation of Generative AI is hallucinations. This is an important concept and is when AI fabricates incorrect information which should prevent users from relying on the output. In newer models where AI can implement advanced multistep reasoning, occurrences of hallucinations tend to be reduced and are more reliable. As AI advances, this trend will continue. In addition, various techniques can further reduce hallucinations – for example, granting AI access to tools such as web searches can help ground responses in factual data.

A thought-provoking question emerges: do Large Language Models (LLMs) need to completely eliminate hallucinations, or is it sufficient for it to outperform the most accurate humans? Dave Van Veen, a PhD candidate in Stanford University’s Department of Electrical Engineering says, “It turns out that humans also get things wrong sometimes and that the best [AI] model, whilst not perfect, produced fewer instances of fabricated information than even human medical experts. Far from introducing inaccuracies, LLMs could end up reducing fabricated information”. Further information can be found in this study from Stanford University: AI can Outperform Humans in Writing Medical Summaries.

Another key consideration is the AI’s context window size, which determines how much information it can hold in working memory at once. In practice, everyday tasks require far more information than we might realise. Even replying to a single email can involve recalling numerous details; this might mean juggling budget lines, payment schedules, staff payroll records, and vendor contracts all at once. While techniques such as Retrieval-Augmented Generation (RAG) can help by selectively retrieving and passing only the relevant context to the query to the AI, they are not without their drawbacks. Schools must still develop a robust data strategy for effectively gathering, organising, and supplying the information AI requires.

Data privacy remains a major concern for schools and commercial organisations alike. There is also the question of whether schools should grant AI access to all of their sensitive data, and if they do, is that data being used to train AI? There are solutions to this problem, including the use of open-source models, which allow you to host these models locally, ensuring your data stays on school premises and securely under your control.

Putting the right framework in place

Limitations can be addressed by having the right framework and tools in place. One such framework is OpenAI’s Deep Research, which uses multi-step reasoning and web search to produce comprehensive, in-depth reports. The following highlights an example of an output generated on the topic of AI detection in schools: AI detection in schools.

Recognising that organisations, particularly those like schools handling sensitive data, need practical and secure ways to implement such frameworks, we at Moore Kingston Smith have developed our own Generative AI platform. Our focus has been squarely on harnessing the latest AI advancements while ensuring data security and output quality remain paramount.

Looking ahead: The year of the Agentic AI

2025 is expected to be the year of Agentic AI, which are intelligent systems that operate autonomously. These advanced AI systems can solve complex problems, plan tasks, and execute them without human intervention.

While tools such as the OpenAI Operator are not yet fully autonomous or production-ready, they offer a glimpse into the future. Schools will be able to adjust learning materials to cater to individual student needs, manage the logistics of school events like field trips with minimal human oversight, and handle the administration such as policy generation.

The use of AI is here to stay; it’s only a matter of how and when it will be adopted in schools.

Safeguarding education: Addressing cyber threats to academies and the broader sector

By Richard Jackson, Data Protection Officer, Moore ClearComm

Schools in the UK are responsible for processing the data of approximately 16% of the national population. This makes the sector a very attractive target for cybercriminals, and this is unlikely to change in the future. Therefore, the education sector must continue to focus on cyber security and data protection best practice.

The National Cyber Security Centre (NCSC) recently shared the following cyber security data in relation to the education sector in their report: Cyber security breaches survey 2024: education institutions annex.

Prevalence and impact of cybersecurity breaches and attacks

The below highlights the percentage of organisations that have identified breaches or attacks in the last 12 months:

Cyber security breaches survey 2024 -education institutions annex

Source: Cyber security breaches survey 2024: education institutions annex

  • Primary schools have a cyber attack likelihood similar to that of typical commercial businesses due to several factors: the sensitive data they handle, common attack methods, and the shift to digital platforms. In fact, 52% of primary schools identified a breach or attack in the past year.
  • Higher Education institutions are more likely to be affected by cyber attacks, with 97% identifying a breach or attack in the past year. This is due to several factors: the increased volume and depth of financial data; involvement in research projects, which often include intellectual property (IP) – a valuable and attractive commodity for cybercriminals; and a university culture that encourages proactive collaboration and information sharing as a vehicle for research and innovation. As a result, staff or students may be more likely to share information without due diligence.
  • 71% of secondary schools identified a breach or attack in the past year.
  • 86% of Further Education colleges identified a breach or attack in the past year.
  • All other types of educational institutions are more likely to have reported cyber security breaches or attacks in the past 12 months compared to the average UK business.

Academies and multi-academy trusts (MATs) must consider the additional scope and complexity of defending a technical infrastructure across multiple sites, which may have inconsistent data protection and cyber security measures in place, in order to remain secure.

Education threat landscape

The NCSC data for 2024 shows similar results to 2023, evidencing that the attack trend on education continues unabated. As a comparison to all UK business, education is clearly a more appealing target for cybercriminals.

Why education?

The education sector processes and stores the most sensitive and high-value personal data across a variety of platforms and repositories. Therefore, sophisticated cybercriminals will seek to (and subsequently withhold, as part of a ransomware attack) access systems and resources such as:

  • financial systems;
  • intellectual property;
  • student coursework;
  • student personal data;
  • cloud services;
  • MIS/SIMS database.

In essence, academies (particularly MATs) represent a ‘perfect storm’ for cyber criminals, with the following three issues combining to make the sector a very attractive target:

  1. Large volumes of personal data
  2. Inadequate security provisions
  3. Lucrative rewards

In addition, the seasonality of school terms/closure periods has long been a factor in cyber attacks on the sector. Attackers will deliberately launch attacks during periods when there is:

  • increased pressure on staff;
  • reduced diligence and focus;
  • reduced resources and/or staffing;
  • shutdowns/closures/skeleton staffing;
  • especially busy or distracting periods.

This therefore manifests in the form of cyber attacks during these key periods:

  • Half term(s);
  • Summer holidays;
  • Christmas holidays;
  • a first or final week of term.

The seasonality of cyber attacks on schools is reflected in the Lancaster Royal Grammar School case study (final section of this article).

Common types of attack

Attacks on academies and MATs take the form of six specific types and varying objectives, which will either seek financial gain (the most common objective) or aim to disrupt operations in a variety of ways such as:

  • phishing and social engineering;
  • viruses, spyware, or malware;
  • denial of service (DoS) attack;
  • unauthorised access;
  • ransomware;
  • business email compromise (BEC).

Budgetary constraints

The NCSC survey identified budgetary trends, and received feedback from schools that would suggest most remain committed to investing the same amount of money to cyber security as in previous years.

However, the feedback comments from some schools suggest that funding and restricted budgets were a concern, which makes it difficult to increase their investment in cyber security. In face of new and emerging cyber threats, such as the use of AI in phishing attacks, this is a major concern.

One interviewee said that the economic conditions have meant that they must be more reactive to attacks, rather than being proactive investing in cyber security to prevent attacks happening in the first place:

“Basically, nobody’s got any money so it’s about being reactive rather than proactive.”
Secondary School

An interesting observation on most schools’ appetite to invest money in cyber security comes from Brett Callow (Cyber Security Analyst):

“Spending money on cyber security is rarely politically popular in schools – and they often don`t know where to spend the money either.”

If true, it will be essential for academies and MATs not only to allocate an adequate budget for cyber security measures, but also to ensure experienced guidance is sought in respect of how best to invest that money to achieve effective results.

Awareness: The essential first step

The first step for all leadership teams within MATs is to accept that a cyber attack will occur sooner or later.

On that basis, they must acknowledge that the following three steps will be essential to a) reducing the chances of a successful attack, and b) recovering effectively once an attack occurs:

  • understanding of the implications that any cyber event will bring with it;
  • invest in adequate and appropriate technical defences;
  • invest in the human elements of cyber awareness that will help staff to:
  • maximise the chance of identifying a cyber-attack is occurring; and
  • develop a collective culture of privacy and security over time.

Case studies

Blacon High School (Chester) – BBC News Story

  • School closed immediately on 17 January 2025, for two days.
  • Suffered a suspected ransomware attack – email system was offline for one week.
  • School reopened on 27 January, with phone systems remaining offline.
  • Notification was given to the Information Commissioner’s Office (ICO), the Department for Education, and the Police.

Lancaster Royal Grammar School – BBC News Story

  • Ransomware attack detected on 16 July 2024, after the IT department “noticed something peculiar on the system”.
  • Attack took place the day before the school broke up for the summer holidays.
  • Staff spent the summer holidays rebuilding the entire school IT system.

Fylde Coast Academy Trust – BBC News Story

  • Blackpool-based MAT subjected to ransomware, which infected the organisation’s IT infrastructure and resulted in limited accessibility to systems in September 2024.
  • Not known if ransomware was used to demand cash from schools or academies belonging to the MAT.
  • Several days elapsed before services restored to schools in the MAT.
  • All ten academies in the MAT (including high schools and primary schools) were affected.
  • They all reverted to non-IT based processes during the attack impact period.

Conclusion

The education sector in the UK, responsible for processing the data of approximately 16% of the national population, remains a prime target for cybercriminals. The prevalence of cyber attacks, as highlighted by the National Cyber Security Centre’s 2024 report, underscores the urgent need for robust cyber security measures across all educational institutions.

To mitigate risks, educational institutions must allocate adequate budgets for cyber security, seek expert guidance on effective investments, and foster a culture of privacy and security. Awareness and proactive measures are essential to reducing the chances of successful attacks and ensuring effective recovery when they occur.

By embracing these strategies, the education sector can better safeguard its valuable data and maintain the trust of students, staff and the broader community.

Videos

We have a number of videos ranging from webinars, panel debates and short discussions to help navigate you through the issues facing the nonprofit sector.

Webinars thumbnail
Panel discussions thumbnail
Charity Chats thumbnail

Download the newsletter

Contact us

Get in touch

How did you hear about us?

reCAPTCHA