Shifting sands in the UK’s corporate crime landscape

March 2025  |  FEATURE | FRAUD & CORRUPTION

Financier Worldwide Magazine

March 2025 Issue

On 6 November 2024, the UK government published its guidance on the new ‘failure to prevent fraud’ (FTPF) offence, which was introduced in the Economic Crime and Corporate Transparency Act 2023 (ECCTA).

In 2022, the UK government undertook an assessment of corporate criminal liability in the UK, following which it asked the Law Commission to carry out a review of the relevant law and to present a set of options for reform. The assessment was set against a backdrop of growing concern that the UK was falling behind globally in adequately holding corporate entities – especially large companies – to account for economic crimes, including fraud.

The Law Commission published its options paper on 10 June 2022, in which it proposed that the government introduce a new FTPF economic crime offence designed to widen the scope for effective corporate criminal liability in the UK. The FTPF offence was enshrined into law the following year through the introduction of ECCTA.

The FTPF offence is modelled on similar existing offences for ‘failure to prevent bribery’ and ‘failure to prevent the facilitation of tax evasion’. It is intended to hold certain corporate entities criminally liable for fraud committed by their associates, unless they have reasonable procedures in place to prevent fraud. The government’s intention is to foster an anti-fraud culture within organisations, drawing parallels to the failure to prevent bribery legislation enacted in 2010.

Under the FTPF offence, a company can be held criminally liable if an employee, agent, subsidiary, or other ‘associated person’ commits fraud intended to benefit the company, and the company lacked reasonable fraud prevention procedures. In some cases, this offence also applies if fraud is committed to benefit a client, regardless of whether directors or senior managers were aware or involved.

The offence complements existing laws, meaning the individual who commits the fraud can be prosecuted for their actions, while the organisation faces prosecution for failing to prevent the fraud. Instances of such fraud might include dishonest sales practices, withholding critical information from consumers or investors, or engaging in deceptive financial market activities.

The government’s intention is to foster an anti-fraud culture within organisations, drawing parallels to the failure to prevent bribery legislation enacted in 2010.

‘Large organisations’ are liable under the FTPF offence if they fail to prevent an associated person from committing a specified fraud offence, where the fraud was intended to benefit, either directly or indirectly, that entity or any person to whom, or to whose subsidiary undertaking, the associated person provides services on behalf of.

The subsidiary of a large organisation, which is not itself a large organisation, can also be held liable if it fails to prevent fraud committed by an employee of the subsidiary where the fraud was intended to benefit the subsidiary.

Large organisations are classified as such if they meet at least two of the following criteria in the financial year of the organisation that precedes the year of the fraud offence: (i) more than £36m turnover; (ii) more than £18m in total assets; or (iii) more than 250 employees. These criteria apply to the whole organisation, including subsidiaries, and turnover includes the turnover of a parent company’s subsidiary undertakings.

The FTPF offence is a ‘strict liability’ offence, whereby the prosecution does not need to prove any awareness, intention or knowledge on the part of the entity involved. But there is a full defence if the relevant organisation can show that, at the time the base fraud offence was committed, it either had in place such prevention procedures as it was reasonable in all the circumstances to expect the body to have in place, or it was not reasonable in all the circumstances to expect the body to have any prevention procedures in place.

It is anticipated that the latter defence will be a harder test to satisfy in many cases, though it could potentially be relied on by a parent company if the organisation’s structure is such that the parent company cannot realistically establish fraud controls within the subsidiary.

An entity will not commit an FTPF offence if the body itself was, or was intended to be, the victim of the fraud offence.

The FTPF offence will come into effect after a nine-month implementation period, starting from 1 September 2025. That means organisations have just months left to assess, enhance and implement reasonable and proportionate policies, procedures and systems and controls to detect and prevent a wide range of fraud offences.

Those firms deemed to be in scope of the FTPF offence must take steps to ensure their processes and procedures are suitable under ECCTA. This may entail carrying out an anti-fraud risk assessment to assess the risk of fraud being committed by an associated person for the benefit of the organisation.

Due diligence measures may need to be implemented to mitigate any material risks identified in the anti-fraud risk assessment. Also important will be fraud prevention plans and due diligence measures based on the findings of the risk assessment.

Companies should also nominate an individual to be responsible for fraud prevention. Additionally, staff and employees should receive regular training, including tailored training for high-risk members of staff and senior management. Prudent companies will carry out regular, ongoing reviews of their fraud prevention procedures to ensure they remain compliant and can mount a defence if necessary.

© Financier Worldwide

BY

Richard Summerfield

©2001-2025 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.