Incident of Neglected Fraud Prevention
The UK government has introduced a new Failure to Prevent Fraud Offence as part of the Economic Crime and Corporate Transparency Act (ECCTA) 2023, effective from 1 September 2025. This new legislation aims to create a corporate criminal liability for large organisations that fail to prevent fraud committed by associated persons[1][3][4].
Key aspects of the offence include:
- The offence applies to large organisations and covers fraud committed by employees, agents, subsidiaries, subcontractors, or anyone providing services on the organisation’s behalf[4][5].
- Organisations can be held liable even if senior management or the company were unaware of the fraud[1][3][5].
- The offence covers a range of frauds, including offences under the Fraud Act 2006, Theft Act 1968, Companies Act 2006, common law fraud, and tax fraud such as cheating the public revenue, false accounting, fraudulent trading, and obtaining services dishonestly[3][4][5].
- Organisations can avoid liability by demonstrating they had "reasonable procedures" in place to prevent fraud[4].
- The offence will be policed by the Crown Prosecution Service and Serious Fraud Office, with explicit government signals to enforce aggressively and target early offenders to set an example[1][3][5].
- The offence can apply to non-UK organisations if there is a nexus to the UK[5].
Implications for organisations:
- Failure to comply with the new offence could result in unlimited fines, reputational damage, and criminal prosecution[1].
- Enforcement will be proactive and strict, so failure to prepare carries significant legal and business risks[1][3].
- The offence drives a cultural shift towards stronger governance, fraud risk assessment, and resilient ethical culture focused on prevention[1][3].
To prepare for the new offence, organisations should:
- Conduct thorough fraud risk assessments to identify vulnerabilities linked to associated persons[3][5].
- Implement and document robust fraud prevention procedures covering policies, training, monitoring, and reporting mechanisms adjustable to organisational risks[2][4].
- Engage HR and compliance functions to ensure a culture of compliance that supports fraud prevention[3].
- Ensure corporate governance frameworks incorporate fraud risk controls and internal investigations protocols[1][4].
- Keep updated with government guidance and legal advice to remain aligned with evolving expectations on reasonable fraud prevention[2][3].
In conclusion, the new offence imposes a broad, strict liability standard on large UK organisations to actively prevent fraud by all persons performing services for them, with heavy penalties for failure to do so. Organisations must urgently strengthen governance, embed fraud prevention in their culture, and implement tailored controls to mitigate legal and reputational risks before the September 2025 enforcement date[1][3][4]. The new offence is expected to drive a major shift in corporate culture to help reduce fraud.
- In light of the new Failure to Prevent Fraud Offence, businesses need to carefully assess their vulnerabilities related to associated persons to avoid financial penalties and damage to their reputations.
- Under the Economic Crime and Corporate Transparency Act, companies could face unlimited fines and criminal charges if they fail to show that they have put in place reasonable procedures to prevent fraud in their business dealings.
