On 1 September 2025, a new corporate criminal offence of failure to prevent fraud will come into force: this will mark the biggest reform to the financial crime compliance landscape since the introduction of the Bribery Act in 2010.
The new offence, which was introduced in the Economic Crime and Corporate Transparency Act 2023 (ECCTA), is set to have far-reaching implications across all sectors. The Government has announced that it intends for the offence to build an ‘anti-fraud’ culture across industry.
The expectation from bodies like the Serious Fraud Office is that the offence will give rise to an uptick in investigations and enforcement action, leaving those companies that fail to prepare at risk of an unlimited fine and significant reputational damage.
Who does the offence apply to?
The offence applies to large organisations, including parent companies and subsidiaries, regardless of location, that meet two or more of the following criteria:
- more than 250 employees
- more than £36 million of turnover
- more than £18 million in total assets
These criteria apply to UK and overseas organisations (including their subsidiaries) irrespective of where they are headquartered or where the subsidiary is located, provided there is a UK nexus. Subsidiaries are defined under the Companies Act 2006.
Under this new offence, a parent company can be prosecuted for failure to prevent fraud where the fraud offence is committed by its subsidiary and where the beneficiary is the parent organisation, or its clients to whom the subsidiary provides services for or on behalf of the parent organisation.
Further if an employee of a subsidiary of a large organisation (where that subsidiary is not itself a large organisation) commits a fraud that is intended to benefit the subsidiary, the subsidiary may be prosecuted.
What should you do to prepare?
For those organisations caught by the new offence, it is essential that steps are taken now to put in place reasonable fraud prevention measures before the offence comes into force on 1 September 2025.
The guidance published by the Home Office provides advice on the procedures that can be put in place for the purposes of establishing an effective defence. The guidance refers to six broad principles, together with more detailed advice, which are intended to inform the approach of an organisation, by reference to their particular circumstances and risk:
- Top level commitment
- Risk assessment
- Proportionate risk-based prevention procedures
- Due diligence
- Communication (including training)
- Monitoring and review
Preparatory steps to take now:
- Conduct risk assessments to identify potential fraud risks within your organisations.
- Review and develop policies and procedures to manage the risks presented by the new offence.
- Consider targeted training for employees and associated persons
- Develop a record of decisions and actions taken to demonstrate compliance
- Continue to monitor and review effectiveness of fraud prevention measures
If you have any questions about how this may apply to your business or the steps you can take to prepare, please do not hesitate to get in touch with our White Collar Crime and Investigations team.
Get in touch