The Government has now formally introduced a new failure to prevent fraud offence into the Economic Crime and Corporate Transparency Bill that will, once in force, hold organisations accountable for fraud that has been committed by their employees or agents for the organisation's benefit.
Fraud offences now account for 41% of all crimes committed in the UK and the Government has come under significant pressure to do more to tackle the issue. The need for a new failure to prevent fraud offence has received cross-party support across the Houses of Parliament with some members calling for the offence to cover a broader range of economic crime and also for a new offence of creating individual liability for failing to prevent fraud.
The Government signalled its intention to introduce the new offence in January of this year and, on 11 April 2023, Lord Sharpe of Epsom, the Parliamentary Under-Secretary of State for the Home Office, tabled the Government's amendment to the Bill setting out the form that the new failure to prevent fraud offence will take. This was accompanied by the Home Office's publication of a fact sheet on the proposed new offence.
As with the introduction of the equivalent offence for bribery under the Bribery Act 2010, the introduction of this new failure to prevent offence will require those organisations within the scope of the new offence to review their anti-fraud policies, systems and controls to ensure that they address those situations where fraud is committed for their benefit by their employees or agents.
Who will the new offence apply to?
The new offence will apply to "large" organisations (including corporates, partnerships and large not-for-profit organisations) in all sectors. The definition of a large organisation is based on the standard Companies Act 2006 definition and will include any organisation that meets at least two of the following criteria within the scope of the new offence:
- more than 250 employees;
- more than £36 million turnover; and
- more than £18 million in total assets.
Which offences are in scope?
Organisations will be held criminally liable for specified fraud and false accounting offences that are committed by an employee or an agent for the benefit of the organisation. It will not be necessary to establish that the senior officers within the organisation were aware of the fraud or that they ordered it, meaning that the prosecution of corporates for these offences will be significantly easier than previously.
The specified offences to which the new failure to prevent offence will apply are:
- fraud by false representation (section 2 Fraud Act 2006)
- fraud by failing to disclose information (section 3 Fraud Act 2006)
- fraud by abuse of position (section 4 Fraud Act 2006)
- obtaining services dishonestly (section 11 Fraud Act 2006)
- participation in a fraudulent business (section 9, Fraud Act 2006)
- false statements by company directors (Section 19, Theft Act 1968)
- false accounting (section 17 Theft Act 1968)
- fraudulent trading (section 993 Companies Act 2006)
- cheating the public revenue (common law)
The equivalent offences in Scotland and Northern Ireland will also be within scope. The Government has also reserved the right to update the list of specified offences via secondary legislation in the future, although it has stated that any new offences will be limited to economic crime.
Will it apply to overseas organisations?
The offence will have an extraterritorial effect. This means that organisations that are based outside of the UK can be prosecuted if their employee commits fraud under UK law or targets victims in the UK, even if the employee is also based outside of the UK.
Will there be a compliance-based defence?
Any organisation that may have committed the new offence will be able to rely on a defence of having had "reasonable procedures" in place to prevent fraud or, in some circumstances, that it was not reasonable to have had fraud prevention procedures in place (i.e. because the risk was very low). Prior to the offence coming into force, the Government will publish guidance on what constitutes reasonable prevention procedures.
What can organisations do to prepare for the new offence?
Although we are some months away from the publication of any guidance on what reasonable prevention procedures will look like, the guidance is likely to draw on the risk-based approach to compliance, found in the equivalent guidance for the existing failure to prevent offences (those of bribery and tax evasion).
This will mean that, in the event of a breach, organisations should be ready to demonstrate a proportionate and risk-based approach to compliance, driven by senior management, where risk assessments and procedures have been reviewed with the new offences in mind, employees have been adequately trained and the applicable procedures have been fully and properly communicated and implemented across the organisation.
The existing failure to prevent offences means that most organisations should already have sophisticated compliance programmes in place. However, when you next review your risk assessment it would be prudent to consider whether your current fraud risk assessments sufficiently address the risk of fraud being committed by your employees or agents for the benefit of the organisation, particularly through the lens of the wide variety of misconduct captured by the new offence. If it does not, take steps to rectify this. Such steps might include updating your internal policies and training programmes, reviewing your due diligence procedures (particularly where agents are involved); updating contractual terms to ensure the risk is sufficiently mitigated and ensuring that you have in place regular and effective audit processes to address fraud.
The new failure to prevent fraud offence is likely to come into force within the next year. We will keep you updated with the developments on the new offences as the Bill continues to make its way through Parliament.
For more information on compliance guidance and criminal enforcement trends, please read the Global Investigation Review's Guide to Compliance, which is co-edited by Mishcon and includes two chapters from our lawyers.