November 21, 2023

New UK ‘Failure to Prevent Fraud’ Offence in Outline

At a Glance

  • This new provision was implemented to improve fraud prevention and protect victims, as the new offence strengthens existing ramifications and means for prosecution.
  • The new offence will encourage companies to improve existing prevention procedures and will alleviate unnecessary burden on legitimate businesses.

The Economic Crime and Corporate Transparency Act (ECCTA) received Royal Assent and became law on 26 October 2023. It contains a new ‘failure to prevent fraud’ offence whereby large organisations will be held criminally liable for specified fraud offences committed by an employee or agent for the organisation’s benefit, and the organisation did not have reasonable fraud prevention procedures in place. It is expected to come into force in early 2024.

In this alert, we consider the offence and its implications for in-scope organisations.

Background to ‘failure to prevent’ offences

The ‘failure to prevent’ model of corporate criminal liability was established in the UK Bribery Act 2010 (in relation to bribery) and further supported by the UK Criminal Finances Act 2017 (in relation to tax evasion).

The mechanism adopted in the ECCTA will reform corporate criminal liability by introducing an offence of failing to prevent fraud.

The offence

This new offence is a strict liability offence which can only be committed by a corporate entity — there is no individual director or senior manager liability. The offence makes an organisation criminally liable where it fails to prevent misconduct by an ‘associated person’, regardless of whether the organisation was aware of the misconduct, provided that the fraud was committed with the intention of benefitting the organisation or a person to whom the organisation provides its services.

Associated person

The new offence assumes an organisation’s employees, agents and subsidiaries, and those who perform services for or on behalf of the organisation are associates of the organisation. This definition is broader than under the equivalent bribery and tax evasion failure to prevent offences.

In-scope organisations

The offence will apply to large companies and partnerships which meet at least two of the following criteria in the financial year preceding the year in which the offence is committed:

  1. More than 250 employees
  2. More than £36 million turnover
  3. More than £10 million in aggregate assets on its balance sheet

The offence will also apply to parent companies of a group which meets at least two of the following criteria in the financial year preceding the year in which the offence is committed:

  1. An aggregate turnover of over £36 million net (or £43.2 million gross)
  2. Aggregate balance sheet total of over £18 million net (or £21.6 million gross)
  3. More than 250 aggregate employees

Specified fraud offences

The offence has extraterritorial effect and will apply where an associated person (wherever based) commits any of the below fraud offences, or targets victims in the UK.

Fraud offences include:

  • Fraud by false representation, by failing to disclose information, or by abuse of position
  • Obtaining services dishonestly
  • Participation in a fraudulent business
  • False accounting
  • False statements by company directors
  • Fraudulent trading
  • Cheating the public revenue
  • Aiding, abetting, counselling or procuring the commission of a listed offence (e.g., where an employee assists another person to commit one of the offences listed above)

Next steps for businesses

The ‘failure to prevent fraud’ offence will come into force after the UK government has published guidance on the ‘reasonable procedures’ defence, which will allow an organisation to avoid liability if it can prove that it had the right compliance procedures in place to prevent the misconduct. The guidance is not expected to be published before spring 2024.

Based on guidance produced for the failure to prevent bribery and facilitation of tax evasion offences, it is likely that organisations will need to ensure:

  • High-level commitment to preventing fraud
  • Risks have been assessed and are kept under review
  • Anti-fraud policies and procedures are in place and are supported by appropriate training on fraud prevention issues (including tailored training for those in higher risk positions)
  • Reasonable financial and accounting controls are in place
  • Appropriate enforcement mechanisms are in place in all contracts of employment
  • Contractual provisions with third parties cover outward fraud
  • Whistleblowing procedures are adapted or adopted to cover fraud
  • Anti-fraud measures are continually monitored, reviewed and evaluated

Once published, organisations should evaluate their fraud detection and prevention mechanisms in accordance with the updated guidance and document their compliance with its recommendations.

For information on the other reforms introduced by the ECCTA, please read our recent alert.