Are you prepared for the Failure to Prevent Fraud offence?

Building on the foundation laid by the Bribery Act, this offence holds companies accountable for fraudulent activities carried out by associated persons for their benefit. With its broader scope and stringent requirements, understanding the implications and preparing for compliance is crucial. In this Insight we address some of the most common questions regarding this significant legal development.

What does this offence do?

Like its predecessor Bribery Act offence, the new corporate criminal offence of "failure to prevent fraud" renders commercial organisations criminally liable for acts of fraud committed by associated persons acting to benefit the organisation or its customers. It however contains elements that do not apply to the Bribery Act offence and may be likely to be enforced more widely.

What behaviour it will catch?

False representations to win a contract; for example, greenwashing claims, finance staff manipulating figures to improve performance, providing false information to HM Revenue & Customs to evade tax, false statements made by directors and falsified accounting documents provided to induce a sale.

What organisations will it apply to?

It only applies to large organisations meeting at least two of the following criteria: turnover exceeding £36m, balance sheet total exceeding £18m, and more than 250 employees. However, small and medium-sized enterprises trading with large organisations are likely to have increased compliance burdens placed upon them relating to the offence. 

Will it apply to overseas organisations?

Yes, if there is a UK nexus and if the fraud was committed in the UK or there is a UK-based victim. So foreign-based large organisations will need to include this offence in their compliance systems.

Is there a defence?

If fraud occurs within the ambit of the offence, it will not matter if the organisation did not participate in the conduct or was unaware that it had occurred. The only defence is for the organisation to prove that it had reasonable procedures in place to prevent fraud, with the burden of proof on the organisation. 

What does my business need to do establish that it has reasonable procedures in place?

The defence is based around six principles: top-level commitment, risk assessment; proportionate procedures, due diligence; communication (including training);, and monitoring and review. The government has published guidance on the offence of failure to prevent fraud introduced by the Economic Crime and Corporate Transparency Act 2023. This should be carefully considered. A critical first step is to conduct a fraud focussed risk assessment. Our failure to prevent fraud roadmap can guide you through that process

What are the penalties?

On conviction, an organisation would face an unlimited fine and confiscation of any relevant profits. It could also be made to compensate victims and suffer severe reputational damage.

When does it come into force?

It comes into force on 1 September 2025. It will not be retrospective, but previous conduct could be taken into account when deciding whether to prosecute for offences after that date or imposing any sanction.