With over three million incidents a year, accounting for about 40% of all criminal offences in England and Wales – according to a recent report by the National Crime Agency – fraud is now the most widespread crime in the UK.
It should therefore come as no surprise that, despite several anti-fraud laws having been introduced in the past 20 years by successive governments, there is a new addition to the list.
The latest is called a ‘failure to prevent fraud offence’, which will come into force on 1 September 2025 and is aimed at improving anti-fraud standards in large business organisations.
The offence – as explained in the guidance recently released by the government – will hold organisations to account for frauds such as cheating the public revenue, false accounting or other fraudulent activities committed by employees, agents, subsidiaries or other associated persons who provide services (but not goods) for or on behalf of the organisation ‘where the fraud was committed with the intention of benefiting the organisation or their clients’.
Businesses will have a defence if they have reasonable procedures in place to prevent fraud
Employees, agents, subsidiaries or other associated persons in scope could be UK-based, targeting victims in the UK or deemed to have committed the fraud in the UK.
However, the Economic Crime and Corporate Transparency Act 2023, which created the offence, stipulates that the businesses in scope will have a defence and be able to satisfy a court if they have reasonable procedures in place to prevent fraud.
Who’s affected?
Before considering what these reasonable procedures might be and what in practice large companies or corporate groups should do to boost their defence, let’s first clarify which organisations are in scope and define the least intuitive concept of all: the ‘intention of benefiting’.
The ‘intention of benefiting’ is a broad notion
A ‘large organisation’, which could be either a single entity or a consolidated corporate group (ie where there is a parent company and at least one subsidiary), is defined as meeting at least two of the following criteria:
- more than 250 employees
- more than £36m turnover
- more than £18m in total assets.
The ‘intention of benefiting’ is instead a broad notion, which includes situations where the benefit does not materialise and/or obtaining a financial benefit is not the primary motivation of the fraud.
Action now
With regards to the reasonable procedures that, depending on the size and risk profile of the large organisation concerned, should be carried out before September 2025 and be in place thereafter, there are at least three:
- Conduct a detailed risk assessment (where required, with the assistance of an external specialised firm) to identify any anti-fraud vulnerabilities and associated persons most at risk of committing any fraud.
- Act promptly on the back of the assessment to address any weaknesses by, for example, updating or introducing internal anti-fraud guidelines and compulsory training to help the personnel of the organisation stop and report possible fraudulent activities.
- Boost any due diligence process and review (and, where needed, amend) contracts with third parties that may fall within the definition of ‘associated persons’ (eg service providers).
Individual liability
Government guidance on the subject also stresses the importance of the ‘top-level commitment’, meaning that the senior management of a large organisation should have an active leadership role in relation to fraud prevention.
This new offence is supposed to work in conjunction with other existing pieces of legislation
It is equally important to note the introduction of this new offence does not preclude or replace the prosecution of any employee or agent who committed the fraud, in addition to the company being held accountable for failing to prevent it.
In fact, this new offence is supposed to work in conjunction with other existing pieces of legislation that are meant to tackle fraud or any failure to prevent it – for example, the UK Bribery Act 2010, which addresses the the failure to prevent bribery, and the Criminal Finance Act 2017, which covers the failure to prevent the facilitation of tax evasion.
Failure to prevent fraud also has a few overlaps with other ‘failure to’ offences, such as cheating the public revenue under the Criminal Finance Act 2017. But the main and most significant difference is the wide range of frauds in scope of the Economic Crime and Corporate Transparency Act 2023.
