The new ‘failure to prevent fraud offence’ – what you need to know

A new corporate criminal offence called ‘failure to prevent fraud’ comes into force on 1 September 2025 and is set out in section 199 of the Economic Crime and Corporate Transparency Act (ECCTA) 2023.

The offence provides that a relevant body (a large organisation) may be guilty of an offence if an employee, agent, subsidiary or associated person commits a fraud offence intending to benefit the relevant body or person to which it provides service.

What is a large organisation?

A relevant body is a large organisation if it meets two out of three of the following criteria:

• More than 250 employees
• More than £36 million turnover
• More than £18 million in total assets

What does it mean for you?

The legislation marks a clear shift from individual liability to corporate liability and responsibility. Large organisations must now implement robust fraud prevention procedures, or risk facing prosecution if a fraud is committed.

It is essential that subsidiaries, senior executives and board members demonstrate a commitment to tackling fraud. This involves setting a clear tone from the top and ensuring that fraud prevention procedures are embedded into the organisation’s culture.

What can you do?

The legislation provides a defence where a large organisation can prove that it put in place reasonable fraud prevention measures, or that it was reasonable in all the circumstances to not expect the organisation to have any prevention procedures in place.

To avoid criminal liability, large organisations need to ensure the following six prevention procedures:

• Top level commitment
• Risk assessment
• Proportionate risk-based prevention procedures
• Due diligence
• Communication (including training)
• Monitoring and review

The prevention procedures were introduced as a framework of six principles that need to be put in place to avoid criminal liability.

The ‘failure to prevent fraud’ offence can be committed in a number of different ways and organisations may be prosecuted in instances where an employee or an associated person commits fraud even if the employee or associated person is not prosecuted for the predicate fraud.

If prosecuted, the onus will be on the organisation to prove, on the balance of probabilities, the reasonable procedures they had in place, or demonstrate that it was not a reasonable expectation at the time to have such procedures in place.

How can we help?

The introduction of the ‘failure to prevent fraud’ offence is a big shift to corporate responsibility, and organisations need to act now to ensure compliance and mitigate legal risk.

Ensuring compliance with the Government’s new requirements can feel overwhelming, but you don’t have to do it alone. We’re here to help guide you through the process with practical, actionable steps tailored to your business.

Our expert team can help you with:

• One-to-one expert advice
• Tailored training

Don’t wait until it’s too late, get in touch with a member of our expert team or contact Sonia Cheema at Sonia.Cheema@andersonstrathern.co.uk.

Legal Disclaimer