The offence of failure to prevent fraud

A Brief Guide -  The offence of failure to prevent fraud coming into effect on 1 September 2025 

www.fiscol.com

Under the Economic Crime and Corporate Transparency Act 2023, an organisation may be criminally liable where its employee, agent, subsidiary, or other “associated person”, commits a fraud intending to benefit the organisation and the organisation did not have reasonable fraud prevention procedures in place.

The offence may also apply where the fraud offence is committed with the intention of benefitting a client of the organisation.  It does not need to be demonstrated that directors or senior managers ordered or knew about the fraud.

Large, incorporated bodies and partnerships across all sectors of the economy are in scope of the offence. “large organisation” is defined as meeting two or three out of the following criteria:  > 250 employees  > £36 million turnover  > £18 million in total assets.

The defence for the relevant organisation to avoid the offence is to have reasonable fraud prevention procedures in place. A matter that can only be resolved by the courts, taking into account the particular facts and circumstances of the case.

The guidance issued by the Government on the key considerations for relevant organisation is to put in place fraud prevention measures designed with organisation’s structure and the territoriality of the offence in mind.

The guidance sets out the fraud prevention framework behind the ‘reasonable procedures’ that provide an organisation with the defence to prosecution are as follows:

  Top level commitment  Responsibility for the prevention and detection of fraud rests with those charged with the governance of the organisation. They should foster a culture within the organisation in which fraud is never acceptable and should reject profit based on, or assisted by, fraud.

Risk assessment  The organisation should assess the nature and extent of its exposure to the risk of employees, agents and other associated persons committing fraud in scope of the offence. The risk assessment is dynamic, documented and kept under regular review.

Proportionate risk-based prevention procedures  An organisation’s should have procedures to prevent fraud by persons associated with it and will need to be proportionate to the fraud risks it faces and to the nature of its activities.

Due diligence   The organisation should applies due diligence procedures, taking a proportionate and risk-based approach, in respect of persons who perform or will perform services for or on behalf of the organisation, in order to mitigate identified fraud risks.

Communication   The organisation should seeks to ensure that its prevention policies and procedures are communicated, embedded and understood throughout the organisation, through internal and external communication. Training and maintaining training are key.

Monitoring and review   The organisation should monitors and reviews its fraud detection and prevention procedures and makes improvements where necessary. This includes learning from investigations and whistleblowing incidents and reviewing information from its own sector.

www.fiscol.com

Call us, if you you want to discuss how we can help.