Introduction of Failure to Prevent Fraud as Corporate Criminal Offence

The end of October saw seismic changes to the UK’s economic crime legislation with the Economic Crime and Corporate Transparency Act 2023 (‘the Act’) receiving Royal Assent.

This has created a new corporate criminal offence of ‘failure to prevent fraud’ and substantial changes to the way criminal liability is legally attributed to companies.

Under the new offence, an organisation will be liable where an employee or agent commits a fraud for the organisation’s benefit and that organisation did not have reasonable fraud prevention measures in place.

The offence applies to large organisations all sectors. That constitutes organisations who meet two of the three following criteria: more than 250 employees, more than £36 million turnover and more than £18 million in total assets. Companies and their subsidiaries which cumulatively meet the size threshold will be in scope. It also includes not-for-profit organisations including charities and incorporated public bodies.

To avoid prosecution, large organisations will need to prove they had reasonable measures in place to prevent fraud. The Act doesn’t define what reasonable measures are, but the government will be publishing statutory guidance before the new offence comes into force, which is expected to be in early 2024.

Senior Managers – Strengthening the ‘Identification Principle’

The Act also strengthens what is known as the ‘identification principle’ in corporate crime.  This is the legal test for determining whether the criminal actions of individuals can be attributed to a company.

The general rule here is that, to trigger corporate liability, an offence must have been committed by the ‘directing mind and will’ of a corporation. This legal test was established in 1971 and in large, complex organisations it has proved difficult to determine. The conviction of large and complex companies regarding financial crimes has therefore been difficult to obtain.

Going forward, instead of the prosecution having to identify the ‘directing mind and will’ of a company, businesses will be held criminally liable for fraud and a range of other financial crimes when they are committed by their senior managers.

A senior manager is defined as a person who plays a significant role in: (a) the making of decisions about how the whole or a substantial part of the company or partnership’s activities are to be managed or organised, or (b) the actual managing or organising of the whole, or a substantial part of those activities.

This new doctrine applies to all corporates, regardless of size and there is no statutory defence of reasonable measures for this offence.

In short, if the senior manager is guilty of an offence, then the business will also be guilty.


The new failure to prevent fraud offence has clearly been created to drive compliance and to facilitate prosecutions for unscrupulous organisations.  It remains to be seen whether an increase materialises in corporate prosecutions for failing to prevent fraud, but prosecutors will be keen to demonstrate that this new offence can bite.

With that in mind, there are steps that organisations who fall within the scope of the Act can and should take now.

Businesses should carefully consider the risks in their sector alongside the effectiveness of their existing fraud prevention policies and procedures. To stay compliant, organisations will certainly have to review and revise them to be compliant with the requirement of having reasonable fraud prevention measures in place and will have to ensure those measures are adhered to.

Given the probable number of senior managers in large organisations, the change to the identification doctrine has the potential to trigger an increase in corporate prosecutions. Indeed, the definition of ‘senior manager’ will almost certainly be tested and clarified by the courts.  The new doctrine comes into force on 26 December and companies should be taking steps now to identify those who could be considered senior managers, with an assessment of their economic crime risk and the scope of their authority.

Although having reasonable measures in place is not a defence regarding the new doctrine, having robust crime prevention training and effective counter fraud measures in place will help to significantly reduce the possibility of fraud being committed by an organisation’s senior managers.

Please contact Gregor Smith on to discuss any questions you have, advice you need, or to discuss any other regulatory matter.