A new law creating a new corporate criminal offence of ‘failure to prevent fraud’ has been described as a game-changer, as organisations now have to demonstrate to a court that they had reasonable fraud prevention measures in place when a fraud was committed.
Under the Economic Crime and Corporate Transparency Act 2023, the offence of failure to prevent fraud, which came into effect on 1 September 2025, also holds large organisations to account if they profit from fraud.
Failure to prevent fraud
Under the new law, which was passed with cross-party support, large organisations can be held criminally liable where an employee, agent, subsidiary, or other “associated person” commits a fraud intending to benefit the organisation.
Examples may include dishonest sales practices, hiding important information from consumers or investors, and dishonest practices in financial markets.
The offence aims to encourage organisations to build an anti-fraud culture in a similar way that failure to prevent bribery laws have shifted corporate culture since their introduction in 2010.
Fraud minister Lord Hanson said yesterday: “Fraud is a shameful crime, and we are determined to bring those responsible to justice wherever it takes place.
Many organisations are making extensive changes, as their previous fraud policies were designed to stop them becoming a victim – not a potential beneficiary – of fraud” – Andrew Reeves, Norton Rose Fulbright
“Today marks a pivotal moment for businesses, and this new offence strengthens our anti-fraud culture to protect businesses, build corporate trust, and support long-term economic growth.”
Andrew Reeves, partner at law firm Norton Rose Fulbright, said: “The new failure to prevent fraud offence is a real game-changer, both in terms of the risk of corporate prosecutions for fraud and what regulators now expect from anti-fraud compliance programmes.
“Many organisations are making extensive changes, as their previous fraud policies were designed to stop them becoming a victim – not a potential beneficiary – of fraud. With unlimited potential penalties, it is essential that companies have robust, proactive anti-fraud controls in place to help mitigate risk.”
The Home Office has produced guidance on the new offence, ensuring businesses take action to prevent fraud.
With recent Office for National Statistics (ONS) figures suggesting that fraud increased by 31% last year, the government will publish a new, expanded fraud strategy, which places tackling fraud against business at its heart.
Nick Ephgrave, director of the Serious Fraud Office (SFO), said: “This is a significant new tool for prosecutors to tackle serious and complex fraud which damages UK business and undermines our economy. The SFO is ready to act if corporates fail to comply with their new responsibilities.”
Failure to prevent fraud
The offence of failure to prevent fraud applies only to “large” organisations, which are defined as meeting two or three of the following criteria: having more than 250 employees; more than £36m turnover; or more than £18m in total assets.
Hannah von Dadelszen, who leads on fraud and economic crime for the Crown Prosecution Service, said it would not hesitate to prosecute where companies fail in their responsibility to prevent fraud.
She added: “The new law represents a major step forward in holding to account those who commit corporate crime. Large organisations must act to put robust fraud prevention systems in place or leave themselves open to legal action.”
Katie Stephen, partner at Norton Rose Fulbright, said: “The SFO will be keen to bring the first prosecution for the new offence, so that companies ‘feel the bite’. Nobody wants to be the test case, so in-scope entities shouldn’t rest on their laurels after 1 September.
“If a fraud takes place, organisations may need to demonstrate that they have effective anti-fraud procedures and have kept these under review. They should continually enhance their controls to reflect any new and emerging fraud risks, as this could help in securing a defence.
“Financial crime and consumer protection are high on the Financial Conduct Authority’s agenda, so failures to prevent fraud could also lead to civil fines and other serious consequences for regulated firms, as well as members of their senior management teams.”
A corporate offence can only take place if a person commits the fraud while acting in the capacity of a person associated with the relevant body – for example, an employee acting in the capacity of an employee. Fraud that takes place outside this capacity, for example, in a person’s private life, does not give rise to corporate liability.
Sign up to our weekly round-up of HR news and guidance
Receive the Personnel Today Direct e-newsletter every Wednesday
