The new failure to prevent fraud offence (“FTPF”) under the Economic Crime and Transparency Act 2023 (“the Act”) is now in force (1 September 2025) for large organisations. It is vital that companies consider if they fall within the reach of the new offence.
With increasing public concern of rising economic crime and corporate malpractice, the UK government introduced a significant reform to corporate criminal liability. This new offence mirrors similar offences already in place for bribery (under the Bribery Act 2010) and tax evasion (under the Criminal Finances Act 2017).
Scope and Accountability
The offence applies to large organisations, defined as those meeting at least two of the following criteria:
- More than £36 million in turnover
- More than £18 million in total assets
- More than 250 employees
Section 199(13) of the Act says the offence applies to organisations incorporated or formed by any means which includes under the Companies Act 2006, The Limited Liability Partnerships Act 2000, Royal Charter, Statute (for example the NHS Trust). Current guidance suggests that the concept of “large organisations” is intentionally broad to cover the wider “group” of companies. Organisations does not mean bodies corporate, as such partnerships and Limited Partnerships fall within scope.
Most crucial is the extra-territorial reach of the Act. The offence applies to bodies incorporated and partnerships formed outside the UK but with a UK nexus. UK nexus means that:
- one of the acts that was part of the underlying fraud took place in the UK; or
- the gain or loss took place in the UK.
Whilst the intention from policy makers is that SMEs are not unduly burdened by the new FTPF offence, it should be noted that this is a policy priority. SMEs should remain abreast of regulations as:
(i) they could become within scope, either by virtue of existing legislation changing, or the company’s organic growth, and
(ii) Government guidance clearly indicated that irrespective of whether a company falls within scope, this should be considered industry best practice.
What Constitutes the Offence?
A company will be guilty of the offence if: (a) an “associated person” (e.g. an employee, agent, subsidiary) commits a fraud offence intending to benefit the organisation or another person to whom services are provided on behalf of the organisation, and (b) the organisation failed to prevent the fraud.
Importantly there does not need to be any actual benefit, merely the intention on behalf of the associated person to benefit.
“Associated Person” is interpreted broadly, including employees, agents, contractors, and even some subsidiaries. The intention is to ensure that companies are responsible for fraud committed by individuals who represent them in a relevant capacity.
If the organisation is found to have committed the offence, the sanction is an unlimited fine.
Fraud Offences Covered
The offence encompasses a wide range of economic crimes, including:
- Fraud by false representation (s.2 Fraud Act 2006)
- Fraud by abuse of position (s.4 Fraud Act 2006)
- Fraud by failing to disclose information (s.3 Fraud Act 2006)
- False accounting (s.17 Fraud Act 2006)
- Participating in a fraudulent business (s.9 Fraud Act 2006 and s.993 Companies Act 2006)
- Cheating the public revenue (The Theft Act 1968)
“Reasonable Procedures” Defence
The only defence available is that the organisation had “reasonable procedures” in place to prevent fraud. This is akin to the “adequate procedures” defence under the Bribery Act.
The Government has released some guidance for reasonable fraud prevention procedures and include:
- Top level commitment – responsibility for prevention of fraud should be placed at senior governance level so directors, partners, senior management to ensure a clear governance framework across the entire organisation.
- Risk assessments – these are dynamic procedures and as such they should be regularly documented and reviewed.
- Proportionate risk-based fraud prevention procedures – aim should be to reduce opportunities for fraud which may arise within the companies operating structures.
- Due diligence – appropriate checks in place such as external identity verification, dual approval process on certain transactions.
- Communication – procedures and policies should be effectively communicated through the company through active training.
- Monitoring and review – ongoing monitoring should be in place which actively detects incidents of fraud.
The Government has made it clear that many companies will have adequate procedures in place and that it is not necessary to duplicate work, however simply relying on pre-existing procedures will not mean those procedures are adequate unless they have been reviewed.
Why This Matters
The new offence is significant for several reasons:
- Increased Accountability: Companies can no longer shield themselves behind complex structures or claim ignorance of employee’s actions.
- Shift in Compliance Culture: Like the Bribery Act before it, the Failure to Prevent Fraud offence is expected to drive cultural change, embedding anti-fraud measures into corporate governance.
- Enforcement Pressure: Whilst previous criticised for failing to pursue corporate crime, agencies such as the Serious Fraud Office (SFO) and Crown Prosecution Service (CPS) will be more likely investigate suspicious or concerning activity.
What Should Companies Do Now?
Companies should act now to ensure compliance. Directors, Partners and Senior Managers should understand where and how your organisation might be vulnerable to fraud. Ensure internal procedures are up to date and robust enough to detect and prevent fraudulent activity.
Government guidance has made it clear that it is not sufficient to rely on the procedures that already exist as a defence, if these procedures are not adequate. As such checking existing procedures should be the first priority. This may require external advisors to benchmark and update your policies.
The new offence sends a clear message: preventing fraud is not optional. Companies must take responsibility for the actions of those who represent them and put in place robust, reasonable procedures to stop economic crime in its tracks. In doing so, they not only comply with the law but also strengthen their ethical foundation.
If you require any assistance with reviewing and updating your procedures to ensure compliance, please contact Max Sherrard (msherrard@quastels.com).
