The UK’s approach to corporate fraud is undergoing a significant transformation. As of September 2025, a new corporate offence — the “failure to prevent fraud” — will come into effect under the Economic Crime and Corporate Transparency Act 2023.
This development represents a pivotal move by the UK government to reshape corporate culture, placing greater emphasis on proactive fraud prevention. The new offence will make it considerably easier to hold organisations accountable for fraudulent conduct, compelling businesses to implement robust controls and foster a culture of integrity and compliance.
Under the new offence, organisations can be held criminally liable if a specified fraud offence is committed by an employee or agent for the organisation’s benefit, and the organisation failed to have reasonable fraud prevention procedures in place. There is no requirement to prove that senior management directed or was even aware of the fraud.
This measure is designed to discourage companies from ignoring fraudulent activity that may serve their interests. Instead, it creates a strong incentive for organisations to establish or enhance effective fraud prevention frameworks — fostering a cultural shift that prioritises integrity and reduces the risk of corporate fraud.
Key Elements of the “Failure to Prevent Fraud” Offence
Associated Persons
The scope of the offence is wide. An organisation may be held criminally liable if a fraud is committed by an “associated person” — such as an employee, agent, subsidiary, or other party acting for or on its behalf — with the intention of benefiting the organisation or its clients.
The term “associated person” covers both individuals and smaller entities, even if they do not meet the definition of a large organisation themselves, so long as they are providing services to or representing a large organisation. Notably, liability can also extend to parent companies if an employee of a subsidiary commits fraud for the benefit of the parent organisation, thereby bringing it within the reach of the offence.
Intention to Benefit the Organisation
For the offence to apply, the fraudulent act must be carried out with the intention of benefiting the organisation or its clients. Importantly, the organisation or its clients do not need to actually receive any benefit. It is sufficient that they were intended to benefit. Moreover, the benefit does not have to be financial in nature.
The associated person’s intent to benefit the organisation also does not need to be their primary or sole motivation. The fraud may be committed mainly for personal gain, as long as there was also an intention — even if secondary — to benefit the organisation or its clients.
Applicability to Large Organisations
The “failure to prevent fraud” offence applies exclusively to large organisations. An organisation is considered “large” if it meets at least two of the following three criteria:
- More than 250 employees
- Annual turnover exceeding £36 million
- Total assets over £18 million
These thresholds are assessed based on the financial year preceding the year in which the underlying fraud offence occurred.
Importantly, these criteria apply to the organisation as a whole — including all subsidiaries — regardless of the organisation’s headquarters or the geographic location of its subsidiaries.
Types of fraud covered by the offence
The failure to prevent fraud offence covers a range of specified fraud offences, as outlined in Schedule 13 of the Economic Crime and Corporate Transparency Act 2023. They include:
- cheating the public revenue
- fraud by false representation
- fraud by failing to disclose information
- fraud by abuse of position
- participation in a fraudulent business
- obtaining services dishonestly
- false accounting
- false statements by company directors
- fraudulent trading
- fraud, uttering, embezzlement
- aiding, abetting, counselling or procuring the commission of any of the above.
Defence of reasonable fraud prevention procedures
To avoid liability under the new offence, organisations must be able to demonstrate that they had reasonable procedures in place to prevent fraud. Government-issued guidance outlines six key principles that should shape an effective fraud prevention framework:
- Leadership commitment from the top
- Robust risk assessment
- Proportionate, risk-based prevention procedures
- Effective due diligence
- Clear communication and training
- Ongoing monitoring and regular review
These principles are intended to help organisations build a culture of integrity and ensure that their fraud prevention efforts are both practical and effective.
Penalties
Organisations found guilty of the offence may face an unlimited fine. In determining the appropriate penalty, the courts will consider all relevant circumstances of the case.
Conclusion
The UK Government’s plan to amend the Economic Crime and Corporate Transparency Act marks a turning point in the global fight against fraud. This change is likely to have far-reaching effects—not just in the UK, but internationally. Organisations will be encouraged to strengthen their internal controls, enhance leadership accountability, and build more ethical business environments.
This development has the potential to reshape corporate culture and contribute to a more transparent and honest global business ecosystem.
At Cerebra, we bring years of investigation experience and hands-on expertise in fraud risk management projects. We help organisations identify and assess their fraud risks and implement targeted, effective solutions. To learn more about our fraud risk management services, click here.
