Failure to prevent fraud: a new era?

The UK's corporate criminal landscape underwent a seismic shift on 1 September 2025 with the commencement of the new "failure to prevent fraud" offence under section 199 of the Economic Crime and Corporate Transparency Act 2023 (ECCTA). This landmark legislation represents the most significant development in corporate criminal liability since the Bribery Act 2010, fundamentally altering how organisations must approach fraud prevention and compliance.

Scope and Application

The offence applies to "large organisations" meeting two of three criteria: more than 250 employees, turnover exceeding £36 million, or total assets over £18 million. The legislation extends beyond UK borders through its extraterritorial reach—organisations can be prosecuted if fraud is committed anywhere in the world, provided there is a UK nexus.

The offence is triggered when an "associated person"—including employees, agents, contractors, or subsidiaries—commits a specified fraud offence with the intention of benefiting the organisation or its clients. Crucially, actual benefit need not materialise; intention alone suffices. The framework encompasses offences from the Fraud Act 2006, common law fraud, and various Companies Act provisions.

The Defence: Reasonable Procedures

Organisations may defend themselves by proving they had "reasonable procedures" in place to prevent fraud. The Home Office guidance outlines six key principles mirroring bribery prevention: proportionate procedures, top-level commitment, risk assessment, due diligence, communication and training, and monitoring and review.

However, the guidance explicitly states that strict compliance provides no "safe harbour," emphasising that procedures must be tailored to each organisation's specific risk profile through comprehensive, regularly updated risk assessments.

The Serious Fraud Office's Strategic Focus

The Serious Fraud Office has positioned the failure to prevent fraud offence as a cornerstone of its enforcement strategy. Director Nick Ephgrave has made clear his intention to pursue early prosecutions, stating: "Come September, if they haven't sorted themselves out, we're coming after them."

The updated Joint SFO-CPS Corporate Prosecution Guidance demonstrates the authorities' readiness to utilise this tool. Significantly, it encourages prosecutors to consider failure to prevent fraud charges even where traditional bribery charges cannot be sustained, recognising that fraud encompasses broader dishonest conduct than bribery.

Enhanced Powers and Procurement Consequences

ECCTA has strengthened the SFO's investigative powers by extending pre-investigation compulsion powers to suspected fraud cases. Combined with reforms to the identification doctrine allowing attribution through "senior managers" rather than the restrictive "controlling mind" test, this significantly lowers the prosecution threshold.

Critically, the new offence intersects with procurement debarment provisions under the Procurement Act 2023. Conviction for the failure to prevent fraud offence would likely constitute a mandatory exclusion ground, requiring contracting authorities to exclude organisations unless they demonstrate "compelling reasons" and adequate remedial measures.

More significantly, the Procurement Act allows discretionary exclusion where there are "reasonable grounds to believe" an organisation has committed fraud-related offences—a much lower threshold than criminal conviction. This creates a "double jeopardy" scenario: organisations under SFO investigation for failure to prevent fraud could face immediate procurement debarment even before charges are brought, potentially devastating businesses dependent on public sector work.

Practical Implications for Practitioners

For solicitors advising corporate clients, this regime demands immediate attention. The procurement debarment risk adds particular urgency for organisations in public sector supply chains, as commercial consequences could materialise during investigations, long before any criminal prosecution concludes.

Organisations must conduct thorough risk assessments identifying potential fraud risks across their operations globally. Existing anti-fraud procedures require urgent review and enhancement to meet the "reasonable procedures" standard. Contractual arrangements with third parties warrant scrutiny, as "associated person" extends beyond employees to various service providers. Internal training programmes must reflect the new legal landscape and foster an anti-fraud culture.

Looking Ahead

The failure to prevent fraud offence represents more than a statutory provision; it signals fundamental change toward holding organisations accountable for economic crime within their sphere of influence. The SFO's commitment to aggressive enforcement, combined with enhanced investigative powers and the parallel procurement debarment risk, creates an environment where both criminal and commercial consequences are likely to become more frequent and severe.

For legal practitioners, the message is clear: the grace period has ended. Organisations that have not implemented robust fraud prevention frameworks face significant legal, financial, and reputational jeopardy through both criminal prosecution and procurement exclusion. The new regime demands immediate and sustained attention from both in-house and external counsel to navigate this transformed regulatory landscape.