Organisations have until 1 September 2025 to comply with the new failure to prevent fraud offence, introduced by the Economic Crime and Corporate Transparency Act 2023.

If large organisations do not have reasonable fraud prevention measures in place, they could face prosecution for frauds committed by employees and other associated persons and, if found guilty, the penalty fine penalty does not have a limit. The Crown Prosecution Service and the Serious Fraud Office published guidance in August in readiness for prosecutors dealing with corporate prosecutions.

Who does the offence apply to?

The new offence applies to large organisations, defined as those meeting at least two of the following criteria: –

• More than 250 employees
• Annual turnover exceeding £36 million
• Balance sheet total exceeding £8 million

But even where organisations do not meet the criteria, it is still best practice to ensure the organisation has reasonable fraud prevention measures.

 The offence

The act introduces an offence where an associated person commits a specified fraud offence intending to benefit the organisation, and the organisation did not have reasonable fraud prevention procedures in place.

Breaking this down: –

• an “associated person” includes (but is not limited to) an employee at any level of the organisation, contractors, directors, a subsidiary company or an agent.
•  a “specified fraud” includes:

• • • Fraud by false representation, failing to disclose information, or abuse of position
    • False statements by company directors
    • False accounting
    • Fraudulent trading
    • Cheating the public revenue
    • Aiding or abetting any of the above

• the concept of “Intending to benefit the organisation” can be a financial or non-financial benefit, and the benefit does not need to be the primary motivation for committing the fraud. Examples might include:

• • • Dishonest sales practices, such as sales staff making misleading or false claims about a product to gain more sales.
    • The hiding of important information from consumers or investors, such as a director misreporting ESG activities.

This limb has a wide scope, in that the associated person could be committing the fraud with the primary motivation to benefit themselves, but if the fraud directly or indirectly benefits the organisation too, then it could be caught by this limb.

Reasonable fraud prevention measures

Organisations need to understand their specific fraud risks, to then be in a position to implement reasonable fraud prevention measures. The government guidance provides significant detail on how organisations might go about evaluating their specific fraud risks, such as reviewing where associated persons might have the opportunity, means and motive to commit fraud.

Organisations must then implement proportionate fraud prevention procedures, which may include:

• Clear anti-fraud policies
• Staff training and communication
• Due diligence on third parties
• Staff training
• Whistleblowing procedures

Faced with the possibility of an unlimited fine for getting it wrong, it is worthwhile for organisations to dedicate resources to ensure they have sufficient measures in place. If you require any support in drafting or reviewing current your policies and commercial contracts, please get in touch with our Commercial Team who would be happy to assist.