The new corporate criminal offence of ‘failure to prevent fraud’ (FTPF) was introduced last year as part of the Economic Crime and Corporate Transparency Act (ECCT) to help make sure organisations are taking action to prevent fraud.
Under the FTPF offence, an organisation may be criminally liable where an employee, agent, subsidiary or other ‘associated person’ commits a fraud intending to benefit the organisation and the organisation did not have reasonable fraud prevention procedures in place.
In certain circumstances, the offence will also apply where the fraud offence is committed with the intention of benefitting a client of the organisation. It does not need to be demonstrated that directors or senior managers ordered or knew about the fraud. The offence does not come into force until the implementation period of nine months expires on 1 September 2025.
The offence sits alongside existing law; for example, the person who committed the fraud may be prosecuted individually for that fraud, while the organisation may be prosecuted for failing to prevent it. Examples may include dishonest sales practices, the hiding of important information from consumers or investors, or dishonest practices in financial markets.
The government has said its intention is for the offence to encourage organisations to build an anti-fraud culture, in a similar vein to the failure to prevent bribery legislation introduced in 2010.
Fraud is the most common type of crime in the UK, amounting to around 40% of all crime in England and Wales, and the introduction of the FTPF offence is part of a wider government ambition to reduce fraud and protect potential victims, including business victims. In the event of prosecution, an organisation would have to demonstrate to the court that it had reasonable fraud prevention measures in place at the time the fraud was committed.
Organisations in scope
The offence applies to large, incorporated bodies and partnerships across all sectors of the economy. It applies to organisations incorporated or formed by any means. This includes, but is not limited to:
- the Companies Act 2006;
- Royal Charter;
- statute (for example, NHS Trusts);
- the Limited Liability Partnerships Act 2000;
- the Co-operative and Community Benefit Societies Act 2014.
The offence also applies to partnerships that are not bodies corporate (including Scottish partnerships and limited partnerships formed under the Limited Partnerships Act 1907). Unincorporated organisations (other than partnerships) are not in scope.
The offence also applies to bodies incorporated and partnerships formed outside the UK but with a UK nexus.
The FTPF offence applies only to large organisations. A ‘large organisation’ is defined as meeting two or three out of the following criteria:
- more than 250 employees;
- more than £36m turnover;
- more than £18m in total assets in the financial year of the organisation that precedes the year of the base fraud offence.
These criteria apply to the whole organisation, including subsidiaries, regardless of where the organisation is headquartered or where its subsidiaries are located.
Purpose of the guidance
Government guidance on FTPF published this week has been developed with input from the Crown Prosecution Service, Serious Fraud Office, HM Treasury, HMRC, Ministry of Justice, Cabinet Office, Attorney General’s Office and the Financial Conduct Authority.
It provides an overview of the FTPF offence, illustrated by some theoretical examples in different contexts. It describes the general principles for organisations in developing or enhancing procedures to prevent fraud. When a court is considering a case, adherence to these principles will be taken into account.
The guidance includes examples of good practice but, given the wide range of organisations in scope, it cannot be prescriptive about all possible scenarios.
Individual sectors of the economy may choose to develop sector-specific guidance that detail prevention measures commensurate to the specific risks in that sector. Indeed, ICAEW will consider further steps for specific instances with relevance to the accountancy sector. However, there is no mechanism in the ECCT Act for statutory guidance to be issued by representative or membership bodies and therefore any sector-specific guidance will be advisory only.
As some organisations in scope of the offence are also subject to other legislation (for example, financial, environmental or health and safety regulations), the guidance discusses how they should approach any potential overlap between the offence and existing regulatory requirements.
Departures from suggested procedures within the guidance will not automatically mean that an organisation does not have reasonable fraud prevention procedures, as different prevention procedures may also be considered reasonable by a court. However, even strict compliance with suggested procedures will not necessarily amount to having reasonable procedures where the relevant body faces risks arising from the unique facts of its own business that have not been addressed.
The onus will remain on the relevant organisation, where it seeks to rely on the defence, to prove that it had reasonable prevention procedures in place (or that it was unreasonable to expect it to have such procedures). In accordance with established case law, the standard of proof is the balance of probabilities.
Next steps
ICAEW has consulted regularly with the Home Office on the FTPF offence and provided detailed feedback on the draft guidance. We welcome all efforts by the government to make the UK a less permissive environment for fraud.
We encourage members to read the legislation and the guidance in full and we will work closely with ICAEW members to highlight the necessary steps they will need to undertake during the implementation period of the offence. We continue to encourage members to have robust anti-fraud measures in place, and we will produce further material on practical steps that can be taken to prepare members for the legislation once it comes into force.