Failure to Prevent Fraud under ECCTA 2023

On 1 September 2025 a new corporate criminal offence came into force through the Economic Crime and Corporate Transparency Act 2023 (ECCTA 2023). Under Part 5, section 199, large organisations in the United Kingdom, and overseas organisations with a sufficient UK connection, can be prosecuted if an associated person commits fraud for their benefit. The only defence is to show that reasonable procedures were in place to prevent fraud.

What is the Offence

Section 199 ECCTA 2023 states that a relevant organisation commits an offence if an associated person commits a fraud offence listed in Schedule 13 with the intention of benefitting the organisation or a client of the organisation. Associated persons include employees, agents, subsidiaries, contractors and others performing services on behalf of the organisation.

This is a strict liability offence. There is no requirement to prove knowledge or involvement by senior management.

Who Does the Law Apply To

The offence applies to “large organisations”. An organisation is within scope if, during the relevant financial year, it or its group meets at least two of the following conditions:

• More than 250 employees
• Turnover of more than £36 million
• Assets of more than £18 million

This captures companies, partnerships, incorporated charities and most public bodies, although certain government departments and police forces are excluded.

Which Fraud Offences Are Covered

Schedule 13 ECCTA 2023 sets out the fraud offences that can trigger liability. These include:

• Fraud by false representation
• Fraud by failing to disclose information
• Fraud by abuse of position
• Obtaining services dishonestly
• Fraudulent trading
• False accounting
• Cheating the public revenue
• Certain Scottish offences such as embezzlement, uttering and statutory fraud

It also includes secondary liability such as aiding, abetting, counselling or procuring these offences.

The Defence of Reasonable Procedures

Section 199 provides a defence where the organisation had reasonable procedures in place to prevent fraud. Guidance issued by government sets out six principles that should underpin such procedures:

• Top level commitment from senior management
• Regular and robust fraud risk assessments
• Proportionate and risk based controls
• Appropriate due diligence
• Effective communication and training for staff and associated persons
• Ongoing monitoring and review

Why It Matters

This offence represents one of the most significant reforms in corporate criminal liability since the Bribery Act 2010. It creates a duty on organisations to take active steps to prevent fraud and ensures that liability can no longer be avoided by arguing that wrongdoing was unknown to directors or senior managers.

Enforcement agencies, including the Serious Fraud Office, have confirmed that they are ready to bring prosecutions where organisations have failed to prepare. Sanctions include unlimited fines and serious reputational damage.

Practical Steps for Organisations

To comply with Part 5 ECCTA 2023, organisations should:

• Review and update anti fraud policies and controls
• Carry out a fraud specific risk assessment
• Provide staff training and awareness programmes
• Put in place reporting and whistleblowing mechanisms
• Ensure board level oversight and regular review of procedures

Conclusion

The failure to prevent fraud offence in Part 5, section 199 ECCTA 2023 marks a major shift in the legal landscape. Large organisations and overseas companies with UK connections must take immediate steps to strengthen fraud prevention frameworks. Fraud prevention is no longer optional. It is a statutory obligation, and failure to meet it can result in criminal conviction and unlimited financial penalties.