September 11, 2025

How do I prevent my company falling foul of the new failure to prevent fraud offence under the ECCTA 2023?

Author
Author headshot image
Yasmine Grove
Associate
View Profile More Articles

The Economic Crime and Corporate Transparency Act 2023 (ECCTA) was given Royal Assent in March 2022 and its provisions have subsequently come into force in stages. The overarching aim of ECCTA is to tackle economic crime and ensure transparency of the UK’s corporate structures.

Effective from 1 September 2025, a new failure to prevent fraud offence will be introduced by ECCTA.

This new offence will affect large organisations (see the criteria below). The failure to prevent fraud offence is triggered by a fraud offence committed by an employee or agent of the organisation for the organisation’s intended benefit in an organisation that did not have reasonable fraud prevention procedures in place.

How can I prevent against committing this new offence?

If an organisation can prove it had reasonable prevention procedures in place at the time the fraud offence was committed, this will be a defence to the failure to prevent fraud offence.

So, what are “reasonable prevention procedures”? Government guidance describes a fraud prevention framework with six key principles, which we have summarised below:

1. Top level commitment

Responsibility for prevention and detection of fraud should sit at the top of an organisation, with the board of directors, partners, and senior management, fostering a culture where fraud is never acceptable.

2. Risk assessment

The organisation assesses the nature and extent of the risks associated with its business, and its exposure to the risk of employees or agents committing fraud offences.

3. Proportionate risk-based prevention procedures

The organisation factors in the nature, scale and complexity of its activities and considers this against the fraud risks it faces. The procedures are proportionate, clear, practical, accessible, effectively implemented, and enforced.

4. Due diligence

The organisation applies due diligence procedures in connection with employees or agents who will carry out services on behalf of the organisation.

5. Communication (including training)

The organisation ensures that its prevention procedures and policies are communicated, embedded, and understood (including through training).

6. Monitoring and review

The organisation monitors and reviews its prevention procedures and policies.

See the Government website for more in-depth guidance.

So what is a “large organisation”?

A large organisation is an organisation that meets any two of the below criteria:

  • Turnover in excess of £36m;
  • Total assets in excess of £18m; and
  • More than 250 employees.

The above criteria apply to the whole organisation structure, which includes all subsidiaries.

Where an organisation does not meet the above criteria, it cannot be prosecuted for the offence of failure to prevent fraud. Nonetheless, having proper fraud prevention procedures in place is a sensible idea for the following reasons (amongst others):

  • It could future-proof against any changes to the law (including any future changes to the above criteria); and
  • Safeguard against potential fraud-related offences committed by an organisation’s employees or agents, therefore limiting or preventing associated reputational damage to the organisation.

… and what is a “fraud offence”?

A fraud offence will be any of a number of fraud offences listed in Schedule 13 of ECCTA. To list a few:

  • False accounting;
  • Fraudulent trading; and
  • Obtaining services dishonestly.

What’s the sentencing / repercussion of being convicted of this new offence?

The organisation would be convicted of the offence of failure to prevent fraud and the punishment would be an unlimited fine (to be determined by a Court). The new offence can only be committed by a large organisation, not an individual.

What should I do if I notice that one of my employees or agents has committed a fraud offence?

The Serious Fraud Office (SFO) published guidance (SFO Corporate Guidance – GOV.UK) confirming that if an organisation self-reports suspected wrongdoing and co-operates with any related investigation, it can expect to negotiate a Deferred Prosecution Agreement (DPA) rather than face prosecution, unless “exceptional circumstances” apply. A DPA is where the organisation is charged with a criminal offence but proceedings are automatically suspended.

To reiterate the above, having reasonable fraud prevention procedures in place is a defence. If an organisation with this defence fails to self-report or co-operate with the SFO, the defence is not automatically weakened. However, the Government guidance does refer to leading by example and a failure to self-report may weigh against public interest in a DPA and may create a public interest factor in favour of prosecution. It will always be prudent to self-report any suspected or known fraud offences.

Research and assistance for this page was provided by Charles Oliver, Paralegal in our Corporate team based in our Bristol office.

Please do get in touch with a member of our Corporate Team if you would like to discuss how the ECCTA will affect your business:

Corporate

We are a dynamic, forward thinking team of corporate lawyers with the technical knowledge and experience necessary to get deals done.

More Corporate articles from RWK Goodman:

Opinion  |  28:08:25
UK Industrial Strategy Sector Plans | Life Sciences
On 23 June 2025, the UK Government published details of its industrial strategy over the coming 10 years across several detailed Sector Plans. This note touches on the Sector Plan for Life Sciences.
Financial Tech RWK Goodman
Opinion  |  28:08:25
UK Industrial Strategy Sector Plans | Digital and Technologies
On 23 June 2025, the UK Government published details of its industrial strategy over the coming 10 years across several detailed Sector Plans. This note touches on the Sector Plan for Digital and Technologies.
Financial Tech RWK Goodman
Opinion  |  28:08:25
UK Industrial Strategy Sector Plans | Advanced Manufacturing
On 23 June 2025, the UK Government published details of its industrial strategy over the coming 10 years across several detailed Sector Plans. This note touches on the Sector Plan for Advanced Manufacturing.
Financial Tech RWK Goodman
Opinion  |  28:08:25
UK Industrial Strategy Sector Plans
On 14 October 2024 the UK Government published its Invest 2035 roadmap, setting out the broad strokes of its industrial strategy for the next 10 years.
Opinion  |  06:08:25
Buy and build acquisitions in the UK social care sector
The UK social care sector is seeing increased consolidation, as operators seek to scale by acquiring additional care homes, supported living services, and home care businesses.
Opinion  |  06:08:25
Intelligent Diligence: is AI a game-changer for due diligence?
press
News  |  18:07:25
Powering up ambitions as RWK Goodman advises on sale of Advantage NRG
RWK Goodman has advised on the £15.7m sale of a Chorley-based specialist overhead lines labour supplier to a national labour supply company.
Opinion  |  09:07:25
Completion Accounts in Focus in Inspired Education Online Ltd v Crombie
In Inspired Education Online Ltd v Crombie, the High Court was asked to resolve a dispute arising from the sale of My Online Schooling Ltd (MOS) to Inspired Education Online Ltd (“Inspired”). The seller (also the sole director and CEO of the target) was accused of breaching warranties and fraudulently misrepresenting facts during the sale.
Opinion  |  08:07:25
Can the UK government force you to sell (divest) a business? – an NSIA case-study
Following on from our article looking at the requirements and repercussions of the National Security and Investment Act 2021 (AKA the NSIA, and described below simply as the “Act”) (see ‘What is the National Security and Investment Act 2021?’), we wanted to give an example of a case in which an acquiror was actually required to divest of their interest in an acquired company.

View more articles related to Corporate

Share on:
View more articles