Fraud: If only we knew?

Fraud is a term no business or employer ever wants to become associated with, and to date its use has been reserved only for the most serious offences. However, from 1^st September 2025 this term is set to become more widespread with a new corporate criminal offence of failure to prevent fraud enacted under the Economic Crime and Corporate Transparency Act 2023.

The offence will hold large organisations criminally liable for failing to take reasonable action to prevent an employee, agent, subsidiary, or other associated person, from committing fraud with the intention of benefitting the business. Large organisations are deemed "relevant bodies", and this covers corporations and partnerships which meet two out of three important tests: (1) more than 250 employees; (2) turnover of £36 million or more; (3) assets of £18 million or more.

A subsidiary undertaking of a large organisation is an associated person for the purposes of this offence (section 199(7)(a)). This means that it is possible for a parent company to be prosecuted for failure to prevent fraud where the base fraud offence is committed corporately by a subsidiary and where the beneficiary is the parent organisation, or its clients to whom the subsidiary provides services for or on behalf of the parent organisation.

An organisation does not actually need to receive any benefit for the offence to apply; since the fraud offence can be completed before any gain is received. It is enough that the organisation was intended to be the beneficiary. Furthermore, the intention to benefit the organisation does not have to be the sole or dominant motivation for the fraud. The offence can apply where a fraudster’s primary motivation was to benefit themselves, but where their actions will also benefit the organisation. The same applies if the intention was to benefit the client to whom the associated person provides services for or on behalf of the relevant organisation.

It is apparent that the boundaries of responsibility are widening significantly for business owners and employers. What can be done to mitigate the risk of fraud?

There is a defence to the offence if an organisation can show that it had in place reasonable procedures to prevent fraud. The notice period given in advance of the Act taking effect, is designed to give impacted organisations time to review and implement appropriate prevention procedures to address their organisation's potential fraud risk. On this basis the newly published guidance sets out the key principles which organisations should be informed by when putting those procedures in place.

These principles are as follows;

1. Top level commitment
2. Risk assessment
3. Proportionate risk-based prevention procedures
4. Due diligence
5. Communication (including training)
6. Monitoring and review

It will be essential for organisations to undertake detailed risk assessments to identify potential risks before they reach the threshold of offence. The ultimate goal is to help build an anti-fraud culture internally.

The guidance encourages consideration to be given to the three elements of the fraud triangle; opportunity, motive, and rationalisation. For example, an associated person might commit fraud where there are weak controls or inadequate oversight (opportunity), where people are under pressure to meet targets (motive), and where they consider no real harm is caused by committing the fraud (rationalisation).

Good communication, clear governance across the organisation in respect of the fraud prevention framework, and commitment to training, will ensure the opportunity and motive for fraud is reduced. By ensuring consequences are put in place and best practice is followed, including using emerging technologies to assist with the implementation and monitoring of risk, this legislation has the potential to reshape corporate culture in a similar vein to the anti- bribery legislation introduced in 2010.

The recently released guidance is a welcome publication before the Act comes into force, as it gives organisations ample opportunity to address, or initiate suitable fraud prevention measures and training. As with all good legislation, there are severe penalties penalty, matched with the ambition of driving good behaviours and a pervasive culture of fairness and best business practice for the benefit of all in society.

If you would like further information, please contact a member of the Corporate team.

*This information is for guidance purposes only and does not constitute, nor should be regarded, as a substitute for taking legal advice that is tailored to your circumstances.