A New Era for Corporate Criminal Liability: How the ECCTA's Senior Manager Test Reshapes Risk for UK Businesses

The Old Regime: Identification doctrine's limitations

For decades, prosecuting corporations for economic crimes required proving that individuals at the very apex of an organisation - the "controlling mind" - committed the offence. This narrow test created a paradox: the larger and more complex the organisation, the harder it became to establish criminal liability.

The game changer: the Senior Manager Test

The ECCTA introduces a fundamentally broader approach for certain economic crimes, including fraud, false accounting and money laundering offenses. Under the new senior manager test, organisations can now be held criminally liable when any "senior manager" commits a relevant offense while acting within their actual or apparent authority.

Critically, a senior manager is defined as someone who plays a significant role in making decisions about how the whole or a substantial part of the organisation's activities are managed or organised. This extends far beyond the C-suite, potentially capturing heads of business units, regional directors, and senior operational leaders and dramatically widening the net of attributable conduct.

What this means in practice

The implications are profound. Organisations can no longer rely on hierarchical distance as a defence. A fraud committed by a divisional director, for instance, may now be attributed to the corporate entity itself, triggering criminal prosecution, unlimited fines and reputational damage.

Importantly, unlike the failure to prevent fraud and other offences introduced in recent years (such as failure to prevent bribery or tax evasion facilitation), there is no "reasonable procedures" defence available under the senior manager test. Organisations cannot escape liability by demonstrating they had adequate compliance systems in place. If a senior manager commits a relevant offence, the company is liable, full stop. This makes prevention not just good practice, but an absolute necessity.

The Path Forward: Enhanced Compliance Imperatives

Organisations must respond proactively. Key priorities include:

1. Risk assessment: Map your senior management population under the new definition - you may be surprised by its breadth. Identify where these individuals have exposure to economic crime risks.
2. Control enhancement: Strengthen preventative controls at all senior management levels, not just the executive suite. This includes robust approval processes, segregation of duties, and enhanced oversight mechanisms.
3. Training and culture: Ensure senior managers understand both the substantive law and the personal and corporate consequences of violations. Cultivate a culture where ethical concerns can be raised without fear.
4. Incident response: Develop protocols for investigating and responding to potential violations that account for the new attribution rules. Early detection and remediation become even more critical.

The ECCTA's senior manager test represents a fundamental recalibration of corporate criminal risk in the UK. While the reforms aim to close enforcement gaps and promote corporate accountability, they also create new exposure for businesses that fail to adapt. Organisations that treat these changes as a compliance exercise alone miss the point - this is about embedding integrity throughout senior leadership and ensuring that authority comes with genuine accountability.

The message from Parliament is clear: corporate structure can no longer be a shield from criminal liability. The question for every UK business is whether their governance, compliance and culture frameworks are ready for this new reality.