Navigating Failure to Prevent Fraud compliance in the UK

InsightsGovernance and risk insights

Navigating Failure to Prevent Fraud compliance

23 January 2026
The landscape of corporate accountability in the United Kingdom has fundamentally shifted with the introduction of the failure to prevent fraud offence under the Economic Crime and Corporate Transparency Act 2023. This landmark legislation came into force on 1 September 2025, creating a new corporate criminal offence that holds large organisations accountable when fraud is committed by their employees, agents, or subsidiaries for their benefit.

For the first time, companies can face criminal liability not for committing fraud themselves, but for failing to prevent fraud committed on their behalf. This represents a seismic change in how businesses must approach fraud risk management, moving from reactive detection to proactive prevention.

Understanding the offence

The failure to prevent fraud offence applies to large organisations, defined as those meeting two or more of the following criteria: more than 250 employees, over £36 million in turnover, or more than £18 million in total assets. These organisations can be prosecuted if an associated person commits a fraud offence intending to benefit the organisation, unless the organisation can demonstrate it had reasonable prevention procedures in place.

This "reasonable procedures" defence is not merely a box-ticking exercise. It requires organisations to implement proportionate systems designed to prevent fraud, tailored to their specific risk profile, size and complexity. The burden of proof rests with the organisation to demonstrate that these procedures were indeed reasonable.

Six guiding principles

The government has published guidance built around six core principles that organisations should embed into their compliance frameworks.

  1. Top-level commitment is paramount, with boards and senior management needing to demonstrate active engagement with fraud prevention.
  2. A comprehensive risk assessment must identify where fraud risks exist across the business, considering internal and external threats.
  3. Proportionate risk-based prevention procedures should then be designed to address these identified risks without creating unnecessary bureaucracy.
  4. Due diligence on employees, agents and third parties helps ensure that those representing the organisation understand and adhere to fraud prevention standards.
  5. Communication and training programmes ensure that anti-fraud policies are not merely documented but understood and implemented throughout the organisation.
  6. Finally, robust monitoring and review mechanisms ensure that procedures remain effective as risks evolve.

Practical implementation challenges

Many organisations face significant challenges in translating these principles into effective practice. Legacy systems and siloed data can obscure fraud risks, while complex supply chains and third-party relationships create vulnerabilities that are difficult to monitor. Cultural resistance to change, particularly in organisations without established compliance functions, can undermine even well-designed procedures.

The key to successful implementation lies in taking a risk-based approach that prioritises resources where fraud risks are highest. This might mean enhanced due diligence for high-risk third parties, increased monitoring of customer-facing roles or strengthened controls around procurement and financial reporting. Technology can play a crucial role, with data analytics and artificial intelligence offering powerful tools for detecting unusual patterns and red flags.

The enforcement reality

The Serious Fraud Office has made its intentions unmistakably clear. The SFO Director Nick Ephgrave emphasised the agency's determination to prosecute the offence, warning organisations in stark terms: 

"Come September, if they haven't sorted themselves out, we're coming after them. That's the message I'll be delivering…I'm very, very keen to prosecute someone for that offence. We can't sit with the statute books gathering dust, someone needs to feel the bite."

The message is unambiguous: the SFO views early prosecutions as essential to establishing the credibility and deterrent effect of the failure to prevent fraud offence.

The path forward

Organisations that delay action do so at considerable peril. Beyond the risk of prosecution and unlimited fines, failure to prevent fraud can result in debarment from public contracts, reputational damage and regulatory scrutiny. Conversely, organisations that embrace this legislation as an opportunity to strengthen their compliance frameworks will be better positioned to protect themselves, their stakeholders and the integrity of the markets in which they operate.

The journey toward compliance is not a destination but an ongoing process of assessment, implementation and refinement. As fraud tactics evolve and business models change, so too must prevention procedures adapt. Organisations that build flexibility and continuous improvement into their compliance programmes will be best equipped to navigate this new regulatory landscape.

The failure to prevent fraud offence marks a new era of corporate accountability. The time for preparation has passed; the time for action is now.

 

Why the consumer sector is particularly exposed

Consumer-facing businesses operate in environments with inherent fraud risks that make them particularly vulnerable under this new regime. The sector's characteristics create multiple pressure points where fraudulent conduct can emerge, such as:

  • High-volume transactions and customer interactions create numerous opportunities for deceptive practices. Whether through retail channels, e-commerce platforms, or subscription services, the sheer volume of daily transactions increases the statistical likelihood of fraudulent activity occurring somewhere within the organisation's operations.
  • Complex supply chains and distributor networks extend corporate reach while simultaneously expanding the pool of "associated persons" whose conduct could trigger liability. Each supplier, wholesaler, or franchisee represents a potential source of reputational and legal risk.
  • Intense competitive pressure in consumer markets can create environments where individuals feel incentivised to bend rules to meet targets, particularly around sales performance, market share gains, or margin protection.

Examples of fraud scenarios under the new Offence relevant to consumer companies

1. Misleading marketing and sales practices

A high-street fashion retailer's marketing team fabricates sustainability credentials for a new clothing line, falsely claiming products are made from recycled materials when they contain predominantly virgin synthetics. Sales associates are trained to promote these false environmental claims to eco-conscious consumers, driving significant revenue growth. This could constitute fraud by false representation, with the company potentially liable under the failure to prevent fraud offence.

2. E-commerce review manipulation

An online electronics retailer employs a third-party agency to post fake positive reviews for its products while submitting negative reviews for competitors' offerings. The practice inflates the company's marketplace ratings and influences consumer purchasing decisions. Even if orchestrated by external contractors, this fraudulent activity intended to benefit the company could trigger corporate liability.

3. Promotional pricing fraud

A supermarket chain's pricing team inflates ‘original’ prices immediately before sales events to create misleading discounts. Products are marked up by 40% for two weeks, then ‘discounted’ by 30%, allowing the retailer to advertise significant savings while actually offering minimal price reductions. This systematic deception of consumers constitutes fraud that could expose the company to the new offence.

4. Subscription trap schemes

A beauty products company designs its online subscription service with deliberately complex cancellation procedures while offering prominently displayed ‘free trials’. The terms are buried in dense legal text, and customers find themselves charged repeatedly despite believing they cancelled. The design intentionally exploits consumer confusion to generate unauthorized revenue, potentially representing fraud by abuse of position or false representation.

5. Private label misrepresentation

A grocery chain sources private label products from low-cost manufacturers but packages them with imagery and descriptions suggesting premium origins or production methods. Products are marketed as ‘artisanally crafted’ or ‘farm fresh’ when they're mass-produced in industrial facilities. This deception inflates profit margins through false representations to consumers.

Key contacts

23 Jan 2026

A New Era for Corporate Criminal Liability

The Economic Crime and Corporate Transparency Act 2023 (ECCTA) marks the most significant reform to corporate criminal liability in England and Wales in over a century. For businesses operating in the UK, these changes demand urgent attention and strategic reassessment of compliance frameworks.

Read more
25 Jun 2024

Fraud Risk Assessment - Public & Social Sector

In our previous article, Understanding the new ‘Failure to Prevent Fraud’ Offence in a Public Sector context, we discussed the new failure to prevent fraud offence due to come into force in early 2025. Part of this article highlighted the importance of public and social sector organisations having reasonable procedures in place to prevent fraud. In this follow-up article, we delve deeper into the...

Read more

Contact us

+44 20 7063 4000
Meet our local team
Discover our offices
Or use our contact form