"Come September, if they haven't sorted themselves out, we're coming after them. That's the message I'll be delivering…I'm very, very keen to prosecute someone for that offence. We can't sit with the statute books gathering dust, someone needs to feel the bite."
Navigating Failure to Prevent Fraud compliance in the UK
23 January 2026
The landscape of corporate accountability in the United Kingdom has fundamentally shifted with the introduction of the failure to prevent fraud offence under the Economic Crime and Corporate Transparency Act 2023. This landmark legislation came into force on 1 September 2025, creating a new corporate criminal offence that holds large organisations accountable when fraud is committed by their employees, agents, or subsidiaries for their benefit.
For the first time, companies can face criminal liability not for committing fraud themselves, but for failing to prevent fraud committed on their behalf. This represents a seismic change in how businesses must approach fraud risk management, moving from reactive detection to proactive prevention.
Understanding the offence
The failure to prevent fraud offence applies to large organisations, defined as those meeting two or more of the following criteria: more than 250 employees, over £36 million in turnover, or more than £18 million in total assets. These organisations can be prosecuted if an associated person commits a fraud offence intending to benefit the organisation, unless the organisation can demonstrate it had reasonable prevention procedures in place.
This "reasonable procedures" defence is not merely a box-ticking exercise. It requires organisations to implement proportionate systems designed to prevent fraud, tailored to their specific risk profile, size and complexity. The burden of proof rests with the organisation to demonstrate that these procedures were indeed reasonable.
Six guiding principles
The government has published guidance built around six core principles that organisations should embed into their compliance frameworks.
- Top-level commitment is paramount, with boards and senior management needing to demonstrate active engagement with fraud prevention.
- A comprehensive risk assessment must identify where fraud risks exist across the business, considering internal and external threats.
- Proportionate risk-based prevention procedures should then be designed to address these identified risks without creating unnecessary bureaucracy.
- Due diligence on employees, agents and third parties helps ensure that those representing the organisation understand and adhere to fraud prevention standards.
- Communication and training programmes ensure that anti-fraud policies are not merely documented but understood and implemented throughout the organisation.
- Finally, robust monitoring and review mechanisms ensure that procedures remain effective as risks evolve.
Practical implementation challenges
Many organisations face significant challenges in translating these principles into effective practice. Legacy systems and siloed data can obscure fraud risks, while complex supply chains and third-party relationships create vulnerabilities that are difficult to monitor. Cultural resistance to change, particularly in organisations without established compliance functions, can undermine even well-designed procedures.
The key to successful implementation lies in taking a risk-based approach that prioritises resources where fraud risks are highest. This might mean enhanced due diligence for high-risk third parties, increased monitoring of customer-facing roles or strengthened controls around procurement and financial reporting. Technology can play a crucial role, with data analytics and artificial intelligence offering powerful tools for detecting unusual patterns and red flags.
The enforcement reality
The Serious Fraud Office has made its intentions unmistakably clear. The SFO Director Nick Ephgrave emphasised the agency's determination to prosecute the offence, warning organisations in stark terms:
The message is unambiguous: the SFO views early prosecutions as essential to establishing the credibility and deterrent effect of the failure to prevent fraud offence.
The path forward
Organisations that delay action do so at considerable peril. Beyond the risk of prosecution and unlimited fines, failure to prevent fraud can result in debarment from public contracts, reputational damage and regulatory scrutiny. Conversely, organisations that embrace this legislation as an opportunity to strengthen their compliance frameworks will be better positioned to protect themselves, their stakeholders and the integrity of the markets in which they operate.
The journey toward compliance is not a destination but an ongoing process of assessment, implementation and refinement. As fraud tactics evolve and business models change, so too must prevention procedures adapt. Organisations that build flexibility and continuous improvement into their compliance programmes will be best equipped to navigate this new regulatory landscape.
The failure to prevent fraud offence marks a new era of corporate accountability. The time for preparation has passed; the time for action is now.
Key contacts
Darya Oglezneva Director - Forensic and Investigation Services - London
Luke Firmin Director - Financial Crime - London
23 Jan 2026
A New Era for Corporate Criminal Liability
The Economic Crime and Corporate Transparency Act 2023 (ECCTA) marks the most significant reform to corporate criminal liability in England and Wales in over a century. For businesses operating in the UK, these changes demand urgent attention and strategic reassessment of compliance frameworks.
25 Jun 2024
Fraud Risk Assessment - Public & Social Sector
In our previous article, Understanding the new ‘Failure to Prevent Fraud’ Offence in a Public Sector context, we discussed the new failure to prevent fraud offence due to come into force in early 2025. Part of this article highlighted the importance of public and social sector organisations having reasonable procedures in place to prevent fraud. In this follow-up article, we delve deeper into the...