Failure to Prevent Fraud

How is your organisation affected? Get up to date on the offence and related guidance

The legal context

What is the aim of the Failure to Prevent Fraud offence?

A corporate criminal offence of ‘Failure to Prevent Fraud’ is in effect in the UK from September 2025, changing compliance requirements for large organisations.

The offence is designed to encourage organisations to improve their fraud prevention procedures and to promote an anti-fraud culture from the top down.

EXPLAINER:

The criminal offence of ‘failure to prevent fraud’ comes under the Economic Crime and Corporate Transparency Act 2023 (ECCTA). The government published guidance in November 2024 and the new offence will be in effect from September 2025.

The objective of the offence is to hold organisations to account for fraud committed by employees or associated persons that may benefit the organisation or its clients.

  • The potential consequences of the offence are significant. Organisations may be held criminally liable where any employee, agent, subsidiary or other associated person providing services, commits a fraud intending to benefit the organisation or their clients and it is found that the organisation did not have reasonable fraud prevention measures in place.

  • The offence applies to larger organisations (including private and public companies, public bodies or charities) that meet two out of the following three criteria:

    • more than 250 employees
    • turnover of more than £36 million
    • over £18 million in total assets

    Where a parent company and its subsidiaries together meet two out of the three criteria, the group of companies may be in scope of the offence.

  • The failure to prevent legislation comes into play if one of nine base fraud offences is committed by an employee, an agent, a subsidiary or a person performing services for or on behalf of the organisation. The list of base offences is broad (it includes, for example, misrepresentation), further highlighting the need for risk reviews and thorough fraud prevention strategies.

    1 Cheating the public revenue (common law)

    2 False accounting (Theft Act 1968)

    3 False statements by company directors (Theft Act 1968)

    4 Fraudulent trading (Companies Act 2006)

    5 Fraud by false representation (Fraud Act 2006)

    6 Fraud by failing to disclose information (Fraud Act 2006)

    7 Fraud by abuse of position (Fraud Act 2006)

    8 Participation in a fraudulent business (Fraud Act 2006)

    9 Obtaining services dishonestly (Fraud Act 2006).

    The offence can also be triggered by aiding, abetting counselling, or procuring the commission of any the listed offences.

  • There is a requirement for a “UK nexus” for the failure to prevent fraud offence to apply. This has potential implications for overseas organisations.

    The base fraud offence must have been committed under UK law, for example, because one of the fraudulent acts or its gain or loss took place in the UK.

    If a UK-based employee commits a base fraud offence, the relevant organisation could be prosecuted regardless of where it is based or headquartered.

    An overseas-based organisation could also be prosecuted if their employee or associated person commits a base fraud offence in the UK or targets victims in the UK.

  • If prosecuted, an organisation must prove to the court that it had reasonable fraud prevention measures in place when the fraud was committed or that it was not reasonable to have those procedures in place in all the circumstances. The standard of proof is on the balance of probabilities.

    It will be for the courts to decide what is reasonable in individual instances. However, the guidance highlights the following as essential components of any fraud prevention framework:

    • Top level commitment

    • Risk assessment (this should be reviewed on a regular basis)

    • Proportional risk-based prevention procedures

    • Due diligence

    • Communication (including training)

    • Monitoring and review

    It is therefore vital for organisations to demonstrate that they have provided all employees, directors and relevant associates with suitable, risk-specific training and communicated a clear message on fraud prevention at all levels.

Are you ready for the new UK Failure to Prevent Fraud offence?

Key questions for senior leaders as the 1st September deadline approaches

Deadline: 1st September 2025

As the 1st of September 2025 deadline for the UK’s new Failure to Prevent Fraud (FtPF) offence draws near, senior leaders, including Board Directors, face a critical moment. 

Introduced under the Economic Crime and Corporate Transparency Act 2023, this legislation represents a significant shift in corporate liability, placing a fresh burden on companies to actively prevent fraud or face severe consequences.

FACT:

The FtPF offence is a game-changer. It holds organisations criminally liable if an “associated person” commits fraud to benefit the company, even if senior management had no direct knowledge or involvement.

Understanding the new requirements

The Failure to Prevent Fraud offence marks a significant departure from previous fraud laws, which often required evidence of complicity at senior levels. Now, the standard is clear: companies must demonstrate they have “reasonable fraud prevention procedures” in place, or risk prosecution.

To ensure your organisation is ready, Board directors should be asking senior management questions in the following key areas:

    1. Who at the executive level is responsible for overseeing our compliance with the Failure to Prevent Fraud offence?

    2. How are roles and responsibilities for fraud risk management clearly defined across the organisation?

    3. How often does the Board receive updates on fraud risks and prevention measures?

    1. Have we conducted a comprehensive fraud risk assessment across all business units, including subsidiaries and third-party relationships?

    2. What are our most significant fraud risks, and how are we mitigating them?

    3. How do we ensure that our international operations do not expose us to unnecessary liability?

    • What fraud prevention policies and procedures do we have in place, and how are they tested for effectiveness?

    • Are our controls proportionate to our risk profile, and do they align with industry best practices?

    • How do we leverage existing compliance frameworks, like anti-money laundering (AML) or bribery prevention, to meet these new obligations?

    • What ongoing training do we provide to employees, agents, and other associated persons about their fraud prevention responsibilities?

    • Do we have tailored training for high-risk roles, such as those in sales, finance, and procurement?

    1. How are we conducting due diligence on third parties acting on our behalf?

    2. Do our contracts include provisions to reduce fraud risks from third-party relationships?

    1. Are our internal reporting channels effective, and do they allow employees to raise concerns without fear of retaliation?

    2. Do we have procedures in place for proper investigation of reported incidents, including appointment of independent external investigations where appropriate?

    3. How do we track and address reports of potential fraud?

    1. How frequently do we audit our fraud prevention measures, and what metrics do we use to assess their effectiveness?

    2. Are we learning from past incidents to strengthen our defences?

    1. How prepared are we to respond swiftly to a fraud incident that could trigger Failure to Prevent Fraud liability?

    2. Do we have a robust response plan that includes communication with regulators, stakeholders, and the public?

Downloads and resources

  1. Download this article which re-caps the information on this page and provides further context

  2. Download our simple Self-Assessment Checklist to assess your organisation’s readiness for changes in the compliance and enforcement landscape.

Board-level accountability

A short video focusing on the responsibility – and accountability – of Board Directors to ensure compliance.

Ignorance is no excuse – even if Board members had no knowledge of the fraud, under the new Failure to Prevent Fraud offence, accountability remains.

Failure to Prevent Fraud: product overview

How does the product work?

This short (90 second) video provides a brief overview of the product and how it helps your people understand their obligations and responsibilities under the new legislation.

Self-assessment checklist

Our Self-Assessment Checklist helps you quickly evaluate your business’s fraud prevention measures. Answer simple questions to identify gaps, strengthen compliance, and protect your organization. It’s an easy, confidential tool designed to guide you toward better security practices and reduce your fraud risk. Start your assessment today!

Click below to download a Self-Assessment Checklist to assess whether your organisation is prepared for the introduction of the new offence:  

Download our brochure

Explore our Fraud Sentinel brochure to learn how we help businesses combat fraud. Inside, you’ll find key services, practical solutions, and insights on reducing fraud risks. It’s your guide to stronger protection, compliance support, and peace of mind. Download the brochure to see how we can help safeguard your business  and stay compliant.

Click below to download our product brochure for Failure to Prevent Fraud training: