The Economic Crime and Corporate Transparency Bill received Royal Assent on 26 October 2023, making it law. Now an act, it makes significant changes to the UK's economic crime and fraud regime, including a new 'failure to prevent fraud' offence for large organisations and a widening of corporate criminal liability for economic crimes committed by senior managers.
The corporate offence of 'failure to prevent fraud', which will come into force once the Secretary of State has issued further guidance, will:
- apply to all large organisations, meaning any organisation which meets two out of three of the following criteria: over 250 employees, turnover of £36 million+ and assets of £18 million+
- be triggered where a person who is associated with the organisation (eg an employee, agent, subsidiary or person performing services for/on behalf of the organisation) commits a fraud offence which is intended to benefit the organisation
- potentially result in an unlimited fine for an organisation convicted of an offence
- have a 'reasonable procedures' defence, ie it will be a defence if an organisation can show it has adopted reasonable procedures to prevent fraud
have extra-territorial effect in that it will apply regardless of where a body is incorporated or formed, provided that a relevant event occurs in the UK, which could be the harm being suffered in the UK.
The new offence joins the growing roster of corporate 'failure to prevent' offences, alongside the Bribery Act 2010's 'failure to prevent bribery' offence and the Criminal Finances Act 2017's 'failure to prevent tax evasion' offence.
The Act provides that the Secretary of State will provide guidance about the procedures which can be put in place by large organisations to prevent persons associated with them from committing fraud offences. Based on the guidance provided to accompany the Bribery Act, we anticipate that the guidance will include:
- Having in place proportionate procedures to address the risks that the organisation faces bearing in mind the nature, scale and complexity of the organisation's activities. The procedures should be clear, practical, accessible, effectively implemented and enforced. All large organisations should take steps to put appropriate policies and procedures in place.
- Ensuring top-level commitment – the top-level management of a commercial organisation, such as the board of directors or the owners, should be committed to prevention and establishing a proactive culture of prevention within the organisation.
- Undertaking a risk assessment which should include periodically assessing and documenting the nature and extent of exposure to potential external and internal risks of economic crime.
- Due diligence – apply due diligence procedures, taking a proportionate and risk-based approach, in respect of persons who perform or will perform services for or on behalf of the organisation.
- Communication including regular training – prevention policies should be embedded and understood throughout the organisation through internal and external communication, including training.
- Monitoring and review of the procedures and policies in place to prevent economic crime by persons associated with the organisation.