On 1 September 2025, the UK government introduced the new Failure to Prevent Fraud offence (‘’FtPF offence’’). This offence represents a significant shift for UK, Dutch and other international companies and organisations. Under the new regime, large organisations and their subsidiaries can incur criminal liability if an associated person commits fraud for the benefit of the organisation or its clients, and the organisation has not implemented reasonable fraud prevention procedures. Crucially, an organisation that is unable to demonstrate that it has reasonable fraud prevention procedures in place is exposed to risk as soon as an irregularity occurs, even if it was unaware of the fraudulent conduct itself.
This blog elaborates on i) what the FtPF offence entails, ii) to whom the offence applies, iii) the reasonable prevention procedures, iv) the territorial scope and v) the (potential) consequences for Dutch (and other international) companies or organisations.
What is the FtPF offence?
Under the FtPF offence, an organisation may be held criminally liable if an employee, agent, subsidiary undertaking or other ‘associated person’ commits a fraud with the intention of benefitting the organisation or its client, and the organisation has not implemented reasonable fraud prevention procedures. The term associated person is defined broadly: a person qualifies as associated when providing service(s) for or on behalf of the organisation, but not when merely providing services to it.
The FtPF offence applies to a defined set of specific fraud offences, listed in Schedule 13 of the Economic Crime and Corporate Transparency Act 2023 (“ECCTA”). These include:
- Fraud by false representation (section 2, Fraud Act 2006)
- Fraud by failing to disclose information (section 3, Fraud Act 2006)
- Fraud by abuse of position (section 4, Fraud Act 2006)
- Obtaining services dishonestly (section 11, Fraud Act 2006)
- Participation in a fraudulent business (section 9, Fraud Act 2006)
- False statements by company directors (section 19, Theft Act 1968)
- False accounting (section 17, Theft Act 1968)
- Fraudulent trading (section 993, Companies Act 2006)
- Cheating the public revenue (common law)
Importantly, it does not stop here. Assisting in these offences, by aiding, abetting, counselling, or procuring also falls within the scope of the FtPF regime. In practice, this means organisations need to consider not only direct fraud but also any conduct that facilitates it.
The required ‘intention to benefit the organisation’, whether financially or non-financially, covers any effort to obtain or retain business or other advantages, even if that benefit never actually materialises. It is sufficient that the organisation was intended to be the beneficiary. The intention to benefit the organisation does not have to be the sole motivation for the fraud. The offence can also apply where the fraudster’s primary motivation is personal gain, but their actions also benefit the organisation or its client(s). There is, however, an important limitation: if the organisation is itself the victim or intended victim of a fraud that was intended to benefit the organisation’s clients, the organisation will not be not criminally liable under this offence.
To continue, this is a strict liability offence. This means that if fraud occurs and the organisation did not have reasonable prevention procedures in place, it may be found guilty, regardless of whether the organisation’s (executive) management instructed or was aware of the fraud. The focus is on the adequacy of the organisation’s preventative framework, not on managerial knowledge or intent.
But what does this offence mean for individuals? Crucially, the offence does not extend to individual liability for employees, executives or board members who may have failed to prevent the fraudulent behaviour. Individuals can still prosecuted under existing laws for committing, encouraging or assisting fraud, but the FtPF offence does not introduce any individual liability for failing to prevent fraud. The accountability created by this offence sits squarely with the organisation itself.
Who does the offence apply to?
The FtPF offence applies only to large organisations. An organisation qualifies as ‘large’ if its group (including subsidiaries) meets at least two of the following criteria in the financial year preceding the year in which the underlying fraud offence occurred:
- More than 250 employees;
- More than £36 million turnover;
- more than £18 million in total assets.
Reasonable prevention procedures
To prevent corporate criminal liability, it is crucial and required to implement reasonable fraud prevention procedures. Organisations will have a defence if they have reasonable procedures in place to prevent fraud, or if they can demonstrate to the satisfaction of the court that it was not reasonable in all the circumstances to expect the organisation to have any prevention procedures in place.
The procedures must be based on the following six core principles: (i) top level commitment, (ii) risk assessment, (iii) proportionate risk-based prevention procedures, (iv) due diligence, (v) communication (including training), and (vi) monitoring and reviewing.
The organisation carries the responsibility for both fraud prevention and detection, supported by clear and transparent governance frameworks. The procedures must address any foreseeable scenarios, including emergencies. Effective programmes include an active fraud policy, processes such as whistleblowing, regular training and awareness initiatives, and strong communication across all levels of the organisation. In addition, organisations should put in place well-defined arrangements for reviewing, reporting concerns, and conducting internal investigations when issues arise. With the introduction of the FtPF offence, this is an opportune moment for organisations to review, update and strengthen their fraud prevention policies to ensure they meet the standard of this new offence.
Territorial scope
The FtPF offence substantially expands corporate criminal liability for Dutch and other international companies. Although the offence is introduced under UK law, its scope extends well beyond the UK’s borders. Entities incorporated abroad and partnerships formed outside the UK can still fall within the scope if there is a UK nexus.
A UK nexus exists if any aspect of the fraudulent conduct took place in the UK, or where the gain or loss occurred, or was intended to occur, in the UK. This means, for instance, that an overseas-based organisation may be caught by the FtPF offence if an employee or associated person commits fraud in the UK, or if the fraud targets victims located in the UK.
What does this mean for your (non-UK) company?
The FtPF is not just a UK issue. For Dutch and other international companies that meet the threshold for ‘large organisations’, the FtPF offence may have far-reaching consequences. It is therefore essential to assess whether the acts of your employees, subsidiaries, partnership or agents could create a UK nexus. If they do, your company falls within the scope of the FtPF offence and is therefore required to have reasonable prevention procedures in place.
Failing to implement such reasonable fraud prevention procedures exposes your company to corporate criminal liability, including the risk of an unlimited fine. Beyond financial penalties in criminal law, a conviction can result in serious reputational, regulatory, contractual and financial consequences for your company.
In practice, the scope of the FtPF offence is broad and its implications can be unpredictable. At Taylor Wessing, our experts are ready to support your organisation or company navigate this new regime with confidence. We support clients in building compliant and defensible fraud prevention frameworks. Our assistance is aimed at avoiding criminal prosecution and preservation of reputation while minimizing the commercial impact on your company. In today’s environment, proactive action is the only way to stay ahead of risk.
