The UK’s ‘Failure to Prevent Fraud’ Law: What It Means for Businesses

by

Corporate fraud has long been a challenge for regulators and companies in the United Kingdom. From misleading financial statements to large-scale money laundering scandals, businesses often face reputational damage and heavy fines when fraud occurs within their ranks.

In 2023, the UK government introduced the “Failure to Prevent Fraud” law as part of the Economic Crime and Corporate Transparency Act. By 2025, businesses are expected to fully comply with its provisions. The law marks a shift in liability, holding companies criminally responsible if they fail to prevent employees, agents, or associates from committing fraud for their benefit.

For businesses, this law represents both a legal risk and an opportunity to strengthen governance. This article explores the key provisions of the Failure to Prevent Fraud law, its impact on businesses, common compliance mistakes, and actionable steps companies should take.

Understanding the ‘Failure to Prevent Fraud’ Law

The law builds on earlier legislation like the UK Bribery Act 2010, which introduced the concept of corporate liability for failing to prevent bribery. Similarly, the new law applies this principle to fraud.

Key Features:

  1. Corporate Liability

    • Companies can be criminally prosecuted if a “person associated” with them commits fraud for the company’s benefit.

    • This includes employees, subsidiaries, contractors, and agents.

  2. Strict Liability Offense

    • Prosecution does not require proving senior management’s involvement.

    • The mere failure to prevent fraud is enough to establish liability.

  3. Defense: “Reasonable Procedures”

    • Companies can defend themselves by proving they had reasonable procedures in place to prevent fraud.

    • Guidance on what counts as “reasonable” is issued by the UK government.

  4. Applicable Crimes

    • False accounting

    • Misrepresentation

    • False statements by company directors

    • Fraudulent trading

    • Tax evasion-related frauds

  5. Scope

    • Applies to “large organisations,” defined by meeting two of the following:

      • Over 250 employees

      • More than £36 million turnover

      • Assets over £18 million

Why the Law Matters for Businesses

  1. Higher Legal Risks
    Businesses can no longer shield themselves by blaming “rogue employees.” Liability extends across the organization.

  2. Reputational Damage
    A fraud conviction under this law could result in loss of investor confidence, consumer trust, and market value.

  3. Financial Penalties
    Fines are expected to be significant and proportionate to turnover, potentially running into millions.

  4. Increased Compliance Costs
    Firms must now invest more in internal controls, training, and monitoring.

  5. International Reach
    Multinational companies with UK operations must comply, making this a global compliance issue.

Common Mistakes Businesses Might Make

  1. Relying on Outdated Anti-Fraud Policies
    Many companies treat fraud prevention as a box-ticking exercise. Policies that are not updated to reflect the new law will fail in court.

  2. Lack of Training
    Employees often commit fraud out of ignorance or under pressure. Without regular compliance training, businesses cannot prove they took “reasonable steps.”

  3. Not Auditing Third Parties
    Contractors and subsidiaries pose high risks. Ignoring due diligence on third parties is a major compliance gap.

  4. Failure to Monitor and Report
    Some firms have whistleblower systems but fail to enforce them. Regulators will consider this negligence.

  5. Poor Documentation
    Even if controls exist, businesses must maintain clear records and audit trails. Courts will expect documented evidence.

Real-World Examples & Lessons

  • Wirecard (Germany, 2020)
    If such fraud occurred in the UK under this law, the company would have faced direct liability—not just executives.

  • Tesco Accounting Scandal (2014)
    False profit reporting misled investors by hundreds of millions. Under the new regime, Tesco could have faced stricter criminal penalties.

  • Glencore Bribery Case (2022)
    Demonstrated the importance of strong compliance systems across global subsidiaries.

These cases show how businesses can no longer claim fraud was isolated. Organizational culture and compliance systems will be scrutinized.

Actionable Steps for Businesses

1. Conduct a Fraud Risk Assessment
Identify areas where fraud is most likely (financial reporting, procurement, tax, third-party contracts).

2. Strengthen Internal Controls
Implement segregation of duties, approval workflows, and real-time monitoring tools.

3. Update Policies and Procedures
Ensure anti-fraud policies reflect the latest legal standards and are communicated across all levels.

4. Employee Training
Roll out mandatory training on fraud risks, reporting mechanisms, and personal accountability.

5. Third-Party Due Diligence
Vet contractors, suppliers, and partners. Maintain contracts with anti-fraud clauses.

6. Whistleblower Mechanisms
Provide safe, anonymous channels for reporting fraud. Encourage a “speak-up” culture.

7. Document Everything
Keep records of policies, training sessions, audits, and investigations. Documentation may form your best defense in court.

How Small vs. Large Businesses Are Affected

  • Large Businesses:

    • Directly within scope of the law.

    • Must dedicate compliance teams and budgets.

  • Small Businesses:

    • Technically outside direct scope, but may face indirect risks.

    • Larger partners may require proof of anti-fraud measures before doing business.

Industry-Specific Impacts

  • Financial Services

    • Already under strict FCA regulations but now face added liability for fraud prevention.

  • Retail & Consumer Goods

    • High risk of false accounting and misrepresentation claims.

  • Technology & SaaS

    • Fraud involving customer data or subscription billing could fall under scope.

  • Healthcare & Pharma

    • Risks include false claims, misreporting of clinical data, and procurement fraud.

External Resources

Conclusion

The Failure to Prevent Fraud law represents a paradigm shift in how corporate fraud is prosecuted in the UK. By holding businesses accountable for failing to prevent fraud, the law aims to promote stronger governance, transparency, and ethical practices.

For companies, compliance is not optional. From updating anti-fraud policies to auditing third parties and documenting training, businesses must demonstrate that they have reasonable procedures in place.

Those who act early will not only reduce legal risks but also strengthen investor confidence and public trust. In a world where fraud scandals can erase billions in value overnight, compliance with this law is not just a legal necessity—it’s a business imperative.

Leave a Comment