A shift in corporate accountability: One week into the UK's new anti-fraud regime

On 1 September 2025, the UK’s landmark failure to prevent fraud (FTPF) offence officially came into force under the Economic Crime and Corporate Transparency Act (ECCTA) 2023. Businesses across the UK are now starting to come to terms with what these major changes mean for them. 

The FTPF offence introduces criminal liability for large organisations where an employee, agent, subsidiary or other “associated person” commits fraud intending to benefit the organisation and the organisation lacks reasonable fraud prevention procedures. 

This applies to companies meeting two of the following threshold criteria: 

• More than 250 employees 
• Over £36 million in turnover 
• More than £18 million in assets 

The offence covers a wide range of fraud types, including: 

• Fraud by false representation and failure to disclose information (Fraud Act 2006) 
• Fraud by abuse of position, fraudulent trading, and false statements by directors 
• Dishonest practices in financial markets and misleading investors or regulators 

The fraud must be intended to benefit the organisation or its clients and may include manipulating performance data to boost bonuses, misrepresenting ESG credentials or concealing risks from investors. 

The Home Office has also published guidance that includes illustrative examples that highlight the broad scope of the offence and the need for vigilance across departments, from finance and HR to marketing and compliance. The examples include: 

• Misrepresenting pension deductions 
• Overstating profits to attract investment 
• Falsifying ESG credentials 
• Colluding to bypass right-to-work checks 
• Misleading environmental regulators 

Even if the fraud does not succeed, the offence still applies. 

The offence is part of a broader government crackdown on economic crime, following a 31% rise in fraud last year. The new law is designed to shift the burden of responsibility onto corporate leadership, making fraud prevention a board-level priority.  

Initial feedback from compliance professionals and legal advisors suggests that many organisations were underprepared for the 1 September deadline.  

While some sectors, particularly financial services, had frameworks in place due to similar existing offences such as Failure to Prevent Bribery and Tax Evasion, others are now racing to catch up. 

Home Office guidance outlines six principles that define “reasonable” fraud prevention procedures: 

• Top-Level commitment – Senior leadership must visibly support anti-fraud efforts 
• Risk assessment – Fraud must be treated as a principal risk, not buried within broader compliance categories 
• Proportionate procedures – Controls should be tailored to the organisation’s size, complexity, and risk profile 
• Due diligence – Vetting of associated persons must include fraud-specific checks 
• Communication and training – Staff must be trained, and whistleblowing channels promoted 
• Monitoring and review – Procedures must be regularly tested and updated 

Regulators, including the Serious Fraud Office (SFO) and Crown Prosecution Service (CPS), have made it clear that enforcement is coming. Organisations that fail to implement reasonable fraud prevention procedures risk: 

• Unlimited fines 
• Criminal investigation 
• Reputational damage 

The SFO has warned that “time is running short for corporations to get their house in order”, and the CPS has emphasised that the offence removes long-standing barriers to prosecuting corporate fraud. The coming months will be critical as regulators begin to assess how seriously businesses are taking their obligations under ECCTA. Organisations should expect: 

• Increased scrutiny from regulators and auditors on fraud prevention frameworks 
• Sector-specific guidance and case studies emerging as enforcement begins 
• Potential expansion of the offence scope to include additional economic crimes 
• Benchmarking and best practice sharing across industries as businesses refine their approaches 
• Greater emphasis on data and reporting, with metrics used to track fraud risk and prevention effectiveness 

Businesses that treat this as a compliance exercise alone may fall short. Those that embed fraud prevention into their culture and operations will be best positioned to navigate the new landscape. 

With the FTPF offence now in force, businesses must act decisively to demonstrate compliance and mitigate risk. Key actions include: 

• Reviewing your fraud risk exposure across all business units, including subsidiaries and third-party relationships 
• Assessing your existing policies and controls against the six Home Office principles for reasonable procedures 
• Ensuring board-level oversight of fraud risk, with clear accountability and documented governance 
• Delivering targeted training to employees, senior managers and associated persons on fraud prevention responsibilities 
• Establishing or enhancing whistleblowing channels and internal reporting mechanisms 
• Documenting everything from risk assessments to monitoring activities to evidence compliance and the steps taken to achieve it 

S&W has extensive experience helping businesses interpret and respond to complex regulatory change. Our cross-practice team has worked together for years to support clients in navigating new legislation, including previous “failure to prevent” offences. We are well-positioned to assist with ECCTA compliance, and S&W’s cross-practice ECCTA team has been actively helping organisations prepare for the new regime. Our support includes: 

• Board commitment reviews and governance assessments 
• Fraud risk assessments tailored to sector and size 
• Design of proportionate prevention procedures 
• Training programmes for employees and senior managers 
• Compliance monitoring and assurance reviews 

We also offer identity verification services to ensure filings with Companies House meet ECCTA standards.