The Economic Crime and Corporate Transparency Act 2023 (“ECCTA”) received Royal Assent on 26 October 2023, making a number of significant changes to the law surrounding Corporate Crime. Most significantly perhaps is the introduction of a new offence of failure to prevent fraud within a corporate organisation which, if found proved, has the potential to result in unlimited fines for corporate bodies.
Although ECCTA has now received Royal Assent, it will not come into force until further guidance has been issued by the Government, which we anticipate is likely to take place in early 2024.
In 2010 the UK Bribery Act revolutionised the concept of corporate responsibility within the criminal law by introducing a new offence of failure to prevent the act of bribery within an organisation.
Since its introduction the Serious Fraud Office has brought a number of high-profile prosecutions against corporate bodies; one such case was Petrofac Ltd – which resulted in the company being fined in excess of £47million for failure to prevent bribery.
Section 199 ECCTA creates a similar offence of failure to prevent fraud.
(1) A relevant body which is a large organisation (see sections 201 and 202) is guilty of an offence if, in a financial year of the body (“the year of the fraud offence”), a person who is associated with the body (“the associate”) commits a fraud offence intending to benefit (whether directly or indirectly)—
(a) the relevant body, or
(b) any person to whom, or to whose subsidiary undertaking, the associate provides services on behalf of the relevant body.
(2) A relevant body is also guilty of an offence under subsection (1) if—
(a) an employee of the relevant body commits a fraud offence intending to benefit (whether directly or indirectly) the relevant body,
(b) the fraud offence is committed in a financial year of a parent undertaking of which the relevant body is a subsidiary undertaking (“the year of the fraud offence”), and
(c) the parent undertaking is a relevant body which is a large organisation.
The new legislation applies to “large organisations” as defined by sections 201 and 202 of the Act with reference to criteria such as turnover. This new provision applies equally to subsidiaries of parent companies who are considered “large organisations”.
This places a positive burden on companies to prevent employees and other associates of their organisation from committing fraud for the benefit of the organisation.
ECCTA act does however create two statutory defences:
- It is a defence for the relevant body to prove that at the time the offence was committed, it had in place such prevention procedures as it was “reasonable in all the circumstances” to expect the body to have in place, or;
- it was not reasonable in all the circumstances to expect the body to have any prevention procedures in place.
The Act further defines “prevention procedures” as being procedures which are designed to prevent persons associated with the company committing fraud offences. The Act itself does not define what it considers to be reasonable measures to prevent fraud, the Government will be required to publish guidance on what can be considered to be reasonable fraud prevention procedures before ECCTA comes into force.
Whilst historically it has not been impossible to prosecute corporate bodies for fraud offences, until the introduction of this offence there has been a requirement for the prosecution to prove the presence of a “directing mind and will” whereas the new offence of failure to prevent fraud widens the scope of liability for corporate bodies who do not have adequate fraud prevention procedures in place.
Once the necessary guidance has been issued by the Government and ECCTA comes into force, corporate organisations will need to give serious consideration to the potential fraud risks faced within their sector and develop strategies to ensure that prevention procedures are put in place and adhered to. In many instances, this will take the form of risk assessments followed by fine tuning of existing policies and creation or new procedures to ensure that those risks are mitigated. Distribution of those policies and implementation of those procedures amongst employees and agents will also be a key consideration to ensure that not only has the company taken action internally to adapt its ways of working, but also that it has ensured that that information is widely disseminated and available to people within their organisation.
Due to the wide range of fraud offences covered by ECCTA it will also be important to ensure that organisations and particularly those drafting and distributing new policies and procedures have an adequate understanding of the nuances of those offences.
Putting in place anti-fraud policies and ensuring training is provided for those in more senior positions of responsibility within the organisation is likely to be a key theme of the guidance issued by the Government. Although the guidance issued will hopefully provide clearer guidelines for corporate organisations, the interpretation of those guidelines is likely to develop further through future prosecutions brought by agencies such as the SFO.
For advice in relation to ECCTA, please contact our Dispute Resolution Team.
 A person “associated with the body” is defined as an employee, agent or subsidiary undertaking of the relevant body, or a person who otherwise performs services for or on behalf of the body.
 Schedule 13 of the act provides a list of offences which constitute a “fraud offence” for the purpose of the act.