The Economic Crime and Corporate Transparency Act 2023 (the Act), which includes the failure to prevent fraud offence (the FTPF Offence), has received Royal Assent.
The FTPF Offence will make an organisation liable if it fails to prevent a specified fraud offence from being committed where: (i) an employee or agent commits the fraud; and (ii) the fraud is intended to benefit the organisation or a person to whom services are provided on behalf of the organisation.
The offence will have a defence of “reasonable procedures” to prevent fraud.
This forms part of broader reforms of UK corporate criminal liability (which also replaces the “directing mind and will” test for corporate criminal liability with a new “senior managers” test which is likely to make prosecuting organisations for certain criminal offences much easier more generally (for more detail please see here)). This change to the corporate criminal liability test will come into effect in December of this year.
This will shift the focus from organisations as victims of fraud (inward fraud) to make it easier for organisations to be prosecuted for fraud committed by employees or third parties that the organisation benefits from (outward fraud). For more information and previous commentary on the FTPF Offence, please see our articles here and here.
The offence will apply to large organisations only. The threshold for this would be met where an organisation satisfied two or more of the following conditions in the financial year preceding the year of the offence: (i) more than 250 employees: (ii) more than GBP 36 million turnover; and / or (iii) assets of more than GBP 18 million.
This has been a subject of debate between the House of Commons and House of Lords in recent weeks: the House of Commons has maintained the position that the offence should apply only to ‘large organisations’, on the basis that the costs of complying with the new offence may be too much of a burden on SMEs. The House of Lords have been consistent in continuing to attempt to widen the scope of the Act – although have now been overruled. For more detail, see our article here.
Whilst the offence will therefore for now only apply to large organisations, in practice, other, smaller organisations will still have to consider putting in place, or reinforcing, their anti-fraud procedures – given that they may be the ‘associated person’ of a large organisation, meaning the large organisation will require them to have in place reasonable procedures to prevent fraud.
Although Royal Assent has been received, there is still no clear indication as to the implementation timeframe for when the FTPF Offence might come into force, although this is expected to be during the course of 2024. Ahead of this, the government still needs to publish guidance for companies on what constitutes ‘reasonable procedures’, although many companies are taking steps now to conduct risk assessments and assess the adequacy of current procedures. In many cases significant enhancements will be required given the shift in focus from inward fraud to outward fraud: whilst companies have in place procedures to prevent them from being a victim of inward fraud, many do not have procedures to prevent outward fraud. Given the potential complexity of risk assessments and implementation of policies and procedures, companies need to be starting to work on this as soon as possible, to ensure procedures are in place when the offence comes into force.