Failure to prevent fraud
01 March 2024
The Pathway to Readiness
The new corporate criminal offence of failure to prevent fraud is expected to come into force later this year as part of the Economic Crime and Corporate Transparency Act 2023. Under the new offence, a company will be criminally liable where an employee, agent, subsidiary or any other party performing services on the company's behalf commits a specified fraud offence, with the intention to benefit the company, or any person who receives services from the company. The only defence against the offence is having "reasonable procedures" to prevent fraud. Read our briefings on the offence, and more detail on the available defence, here.
Government guidance on what to consider when implementing reasonable procedures will be published imminently, followed by a six month implementation period, before the offence comes into effect. This guidance is expected to be draw heavily on guidance issued for existing failure to prevent offences relating to bribery and the facilitation of tax evasion.
Organisations should expect a focus on top-level commitment, risk assessments, risk-based procedures, due diligence, communication and monitoring. Given the short implementation period, businesses should start considering the legislative requirements against their current profile now to ensure they are prepared for the new legislation.
Ashurst has developed a five-step 'pathway to readiness' to assist organisations prepare for the new requirements:
1. Board and senior manager awareness and responsibility
Senior leadership should understand the new requirements and the steps required to ensure compliance. Firms should designate senior stakeholders responsible for the assessment and implementation of 'reasonable procedures' and fix a timeframe for achieving baseline compliance.
2. Fraud risk identification
Firms should consider their exposure to risks captured by the new offence, in particular financial reporting, sales and distribution channels, and public disclosures, as well as consider whether there are current mitigants in place.
3. Policy gap analysis
Organisations need to identify whether the fraud risks within scope of the new offence are adequately covered by existing policies or whether additions may be required; leverage and uplift of existing frameworks are preferable to redesign. Contractual provisions, especially with third-party providers, may also need updating.
4. Fraud risk assessment and remediation
Following publication of the Government's guidance, organisations should consider an enterprise-wide fraud risk assessment to establish whether existing controls meet the standard of 'reasonable procedures' or require remediation. Gaps, issues and concerns identified in steps 1 to 3 will facilitate detailed assessment.
5. Staff training and awareness
All staff should have an understanding of the new legislation and their responsibilities, including how to report concerns. Bespoke, targeted training should be delivered to those in higher-risk functions (e.g. Finance, ESG, Investor Relations, and Sales). Top-level commitment and communication of key requirements and resources will help foster an anti-fraud culture within the organisation.
Ashurst is able to support you at each step in your anti-fraud journey. Ashurst's team of legal experts and experienced risk consultants from Ashurst Risk Advisory can help you to develop and implement proportionate, defensible and sustainable procedures. Our team can also assist with suspected breaches of the new offence, conducting internal investigations, facing enforcement authorities, and remediating any issues that arise.
Links to resources and webinars
- "Spotlight on Fraud" event recording - Access via Google Chrome
- Key takeaways from the event above
