The Fraudulent Hare and the Tenacious Tortoise

The proposed new offence of failure to prevent fraud.

Corporate failure to prevent fraud

If an organisation does not prevent a person associated with their organisation from committing fraud, when the person intended a benefit to the organisation or those to whom the services are provided, then that organisation may be criminally liable.

This is included in the draft of The Economic Crime and Corporate Transparency Bill 2022.

Applicability and criteria

The offence would apply to relevant bodies, which are large organisations that satisfy two or more of the following criteria:

• more than 250 employees
• more than £36 million turnover
• more than £18 million in total assets.

The offence will occur when an associated person, such as an employee or agent, has:

1. committed one of the relevant fraud offences listed below (in the company’s financial year)
2. with the intention (either directly or indirectly) of realising a benefit to the organisation or to those to whom the organisation’s services are provided, such as the customer or client of the organisation.

Crucially, there is no need to prove the organisation’s knowledge, consent or connivance of the fraud. This is almost certainly why individuals do not fall within the scope of the offence; therefore, directors of the organisations will not incur personal liability for failing to prevent fraud.

In terms of jurisdiction, the fraud must have been committed under UK law or have been targeting UK victims for the organisation to be liable; therefore, this also captures organisations, subsidiaries, agents and employees based overseas if the UK connection is proved.

The relevant fraud offences

The relevant offences are a variety of statutory and common law dishonesty offences (as well as equivalent Scottish and Northern Ireland offences) derived from existing legislation which involve fraud and false accounting in a corporate context and include:

• fraud by false representation (section 2 Fraud Act 2006)
• fraud by failing to disclose information (section 3 Fraud Act 2006)
• fraud by abuse of position (section 4 Fraud Act 2006)
• obtaining services dishonestly (section 11 Fraud Act 2006)
• participation in a fraudulent business (section 9, Fraud Act 2006)
• false statements by company directors (Section 19, Theft Act 1968)
• false accounting (section 17 Theft Act 1968)
• fraudulent trading (section 993 Companies Act 2006)
• cheating the public revenue (common law).

Penalty and exclusions

The penalty for an organisation found guilty of the offence is an unlimited fine. As with other corporate offences, any penalty would no doubt be based on the level of intent and harm as well as turnover.

However, the organisation will not be liable if they were not the intended victim and did not intend to benefit from the fraud. Many companies can be a victim of fraud; therefore, the intention behind the benefit is the salient point.

Defence – reasonable prevention procedures

The organisation will have a defence if it had reasonable prevention procedures in place or if it was not reasonable to expect the organisation to have such procedures in place (i.e. extremely low risk).

Any company that is of the size that is within the scope of the offence will (or should) already have such procedures in place, in some form, not unlike anti-money-laundering protocols. However, these will have to be fully reviewed and ameliorated to cover specific fraud-prevention measures.

Before the Bill can be passed, the Government must publish guidance on what they deem to be ‘reasonable prevention procedures’. At present, this is still unknown, but one can make an educated guess that it will be a broad sweep of current prevention measures already widely used and tailored to fraud prevention.

Such guidance may include the following:

• risk assessments
• training and monitoring of compliance procedures
• accounting, auditing and control provisions
• due diligence
• a display of top-level commitment to fraud prevention
• a comprehensive policy on anti-fraud measures with consistent review
• enforcement controls, such as contractual employment provisions
• a designated team within the organisation for such matters
• continuous review of existing policies.

What is the Economic Crime and Corporate Transparency Bill?

Arguably inspired by similar offences found in the Bribery Act 2010 (failure of commercial organisations to prevent bribery) and the Criminal Finances Act 2017 (failure to prevent the facilitation of tax evasion), the proposed corporate offence of failure to prevent fraud follows the same model.

This bill was derived from the Economic Crime (Transparency and Enforcement) Act 2022 (the ‘Act’), which was drafted and approved in a rather hasty fashion, largely in response to Russia’s invasion of Ukraine, during which there was an urgency to batten down the financial hatches to prevent and combat growing economic crime. The draft Economic Crime and Corporate Transparency Bill (the ‘Bill’) is intended to complement the Act, to sweep up any provisions that would, together, make the Bill and the Act ‘fighting fit’ to slow the alarming rate of economic crime in the UK.

The Bill is split into three main provisions, in brief covering:

• a reform of Companies House to strengthen the existing powers of enforcement and regulation
• criminal confiscation and civil recovery of crypto assets by way of amendments to POCA
• increased investigative powers given to the Serious Fraud Office.

Contact our regulatory law solicitors today

To pre-empt any unwanted allegations of falling foul of this offence, it would be prudent for companies falling within the scope of the legislation to start putting in place the requisite reasonable prevention procedures in advance of the Bill coming into force.

We are able to assist these companies by review of their proposed policies and measures and can help perfect these procedures to bring them in line with the Government’s guidance when it is published.

If you require assistance in this area, please get in touch with Bethanie Mantin (bethanie.mantin@ashtonslegal.co.uk) in the Regulatory team or David Sloman (david.sloman@ashtonslegal.co.uk) in Corporate & Commercial for further guidance.