The introduction of the ‘failure to prevent fraud’ offence into the Economic Crime and Corporate Transparency Bill 2022-23 reflects a continuing shift in the way in which criminal responsibility for corporate wrongdoing is now allocated.

Instead of fixing liability by attributing to the company the actions of a director or senior officer where they reflect the ‘controlling mind and will’ of the company, the new law will focus on the organisational failure of a company to prevent wrongdoing committed by an individual associated with the company as an employee or agent performing services on the company’s behalf.

The new offence follows on the heels of the corporate offences in the Bribery Act 2010 which criminalises a company for failing to prevent a person associated with the company from committing an act of bribery intending to obtain or retain business for the company, and the offences in the Criminal Finances Act 2017 which penalise a company for failing to prevent its employees or any person associated with it from facilitating tax evasion.

A company will have a defence if it can show that it had adequate procedures in place designed to prevent bribery taking place, and in the case of tax evasion, reasonable prevention measures in place to prevent the commission of a tax evasion facilitation offence. A similar defence will apply in the case of the new ‘failing to prevent fraud’ offence.

The prospect of introducing the new offence has been the subject of much consideration, and it is seen as a significant measure in the UK’s fight against corporate crime. In November 2022, the House of Lords Fraud Act 2006 and Digital Fraud Committee published a report identifying the high level of unprosecuted fraud and called on the government to introduce the new offence.

The Home Office picked up the baton. As the government’s recently published Factsheet (11 April 2023) makes clear, the new offence will follow the model whereby criminal liability is engaged if a person associated with a company has not been prevented from committing fraud, and the company is a beneficiary of the fraud. A corporate failure to prevent false accounting and cheating the public revenue will also be covered.

Significantly though, the new offence will apply only to large companies where two of the following criteria are met: the company has more than 250 employees, more than £36 million turnover and more than £18 million in total assets. Although a major limitation in the application of the offence, the government is concerned that a wider application of the offence would impose disproportionate burdens on small and medium sized companies and undermine economic growth.

As part of a suite of new measures introduced by the government to combat economic crime, the enactment of the offence is a sensible measure. The difficulties for a prosecutor in proving corporate criminal liability under the common law principle of attribution are legion. The low point was reached in the Serious Fraud Office’s prosecution of Barclays Bank when Lord Justice Davies held that the chief executive officer and finance director could not be regarded as the ‘controlling mind and will’ of the bank for the purpose of establishing corporate criminal liability in respect of their alleged wrongdoing.

However, there should not be any illusions. The new offence will not deliver a ‘silver bullet’ and it is unlikely to generate a spate of prosecutions. In the cases of bribery and the corporate facilitation of tax evasion, the number of prosecutions has been small. With bribery, the offence has been used most often as a platform for the making of deferred prosecution agreements in high profile cases. Although there are currently nine ‘live’ investigations, the corporate facilitation of tax evasion offence remains unprosecuted.

This is unsurprising since the two corporate offences are not always easy to prove. There are a small number of blatant cases where a company fails to take any steps to prevent bribery or the facilitation of tax evasion. But the prosecutorial task is more challenging where the issue focuses on the adequacy or otherwise of preventative measures which have been put in place, especially where the measures have been drafted with the assistance of risk management and compliance specialists.

A key component of fraud preventative measures is the establishment of strong whistleblowing procedures which enable an employee to report concerns regarding fraudulent conduct internally, to a director or senior management, without fear of adverse repercussions. But even in cases where there is no adequate whistleblowing process in place, establishing corporate guilt for the new corporate offence will not be straight-forward.

The fraud offences set out in the Fraud Act 2006 are broadly configured, ranging from fraud by making false representations to fraud by failing to disclose information where there is a legal duty to do so, and fraud by abuse of position where the employee is expected to safeguard the interests of another person. Alongside the offence of fraudulent trading, the width of these offences will make the drafting of fraud prevention procedures demanding, especially where the boundaries of fraudulent conduct, in contrast to sharp practice, can sometimes be opaque in the commercial context.

Establishing the inadequacy of fraud prevention procedures in these cases may be more difficult than it sounds. Consequently, in terms of enforcement and an increase in the number of criminal prosecutions brought against companies, the introduction of the new offence is bound to disappoint.

However, the real impact of the new offence is likely to be more subtle.

The introduction of the new ‘failing to prevent’ offence will increase awareness in the corporate sector of the importance of preventing fraud in the fight against economic crime. By the enactment of the new offence, Parliament is making clear its expectation that the UK’s leading companies are required to act as good corporate citizens and accept legal responsibility for the way in which they organise their affairs where the prevention of fraud is concerned.

It is no longer an option for a large company to bury its head in the sand where fraud prevention is concerned. Instead, a company is required to police itself, by ensuring that its employees and other persons associated with the company act do not dishonestly seek an advantage for the company, and usually themselves too, by indulging in fraudulent conduct.

While criminal acts or omissions are committed by individuals who stand to be prosecuted for their wrongdoing, a company covered by the new offence will share legal responsibility for lapses in its organisational structure which failed to prevent the wrongdoing from taking place. This represents a profound change in the way in which corporate criminality falls to be imposed.

Approximately 8,000 companies will be affected by the change. Alongside its bribery and tax evasion counterparts, with the enactment of the new offence the government has deftly privatised the policing of large companies in the corporate sector.