By Anna Jordan on Information Age - Insight and Analysis for the CTO
September 1, 2025, marks the introduction of a new Failure to Prevent Fraud offence.
It’s been designed to improve business confidence. The government hope to foster an anti-fraud culture in the same way the anti-bribery rules did when they were sworn in back in 2010.
The offence is part of the Economic Crime and Corporate Transparency Act (ECCT) 2023.
What is Failure to Prevent Fraud?
Large organisations (over 250 employees) will be held to account if they profit from fraud. They can be held criminally liable if an employee, agent, subsidiary or associated person commits fraud with a view to benefitting their organisation and they don’t have reasonable prevention procedures in place. However, you don’t need to demonstrate that senior management knew about what was going on.
Fraud could take the form of dishonest sales practices, hiding important information from consumers or investors or dishonest practices in financial markets.
The existing law still stands, so as well as an individual being prosecuted for violating the law, the organisation can be prosecuted for failing to prevent it.
Businesses have been given guidance on how to comply with the new offence, following the principles of:
- Top level commitmentRisk assessmentProportionate risk-based prevention proceduresDue diligenceCommunication (including training)Monitoring and review
‘Flexible and outcome-focussed’ is the name of the game here. Principles have been prioritised over stringent rules to accommodate a huge range of potential issues that could crop up between different businesses.
How to communicate it to staff
Again, this can be open to interpretation, but demonstrating your anti-fraud commitment could look like:
- Committing to rejecting fraud – even if it spells short-term business loss, missing out on opportunities or frustrating delaysMaking the benefits of rejecting fraud clear company-wide, such as building confidence with business partnersMaking relevant staff aware of the consequences of breaking the rulesHighlighting the relevant body’s code of conduct on fraud preventionLetting employees know about collectives that fight against fraud and the initiatives that they promote
You must ensure there is clear governance across the business vis-à-vis fraud prevention. It might even be worth getting senior management involved to create rules that are appropriate to your business. In other organisations, your head of ethics, compliance or similar would be more suitable.
Training and resources
Of course, this has to be backed up with adequate (ideally more-than-adequate) training and access to information.
Senior management should be devoting enough budget to training and resource, specifically for the leadership, staffing and implementation or your tailored prevention plan. This includes costs for any new tech, focusing on due diligence, as well as staffing costs. Make sure you’re covered for key staff being off on annual leave, sick leave – or indeed, leaving the company altogether.
It’s not a one-off investment though; you’ll need to keep reviewing and investing as the fraud landscape – and your business – change.
Demonstrating behaviour
Catching instances early is key, and you should be encouraging your people to speak up if they’re concerned about fraud. It’s always better to be cautious in these situations. Try and deter staff from potentially damaging mindsets, such as thinking that fraudulent activity is beneficial for the long-term goals of the business or ‘everybody does it, so it’s fine for me to do it’, and most importantly, don’t place due diligence responsibility on the customer.
You can be proactive here, using hypothetical or anonymised examples of fraud within your workplace. While you’re there, highlight the negative impact it has on the business, your clients, your business partners and any investor connected with your company.
For more information, you can read the government guidance here
Read more
Sharing fraud intelligence is a game changer for banks – Cybercriminals share intelligence to maximise the effectiveness of their attacks. Rob Woods explains why financial institutions should follow suit
The post Failure to Prevent Fraud offence and what you need to do now appeared first on Information Age.
