Navigating the UK’s New Failure to Prevent Fraud Offence

failure to prevent fraud blog from Teal Compliance

Date

A significant shift in the UK’s corporate criminal landscape is approaching and Teal Compliance’s Fraud Team, headed up by Mark Heffer, is here to support you.

The new Failure to Prevent Fraud offence comes into force on 1 September 2025

While the primary focus of this legislation is on large organisations, its implications extend further, touching upon the practices of smaller firms and their clients, particularly within the legal sector.

At Teal Compliance, our commitment lies in providing clear, authoritative guidance on evolving regulatory requirements. With Mark Heffer overseeing our fraud services, including comprehensive training, we aim to demystify these changes and equip you with the knowledge to navigate them effectively.

What is the New Failure to Prevent Fraud Offence?

Introduced by the Economic Crime and Corporate Transparency Act 2023 (ECCTA), the “Failure to Prevent Fraud” offence targets “large organisations” in the UK. An organisation falls into this category if it meets at least two of the following criteria in the financial year preceding the fraud:

  • More than 250 employees
  • More than £36 million turnover
  • More than £18 million in total assets

The core of the offence is straightforward: a large organisation can be held criminally liable, facing an unlimited fine, if an “associated person” (such as an employee, agent, or even a subsidiary) commits a specified fraud offence with the intention of benefiting that organisation or its clients, and the organisation did not have “reasonable procedures” in place to prevent it. A crucial point to note is that liability does not require the organisation’s senior management to have known about or authorised the fraudulent activity.

The specified fraud offences covered by the legislation are broad, encompassing various sections of the Fraud Act 2006 (e.g., fraud by false representation, fraud by failing to disclose information, fraud by abuse of position), as well as other offences like false accounting and cheating the public revenue.

The Defence of "Reasonable Procedures"

The only defence for an organisation against this offence is to demonstrate that it had “reasonable procedures” in place to prevent the fraud. The government’s official guidance, published in November 2024, outlines six key principles for these procedures, drawing parallels with the established “failure to prevent bribery” offence under the UK Bribery Act 2010:

  1. Top-Level Commitment: A clear, demonstrable commitment from senior management to preventing fraud. This involves active leadership, clear messaging, and sufficient resourcing.
  2. Risk Assessment: A thorough and regular assessment to identify the specific fraud risks the organisation faces, considering opportunities, motives, and rationalisations for fraudulent behaviour. This assessment should be dynamic and documented.
  3. Proportionate Procedures: Implementing anti-fraud measures that are appropriate to the identified risks and the nature of the organisation’s business. These should be clear, practical, and effectively enforced.
  4. Due Diligence: Conducting proportionate and risk-based due diligence on all “associated persons,” including employees, agents, and third parties acting on behalf of the organisation.
  5. Communication (including Training): Ensuring that fraud prevention policies and procedures are clearly communicated throughout the organisation and that all staff receive adequate, ongoing training. This includes establishing effective whistleblowing mechanisms.
  6. Monitoring and Review: Regularly monitoring and reviewing the effectiveness of fraud prevention procedures, making adjustments as risks evolve or new information comes to light.

Why This Matters for All Law Firms (and their Clients)

While the legal obligation for this new offence rests with large organisations, the principles underpinning it represent sound governance and risk management for all businesses. For smaller law firms, the relevance is multi-faceted:

  • Best Practice and Risk Mitigation: Adopting these principles, even if not legally mandated, strengthens your firm’s defences against fraud. Fraudulent activity can cause significant financial loss and reputational damage, irrespective of firm size. Proactive prevention is always more effective than reactive clean-up.
  • Client Protection: As trusted advisors, law firms often handle significant client funds and sensitive information. Implementing robust fraud prevention procedures directly enhances the protection of your clients’ interests, fostering greater trust and confidence.
  • “Associated Person” Implications: Smaller law firms and their clients could potentially fall within the definition of an “associated person” to a large organisation. If a small firm (or its client) provides services to a large organisation, and fraud is committed with the intention of benefiting that large organisation (or its clients), the large organisation could be liable if it lacked reasonable prevention procedures. This dynamic underscores the importance of clear communication and robust practices across the supply chain.
  • Evolving Regulatory Landscape: The trend in economic crime legislation is towards broader corporate accountability. What begins as a requirement for “large organisations” can often influence expectations and future regulations for smaller entities. Preparing now positions your firm ahead of the curve.
  • Operational Resilience: A comprehensive fraud prevention framework often involves a review of internal controls, processes, and governance. This can lead to broader improvements in operational efficiency and resilience.

Preparing for September 2025

The clock is ticking, and while the 1st September 2025 deadline might seem distant, establishing effective fraud prevention procedures requires dedicated effort. 

WEBINAR REGISTRATION 

Organisations, large or small, should be:

  • Conducting thorough risk assessments: Identify specific fraud vulnerabilities relevant to your operations and client base.
  • Reviewing existing policies: Assess whether current fraud prevention, anti-money laundering, and compliance procedures adequately address the risks highlighted by the new offence.
  • Developing a proportionate prevention plan: Tailor procedures to your firm’s size, complexity, and risk profile.
  • Investing in training: Ensure all staff, from partners to support teams, understand their role in preventing fraud and how to identify and report suspicious activities.
  • Documenting everything: Maintain clear records of your risk assessments, procedures, training, and ongoing reviews.

At Teal, Mark Heffer brings considerable expertise in financial crime and fraud prevention. His insights are invaluable for understanding the nuances of this new offence and translating the statutory guidance into practical, effective measures. 

Mark Heffer is a Fraud Expert and Teal Compliance's Go To

Whether you’re a large organisation directly in scope, or a smaller firm seeking to enhance your resilience and client protection, proactive engagement with these principles is paramount.

For further detailed guidance, the Solicitors Regulation Authority (SRA) and UK Finance have both published helpful insights and resources, which we recommend consulting.

The new Failure to Prevent Fraud offence represents a critical step in strengthening the UK’s fight against economic crime. By embracing its core principles, firms of all sizes can not only contribute to this vital effort but also safeguard their own integrity and future success.

Our 

ABOUT MARK HEFFER

Drop us an email or get in touch HERE for more information on the subject of Fraud Prevention.

More
articles

Testimonial from Right Legal
"We have been using Teal to support our compliance frameworks, and every aspect of our experience with them has been fantastic. From the training to the audits, and especially the ‘Ask Teal’ helpline, nothing is too much trouble, and you get quick support from some of the industry’s best compliance experts. Just having them there to support our continued growth takes a huge weight off my mind. Highly recommend to firms of all size and structure!"
Get in touch
Testimonial from Constantine Law
"We rely on Teal Compliance to provide responsive, practical compliance services to Constantine Law (we do not have an in-house compliance officer/function). I would encourage all solicitor firms without their own resource to engage with Teal: they know what they are doing and they provide peace of mind regarding day-to-day compliance matters as well as responses to unforeseen (tricky) compliance matters. They have become an indispensable partner to Constantine Law in our growth journey."
Get in touch
Testimonial from Streathers Solicitors
"We have worked with Teal for several years. They have provided us with AML training and also helped us put together our firm-wide AML risk assessment and our updated AML policy, along with assisting us with various issues as and when they arose. We have always found them to be very helpful, friendly, responsive and knowledgeable, and are happy to recommend them."
Get in touch
Testimonial from Streathers Solicitors
"We have had a relationship with Teal for a number of years and they have provided a valuable resource to our compliance team. Teal combine the delivery of a personal and friendly service with city level expertise."
Get in touch