ECCTA: Failure to Prevent Fraud

Failure to Prevent Fraud Offence - are you ready? Act now to meet the 1 September 2025 deadline and protect your business.

Recent updates to the Economic Crime and Corporate Transparency Act (ECCTA) significantly increase corporate accountability for fraud prevention. Under the updated Act, businesses can be prosecuted for failing to prevent fraud committed by ‘associated persons’ acting for their benefit - even if leadership was unaware.

Why it matters?

This applies to businesses in all sectors who meet any two of the following criteria:

Turnover of £36m+
Total assets of £18m+
Employees of 250+

You should also note:

Other firms may be caught by the requirements if they provide services for and on behalf of the relevant body.
The definition of fraud is far-reaching – This will impact multiple business functions
Severe penalties - unlimited fines and reputational damage
Tight timeline – implementation and compliance is required by 1 September 2025

Who is an ‘associated person’?

This includes an employee, agent, subcontractor or subsidiary acting on behalf of the business as well as some suppliers. Firms are liable if fraud is committed to benefit them, either directly or indirectly.

What you need to do

Firms should ensure they have relevant arrangements in place to support the six principles:

Risk assessment - Identify and understand the nature and extent of fraud risks
Proportional risk-based procedures - Match procedures to the level of risk the firm faces
Top-level commitment - Those charged with governance must drive an anti-fraud culture
Due Diligence – Undertake proportionate due diligence on those who will perform services for and on behalf of the organisation.
Communication and training - Embed policies, procedures and training across the organisation.
Monitoring and review - Review and adapt fraud detection and prevention procedures.