Spotlight on Economic Crime and Corporate Transparency Act 2023 (ECCTA 2023) and the offence of failure to prevent fraud

September saw the coming into force of the new offence of “failure to prevent fraud” under The Economic Crime and Corporate Transparency Act 2023. This marks a significant shift in the approach to corporate fraud with large organisations now at heightened risk of liability and are obligated to implement, maintain and ensure compliance with anti-fraud measures. This article explores the offence, what it means for in-house lawyers, and practical steps to ensure that your organisation is compliant.

Why?

Historically, prosecuting organisations for enabling fraudulent behaviour has been challenging. Often requiring the involvement of senior management. This new offence closes this loophole and strengthens the authorities’ ability to fine and prosecute organisations, and their members of staff, for fraud, even where senior leadership was unaware.

Who?

Any UK or overseas corporate entity or partnership (including subsidiaries) can be liable which has, in the financial year before the fraud, at least two of: a) Turnover greater than £36 million, b) Total assets greater than £18 million, and c) More than 250 employees.

What?

An organisation is guilty if, during its financial year, a person “associated” with it (a member of staff, agent, or subsidiary) commits a “specified fraud offence” intending to benefit the organisation (whether directly or indirectly). There is no need for the involvement of senior management.

If the organisation stands to benefit, the offence applies, even if the fraudster’s primary motivation was their own personal gain. The organisation may not be liable if it is the direct victim of the fraud.

The specified fraud offences include:

• Cheating the public revenue,
• False Accounting and False Director Statements under the Theft Act 1968,
• Fraudulent Trading under the Companies Act 2006,
• Committing Fraud, Participating in a Fraudulent Business, and Obtaining Services Dishonestly under the Fraud Act 2006, and
• Aiding, abetting, counselling, or procuring the commission of any of the above offences

The defence available is if an organisation can show that, on the balance of probabilities, they had implemented all “reasonable prevention procedures”, designed to prevent a member of staff from committing a fraud offence, or that it was unreasonable to expect any such procedures. The below top tips will go some way to demonstrating that you have been compliant as an organisation.

Enforcement and Penalties

• A guilty organisation may face unlimited fines
• If a senior manager is involved and acting within their authority, the company may also face prosecution for the underlying fraud offence.
• Deferred prosecution agreements may be available where organisations self-report and cooperate with authorities.

Top Tips for Compliance

1. Governance and Culture

• Top-level commitment: Senior leadership must foster a culture where fraud is never acceptable and where staff feel empowered to speak up.
• Strong and clear governance: Make clear the organisations stance on preventing fraud, assign responsibility for fraud prevention and ensure accountability at all levels.

2. Risk Assessment

• Dynamic and documented: Assess the nature and extent of exposure to fraud risk, involving key risk owners.
• Regular review: Update risk assessments in response to internal or external changes.

3. Prevention Procedures

• Proportionate and risk-based: Tailor procedures to the organisation’s size, complexity, and risk profile.
• Due diligence: Integrate fraud risk checks into onboarding, mergers, and acquisitions.
• Fraud prevention plan: Document and embed procedures, ensuring they are practical and understood.

4. Training and Communication

• Targeted training: Provide fraud-specific training, especially for high-risk roles.
• Effective communication: Ensure policies are communicated, understood and followed throughout the organisation, not just by senior management.

5. Monitoring and Review

• Ongoing monitoring: Regularly test and review the effectiveness of fraud prevention and detection measures.
• Whistleblowing and reporting: Maintain robust channels for reporting concerns and monitor employee wellbeing to identify risk factors.

6. Investigation and Response

• Resourced investigation teams: Ensure those responsible for investigating fraud are empowered and supported.
• Self-reporting: Consider self-reporting suspected failures to prevent fraud, as this may influence prosecutorial decisions (e.g., deferred prosecution agreements).

Conclusion

The new offence demands that an organisation is proactive and takes a holistic approach to preventing fraud. For in-house lawyers especially, this means taking the lead to ensure strong governance, comprehensive risk assessments, and the implementation of proportionate and effective prevention procedures. The focus must be on fostering a culture of integrity and accountability, ensuring robust systems are in place, and being able to demonstrate that all reasonable steps were taken to prevent fraud.