Introducing the Economic Crime and Corporate Transparency Act

November 1, 2023

The Economic Crime and Corporate Transparency Act 2023 (the “Act”), which received royal assent on 26 October 2023, is the latest UK government measure aimed at tackling fraud and money laundering in the UK, which are estimated to make up more than 40% of crimes.[1]

In its original form, the Act included reforms to Companies House, limited partnerships and information sharing. However, while those reforms remain, over the course of the Act’s journey through parliament two key amendments have been made to the Act to (i) introduce a new corporate criminal offence of “failure to prevent fraud”, and (ii) reform the identification principle for corporate liability.

These reforms have been under discussion in Parliament for a number of years following growing concerns that the pre-existing rules were hindering successful prosecutions of corporates for economic crimes.

The new “failure to prevent fraud offence”, like the existing corporate “failure to prevent” offences of the failure to prevent bribery[2] and the failure to prevent tax evasion,[3] is intended to hold firms accountable for failures to put in place appropriate systems and controls to counter relevant offences. As well as extending the reach of the offence to omissions rather than simply positive acts, the new failure to prevent fraud offence will also have a wide territorial reach.

The reforms to the identification principle for the attribution of liability to corporates are intended to bring the rules in line with the reality of corporate governance and management structures in the modern age and to increase corporate criminal prosecutions.

The failure to prevent fraud offence

The offence

The offence (which will come into force upon the publication by the government of related guidance) applies to “relevant bodies”, which are “large organisations”, in turn defined as those which meet at least two of the following criteria: (i) a turnover greater than £36 million, (ii) assets of more than £18 million, or (iii) more than 250 employees.

Under the new offence, a relevant body is guilty of an offence if:

  • an employee commits a fraud offence intending to benefit (directly or indirectly) the relevant body; or
  • an associated person commits a fraud offence intending to benefit (directly or indirectly) either the relevant body or any person that is provided services (either directly or through its subsidiary) by the relevant body (unless the corporate body is itself the victim of the fraud). A person is associated with a relevant body if the person (a) is its employee, agent or subsidiary; or (b) otherwise performs services for or on behalf of the relevant body.

The relevant “fraud offences” include those related to fraud and false accounting:

  • fraud by false representation (section 2 Fraud Act 2006);
  • fraud by failing to disclose information (section 3 Fraud Act 2006);
  • fraud by abuse of position (section 4 Fraud Act 2006);
  • obtaining services dishonestly (section 11 Fraud Act 2006);
  • participation in a fraudulent business (section 9 Fraud Act 2006);
  • false statements by company directors (section 19 Theft Act 1968);
  • false accounting (section 17 Theft Act 1968);
  • fraudulent trading (section 993 Companies Act 2006); and
  • cheating the public revenue (common law). 

It is worth noting that the failure to prevent fraud offence will only be applicable to corporates, and individuals will not be able to be prosecuted for it. The UK government has taken the view that it would not be proportionate to institute legislation which would allow for the prosecution of individuals where they did not consent to or know of an offence’s occurrence. The offence carries a penalty of an unlimited fine.

Territorial scope

The offence will apply across the UK as well as in circumstances where an employee (wherever based) commits any of the above fraud offences, or targets victims in the UK, in which case an organisation could still be caught even if it is itself based overseas.[4] This is broader in territorial scope than the failure to prevent bribery offence, which requires that a foreign company carries on “part of a business” in the UK.

Defence

It will be a complete defence to the offence if a company can show that they had reasonable “prevention procedures” in place. Guidance on what constitutes “prevention procedures” will be published prior to the offence’s introduction, but we expect that this will have similarities with existing guidance published in respect of comparable “failure to prevent” offences under the Bribery Act and Criminal Finances Act. Measures are likely to be required to be proportionate to a business’s activities and to include:

  • risk assessments;
  • top-level commitment;
  • due diligence, including on associated persons;
  • communications and training, including for associated persons; and
  • monitoring and review of the effectiveness of procedures.

These are not intended to require businesses to actually prevent all occurrences of fraud, but rather to ensure that risks are identified and addressed as far as possible.

Expansion of the identification principle

The UK government has determined that the existing common law doctrine, that for an offence to be attributed to a corporation it must be committed by the corporation’s “directing mind and will”, is not fit for purpose.[5] The doctrine was established by the House of Lords in Tesco Supermarkets Ltd v Nattrass[6] in 1971. However, in the 50 years since that case, companies have grown in size and complexity, and determining the “directing mind and will” has become increasingly difficult in large organisations. By contrast, it is much easier to identify the “directing mind and will” of smaller companies, which has led to a disparity in treatment of organisations. The UK government acknowledged the difficulties in proving corporate liability dependent on establishing the “directing mind and will” as early as 2012 and that this has led to too few organisations being held to account.[7]

Accordingly, the new amendments in the Act provide that “senior managers” will be brought within the scope of those whose acts can be attributed to a corporation when it comes to economic crimes. Therefore, if a senior manager of a corporation (acting within the actual or apparent scope of their authority) commits a relevant offence, the corporation will be guilty of the offence.

The test for identifying “senior managers” is intended to replicate the definition of “senior management” in the Corporate Manslaughter and Corporate Homicide Act 2007. This means that senior managers are the persons who play significant roles in:[8]

  • the making of decisions about how the whole or a substantial part of its activities are to be managed or organised; or
  • the actual managing or organising of the whole or a substantial part of those activities.

Although the UK government has committed to reform the corporate liability laws in wider criminal law, at present this reform is limited to economic crimes, reflecting the government’s present focus on crimes of this nature. 

Practical considerations

Whilst the effectiveness of the new measures will take time to determine, it is clear that the UK government continues actively to focus on reducing economic crimes, and organisations which operate in the UK will need to adapt to the incoming changes.

At this early stage it may be helpful for organisations to begin thinking about:

  • which persons would be considered senior managers under the new corporate liability rules, and ensuring that such persons are aware of their status and its impact and receive appropriate training;
  • the development of a risk assessment to identify the risk of economic crime;
  • how any current procedures in place in respect of the existing offences may need to be expanded to respond to the new failure to prevent fraud offence, such as pre-existing due diligence practices and training or alternatively putting in place such procedures;
  • putting out new communications to the organisation from a senior level on the importance of following procedures designed to prevent fraud; and 
  • establishing an appropriate system for the monitoring and review of procedures for addressing the risk of fraud.

This article was republished by The Global Regulatory Developments Journal.

[1] Fraud Strategy: stopping scams and protecting the public, prepared by The Home Office (UK, 2023). https://www.gov.uk/government/publications/fraud-strategy/fraud-strategy-stopping-scams-and-protecting-the-public#fn:14.

[2] Section 7 of the Bribery Act 2010.

[3] Part 3 of the Criminal Finances Act 2017.

[4] Factsheet: failure to prevent fraud offence, prepared by The Home Office (UK, 2023). https://www.gov.uk/government/publications/economic-crime-and-corporate-transparency-bill-2022-factsheets/factsheet-failure-to-prevent-fraud-offence.

[5] Impact Assessment: Reform to the identification doctrine, prepared by The Home Office (UK, 2023).  https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1163432/5_IDD_Impact_Assessment.pdf.   

[6] Tesco Supermarkets Ltd v Nattrass [1972] AC 153.

[7] Consultation on a new enforcement tool to deal with economic crime committed by commercial organisations:

Deferred prosecution agreements, prepared by The Ministry of Justice (UK, 2012). https://assets.publishing.service.gov.uk/media/5a7cab5fed915d7c983bc2eb/8348.pdf.

[8] Corporate Manslaughter and Corporate Homicide Act 2007, Section 1(4)(c).