Breaking News, Explained: UK’s ‘Failure to Prevent Fraud’ Law Takes Effect

On September 1, 2025, the United Kingdom officially brought into force the corporate criminal liability offense of “failure to prevent fraud,” introduced under the Economic Crime and Corporate Transparency Act 2023. 

The legislation holds large organizations criminally liable if their employees, agents, subsidiaries, or other associated persons commit fraud to benefit the organization, and the organization cannot prove that it had adequate and proportionate controls and procedures in place at the time.

The law only applies to large organizations, which are defined as entities meeting two or more of three conditions: a turnover of more than £36m (approx. $48.7m); a balance sheet total greater than £18m (approx. $24.3m); or having more than 250 employees.

The Chief Crown Prosecutor leading on fraud and economic crime for the Crown Prosecution Service (CPS) has said large organizations must “act to put robust fraud prevention systems in place or leave themselves open to legal action.” Failure to comply could result in a fine and criminal charges.

Are Failure to Prevent Fraud offenses new?

The UK has already used the “failure to prevent” model in the Bribery Act 2010, which introduced the offense of failing to prevent bribery, and later in the Criminal Finances Act 2017 for tax evasion. These precedents have shaped the new fraud prevention offense.

Similar corporate liability offenses exist globally, such as the US Foreign Corrupt Practices Act (FCPA) and Australia’s enacted “failure to prevent foreign bribery” laws—all of which hold companies accountable for misconduct by associated persons if adequate prevention measures are not in place.

What does the Failure to Prevent Fraud offense mean for UK businesses?

The Failure to Prevent Fraud offense means that large UK organizations from both regulated and non-regulated industries now have a legal duty to implement reasonable and proportionate fraud-prevention measures—not just policies on paper. 

Although the law doesn’t explicitly mandate “smart” fraud prevention systems, in practice, regulated and non-regulated businesses that meet the definition of a large organization will likely need to adopt a risk-based approach and robust, technology-driven solutions (such as smart monitoring, AI-powered fraud detection, and strong internal controls, including continuous monitoring and audits) to demonstrate they are actively mitigating fraud risk.

The introduction of the offense impacts large organizations and adds an extra regulatory burden to their complex networks. However, it also has a potential knock-on effect on subsidiaries, intermediaries, contractors, and sales agents working with UK large organizations who may be under increased pressure to prove fraud prevention measures are in place.

It also poses challenges for multinationals based in the UK with employees, agents, subsidiaries, or other associated persons around the world. For example, a large company based in the UK that derives benefit from the acts of associated persons could be prosecuted under the offense if it is unable to prove it had reasonable fraud-prevention procedures in place.

Globally, multinational companies with UK operations must align their fraud-prevention standards across jurisdictions to combat fraud and avoid legal or reputational risk. Overall, the legislation is expected to boost corporate accountability, reduce tolerance for weak controls, and may shape future laws in other jurisdictions.

Effects of the Failure to Prevent Fraud offense on the market

Heightened regulatory oversight generally leads to greater demand for tools and talent to help meet extra requirements. The new corporate liability offense is therefore likely to lead to increased interest among large organizations across industries in investing in robust fraud-prevention measures. 

This could include monitoring tools, fraud-detection software, staff training, audits, and readiness assessments. However, industries that already have a higher risk of fraud, like crypto and financial services, are likely to come under more pressure to prove they have reasonable fraud prevention measures in place.

Why the Failure to Prevent Fraud offense matters

The UK government states that tackling fraud is a “key focus,” following a 31% increase in fraud in England and Wales between 2024 and 2025. By targeting organizations, the offense is designed to create an anti-fraud culture across businesses and address this escalation of fraud.

Under UK law, prosecuting a company for fraud traditionally required proving that a senior individual, the company’s “directing mind and will,” acted with fraudulent intent. This proved challenging in practice. 

The failure-to-prevent framework shifts the focus: a company can be held liable if it does not implement reasonable procedures to prevent fraud, without the need to prove intent at the individual level. This approach encourages organizations to adopt robust anti-fraud policies, embed a proactive compliance culture, and demonstrate tangible steps to mitigate fraud risk.

Be one step ahead of fraudsters

Try Sumsub Fraud Prevention and protect your business from the newest types of fraud

Book a demo