Failure to prevent fraud

Smaller firms may be impacted indirectly by a change to the Economic Crime and Corporate Transparency Act 2023

From 1 September 2025, all large organisations must implement necessary measures and demonstrate compliance of the ‘failure to prevent fraud’ requirement, introduced through schedule 13 of ECCTA 2023. The definition of fraud is very broad so these changes will be far-reaching, likely affecting several functional teams including employees, agents, subsidiaries (even small) and partners. Organisations will need to be comfortable with the robustness of the procedures in their organisation as well as those of relevant third parties.

Relevant organisations will have a defence if they have reasonable procedures in place to prevent fraud, or if they can demonstrate to the satisfaction of the court that it was not reasonable in all the circumstances to expect the organisation to have any prevention procedures in place.

These provisions directly apply to businesses in all sectors exceeding at least two of the following criteria in the year preceding the base fraud offence:

The thresholds are:

	For financial years ending before 6 April 2025		For financial years beginning on or after 6 April 2025
	Net	Gross	Net	Gross
Turnover	£36m	£43.2m	£54m	£64m
Total assets	£18m	£21.6m	£27m	£32m
Number of employees	250	250	250	250
‘Net’ means after any set-offs and other adjustments made to eliminate group transactions. ‘Gross’ means without those set-offs and other adjustments.

As a result, smaller firms may face new controls imposed by their larger customers, as those customers take steps to avoid potential liabilities for a new offence of failure to prevent certain categories of fraud.

Failure to prevent fraud.