How large organisations can prepare for the new failure to prevent fraud offence

The UK government has created a new criminal offence which will significantly impact large commercial organisations. Under the failure-to-prevent-fraud (“FTPF”) offence, companies or large partnerships can be held criminally liable where an “associated person” commits fraud with the intention to benefit the company, and the company has failed to take reasonable steps prevent it. This offence will come into law on 1 September 2025.
 
Requirements
 
The FTPF offence will only apply to “relevant entities” – defined as large organisations (companies or large partnerships) which meet two of the following three criteria[1]:

• Employ more than 250 employees (in aggregate).
• Have a turnover of more than £36 million (or £43.2 million for the worldwide group).
• Have a balance sheet total of more than £18 million (or £21.6 million for the worldwide group).

 
Jurisdictional test
 
The new offence will apply to large organisations incorporated anywhere in the world so long as the fraud has a connection to the UK (e.g., it was committed in the UK, or the victim is in the UK).
 
Associated person
 
An associated person of the relevant entity could be an employee (including of a subsidiary), an agent or a subsidiary of the entity. A person who provides services for or on behalf of the relevant entity is also an associated person while they are providing those services. The fraud must be committed in the person’s capacity as an associated person and therefore the FTPF offence is not engaged where the fraud is committed in the person’s private life.
 
Relevant fraud offences
 
The FTPF offence applies where the associated person commits any of the following:

• Fraud by false representation
• Fraud by failing to disclose information
• Fraud by abuse of position
• Participation in a fraudulent business
• Obtaining services dishonestly
• Cheating the public revenue
• False accounting
• False statements by company directors
• Fraudulent trading

 
Defences
 

• A relevant entity will not be liable under the FTPF offence if it is the target or the victim of the fraud.
• It will be a defence to the FTPF offence for a relevant entity to prove that it had reasonable prevention procedures in place at the time the fraud was committed, or that it was reasonable for such procedures to not be in place.

 
Guidance
 
The UK Government published guidance on 6 November 2024 with the aim of helping companies prepare for the FTPF offence (“FTPF Guidance”). The FTPF Guidance makes it clear that it is not intended to provide a safe harbour; rather it is advisory. However, it is a good indication of the UK government’s expectations from relevant entities and some observations from the FTPF Guidance follow below.
 
Practical considerations for developing prevention procedures
 
Companies cannot rely on procedures and assessment in place for other “failure to prevent” offences (e.g., bribery or tax evasion) to meet the requirements. However, companies can leverage their existing compliance programmes to ensure that they have in place procedures to prevent fraud. Companies do not necessarily need to reinvent their compliance wheel.
 
Companies could consider having leaders of different business segments feed into prevention procedures by identifying different fraud risks specific to their areas. The FTPF Guidance highlights, for example, payroll fraud where the head of the payroll department diverts payments intended for pension funds towards other projects within companies and continues to record them as payments to the pension fund. The FTPF Guidance classifies this as fraud by abuse of position, names the head of the payroll department as the associated person and concludes that the intention of the fraud was to benefit other projects within the company.
 
Another key risk area is payroll compliance. HMRC has published its concerns about tax fraud involving umbrella companies, including cases of umbrella companies failing to operate PAYE and falsified documents to conceal this. For large corporates with off-payroll workforces, this is an area where there should be particular attention. To prevent such risks from arising, it could be appropriate for a relevant entity to consider payroll fraud within the matrix of opportunities for fraud within the organisation generally.
 
A key component to relevant entities developing and demonstrating that reasonable prevention procedures are in place will be to document and regularly update risk assessments, including by recording contemporaneous decisions in connection with those assessments, implementing the recommendations of internal (and possibly external) reviews of prevention procedures and applying learnings from internal training sessions. Documenting decisions is crucial where, for example, allegations of fraud are made against an associated person within a relevant entity and the relevant entity must then demonstrate to law enforcement why it should not be charged with the FTPF offence.
 
Paul Feldberg
P: +44 .20.7851.6159
pfeldberg@brownrudnick.com
 
Paul Feldberg is a partner and head of Brown Rudnick’s U.K. White Collar Defence, Investigations & Compliance team in London, advising on sanctions, export controls, fraud, corruption, money laundering, insider trading and related regulatory matters, including appeals and judicial reviews. With more than 25 years’ experience as prosecutor and defence counsel, including roles at HMRC and the SFO, counsel in the House of Lords extradition case Re Gillian & Re Ellis (2000), and defending a global bank facing SFO, FCA, and civil enforcement actions, he is a seasoned trial lawyer. Chambers and Legal 500 consistently rank him for his technical knowledge, tactical judgement, and responsiveness.
 
Matthew Sharp
P: +44 .20.7851.6068
msharp@brownrudnick.com
 
Matthew Sharp leads Brown Rudnick's Tax Controversy and Litigation Group in London, specialising in complex tax and trust disputes. Matthew’s practice encompasses a wide range of direct and indirect taxation disputes, with particular expertise in employment-related taxation issues such as IR35, employment status for tax, and PAYE. Matthew has extensive experience handling complex and high-value professional negligence claims related to tax. Notably, he has successfully represented clients in high-profile cases, including JTC v Garnett and Hoegh v Taylor Wessing. Ranked by Legal 500 UK and Chambers & Partners, he is recognised for his strategic, commercially focused advice.
 
Menelaos Karampetsos
P: +44 .20.7851.6181
mkarampetsos@brownrudnick.com
 
Menelaos Karampetsos is an associate in Brown Rudnick’s Litigation & Dispute Resolution Practice Group. His practice focuses on economic sanctions, contentious regulatory proceedings, corporate crime, and commercial litigation. Prior to joining Brown Rudnick, Menelaos worked in the Enforcement Division of the Financial Conduct Authority, and at the Serious Fraud Office. Menelaos has also worked in international criminal law, at the Special Tribunal for Lebanon and the International Criminal Tribunal for Rwanda.