The new failure to prevent fraud offence: cheating the public revenue

Introduction

A company has a separate legal identity and can be tried and convicted of a crime. This provides the government with an important stick for encouraging ethical business practices and it is one they are increasingly looking to use. Back in January 2017, the government published a call for evidence looking at how the law on corporate liability for economic crime could be reformed. This was followed, in 2021, by publication of a Law Commission paper discussing the further use of ‘failure to prevent’ offences in this area and a subsequent 2022 paper considering options for reform of corporate criminal liability. This ‘options’ paper specifically recommended that economic crime was one area in which a ‘failure to prevent’ offence might be most effective. In that context, the paper recommended that, if introduced, the new offence should, at least initially, be limited to failure to prevent fraud, rather than framed more broadly to encompass all economic crime. 

The government has now confirmed its intention to introduce a new ‘failure to prevent fraud’ offence as an amendment to the Economic Crime and Corporate Transparency Bill currently going through Parliament. 

The introduction of this new offence comes six years after the corporate criminal offences of failing to prevent facilitation of UK and non-UK tax evasion came into effect (usually referred to together as the ‘CCO’). The failure to prevent fraud offence is modelled on broadly similar lines to the CCO and expected to come into force by the end of 2024.

The new offence: behavioural change

As with the CCO, the failure to prevent fraud corporate criminal offence is primarily about changing behaviour and attitudes towards risk and forcing businesses to put in place fraud prevention procedures. The kinds of behaviour mooted includes dishonest sales practices, hiding important information from consumers or investors, or dishonest practices in financial markets.

The offence is committed if an associate of the relevant company or partnership commits a fraud offence and is intending to benefit the organisation or any person to whom, or to whose subsidiary, that associate provides services on the organisation’s behalf. UK and non-UK incorporated entities are potentially in scope: if an employee commits fraud under UK law or targeting UK victims, the employer could be prosecuted, even if based overseas. The fraud offences are listed and include the common law offence of ‘cheating the public revenue’ seen in tax fraud cases, as well as offences under the Theft Act such as false accounting or false statements by directors, fraudulent trading offences under the Companies Act and several offences under the Fraud Act. There is likely to be significant overlap with the cheating the public revenue element of this new offence and cases brought under the CCO.

The CCO: key differentiators

There are some key differences as to how the new offence is framed. Unlike the CCO, the failure to prevent fraud offence will only apply to ‘large’ bodies corporate and partnerships, defined (using the standard Companies Act 2006 definition) as organisations meeting two out of three of the following criteria: more than 250 employees, more than £36m turnover and more than £18m in total assets. 

Another difference is that it will not bite unless the associate committing the fraud intends to benefit that organisation or anyone that associate provides services to, on the organisation’s behalf. The draft legislation is clear that the organisation is not guilty of the offence if it was itself, or was intended to be, a victim of the fraud offence. Who the intended victim of fraudulent activity actually is may well generate complex debate for those needing to look at this.

Reasonable prevention procedures: the defence

As with the CCO, there is a (sole) statutory defence where at the time of the offence the relevant body had reasonable prevention procedures in place to prevent fraud offences or where it is unreasonable in the circumstances to expect such procedures. The new offence is punishable by a potentially unlimited fine, but reputational damage may of course be an organisation’s greatest concern.

Whilst the potential scope of the new offence is much wider and its terms framed differently, experience gathered from the CCO will be valuable when considering implementation of reasonable procedures, the design of the procedures and training on the technology needed to put these in place. In the context of M&A, there will be relevant learning from the Bribery Act and the CCO when considering due diligence exercises and the contractual and other protections relevant to the risks presented by these offences. Being able to demonstrate compliance will be important. 

How many prosecutions will be brought will be interesting to see. Under the CCO, HMRC provide biannual updates on their counteraction activities. The latest of these shows that, as of 23 January this year, HMRC had only nine live investigations, a further 26 under review and had reviewed and rejected a further 77. As with the CCO, a large number of prosecutions under the new failure to prevent fraud offence will not necessarily be a sign of policy success but rather a signal that HMRC had not succeeded in wielding the stick effectively to bring behavioural change.