The definition of dishonesty in English criminal law has evolved in recent years. At the same time, the rules that determine when a company is criminally liable for the actions of its senior people are being rewritten through the Crime and Policing Bill. These two developments are unfolding against a backdrop of growing prosecutorial appetite for individual accountability in corporate crime.
Taken together, these developments matter far more to compliance officers and senior managers than they might initially appear to. The objective redefinition of dishonesty lowers the conceptual threshold for criminal liability. The Economic Crime and Corporate Transparency Act 2023 (ECCTA) and the forthcoming Crime and Policing Bill extend the reach of that liability directly into boardrooms.
From Ghosh to Ivey: what changed
For thirty five years the criminal law on dishonesty was governed by the two stage test in R v Ghosh. Juries were asked first whether the conduct was dishonest by the standards of ordinary reasonable people. If it was, they then had to consider whether the defendant realised that ordinary reasonable people would regard it as dishonest.
That second limb introduced a subjective safeguard. It allowed defendants to argue that they did not appreciate that their conduct crossed a moral line. In commercial contexts this sometimes translated into arguments about industry norms, market practice, or the internal culture of a sector.
The Supreme Court’s decision in Ivey v Genting Casinos dismantled that structure. Although technically a civil case about cheating at baccarat, the court reformulated the test for dishonesty in unequivocal terms. The court must first determine the defendant’s actual knowledge or belief as to the facts. They must then apply the standards of ordinary decent people to those facts. There is no requirement that the defendant appreciated their conduct was dishonest by those standards.
In 2020, the Court of Appeal in R v Barton and Booth confirmed that Ivey governs criminal cases. Ghosh is no longer the law. To prove dishonesty today, the jury must still consider the defendant’s knowledge or belief about the facts, but once those facts are established, dishonesty is judged purely by the objective standards of ordinary decent people. Whether the defendant personally appreciated that their conduct was dishonest is no longer relevant.
Dishonesty in corporate crime
Dishonesty sits at the heart of fraud offences under the Fraud Act 2006 and at the centre of the common law offence of conspiracy to defraud. These offences are often used in complex commercial cases, particularly where statutory frameworks do not neatly capture the wrongdoing.
Under the post Ivey test, a senior executive who knowingly signs off misleading accounts, structures a transaction to conceal risk, or approves aggressive revenue recognition cannot defend themselves by pointing to competitive pressure or industry practice. If the jury concludes that ordinary decent people would regard the conduct as dishonest, that is enough.
In some corporate environments, where wrongdoing is frequently framed as “strategy” or “market necessity”, the removal of the subjective limb narrows the space for moral relativism and increases the risk of liability.
The next shift: corporate attribution under ECCTA
The redefinition of dishonesty would be significant on its own. It becomes more potent when combined with the structural changes introduced by ECCTA.
Before ECCTA, prosecutors had to prove that the “directing mind and will” of a company committed the offence. In large organisations this was notoriously difficult as decision making is diffuse and accountability often becomes diluted.
ECCTA replaces that restrictive doctrine for a wide range of economic crimes. If a “senior manager” commits a listed offence within the actual or apparent scope of their authority, the corporation is liable. The definition of senior manager is about influence and decision making, not job title.
ECCTA also introduced a new failure to prevent fraud offence. Large organisations can now be strictly liable if an associated person commits fraud intending to benefit the organisation and reasonable prevention procedures were not in place.
The Crime and Policing Bill: a broader horizon
The Crime and Policing Bill, expected to pass in 2026, goes further. The bill is likely to extend the senior manager attribution test beyond economic crime to all criminal offences.If enacted in its current form, this would mean that when a senior manager commits any offence within the scope of their authority, the organisation is deemed guilty of that offence as well.
This could have profound implications for compliance as environmental offences, data protection breaches, competition violations, health and safety failings, modern slavery offences, and even certain forms of harassment could expose the company to prosecution if committed by a senior manager acting within their remit.
There is no general “reasonable procedures” defence for the attribution rule itself. The existence of policies and training may mitigate sentence. It does not necessarily prevent liability.
What makes this expansion a potential timebomb is how the Crime and Policing Bill could interact with the modern test for dishonesty. When corporate liability can be fixed through the conduct of a senior manager acting within scope, and dishonesty is judged by objective societal standards rather than the individual’s own view of their conduct, it becomes much harder to rely on internal justifications to defend questionable decisions. Explanations that something was commercially necessary, aligned with market practice, or approved at senior level do not answer the legal question. The court will not ask whether the board thought the conduct was acceptable. It will ask whether ordinary decent people would regard it as dishonest on the facts as the defendant understood them.
The compliance timebomb: where dishonesty and attribution meet
Consider a senior finance director deliberately signs off accounting practices that make the company’s financial results look more stable or stronger than they really are, especially just before telling the market important information. Under the modern dishonesty test, the question would not be whether the director thought this was “normal practice.” It would be whether ordinary decent people would consider approving such treatment dishonest, given what the director knew about the true financial position.
Under the objective Ivey test, if ordinary decent people would consider that dishonest, the director faces personal exposure. Under ECCTA, the company may also be criminally liable if the offence falls within the listed economic crimes.
If the proposed expansion under the Crime and Policing Bill comes into force, the attribution principle would extend beyond economic crime. That means the same logic would apply even if the misconduct were charged under a different criminal framework, such as misleading statements under financial services legislation or other regulatory offences. The company could be deemed guilty simply because a senior manager committed the offence within their actual or apparent authority. In practice, this removes much of the protective distance that once existed between individual misconduct and corporate criminal liability.
The Crime and Policing Bill would extend that risk to non-financial crimes. A senior operations executive knowingly allows waste disposal practices that breach environmental law in order to reduce costs. The conduct may be rationalised internally as operational pragmatism. If it involves dishonesty or reckless breach of statutory duties, the organisation could face prosecution on the basis of the executive’s role alone. That is if the offence is not already strict liability.
Or imagine a senior IT leader authorising intrusive data scraping from a competitor’s platform, aware that it likely breaches computer misuse legislation. Even if framed as competitive intelligence, the objective standard applies. Would ordinary decent people regard it as dishonest? If so, the individual faces criminal exposure. Under the expanded attribution test, so does the company.
The financial crime risk multiplier
The removal of the subjective dishonesty limb places greater emphasis on how decisions are actually made. Prosecutors and juries will look at emails, incentive structures, board minutes, and internal messaging. They will ask whether the culture encouraged aggressive boundary pushing or principled restraint.
This increases financial crime risk in three distinct ways.
First, the objective dishonesty test removes a potential line of defence. Industry norms no longer provide meaningful protection if the conduct is objectively dishonest.
Second, corporate attribution is easier. Under ECCTA, prosecutors no longer need to identify the singular directing mind of the company. A senior manager’s conduct may suffice.
Third, the Bill increases the likelihood that misconduct at senior level will result in corporate prosecution, which in turn increases scrutiny and potential exposure for individuals under existing offences.
The combination of these elements creates a multiplier effect. A dishonest decision by a senior manager can now generate personal criminal exposure, corporate prosecution, reputational damage, and potentially regulatory consequences. Firms need to have a strong plan in place to mitigate these growing risks.
