The new offences of failure to prevent fraud are likely to shake up corporate compliance for all UK business. How will they work in practice?
The UK government have announced they are pushing ahead with a game-changing new regulation to expand the ‘failure to prevent’ family of offences to failure to prevent fraud.
Proposed amendments could even see corporate officers jailed if they take a decision, or fail to take a decision, that could lead to economic crime such as fraud, false accounting or money laundering being committed.
Failure to prevent encompasses a wide array of compliance failures, from not having the right policies in place, to a lack of procedures to even training courses that aren’t effective in delivering the right information to employees.
How does failure to prevent work?
The two existing failure to prevent offences, tax evasion and bribery, work in slightly different ways. The forthcoming failure to prevent fraud offences, and the potential failure to prevent false accounting and failure to prevent money laundering for the regulated sector, is likely to combine these existing two offences.
Section 7 of the UK Bribery Act, the failure to prevent bribery offences, requires an associated person to be acting to benefit the corporation when bribing. In the failure to prevent tax evasion, there is a lower threshold as it is sufficient that the associated person is “acting in [the] capacity” of an employee, agent or supervisor of the company.
How might failure to prevent fraud work?
For failure to prevent fraud, the Law Commission believes that the facilitation of tax evasion approach was too broad to be extended to a new failure to prevent fraud offence, noting that in practice it could extend to conduct conferring no direct or indirect benefit on the company and to circumstances where the company itself might be the victim.
This is complicated in the case of fraud, where employees acting to defraud a company could still be found to have been acting in the capacity of an employee.
The Law Commission believes that a company should not be liable if it is the intended victim. But the offence would be committed where an associated person (who might be an employee or an agent) commits an offence of fraud with intent to:
- Benefit the company
- Benefit another person to whom they provide services on behalf of the company
In the second scenario, the company would not be liable if the conduct was intended to cause it harm. The Law Commission however believes that the benefit to the company provision should be wide enough to encompass situations in which it is not the associated person’s primary purpose to benefit the company, but that outcome is intrinsically related to their purpose. This should cover instances where the company benefits indirectly, but not where the conduct was intended to benefit a client.
Extra-territoriality
Both failure to prevent tax evasion and bribery have an extra-territoriality element where companies can be held liable for failing to prevent associated persons from engaging in criminal conduct outside of the UK. Companies can commit the offences even if all of the conduct takes places outside of the UK. A company only needs to carry on a business or part of a business in the UK.
Extra-territoriality for failure to prevent fraud has not yet been decided as the legislation is going through Parliament as of February 2023. There are concerns that broad extra-territoriality could be too wide, and impose too harsh a burden on entities where the UK parent company has little to no influence or control over associated persons abroad.
Conspiracy
The Law Commission warned against extending the offence to attempts to or conspiracies to commit fraud, or the common law offence of conspiracy to defraud. The Law Commission believes a company may have extensive procedures in place designed to prevent the commission of fraud and deter misconduct, but it has little control over whether employees will still attempt or conspire to commit fraud, despite these procedures.
For aiding and abetting, where the substantive offence of fraud is carried out and the associated person has assisted or encouraged the commission of the offence to benefit the company, it may be reasonable to hold a company liable for failing to prevent the misconduct. However the Law Commission wanted against extending the failure to prevent regime to cases where the associated person encouraged or assisted the offence, but the substantive offence did not actually occur.
Failure to prevent fraud defences
Similar to the defences in existing failure to prevent offences, businesses will have a defence to the failure to prevent fraud offence if they put in place procedures that are “reasonable in all the circumstances.” This is the preferred approach of the Law Commission, which preferred this formulation over the Bribery Act’s adequate procedures which may be interpreted too strictly.
But the Law Commission believes there are no intended or actual difference in meaning between “adequate” and “reasonable in all the circumstances,” but the latter is better reflective of the intended meaning.
However this change in formulation will have a significant effect on compliance with the new legislation, as the difference will mean those who have already implemented anti-bribery and anti-tax evasion procedures will not necessarily be able to follow the same template for anti-fraud. Fraud is also more difficult to define, given the range of offences and the complexity of the dishonesty element required to establish the predicate offence.
There is still an open question as to whether a company can decide that it is reasonable in all the circumstances to have no anti-fraud prevention procedures in place. There will likely need to be further guidance on exactly what constitutes reasonable procedures. But the Law Commission believes that the burden of proving that it is reasonable not to have procedures should lie with the defence, and not the prosecution. This is because the prosecution proving the commission of a base offence would establish a prima facie case that the company’s processes had failed to prevent the commission of that base offence.
If there was a conviction, the fine would likely be unlimited and a conviction would have consequences on a company’s eligibility to bid for certain government contracts. This mirrors the penalties under the existing failure to prevent offences, which also include trade sanctions and disbarment from EU contract tenders.
Who will failure to prevent fraud cover?
The Law Commission argues that conduct should be attributed to a corporation if a member of the corporation’s “senior management” engaged in, consented to or connived in the offence. A member of “senior management” would be any person who plays a significant role in the decision making process. This would include directors, and likely the conduct of a single director would be sufficient to establish criminality.
CEO’s and CFO’s should automatically fall within scope and always be considered senior managers, as well as those whose responsibilities involve taking decisions relating to corporate strategy and policy in a particular area, such as health and safety, finance or legal affairs. It seems it would not, however, ordinarily capture someone whose role was limited to the management of a discrete unit (such as an individual branch) which does not represent a “substantial part” of the company’s affairs.
Download our full guide to learn more
Download your guide to failure to prevent now and stay on top of this game-changing new regulation that’s set to shake up corporate compliance.