From 1 September 2025, a new corporate offence comes into force in the UK: failure to prevent fraud. Introduced under the Economic Crime and Corporate Transparency Act 2023 (ECCTA), the offence is designed to tackle the corporate enablers of fraud by imposing criminal liability on organisations that profit, whether intentionally or not, from fraudulent conduct by employees, agents, or other associates.
While much of the conversation so far has focused on the implications for large private sector businesses, one sector stands out as both particularly vulnerable and critically underprepared: local government.
With billions in taxpayer money at stake, a history of procurement failures, and recent high-profile scandals in council finance and governance, the risks for local authorities and the companies that work with them are acute. Complying with the new offence requires a concerted effort by both local government and the companies that work closely with them.
What is the failure to prevent fraud offence?
From September, large organisations will be criminally liable if a person associated with them commits one of a list of specified fraud offences intending to benefit the organisation or its clients. The only defence will be proving the organisation had “reasonable procedures” in place to prevent the fraud.
This builds on the model used for failure to prevent bribery under the Bribery Act 2010 and failure to prevent tax evasion under the Criminal Finances Act 2017, but applies it to a much broader range of conduct.
Critically, “large” for the purposes of this offence means organisations meeting two of three thresholds: more than 250 employees, over £36m turnover, or more than £18m in total assets. Many local authorities and their suppliers will be caught.
Why local government is in the firing line
The scale of fraud and waste in local government is staggering. According to the latest Annual Fraud Indicator, councils in England alone lose an estimated £8.8 billion a year to fraud. This number excluding benefits fraud. The vast majority goes undetected. The single biggest source of loss? Procurement fraud.
Councils spend more than £55 billion annually on goods and services. That spending is often fragmented, poorly monitored, and governed by outdated or inconsistent controls. It’s no surprise that organised fraudsters, opportunistic contractors, and even insiders target the public purse.
And it’s not hypothetical. From ghost suppliers and inflated invoices to insider procurement deals and “cosy” relationships with vendors, local government fraud is well documented:
In Barnet, a council employee siphoned £2.6 million into a personal account without triggering an audit.
Thurrock gambled away millions in speculative investments, prompting government intervention.
Liverpool City Council was rocked by allegations of bribery and intimidation over building contracts.
Birmingham and Croydon have declared effective bankruptcy following years of mismanagement and unauthorised spending.
In one of the more disturbing recent examples, an independent investigation found that Thurrock’s counter-fraud team, known as NATIS, was likely set up illegally and accused of misrepresentation and financial mismanagement. A counter-fraud team, mismanaging fraud investigations. You couldn’t make it up.
These aren’t isolated incidents. They’re part of a pattern of poor governance, weak oversight, and a lack of accountability which has infected more local government agencies than we might care to admit.
The supply chain risk
It’s not just councils under the microscope. Any organisation that supplies services to local authorities, from construction firms to consultancy agencies, tech vendors to social care providers, now faces potential criminal liability if someone in their business commits fraud for the benefit of a council contract.
For procurement managers, finance directors, or those managing tenders or public contracts, this raises serious questions:
- How do we know our bids are accurate?
- Can we verify supplier pricing and subcontractor credentials?
- Are we confident that invoices, time logs, and expenses are legitimate?
- Who’s checking for duplicate payments, false reporting, or inflated costs?
Fraud can creep in through shortcuts, cultural complacency, or over-familiarity with public officials. And under the new law, intent doesn’t matter. If someone benefits the business through fraud, and the business can’t show it had reasonable procedures to prevent it, the offence is made out.
Culture, accountability, and compliance gaps
One of the most damning features of the local authority compliance environment is the absence of systemic oversight. There is no central repository for tracking fraud across councils. Many local authorities don’t maintain consistent fraud records or perform organisation-wide risk assessments.
This lack of oversight can put local authorities in a risky legal position. The new offence expects that large organisations will:
- Identify fraud risks specific to their operations
- Put proportionate controls in place
- Train staff regularly
- Monitor and review policies in light of evolving risks
- Demonstrate senior leadership commitment
What should councils and suppliers do to prevent fraud?
Whether you’re a local authority or a company that works with one, there are serious and urgent steps that should be taken to prevent fraud and demonstrate reasonable procedures.
Conduct a fraud risk assessment
Understand where fraud could happen in your operations. Procurement, contract management, expenses, third-party payments, and onboarding are all hotspots.
Implement proportionate procedures
These could include dual authorisation, supplier due diligence, whistleblowing channels, conflict of interest declarations, invoice matching, and document verification.
Train your people
Those in procurement, finance, sales, and project delivery must understand how fraud works and what the consequences are.
Scrutinise your partnerships
Councils need to look closely at suppliers. Suppliers need to understand their exposure to local authority governance gaps.
Document your efforts
The defence under the law depends on showing what you did to prevent fraud. Policies, training logs, audit records, supplier checks all matter.
