Under the Economic Crime and Corporate Transparency Act 2023 (ECCTA) Section 196 (the provisions of which have been in force since December 2023), if a senior manager of a company or partnership commits a relevant fraud offence while acting within their authority, the organisation itself can also be held primarily liable for such offence. A senior manager is defined as someone with significant responsibility for decision-making or management of a substantial part of the company's activities. To protect against liability, companies need to ensure robust oversight and compliance measures for senior management roles, conduct regular reviews and implement strong accountability frameworks.
A thorough pre-employment screening and subsequent regular re-screening of individuals in key decision-making positions can help in this regard.
The upcoming ECCTA Section 199 legislation (which will come into force on 1st September 2025) can make large organisations strictly liable for failure to prevent fraud if an employee or associate commits fraud intending to benefit the company or its clients. Companies can however establish a statutory defence to this new offence if they can demonstrate they had reasonable and proportionate fraud prevention procedures in place at the time of the offence. Applicable fraud offences are listed in ECCTA Schedule 13 and include false representation, fraudulent business practices and false accounting, among others. To minimise risk, companies should prioritise thorough background checks and ongoing due diligence for employees, agents and anyone acting on their behalf to detect and prevent potentially fraudulent activities. Section 199 only applies to ‘large organisations’ where an organisation fulfils two or more of three criteria: 1. More than £36m turnover 2. More than £18m balance sheet total 3. More than 250 employees.
Both the above elements of ECCTA operate to shift the responsibility for wrongdoing onto the corporate employer and highlight the importance of a thorough pre-employment screening and continued background checks on senior employees to help manage and mitigate risk and potential fraud liability.
Any companies that are already subject to regulation (e.g. FCA) and complying with these regulations is unlikely to automatically mean that their existing procedures will cover their potential liability. Companies need to be aware that having an audit process alone doesn’t protect them from action under ECCTA – companies come under the Act should immediately start plans for a tailored risk assessment that is properly documented. This should then help with a range of measures to mitigate their risk backed up by board level commitment, proper training, communication, ongoing monitoring, review etc.
If you don’t have any screening processes in place or want to review your current arrangements, please contact us for more information.