Reading time: four minutes

Corporate fraud in the UK has seemingly been running wild, but the government is now challenging this issue with greater severity. As of 1 September 2025, a brand-new corporate offence is now live, ‘Failure to Prevent Fraud’. For any individual running or working for a large organisation, you should be asking yourself right now: are we ready for this? Because if you're not, the consequences just got a lot heavier.

What’s the big deal?

Until now, when someone within a company committed fraud it was possible for the organisation to dismiss the issue –  essentially shrugging it off and denying responsibility, however this will no longer suffice.

Under this new offence, if someone within your business, an employee, agent or even a subsidiary, commits fraud to benefit your company, your company can now be held criminally liable, including prosecutions, fines and reputational damage – the whole works.

It doesn’t matter whether or not an organisation’s board knew – if fraud prevention measures weren’t in place, the company could be found guilty.

What does fraud mean here?

Don’t assume it only applies to high-level financial crime or ponzi schemes. The net is wide, this includes:

• misleading consumers or investors;
• manipulating financial records;
• using shady sales tactics; and
• playing dirty in the financial markets.

Basically, if someone does something dishonest and your business gains from it, that’s fraud in the eyes of this law.

Why now ?

The statistics haven’t been great, the Office for National Statistics reports fraud has jumped 31% in the past year. It’s now the most common crime in the UK, hitting everyone, from your grandma to global corporations.

For too long, fraud’s been treated as this slippery, low-risk crime. However, the tide is turning. The government is coming at it with full force, banning SIM farms (devices capable of holding multiple sim cards allowing scammers to send a barrage of scam text messages), signing deals with the insurance industry and even pushing through a United Nations resolution. The gloves are now off for corporate players.

What do companies have to do?

This isn’t simply about setting up a few training sessions or dusting off the whistleblower policy. Companies will need to prove, in court if necessary, that they had reasonable fraud prevention procedures in place.

That requires steps such as:

• reviewing internal controls;
• risk assessments;
• staff training;
• reporting channels; and
• clear policies on fraud, ethics and accountability.

It’s not about ticking boxes, instead it’s about creating a genuinely anti-fraud culture.

This isn’t optional, it’s the law

The comparison being made frequently at the moment is to the UK Bribery Act, which reshaped how companies handle corruption back in 2010. That law scared a lot of businesses into cleaning up their act and that’s exactly the point here too.

Just like with the Bribery Act, having no idea fraud was happening won’t protect you anymore. If the company could have prevented it but didn’t, that’s grounds for prosecution.

What counts as a large organisation?

Good question. This law isn’t aimed at your local coffee shop or small family business. Instead, it targets large enterprises, generally defined by hitting two out of three thresholds:

• Those earning over £36 million in turnover.
• Those earning over £18 million in assets.
• Enterprises with over 250 employees.

What the experts are saying

Solicitor General and MP Lucy Rigby KC stated : “This new legislation sends a clear message that large organisations must take responsibility for preventing fraud and those that fail to do so will be prosecuted with the full force of the law.”

Director of the Serious Fraud Office, Nick Ephgrave, also added that, “this is a significant new tool for prosecutors to tackle serious and complex fraud which damages UK business and undermines our economy.”

A line in the sand for corporate responsibility

The introduction of the Failure to Prevent Fraud offence isn’t another box-ticking exercise or a passing headline, it’s a watershed moment for UK corporate governance.

For too long, businesses have been able to distance themselves from wrongdoing happening under their roof – that era is over and the message is now crystal clear: if your company benefits from fraud, directly or indirectly, you’re responsible and you’ll be held accountable.

This law doesn’t just shift liability, it reshapes the culture of how businesses are expected to operate by pushing boards and executive teams to think proactively, not reactively. It’s important for organisations to embed fraud prevention into their DNA not just relying on crisis response after damage is done.

The Failure to Prevent Fraud offence offers a huge opportunity to lead with integrity, build trust with stakeholders and strengthen an organisation’s resilience. Businesses that take these requirements seriously won’t only stay on the right side of the law, they’ll also be better positioned to grow, attract investment and build long-term credibility.