New UK ‘failure to prevent’ corporate criminal offence

A change in tone from the Law Commission fuels calls for reform

There has been much speculation about whether the Economic Crime Bill will be amended to include a new ‘failure to prevent’ offence, in the same model as the ‘failure to prevent bribery’ offence under the Bribery Act 2010, and the two ‘failure to prevent the facilitation of tax evasion’ offences introduced by the Criminal Finances Act 2017.  A new failure to prevent fraud offence would mean, broadly, that any company that fails to prevent fraud by an associated person would commit an offence, with the only defence being that the company had reasonable procedures in place to prevent fraud or that it was reasonable not to have such procedures in place.

The Government has not so far formally responded to the Law Commission’s July 2022 report which concluded, for the first time, that there is a consensus on the need for reform of the English law on corporate criminal liability.  This was a marked change in tone since the Commission last fully reported on this topic in 2010, when it concluded that no reform was necessary. 

The Commission looked carefully at the interpretation of the ‘identification principle’ of corporate attribution in a high-profile failed prosecution (in which the Chief Executive Officer and the Chief Financial Officer were held not to be the directing mind and will) which has further fuelled calls for reform.

What’s been happening in Parliament?

At the House of Commons Committee Stage in November, Dame Margaret Hodge put forward amendments, including:

• a new corporate offence of “failure to prevent fraud, false accounting or money laundering” by an “associated person”.
• a widening of the identification principle so that more individuals are deemed to be the company for the purposes of the company committing a criminal offence. Currently it is the ‘directing mind and will’ but the proposal was that there would be corporate criminal liability where:

• the offence is committed with the consent, connivance, or neglect of a senior manager; or
• a senior manager, acting within the scope of their authority, is party to an offence and a senior manager failed to take all reasonable steps to prevent that offence from being committed. 

            Adopting the Canadian approach, an individual was envisaged to be a “senior manager” of an entity if the individual plays a significant role in:

• the making of decisions about how the entity’s relevant activities are to be managed or organised, or
• the managing or organising of the entity’s relevant activities,
• or is the Chief Executive or Chief Financial Officer of the body corporate.

These amendments were not accepted at Committee stage, but Tom Tugendhat MP (Minister for Security) committed to “look at this extremely seriously…to make sure that any opportunity [to reform] is fulfilled as quickly as possible."  The House of Lords Fraud Act 2006 and Digital Fraud Committee recommended in its report on 12 November  2022 that “The Government must introduce a new corporate criminal offence of ‘failure to prevent fraud’ across all sectors to address this”.  At the Third Reading of the Economic Crime Bill in the Commons in January, a small group of cross-party MPs tabled similar amendments to the Bill, led by Robert Buckland MP (Conservative – formerly Lord Chancellor and Secretary of State for Justice).   Upon assurances by Tom Tugendhat that “I can assure him that the Government intends to address the need for a “failure to prevent” offence in the other place, and I would welcome further discussion with him about the most effective way in which that can be done,” these amendments were all withdrawn.

At the Second Reading in the House of Lords yesterday Lord Sharpe (Conservative) confirmed that the Government is intending to put forward a new failure to prevent offence during the Lords Committee stage. The Lords Committee Stage will likely to start in about two weeks so we should know by then what the amendments will look like. It generally lasts for up to eight days but can last for longer.  Report Stage and Third Reading in the Lords usually starts 14 days after the Committee Stage and can be spread over several days. After that, the Bill goes back to the Commons, and if passed it will receive Royal Assent and become an Act.

Reform of the identification doctrine

It seems unlikely that we will see the Government try to amend the identification doctrine in the Economic Crime Bill albeit reform is not completely off the cards.   Lord Sharpe remarked “The fullest and most appropriate reform is, I am afraid, out of scope…I can assure the House that the Government are exploring other avenues for introducing appropriate and effective legislation on the identification doctrine”.

Likely timing of an offence coming into force

It is difficult to know exactly when any new ‘failure to prevent’ offences would come into force.  The Government would need to publish detailed guidance on the reasonable procedures defence (as it has done for bribery and failure to prevent the facilitation of tax evasion offence) before it comes into force. There would likely be a period of consultation on this guidance.

The Bribery Act 2010 received royal assent on 8 April 2010 but did not come into force until 1 July 2011, following a series of consultations, guidance, and amendments to address concerns and clarify the scope and application of the act. Therefore, the time between the act being passed and it coming into force was about 15 months. 

We would expect to see a similar time frame for any new failure to prevent offence – thus mid-2024 as an estimate.  This would be delayed if the Government calls for any further consultation and/or Law Commission reports.  Conversely if the political will proves robust on this, we could see it coming into force earlier.

Key issues for debate

Some of the key issues for debate in the Lords will be:

• Scope of new failure to prevent offence - which types of fraud offences should be included?  The Law Commission recommended limiting it to a small number of core fraud offences:

• fraud by false representation, eg making fraudulent representations to gain investment / make a sale.
• obtaining services dishonestly, eg where services are obtained but where the defendant never intended to pay for them.
• the common law offence of cheating the public revenue,  eg submitting incorrect accounts to HMRC knowing them to be false with intent to defraud.
• false accounting, eg overstating profits by ‘pulling forward’ income from subsequent reporting periods.
• fraudulent trading - this is where the business is carried out with the intent to defraud creditors – this could occur for example where a business is contracting with suppliers and incurring debts where there is no reasonable prospect of the debts being paid.
• dishonest representation for obtaining social security benefits, eg a landlord that makes a false claim regarding rent payments, or an employer providing false statements to a benefit office.
• fraudulent evasion of excise duty, eg smuggling alcohol/cigarettes. 
• If the scope of offences is too broad it will be difficult for companies to assess their risk exposure as different types of frauds can be committed in a wide range of ways and circumstances.

• whether any new failure to prevent fraud offence should be extended to a failure to prevent the facilitation of fraud, thus catching a wider range of conduct.  This would be more similar to the failure to prevent the facilitation of tax evasion offences under the Criminal Finances Act 2017. 

• Overlap with existing regulation - previous iterations of a potential new failure to prevent offence had been for a new failure to prevent ‘economic crime’ offence.  The Law Commission thought this was too wide, and recommended just a ‘failure to prevent fraud’ offence.  This would include false accounting (as a form of fraud).  But the amendments tabled during the Commons stages went further and encompassed a failure to prevent money laundering offence too, albeit limited to businesses already in scope of the Money Laundering Regulations 2017 (MLRs).  There will be significant debate about whether such a new failure to prevent money laundering offence overlaps too much with the MLRs which many argue is already in essence a failure to prevent regime.  It is difficult to imagine a scenario where a firm that fails to prevent money laundering would not commit an offence already under regulation 86 of the MLRs.  Some may argue that any failure to prevent money laundering offence should apply more widely – to all types of companies.  We would also expect to see debate around how any reforms will interact with the Senior Managers and Certification Regime.

• Statutory guidance - whether it will be possible for the Government to draft adequate statutory guidance on the procedures that a business needs to have in place to prevent commission of the offence, given the broad spectrum of frauds that a new offence may cover.

• Extra-territoriality - the Law Commission recommended that new failure to prevent offences generally should not operate extra-territorially by default. Both the failure to prevent bribery and facilitation of tax evasion offences have broad territorial reach. 

• The ‘benefit’ safeguard– the provisions tabled in the Commons had the failure to prevent offence applying where the underlying fraud by an associated person was intended to benefit the company or a person to whom services are provided by the associated person on behalf of the company, eg a customer/client. There may be debate around how this is formulated, and how it applies to an employee who is motivated by personal gain, but who knows and intends the company to benefit too, eg an employee who is remunerated on a commission basis.

• Individual liability - although the Law Commission was in favour of conforming the ‘consent and connivance’ bases for criminal liability of directors associated with corporate offending, it did not recommend extending directors’ individual criminal liability to ‘failure to prevent’ offences.

Impact on businesses

Many large companies already have governance and monitoring systems in place and policies and procedures to detect and prevent fraud.  Some don’t.  There will be a need, which will have to be properly documented, to reassess risk and examine existing processes against the statutory guidance that would inevitably follow any new failure to prevent offence.  It could not be assumed (and should not be seen to be assumed) that existing processes are sufficient.  This exercise would need to be performed on a periodic basis to ensure that the business’s assessment is up to date and reflects emerging trends and threats. 

A new failure to prevent fraud offence would make it easier for criminal prosecutions to be brought against companies for fraudulent conduct by ‘associated persons’ who have benefitted the company or its clients/customers.  There would be no need to show that the ‘directing mind and will’ of the company was involved in the wrongdoing. This could lead to more investigations being opened by the SFO. The ability to agree Deferred Prosecution Agreements (DPA) with companies is likely to extend to any new failure to prevent offence, where prosecuted by the CPS or SFO. If an investigation is opened, a company may be more inclined to enter into a DPA, rather than fight the claim due to the lower bar for corporate liability which would apply to any failure to prevent fraud offence.

In addition, the risk of prosecutions being brought against corporate entities may come from private prosecutions, as a new offence will make it far easier for disgruntled victims of fraud to be able to seek redress through the criminal courts.  This might be used by parties to bridge the gap in circumstances where Action Fraud reports are often left unanswered, and where prosecutorial agencies, such as the CPS and SFO are already very stretched resource-wise.