A. Background
The UK government is currently planning to make it easier to prosecute companies for economic crime offences and in May 2023, the government published its “Fraud Strategy” paper in which it set out its plan to reduce fraud on 2019 levels by 10% by December 2024.1
The Economic Crime and Corporate Transparency Act 20232 (the Act) follows the Economic Crime (Transparency and Enforcement) Act 2022 in handing new tools to prosecutors and authorities to tackle economic crime.
The most significant changes that feature in the Act are the introduction of a new “failure to prevent fraud” offence and the replacement of the common law “directing mind and will” test for corporate criminal liability for economic crimes with a new statutory “senior manager” test.
Currently, organisations can only be held criminally liable for fraud offences where there has been a “directing mind and will” of the company involved.
The High Court in 2018 stated that to be considered a “directing mind and will” of the company, the individual directors need to be the ultimate decision maker; that is, they need to have fully delegated to them the responsibility and authority to do the act in question with Lord Justice Davis setting out at paragraph [122] of the judgment:
“[T]hat the individuals had some degree of autonomy is not enough. It had to be shown, if criminal culpability was capable of being attributed to [the company], that they had entire autonomy to do the deal in question”.
As a result, it has been markedly more difficult for prosecutors to establish liability for a company’s principal decision-makers for an offence in large companies where there are often numerous layers of management and decentralised business decisions. Conversely, it is much easier to prosecute smaller companies, as they will have fewer directors and less formal delegation to subcommittees.
B. The proposed amendments
The “senior manager” test
How is “senior manager” defined?
Under the new test, an organisation can be held criminally liable under the so-called “identification doctrine” if a senior manager “acting within the actual or apparent scope of their authority” commits a relevant crime. Only specified economic crimes will be in scope so that the elevated liability will only apply where a part or all of those offences are committed.
A senior manager is defined as “an individual who plays a significant role in:
i. the making of decisions about how the whole or a substantial part of the activities of the body corporate or (as the case may be) partnership are to be managed or organised; or
ii. the actual managing or organising of the whole or a substantial part of those activities”.
The person’s actual title will be irrelevant providing they fall within the scope of the definition.
What offences will be in scope?
The Act applies the senior manager test to a broad spectrum of relevant, principally economic offences including theft, false accounting, fraud, fraudulent trading, bribery, money laundering, terrorist financing and certain tax evasion offences. This scope will be significantly wider than the existing and proposed failure to prevent offences.
Practical application
The senior manager test applies to senior managers of a body corporate or partnership, with the definition of a body corporate including those incorporated outside of the UK. This is in contrast to the failure to prevent offence (which applies only to “large organisations”), as the senior manager offence applies to all organisations, regardless of size.
It can therefore be assumed that offences will be capable of being committed by senior managers who are UK nationals or are foreign nationals who commit an offence in the UK or are located in the UK at the time of the offence.
This could give rise to a situation whereby a non-UK domiciled company, with UK senior managers, is found liable for an offence committed by those managers.
The scope of the offence is limited, however, in that where a relevant offence is committed wholly outside of the UK an organisation will not be liable unless it would be guilty of that offence were it to have been committed by the organisation itself and not the senior manager.
The “failure to prevent fraud” offence
The “failure to prevent fraud” offence expands corporate criminal liability by holding a “relevant body” accountable where they were intended to benefit from fraud committed by an associated party and have failed to prevent the relevant misconduct.
The offence shall be one of strict liability with a statutory defence of having reasonable policies and procedures in place to prevent fraud.
Who is in scope?
The scope of the offence has been subject to continued scrutiny and amends by the House of Commons and the House of Lords with the latter favouring a broad approach to capture all organisations. The offence as initially proposed was limited to only “large organisations” with the government articulating that this restriction was intended to avoid disproportionate regulatory burdens on small and medium-sized enterprises (SMEs).
Following multiple readings in the House of Lords at the Bill stage and attempts to introduce amendments to broaden the scope to cover a wider set of organisations, the House of Lords dropped their resistance following the rejection of their proposed amends in the House of Commons on 25 October 2023 with the scope remaining limited to “large organisations”.
The definition of a “large organisation” is well established and covers companies where two or more of following conditions in the financial year that precedes the year of the fraud offence are met:
(a). A turnover of more than £36 million
(b). A balance sheet total of more than £18 million
(c). A total number of employees of more than 250
In contrast to the senior manager test, the failure to prevent fraud offence shall apply to “relevant bodies”, which means a “body corporate or a partnership (wherever incorporated or formed)” that meets the test for a large organisation.
A “relevant body” will commit an offence where there is a failure to prevent fraud by an “associate” with this definition including:
(a). An employee, an employee of a subsidiary, agent or subsidiary undertaking;
or
(b). A person who otherwise performs services for the relevant body.
What offences are in scope?
An organisation will be liable where a specific fraud is:
(a). Committed by an ”associate”;
(b). For the benefit of the organisation or any person to whom services are provided on behalf of the organisation; and
(c). The organisation did not have reasonable fraud prevention procedures in place (unless it was not reasonable to expect them to have such procedures).
The following offences will be in scope:
- Fraud by false representation (section 2 Fraud Act 2006)
- Fraud by failing to disclose information (section 3 Fraud Act 2006)
- Fraud by abuse of position (section 4 Fraud Act 2006)
- Obtaining services dishonestly (section 11 Fraud Act 2006)
- Participation in a fraudulent business (section 9, Fraud Act 2006)
- False statements by company directors (Section 19, Theft Act 1968)
- False accounting (section 17 Theft Act 1968)
- Fraudulent trading (section 993 Companies Act 2006)
- Cheating the public revenue (common law)
An interesting omission in the above list is money laundering offences which were subject to a House of Commons vote to explicitly exclude their inclusion meaning that those offences will continue to be covered by the pre-existing Money Laundering Regulations.
The types of conduct that can be caught by the new offence are broad and include the misconduct of an employee or agent in reference to warranties, and representations in transaction documents, prospectuses, annual reports and insurance claims might also lead to an organisation being liable.
Which organisations will be in scope?
The UK government released a Factsheet during the legislative process which states in relation to jurisdiction that “If an employee commits fraud under UK law, or targeting UK victims, their employer could be prosecuted, even if the organisation (and employee) are based overseas”.3
There are no territorial qualifications on who will be caught by the definition of an “associate” within the Act, and it remains to be seen whether this will be clarified further in later (presumably non-binding) guidance.
This suggests that, in addition to the ability for foreign companies to be liable where they maintain a UK presence or subsidiary, there is also the possibility of liability where an offence is committed within the UK regardless of the domicile of the body corporate or partnership.
While the position is not yet clear, it would also appear from the wording of the failure to prevent provision, and the UK government Factsheet, that jurisdiction will be predicated on the underlying offence committed. This may mean that a relevant body can be liable under a failure to prevent offence, even where it has no UK presence, if an associate commits an in-scope offence.
Practically, this would allow for a foreign organisation to be prosecuted under the failure to prevent offence where, for example, it fails to prevent an associate, whether they are a UK-based associate or not, from committing an offence outside of the UK where there is an intended loss or gain in the UK.
C. How will the new proposed offences impact organisations
These changes will make it significantly easier for authorities to hold organisations accountable. Both the “failure to prevent” offence and the “senior manager” test will supplement each other to make it more likely that organisations can be successfully prosecuted and fined for economic crime offences.
Organisations prosecuted under the new offences are expected to face unlimited fines, and sentencing will likely be akin to the Sentencing Council Guidance for fraud, bribery and money laundering.
When looking at what will constitute “reasonable procedures” by way of a defence to liability, the concept is not defined in the legislation and codes of practice or guidance have yet to be created. However, such procedures will likely follow a similar vein to those set out in the Ministry of Justice Guidance on the UK Bribery Act and the “reasonable procedures” laid out in the HMRC guidance to the Criminal Finances Act 2017.
Practical steps
Organisations should look to take the following steps prior to the Act coming into force:
- Conduct risk assessments specifically focused on fraud risk or review any such assessments previously carried out to see if they remain fit for purpose.
- Review and amend policies and procedures to account for these risks in a proportionate way.
- Train employees, agents and senior management to avoid risks and to mitigate them if they are spotted.
- Ensure appropriate methods are in place for reporting any suspicions.
- Identify individuals and relevant roles that may fall into the definition of “senior manager” and consider whether additional training is required.
- Establish procedures for the ongoing monitoring of the above to ensure continued compliance.
Failing to take adequate steps could lead to a potential world of pain for organisations where it is clearly the purpose of the Act to make it easier to target organisations for economic criminal offences.
While it remains to be seen whether the new offences will see a marked uptick in prosecutions, it is clear that the compliance landscape for organisations is changing and set to become more onerous.
- gov.uk
- legislation.gov.uk
- gov.uk
In-depth 2023-241