Economic Crime and Corporate Transparency Act 2023 – failure to prevent fraud and ESG considerations

In this article, we focus on the new measures implemented in the Economic Crime and Corporate Transparency Act 2023 (ECCT Act) to hold organisations to account and the extent to which those measures are interlinked with ESG considerations. 

9 April 2024

Hand with ESG graphics


On 26 October 2023, the Economic Crime and Corporate Transparency Act 2023 (ECCT Act) received Royal Assent. Through a broad range of measures, it aims to strengthen the UK’s response to economic crime, prevent abuse of the UK economy, and support enterprise.

The ECCT Act forms part of the same legislative package as the Economic Crime (Transparency and Enforcement) Act 2022, which was fast-tracked through Parliament last year. Amongst other things, this Act established the Register of Overseas Entities (ROE).

The ECCT Act contains a number of different measures to prevent and tackle economic crime. 

Our previous article provided an update on (i) the reforms to Companies House, and (ii) key changes to the legal framework for limited partnerships.

New failure to prevent fraud offence

What is the new offence?

A new failure to prevent fraud offence has been included in the ECCT Act. An organisation falling within the scope of the new offence will be guilty of an offence if a person associated with it commits a fraud offence intending to benefit (whether directly or indirectly):

  • the organisation itself; or
  • any person to whom the associated person provides services to on behalf of the organisation (for example, customers of the organisation). 

It is a strict liability offence: there is no requirement to show that the directors of a company had ordered, or knew, about the fraud. This is to discourage organisations from turning a blind eye to fraud offences that may benefit the organisation. 

Which organisations will fall within the scope of the new offence?

Under the ECCT Act, any large organisation will fall within the scope of the new offence. Broadly, this means in the year that the fraud was committed, an organisation will need to meet two or more of the below criteria:

  • a turnover of more than £36 million;
  • a balance sheet total of more than £18 million; and /or
  • more than 250 employees.   

If an organisation is part of a group, then the group in aggregate will be assessed to see if it meets two or more of these thresholds. If the group is within scope, its parent undertaking can be liable for the new offence. 

The new offence will also apply to partnerships, charities, and other not-for-profit organisations and incorporated public bodies.

What is the available defence?

There is a defence if the relevant organisation can show that, at the time that the fraud offence was committed, it had in place reasonable prevention procedures. 

If there are no prevention procedures in place, the organisation would need to demonstrate that the risk of fraud was so low that it would be unreasonable to expect the organisation to have any prevention procedures in place. 

The Government is hoping that the new offence, and available defence, will drive a shift in corporate culture to encourage more organisations to implement, or improve, their fraud prevention policies.

The Government will issue guidance about the types of reasonable prevention procedures that relevant bodies can put in place. This guidance has not yet been published. 

When will the new offence come into force?

The new offence will not be brought into force until the Government has issued statutory guidance in relation to the procedures that organisations can put in place to prevent persons associated with them from committing fraud offences.   

How is this linked to ESG / greenwashing concerns?

There will be various ways to describe what greenwashing is, but a straight-forward definition is to “make people believe that your company is doing more to protect the environment than it really is”.  That typically manifests itself in inaccurate or misleading claims about a company, its strategy, or the sustainability benefits of its product and service offering. Since fraud is concerned with the making of dishonest or false statements/representations in order to achieve an unlawful gain, it is clear there can be an overlap between misleading ESG statements and the new failure to prevent fraud offence. 

For example, promoting a service as being “green” but for which there is no, or at least very little, credible data to support the assertion.  Or a company (or its directors) making a false statement regarding the company’s ESG credentials, with the benefit to the company being in the form of new business/new clients.  Although companies may wish to advertise their green credentials, is there someone who is looking at ESG through the lens of potential misconduct?

What should organisations do now in anticipation of the new offence?

Organisations within the scope of the new offence should take steps to review their current policies and, once the statutory guidance has been published (anticipated in the second half of 2024), ensure that their own prevention procedures meet the recommendations contained in that guidance. 

The response to the new offence is likely to be not dissimilar to how businesses reacted to the Bribery Act when it first came into force:

  • Is there top-level commitment from management? 
  • Who within the company has the risk ownership for testing the accuracy of statements, checking/monitoring the underlying data, and overseeing the reporting process?
  • Have current policies and procedures been reviewed, and have the risks of fraud been properly risk assessed?
  • Has there been a proportionate response when assessing risk, taking into account the nature, scale and complexity of the company?
  • Is there regular training in place for employees so that they are aware of potential fraud risks?
  • Are the risk assessments and company policies being regularly monitored and reviewed?

What are the next steps?

We will provide further updates once we have a clearer indication of the timetable for implementation, together with the relevant guidance and any secondary legislation.

In the meantime, if you have any questions in relation to the ECCT Act, please contact Christina SinclairTom SwanKevin Clancyor the Regulatory Risk and Compliance group. 

Additionally, if you would like more information on how your organisation can best prepare for the new legislation, please contact Louisa Knox, Gordon Downie, or the ESG Advisory Group