Skip to content

Biggest Shake Up in Corporate Criminal law in 100 years is on the cards

25 July 2023

As the Economic Crime and Corporate Transparency Bill (“the Bill”) reaches the final stages of its journey through the UK Parliament, we consider what may be the biggest shake-up to corporate criminal law in 100 years.

Tucked away in the “miscellaneous” Part 5 of the Bill are clauses that have the potential to change the landscape of corporate liability for certain economic crimes. The first provision would introduce a failure to prevent fraud offence while the second is aimed at modernising and putting on a statutory basis the corporate identification principle.

Why is change needed?

Although having a separate legal identity, a company can in reality, only act through its officers and employees and for over a century the courts have debated the circumstances in which the acts of those individuals can be attributed to the company.

It had become generally accepted that, in the case of criminal liability, the test in the 1972 case of Tesco Ltd v Nattrass is the correct one. In summary, this means that for the dishonest act to be attributable to the company it must have involved an individual of sufficient seniority within the company who, for the purpose of performing the particular function in question, was acting as the “directing mind and will” of the company. This is what is referred to as the “identification principle”.

In practice, this is difficult to establish. Organisations have evolved since this principle was laid down and establishing a directing mind and will in modern corporate organisations is often unfeasible due to their large and sprawling nature. On the opposite end of the spectrum, it is disproportionately easier to prosecute small businesses where the directing mind and will is more easily attributable.

Successive governments have considered how and whether to address this apparent iniquity, particularly in the context of economic crimes such as fraud, and the Law Commission were tasked, most recently in 2020, with looking at potential options1. This resulted in the current Government committing to introduce reform of the identification doctrine in criminal offences in their ‘Economic Crime Plan 2’ as well as the Government’s ‘Fraud Strategy’. The result was an announcement by the Home Office on 11 April 2023 that the Government would introduce a failure to prevent fraud offence.

The proposed failure to prevent fraud offence

We briefly discussed the proposed new offence of failure to prevent fraud in our July bulletin. Under the current version of the new offence, a large organisation would be liable to prosecution where fraud was committed by an associated person (e.g. an employee, agent or subsidiary), for the organisation’s benefit, and the organisation did not have reasonable fraud prevention procedures in place. The offence could also be committed where there is an intention of benefiting (directly or indirectly) any person to whom the associate provides services on behalf of the organisation (i.e. a client).

Unlike the failure to prevent bribery offence the failure to prevent fraud offence, as currently drafted, would only apply to large organisations, which is defined as one which satisfies any of the following criteria in the financial year preceding the offence:

  • More than £36 million in turnover
  • More than £18 million in total assets; and
  • More than 250 employees.

As with the failure to prevent bribery offence2 there is a defence if the organisation had reasonable “prevention procedures”. The burden on proving this would be on the organisation which would need to prove it to the civil “balance of probabilities” standard.

This offence would apply both to regulated and non-regulated bodies, however there are rightly questions raised about the overlap in prosecutorial remit for regulated firms.

Attributing corporate criminal liability – Wishes do come true (sort of)

The second amendment we discuss here puts the identification principle on a statutory footing for certain economic crimes and widens its application to senior managers. It was originally proposed by Lord Garnier on 27 April 2023 who said when introducing it that the “amendments dealing with the adjustment of the law on corporate criminal liability are there as a wish”. That wish appears to have come true, albeit in amended form, following its subsequent adoption by the Government at the Report stage.

Under the clause as currently drafted a corporate would be held liable for the acts of “a senior manager, acting within the actual or apparent scope of their authority”. In other words, if a senior manager has committed a relevant offence the corporate would be liable to prosecution and subject to a fine if convicted. The senior manager(s) may also be separately prosecuted and convicted. This proposed extension of the principle seeks to reflect the complex corporate governance structures of modern organisations, as Lord Sharpe stated, “extending the identification doctrine test to senior management better reflects how decision-making is often dispersed across multiple controlling minds, mitigating the ability to artificially transfer, remove or create titles to escape liability.”

When introducing the Government’s subsequently amended version of the clause Lord Sharpe3 explicitly referred to the desire to ‘capture instances where a senior manager commissions or encourages a lower-ranking employee to do their “dirty work” by making it clear that the corporate can also be held liable where the senior manager encourages or assists a listed offence in the schedule’ as a result the offence can also be committed where the senior manager encouraged or assisted an offence by another or attempted or conspired to commit an offence.

Who is considered a senior manager?

The definition of a senior manager is the same as the one contained in the Corporate Manslaughter and Corporate Homicide Act 2007 and is defined as (1) an individual who plays a significant role in the making of decisions about how the whole or a substantial part of the activities of the company are to be managed or organised, or (2) actually manages or organises the whole or a substantial part of those activities.

The explanatory note to the latest version of the Bill4, dated 11 July 2023, explains that “senior management” “is not limited to individuals who perform an executive function or are board members, it covers any person who falls within the definition irrespective of their title, renumeration, qualifications or employment status” providing they are “acting within the actual or apparent scope of their authority”. The notes give the example of the situation where a Chief Financial Officer committing fraud by deliberately making false statements about a company’s financial position, would make the company liable “since the act of making statements about the company’s financial position is within the scope of that person’s authority”.

Territorial scope

Both clauses will apply to corporates in respect of conduct committed in whole or in part within the UK or, where the substantive offence allows, there is a “close connection” to the UK.

Will money laundering be covered?

The inclusion of the substantive money laundering offences, contained in the Proceeds of Crime Act 2002, remains an area of contention. The Government say it is not needed as the money laundering regulations contain obligations for certain businesses which are aimed at preventing money laundering and can be extended to other businesses if the national risk assessment indicates that is necessary.


Taken together the two new offences significantly strengthen the fight against economic crime. However, there is still potential for iniquity to remain.

There was significant opposition in the Lords to the restriction of the failure to prevent offence to large corporations. This was on the basis that smaller organisations would, as Lord Garnier put it, “get off scot free” for failing to prevent fraud.

Another way of looking at this is that smaller organisations may well actually be disadvantaged as there will be no prosecutorial discretion in their cases to charge the offence of failure to prevent fraud in the place of the substantive fraud offence, using the widened identification doctrine, and therefore no ability to make use of the statutory defence of having “reasonable procedures”.

The Government has made much of the financial burden it would place on SMEs to put in place prevention procedures but, as Lord Vaux pointed out “it should be the responsibility of any company to have in place reasonable procedures to ensure that its employees do not commit fraud on its behalf. Frankly, that should be a basic minimum to be allowed to be in business.”

It also ignores the fact that, as with section 7 of the Bribery Act 2010, the new failure to prevent offence does not require an organisation to have prevention procedures in place, it simply provides a defence if an organisation does. The government guidance is unlikely to be too prescriptive about such procedures, and will likely take the now familiar proportionate risk based approach. It will then be a matter for each organisation as to whether and to what extent they chose to implement such procedures and have the benefit of a potential statutory defence. As currently drafted SMEs are excluded from that potential benefit.

What next?

The Bill still has some way to go before it becomes law and there is still scope for additional changes. We remain cautiously optimistic of the proposed reform to this country’s approach to tackling economic crime. However, as we have warned before, the devil will be in the detail.

Final thought

Whatever the final form, change is coming and the new legislation, which we anticipate will be enacted before the year is out, will make it easier for the authorities to investigate and prosecute fraud, not least because the Bill also contains amendments to extend the Serious Fraud Office’s section 2A powers to enable it to compel the production of documents and information in the pre-investigation (i.e. vetting) phase of cases involving suspected fraud. To ensure that they are protected companies should review their existing compliance guidance and procedures to ensure they are fit for purpose and will meet defence criteria.


  2. Found in section 7 of the Bribery Act 2010
Download Briefing

Download a PDF version of ‘Biggest Shake Up in Corporate Criminal law in 100 years is on the cards’