Economic Crime and Corporate Transparency Act 2023: Jurisdictional scope of the Failure to Prevent Fraud Offence

Introduction

The Economic Crime and Corporate Transparency Act 2023 (the ECCTA) received Royal Assent in October 2023. Among other reforms, the ECCTA introduced a new offence of failure to prevent fraud (the FTP Fraud Offence), which is expected to come into force by 2025.

In the latest in our series of briefings and podcasts on the ECCTA, this briefing focuses on the broad jurisdictional scope of the FTP Fraud Offence. You can also listen to our podcast on this topic here, and access our earlier briefings/podcasts on the ECCTA here.

The FTP Fraud Offence can be committed by all “large organisations” (as defined by the ECCTA) and their subsidiaries, wherever they are incorporated or formed. As such, in one sense the offence has a broader reach than that of the failure to prevent bribery offence under the Bribery Act 2010 (UKBA) (the FTP Bribery Offence), which only applies to companies and partnerships incorporated, formed or carrying on business or a part of a business in the UK.

In another respect, the FTP Fraud Offence is narrower than the FTP Bribery Offence: if a commercial organisation is within scope of the FTP Bribery Offence, it can commit this even if the bribery has no UK nexus whatsoever. By contrast, the scope of the FTP Fraud Offence will be determined by whether there is jurisdiction over the underlying (predicate) fraud offence.

The position can be summarised as follows, and further detail is set out belowi:

Test for application FTP Bribery Offence FTP Fraud Offence
Company which has ‘failed to prevent’ Any size Large organisations and their subsidiaries
UK-incorporated organisation, or one which carries on a business (or part of a business) in the UK Organisation can be incorporated or formed anywhere, and carrying on business anywhere
Predicate offence by associated person Bribery can occur anywhere

The question of whether the UKBA bribery offences apply (from a jurisdictional perspective) to the associated person briber is irrelevant

Fraud can occur anywhere but must be subject to UKii jurisdiction

To complicate matters further, most of the underlying fraud offences specified by the ECCTA have broad jurisdictional scope and allow for part of any criminal conduct to take place overseas. Generally-speaking, the UK will have jurisdiction if a “relevant event” in relation to those underlying fraud offences (defined below) occurs in the UK. For example, a predicate fraud offence might occur where an overseas employee undertakes a fraudulent act at an overseas company (i.e. outside the UK) but some of the victims are in the UK.

We explore the jurisdictional scope of the FTP Fraud Offence further below, and consider the implications for in-scope organisations.

Recap: Overview of the FTP Fraud Offence

The FTP Fraud Offence can be committed by an in-scope organisation (a relevant organisation) if:

  • an associate of the relevant organisation, such as an employee, agent or subsidiary, commits a predicate fraud offence specified by the ECCTA (listed below) over which the UK has jurisdiction (a relevant fraud offence);
  • intending to benefit the relevant organisation or any person to whom (or to whose subsidiary) the associate provides services on behalf of the relevant body; and
  • the relevant organisation did not have in place reasonable fraud prevention procedures. The government is due to publish guidance about such procedures, prior to the offence coming into force.

A relevant organisation will not be guilty if the offence was intended to benefit a customer, and the organisation was the victim of the fraud.

“Relevant organisations”: which organisations can commit the FTP Fraud Offence?

A relevant organisation is any body corporate or partnership which is classified as a “large organisation”, in addition to their subsidiaries. A “large organisation” is one which meets two or more of the following conditions in the financial year that precedes the underlying fraud offence:

  • Turnover: more than £36 million;
  • Balance sheet: more than £18 million; and
  • Number of employees: more than 250 employees.

The offence applies to all of the above organisations, irrespective of their place of incorporation or formation.

“Relevant fraud offence”: which offences can be an underlying (predicate) fraud for the purpose of the FTP Fraud Offence and what is their jurisdictional scope?

As set out above, one essential ingredient of the FTP Fraud Offence is that an associate of a relevant organisation commits an underlying fraud which, for the purposes of the ECCTA, is a relevant fraud offence. Alternatively, the FTP Fraud Offence may be engaged if an associate of the relevant organisation aids, abets, counsels or procures a relevant fraud offence.

At presentiii, the ECCTA specifies that the following offences comprise a relevant fraud offence in England and Wales:

  • Fraud Act 2006 (Fraud Act) offences, namely:
    • Fraud by false representation / failing to disclose information / abuse of position (sections 1 – 4, Fraud Act);
    • Participating in a fraudulent business (section 9, Fraud Act);
    • Obtaining services dishonestly (section 11, Fraud Act);
  • Theft Act 1968 (Theft Act) offences, namely:
    • False accounting (section 17, Theft Act);
    • False statements by company directors (section 19, Theft Act);
  • Cheating the public revenue (common law offence); and
  • Fraudulent trading under section 993, Companies Act 2006 (Companies Act).

For completeness, we refer to the position in England and Wales here and in the paragraphs directly below for simplicity but note that the relevant offences in Northern Ireland and Scotland are broadly equivalent.

Jurisdictional scope of the Fraud Act, Theft Act and common law offences

Save for the Companies Act offence of fraudulent trading, the above predicate offences all have a degree of extraterritoriality by virtue of sections 1 – 2, Criminal Justice Act 1993 (CJA). A person can be guilty of these offences if part of the relevant conduct takes place abroad, provided that a “relevant event” occurs in England and Wales (the Relevant Event Test). A Relevant Event means any act, omission or other event, proof of which is required for conviction of the relevant offence.

The CJA further specifies that, in relation to the Fraud Act offences of fraud by false representation / failing to disclose information / abuse of position (sections 1 – 4, Fraud Act), a Relevant Event will include (but is not limited to) the occurrence of any gain, loss or risk of loss.

This means that, for the purpose of the FTP Fraud Offence, a relevant fraud offence may be committed where not all of the underlying criminal conduct takes place in England and Wales.

Jurisdictional scope of the Companies Act offence of fraudulent trading

This offence is not subject to the Relevant Event Test but it can only be committed in respect of a business which is registered, or carrying out business in, the UK. The jurisdictional position is therefore more straight-forward, when compared to other relevant fraud offences.

There is a similar offence of “participating in a fraudulent business” which covers sole traders, partnerships, trusts and companies registered overseas under section 9, Fraud Act. That offence is also a relevant fraud offence under the ECCTA and is subject to the Relevant Event Test referred to above.

Commentary

Companies and partnerships with UK operations or subsidiaries will no doubt already be assessing whether they meet the ECCTA’s “large organisation” criteria, and are therefore within scope of the FTP Fraud Offence. If so, relevant organisations will also likely be beginning to consider their existing fraud prevention procedures in anticipation of the government’s forthcoming guidance on “reasonable prevention procedures”. One preliminary question is whether to scope any risk assessment and procedural uplift activities by reference to the FTP Fraud Offence’s jurisdictional scope. In theory, if only part of a multinational group carries out activities in the UK (or has other UK touchpoints), it would be possible to focus only on that part, and some organisations may consider this to be a more efficient approach – particularly if the only reason for reviewing their fraud procedures is the advent of the new offence. Equally, relevant organisations may favour a broader, group-wide approach which is similar to that adopted in relation to anti-bribery and corruption controls. A broader approach would avoid the complexity of needing to identify all potential UK touchpoints within a group structure, and would help to ensure that groups have a robust, overarching framework for preventing fraud. That is highly desirable, irrespective of the applicability of the new offence.

Other companies and partnerships (i.e. ones which do not necessarily have UK operations or subsidiaries) should also consider whether they fall within scope of the FTP Fraud Offence. Prior to the ECCTA coming into force, the government’s impact assessment of the Act stated that foreign-domiciled corporates would only be impacted by the FTP Fraud Offence to the extent that they operate a UK branch or subsidiary. In contrast to this, a government factsheet on the ECCTA indicates that the scope of the offence is much broader, saying that it may be engaged, “if an employee commits fraud under UK law, or targeting UK victims, their employer could be prosecuted, even if the organisation (and the employee) are based overseas“. We think that the factsheet’s wider interpretation of the ECCTA is correct. In theory, it would be possible for an overseas relevant organisation – even one which does not have a UK branch or subsidiary – to be held liable for failing to prevent a relevant fraud offence, if a Relevant Event took place in the UK. For example, this could arise where a fraud takes place overseas but it targets UK victims, such as UK customers, UK owners or UK creditors of the relevant organisation. Overseas relevant organisations should therefore assess whether they have any existing or potential UK touchpoints and, in turn, may wish to review their fraud prevention procedures in advance of the FTP Fraud Offence coming into force, including in light of forthcoming government guidance.


i This summary relates only to the ‘failure to prevent’ offences. Companies can also commit offences of active or passive bribery, the ‘foreign public officials’ offence, and fraud offences, to which different jurisdictional tests apply.

ii We refer to the UK for simplicity, but note that the question would be one of jurisdiction in England and Wales, Scotland or Northern Ireland.

iii The Secretary of State may by secondary legislation remove or add further predicate offences within scope of the FTP Fraud Offence, provided the offence is (i) one of dishonesty, (ii) otherwise of similar character to those listed under the ECCTA currently, or (iii) a substantive money laundering offence (i.e. an offence under sections 327 – 329, Proceeds of Crime Act 2002).

Susannah Cogman
Susannah Cogman
Partner
+44 20 7466 2580
Robert Hunt
Robert Hunt
Partner
+44 20 7466 3423
Kate Meakin
Kate Meakin
Partner
+44 20 7466 2169
Brian Spiro
Brian Spiro
Partner
+44 20 7466 2381
Elizabeth Head
Elizabeth Head
Of Counsel
+44 20 7466 6443
Ali Grodzki
Ali Grodzki
Senior Associate
+44 20 7466 6329

The Fraud Files: Decoding the Economic Crime Act – bonus episode on Companies House and POCA reform

We have recorded a special bonus episode of the Fraud Files podcast which departs from our analysis of the failure to prevent fraud and identification doctrine reform elements of the Economic Crime Corporate Transparency Act 2023 (the “Act”) and provides an overview of the other changes introduced by this piece of omnibus legislation. In this episode, hosted by Elizabeth Head, Sarah Hawes talks through the Act’s extensive reforms to Companies House, and Susannah Cogman provides an overview of other changes introduced by the Act, including in particular in relation to the Proceeds of Crime Act.

 

We will be back with further discussion of failure to prevent fraud in the New Year!

 

Susannah Cogman
Susannah Cogman
Partner
+44 20 7466 2580
Robert Hunt
Robert Hunt
Partner
+44 20 7466 3423
Kate Meakin
Kate Meakin
Partner
+44 20 7466 2169
Brian Spiro
Brian Spiro
Partner
+44 20 7466 2381
Elizabeth Head
Elizabeth Head
Of Counsel
+44 20 7466 6443
Sarah Hawes
Sarah Hawes
Head of Corporate Knowledge, UK
+44 20 7466 2953

The Fraud Files: Decoding the Economic Crime Act – new podcast

Our new podcast, The Fraud Files: Decoding the Economic Crime Act, breaks down everything listeners need to know about the Economic Crime and Corporate Transparency Act 2023, its impact on corporate criminal liability, and the new offence of failure to prevent fraud.

In our initial episode, Susannah Cogman, Elizabeth Head and Jessica Chappatte provide an overview of the key provisions of the new Act and its impact on corporates, as well as some teasers for future episodes. Listen below and look out for the next instalment in the series!

 

 

Susannah Cogman
Susannah Cogman
Partner
+44 20 7466 2580
Robert Hunt
Robert Hunt
Partner
+44 20 7466 3423
Kate Meakin
Kate Meakin
Partner
+44 20 7466 2169
Brian Spiro
Brian Spiro
Partner
+44 20 7466 2381
Elizabeth Head
Elizabeth Head
Of Counsel
+44 20 7466 6443
Jessica Chappatte
Jessica Chappatte
Senior Associate
+44 20 7466 2130

Economic Crime and Corporate Transparency Act passed in UK Parliament

After years of debate and calls from the Serious Fraud Office (‘SFO’) to change the law, and months of discussion in Parliament, the Economic Crime and Corporate Transparency Act 2023 (the ‘Act’) received Royal Assent last Thursday, 26 October 2023, introducing (among other reforms) a new failure to prevent (‘FTP’) fraud offence and an expansion of the basis on which companies can be held criminally to account (the ‘identification doctrine’). According to the Government’s press release, these reforms provide prosecutors with ‘game changing powers to hold companies criminally liable for malpractice’.

The new FTP fraud offence is not expected to come into force for some time since it is subject to the Government issuing accompanying guidance (explained below) whereas the provisions of the Act which expand the scope of the identification doctrine will be enacted by the end of December 2023.

We will be considering these reforms in detail across a series of podcasts and briefings in upcoming months (for which, do subscribe to our blog at https://hsfnotes.com/fsrandcorpcrime/), and for now, note below the key developments since our last update on the topic.

Our previous briefings analyse the key elements of the failure to prevent fraud offence and identification doctrine reforms and some of the more recent developments before the Act was passed.

1. The FTP Fraud Offence (sections 199-206 of the Act)

Under the Act, a FTP fraud offence is committed where:

  • an ‘associated person’ of a ‘relevant body’ (ie. a ‘large organisation’) commits a relevant ‘fraud offence’;
  • intending to benefit (directly or indirectly) the relevant body or any person to whom, or to whose subsidiary, the associate provides services on behalf of the relevant body; and
  • the relevant body did not have in place reasonable fraud ‘prevention procedures’.

No offence is committed where the relevant body was (or was intended to be) a victim of the fraud offence. Like other failure to prevent offences, failure to prevent fraud will be subject to the deferred prosecution agreement regime.

Please see our briefing for further analysis of ‘an associated person’, relevant ‘fraud offence’, and reasonable ‘prevention procedures’, concepts which remain as trailed in the draft Bill.

Applies to ‘large organisations’ only

The scope of the offence continued to be the subject of Parliamentary debate in recent weeks (for which, see our briefing), and following a ‘ping pong’ process between the House of Lords and House of Commons on the appropriate size of the organisation which should be in scope, the Act provides that the offence applies to ‘large organisations’ only. An organisation will be in scope if it meets two out of three of the following criteria (in the financial year that precedes the fraud offence):

  • more than 250 employees;
  • more than £36 million turnover; and
  • more than £18 million in total assets.

If resources held across the corporate group cumulatively meet the size threshold, that group of companies will be in scope of the offence.

The Secretary of State may by secondary legislation amend the above criteria and remove the limitation to large organisations entirely. Therefore, there remains a risk (albeit a somewhat remote one at present) that small and medium-sized enterprises could be brought into the scope of the Act in the future.

When is the offence in force?

As stated above, the FTP fraud offence will come into force once the Government publishes guidance on procedures which can prevent organisations from committing a fraud offence (for more, see our briefing). There should be a public consultation on the guidance which will likely take place during 2024 and we are not therefore expecting the new offence to be in force until the latter part of next year or early 2025.

2. Identification doctrine reforms (sections 196-198 of the Act)

The Act also imposes corporate criminal liability on companies for economic crime offences committed by their ‘senior managers’. Under the Act, if a senior manager of a body corporate or partnership, acting within the actual or apparent scope of their authority, commits a ‘relevant offence’ (e.g. bribery, fraud, money laundering), then the organisation itself will be criminally liable. This is a significant departure from the existing identification doctrine which has historically made it challenging to bring criminal prosecutions against companies in England and Wales. For more information on the changes and their impact, see our briefing here.

As stated above, these reforms will be enacted by the end of December 2023.

3. Comments

Nick Ephgrave, the new director of the SFO, has said that ‘this is the most significant boost to the SFO’s ability to investigate and prosecute serious economic crime in over 10 years‘ and ‘big businesses can no longer turn a blind eye to fraud.’  These amendments to the law are significant and should, without a doubt, make it easier for prosecutors to bring criminal cases against corporates. The practical impact of the reform to the identification doctrine will likely flow through over the coming years, as complex fraud offences typically take a number of years to investigate and prosecute, and companies will over the coming months need to consider their ‘reasonable procedures’ response to the failure to prevent fraud offence.

We will be considering the reforms in a series of podcasts and accompanying briefings in more detail over the upcoming months and will continue to monitor for key developments in this area including with respect to the public consultation on reasonable fraud prevention procedures. Any companies considering how best to address these new developments, and (in due course) the scoping of any reviews of their ‘reasonable procedures’ should contact any of the below HSF team members to discuss further.

 

Susannah Cogman
Susannah Cogman
Partner
+44 20 7466 2580
Robert Hunt
Robert Hunt
Partner
+44 20 7466 3423
Kate Meakin
Kate Meakin
Partner
+44 20 7466 2169
Brian Spiro
Brian Spiro
Partner
+44 20 7466 2381
Elizabeth Head
Elizabeth Head
Of Counsel
+44 20 7466 6443
Jessica Chappatte
Jessica Chappatte
Senior Associate
+44 20 7466 2130
Serge Durdyyev
Serge Durdyyev
Trainee Solicitor
+44 20 3692 9640