Austria
Belgium
Denmark
Estonia
Finland
France
Germany
Greece
Iceland
Ireland
Italy
Liechtenstein
Netherland
Norway
Poland
Portugal
Spain
Sweden
Switzerland
Turkey
United Kingdom
Australia
Hong Kong
New Zealand
India
Indonesia
Japan
Malaysia
Philippines
Singapore
Thailand
Brazil
Chile
Colombia
Mexico
Peru
USA
Bahrain
Israel
Morocco
Oman
UAE
Saudi Arabia
Tanzania
A New Era of Corporate Accountability: Economic Crime and Corporate Transparency Act 2023
Published
Written by
Read time
From 1 September 2025, the UK’s financial services sector will face a significant shift in corporate liability with the introduction of the “failure to prevent fraud” offence under the Economic Crime and Corporate Transparency Act 2023 (ECCTA). Financial institutions need to start planning now and budgeting for next year with a view to implementation shortly thereafter.
Understanding the Offence
The ECCTA introduces a new corporate criminal offence: if a person associated with a large organisation commits fraud for the organisation’s benefit, and the organisation did not have reasonable procedures in place to prevent it, the organisation can be prosecuted. This includes employees, agents, subsidiaries, and potentially even contractors.
The offence is modelled on the structure of the Bribery Act 2010 and the Criminal Finances Act 2017, extending the “failure to prevent” framework to fraud. It applies to large organisations—those meeting at least two of the following thresholds: more than £36 million in turnover, £18 million in assets, or 250 employees.
For financial institutions, the implications are profound. Fraud committed by a relationship manager, client advisor, or even a third-party service provider could trigger corporate liability if adequate fraud prevention measures are not demonstrably in place.
Why This Matters to Financial Institutions
The financial services sector is particularly exposed. Complex product offerings, high-value transactions, and reliance on intermediaries all increase the risk of fraud. Moreover, the offence applies not only when the organisation benefits directly, but also when the fraud benefits a client - a scenario highly relevant to wealth managers acting in fiduciary or advisory roles.
This means that even if a fraudulent act is committed to secure a client’s gain (e.g., misrepresenting investment performance or falsifying documentation), the institution could be held liable if it failed to prevent the act.
Insurance and Liability Considerations
Directors & Officers (D&O) Insurance
While the ECCTA creates a corporate offence, directors and officers may still be drawn into investigations. They could be required to attend interviews or produce documents, even if they are not personally accused of wrongdoing. It is essential to review D&O policies to ensure:
- Coverage extends to regulatory investigations and interviews.
- Exclusions - particularly conduct exclusions - do not inadvertently limit protection.
- The policy responds to acts committed in an insured capacity, unless there is a final court finding of dishonesty.
Importantly, the ECCTA does not introduce new personal liability for directors, but the reputational and operational risks of being involved in a corporate fraud investigation remain significant.
Civil Liability and Fines
Many civil liability policies include coverage for criminal defence costs and investigations, even though they are labelled “civil.” However, criminal fines, while not explicitly excluded by the ECCTA, are generally considered uninsurable under UK common law. Financial institutions should not assume that fines will be covered and should focus on prevention and mitigation.
What Reasonable Procedures Look Like
To mount a defence under the ECCTA, firms must demonstrate that they had reasonable procedures in place to prevent fraud. The UK government has issued guidance based on six principles:
- Top-Level Commitment - Senior leadership must actively promote a culture of integrity.
- Risk Assessment - Regular, documented assessments of fraud risks across business lines.
- Proportionate Procedures - Controls tailored to the size and complexity of the organisation.
- Due Diligence - Robust vetting of clients, intermediaries, and third parties.
- Communication and Training - Ongoing education for staff and agents.
- Monitoring and Review - Continuous evaluation and improvement of fraud prevention frameworks.
For insurance entities, this means embedding fraud prevention into the core of governance, compliance, and operational processes.
The ECCTA marks a new chapter in the UK’s fight against economic crime. For financial institutions, it’s not just about avoiding prosecution, it’s about demonstrating leadership in corporate integrity and client trust. By taking proactive steps now, firms can not only comply with the law but also strengthen their reputations in an increasingly scrutinised financial landscape.
Contact us for more information:
Jonathan Ball
Divisional Director
+44 (7729) 097486