UK’s Failure to Prevent Fraud: What you Need to Know

What the New Corporate Criminal Offence Means for Businesses 

With the new Failure to Prevent Fraud offence that came into effect on September 1st, 2025, regulations around “associated persons” who commit fraud to benefit the business have become even more defined. Whether it’s an employee, contractor, or agent, companies will be criminally liable for any fraud committed regardless of their awareness. 

This offence states that if “reasonable procedures” to prevent fraud are not in place, then companies will face fines and reputational damages. By embedding active controls with a proactive approach, businesses can create more thorough policies to mitigate risks. 

Reactive Controls Are Not Enough 

With fraud becoming increasingly complex and fraudsters getting smarter than ever with AI, companies need to understand how fraud emerges. Donald Cressey’s fraud triangle framework explains how pressure, opportunity, and rationalisation combine to drive fraudulent behaviour. 

But reactive compliance is simply not enough. Regulators are not satisfied and demand more proactive preventive frameworks. It is the responsibility of senior leadership at large organisations to prioritise strategies that actively detect fraud before it happens. The Failure to Prevent Fraud offence only furthers this sentiment in a transforming digital world. 

Scope is Broader Than Many Expect  

Companies that have £36 million turnover, £18 million in assets, or 250 employees fall within the scope of the new offence. Banks, insurers, asset managers, fintech and even smaller firms may feel the ripple effect through vendors and regulatory partnerships. 

Employees, contractors, subsidiaries, and third-party service providers all fall under the definition of “associated persons”. Fraud by any of these people can trigger corporate liability even if it was done without the company's knowledge. 

Documented Controls and Audit Trails are your Defence 

The expectations are high as firms must demonstrate that they have thorough risk assessments in place. They must prove to the Serious Fraud Office (SFO) that they have implemented fraud-specific procedures and created clear escalation paths.  

Superficial policies will not stand up to scrutiny. Documentation and audit evidence are essential to prove compliance efforts. Regulators will look for proof that fraud prevention measures are embedded in daily business operations. Companies that cannot demonstrate working procedures risk investigation, litigation, and unlimited fines. 

Controls Must Be Enterprise-Wide 

Enforcement cases highlight the importance of embedding fraud prevention at the foundation of best practices. Key measures for an organisation include: 

• Staff training on fraud indicators and escalation channels 
• Whistleblower hotlines with protection against retaliation 
• Enhanced onboarding with KYC and KYB checks 
• Continuous vendor screening to limit third-party exposure 
• Real-time transaction monitoring for high-risk activities 

This ensures that mitigating risk is not the sole responsibility of compliance departments but an overarching goal of the organisation’s culture. 

Fraud Prevention as a Strategic Priority 

The Failure to Prevent Fraud offence marks a decisive shift in how regulators view corporate accountability.  Instead, large organisations must prove that fraud-specific frameworks are embedded, documented, and operational across the entire firm. Using technology to meet these new expectations is necessary to keep up with today’s transforming world. 

By investing in prevention strategies, strengthening oversight of associated persons, and leveraging technology platforms such as ComplyCube, firms can demonstrate compliance readiness while protecting their business, customers, and reputation from the rising threat of corporate fraud. 

For more information on how to comply with the ‘Failure to Prevent Fraud’ requirements, get in touch with one of ComplyCube’s compliance experts. 

Author

Joshua Vowles-Dent 

 GTM Lead, ComplyCube

×

Joshua Vowles-Dent 

 GTM Lead, ComplyCube

Digital Identity  programme activities

Digital identities will provide a gateway for citizens and SMEs into the digital economy. techUK members demonstrate the benefits of digital identity to emerging markets, raise their profile as thought leaders, influence policy outcomes, and strengthen their relationships with potential clients and decision-makers. Visit the programme page here.

techUK's Digital ID Summit 2025

Join us on 13 October 2025 for techUK’s Digital ID Summit — a key event bringing together industry leaders, policymakers, and innovators to shape the future of digital identity in the UK. Don’t miss this opportunity to be part of the conversation driving trust, security, and innovation.

Book now

 

Upcoming events

13 November 2025

Combatting Online Fraud: techUK's 2025 Report Launch Breakfast & Panel

London

6 October 2025

Paper Launch - Ethics in Action: Applying UK AI Ethics Principles to Immersive Environments

Panel discussion

6 – 7 October 2025

London Fintech Summit

London Conference

Latest news and insights 

30 Sep 2025

UK’s Failure to Prevent Fraud: What you Need to Know

26 Sep 2025

techUK Reaction: UK Government Announces Mandatory Digital ID Scheme

09 Sep 2025

Digital ID in the UK: what comes next? A techUK perspective

Learn more and get involved

 

Get our digital identity insights straight to your inbox

Sign-up to get the latest updates and opportunities from our Digital Identity, Technology and Innovation, Cloud, and Data Analytics and AI programmes.

 

Here are the five reasons to join the Digital Identity programme

Download

Join techUK groups

techUK members can get involved in our work by joining our groups, and stay up to date with the latest meetings and opportunities in the programme.

Learn more

Become a techUK member

Our members develop strong networks, build meaningful partnerships and grow their businesses as we all work together to create a thriving environment where industry, government and stakeholders come together to realise the positive outcomes tech can deliver.

Learn more

Meet the team 

Sue Daley OBE

Director, Technology and Innovation

×

Sue Daley OBE

Director, Technology and Innovation

Sue leads techUK's Technology and Innovation work. 

This includes work programmes on cloud, data protection, data analytics, AI, digital ethics, Digital Identity and Internet of Things as well as emerging and transformative technologies and innovation policy. 

In 2025, Sue was honoured with an Order of the British Empire (OBE) for services to the Technology Industry in the New Year Honours List. 

She has been recognised as one of the most influential people in UK tech by Computer Weekly's UKtech50 Longlist and in 2021 was inducted into the Computer Weekly Most Influential Women in UK Tech Hall of Fame. 

A key influencer in driving forward the data agenda in the UK, Sue was co-chair of the UK government's National Data Strategy Forum until July 2024. As well as being recognised in the UK's Big Data 100 and the Global Top 100 Data Visionaries for 2020 Sue has also been shortlisted for the Milton Keynes Women Leaders Awards and was a judge for the Loebner Prize in AI. In addition to being a regular industry speaker on issues including AI ethics, data protection and cyber security, Sue was recently a judge for the UK Tech 50 and is a regular judge of the annual UK Cloud Awards.

Prior to joining techUK in January 2015 Sue was responsible for Symantec's Government Relations in the UK and Ireland. She has spoken at events including the UK-China Internet Forum in Beijing, UN IGF and European RSA on issues ranging from data usage and privacy, cloud computing and online child safety. Before joining Symantec, Sue was senior policy advisor at the Confederation of British Industry (CBI). Sue has an BA degree on History and American Studies from Leeds University and a Masters Degree on International Relations and Diplomacy from the University of Birmingham. Sue is a keen sportswoman and in 2016 achieved a lifelong ambition to swim the English Channel. 

Email:

[email protected]

Phone:

020 7331 2055

Twitter:

@ChannelSwimSue,@ChannelSwimSue

Laura Foster

Associate Director - Technology and Innovation, techUK

×

Laura Foster

Associate Director - Technology and Innovation, techUK

Laura is techUK’s Associate Director for Technology and Innovation.

Laura advocates for better emerging technology policy in the UK, including quantum, future of compute technologies, semiconductors, digital ID and more. Working alongside techUK members and UK Government she champions long-term, cohesive, and sustainable investment that will ensure the UK can commercialise future science and technology research. Laura leads a high-performing team at techUK, as well as publishing several reports on these topics herself, and being a regular speaker at events.

Before joining techUK, Laura worked internationally as a conference researcher and producer exploring adoption of emerging technologies. This included being part of the team at London Tech Week.

Laura has a degree in History (BA Hons) from Durham University and is a Cambridge Policy Fellow. Outside of work she loves reading, writing and supporting rugby team St. Helens, where she is from.

Email:

[email protected]

LinkedIn:

www.linkedin.com/in/lauraalicefoster

Elis Thomas

Programme Manager, Tech and Innovation, techUK

×

Elis Thomas

Programme Manager, Tech and Innovation, techUK

Elis joined techUK in December 2023 as a Programme Manager for Tech and Innovation, focusing on Semiconductors and Digital ID.

He previously worked at an advocacy group for tech startups, with a regional focus on Wales. This involved policy research on innovation, skills and access to finance.

Elis has a Degree in History, and a Masters in Politics and International Relations from the University of Winchester, with a focus on the digitalisation and gamification of armed conflicts.

Email:

[email protected]

Website:

www.techuk.org/

LinkedIn:

https://www.linkedin.com/in/elis-thomas-49a1aa1a1/

Authors

Joshua Vowles-Dent 

GTM Lead, ComplyCube