The Failure to Prevent Fraud Offense under the Economic Crime and Corporate Transparency Act: What Compliance Leaders Need to Know
On September 1, 2025, the Failure to Prevent Fraud offense under the Economic Crime and Corporate Transparency Act (ECCTA) goes into effect. For compliance leaders, this marks a significant shift: organizations with a connection to the United Kingdom can now be held criminally liable if employees, agents, subsidiaries, or even third parties commit fraud with the intent of benefiting the company — unless “reasonable fraud prevention procedures” are in place.
On a recent episode of Ethicast Reacts, Ethisphere’s Chief Strategy Officer, Erica Salmon Byrne, joined guest host Julia Boyes to unpack what this means for ethics and compliance leaders preparing their organizations. Below are the highlights.
A Seismic Shift in Corporate Liability
While many compliance officers are familiar with the UK Bribery Act, this new offense is broader and potentially more far-reaching.
“This is the first time we’ve seen such a broadly written corporate offense out of the UK,” Erica explained. “If your employee engages in fraudulent behavior intended to benefit your organization, and you don’t have the right procedures in place, you will be on the hook.”
Fraud here isn’t confined to finance or audit functions. The law’s definition captures behaviors across sales, operations, supply chain, and third-party networks.
What Counts as “Reasonable” Prevention Procedures?
One of the most pressing questions: how will prosecutors and courts define “reasonable procedures”?
While clarity will only come after initial prosecutions, start with a risk-driven approach:
- Assess fraud risk across functions. Misrepresentation of products, accounting irregularities, tax evasion, tariff manipulation, or supply chain fraud should all be on the radar.
- Examine incentives and culture. The law references the “fraud triangle”: motivation, rationalization, and opportunity. Incentive structures must be aligned to reduce pressure that could drive fraud. Work with your leadership and people teams to make sure goal setting takes this risk into account.
- Document and test mitigation practices. Would a reasonable person conclude your procedures are sufficient?
Subsidiaries, Third Parties, and the Extended Enterprise
CECOs should think beyond their immediate workforce. If a subsidiary engages in fraud that benefits the parent company, liability extends upward. The same applies to agents, representatives, joint ventures, and suppliers.
Erica cautioned: “It’s not enough to do diligence on agents. Companies must also consider fraud risks in their supply chain, tariff declarations, and joint venture partnerships.”
This means compliance leaders must work hand-in-hand with procurement, operations, and finance to evaluate exposures across the business ecosystem.
Leveraging Risk Assessment and Data
Ethisphere’s Sphere platform highlights the centrality of risk assessment in compliance maturity, and that principle applies here.
- Conduct a dedicated fraud risk assessment tied to ECCTA requirements.
- Involve enterprise risk management (ERM) and finance teams to align internal and external fraud likelihood analysis.
- Benchmark against industry risks — regulators expect companies to learn from sector-wide incidents, not just internal history.
As Erica put it, “Think less about the label of fraud and more about inappropriate behaviors that expose your company to risk.”
Culture, Leadership, and the Compliance Seat at the Table
Perhaps the most encouraging element of the guidance is its emphasis on culture, seniority of compliance leaders, and managerial behavior.
Compliance leaders should view this law not as an isolated challenge but as an opportunity to reinforce influence at the board and C-suite level:
- Strengthen compliance’s direct line to the board.
- Map existing DOJ-inspired compliance practices to the ECCTA framework.
- Highlight gaps in training, incentive alignment, and managerial accountability.
“Multinational organizations likely have pieces of this already,” Erica noted. “The task is mapping current practices to the guidance, identifying gaps, and strategically shoring them up.”
Key Takeaway for CECOs
The September 1 deadline may feel daunting, but Erica’s closing advice was steady:
- You probably have much of this work underway.
- Use the guidance to identify gaps.
- Engage leadership in reframing fraud prevention as a culture, incentive, and governance issue.
In short: breathe, assess, and act strategically.
Learn More
- Read the official UK Serious Fraud Office guidance on the Failure to Prevent Fraud offense.
- Explore how Ethisphere’s Sphere platform helps companies benchmark compliance practices and assess fraud risk. Contact your BELA Engagement Director or request guest access.
- Visit ethisphere.com/resources for more insights.
About Ethicast Reacts
Ethicast Reacts is Ethisphere’s podcast series where Ethisphere experts help ethics and compliance leaders break down the latest regulatory and cultural shifts shaping corporate integrity.

