Contributors
From 1 September 2025, the new failure to prevent fraud offence under the Economic Crime and Corporate Transparency Act 2023 comes into force. This offence makes it a crime for certain organisations to fail to prevent fraud committed by their staff or agents. This may sound obvious, but this new statutory duty will make organisations self-reflect on their internal processes and systems.
Is my charity affected?
The new offence applies to "relevant bodies" which are "large organisations". A relevant body is defined as body corporates or partnerships wherever incorporated or formed. If your charity is a company (whether limited by guarantee or by shares), a CIO, a royal charter charity and/or a statutory charity you might be caught by the new measures.
To qualify as large you must satisfy two of the following three criteria:
- More than 250 employees
- More than £36 million turnover, and/or
- More than £18 million in total assets.
Importantly this criteria applies to the whole organisation not just the charity itself. This means that if the charity is part of a group (e.g. has subsidiaries) and the group combined satisfies two of these criteria it will be caught by the new measures.
Unincorporated charities themselves will not constitute "relevant bodies" by virtue of the fact they are not a body corporate. However, if they have a corporate trustee or a trading subsidiary and otherwise satisfy the criteria for a large organisation then their corporate trustee and/or trading subsidiary will be subject to these new measures.
Even if your charity isn’t in scope, these measures indicate a wider push for stronger fraud controls across all sectors. It’s therefore a good reminder and opportunity to review your internal controls, train staff on fraud risks, and strengthen your governance. Even if your charity is not technically caught, the sector regulator expects trustees to have robust systems and processes in place to prevent fraud. And these must be kept up to date with emerging risks.
What do I need to do?
Under the Act, if your organisation can prove it had “reasonable procedures” in place to prevent fraud, or that it was not reasonable to expect such procedures given the circumstances, then it will not be guilty of the offence.
The government has issued guidance on what “reasonable procedures” might include, such as:
- Clear anti-fraud policies
- Staff training
- Risk assessments
- Reporting mechanisms, and
- Regular reviews of fraud controls.
You should review your policies and procedures now to ensure that they are fit for purpose and if you don't already have measures in place, or they are inadequate, you should take steps to implement them now so that they can be embedded ahead of 1 September 2025. Charities should assess the areas of their work which are at risk, and where activities expose them to threat. They must be able to show that they have done this.
If you would like help reviewing your policies and procedures or understanding the new offence, please get in touch.
This article is for general information only and reflects the position at the date of publication. It does not constitute legal advice.
