Facing the Fraud Challenge: How UK Charities Must Adapt to the New Failure to Prevent Fraud Offence

I. The Failure to Prevent Fraud Offence

A charity will be in scope of the new failure to prevent fraud offence if they meet two of the three following criteria:

• • More than 250 employees
  • More than £36 million turnover
  • More than £18 million in total assets

These criteria will apply to the charity as a whole, and the calculation of the thresholds listed above includes any of the charity’s subsidiaries.

In circumstances where the thresholds aren’t met and the regulations don’t apply directly to a charity or other non-profit (or even a commercial entity), these organisations may still be impacted by these new requirements, for example if they contract with a charity who is in scope. Such in scope charities may seek to discharge their burden by requiring their suppliers and/or subcontractors to provide a declaration that they will comply with the new requirements and will indemnify the charity in the event of non-compliance.

The offence will be committed if a person associated with the charity (i.e. an agent, a subsidiary, or an employee) commits a fraud offence intending to benefit the charity or its clients.

The fraud offences covered include:^[1]

• • Fraud by false representation
  • Fraud by failing to disclose information
  • Fraud by abuse of position
  • Participation in a fraudulent business
  • Obtaining services dishonestly
  • Cheating public revenues
  • False accounting
  • False statements by company directors
  • Fraudulent trading

The offence covers an intention to benefit, which means it may be possible for the offence to be committed where there is no actual benefit received. The benefit may also be non-financial, and in the charitable sector could take a variety of forms including a recognition from an organisation, promotion of a charity or any other general benefit.

The offence extends to the extra-territorial conduct of a multinational organisation where one of the acts to commit the fraud took place in, or the victims targeted were in the UK. Therefore, multinational charities should be particularly vigilant, as they could face prosecution for fraudulent activities committed by their employees in other countries.

II. Defence of Reasonable Fraud Prevention Procedures 

Charities will have a valid defence if they can demonstrate they have reasonable fraud prevention procedures in place.

On 18 August 2025, the Crown Prosecution Service published updated guidance to assist corporations (including charities) in protecting themselves from being held criminally liable were one of their employee’s or agents committed a fraud offence to their benefit.^[2]

The government guidance sets out six principles that organisations are expected to follow and provides useful context for what is expected of charities: 

1. Top Level Commitments – The responsibility for the prevention and detection of fraud rests with those who govern the charity. This will include board of directors, partners and senior management who must be committed to prevent associated persons from committing fraud. These include:

• • • • Ensuring that there is clear governance across the organisation in respect of the fraud prevention framework.
      • Consistently communicating and endorsing a commitment to reject fraud.
      • Having effective whistleblower procedures for employees to report fraud and establishing investigation procedures to look into any alleged fraud.
      • Self-reporting in a timely and detailed manner any fraud offences committed.

2. Risk Assessments – A proactive approach to risk management should be adopted by regularly assessing and updating their exposure to fraud risks.

3. Risk Based Fraud Prevention Procedure – A charity should develop compliance strategies that are tailored to their specific organisational structure and the level of control they have over their employees. This ensures that prevention procedures are both effective and reasonable. Charitable organisations should consider departments which may be more at risk and have robust fraud prevention plans for these, for example, financial departments.

4. Due Diligence – Charitable organisations should consider due diligence of both employees and agents they work with. This could include: 

• • • • Leveraging technology to enhance fraud prevention efforts, such as utilising third-party risk management tools, screening tools, and conducting internet searches.
      • Reviewing contracts with service providers to include obligations that require compliance with fraud prevention measures.
      • Monitoring the well-being of staff and agents to identify individuals who may be susceptible to committing fraud.

5. Communication – Fraud prevention policies and procedures are effectively communicated. This can be achieved through:

• • • • Regular training sessions to keep staff updated on the latest fraud prevention techniques and legal requirements.
      • Embedding fraud prevention measures into their organisational ethos, developing a culture of preventing fraud.

6. Monitor and Review – Charities should regularly monitor and review their fraud detection and prevention procedures to ensure they remain effective and relevant. This ongoing process helps in identifying any weaknesses or areas for improvement. Keep detailed records of any assessments, monitoring and discussions which could be helpful supportive evidence that fraud prevention procedures are in place and are being followed.

III. Penalties 

Charities found guilty of the new offence will be subject to a fine at the discretion of the Court, which will consider all the circumstances of the case, and the impact that a fine may have on the organisation’s charitable function.

In addition to the obligations created under this Act, where an individual, agent, or employee commits fraud that doesn’t and isn’t intended to benefit the charity itself, the individual will nevertheless still face criminal and civil liability personally and the charity and/or its trustees may also be liable to varying degrees if they facilitated or failed in their charitable duties to prevent the fraud.

Accordingly, it is important that charities protect themselves from liability by implementing robust fraud prevention policies and procedures. In doing so, larger charities must demonstrate they have taken all reasonable steps to mitigate fraud risks.

IV. Conclusion 

The introduction of failure to prevent fraud offence is a meaningful step forward in the challenge against preventing fraud. By expanding the duties on charities to prevent fraud, and capturing international subsidiaries within its scope, the legislation enhances the need for charities to hold their employees, agents, and subsidiaries to account.

As the new legislation comes into force this September, charities should continue to review and develop their current fraud prevention strategies, ensuring they have developed adequate and proportionate measures against fraud to benefit from any defence required.

Crowell would like to thank Harvey Hill for his contribution to this alert.