1. Home
  2. |Insights
  3. |Facing the Fraud Challenge: How UK Charities Must Adapt to the New Failure to Prevent Fraud Offence

Facing the Fraud Challenge: How UK Charities Must Adapt to the New Failure to Prevent Fraud Offence

What You Need to Know

  • Key takeaway #1

    From 1 September 2025, charities (alongside other organisations) who meet the criteria may be criminally liable for the act of an employee, agent or subsidiary who commits fraud intending to benefit the charity. The new failure to prevent fraud offence (the “offence”) is created by the Economic Crime and Corporate Transparency Act 2023 (the “Act”).

  • Key takeaway #2

    A charitable organisation of a certain size and/or who have significant turnover or assets will be within the scope of the Act. We include further details about these thresholds below. For charities which don’t meet the criteria, if they work with larger organisations, they may have contractual requirements imposed on them regarding the offence.

  • Key takeaway #3

    By making senior managers and board members accountable for the acts of those they supervise and engage, the onus has shifted towards charities being required to take an active stance against fraud within their own structures. Charities should be actively thinking about implementing and improving fraud prevention procedures.

  • Key takeaway #4

    By tackling the issue at the business level, this should reduce the need for charities to engage in costly litigation which can result in the diversion of charitable funds from the causes they seek to serve.

Client Alert | 6 min read | 09.01.25

I. The Failure to Prevent Fraud Offence

A charity will be in scope of the new failure to prevent fraud offence if they meet two of the three following criteria:

    • More than 250 employees
    • More than £36 million turnover
    • More than £18 million in total assets

These criteria will apply to the charity as a whole, and the calculation of the thresholds listed above includes any of the charity’s subsidiaries.

In circumstances where the thresholds aren’t met and the regulations don’t apply directly to a charity or other non-profit (or even a commercial entity), these organisations may still be impacted by these new requirements, for example if they contract with a charity who is in scope. Such in scope charities may seek to discharge their burden by requiring their suppliers and/or subcontractors to provide a declaration that they will comply with the new requirements and will indemnify the charity in the event of non-compliance.

The offence will be committed if a person associated with the charity (i.e. an agent, a subsidiary, or an employee) commits a fraud offence intending to benefit the charity or its clients.

The fraud offences covered include:[1]

    • Fraud by false representation
    • Fraud by failing to disclose information
    • Fraud by abuse of position
    • Participation in a fraudulent business
    • Obtaining services dishonestly
    • Cheating public revenues
    • False accounting
    • False statements by company directors
    • Fraudulent trading

The offence covers an intention to benefit, which means it may be possible for the offence to be committed where there is no actual benefit received. The benefit may also be non-financial, and in the charitable sector could take a variety of forms including a recognition from an organisation, promotion of a charity or any other general benefit.

The offence extends to the extra-territorial conduct of a multinational organisation where one of the acts to commit the fraud took place in, or the victims targeted were in the UK. Therefore, multinational charities should be particularly vigilant, as they could face prosecution for fraudulent activities committed by their employees in other countries.

II. Defence of Reasonable Fraud Prevention Procedures 

Charities will have a valid defence if they can demonstrate they have reasonable fraud prevention procedures in place.

On 18 August 2025, the Crown Prosecution Service published updated guidance to assist corporations (including charities) in protecting themselves from being held criminally liable were one of their employee’s or agents committed a fraud offence to their benefit.[2]

The government guidance sets out six principles that organisations are expected to follow and provides useful context for what is expected of charities: 

1. Top Level Commitments  The responsibility for the prevention and detection of fraud rests with those who govern the charity. This will include board of directors, partners and senior management who must be committed to prevent associated persons from committing fraud. These include:

        • Ensuring that there is clear governance across the organisation in respect of the fraud prevention framework.
        • Consistently communicating and endorsing a commitment to reject fraud.
        • Having effective whistleblower procedures for employees to report fraud and establishing investigation procedures to look into any alleged fraud.
        • Self-reporting in a timely and detailed manner any fraud offences committed.

2. Risk Assessments  A proactive approach to risk management should be adopted by regularly assessing and updating their exposure to fraud risks.

3. Risk Based Fraud Prevention Procedure A charity should develop compliance strategies that are tailored to their specific organisational structure and the level of control they have over their employees. This ensures that prevention procedures are both effective and reasonable. Charitable organisations should consider departments which may be more at risk and have robust fraud prevention plans for these, for example, financial departments.

4. Due Diligence  Charitable organisations should consider due diligence of both employees and agents they work with. This could include: 

        • Leveraging technology to enhance fraud prevention efforts, such as utilising third-party risk management tools, screening tools, and conducting internet searches.
        • Reviewing contracts with service providers to include obligations that require compliance with fraud prevention measures.
        • Monitoring the well-being of staff and agents to identify individuals who may be susceptible to committing fraud.

5. Communication  Fraud prevention policies and procedures are effectively communicated. This can be achieved through:

        • Regular training sessions to keep staff updated on the latest fraud prevention techniques and legal requirements.
        • Embedding fraud prevention measures into their organisational ethos, developing a culture of preventing fraud.

6. Monitor and Review  Charities should regularly monitor and review their fraud detection and prevention procedures to ensure they remain effective and relevant. This ongoing process helps in identifying any weaknesses or areas for improvement. Keep detailed records of any assessments, monitoring and discussions which could be helpful supportive evidence that fraud prevention procedures are in place and are being followed.

III. Penalties 

Charities found guilty of the new offence will be subject to a fine at the discretion of the Court, which will consider all the circumstances of the case, and the impact that a fine may have on the organisation’s charitable function.

In addition to the obligations created under this Act, where an individual, agent, or employee commits fraud that doesn’t and isn’t intended to benefit the charity itself, the individual will nevertheless still face criminal and civil liability personally and the charity and/or its trustees may also be liable to varying degrees if they facilitated or failed in their charitable duties to prevent the fraud.

Accordingly, it is important that charities protect themselves from liability by implementing robust fraud prevention policies and procedures. In doing so, larger charities must demonstrate they have taken all reasonable steps to mitigate fraud risks.

IV. Conclusion 

The introduction of failure to prevent fraud offence is a meaningful step forward in the challenge against preventing fraud. By expanding the duties on charities to prevent fraud, and capturing international subsidiaries within its scope, the legislation enhances the need for charities to hold their employees, agents, and subsidiaries to account.

As the new legislation comes into force this September, charities should continue to review and develop their current fraud prevention strategies, ensuring they have developed adequate and proportionate measures against fraud to benefit from any defence required.

[1] Home Office Guidance: Economic Crime and Corporate Transparency Act 2023: Guidance to organisations on the offence of failure to prevent fraud published 6 November 2024, Section 2.2 Types of fraud covered by the offence.

[2] https://www.cps.gov.uk/legal-guidance/corporate-prosecutions

Insights

Client Alert | 4 min read | 08.29.25

Gender-Affirming Care Targeted for Potential False Claims Act Enforcement

On August 19, 2025, the Office of Personnel Management (OPM) informed insurers participating in the Federal Employees Health Benefits or Postal Service Health Benefits programs that gender-affirming care would no longer be covered for federal workers starting in 2026. This coverage decision is the Trump Administration’s latest action stemming from Executive Order 14187 which aims to prevent certain treatments, such as gender-affirming hormone therapy, surgeries, and puberty blockers for those under the age of 19. As previously discussed, the Administration has also signaled its intent to use various law enforcement tools against gender-affirming care, including  Section 5 of the Federal Trade Commission Act to police false or unsupported claims by medical professionals about gender-affirming treatments....