SAFE Welcomes New Security Management and Counter Fraud Technician

Section 199 of the Economic Crime and Corporate Transparency Act 2023 (ECCTA) introduced a new corporate offence that significantly raises the bar on fraud risk management. Large organisations can now be criminally liable if an employee, agent, or other associated person commits fraud for the organisation’s benefit—and the organisation did not have reasonable fraud prevention procedures in place. This is a strict liability offence. Prosecutors do not need to prove senior management knowledge or intent. If fraud occurs and the organisation cannot demonstrate an adequate prevention framework, liability follows. The only defence: reasonable procedures The sole statutory defence is that the organisation had reasonable procedures in place to prevent fraud, or that it was reasonable not to have such procedures. In practice, regulators have made clear that “reasonable” will be interpreted robustly. Organisations should be acting now to: Conduct a documented fraud risk assessment covering business models, revenue streams, incentive structures, third-party exposure, and jurisdictional risk. Design proportionate prevention controls aligned to identified risks, including financial controls, approval thresholds, segregation of duties, and oversight of agents and intermediaries. Set the tone from the top , with clear board ownership, senior accountability, and demonstrable commitment to fraud prevention. Implement targeted training and communications so employees and associated persons understand fraud risks, red flags, and reporting routes. Maintain monitoring, reporting, and review mechanisms , including whistleblowing channels, audits, and periodic reassessment as the business evolves. Evidence everything . Policies without implementation, or controls without records, will not support a defence.