There has been a long-running debate about whether corporates can be properly held to account for criminal offences, or whether they are just too difficult to prove, using the current legal framework.
This has led the government to introduce a new corporate offence of Failure to Prevent Fraud – the 'corporate fraud offence' – which creates criminal liability for companies when a fraud offence is committed by a person associated with the company, in a way which will benefit the company.
A 'person associated with the company' is widely construed to include employees.
UK government plans to make businesses liable for employee fraud
Are your anti-bribery and anti-fraud policies up to scratch?
How the wrong company culture fosters employee fraud
The offence is strict liability. The defence available to the employer is to prove that it had reasonable prevention procedures in place at the time the fraud was committed or that it was reasonable to not have any procedures in place.
In practice, this will mean employers will need to implement systems and controls in relation to fraud prevention, detection and remediation.
A wide range of fraudulent conduct comes within the remit of the corporate fraud offence. These includes offences under the Fraud Act 2006, Theft Act 1968 and Companies Act 2006. Tax fraud is also included as is false accounting.
The breadth of fraudulent conduct covered by the offence means that prosecutions are more likely, and the reasonable procedures employers will need to initiate must be well thought out and meet all the risks.
At present, it is anticipated that the offence will only apply to large organisations. To qualify as 'large', an organisation must have satisfied two of the criteria in the financial year prior to the year in which the offence took place:
- more than £36 million in turnover
- more than £18 million in total assets
- more than 250 employees
However, employers of all sizes should be aware of the corporate fraud offence and what it may mean to their business. Fraud is the most commonly experienced crime in the UK and therefore a HR team is likely to have experienced it at some point in the lifecycle of their organisation.
However, this offence requires employers to distinguish between situations where they are the victims of fraud and where a person associated with them may have committed fraud for the benefit of himself at the organisation.
Employers of all sizes should use the introduction of the corporate fraud offence as an opportunity to carefully assess the risk of, and their response, to fraud, theft and tax evasion, according to the specific profile and activities of the business.
Introducing fraud prevention systems or leveraging existing procedures is key to ensure compliance, which can be tailored to the upcoming government guidance as to what constitutes 'reasonable procedures'.
However, it is anticipated that reasonable procedures will cover implementation of a risk assessment, executive level commitment and input, implementation of proportionate procedures, frequent training and regular review of systems and procedures.
Ramifications for HR teams
To reduce the risk of being prosecuted for a corporate fraud offence, employers will need to actively engage with their workforce. In particular, staff will need to be adequately trained, supervised and disciplined for anti-fraud policy breaches.
As a result, HR teams will likely be at the heart of its organisation's strategy to prepare for this new legislation.
HR teams would be wise to take some preparatory steps now. Some examples include:
- Taking stock of their current policies and procedures relating to fraud prevention and assessing whether they are still fit for purpose
- Developing a communications strategy for informing its workforce of the corporate fraud offence and any changes to policies/procedures as a result
- Developing new, or updating existing, internal compliance training for employees
- Identifying employees in high risk positions and considering whether additional training is required
- Reviewing and updating disciplinary procedures for breach by employees of the relevant fraud prevention policies
- Reviewing template employment contracts to check if any updates are required
Any policies, procedures or training implemented in anticipation of the corporate fraud offence will then need to be tailored to reflect any statutory guidance published.
Ruby Hamid is partner, corporate crime and investigations, at law firm Ashurst
