A vibrant and dynamic corporate sector is a cornerstone of any successful economy, but some UK companies have been misused by criminals to commit fraud, money laundering, and other forms of economic crime. Now, the Economic Crime and Corporate Transparency Act (ECCTA) has been passed by Parliament, giving unprecedented powers to enforcement and regulatory agencies such as Companies House, the National Crime Agency and the courts, tightening rules and closing loopholes which have been exploited to facilitate criminal activity.

Companies House

One of the main objectives of the Act is to improve the quality of information on Companies House register. This includes:

  • removing invalid registered office addresses that may have been set up for fraudulent purposes;

  • carrying out verification checks to review the identities of people setting up companies and to stop criminals using false names; 

  • changing the public beneficial ownership registers to prevent the use of opaque companies to move and hide money.

Steps will also be taken to enhance the level of protection of personal information from fraud and other harm.

The courts

Judges will be given new powers to help them manage what are known as Strategic Lawsuits Against Public Protection (SLAPPs) involving economic crime.Changes have been made to corporate criminal liability which give prosecutors the power to hold companies liable for malpractice. A new criminal offence will be introduced called ‘failure to prevent fraud’ (see below)

The National Crime Agency

The National Crime Agency (NCA) will be getting additional powers. They can now require organisations to provide them with any suspected information related to money laundering or terrorist financing.


Cryptoassets are a store of value which can be transferred or exchanged digitally – probably the best known of these is Bitcoin. The NCA’s National Assessment Centre estimates that over £1 billion of illicit cash was transferred overseas using cryptoassets in 2021.

The Act will allow the police and the NCA to seize cryptoassets more easily and convert them into money before a forfeiture hearing has taken place.Additionally, where the circumstances are exceptional, agencies will have the power to destroy seized cryptoassets.

The Failure to Prevent Fraud offence

A major new development in the Act is the new offence of Failure to Prevent Fraud.
This has been developed from the ‘failure to prevent bribery’ offence under the Bribery Act 2010, and the “failure to prevent the facilitation of tax evasion” offence under the Criminal Finances Act 2017.

When it comes into force, it will apply to larger companies and partnerships (including parent companies) that meet at least 2 of the following criteria:

  • more than 250 employees;

  • a turnover of more than £36 million;

  • over £18 million in total assets.

These criteria will be based on the financial year before the fraud offence took place.
Under this offence, a business will be liable if it fails to prevent fraud where:

  • an associated person commits the fraud offence, and

  • the fraud will benefit the company or individual.

What is an associated person?

This is an employee or anyone who carries out services on behalf of the organisation.
Organisations based overseas can also be prosecuted if an associated person commits this offence under UK law or specifically targets UK people.

The identification doctrine

Another important update in the Act will be made to what is known as the identification doctrine. This refers to the law on how the actions of certain senior personnel in a company can lead to that company having criminal liability for those actions.

The Act has broadened the range of employees who can trigger that liability. Previously, a company could only be found guilty if an individual who represented the company’s ‘directing mind and will’ possessed the requisite “mens rea” or state of mind (such as intent, recklessness or dishonesty).

This definition often led to large companies using complex management structures so that it was difficult for prosecutors to precisely define who was liable.

Now, under Section 196 of the ECCTA, a company or partnership will have committed an economic crime offence if that offence has been committed with the involvement of a senior manager.

The definition of “senior manager” is the one that can be found in Section 1, paragraph 4c of the Corporate Manslaughter and Corporate Homicide Act 2007.

Together with the “failure to prevent” offences, this will make it easier for regulators to bring prosecutions against business for economic crime offences.

Things to consider

Under the new Act, it will be much easier for prosecutions to be brought against companies for failing to prevent fraud. Policies and procedures currently in place will likely no longer be fit for purpose and will need to be revisited and revised, ideally with advice and guidance from legal experts.

Training will be needed for all relevant employees to raise awareness. That training needs to be refreshed and revisited often; new employees need to have undergone training and it will need to be updated to take into account changes in the law, such as the new Act and its provisions.

What you need to do now

Although the Act is now law, not all of its measures will come into force immediately. Many of them will need to be developed by secondary legislation before they’re introduced, so it will be a while before they come into force.

However, other measures will come into force sooner.
These include:

  • Greater powers to query information. Companies House will be able to scrutinise and reject information that seems incorrect or inconsistent with information already on the register. In some cases, they will be able to remove information altogether.

  • Stronger checks on company names.

  • New rules for registered office addresses which will mean all companies must have an appropriate address at all times. Companies will not be able to use a PO Box as their registered office address.

  • A requirement for all companies to supply a registered email address.

  • A requirement for all companies to confirm they’re forming the company for a lawful purpose when they incorporate. Every year, the company will need to confirm that its future activities will be lawful on their confirmation statement.

  • Annotations on the register to let users know about potential issues with the information that’s been supplied.

  • Taking steps to clean up the register, using data matching to identify and remove inaccurate information.

  • Sharing data with other government departments and law enforcement agencies.

Companies House say that they expect these measures to come into force in early 2024. It is therefore important that businesses take advice as soon as possible from an expert in Commercial Law.