UK Compliance 2025: "Failure to Prevent Fraud" – New Requirements for German Companies

What internationally active companies with UK connections need to know now

Skyline of the London city at sunset with modern office buildings – symbol for UK Business Law, compliance, and financial hub
Skyline of the London city at sunset with modern office buildings – symbol for UK Business Law, compliance, and financial hub
Skyline of the London city at sunset with modern office buildings – symbol for UK Business Law, compliance, and financial hub
Karl-Heinz Schwindt, Rechtsanwalt (Attorney at Law) and Head of Corporate & Compliance

Attorney Head of Corporate & Compliance Arbitrator (DIS, ICC)

August 19, 2025

Original language

German

At the end of 2023, the United Kingdom passed the "Economic Crime and Corporate Transparency Act 2023" (ECCTA), a comprehensive reform package to combat economic crime and enhance corporate transparency. The aim of this legislation is a more effective fight against fraudulent acts and fraud-related offenses committed within or in a corporate context, strengthening compliance structures, and reforming the corporate registry (Companies House).

Particularly relevant for German companies: On 1 September 2025, a new corporate criminal offense will come into force in the UK – with significant need for action for German companies with subsidiaries, joint ventures, or business relationships in or with the UK.

  1. Increased Liability: "Failure to Prevent Fraud"

As of 1 September 2025, a new corporate criminal offense will be introduced under ECCTA:

"Failure to Prevent Fraud" – neglect of fraud prevention by companies.

This affects large corporations and partnerships that operate economically in the UK or with a UK connection. Business or customer relationships in or with the UK are sufficient for this purpose.

A formal or physical presence in the UK (e.g., headquarters, subsidiary, or branch) is not required.

  • The company's criminal liability is strict liability:
    It is sufficient if a person associated with the company (e.g., employee, representative, subcontractor, distributor) commits certain fraud or fraud-like offenses (e.g., breach of trust, embezzlement) to benefit this company or an affiliated company.

  • The company is liable if it lacks adequate procedures or measures for fraud prevention.

  • Possible Penalty: Unlimited fines, confiscation of profits from affected transactions, significant reputational damage.

  • Only Defense: "Reasonable Procedures Defense" – The company must be able to demonstrate that it has adequate prevention measures.

Scope independent of the company's location

The criminal offense applies to companies that exceed at least two of the following three thresholds:

  • Annual turnover of more than GBP 36 million,

  • Balance sheet total over GBP 18 million,

  • more than 250 employees.

These thresholds must always be examined at the group level and apply regardless of the location of the respective company or corporate group. Even small companies can fall under the law if the affiliated corporate group meets the criteria.

Relevance for German companies above the thresholds

The criminal offense has extraterritorial effect, meaning:

Even companies based in Germany, even if they do not have a subsidiary, branch, or other formal presence in the UK, can be affected. Likewise, acts committed outside the UK can be covered.

All that is required is a sufficient UK connection, for example:

  • Business or trade relationships in or with the UK, e.g., through license partners, distributors, or importers, or

  • Joint ventures/partnerships with companies in the UK, or

  • corporate interests in the UK, and

  • actions towards UK customers or with regard to assets in the UK.

Relevance for German companies below the thresholds

Even if the thresholds are not exceeded, the criminal offense can be factually significant for companies:

  • Contractual requirements from large business partners
    In cooperation with larger companies, in the supply chain, as JV partners or suppliers in corporate structures with a UK connection, "Fraud Prevention" clauses may be imposed by them as a contractual obligation or passed on.

  • Expectations of banks, investors, and regulatory authorities

  • Alignment with international compliance benchmarks – for example, in negotiations, compliance clauses, or risk assessment by business partners.

Conclusion: Even German companies without a formal presence in the UK but with relevant UK business contacts should act preventively – for example, by reviewing distributor compliance, training, and contract design.

  1. Expansion of Corporate Liability: "Senior Manager Test"

Already in effect is the fundamental reform of the British model of attributing crimes within companies (since December 2023):

Not only the actions or omissions of directors or managing directors but also those of senior employees below executive level ("Senior Manager"), e.g., department heads with budget or personnel responsibility, can now be attributed to the company.

Consequence: A company can thus be criminally liable if such a "Senior Manager" commits a crime in the context of their duties – or tolerates, supports, or initiates it.

Conclusion: This increases the importance of effective compliance structures even at middle management level – particularly in business groups with cross-border leadership responsibilities.

  1. Transparency Requirements & Companies House

The role of Companies House, the UK's corporate registry, is being significantly strengthened.

The reforms affect, among other things:

  • Identity checks for directors and beneficial owners of UK companies,

  • additional reporting requirements for certain business models,

  • stricter criminal provisions for violations.

These requirements are already partially in place and are to be fully implemented by 2026 at the latest.

German companies with property or subsidiaries in the UK must also prepare for stricter disclosure obligations.

Recommendations for UK Compliance

Conduct Risk Analysis & Assessment: Check whether the thresholds are met on a group level; identify, assess, and document potential risk areas with a UK connection.

Review and Adjust Compliance Management System: Examine existing fraud prevention measures and optimize if necessary.

Adjust Policies & Processes: Adapt or implement anti-fraud policies, due diligence processes, internal control mechanisms

Training & Awareness: Introduce target-group specific training and guidance notes for executives ("Senior Manager") and employees with UK connections.

Review and Supplement Contractual Documents/Compliance Clauses: Systematically integrate "Fraud Prevention" clauses.

Documentation: Careful and comprehensible recording of all implemented measures as evidence of defense.

Monitor Further Implementation of the ECCTA: Track developments, particularly concerning disclosure obligations and potential additional duties.

Do you have questions on this topic or need support with implementation?
We specialize in International Business Law, Corporate Law, Compliance, and Contract Management.
Schedule a free initial call now!

INN.LAW Insight & Updates

Plain language in business law – clear, practical, actionable.

We use your email address solely for sending our newsletter. You can unsubscribe at any time. For more information, please refer to our Privacy Policy.

INN.LAW Insight & Updates

Plain language in business law – clear, practical, actionable.

We use your email address solely for sending our newsletter. You can unsubscribe at any time. For more information, please refer to our Privacy Policy.

INN.LAW Insight & Updates

Plain language in commercial law –
understandable, practical, actionable.

We use your email address solely for sending our newsletter. You can unsubscribe at any time. For more information, please refer to our Privacy Policy.