The introduction of the ‘failure to prevent fraud' offence, effective from 1 September 2025 under the Economic Crime and Corporate Transparency Act 2023 (“ECCTA”), represents a significant shift in the UK’s corporate compliance landscape. Under the legislation, large organisations will face strict liability where an associated person commits a specified fraud offence for the organisation’s benefit, unless they can demonstrate that reasonable fraud prevention procedures were in place at the relevant time.
ECCTA and its accompanying guidance define an associated person as anyone performing services for, or on behalf of an organisation, including employees, agents, and subsidiaries. Specified fraud offences include fraud by false representation, abuse of position, and obtaining services dishonestly, committed with the intent to benefit the organisation or its clients.
ESG disclosures and fraud risk
This development is particularly relevant in the context of Environmental, Social and Governance (“ESG”) disclosures. ESG reporting has evolved from a voluntary exercise into both a legal obligation and a reputational imperative. The volume of such disclosures has been steadily growing and is set to increase further for some organisations, with the UK currently consulting on the introduction of UK Sustainability Reporting Standards.
Against this backdrop, the risk of greenwashing making inaccurate or misleading sustainability claims is under growing scrutiny. Such misleading ESG statements may constitute fraud by false representation under section 2 of the Fraud Act 2006.
Examples include:
- marketing a product or service as ‘green’ or ‘carbon neutral’ without substantiating evidence;
- overstating ESG credentials in investor presentations to secure capital or favourable terms; and
- publishing forward-looking ESG targets in strategic reports that are knowingly unrealistic or unsupported.
To date, enforcement action for false sustainability claims has largely focused on regulatory intervention. However, ECCTA significantly raises the stakes. If such representations are made dishonestly and with intent to gain, whether investment, market share or reputational advantage, they may constitute fraud under the Fraud Act 2006, triggering the failure to prevent fraud offence. This could result in corporate criminal liability where the organisation lacks adequate fraud controls.
Section 463 Companies Act 2006
Directors may take limited comfort in the protections afforded under the Companies Act 2006 (“CA 2006”). This section provides a liability shield in respect of certain corporate publications, including:
- the directors’ report (including the strategic report);
- the directors’ remuneration report; and
- summary financial statements.
Under section 463, directors are liable to compensate the company (not third parties) for loss arising from an untrue or misleading statement, omission, or dishonest concealment of a material fact, if made knowingly or recklessly.
While applicable to all companies required to prepare these reports, section 463 is particularly relevant to quoted companies, which face more extensive reporting obligations under Part 15 of the CA 2006. Their strategic reports often contain forward-looking statements especially around ESG targets, financial forecasts and risk factors heightening exposure to shareholder scrutiny and reputational risk. Notably, the protection does not extend to reckless or dishonest statements, which may still give rise to civil or criminal liability.
Directors’ duties in the post-ECCTA environment
The CA 2006 imposes statutory duties on directors to promote the success of the company for the benefit of its members (under section 172) and to exercise reasonable care, skill and diligence (under section 174). Application of these duties now encompasses oversight of fraud risk management and ESG governance. Non-executive directors must satisfy themselves that internal controls are robust and that ESG claims are substantiated and verifiable.
Key takeaways
The convergence of ESG accountability and corporate criminal liability under ECCTA demands proactive governance, transparency and risk mitigation, and Boards must approach ESG disclosures with the same level of rigour as financial reporting. The consequences of failure extend beyond reputational harm to potential criminal sanction. All sustainability claims should be evidence-based, verifiable, and subject to internal audit, with legal teams applying the same scrutiny as they would to financial disclosures.
Our content explained
Every piece of content we create is correct on the date it’s published but please don’t rely on it as legal advice. If you’d like to speak to us about your own legal requirements, please contact one of our expert lawyers.