Fraud is a growing concern for the charity sector. New legislation coming into force in 2025 will place greater responsibility on larger organisations to put preventative measures in place or risk criminal liability.
Whether your charity has received an alert from the Charity Commission or not, now is the time to assess your readiness.
This article explains what the upcoming 'failure to prevent fraud' offence means for charities, who it applies to, and the practical steps trustees and senior management should now be considering.
What is the 'Failure to Prevent Fraud' offence?
From 1 September 2025, the Economic Crime and Corporate Transparency Act 2023 introduces a new corporate offence: failure to prevent fraud.
Under this law, a charity may be held criminally liable if an employee, agent, or other 'associated person' commits fraud for the benefit of the organisation (or, in some cases, its clients) and the charity did not have reasonable fraud prevention procedures in place at the time. Importantly, the organisation does not need to have actually received the benefit of the fraud for the offence to be applicable. An intent to benefit is enough.
Who does the offence apply to?
This new offence applies only to incorporated charities that meet at least two of the following criteria:
- have more than 250 employees;
- generate £36 million or more in turnover; or
- have assets totalling £18 million or more.
These thresholds are based on the charity's financial year immediately preceding the fraudulent offence and apply to the entire organisation, including any subsidiaries.
What are the legal implications?
One of the new offence's most notable features is that it does not require knowledge or involvement from trustees, directors, or members. In other words, even if the board was unaware of the fraudulent conduct, the charity itself can still be held criminally liable if proper safeguards were not in place.
However, individuals within the organisation will not be personally liable unless they themselves committed fraud.
Why is this change being introduced?
The primary aim of the legislation is to:
- Improve accountability within organisations for fraudulent acts committed by its employees, agents or 'associated persons';
- Encourage organisations to implement and review fraud prevention systems actively; and
- Deter associated persons from engaging in fraudulent conduct.
Charities are entrusted with public and donor funds, so protecting those resources is vital to maintaining public confidence.
What should charities be doing now?
The Charity Commission strongly encourages charities falling within the scope of this offence to prepare well before the 2025 implementation date. Recommended steps include:
1. Review and risk assessment
Conduct a comprehensive fraud risk assessment. Pay particular attention to:
- areas of high risk in your operations (e.g., procurement, grant distribution, fundraising); and
- the likelihood of opportunity, motive, and rationalisation within your charity.
2. Proportionate prevention procedures
Develop and implement policies and internal controls that are proportionate to your risk level. These may include:
- segregation of duties in financial processes;
- enhanced due diligence on partners, agents, and third parties; and
- anti-fraud training for all staff and volunteers.
3. Board and senior management commitment
Set the tone from the top. The commitment of trustees and leadership is essential to embed a culture of prevention.
4. Communication and training
Ensure your internal policies are clearly communicated. Run regular training and awareness sessions for all levels of staff, especially those in financial or operational roles.
5. Monitoring and ongoing review
Keep your fraud prevention policies under regular review and ensure they are updated in response to changing risks, new regulations, or emerging threats.
Whilst it is recommended that organisations consider the above, it is not an exhaustive list. Organisations need to adopt measures that best suit their needs, as should a situation arise that may trigger the offence, it is up to them to prove they had reasonable procedures in place at the time to prevent such behaviour.
Practical tips for smaller or unincorporated charities
Even if your charity doesn't meet the criteria for the new offence, fraud prevention remains essential. All charities should:
- have basic internal financial controls in place;
- ensure a clear reporting process for suspected fraud;
- consider appointing a designated fraud officer or contact and
- refer to the Charity Commission's guidance on tackling fraud.
Where can I find more guidance?
The UK Home Office has published detailed guidance on how to comply with the new offence. You can access it here:
We also recommend reviewing the Charity Commission's collection of fraud prevention resources.
Final thoughts: time to act
If your charity is likely to be affected by this legislation, the time to act is now. The legal implications are significant, and organisations will need to demonstrate they took reasonable steps to prevent fraud before any wrongdoing occurs.
If you would like help assessing your current policies or implementing appropriate procedures, please contact our charity law team.
This information is for guidance purposes only and does not constitute legal advice. We recommend you seek legal advice before acting on any information given.
