In September 2025, the UK’s new “failure to prevent fraud” offence will come into force. The new offence, introduced under the Economic Crime and Corporate Transparency Act 2023, marks a key step in the UK Government’s longstanding efforts to enhance the economic crime enforcement toolkit in the UK, and the offence will impose significant new obligations on a range of companies with UK touchpoints. In November 2024, the UK Government published detailed guidance on the new offence and the corresponding defence of “reasonable fraud prevention procedures” – please see our recent client alert with an analysis of this guidance here.
Healthcare and life sciences sector companies, in particular, will be heavily affected due to the intricate nature of their supply chain and the extensive interactions and reliance on third parties such as CROs, suppliers, and distributors. In this blog post, we have summarised key details of the offence for companies, and we have included details of Baker McKenzie’s forthcoming breakfast briefing event, to be held in London on Wednesday 15 January 2025. The event will feature a keynote speech from the UK Home Office’s Senior Policy Lead responsible for the recently-published UK Government guidance on the offence.
“Failure to prevent fraud”: key elements for the healthcare and life sciences sector
In summary, the new offence will make it easier to prosecute large companies if they “fail to prevent” the commission of specified fraud offences by those associated with them. Businesses found liable under the new offence can be subject to an unlimited fine. It will be a defence if an organisation can prove that it had in place “reasonable fraud prevention procedures”. The offence applies both to UK-based organisations and organisations based abroad, where there is a UK nexus.
The new offence comes into force on 1 September 2025, giving companies less than 9 months to get ready, including by conducting a fraud risk assessment and updating relevant compliance policies and procedures.
The UK Government’s guidance on “reasonable fraud prevention procedures” is structured around six key principles, which will be familiar to those that have also considered the UK offences of “failure to prevent bribery” (under the UK Bribery Act 2010) and “failure to prevent the facilitation of tax evasion” (under the Criminal Finance Act 2017). Namely, the guidance sets out suggested steps that companies should take in the following areas:
- Top level commitment
- Risk assessment
- Proportionate risk-based prevention procedures
- Due diligence
- Communication (including training)
- Monitoring and review
The following aspects of the offence and accompanying guidance may be of particular relevance to healthcare and life sciences organisations:
- Large organisations:
- The offence applies to large corporations and partnerships, meeting two out of three of the following criteria: (i) having over 250 employees; (ii) having a turnover of £36 million or more; and (iii) having assets of £18 million or more. In practice this may cover a significant proportion of healthcare and life sciences companies with UK touchpoints.
- Jurisdictional scope of offence:
- The jurisdictional scope of the offence is broad. The offence also applies to non-UK companies, if any relevant act has been committed in the UK or if the fraud has an impact on the UK.
- Scope of “associated persons”:
- The scope of “associated persons” under the legislation is also broad. Employees, agents and subsidiaries will automatically be considered as associated persons, meaning that organisations can automatically be liable for failing to prevent any relevant fraud committed by these parties with the intention to benefit the organisation (or a client or customer of the organisation). Other parties providing services for or on behalf of a relevant organisation can also be considered “associated persons”. A healthcare or life sciences company can therefore be directly exposed to liability if one of its third party marketing agents, CROs, suppliers or distributors engages in fraudulent conduct.
- The guidance specifies that organisations that are too small to be considered a “large organisation” under the criteria mentioned above may still be considered an associated person of a large organisation, capable of committing a base fraud offence. Similarly, employees of a subsidiary of a parent company that is a large organisation can bring the parent company within the scope of the offence if the employee commits a fraud intended to benefit the parent company.
- Underlying fraud offences: Under the legislation, there is a range of base fraud offences that can trigger liability under the “failure to prevent fraud” offence. This includes cheating the public revenue; fraud by false representation; fraud by failing to disclose information; false accounting; false statements by company directors; and aiding, abetting, counselling or procuring the commission or any of the above.
- Key risk areas for healthcare and life sciences companies: Major risk areas may include provision of fraudulent clinical trial data and/or making false representations regarding trial data and trial results from their CROs; dealings with public authorities; and representations made in investor filings and financial documentation. Greenwashing is also likely to be a key risk area for companies in the sector.
Baker McKenzie breakfast briefing
On Wednesday 15 January 2025, we are holding a breakfast briefing on the new offence in our London office near Liverpool Street Station. The briefing will feature a keynote speech from Dr Penny Dunbabin, Senior Policy Lead on Anti-Fraud for Business at the UK Home Office, who has led on the consultation for and drafting of the recently-published UK Government guidance that accompanies the new legislation. Dr Dunbabin will provide unique insights on how the UK Government’s guidance will apply to your businesses. The briefing will also include commentary from Baker McKenzie’s Investigations, Compliance & Ethics team, and an opportunity for Q&A at the end.
Many healthcare and life sciences companies – along with companies in other sectors – will be looking to conduct risk assessments in 2025, to assess the impact of the offence and consider what compliance enhancements need to be made. This breakfast briefing should provide important guidance in these areas.
If you would like to attend this event, please sign up here: Breakfast Briefing – Start the New Year Compliant: The New Failure to Prevent Fraud Offence