How businesses can survive the ECCTA crackdown

Corporate and Commercial

Lefteris Kallou
August 2025

Associate Lefteris Kallou discusses the continued rollout of the Economic Crime and Corporate Transparency Act 2023, offering guidance for businesses on how to ensure compliance amid the National Crime Agency’s economic crime crackdown, in FT Adviser.

Lefteris’ article was published in FT Adviser, 31 July, and can be found here.

The National Crime Agency (NCA) has revealed that 11,500 UK companies were struck off in the past year – the result of a coordinated, multi-agency clampdown. For company directors, the message is clear: now is the time to act. As the UK’s enforcement net tightens, the risk of becoming collateral damage is growing.

Much of this progress stems from the Economic Crime and Corporate Transparency Act 2023 (ECCTA), which has already bolstered the UK’s arsenal against corporate wrongdoing. The Act has not only sharpened the tools available to enforcement agencies, but also ushered in a new era of corporate transparency.

The ECCTA received Royal Assent on 26 October 2023. Building substantially on the foundations laid by the Economic Crime (Transparency and Enforcement) Act 2022, the Act’s wide-ranging reforms aim to significantly enhance the UK’s legal and regulatory framework to address financial crime and improving corporate accountability.

The Act is intended to deter fraud and money laundering, while increasing corporate accountability and strengthening the UK’s integrity as a place to do business. Companies now face new and more stringent compliance requirements, and law enforcement now have better tools to detect and tackle financial crime. The scope and impact of the Act is also increasing as new provisions are coming into force, such as the “failure to prevent fraud” offence, which is due to come into effect on 1 September 2025.

This offence will hold large organisations criminally liable if an “associated person” commits fraud intending to benefit the organisation, unless reasonable fraud prevention measures were in place.

Companies must therefore act swiftly to ensure compliance amid this rapidly evolving legal and regulatory landscape. An analytical, risk-based approach to compliance can help company directors and senior managers to understand the Act and how it applies to their companies. They can then take the necessary steps to ensure that their company is compliant.

Some of the key provisions of the Act include:

• Enhanced verification powers, mandatory director and PSC identity checks, and improved data-sharing with law enforcement.
• Greater powers to Companies House to check, query or reject information submitted to them and to request supporting evidence.
• Companies must confirm that their activities remain lawful each year in their annual confirmation statements and that the future activities of the company remain lawful.
• A requirement to have a valid registered address and email – with PO boxes prohibited.
• Stronger powers to seize criminal crypto-assets and tighter anti-money laundering rules for crypto businesses (tying in with the new Crypto-Asset Reporting Framework (CARF) which comes into force on 1 January 2026 requiring UK reporting crypto service providers to collect certain information and share this with HMRC).
• Mandatory beneficial owner disclosure for overseas entities owning UK property.

Reform of the identification principle

The Act’s reform of corporate criminal liability is significant. With changes to the identification principle, the Act replaces the traditional common law “directing mind and will” test, which required prosecutors to prove that senior individuals with ultimate decision-making authority were involved in criminal activity to hold a company liable.

The original test was widely criticised for being overly restrictive, especially in the context of large organisations with complex governance structures. It essentially made it very difficult – if not impossible – to hold senior managers liable for a company’s criminal actions.

Under the Act, a company can now be held criminally liable for economic crimes committed by a senior manager acting within the scope of their authority. The definition of a “senior manager” is now aligned with the Corporate Manslaughter and Corporate Homicide Act 2007, and it includes individuals who play significant roles in decision-making or managing substantial parts of the organisation’s activities. This broader definition applies to a broad range of economic crimes listed in Schedule 12 of the Act, including fraud, money laundering, bribery, and violations of financial services regulations.

The Act will make it far easier for prosecutors, such as the Serious Fraud Office (SFO), to hold corporations accountable for economic crimes. This tougher enforcement landscape is expected to have a chilling effect on rogue directors and managers who might otherwise turn a blind eye or worse.

Failure to prevent fraud

The second major criminal law reform contained in the Act is a new strict liability offence of failure to prevent fraud, due to come into force on 1 September 2025.

This offence applies to “large organisations”, which are defined as entities meeting at least two of the following criteria in the financial year preceding the offence:

1. Having over 250 employees
2. A turnover exceeding £36 million
3. Total assets above £18 million

It will become possible for such companies to be held liable for fraud committed by employees, agents, subsidiaries, or other “associated persons” intending to benefit the company or its clients unless the company can show that it had reasonable procedures in place to prevent such fraud.

This offence mirrors the “failure to prevent” framework established under the Bribery Act 2010 and the Criminal Finances Act 2017, emphasising a company’s responsibility to implement and maintain robust anti-fraud measures.

The defence of “reasonable procedures” further requires organisations to conduct risk assessments, implement policies and provide adequate staff training to mitigate fraud risks. The Home Office guidance outlines six compliance principles, including risk assessment, monitoring and review, and communication (including training), which again reflect existing guidance for bribery and tax evasion offences.

While its scope is extraterritorial, the forthcoming “failure to prevent fraud” offence hinges on a “relevant event” causing gain or loss in the UK. That means UK-based organisations or those with a UK connection can still face prosecution, even if the fraudulent conduct takes place abroad, as long as the effects are felt on British soil.

Companies House reforms

The Act is just one piece of a broader, multi-agency offensive against economic crime.
Notably, it has recast Companies House – once a passive registrar – as an active gatekeeper in the UK’s corporate enforcement regime.

Among the key reforms are:

Identity verification

From autumn 2025, all directors, members of Limited Liability Partnerships (LLPs), and Persons with Significant Control (PSCs) will be required to verify their identities.

Unless directly verified via Companies House, an Authorised Corporate Service Providers (ACSPs), such as accountants and solicitors registered for Anti-Money Laundering (AML) supervision, will facilitate this process. This measure aims to prevent the use of anonymous or fraudulent identities in corporate structures.

Increased investigative powers

Since March 2024, Companies House has had enhanced powers to query, analyse, and remove incorrect or suspicious information from its registers. It can also share data with enforcement agencies to support investigations into economic crime.

Stricter reporting requirements

Companies and LLPs must provide more detailed and accurate information about their ownership structures, including beneficial owners. Non-compliance can result in significant fines or criminal charges.

Registered email addresses

Companies are now required to maintain a registered email address for communication with Companies House, which will improve the efficiency and security of corporate filings.

These reforms aim to enhance the reliability of the Companies House register, reduce the risk of opaque corporate structures being used for illicit purposes, and align the UK with international transparency standards.

The UK’s wider crackdown on economic crime

The scale and coordination behind the UK’s corporate enforcement crackdown should not be underestimated.

The operation that led to 11,500 companies being struck off involved a formidable coalition of agencies: the National Crime Agency (NCA), Companies House, HM Revenue & Customs, the Insolvency Service, the Financial Conduct Authority, the Office for Professional Body Anti-Money Laundering Supervision (OPBAS), the Home Office, and police forces across the UK.

According to the NCA, the crackdown included a two-day blitz with officers from the Metropolitan Police, City of London Police, and South Wales Police, working alongside HMRC’s Economic Crime Supervision unit. The teams targeted high-risk business addresses, company formation agents, and directors suspected of being linked to shell or fraudulent entities.

During the operation, officers visited eleven premises linked to 30 high-risk trust and company service providers. They uncovered that many of these businesses had no genuine commercial activity, and that several company formation agents had breached their legal obligations.

Rachael Herbert, Director of the National Economic Crime Centre, further stated that money laundering fuels serious organised crime, adding that over £100 billion is laundered annually, much of which is facilitated by UK-registered companies.

The impact of the Act across multiple agencies should not be underestimated.

The recent Insolvency Service Annual Plan notably states that, “Tackling financial misconduct is an increasing focus this year. Our collaborative work with Companies House and DBT following the Economic Crime and Corporate Transparency Act will enhance our ability to take robust enforcement action in cases of corporate wrongdoing and increase the integrity of the corporate regime to support economic growth.” The service says that it will publish a new enforcement strategy, setting out enforcement objectives for the next five years, “in the context of growing demands and opportunities in the wake of the Economic Crime Acts.”

Implications for UK companies

The Act imposes significant new compliance obligations on businesses, particularly large organisations subject to the failure to prevent fraud offence. Companies must therefore educate themselves about the new requirements and conduct thorough risk assessments to identify risks associated with employees, agents, and subsidiaries.

It is vital that businesses implement proportionate policies and procedures to mitigate these risks, including financial controls and segregation of duties. Training of both senior managers and staff is vital. Companies should identify individuals who qualify as senior managers under the new identification principle and ensure they are aware of their responsibilities. Failure to comply could result in unlimited fines, reputational damage, and increased scrutiny from regulators.

If embraced proactively, the Act presents opportunities for companies to strengthen their anti-fraud efforts, reducing the risk of fraud reputational damage.  As the Act’s provisions are rolled out, ongoing monitoring, planning and adaptation of policies and practices will be essential. The Act is a landmark piece of legislation, and it has clearly been embraced by a wide range of UK governmental organisations, who are collaborating closely to reduce economic crime, improve transparency, and to enhance the UK’s position as a global leader in ethical business practices.

The true test of the Act lies in its enforcement and its ability to spark a lasting culture of corporate accountability in the UK.

So far, the signs are promising. The past year’s coordinated, multi-agency actions suggest that enforcement won’t just be effective – it will be robust and, at times, uncompromising. As more provisions of the Act come into force and enforcement strategies bed in across agencies, its reach and impact are set to grow even further.

UK company directors would be wise to take note: the crackdown on economic crime is not slowing down – and the risks of non-compliance are rising.

For more information on our corporate and commercial services click here, and for our dispute resolution services, please click here.