Where are we now with Company Law reforms under the Economic Crime and Corporate Transparency Act 2023 (ECCTA)?
Insight

The Economic Crime and Corporate Transparency Act 2023 (ECCTA) is part of a legislative package aimed at preventing the abuse of UK corporate structures and tackling economic crime. It builds on the introduction of the Economic Crime (Transparency and Enforcement) Act 2022 which provides for the creation and maintenance of a register of beneficial owners of overseas entities that own property in the UK (the ROE). Read more about this here and here.
Since the ECCTA received Royal Assent in October 2023 it has started to introduce significant reforms to company law and Companies House powers, as considered in our overview of the reforms here. Most of the provisions, however, are not yet in force and implementation of the legislation is being staggered over a number of years, with the first set of substantive changes introduced on 4 March 2024 (we discussed these in our March briefing).
Further commentary and guidance has been published in the last month so we have set out below the Government’s current approach and timeframe for bringing more ECCTA provisions into force.
When will the failure to prevent fraud offence come into force?
One of the next reforms to be implemented will be the new failure to prevent fraud offence. Under this offence, organisations may be held responsible if any of their associates commit one of the specified fraud offences with the intent to benefit the organisation, or any person to whom they provide services on the relevant body’s behalf. An associate would include an employee or person associated with the organisation, which could extend to third parties and agents. A defence will be available where the organisation has put in place appropriate and adequate fraud prevention procedures.
The provision applies to corporate entities, subsidiaries and partnerships which meet two of the three following criteria:
- More than 250 employees
- More than £36 million turnover
- More than £18 million in assets (which includes subsidiaries)
It will also apply to overseas based organisations if an associate commits the fraud under UK law or is targeting UK victims. Individuals, however, cannot be held liable for employee fraud under this offence but may be prosecuted under existing laws.
The new offence encompasses the fraud and false accounting offences most likely to be relevant to corporations, such as fraud by failing to disclose information, false statements by company directors, false accounting, money laundering and tax evasion. In addition, a company will be liable if an associate is found to be aiding and abetting another person committing one of these offences. Crucially, organisations should be aware that if convicted, they could land a potentially unlimited fine.
But before the offence enters into force, the Government will be publishing guidance with more information on the nature and scope of adequate and reasonable procedures. The guidance is set to be published in late 2024 or early 2025 and is likely to be followed by an implementation period. Based on this, the offence is likely to come into force in mid to late 2025.
When will identity verification (IDV) be introduced?
One of the most significant changes will be the introduction of an IDV regime, requiring all directors and people with significant control (PSCs), as well as individuals such as LLP members, partners, and those filing documents at Companies House on behalf of others, to formally verify their identity (see our briefing here for an analysis of the IDV process).
On 16 October 2024, Companies House published the ECCTA transition plan which sets out a rough timeframe for the implementation of the IDV regime. From Autumn 2025, IDV will be compulsory for new company incorporations and appointments of new directors and PSCs to existing companies. There will be a 12-month transition period from that point for all existing directors and PSCs who must complete IDV when filing their next annual confirmation statement. More secondary legislation and upgrades to Companies House systems and processes are required before this regime can be introduced.
The transition plan also sets out, amongst other things, that Companies House expects to allow access to trust information on the ROE on request by Summer 2025. However, it is not yet in a position to confirm the proposed timeframe for implementing other reforms such as software only accounts filing.
What else has changed since Summer 2024?
In our June briefing, we considered the Department for Business and Trade’s ECCTA progress report and some of the draft rules and regulations published by Companies House and the government, respectively.
In the last month, Companies House has also published an enforcement policy and guidance on its approach to issuing financial penalties for non-compliance. Under the ECCTA, Companies House was given powers to issue civil penalties to avoid starting criminal proceedings for all instances of non-compliance. The policy states that Companies House has several options regarding enforcement: it can impose financial penalties, seek court orders to secure compliance, launch full criminal proceedings and/or seek director disqualification orders. The action Companies House takes must, however, be proportionate and targeted and have regard to economic growth and the impact on businesses. The guidance sets out what financial penalties can be issued, how they are calculated and the process that must be followed by Companies House, including issuing warning notices and when a corporate can appeal such penalty.
Comment
In preparation, large organisations that will be in scope of the failure to prevent fraud regime need to start engaging with how they will meet the requirement of having “reasonable procedures in place to prevent fraud”. Many organisations will already have procedures in place and in certain limited circumstances it will be considered reasonable not to have fraud prevention in place. That said, the reforms are imminent, and it makes sense for organisations to review their fraud prevention strategies such as auditing fraud risk, stress testing existing systems and processes, and updating fraud training.
Timing for implementation of all of these provisions is subject to Parliamentary time and will be kept under review. We will continue to monitor developments in the coming months.
This publication is a general summary of the law. It should not replace legal advice tailored to your specific circumstances.
© Farrer & Co LLP, October 2024