Failure to Prevent Fraud: A Watershed Moment for ESG Corporate Crime Risks?
The Economic Crime and Corporate Transparency Act 2023 and rise in anti-greenwashing legislation in the UK represents a watershed moment for ESG-based corporate crime risks.
The Economic Crime and Corporate Transparency Act 2023 (the "Act") received Royal Assent in October 2023 making firms criminally liable for failing to prevent a fraudulent act perpetrated by associated persons for the organisation's benefit. The introduction of the Act coincides with the emergence of an increasing number of prohibitions in the UK on greenwashing in relation to environmental, social and governance ("ESG") products and services, including the new Financial Conduct Authority ("FCA") anti-greenwashing rule, which entered force on 31 May 2024. The emergence of ESG standards against which the behaviour of employees and agents will be measured represents a watershed moment for ESG-based corporate crime risks, with the onus now on compliance teams to carefully assess ESG disclosure compliance controls.
Failure to Prevent Fraud Reform
The new failure to prevent fraud offence criminalises large entities for failing to prevent certain specified fraud offences, where the fraud is committed by an employee or agent of the entity, for the entity's benefit, and the company did not have reasonable fraud prevention procedures in place.
The new offence applies to any entity or group that meets two (or more) of the following three criteria: more than 250 employees; more than £36 million turnover; and more than £18 million in total assets. Parent companies can be liable for failing to prevent fraud committed by an employee of a subsidiary, where the offence has been committed for the benefit of the parent. If convicted, an entity can be subject to an unlimited fine.
Guidance regarding the scope of reasonable fraud procedures defence was set to be published in early summer 2024 (a timetable which is now subject to a possible delay owing to the July General Election); the Act will then enter force following a six-month implementation period, meaning corporates should expect the new failure to prevent offence to enter force in late 2024/early 2025.
ESG Fraud
Entities will be liable for failing to prevent a range of fraud offences, extending beyond the core statutory fraud offences contained in the Fraud Act 2006, to include further offences of false statements made by company directors, false accounting, fraudulent trading and cheating the public revenue.
In terms of extraterritorial reach, the new failure to prevent offence will apply to large entities wherever they or their associates are incorporated or carry on business, provided that the entity has failed to prevent one of the specified UK fraud offences. This essentially means that liability can be attached if the fraud offence is committed in the UK or if a UK victim has been targeted where loss has been suffered in the UK.
Whilst the new failure to prevent offence is intended to capture the full breadth of fraudulent activity, it is possible to identify a number of ESG disclosure-related offences which could found liability under the new legislation. Examples include:
- Statements regarding the environmental benefits of a product or business practices made by employees/agents of an entity, if known to be false, and made dishonestly in circumstances where the statements benefit the entity concerned, may constitute a fraud by false representation under section 2 Fraud Act 2006. Scenarios conceivably within scope include false statements made regarding compliance with emissions standards, use of raw materials in products, and sustainable deforestation practices. Marketing of 'dirty' ESG products as 'green', making misleading claims the recyclability of a product (e.g. through inaccurate ISO representations), and overstating the ESG value of a fund could all trigger potential liability.
- Circumstances where employees/agents fail to disclose information, when under a legal duty to disclose that information, where such an omission was dishonest and the employee/agent intended by that failure to benefit the company, may constitute a fraud by failing to disclose information under section 3 Fraud Act 2006. A bank promoting green bonds to finance sustainable or 'zero carbon' water and wastewater management projects whilst omitting information such as high carbon management projects and known pollution concerns could conceivably fall within the scope of this offence.
- False statements made by company directors with the intention to deceive members or creditors of the company about its affairs published a written statement which is misleading, false or deceptive, contrary to section 19 Theft Act 1968. This could capture false statements made by directors in annual reports regarding climate change-related risks and opportunites which influence the decision of investors, for example, in the context of climate-related financial disclosures made by in-scope companies under the Companies (Strategic Report) (Climate-related Financial Disclosure) Regulations 2022.
- Carrying on the business of a company with a fraudulent intent, namely the intent to defraud customers of the company, may constitute the offence of fraudulent trading contrary to section 993 Companies Act 2006. For example, an employee/agent may fail to follow ESG investment policies and mislead customers regarding investments projects harmful to the environment and community, including tobacco manufacturing, oil tar sands and gambling.
Industry Guidance
There is no single overarching ESG standard in the UK. Whilst any prosecution of the failure to prevent offence would require, under the Full Code Test, a sufficiently substantiated evidential basis to support a serious allegation of fraud, and be in the public interest, the increasing emphasis on ESG compliance means that employees/agents should look to a wide range of industry sources when making ESG disclosures to avoid potential criminal liability being engaged. This is made more important given that test for dishonesty in fraud cases is largely an objective one.
The FCA's new anti-greenwashing rule, introduced as part of a package of measures introduced through the FCA's Sustainability Disclosure Requirements and investment label regime (PS23/16), provides instructive guidance on sustainability-related claims in the financial services sector, emphasising that claims should not omit or hide important information and consider the full life cycle of the product or service.
The Competition and Markets Authority's Green Claims Code and accompanying guidance further underlines the need for claims to be substantiated by robust, credible, and up to date evidence. Similarly, guidance published by the Advertising Standards Authority indicates that a holistic approach should be taken to ESG claims, for example, indicating that ESG claims should not be focused on a minor part of a business if a main or core business produces significant negative ESG effects.
Compliance Takeaways
Whilst guidance on the reasonable procedures defence is awaited, conducting ESG fraud risk assessments in line with this industry guidance, proactively updating ESG-specific anti-fraud policies, delivering training (especially for those in higher risk positions including chief sustainability officers), ensuring regular reviews of policies and controls, and demonstrating a top-level commitment will be essential.
In practical terms, companies are likely to be able to build upon existing anti-bribery and tax evasion policies, procedures and processes that are in place (e.g. by expanding training and monitoring to cover wider ESG fraud risks and considering potential whistleblowing mechanisms). Nonetheless, as ESG compliance principles continue to mature, companies should be mindful of the widening risk landscape and act proactively to ensure that employees/agents are aware of the tightening standards.