UK charity boards are facing a compliance milestone in September 2025. The Economic Crime and Corporate Transparency Act introduces a new “failure to prevent fraud” offence that will apply to many large incorporated charities.

The law is designed to close gaps in accountability, ensuring that organisations have proportionate measures in place to stop fraud before it happens.

Beyond legal compliance, this is about protecting charitable funds, safeguarding beneficiaries, and strengthening public trust.

With the start date now in sight, boards have a limited window to confirm whether they fall within scope and, if so, to implement robust prevention procedures.

In this guide, we set out what the law covers, how to assess your exposure, and the practical steps that can bring your charity in line before the September deadline.

What Is the Failure to Prevent Fraud Offence and Who Needs to Act?

The new offence forms part of the UK’s wider push to tackle economic crime. It closes a gap where organisations could benefit from fraudulent acts committed by individuals linked to them yet face no liability if they had not directly authorised those acts.  

From 1 September 2025, large incorporated charities and other qualifying organisations must show they had “reasonable prevention procedures” in place, or risk prosecution.

Which Charities Are Caught? 

A “large organisation” is defined as meeting at least two of these three criteria in the financial year before the offence: 

• Annual turnover over £36 million 

• Assets worth more than £18 million 

• 250 or more employees 

For groups, consolidated figures apply. This means a parent charity with a modest turnover could still fall within scope if its trading subsidiary pushes the group over the thresholds. 

Who Counts as an Associated Person? 

An associated person is anyone performing services for or on behalf of your charity. This includes employees, trustees, volunteers, contractors, consultants, agency staff, and some third-party partners. The definition is intentionally broad, recognising that fraud risk can arise in many parts of a charity’s operations. 

What Offences Are Covered? 

The offence applies to a range of crimes under the Fraud Act 2006 and other legislation, including: 

• Fraud by false representation 

• Fraud by failing to disclose information 

• Fraud by abuse of position 

• False accounting 

• Cheating the public revenue 

The link is that the fraud must be intended, at least in part, to benefit the charity.

Why Smaller Charities Should Pay Attention 

Even if you fall below the thresholds, the change signals rising expectations around fraud prevention. Funders, regulators, and the public are increasingly looking for evidence of robust controls. Starting to strengthen these now can protect both reputation and resources. 

Six Principles for Robust Fraud Prevention in Large Charities

The government’s guidance sets out six principles to help organisations create strong and effective fraud-prevention measures. These principles work best when they are practical, proportionate, and embedded into day-to-day operations.

1. Top-Level Commitment

Your board and senior leadership set the tone for how seriously fraud prevention is taken. Publicly committing to zero tolerance for fraud, allocating resources to prevention, and including fraud risk in strategic discussions all help build the right culture. Clear responsibility for fraud prevention should be assigned at board level.

2. Risk Assessment

Regularly assess where your charity is most vulnerable. Consider the “fraud triangle”: opportunity, pressure, and rationalisation. Look at both financial and non-financial areas, from grant management to procurement. Use recent sector cases and your own incident history to shape this review.

3. Proportionate Risk-Based Procedures

Controls should match the level of risk. High-value contracts or international programmes may need stronger checks than small, local projects. Avoid generic policies that sit on a shelf — instead, link your procedures directly to the risks you’ve identified.

4. Due Diligence on Associated Persons

Know who is acting for or on behalf of your charity. This includes employees, trustees, agency staff, contractors, volunteers, and key suppliers. Carry out proportionate background checks, verify credentials, and monitor relationships over time, especially for roles with financial or decision-making authority.

5. Communication and Training

Fraud-prevention procedures work best when everyone understands them. Provide clear, role-specific training for staff, trustees, and volunteers. Make reporting channels visible and easy to use. Reinforce messages through regular updates and reminders, not just at induction.

6. Monitoring and Review

Fraud risks and working arrangements change over time. Schedule regular reviews of your procedures, test them against real-world scenarios, and update them when gaps appear. Keep records of reviews and decisions so you can show active oversight if questioned by regulators or auditors.

When applied together, these six principles create a framework that not only meets the legal requirement but also strengthens governance and accountability across your organisation. They make fraud prevention part of the way you operate, rather than a separate compliance exercise.

Building Your Charity’s Fraud Prevention Framework: Step-by-Step

Large charities preparing for the new offence will need a framework that is both thorough and workable. The steps below can help boards and leadership teams put the principles into practice before the 1 September 2025 deadline. 

1. Carry Out a Gap Analysis 

Review your existing anti-fraud measures against the six principles. Identify where controls are missing or out of date. This should include policies, reporting mechanisms, risk assessments, and due diligence processes. 

2. Map Your Associated Persons 

List everyone who acts for or on behalf of your charity, from trustees to contractors. Understanding the full network is essential to assessing where the risks lie and what controls are required. 

3. Update Policies and Implement Proportionate Controls 

Draft or revise your fraud-prevention policy to address the specific risks you’ve identified. Link each control to a clear risk and make sure it is proportionate to the potential impact. 

4. Integrate Fraud Prevention into Existing Systems 

Avoid creating a separate set of rules that might be overlooked. Build fraud-prevention checks into your procurement, recruitment, grant-making, and financial reporting processes. 

5. Keep Detailed Records 

Maintain up-to-date risk logs, training attendance lists, board minutes, and due diligence reports. These provide evidence of active prevention measures and can be critical if your charity’s procedures are ever questioned. 

6. Promote a Culture of Accountability 

Encourage staff, volunteers, and partners to speak up if they see potential risks or unusual activity. Provide clear, safe reporting routes and follow up promptly on all concerns. 

Board Duties and Compliance Timeline for the New Fraud Offence 

Fraud prevention is a governance responsibility. The board’s leadership and oversight set the tone for the whole organisation, shaping the culture in which prevention measures are embedded. 

Board Oversight and Decision-Making 

Trustees should begin by confirming whether the charity meets the “large organisation” thresholds, using accurate, up-to-date financial and staffing data. If the charity is in scope, the board must approve a documented fraud-prevention plan that covers: 

• Allocating sufficient budget, staff time, and expertise 

• Assigning clear responsibility at senior level for delivery 

• Approving and reviewing fraud risk assessments 

• Monitoring the rollout of training, due diligence checks, and internal controls 

• Setting reporting mechanisms so progress is regularly reviewed at board meetings 

All decisions and discussions should be recorded in the minutes, with supporting evidence of how conclusions were reached. This written record is not only a legal safeguard but also demonstrates transparency to auditors, funders, and regulators. 

Managing Conflicts of Interest 

Where fraud-prevention decisions affect individual trustees, staff, or connected parties, any conflicts must be identified, declared, and managed according to policy. Minutes should note how conflicts were handled. Proactive management of these situations reinforces credibility and public trust. 

A 2-Week Action Plan to Be Ready by 1 September 2025 

Week 1 

Day 1–2: Confirm scope 

• Check if your charity meets at least two of the thresholds (turnover, assets, employees). 

• Include group figures if you have subsidiaries. Document your findings. 

Day 3–4: Map associated persons 

List everyone acting for or on behalf of the charity: staff, trustees, contractors, volunteers, consultants, and key partners. 

Day 5–7: Initial fraud risk workshop 

• Involve senior managers and key operational leads. 

• Identify high-risk areas using the fraud triangle (opportunity, pressure, rationalisation). 

• Gather examples of recent sector fraud cases to inform discussion. 

Week 2  

Day 8–10: Update or draft fraud-prevention policy 

• Link controls to identified risks. 

• Assign clear board-level responsibility. 

• Integrate controls into procurement, grant-making, and financial processes. 

Day 11–12: Staff & trustee training 

• Deliver role-specific training. 

• Make reporting routes visible and easy to use. 

Day 13–14: Board review and approval 

• Present updated policies, controls, and training completion rates. 

• Record decisions in board minutes. 

• Set schedule for quarterly monitoring and annual risk review. 

Securing Your Charity’s Future: Final Thoughts and Next Steps

The new “failure to prevent fraud” offence is a chance to strengthen the systems that protect your charity’s mission. Preparing now means your organisation can respond confidently to the September deadline, reassure funders and beneficiaries, and reduce the risk of disruption from fraud incidents. 

A well-governed charity builds trust by showing it takes fraud prevention seriously. The measures you put in place today will help protect both resources and reputation for years to come. 

If you want to be sure your charity is ready, speak with a qualified charity accountant. We can review your current controls, assess risks, and create a tailored fraud-prevention framework that meets the new legal requirements.