In a memorable episode of Suits, Harvey Spectre, the astute corporate lawyer, confronts the Chief Executive Officer (CEO) of a client company after uncovering fraudulent dealings at his hedge fund. When the executive pleads ignorance, Harvey recalls a childhood incident where his brother was bullied and the bully’s father claimed he knew nothing about it. Harvey delivers the punch line: “You know what his problem was? It was his job to know.”

This week, the United Kingdom (UK) made that line into law. Under the new offence of failure to prevent fraud, senior executives can no longer hide behind claims of ignorance. Companies will face prosecution if they lack sufficient systems to detect and prevent fraud, even when misconduct occurs far below the boardroom. This means a company can be prosecuted if an employee or agent commits fraud for the organisation’s benefit, regardless of whether the board is aware.

The UK’s Economic Crime and Corporate Transparency Act has global implications because multinationals with operations or subsidiaries in the UK must reassess their internal controls, not just local entities. Similar to the Bribery Act 2010, the law applies not only to UK firms but also to any company conducting business in the country. This means that multinationals operating in Kenya or elsewhere are within scope if they have UK subsidiaries, clients, or market exposure. It also indicates that both laws impose a strict liability standard, which states that a company is guilty simply if bribery or fraud occurs, and the only defence available is if the company can demonstrate that it had “adequate procedures” (Bribery Act) or “reasonable procedures” (Fraud Act) to prevent the misconduct.

This will impact boards, as they must ensure their companies have anti-fraud mechanisms, training, and whistleblowing channels in place. It also provides an opportunity for firms with robust preventative frameworks to differentiate themselves by boosting investor confidence and market perception.

Too often, board members react only when regulators or audits highlight fraud. This reactive approach has protected many firms from facing the consequences of their employees’ actions, but this will now shift to a proactive strategy under the new Act. Board members must now arrange regular reviews of fraud risk exposure (e.g., in procurement, sales incentives, and financial reporting), and management reporting will include fraud-prevention metrics such as whistleblower reports, audit exceptions, and employee training completion rates. Some companies are already establishing subcommittees of audit committees specifically to oversee fraud prevention.

For global firms with UK operations, liability is triggered even if fraud happens abroad but benefits the UK entity. Adapting will involve appointing a UK-based compliance officer or team with reporting lines to the board to incorporate UK standards into global compliance policies, not just European Union (EU) or United States (U.S.) frameworks.

Companies will need to implement systems that log approvals, expense claims, third-party payments, and sales contracts to enable fraud detection and prevention. They may also need to explore forensic audit technologies. It will be equally important to map subsidiaries, intermediaries, contractors, and agents who could commit fraud on behalf of the company. While the law does not automatically criminalise individual directors, boards are still expected to demonstrate they set a “tone from the top.” Therefore, they will need to foster a cultural shift that encourages whistleblowing, normalises escalation, and openly discusses fraud risks in town halls or company communications, signalling that prevention is a business priority, not just a legal obligation.

The Bribery Act compelled companies to adopt anti-bribery training, conduct due diligence on third parties, and establish compliance frameworks. The Fraud Act is anticipated to prompt a similar surge in fraud risk assessments, whistleblowing systems, and board accountability structures. If the Bribery Act held companies accountable for preventing corruption, the new legislation makes them equally responsible for preventing fraud.