Businesses face wider accountability under new criminal liability rules
The government’s drive to make companies more accountable for wrongdoing is moving beyond large corporates and into the SME sector.
New rules taking effect this month will make it easier to prosecute all sizes of companies and partnerships where senior managers commit criminal offences while carrying out their duties on the organisation’s behalf.
It means small and medium-sized businesses could find themselves on the front line for corporate criminal liability.
From 29 June 2026, Section 250 of the Crime and Policing Act 2026 will significantly expand the circumstances in which an organisation can itself be prosecuted. If a senior manager commits fraud, environmental offences, health and safety offences, regulatory offences or other crimes while acting within the actual or apparent scope of their authority, the company may also be found guilty of the offence and face prosecution.
Businesses are being urged to act before the new rules come into force, to review their governance and extend their risk management procedures. Importantly, legal experts warn that organisations should not assume the rules apply only to board directors or employees with “manager” in their job title.
Explained Victoria Holland, corporate specialist here at RIAA Barker Gillette. “The definition of a senior manager is wider than many organisations may realise, as it can include individuals who play a significant role in managing part of the business or making important operational decisions, regardless of their formal title.”
The first stage of any risk assessment will be to identify who may fall within the definition of a senior manager, particularly those with significant authority over financial decisions, regulatory compliance, procurement, contracts or operational management. Businesses can then review the controls, oversight and reporting structures that apply to those roles.
The new rules come hard on the heels of other recent corporate fraud reforms designed to address situations where businesses were able to distance themselves from criminal conduct carried out by individuals within the organisation, which had made prosecutions notoriously difficult.
The Economic Crime and Corporate Transparency Act 2023 first expanded responsibility for economic crimes by making it easier to attribute an offence of failure to prevent fraud to the company itself. The Crime and Policing Act 2026 takes that concept much further, applying to all criminal offences.
And, unlike the failure to prevent fraud offence, which applies only to large organisations, the new rules can affect businesses of any size, including small and owner-managed companies.
One of the key challenges is that there is no equivalent of the “reasonable procedures” defence that is available under some other corporate crime legislation.
“Having the right policies in place may not, by itself, provide protection if an offence takes place,” explained Victoria. “The key is ensuring those policies are put into practice throughout the organisation and properly supported by effective oversight.”
About the authors
Victoria Holland works with a broad range of clients, including large multinational companies, start-ups, SMEs, partnerships, investors, and entrepreneurs. She has extensive experience providing transactional and commercial contract advice across various industries, such as automotive, biotech, property management and investment, financing, software and technology.
Karen Cole is a Partner and Head of the Employment team at RIAA Barker Gillette. She has a range of expertise based on her employment law, dispute resolution, and litigation background. Karen provides employment law advice to businesses and individuals, whether contentious or not. She is a member of the Employment Lawyers Association (ELA) and the Association of Regulatory and Disciplinary Lawyers (ARDL).