Unveiling the Economic Crime and Corporate Transparency Act 2023: A paradigm shift in corporate governance

The Economic Crime and Corporate Transparency Act 2023 (the Act) received royal assent on October 26 2023, marking a significant milestone in legislative efforts to combat economic crimes and enhance corporate transparency. Following the Economic Crime (Transparency and Enforcement) Act 2022 (ECTEA 2022), expedited in response to the Russian invasion of Ukraine, the new Act targets foreign criminals using UK property for money laundering and seeks to reform the unexplained wealth order regime. Building on ECTEA 2022’s groundwork, the Act aims to prevent corporate structure misuse and enhance transparency. This article outlines significant changes to corporate law, including substantial revisions to Companies House and the introduction of a ’failure to prevent fraud’ offence, holding organisations accountable for employee fraud benefits.

New powers for the Registrar of Companies

The Act introduces various measures that significantly enhance the Registrar’s current powers, providing it with the necessary tools to uphold the register’s integrity and ensure the accuracy of its information. This transformative change will mean companies will increasingly need to ensure filings are made with care, expecting queries or requisitions to be raised in respect of any inaccuracies. The Registrar will now be able to take significant steps to verify, query, and, in certain cases, remove company information; scrutinise company names; mandate registered email addresses for all Companies House registrants; investigate and share data with law enforcement agencies; safeguard individuals from fraudulent activities; and crack down on general registry abuse. These powers are supported by a new set of objectives outlined in section 1081 of the Act.

Identity verification

The Act has imposed a series of new identification and transparency regulations, aimed at enhancing the reliability of information within the register. Under these regulations, all current and future directors will undergo identity verification, with existing directors given until the submission of any subsequent confirmation statement to comply. Additionally, individuals classified as persons with significant control (PSC) and relevant officers of relevant legal entities (RLE) will also undergo identity verification.

While shareholders who are not PSC or RLE will not need to verify their identity, companies will now be mandated to provide the full name of shareholders, rather than just an initial and surname. Moreover, a comprehensive list of shareholders will be required in any subsequent confirmation statement, with a one-time list of shareholders, applicable only to traded companies with holdings exceeding 5% of any share class, to be separately filed on Companies House.

Following the completion of these verification processes, only verified directors and certain authorised corporate service providers registered with Companies House will be permitted to file company documents. Subsequently, the longstanding requirement for companies to maintain their registers of directors, secretaries and PSC will be abolished.

While the identity verification procedure is expected to be relatively straightforward for most directors, companies with intricate structures, particularly those involving trusts, should consider conducting a thorough PSC analysis promptly to ensure accurate identification for registration purposes.

The ‘failure to prevent fraud’ offence

The Act has introduced a novel offence targeting specific corporate entities benefiting from fraud committed by employees, subsidiaries or agents. This offence mirrors the ’failure to prevent bribery’ offence in the UK Bribery Act 2010 and the failure to prevent facilitation of tax evasion under the Criminal Finances Act 2017 (CFA 2017), holding “large” entities accountable if they meet two of the following criteria in the preceding financial year:

1. over 250 employees;
2. more than £36m annual turnover; or
3. exceeding £18m total balance sheet assets.

Covering most fraud offences under the Fraud Act 2006, Theft Act 1968, and Companies Act 2006, the legislation also addresses the common law fraud offence of cheating the public revenue. While limited to large companies, the new offence broadens the scope of potential liability by including subsidiaries and their employees. However, the fraud must benefit the entity, unlike the CFA 2017 provisions. As UK parents can be liable for subsidiaries’ activities under the Act, future enforcement actions may favour it over the CFA 2017 if the large company benefits from the fraud.

A defence is available if it’s proven that reasonable prevention procedures were in place, or it was unreasonable to expect such procedures. Although effective in Spring 2024, organisations must develop specific policies to defend against fraud offences under the Act. Large companies should review their current CFA 2017 prevention procedures to ensure comprehensive coverage across their corporate structure in anticipation of the new offence.

What next?

The majority of the aforementioned changes won’t take effect immediately, as secondary legislation and technical updates to Companies House are necessary. However, the Registrar has signalled those certain measures, along with increased fees, will be implemented in early 2024. These include the Registrar’s enhanced authority to scrutinise information submitted to Companies House, reinforced scrutiny of company names, and the mandate for entities to furnish an ‘appropriate’ registered address and email. Although the adjustments to Companies House will be enforced earlier, the ’failure to prevent fraud’ offence is expected to be enacted by Spring 2024, pending guidance on requisite fraud prevention measures.