Martyn's Law Preparing Charities For New Public Protection Duties

Crime and Policing Act 2026 - the extension of corporate criminal liability

12 May 2026

The Crime and Policing Act 2026 (the "Act") received Royal Assent on 29 April 2026. The Act extends the corporate liability for the acts of senior managers beyond the provisions of s196 of the Economic Crime and Corporate Transparency Act 2023 ("ECCTA"). 


S250 of the Act will shortly replace s196 of ECCTA in that regard and provides that organisations can be held liable for criminal offences (not just Schedule 12 ECCTA fraud offences) committed by senior managers acting within their actual or apparent authority. Section 250 will come into force on 29 June 2026.

The wording of the new legislation can be found here.

The history of corporate criminal liability

Historically and prior to s196 of ECCTA, corporate criminal liability in England and Wales used the "identification doctrine" i.e. the organisation could be liable for the acts of those that are its "directing mind and will" - typically senior executives or board members.

S196 ECCTA came into force On 26 December 2023. S196 provided that an organisation (of any size) could be criminally liable if a senior manager committed an economic crime listed in schedule 12 ECCTA whilst acting within the actual or apparent scope of their authority (or if they assist in the committing of such an offence).

Under s196, senior manager has a broad definition, which captures any person who plays a significant role in making decisions about the institution's activities or managing/organising those activities. S196's "senior manager" test therefore significantly broadened the test for corporate criminal liability (for economic crimes at least).

Examples of crimes caught by s196 include:

  • False accounting or fraud by senior staff
  • Money laundering offences
  • Breaches of financial regulations or sanctions.

ECCTA also introduced a separate corporate offence of the failure to prevent fraud under s199, which came into force on 1 September 2025. This is outside of the scope of this note so you may wish to consider our other article.

The new law

From 29 June 2026, s250 expands corporate criminal liability further to any criminal offence committed by a senior manager acting within actual or apparent authority (with the exception of any offences committed entirely of the UK or any offences where the organisation would not commit the offence if that conduct were the organisation’s (rather than the senior manager’s).

S250 will replace s196 ECCTA.

S250 is not limited to the economic offences listed in schedule 12 of ECCTA. All the offences listed in Schedule 12 will be covered by the Act, but the Act also broadens liability to cover other fraud and economic offences that fall outside of Schedule 12 ECCTA together with all other criminal offences. This will significantly expand corporate criminal liability for organisations.

By extending liability beyond "economic crime", the Act exposes organisations to potential liability in a wide range of circumstances. For example, in relation to data protection, health and safety and offences against persons.

Unlike s199 (failure to prevent fraud), there is no defence of having reasonable prevention procedures in place. This means that while procedures may help to mitigate risk under the Act, they will not, of themselves, provide a defence to organisations for the criminal acts of senior managers. Like s196 ECCTA, organisations should do all that they can to try and prevent senior managers from committing any offences within the scope of their authority in the first place. 

Given that s250 follows the path laid before it by s196 ECCTA, the Act does not require that senior managers be part of the "directing mind and will" of the organisation. This exposes organisations to criminal liability in relation to a much larger range of people (to the extent that s196 did not already apply) who simply have actual or apparent authority and where they satisfy the senior manager definition.

Next steps for organisations

To prepare for the expansion of corporate criminal liability, organisations should take proactive steps to review and strengthen their internal policies and procedures. Like preparations for s196 and s199, organisations should ensure they have policies and procedures in place to prevent senior managers from committing offences.

To prepare for the Act, organisations should take the following steps: 

  • Conduct risk assessments - identifying areas of the business that may be vulnerable to criminal conduct and identifying who qualifies as a "senior manager".
  • Implement adequate procedures - develop and enforce policies to prevent criminal activity, including whistleblowing policies, disciplinary procedures, and compliance frameworks. Large organisations should update their reasonable fraud prevention measures to address the broader scope of criminal liability introduced by the Act.
  • Review governance structure - consider existing frameworks, such as delegation of authority and oversight and ensure that senior managers are actively involved in promoting a culture of compliance.
  • Review monitoring and reporting - establish systems to detect and report suspicious activities and procedures for conducting internal investigations.
  • Training - provide training to ensure that staff (including boards and senior members) understand the impact of the Act and how to report any suspected wrongdoing.

As mentioned above, having reasonable prevention procedures is not a defence of itself under the Act, but it is essential to implement effective measures to minimise the risk of senior managers committing offences.

Conclusion

The Act represents a significant shift in corporate criminal liability, making it easier to hold organisations accountable for criminal offences committed by senior managers.

Organisations must act now to review their policies and strengthen their governance structures to get ready for the Act. Failure to do so could result in severe penalties and reputational damage. Organisations should begin preparations now to be ready for the commencement of s250 on 29 June 2026. 


If you have questions about how the Act affects your organisation, please do not hesitate to get in contact with Ben Hay (Legal Director and Fraud Lawyer in the Commercial Litigation team) and Frankie Williams (Solicitor and Fraud Lawyer in the Commercial Litigation team). 

 

Get in touch today

Are you looking for legal services?

Fill out our form to find out how our specialist lawyers can help you.

See our privacy page to find out how we use and protect your data.