What evidence do I need for the failure to prevent fraud defence?
Because the defence depends on showing reasonable procedures, the practical evidence to organise includes the fraud risk assessment, the procedures themselves, due-diligence and attestation records for associated persons, training and communication logs, and monitoring and board-oversight records.
Not sure this applies to you? The offence targets large organisations that meet the size test — check whether you are in scope.
In short
- Fraud risk assessment and the procedures themselves
- Due-diligence and attestation records for associated persons
- Training, communication, monitoring, and board-oversight records
- A dated, reviewable audit trail tying it together
No single document is decisive. The point is a coherent, dated, reviewable record that maps to the six principles and reflects how your organisation actually operates.
DefenceFile is built for exactly this: an evidence register with human review, associated-person attestations, an audit trail, and board-pack exports — so the record is discoverable and review-ready when it is needed.
The sample board pack — a one-page view of where evidence is complete and what is missing — opens in your browser, no email, no form.
Official sources
- Home Office failure-to-prevent-fraud guidance v1.5
Updated 2025-10-10; accessed 2026-06-15.
- SFO compliance-programme evaluation guidance
Published 2025-11-26; accessed 2026-06-15.
Keep reading
DefenceFile organises evidence for legal and compliance review. It does not provide legal advice, create privilege, certify scope, certify reasonable procedures, or guarantee that a statutory defence will succeed.