What if our organisation does not meet the large-organisation threshold?
An organisation that does not meet at least two of the three Companies Act large-company conditions — more than 250 employees, more than £36 million turnover, or more than £18 million in assets — is outside the scope of the failure-to-prevent-fraud offence as it currently stands. Qualifying as out-of-scope is a factual determination, not a legal guarantee.
Not sure this applies to you? The offence targets large organisations that meet the size test — check whether you are in scope.
In short
- Must fail at least two of three Companies Act conditions to be out-of-scope
- Group consolidated figures may be relevant for subsidiaries
- Annual recalculation is good practice as the organisation grows
- DefenceFile records the inputs; the legal conclusion is for qualified reviewers
The large-organisation test applies to the relevant body for each financial year. If the organisation is part of a group, the group consolidated figures may be the relevant measure — this is fact-specific and turns on the group structure.
An organisation that is below the threshold for a given year may become in-scope if it grows. Documenting the annual size-test calculation and retaining the underlying figures is considered good practice regardless of the current outcome.
DefenceFile records the scope-screen inputs — employee count, turnover, assets, and any group notes — but reserves the in-scope or out-of-scope conclusion for qualified reviewers. Being below the threshold does not mean fraud-prevention procedures are unnecessary from a governance standpoint.
The sample board pack — a one-page view of where evidence is complete and what is missing — opens in your browser, no email, no form.
Official sources
- Home Office failure-to-prevent-fraud guidance v1.5
Updated 2025-10-10; accessed 2026-06-15.
- Economic Crime and Corporate Transparency Act 2023
Royal Assent 2023-10-26; accessed 2026-06-15.
Keep reading
DefenceFile organises evidence for legal and compliance review. It does not provide legal advice, create privilege, certify scope, certify reasonable procedures, or guarantee that a statutory defence will succeed.