ECCTA failure to prevent fraud for facilities management providers
Facilities management, cleaning, security, and catering providers deliver through layers of subcontractors, agency labour, and equipment suppliers, and a fraud committed for the firm's benefit — phantom shifts, fabricated service records, or padded sub-bills — can engage the ECCTA failure-to-prevent-fraud offence. DefenceFile organises the evidence that fraud-prevention procedures existed and operated, leaving a record your legal and risk advisers can review.
Not sure if you are in scope? Most facilities management and outsourced services that meet the large-organisation size test are in scope — check the size test or the scope Q&A.
The sample board pack opens in your browser — no email, no form. 90-day pilots are £950/month; the setup fee is waived if the first working session does not produce the agreed artifacts.
Why facilities management and outsourced services tend to be in scope
Many FM groups, TFM contractors, and outsourcers meet the large-organisation size test once turnover, balance-sheet, and headcount are aggregated across group undertakings. Tiered subcontracting, transient agency workforces, and UK sites and contracts typically leave the UK-nexus and associated-person assessment plenty to weigh.
Scope is a legal assessment that turns on your group size and facts. See the UK-nexus and scope Q&A and reserve the conclusion for qualified reviewers.
Associated persons to map in facilities management
An associated person is wider than payroll. These are the relationships worth organising evidence around for this sector.
- Specialist subcontractors for cleaning, security, M&E, and grounds maintenance
- Labour agencies and umbrella companies supplying frontline staff
- Self-employed engineers, guards, and mobile operatives engaged per task
- Equipment, consumables, and plant-hire suppliers billing the contract
- Managing agents and site account managers running client accounts
Fraud scenarios and the evidence to capture
Illustrative scenarios where a listed base fraud offence could be committed to benefit the organisation. They are prompts for human review, not findings.
Phantom shifts, falsified clock-ins, or inflated headcount logged so the firm can bill labour hours that were never worked.
Evidence focus: Capture the time-and-attendance, electronic-sign-in, and supervisor-verification controls that link billed hours to attended work.
Fabricated service or compliance records — cleaning logs, patrol reports, or maintenance certificates — signed off so the firm meets contract KPIs and triggers payment.
Evidence focus: Organise the service-verification, audit-walk, and certificate sign-off records that evidence work was actually performed.
Inflated subcontractor invoices, padded materials charges, or collusive supplier rates pushed through to benefit the firm's contract margin.
Evidence focus: Record the invoice-matching, rate-card governance, and conflict-of-interest controls applied to subcontractor and supplier billing.
What the defence file should prioritise
- A subcontractor, labour-agency, and supplier register with the controls applied at onboarding
- Attestations from subcontractors and agency suppliers that fraud-prevention expectations were communicated
- Service-delivery and billing sign-offs linked to the policies that govern them
- Board and audit-committee oversight of the FM-fraud risk assessment
Facilities management ECCTA fraud questions
- Are labour agencies and subcontractors associated persons under the failure-to-prevent-fraud offence?
- An agency or subcontractor can be an associated person where it performs services for or on behalf of the FM provider, assessed on all the circumstances. The classification is a legal judgement; DefenceFile helps you organise the evidence by relationship so qualified reviewers can decide.
- Is agency labour supplied through an umbrella an associated person of the FM provider or the umbrella?
- It can be either or both, depending on who the workers actually perform services for and on whose behalf. Where umbrella-supplied operatives deliver the FM contract under your direction, the relationship is worth assessing on its facts. DefenceFile organises the supply-chain and oversight evidence so qualified reviewers can reach that judgement.
- How do we evidence that billed labour hours were genuinely worked across multiple sites?
- Maintain time-and-attendance, electronic sign-in, and supervisor-verification records linked to your fraud-prevention policies for each site. DefenceFile keeps these discoverable and review-ready, without asserting that any timesheet or billed hour is itself accurate.
Related sectors
- ConstructionHow construction firms organise ECCTA failure-to-prevent-fraud evidence across subcontractors and agents — scope, risks, and a reviewable defence file.
- LogisticsHow haulage firms organise ECCTA failure-to-prevent-fraud evidence across carriers, brokers, and customs agents — scope, risks, and a defence file.
- Public sector suppliersPublic-sector suppliers and outsourcers carry ECCTA fraud exposure through subcontractors and bid partners. Organise scope, risks, and a defence file.
Keep going
- Failure to prevent fraud: the offence explainedThe statutory offence, the size test, and what a defence file is for.
- Reasonable proceduresHow the six principles map to evidence you can organise and review.
- Failure to prevent fraud: straight answersDirect, sourced answers on scope, penalties, the deadline, and the defence.
- Pricing and pilotsHow a structured pilot review of your evidence works.
DefenceFile organises evidence for legal and compliance review. It does not provide legal advice, create privilege, certify scope, certify reasonable procedures, or guarantee that a statutory defence will succeed.