.png)
In 2025, the United Kingdom will introduce a landmark shift in corporate fraud liability, holding businesses accountable for fraud committed by employees, agents, and other associated persons.
Under the Economic Crime and Corporate Transparency Act 2023 (ECCTA), companies operating in the UK will face strict liability for failing to prevent fraud unless they can prove they had "reasonable procedures" in place.
This move is part of a broader effort to combat financial crime and increase corporate accountability. As the UK prepares for implementation, the question arises: will the United States adopt similar measures?
To find out, let’s explore these regulations, including:
- What is the UK “Failure To Prevent Fraud” rule?
- Does the U.S. have similar regulations on fraud liability?
- What would it take for the U.S. to adopt similar fraud liability rules?
- Build a future-proof fraud detection program with Middesk
Let’s start with the recent UK regulations passed:
The UK Failure To Prevent Fraud is a critical part of the Economic Crime and Corporate Transparency Act 2023 (ECCTA), and makes an organization liable for fraud committed by an “associated person”, even if leadership was unaware of the fraudulent activity.
Starting September 1, 2025, this essentially means that the organization itself is responsible, regardless of who is committing the fraud. It also includes any subsidiaries of the organisation, meaning even foreign companies that have a UK-based entity could be liable, even when the fraud itself is committed in another country.
The model for this legislation isn’t entirely new. The UK Bribery Act 2010 introduced a similar failure to prevent bribery offense, which led to widespread corporate reforms in anti-corruption compliance. UK regulators hope these new fraud liability rules will have the same impact.
The law aims to drive a corporate culture shift, forcing companies to implement stricter anti-fraud controls.
Who does Failure To Prevent Fraud apply to?
Failure To Prevent Fraud applies to larger organizations that meet at least two of the following criteria:
- >£36m turnover
- >£18m total assets
- >250 employees
The law casts a wide net, holding businesses responsible for fraud committed by employees, subsidiaries, or agents acting on their behalf. However, third-party suppliers are generally exempt unless they provide services directly to the company.
What are the penalties for violating Failure To Prevent Fraud in the UK?
Infractions of the Failure To Prevent Fraud rules include unlimited fines depending on the extent of the fraud committed. Companies would also face significant reputational damage.
The UK government has already issued guidance encouraging businesses to evaluate their fraud prevention measures, conduct risk assessments, and implement employee training programs to reduce exposure.
The United States takes a very different approach to fraud regulation, relying on a mix of federal and state laws rather than a single overarching framework. While businesses can be held liable for certain types of fraud, there is no strict liability rule comparable to the UK’s.
One of the closest regulatory parallels is Regulation E, which requires financial institutions to reimburse consumers for unauthorized electronic fund transfers. However, the scope is limited.
What is “Regulation E” in the United States?
Regulation E (12 CFR Part 1005) is a critical part of the Electronic Fund Transfer Act (EFTA) of 1978. It protects consumers, essentially limiting their liability from electronic transfers, covering deposits, online transfers, ATMs, debit cards, and more. It makes financial institutions responsible for investigating fraud disputes.
However, Regulation E does not make financial institutions automatically liable for failing to prevent fraud from occurring in the first place.
Will the Trump administration push for stricter fraud liability?
Given the recent shift under President Trump’s administration, it is unlikely that the U.S. will adopt UK-style fraud liability rules in the near future. The administration has initiated significant deregulation efforts, particularly within financial oversight agencies.
Discussions are already underway about consolidating or even eliminating certain banking regulators, such as merging the Federal Deposit Insurance Corporation (FDIC) into the Treasury Department and combining its role with the Office of the Comptroller of the Currency.
The Consumer Financial Protection Bureau (CFPB), which was originally created to protect consumers from unfair financial practices, has also seen a substantial rollback in its activities. The administration has ordered a suspension of CFPB investigations and proposed rules, effectively halting many of its enforcement actions. This broader deregulatory push is aimed at fostering a more business-friendly environment but raises questions about the future of corporate accountability in the U.S.
By contrast, the UK is moving in the opposite direction, increasing corporate responsibility for fraud prevention. This divergence underscores two competing philosophies: the UK’s proactive regulatory stance versus the U.S.’s emphasis on deregulation and corporate autonomy.
For the U.S. to introduce laws comparable to the UK's Failure To Prevent Fraud offenses, several structural and political barriers would need to be overcome. The U.S. financial regulatory system is fragmented, with different agencies enforcing fraud laws at both the state and federal levels.
Implementing sweeping changes would require significant coordination between lawmakers, regulators, and the U.S. financial services industry.
Political resistance would also be a major factor. Historically, the U.S. has been hesitant to impose strict liability on corporations unless clear negligence can be proven. Given the current administration’s stance on reducing regulatory oversight, expanding fraud liability laws would be an uphill battle.
Financial institutions are another key stakeholder. Banks and fintechs are likely to push back against expanded liability, arguing that fraud prevention cannot be entirely their responsibility.
Unlike the UK, which has the Faster Payments system for quick fraud reimbursements, the U.S. has yet to fully implement FedNow, an instant payment service developed by the Federal Reserve. This means that real-time reimbursement infrastructure remains limited. Without strong payment protections in place, enforcing strict fraud liability at scale would be significantly more challenging.
As regulations shift globally, businesses need to stay ahead of compliance risks. Download our guide on navigating regulatory changes and mitigating risk to make sure your company is prepared.
{{gated-content-block="/insights/ebook-navigating-regulatory-changes-and-mitigating-risk"}}
The UK’s new fraud liability rules mark a major shift in corporate accountability, setting a precedent that other countries will be watching closely. If the law proves effective in reducing fraud and encouraging better corporate compliance, it could fuel conversations about similar measures elsewhere—including in the U.S. However, under the current administration, deregulation appears to remain the priority.
For now, any movement toward UK-style liability laws in the U.S. is unlikely. Instead, businesses should continue to invest in building strong fraud prevention strategies and KYB programs, particularly as consumer protection groups push for stronger safeguards. While new fraud liability rules may not be imminent, the pressure for greater corporate accountability isn’t going away.
Middesk can help you with that. Get in touch with our experts to set up a demo and see first-hand how you can build your KYB tech stack on our fraud prevention and risk scoring tools.
If you want to see the power behind Middesk fraud detection right now, check out our on-demand product demo of Middesk Verify to see exactly what we can verify, and how we do it.
{{gated-content-block="/events/productdemo-verify-june-2025"}}
