Tom Stocker: Senior manager offences expose companies to wider criminal liability
Tom Stocker
An expanded UK corporate criminal liability regime means organisations are now criminally liable for any offences committed by their senior managers during activities forming part of their roles, writes Tom Stocker.
For decades, other than in defined areas such as health and safety, corporate criminal law in the UK has substantially relied on the so-called “identification doctrine” which required prosecutors to prove that the “directing mind and will” of a company was itself involved in criminal wrongdoing.
This doctrine made it notoriously difficult to hold large organisations to account for types of offences where this was the only means by which criminal liability could be established.
Section 250 of the Crime and Policing Act 2026 which came into force last month, provides that where a senior manager of an organisation, “acting within the actual or apparent scope of their authority commits an offence”, the organisation also commits an offence.
The test, when applied to all types of conduct, is seismic because all companies and firms are now criminally liable for any offence by a senior manager when acting within the actual or apparent scope of their authority.
The UK’s Serious Fraud Office (SFO) and the Crown Office and Procurator Fiscal Service in Scotland have published new policies aimed at corporate cooperation and self-reporting.
Over the past 12 months, the SFO has announced several investigations of companies and has made multiple public remarks about the significance of these new offences to its ability to prosecute companies.
At the Global Anti-Corruption, Ethics and Compliance Conference in New York, SFO director Graham McNulty identified the failure to prevent fraud and corporate criminal liability for senior managers as key enforcement priorities.
The challenge now for those in compliance roles is to secure management time and immediate budget to address the increased corporate risk. This is not helped by the time delay between law reform and enforcement.
There is no reasonable or adequate procedures defence for senior manager attribution. However, reasonable procedures, or an effective compliance programme, are still relevant in three ways.
Most obviously, corporate compliance programmes help to prevent offending by individuals, reducing the corporate criminal risk at source. Well thought through reasonable procedures may also lend some support to arguments that a corporate had sought to limit a senior manager’s actual or apparent authority, to protect both the corporate and others from a risk of criminal act by the manager.
Secondly, enhancing existing compliance programmes may be an important factor in dissuading a prosecution agency from charging a corporate in cases involving senior manager attribution - even where the compliance programme does not constitute a statutory defence.
Thirdly, demonstrating the corporate’s effective compliance programme - notwithstanding the wrongful acts of the senior manager - is likely to remain an important mitigating factor in the eventual corporate sentencing process, reducing the culpability level of the corporate and the ensuing fines and other penalties imposed.
There is a recognition that greater emphasis on risk management is needed. In a Pinsent Masons webinar series on this topic, 83% of 322 attendees had recently conducted a financial crime risk assessment but 17% had not, while 98% of those polled considered their risk assessments needed revisited, with a particular focus being on senior manager risk.

Tom Stocker is a partner at Pinsent Masons



