In this piece from Moody’s, Ted explains how the UK’s new Failure to Prevent Fraud (FTPF) law extends liability to advisers, planners, and wealth managers—and why stronger fraud prevention is now essential to avoid unlimited fines and reputational damage.
On the 1st September 2025, the UK’s new Failure to Prevent Fraud (FTPF) became a law, introducing new accountability across the investment and wealth management sector. Its reach extends into the financial advice profession, influencing how planners, paraplanners, and wealth managers choose to assess and monitor fraud-related risk in client portfolios and across the advice chain.
Created as part of the 2023 Economic Crime and Corporate Transparency Act (ECCTA), the FTPF offence introduces a strict liability offence that does not require intent, or even awareness of a fraud being perpetrated. The only test is whether the firm benefited, directly or indirectly, from the fraudulent activity, and whether the person committing the fraud was an “associated person” acting on the firm’s behalf.
An “associated person” under the FTPF offence could, for example, be a discretionary fund manager providing portfolio management, a referral intermediary introducing new clients, a third-party research house supplying performance data, or even a company in which client money is invested. If, for instance, one of these parties misrepresents an investment or issues inflated returns and the outcome benefits a firm or its clients, the investing party could be held liable under the FTPF offence.
The net for potential liability under the FTPF offence is wide, and so are the potential consequences of breaches, including unlimited fines. Allegations of fraud can also seriously damage a firm’s reputation and client relationships.
With the deadline for implementation now passed, organisations in the UK, and beyond, must focus on strengthening their defences to remain compliant
How does FTPF impact liability across the advice process?
To fall within the scope of the FTPF offence, an organisation must meet at least two of the three statutory thresholds relating to size and scale: having more than 250 employees, annual turnover above £36 million, or total assets exceeding £18 million.
This criteria captures many larger financial institutions, but the implications are not limited to them. Smaller advice firms and sole practitioners may still face exposure if they operate within a corporate group that qualifies or if they provide services in a capacity that makes them an “associated person” to a larger entity.
For advisers, planners, and wealth managers, liability under the FTPF offence can arise where a portfolio company or other associated person commits fraud that delivers a benefit to the firm or its clients. The benefit might take the form of inflated valuations or performance figures that appear stronger than they truly are, for example.
Crucially, the FTPF also applies if the alleged fraud takes place outside the UK, as long as the offence falls under UK law or affects UK clients. For example, a discretionary manager based in Asia or an adviser operating from the US could still create liability for a UK-headquartered advice business if their actions produce gains tied to fraudulent information or misrepresentation.
Advice specific examples
The UK Government’s official FTPF guidance includes illustrative case studies, such as a “sustainable” timber company that is fraudulently marketed despite its product being illegally harvested. In this example, an investment fund provider promoting the company would be liable under section 199(1)(a) of the FTPF offence, unless it could demonstrate that reasonable prevention procedures were in place.
While the published examples are framed at a corporate level, the same mechanics could apply in the financial advice sector. Examples may include:
- A paraplanner relies on inflated returns from a research provider when compiling a suitability report. Even if the fraud originated with the provider, the firm could still be in scope.
- A wealth manager promotes a private equity opportunity based on revenue figures that were later proven to be fabricated by the portfolio company’s management.
What “Reasonable Procedures” may look like for advice firms
Like the 2010 UK Bribery Act, the FTPF offers a potential defence if firms can demonstrate they had “reasonable procedures” in place to prevent fraud. The government’s six guiding principles are: top-level commitment, risk assessment, proportionate procedures, due diligence, communication (including training), and monitoring and review.
These principles are intended to be adaptable in application, with an emphasis on results, structured to accommodate the different operating environments and risk profiles of individual organisations.
For advice firms, these principles may be familiar in the context of existing FCA conduct requirements and anti-money laundering frameworks, like the Bribery Act 2010 or AML regulations. However, fraud has not typically been addressed as a distinct compliance risk in the same way, meaning existing controls might require some adaptation.
According to the government’s guidance, prevention procedures should be proportionate to the organisation’s nature and scale and supported by measures such as due diligence on discretionary fund managers, product providers, data vendors, and introducers. Communication and training are also highlighted as important, helping staff at all levels, including paraplanners and administrative teams, to recognise potential indicators of fraud and know how to escalate concerns.
Finally, monitoring and review should be active, not passive, to test the effectiveness of controls. Periodic audits of marketing materials, performance data, and fund literature can become part of catching fraud-related risks before they become problems, so the framework remains dynamic.
Enforcement and consequences
There is no single regulator responsible for enforcing the UK FTPF offence. Cases may be initially triggered by victims and then escalated by agencies such as the Serious Fraud Office (SFO). The SFO has already stated its intent to actively pursue cases and has upgraded its data and IT capabilities to do so. The UK government is also encouraging firms to self-report suspected fraud, which may serve as a mitigating factor in the face of any potential enforcement action.
As mentioned, fines under the offence are unlimited, and while firms may avoid criminal prosecution, they may still be subject to Deferred Prosecution Agreements (DPAs), which could lead to investigators examining their processes.
Time to rethink and reset
For those in the advice profession, the FTPF offence broadens compliance expectations by holding firms accountable for the conduct of the external parties they work with. This change emphasises the importance of active oversight and assessments to safeguard organisations, such as rigorous due diligence into third-party relationships. Strengthening these safeguards puts firms in a better position to evidence their approach to robust anti-fraud measures, helping them stand out in an increasingly risk-sensitive market.
By Ted Datta, Head of Industry Practice Group for Europe & Africa at Moody’s.
