The Crime and Policing Act 2026 (the Act) has now gained Royal Assent and, as it comes into force from 29 June 2026, it will bring in new ways in which organisations may be held criminally responsible for crimes committed by senior managers acting with “corporate authority”.
What is the new liability?
Under s.130 of the Act, “bodies corporate and partnerships” will be held liable where senior managers commit offences. “Senior manager” can be defined as an individual who “plays a significant role in the making of decisions about how the whole or a substantial part of the activities of the body corporate or partnership are to be managed or organised, or the managing or organising of the whole or a substantial part of those activities”.
Previously, the Economic Crime Corporate Transparency Act 2023 (ECCTA) restricted corporate liability to economic crimes. Under the newly passed Act, the senior manager test will apply to a wider range of crime, including general crimes, regulatory offences, health and safety matters, environmental issues and modern slavery.
Impact on employers
Due to the additional risks that are posed by this expansion of corporate criminal liability, employers should consider reviewing their existing policies and procedures on areas of risk within the business such as misconduct, governance and compliance structures and make sure that these are clear, accurate, and reflective of how authority is actually exercised within the organisation.
Key points to consider include:
- Identifying senior managers - the Act adopts a broad definition of “senior manager”. Organisations may benefit from mapping who genuinely exercises significant operational or organisational authority.
- Clarifying governance and delegation - liability turns on whether an individual was acting within their managerial remit. Clearer delegation structures and role descriptions can help to reduce ambiguity.
- Refreshing existing compliance policies - employers may want to review their existing fraud, misconduct, and safeguarding policies to ensure they explicitly cover non financial criminal conduct, expectations for senior managers and reporting and escalation duties.
- Training for senior managers - this should cover personal exposure, authority boundaries and reporting obligations.
- Ensuring investigations can establish authority - internal processes should be able to demonstrate whether an individual was acting within their managerial role at the relevant time.
- Reviewing insurance coverage - employers may want to confirm that insurance arrangements extend to senior managers below board level.
What is appropriate will vary between organisations depending on their size, structure, risk profile and existing governance arrangements. Any steps taken should therefore be considered on a case by case basis, ensuring they reflect how authority and decision making operate in practice.
